| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root. |
| Buffer overflow in Dosemu Slang library in Linux. |
| Local users can perform a denial of service in Alpha Linux, using MILO to force a reboot. |
| wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. |
| A bug in Cyrix CPUs on Linux allows local users to perform a denial of service. |
| A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. |
| In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection. |
| Cross-site scripting (XSS) vulnerability in search.html in Alkacon OpenCms 6.0.0, 6.0.2, and 6.0.3 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search action. |
| By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. |
| Cross-site scripting (XSS) vulnerability in index.php in DGBook 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) email, and (4) address parameters. |
| Cross-site scripting (XSS) vulnerability in Wiki content in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors. |
| Local users can perform a denial of service in NetBSD 1.3.3 and earlier versions by creating an unusual symbolic link with the ln command, triggering a bug in VFS. |
| The editing form in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to execute arbitrary Ruby code via unknown attack vectors. |
| PHP remote file inclusion vulnerability in nucleus/libs/PLUGINADMIN.php in Nucleus 3.22 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[DIR_LIBS] parameter. |
| A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. |
| The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses. |
| A Windows NT local user or administrator account has a guessable password. |
| A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares. |
| A Unix account has a guessable password. |
| A Windows NT local user or administrator account has a default, null, blank, or missing password. |
