| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| IRIX cdplayer allows local users to create directories in arbitrary locations via a command line option. |
| sudo 1.5.x allows local users to execute arbitrary commands via a .. (dot dot) attack. |
| MajorCool mj_key_cache program allows local users to modify files via a symlink attack. |
| WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers. |
| Buffer overflow in WFTPD FTP server allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. |
| Buffer overflow in canuum program for Canna input system allows local users to gain root privileges. |
| AN-HTTPd provides example CGI scripts test.bat, input.bat, input2.bat, and envout.bat, which allow remote attackers to execute commands via shell metacharacters. |
| Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands. |
| MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages. |
| Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll. |
| wwwboard allows a remote attacker to delete message board articles via a malformed argument. |
| Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests. |
| Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL. |
| A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script. |
| Apache allows remote attackers to conduct a denial of service via a large number of MIME headers. |
| Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter. |
| Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls. |
| Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field. |
| An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file. |
| Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message. |
