| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Dino's Webserver 1.2 allows remote attackers to cause a denial of service (CPU consumption) and possibly execute arbitrary code via several large HTTP requests within a short time. |
| The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed repeatedly and quickly, which allows local users to access the current session. |
| umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files. |
| Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. |
| root privileges via buffer overflow in login/scheme command on SGI IRIX systems. |
| root privileges via buffer overflow in ordist command on SGI IRIX systems. |
| Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header. |
| RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. |
| GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO commands. |
| VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program. |
| root privileges via buffer overflow in xlock command on SGI IRIX systems. |
| PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message. |
| Buffer overflow in Yahoo! Messenger 5.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) message or (2) IMvironment field. |
| news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program. |
| JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability. |
| Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. |
| GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter. |
| Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code. |
| When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password. |
| Command execution in Sun systems via buffer overflow in the at program. |