| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| NetBSD netstat command allows local users to access kernel memory. |
| Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. |
| openwebmail_init in Open WebMail 1.81 and earlier allows local users to execute arbitrary code via .. (dot dot) sequences in a login name, such as the name provided in the sessionid parameter for openwebmail-abook.pl, which is used to find a configuration file that specifies additional code to be executed. |
| The netstat service is running, which provides sensitive information to remote attackers. |
| Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access. |
| 64 bit Solaris 7 procfs allows local users to perform a denial of service. |
| A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified. |
| An application-critical Windows NT registry key has inappropriate permissions. |
| Multiple unspecified vulnerabilities in Ethereal 0.8.x up to 0.10.14 allow remote attackers to cause a denial of service (crash from null dereference) via the (1) Sniffer capture or (2) SMB PIPE dissector. |
| Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names. |
| Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size. |
| Format string vulnerability in log_print() function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are inserted into logging messages. |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. |
| The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. |
| Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter. |
| The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate. |
| A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted. |
| Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service via long (1) DELE or (2) UIDL arguments. |
| KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories. |
| The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |