| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files. |
| Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges. |
| Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code. |
| Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via (1) the add_name parameter in the add_acl module, or (2) the alias parameter in the do_map module. |
| admin.php in miniPortail allows remote attackers to gain administrative privileges by setting the miniPortailAdmin cookie to an "adminok" value. |
| The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. |
| Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value. |
| bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication. |
| CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out. |
| The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files. |
| Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines. |
| Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe. |
| icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descriptor. |
| Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash). |
| The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file. |
| NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic. |
| Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files." |
| Cross-site scripting (XSS) vulnerability in form_header.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter. |
| Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. |
| Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address. |
