| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SGI IRIX buffer overflow in xterm and Xaw allows root access. |
| A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file. |
| The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. |
| CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which allows a remote attacker to cause a denial of service. |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| Integer overflow in the real_setup_and_get_header function in real.c for Unix MPlayer 1.0pre5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a Real RTSP streaming media file with a -1 content-length field, which leads to a heap-based buffer overflow. |
| Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP. |
| BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. |
| The netstat service is running, which provides sensitive information to remote attackers. |
| The INN inndstart program allows local users to gain root privileges via the "pathrun" parameter in the inn.conf file. |
| The OS/2 or POSIX subsystem in NT is enabled. |
| An application-critical Windows NT registry key has inappropriate permissions. |
| The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. |
| CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password. |
| The SSH authentication agent follows symlinks via a UNIX domain socket. |
| The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack. |
| Arkiea nlservd allows remote attackers to conduct a denial of service. |
| Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of this vulnerability. |
| Cross-site scripting (XSS) vulnerability in TeeKai Forum 1.2 allows remote attackers to inject arbitrary web script or HTML via the valid_username_online cookie. |
| Buffer overflow in restore program 0.4b17 and earlier in dump package allows local users to execute arbitrary commands via a long tape name. |