| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. |
| ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL. |
| strace allows local users to read arbitrary files via memory mapped file names. |
| Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. |
| FTPPro allows local users to read sensitive information, which is stored in plain text. |
| The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands. |
| WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter. |
| Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request. |
| Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands. |
| Denial of service in Savant web server via a null character in the requested URL. |
| CascadeView TFTP server allows local users to gain privileges via a symlink attack. |
| IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability. |
| Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string. |
| IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack. |
| Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function. |
| UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack. |
| Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database. |
| The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. |
| InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments. |
| Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." |