| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| SQL injection vulnerability in Serendipity 0.7-beta1 allows remote attackers to execute arbitrary SQL commands via the entry_id parameter to (1) exit.php or (2) comment.php. |
| Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to read arbitrary files under the web root via unspecified attack vectors related to the OpenTextFile method in Scripting.FileSystemObject. |
| Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. |
| The Perl fingerd program allows arbitrary command execution from remote users. |
| The ghostscript command with the -dSAFER option allows remote attackers to execute commands. |
| The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. |
| PHP remote file inclusion vulnerability in loginout.php in FarsiNews 2.1 Beta 2 and earlier, with register_globals enabled, allows remote attackers to include arbitrary files via a URL in the cutepath parameter. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs. |
| The passwd command in Solaris can be subjected to a denial of service. |
| Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code. |
| Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. |
| Denial of service in in.comsat allows attackers to generate messages. |
| Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. |
| In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. |
| Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. |
| Genius VideoCAM NB Driver does not drop privileges when saving files, which allows local users to gain privileges by opening arbitrary files via the "save as" dialog. |
| Denial of service by sending forged ICMP unreachable packets. |
