| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event. |
| The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of sockets. |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. |
| ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack. |
| IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT command which consumes memory, aka the "Chunked Transfer Encoding Buffer Overflow Vulnerability." |
| Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL. |
| The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program. |
| Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts. |
| The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords. |
| Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges. |
| Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain root privileges. |
| Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL. |
| The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users. |
| Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability. |
| Panda Security 3.0 allows users to uninstall the Panda software via its Add/Remove Programs applet. |
| The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. |
| read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. |
| Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086. |
| Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. |
| Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable. |