| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x. |
| The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. |
| HP CDE program includes the current directory in root's PATH variable. |
| The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root. |
| The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code. |
| Cross-site scripting vulnerability in Citrix NFuse 1.6 and earlier does not quote results from the getLastError method, which allows remote attackers to execute script in other clients via the NFuse_Application parameter to (1) launch.jsp or (2) launch.asp. |
| When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page". |
| KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories. |
| The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| IRIX fam service allows an attacker to obtain a list of all files on the server. |
| Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL. |
| Buffer overflow in Solaris fdformat command gives root access to local users. |
| A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares. |
| An SNMP community name is guessable. |
| The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. |
| A Windows NT file system is not NTFS. |
| A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire. |
| The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. |
| Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. |
| Buffer overflow in ToxSoft NextFTP client through CWD command. |