| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The OS/2 or POSIX subsystem in NT is enabled. |
| Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics. |
| The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. |
| Denial of service in AIX ptrace system call allows local users to crash the system. |
| Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd). |
| Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux. |
| The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root. |
| Vulnerability in Compaq Tru64 UNIX edauth command. |
| Buffer overflow in Windows NT 4.0 help file utility via a malformed help file. |
| The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input. |
| KDE K-Mail allows local users to gain privileges via a symlink attack in temporary user directories. |
| QMS CrownNet Unix Utilities for 2060 allows root to log on without a password. |
| Buffer overflows in Red Hat net-tools package. |
| Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake. |
| The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable. |
| Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. |
| Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program. |
| When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. |
| Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems. |
| Microsoft Windows 2000 running the Terminal Server 90-day trial version, and possibly other versions, does not apply group policies to incoming users when the number of connections to the SYSVOL share exceeds the maximum, e.g. with a maximum number of licenses, which can allow remote authenticated users to bypass group policies. |