| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access. |
| ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. |
| Remote execution of arbitrary commands through Guestbook CGI program. |
| Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy. |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords. |
| Linux cfingerd could be exploited to gain root access. |
| HP Remote Watch allows a remote user to gain root access. |
| Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands. |
| A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials. |
| VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys. |
| Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script. |
| Buffer overflow in listserv allows arbitrary command execution. |
| Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/UX 5.90 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attacks such as a long HELO command to the SMTP server. |
| IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. |
| cfingerd lists all users on a system via search.**@target. |
| The jj CGI program allows command execution via shell metacharacters. |
| Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character. |
| Netmanager Chameleon SMTPd has several buffer overflows that cause a crash. |
| The info2www CGI script allows remote file access or remote command execution. |