| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password. |
| Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname. |
| The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks. |
| The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests. |
| Gibraltar Firewall 2.2 and earlier, when using the ClamAV update to 0.81 for Squid, uses a defunct ClamAV method to scan memory for viruses, which does not return an error code and prevents viruses from being detected. |
| PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended. |
| The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. |
| ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event. |
| backup/backup_scheduled.php in Moodle before 1.6.2 generates trace data with the full backup pathname even when debugging is disabled, which might allow attackers to obtain the pathname. |
| The Outlook Progress Ctl control allows remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. |
| A service or application has a backdoor password that was placed there by the developer. |
| Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service. |
| suidperl in Linux Perl does not check the nosuid mount option on file systems, allowing local users to gain root access by placing a setuid script in a mountable file system, e.g. a CD-ROM or floppy disk. |
| PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. |
| HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests. |
| ICMP messages to broadcast addresses are allowed, allowing for a Smurf attack that can cause a denial of service. |
| BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37. |
| An SNMP community name is guessable. |
| BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers. |
| X fontserver xfs allows local users to cause a denial of service via malformed input to the server. |
