| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| wordtrans 1.1pre8 and earlier in the wordtrans-web package allows remote attackers to (1) execute arbitrary code or (2) conduct cross-site scripting attacks via certain parameters (possibly "dict") to the wordtrans.php script. |
| Buffer overflow in the simplify_path function in config.c for ChBg 1.5 allows remote attackers to execute arbitrary code via a crafted chbg scenario file. |
| The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys. |
| Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string. |
| remstats 1.0.13 and earlier, when processing uptime data, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. |
| index.php in aeDating 3.2 allows remote attackers to include arbitrary files via the skin parameter. |
| Linux bdash game has a buffer overflow that allows local users to gain root access. |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| Linux PAM modules allow local users to gain root access using temporary files. |
| Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands. |
| lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers an error message. |
| pwmconfig in LM_sensors before 2.9.1 creates temporary files insecurely, which allows local users to overwrite arbitrary files via a symlink attack on the fancontrol temporary file. |
| The demo version of the Quakenbush NT Password Appraiser sends passwords across the network in plaintext. |
| The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command. |
| Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. |
| Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands. |
| A router's routing tables can be obtained from arbitrary hosts. |
| Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. |
| Imate Webmail Server 2.5 allows remote attackers to cause a denial of service via a long HELO command. |
| The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. |