| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system. |
| Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument. |
| bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB) before 1.5d3 allows remote attackers to determine the existence of files and user ID's by specifying the target file in the HISTFILE parameter. |
| Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters. |
| Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL. |
| Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes. |
| Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter. |
| The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to cause a denial of service by sending a random stream of bytes. |
| SQL injection vulnerability in view.php in Open Guestbook 0.5 allows remote attackers to execute arbitrary SQL commands via the offset parameter. |
| Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain privileges. |
| imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack from the .imwheelrc file. |
| Buffer overflow in socks5 server on Linux allows attackers to execute arbitrary commands via a long connection request. |
| PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases. |
| Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users. |
| Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. |
| Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi. |
| Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine. |
| Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back. |
| Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument. |
| Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program. |