| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory, which might allow remote attackers to cause a denial of service (infinite loop). |
| SQL injection vulnerability in ADOdb before 4.71, when using PostgreSQL, allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors involving binary strings. |
| Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL. |
| SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow. |
| squid_redirect script in adzapper before 2006-01-29 allows remote attackers to cause a denial of service (CPU consumption) via a URL with a large number of trailing / (forward slashes), which might produce inefficient regular expressions. |
| MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. |
| Multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) id, (3) num, (4) board, (5) cat, (6) real, (7) viewcat, (8) img, or (9) curcatname parameter in cgi-bin/index.cgi, or (10) vsSD parameter in /mods/calendar/index.cgi. |
| root privileges via buffer overflow in xlock command on SGI IRIX systems. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| Csetup under IRIX allows arbitrary file creation or overwriting. |
| AIX bugfiler program allows local users to gain root access. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| Unspecified vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to read arbitrary files under the web root via unspecified attack vectors related to the OpenTextFile method in Scripting.FileSystemObject. |
| Kerberos 4 key servers allow a user to masquerade as another by breaking and generating session keys. |
| Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. |
| Denial of service in in.comsat allows attackers to generate messages. |
| Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. |
| Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. |
| In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. |