| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." |
| Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. |
| sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools. |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. |
| Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. |
| A buffer overflow in lsof allows local users to obtain root privilege. |
| Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths. |
| Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. |
| The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. |
| inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. |
| Cross-site scripting (XSS) vulnerability in view_all_set.php in Mantis 0.19.0a1 through 1.0.0a3 allows remote attackers to inject arbitrary web script or HTML via the dir parameter, as identified by bug#0005959, and a different vulnerability than CVE-2005-3090. |
| htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. |
| Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter. |
| traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. |
| Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences. |
| Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. |
| The snprintf function in the db library 1.85.4 ignores the size parameter, which could allow attackers to exploit buffer overflows that would be prevented by a properly implemented snprintf. |
| direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." |
| Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. |
| Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. |
