| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument. |
| BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories. |
| Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET. |
| GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file. |
| Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to execute arbitrary code via a long SITE command. |
| Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial of service (crash) via a series of SYN or TCP connect requests. |
| Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files. |
| Buffer overflow in DynFX MailServer version 2.10 allows remote attackers to conduct a denial of service via a long username to the POP3 service. |
| Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts. |
| Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. |
| KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file. |
| Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command. |
| Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. |
| Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file. |
| Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3, or (3) index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly initialized variables. |
| Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter. |
| Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server. |
| Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. |
| Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links. |