| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. |
| The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash. |
| The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service (crash) by sending the raw messages (1) 206, (2) 211, (3) 213, (4) 214, (5) 215, (6) 217, (7) 218, (8) 243, (9) 302, (10) 317, (11) 324, (12) 332, (13) 333, (14) 352, and (15) 367. |
| The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. |
| Cross-site scripting (XSS) vulnerability in E-Guest_sign.pl in E-Guest 1.1 allows remote attackers to inject arbitrary SSI directives, web script, and HTML via the (1) full name, (2) email, (3) homepage, and (4) location parameters. NOTE: this issue might overlap CVE-2005-1605. |
| Multiple cross-site scripting (XSS) vulnerabilities in PROMS before 0.11 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. |
| Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command. |
| Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded code. |
| The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Validation Vulnerability." |
| Buffer overflows in wuarchive ftpd (wu-ftpd) and ProFTPD lead to remote root access, a.k.a. palmetto. |
| The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts. |
| Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root. |
| Multiple SQL injection vulnerabilities in index.php in CMS.R. 5.5 allow remote attackers to execute arbitrary SQL commands via the (1) adminname and (2) adminpass parameters. NOTE: some of these details are obtained from third party information. |
| Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting. |
| The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. |
| Multiple cross-site scripting (XSS) vulnerabilities in Ykoon RssReader allow remote attackers to inject arbitrary web script or HTML via a web feed, as demonstrated by certain test cases of the Robert Auger and Caleb Sima RSS and Atom feed reader test suite. |
| Buffer overflow in the bootp server in the Debian Linux netstd package. |
| The DCC server command in the Mirc 5.5 client doesn't filter characters from file names properly, allowing remote attackers to place a malicious file in a different location, possibly allowing the attacker to execute commands. |
| Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege. |
| Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port. |