| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. |
| XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000. |
| Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command. |
| Multiple cross-site scripting (XSS) vulnerabilities in MySource 2.14.0 allow remote attackers to inject arbitrary web script or HTML via (1) the target_url parameter in upgrade_in_progress_backend.php, (2) the stylesheet parameter in edit_table_cell_type_wysiwyg.php, and the bgcolor parameter in (3) insert_table.php, (4) edit_table_cell_props.php, (5) header.php, (6) edit_table_row_props.php, and (7) edit_table_props.php. |
| The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code. |
| Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx. |
| The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversized or fragmented ICMP packets. |
| The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be executed from the local host, which allows remote attackers to execute arbitrary commands via Microsoft Networking. |
| Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. |
| The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands. |
| The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges. |
| In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. |
| Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. |
| Denial of service in Sendmail 8.6.11 and 8.6.12. |
| MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. |
| Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command. |
| Buffer overflow in sar for SCO OpenServer 5.0.0 through 5.0.5 may allow local users to gain root privileges via a long -f parameter, a different vulnerability than CVE-1999-1570. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| The SunView (SunTools) selection_svc facility allows remote users to read files. |
| buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters. |
