| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| AmTote International homebet program stores the homebet.log file in the homebet/ virtual directory, which allows remote attackers to steal account and PIN numbers. |
| Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter. |
| Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value. |
| Multiple SQL injection vulnerabilities in ASP-DEV ASP Resources Forum allow remote attackers to execute arbitrary SQL commands via the (1) forum_id parameter to forum.asp, (2) unspecified parameters to register.asp, and (3) the "Search For" field in search.asp. |
| The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan. |
| Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. |
| Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges. |
| Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges. |
| Microsoft Visual Studio 6.0 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code by instantiating certain Visual Studio 6.0 ActiveX COM Objects in Internet Explorer, including (1) tcprops.dll, (2) fp30wec.dll, (3) mdt2db.dll, (4) mdt2qd.dll, and (5) vi30aut.dll. |
| RealVNC 4.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of connections to port 5900. |
| Ground Control II: Operation Exodus 1.0.0.7 and earlier allows remote servers to cause a denial of service (client or server crash) via a large packet, which generates a "Message too long" socket error that is treated as a critical error. |
| The Apple Java plugin, as used in Netscape 7.1 and 7.2, Mozilla 1.7.2, and Firefox 0.9.3 on MacOS X 10.3.5, when tabbed browsing is enabled, does not properly handle SetWindow(NULL) calls, which allows Java applets from one tab to draw to other tabs and facilitates phishing attacks that spoof tabs. |
| The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0, which allows remote attackers to obtain sensitive information via sniffing. |
| The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, which allows remote attackers to read and write arbitrary files in the root folder. |
| The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote attackers to cause a denial of service (memory consumption) via a large number of connections to the BlackICE system that consumes more resources than intended by the user. |
| Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz. |
| The Unidirectional Lightweight Encapsulation (ULE) decapsulation component in dvb-core/dvb_net.c in the dvb driver in the Linux kernel 2.6.17.8 allows remote attackers to cause a denial of service (crash) via an SNDU length of 0 in a ULE packet. |
| SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code. |
| The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass. |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges. |
