| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A router or firewall forwards packets that claim to come from IANA reserved or private addresses, e.g. 10.x.x.x, 127.x.x.x, 217.x.x.x, etc. |
| The Windows NT guest account is enabled. |
| A Unix account with a name other than "root" has UID 0, i.e. root privileges. |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. |
| A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys. |
| The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. |
| KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories. |
| QMS CrownNet Unix Utilities for 2060 allows root to log on without a password. |
| Buffer overflows in Red Hat net-tools package. |
| Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake. |
| The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. |
| Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. |
| Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program. |
| When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. |
| Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems. |
| Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. |
| UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack. |
| Denial of service in BIND by improperly closing TCP sessions via so_linger. |
| Buffer overflow in Serv-U FTP 2.5 allows remote users to conduct a denial of service via the SITE command. |
| Denial of service in IIS using long URLs. |