| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command. |
| Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header. |
| Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request containing "%2e" (dot dot) characters. |
| The prompt parsing in bash allows a local user to execute commands as another user by creating a directory with the name of the command to execute. |
| MSHTML.DLL in Internet Explorer 5.0 allows a remote attacker to paste a file name into the file upload intrinsic control, a variant of "untrusted scripted paste" as described in MS:MS98-013. |
| Multiple directory traversal vulnerabilities in SitePanel 2.6.1 and earlier (SitePanel2) allows remote attackers to (1) delete arbitrary files via the id parameter in a rmattach action to 5.php, or (2) read arbitrary files via the lang parameter to index.php. |
| The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate. |
| Buffer overflow in Savant 3.0 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Host HTTP header. |
| Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands. |
| Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges. |
| Vulnerability in iPlanet Web Server Enterprise Edition 4.x. |
| Local attackers can conduct a denial of service in Midnight Commander 4.x with a symlink attack. |
| Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory. |
| index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter. |
| Navision Financials Server 2.60 and earlier allows remote attackers to cause a denial of service by sending a null character and a long string to the server port (2407), which causes the server to crash. |
| Buffer overflow in the Linux mail program "deliver" allows local users to gain root access. |
| A malicious Palace server can force a client to execute arbitrary programs. |
| CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient field. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory. |