| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command. |
| Tigris remote access server before 11.5.4.22 does not properly record Radius accounting information when a user fails the initial login authentication but subsequently succeeds. |
| Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service. |
| The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files. |
| Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to execute arbitrary commands via a long GET request. |
| Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345. |
| eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily decrypt the passwords. |
| Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbitrary commands via a long HTTP GET request. |
| BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower. |
| Buffer overflow in Microsoft Outlook and Outlook Express allows remote attackers to execute arbitrary commands via a long Date field in an email header, aka the "Malformed E-mail Header" vulnerability. |
| Sybergen Sygate allows remote attackers to cause a denial of service by sending a malformed DNS UDP packet to its internal interface. |
| LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request. |
| The Razor configuration management tool uses weak encryption for its password file, which allows local users to gain privileges. |
| SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS. |
| Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited. |
| Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy. |
| Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface. |
| Directory traversal vulnerability in Lotus Domino 5.0.5 web server allows remote attackers to read arbitrary files via a .. attack. |
| Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures. |