| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| vold in Solaris 2.x allows local users to gain root access. |
| The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts. |
| Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet. |
| Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set. |
| iHTML Merchant allows remote attackers to obtain sensitive information or execute commands via a code parsing error. |
| userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. |
| Firewall-1 does not properly restrict access to LDAP attributes. |
| ypserv allows a local user to modify the GECOS and login shells of other users. |
| dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters. |
| Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. |
| Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls. |
| The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service. |
| UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers. |
| Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands. |
| TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form. |
| BNBForm allows remote attackers to read arbitrary files via the automessage hidden form variable. |
| MBone SDR Package allows remote attackers to execute commands via shell metacharacters in Session Initiation Protocol (SIP) messages. |
| classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters. |
| Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag. |