| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Delete or create a file via rpc.statd, due to invalid information. |
| Admin/admin.php in phpBazar 2.1.0 and earlier allows remote attackers to bypass the authentication process and gain unauthorized access to the administrative section by setting the action parameter to edit_member and the value parameter to 1. |
| Arbitrary command execution via buffer overflow in Count.cgi (wwwcount) cgi-bin program. |
| Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe program, which returns a valid cookie for the desired user. |
| DNS cache poisoning via BIND, by predictable query IDs. |
| root privileges via buffer overflow in pset command on SGI IRIX systems. |
| Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument. |
| Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument. |
| Dino's Webserver 1.2 allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via several large HTTP requests within a short time. |
| The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session. |
| umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files. |
| Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. |
| root privileges via buffer overflow in login/scheme command on SGI IRIX systems. |
| root privileges via buffer overflow in ordist command on SGI IRIX systems. |
| Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header. |
| RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. |
| GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO commands. |
| VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program. |
| root privileges via buffer overflow in xlock command on SGI IRIX systems. |
| PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message. |
