| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in Netscape Communicator via EMBED tags in the pluginspage option. |
| The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. |
| Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands via long parameters such as group, cmd, and utag. |
| Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. |
| Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands. |
| Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets. |
| Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. |
| Directory traversal vulnerability in btdownload.php in Blog Torrent preview 0.8 allows remote attackers to download arbitrary files via a .. (dot dot) in the file argument. |
| Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. |
| Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field. |
| Denial of service in syslog by sending it a large number of superfluous messages. |
| The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. |
| The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. |
| The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters. |
| Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability." |
| The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers. |
| Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones. |
| Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. |
| Buffer overflow in the expandtabs function in 2fax 3.04 allows remote attackers to execute arbitrary code via a text file that is converted to TIFF. |
| IRIX fam service allows an attacker to obtain a list of all files on the server. |
