| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in listserv allows arbitrary command execution. |
| Buffer overflow in ircd allows arbitrary command execution. |
| Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney Rated Images Script 0.5.0 does not properly filter all vulnerable HTML tags, which allows remote attackers to inject arbitrary web script or HTML via Javascript in a DIV tag. |
| Denial of service in talk program allows remote attackers to disrupt a user's display. |
| htmlscript CGI program allows remote read access to files. |
| The info2www CGI script allows remote file access or remote command execution. |
| Excite for Web Servers (EWS) allows remote command execution via shell metacharacters. |
| Remote command execution in Microsoft Internet Explorer using .lnk and .url files. |
| Denial of service through Winpopup using large user names. |
| The web interface in NotifyLink 3.0 does not properly restrict access to functions that have been disabled in the GUI, which allows remote authenticated users to bypass intended restrictions via a direct request to certain URLs. |
| SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. |
| Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. |
| ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack. |
| Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time. |
| Buffer overflow in FreeBSD lpd through long DNS hostnames. |
| nis_cachemgr for Solaris NIS+ allows attackers to add malicious NIS+ servers. |
| IE Tab 1.0.9 plugin for Mozilla Firefox 1.5.0.3 allows remote user-assisted attackers to cause a denial of service (application crash), possibly due to a null dereference, via certain Javascript, as demonstrated using a url parameter to the content/reloaded.html page in a chrome:// URI. Some third-party researchers claim that they are unable to reproduce this vulnerability. |
| HP-UX vgdisplay program gives root access to local users. |
| SSH 1.2.25 on HP-UX allows access to new user accounts. |
| disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames. |
