| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters. |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. |
| PHP remote file include vulnerability in help_text_vars.php in PHPGedView 3.3.7 and earlier allows remote attackers to execute arbitrary code via a URL in the PGV_BASE_DIRECTORY parameter. |
| Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request. |
| The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. |
| A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them. |
| The zsoelim program in the Debian man-db package allows local users to overwrite files via a symlink attack. |
| The KDE klock program allows local users to unlock a session using malformed input. |
| Heap-based buffer overflow in the get_bhead function in readfile.c in Blender BlenLoader 2.0 through 2.40pre allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a .blend file with a negative bhead.len value, which causes less memory to be allocated than expected, possibly due to an integer overflow. |
| Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable. |
| Unspecified vulnerability in Macromedia JRun 4 web server (JWS) allows remote attackers to view web application source code via "a malformed URL." |
| A default configuration of CiscoSecure Access Control Server (ACS) allows remote users to modify the server database without authentication. |
| KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories. |
| The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| Buffer overflow in the "Add to archive" command in WinRAR 3.51 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by tricking the user into adding a file whose filename contains a non-default code page and non-ANSI characters, as demonstrated using a Chinese filename, possibly due to buffer expansion when using the WideCharToMultiByte API. NOTE: it is not clear whether this problem can be exploited for code execution. If not, then perhaps the user-assisted nature of the attack should exclude the issue from inclusion in CVE. |
| The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| Cross-site scripting (XSS) vulnerability in OpenCms 6.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters. |
| Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable. |
| Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument. |
| Cross-site scripting (XSS) vulnerability in papaya CMS 4.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the bab[searchfor] parameter. |
