| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter. |
| ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site. |
| The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient. |
| NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access. |
| FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities. |
| FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email. |
| The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files. |
| Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable. |
| Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges. |
| Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges. |
| Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges. |
| Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges. |
| The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. |
| NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature. |
| Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request. |
| The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files. |
| The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. |
| Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. |
| Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name. |
| The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post. |