| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service. |
| MC/ServiceGuard and MC/LockManager in HP-UX allows local users to gain privileges through SAM. |
| Patrol management software allows a remote attacker to conduct a replay attack to steal the administrator password. |
| Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file. |
| Remote attackers can perform a denial of service in WinGate machines using a buffer overflow in the Winsock Redirector Service. |
| Solaris ff.core allows local users to modify files. |
| L0phtcrack 2.5 used temporary files in the system TEMP directory which could contain password information. |
| An attacker can identify a CISCO device by sending a SYN packet to port 1999, which is for the Cisco Discovery Protocol (CDP). |
| A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso. |
| The Expression Evaluator sample application in ColdFusion allows remote attackers to read or delete files on the server via exprcalc.cfm, which does not restrict access to the server properly. |
| Linux ftpwatch program allows local users to gain root privileges. |
| Internet Explorer 5.0 allows window spoofing, allowing a remote attacker to spoof a legitimate web site and capture information from the client. |
| Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter. |
| The SVR4 /dev/wabi special device file in NetBSD 1.3.3 and earlier allows a local user to read or write arbitrary files on the disk associated with that device. |
| The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter. |
| A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. |
| Local users can perform a denial of service in Tripwire 1.2 and earlier using long filenames. |
| SQL injection vulnerability in Hitachi HITSENSER3 HITSENSER3/PRP, HITSENSER3/PUP, HITSENSER3/STP, and HITSENSER3/EUP allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. |
| Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. |
| Remote attackers can perform a denial of service using IRIX fcagent. |