| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server. |
| Cross-site scripting (XSS) vulnerability in webglimpse.cgi in Webglimpse 2.14.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the ID parameter. |
| Denial of service of inetd on Linux through SYN and RST packets. |
| Multiple cross-site scripting (XSS) vulnerabilities in Binary Board System (BBS) 0.2.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) inreplyto, (2) article, and (3) board parameters to reply.pl, (4) branch, (5) board, and (6) stats.pl parameters to (b) stats.pl, and (7) board parameter to (c) toc.pl. |
| Livingston portmaster machines could be rebooted via a series of commands. |
| Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. |
| SQL injection vulnerability in ZixForum 1.12 allows remote attackers to execute arbitrary SQL commands via the H_ID parameter to (1) zixforum/forum.asp, as used in (2) Headforums.asp and (3) Subject.asp. |
| Denial of service in Windows NT IIS server using ..\.. |
| Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access. |
| IIS 1.0 allows users to execute arbitrary commands using .bat or .cmd files. |
| Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root. |
| Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the resulting page. |
| Some configurations of NIS+ in Linux allowed attackers to log in as the user "+". |
| Adobe (formerly Macromedia) ColdFusion MX 6.0, 6.1, 6.1 with JRun, and 7.0 allows remote attackers to attach arbitrary files and send mail via a crafted Subject field, which is not properly handled by the CFMAIL tag in applications that use ColdFusion, aka "CFMAIL injection Vulnerability". |
| HP Remote Watch allows a remote user to gain root access. |
| Adobe (formerly Macromedia) ColdFusion MX 7.0 does not honor when the CFOBJECT /CreateObject(Java) setting is disabled, which allows local users to create an object despite the specified configuration. |
| Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands. |
| Windows NT RSHSVC program allows remote users to execute arbitrary commands. |
| Adobe (formerly Macromedia) ColdFusion MX 7.0 exposes the password hash of the Administrator in an API call, which allows local developers to obtain the hash and gain privileges. |
| Denial of service in Qmail through long SMTP commands. |
