| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. |
| ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot) into the URL. |
| HP-UX aserver program allows local users to gain privileges via a symlink attack. |
| strace allows local users to read arbitrary files via memory mapped file names. |
| Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. |
| FTPPro allows local users to read sensitive information, which is stored in plain text. |
| The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands. |
| WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter. |
| Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request. |
| Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands. |
| IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. |
| Denial of service in Savant web server via a null character in the requested URL. |
| CascadeView TFTP server allows local users to gain privileges via a symlink attack. |
| Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username. |
| Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. |
| wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file. |
| IMail POP3 daemon uses weak encryption, which allows local users to read files. |
| DNS PRO allows remote attackers to conduct a denial of service via a large number of connections. |
| Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin. |
| Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory. |