| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname. |
| ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow. |
| The DHTML Edit ActiveX control in Internet Explorer allows remote attackers to read arbitrary files. |
| The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. |
| Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation. |
| Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates. |
| Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. |
| manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code via a URL that contains shell metacharacters. |
| Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images. |
| Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname. |
| Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of the clipboard via the getData method of the clipboardData object. |
| Arbitrary command execution via IMAP buffer overflow in authenticate command. |
| Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. |
| Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. |
| pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. |
| In older versions of Sendmail, an attacker could use a pipe character to execute root commands. |
| in.rshd allows users to login with a NULL username and execute commands. |
| The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands. |