| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Microsoft Windows Media License Manager allows remote attackers to cause a denial of service by sending a malformed request that causes the manager to halt, aka the "Malformed Media License Request" Vulnerability. |
| Microsoft Windows 2000, when running in a domain whose Fully Qualified Domain Name (FQDN) is exactly 8 characters long, does not prevent users with expired passwords from logging on to the domain. |
| Directory traversal vulnerability in Web Blog 1.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file variable. |
| SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information. |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. |
| Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to execute arbitrary code via unknown attack vectors. |
| Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable). |
| Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable. |
| Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users. |
| Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. |
| Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when submitting news. |
| Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL. |
| Belkin F5D6130 Wireless Network Access Point running firmware AP14G8 allows remote attackers to cause a denial of service (connection loss) by sending several SNMP GetNextRequest requests. |
| Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request. |
| Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of service (web browser crash) via malformed content in a Flash Shockwave (.SWF) file, as demonstrated by by ROT13 encoding the body of the file but not the headers. |
| Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe "is NOT designed to run setuid-root." Therefore this identifier applies *only* to those configurations and installations under which pppoe is run setuid root despite the developer's warnings. |
| Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. |
| Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors. |
| Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit. |
| Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( CPU consumption or application exit) and possibly execute arbitrary code via a long string. |