| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access. |
| FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities. |
| Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges. |
| The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. |
| NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature. |
| The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. |
| Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and earlier allows a remote attacker to execute arbitrary commands via a long filename for a uuencoded attachment. |
| A backdoor password in Cart32 3.0 and earlier allows remote attackers to execute arbitrary commands. |
| Cart32 allows remote attackers to access sensitive debugging information by appending /expdate to the URL request. |
| The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command. |
| XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000. |
| Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. |
| Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. |
| NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog". |
| ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability. |
| IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request. |
| Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. |
| ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory. |
| man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. |
| Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
