| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability. |
| NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process. |
| Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. |
| The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft. |
| asmon and ascpu in FreeBSD allow local users to gain root privileges via a configuration file. |
| The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords. |
| The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands. |
| Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands via a long login name. |
| IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. |
| Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. |
| Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'. |
| Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service. |
| StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. |
| The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist. |
| DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters. |
| ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions. |
| HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555. |
| Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability. |
