| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service (resource exhaustion) via DOS devices, using a URL that ends with a space and a null character. |
| Cross-site scripting in PostCalendar 3.02 allows remote attackers to insert arbitrary HTML and script, and steal cookies, by modifying a calendar entry in its preview page. |
| Buffer overflow in pioout on AIX 4.3.3. |
| mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow. |
| CGIscript.net csMailto.cgi program allows remote attackers to use csMailto as a "spam proxy" and send mail to arbitrary users via modified (1) form-to, (2) form-from, and (3) form-results parameters. |
| Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie. |
| Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root. |
| The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL. |
| faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. |
| Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior." |
| ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault panic) via "an incorrect reference to thread register state." |
| The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid and invalid usernames during authentication, which makes it easier for remote attackers to conduct brute force attacks. |
| Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name. |
| The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, which could modify intended access restrictions that are based on a MAC address. |
| mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories. |
| Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. |
| Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote attackers to inject arbitrary HTML into the shoutbox page via the site parameter. |
| Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters. |
| The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request. |
| Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files. |
