| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote attackers to determine the existence of arbitrary directories via ".." sequences in the album parameter, which generates different error messages depending on whether the directory exists or not. |
| The Fetch.FetchContact.1 ActiveX control (Fetch.dll) for Rediff Bol 7.0 allows remote attackers to read the Windows Address Book via the FullAddressBook method. |
| Race condition in xterm allows local users to modify arbitrary files via the logging option. |
| Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences. |
| Multiple memory leaks in the LDAP component in Fedora Directory Server 1.0 allow remote attackers to cause a denial of service (memory consumption) via invalid BER packets that trigger an error, which might prevent memory from being freed if it was allocated during the ber_scanf call, as demonstrated using the ProtoVer LDAP test suite. |
| The convert-fcrontab program in fcron 3.0.0 might allow local users to gain privileges via a long command-line argument, which causes Linux glibc to report heap memory corruption, possibly because a strcpy in the strdup2 function can "overwrite some data." |
| Directory traversal vulnerability in auxpage.php in phpCoin 1.2.1b and earlier allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the page parameter. |
| Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request. |
| Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) the $text variable in SpelCheck.pm or (2) the $filename variable in HTMLPlog.pm. |
| The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed. |
| The Sun Web-Based Enterprise Management (WBEM) installation script stores a password in plaintext in a world readable file. |
| perfmon (perfmon.c) in Linux kernel on IA64 architectures allows local users to cause a denial of service (crash) by interrupting a task while another process is accessing the mm_struct, which triggers a BUG_ON action in the put_page_testzero function. |
| PostBoard 2.0.1 and earlier with BBcode allows remote attackers to cause a denial of service (CPU consumption) and corrupt the database via null \0 characters within [code] tags. |
| Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank. |
| Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field). |
| Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. |
| The installation of VolanoChatPro chat server sets world-readable permissions for its configuration file and stores the server administrator passwords in plaintext, which allows local users to gain privileges on the server. |
| Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. |
| useradd in Solaris 7.0 does not properly interpret certain date formats as specified in the "-e" (expiration date) argument, which could allow users to login after their accounts have expired. |
| SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. |