| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files. |
| NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021. |
| The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the CGI directory, which allow remote attackers to execute commands via shell metacharacters. |
| Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3, or (3) index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly initialized variables. |
| BuildDisk program on NeXT systems before 2.0 does not prompt users for the root password, which allows local users to gain root privileges. |
| Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges. |
| Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list. |
| Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDAP authentication failure occurs, which allows remote attackers to fully control clients via a Trojan horse Volution server. |
| ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack. |
| Microsoft Windows Media License Manager allows remote attackers to cause a denial of service by sending a malformed request that causes the manager to halt, aka the "Malformed Media License Request" Vulnerability. |
| Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. |
| Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable. |
| Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attackers to read arbitrary files. |
| Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. |
| Vulnerability in IntraGnat before 1.4. |
| SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges. |
| PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) recipient or (2) pgpuserid parameters. |
| The checkAccess function in PHPSlice 0.1.4, and all other versions between 0.1.1 and 0.1.6, does not properly verify the administrative access level, which could allow remote attackers to gain privileges. |
| Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL. |
| Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable. |