| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file. |
| Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0. |
| glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. |
| Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request. |
| Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name. |
| Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service. |
| Buffer overflows in CTRLServer in XMail allows attackers to execute arbitrary commands via the cfgfileget or domaindel functions. |
| Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. |
| Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line. |
| inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group. |
| Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands. |
| Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. |
| Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the HTTP GET request. |
| The Postaci frontend for PostgreSQL does not properly filter characters such as semicolons, which could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program. |
| Picserver web server allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTP GET request. |
| Watchguard Firebox II firewall allows users with read-only access to gain read-write access, and administrative privileges, by accessing a file that contains hashed passphrases, and using the hashes during authentication. |
| Watchguard Firebox II allows remote attackers to cause a denial of service by establishing multiple connections and sending malformed PPTP packets. |
| Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting "..." into the requested pathname, a modified .. (dot dot) attack. |
| Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET request. |
| Buffer overflow in bing allows remote attackers to execute arbitrary commands via a long hostname, which is copied to a small buffer after a reverse DNS lookup using the gethostbyaddr function. |