| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Netmanager Chameleon SMTPd has several buffer overflows that cause a crash. |
| The info2www CGI script allows remote file access or remote command execution. |
| CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution. |
| Progressive Networks Real Video server (pnserver) can be crashed remotely. |
| sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter. |
| Excite for Web Servers (EWS) allows remote command execution via shell metacharacters. |
| Buffer overflow in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6 allows local users to gain root privileges. |
| Remote command execution in Microsoft Internet Explorer using .lnk and .url files. |
| categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows remote attackers to determine the absolute path of the web server via an invalid category ID (cid) parameter, which leaks the pathname in an error message. |
| The Java Web Server would allow remote users to obtain the source code for CGI programs. |
| Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. |
| Qpopper (aka in.qpopper or popper) 4.0.3 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a very large string, which causes an infinite loop. |
| The WinGate telnet proxy allows remote attackers to cause a denial of service via a large number of connections to localhost. |
| ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack. |
| Eudora 5.1 and earlier versions stores attachments in a directory with a fixed name, which could make it easier for attackers to exploit vulnerabilities in other software that rely on installing and reading files from directories with known pathnames. |
| SunOS/Solaris FTP clients can be forced to execute arbitrary commands from a malicious FTP server. |
| Buffer overflow in BNU UUCP daemon (uucpd) through long hostnames. |
| Cross-site scripting vulnerability in Board-TNK 1.3.1 and earlier allows remote attackers to execute arbitrary Javascript via the WEB parameter. |
| mmap function in BSD allows local attackers in the kmem group to modify memory through devices. |
| Bitvise WinSSHD before 2002-03-16 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of incomplete connections that are not properly terminated, which are not properly freed by SSHd. |