| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code. |
| SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD.ini, which could allow a remote attacker to gain privileges on the server. |
| Directory traversal vulnerability in SnapStream PVS 1.2a allows remote attackers to read arbitrary files via a .. (dot dot) attack in the requested URL. |
| Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands. |
| Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. |
| A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view arbitrary files via an encoded URL. |
| cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack. |
| Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the (1) PROMSGS or (2) PROTERMCAP environment variables. |
| Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable. |
| ZyXEL Prestige 642R and 642R-I routers do not filter the routers' Telnet and FTP ports on the external WAN interface from inside access, allowing someone on an internal computer to reconfigure the router, if the password is known. |
| The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to cause a denial of service. |
| D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments. |
| Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP request. |
| AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack. |
| Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and earlier allow local users to gain privileges via a long TERM environment variable to (1) atcronsh, (2) auditsh, (3) authsh, (4) backupsh, (5) lpsh, (6) sysadm.menu, or (7) termsh. |
| Panda Antivirus Platinum before 6.23.00 allows a remore attacker to cause a denial of service (crash) when a user selects an action for a malformed UPX packed executable file. |
| Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument. |
| linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process. |
| xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. |
| OmniSecure HTTProtect 1.1.1 allows a superuser without omnish privileges to modify a protected file by creating a symbolic link to that file. |
