| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| chroot in Digital Ultrix 4.1 and 4.0 is insecurely installed, which allows local users to gain privileges. |
| NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly. |
| Hummingbird Exceed X version 5 allows remote attackers to cause a denial of service via malformed data to port 6000. |
| SQL injection vulnerability in news.php in VARIOMAT allows remote attackers to execute arbitrary SQL commands via the subcat parameter. |
| The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root. |
| LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges. |
| Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service. |
| Multiple cross-site scripting (XSS) vulnerabilities in Yet Another Forum.net 0.9.9 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) location, or (3) Subject field. |
| Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft Affiliate Network Pro 7.2 allow remote attackers to inject arbitrary web script or HTML via (1) the Err parameter in admin/index.php and the (2) firstname and (3) lastname parameters in index.php. |
| SQL injection vulnerability in view_album.php in SelectaPix 1.4 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources. |
| dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file. |
| IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters. |
| LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo. |
| Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges. |
| Cross-site scripting (XSS) vulnerability in PunBB 1.2.11 allows remote authenticated administrators to inject arbitrary HTML or web script to other administrators via the "Admin note" feature, a different vulnerability than CVE-2006-2227. |
| Hyperseek allows remote attackers to modify the hyperseek configuration by directly calling the admin.cgi program with an edit_file action parameter. |
| Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument. |
| Buffer overflow in Rainbow Six Multiplayer allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long nickname (nick) command. |
| Java in Netscape 4.5 does not properly restrict applets from connecting to other hosts besides the one from which the applet was loaded, which violates the Java security model and could allow remote attackers to conduct unauthorized activities. |
| WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled. |
