| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Music daemon (musicd) 0.0.3 and earlier allows remote attackers to cause a denial of service (crash) by calling LOAD with a binary file as an argument, then calling SHOWLIST. |
| BEA WebLogic Server and WebLogic Express 8.1 SP2 and earlier, and 7.0 SP4 and earlier, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote attackers to spoof other users or servers. |
| Multiple unspecified vulnerabilities in Oracle for OpenView (OfO) 8.1.7, 9.1.01, and 9.2, and OfO for Linux, allow remote attackers to have an unknown impact via unknown attack vectors. NOTE: because of the lack of details in the vendor advisory, it is unclear which set of existing CVEs this advisory might refer to. |
| AIX nslookup command allows local users to obtain root access by not dropping privileges correctly. |
| php.cgi allows attackers to read any file on the system. |
| AIX piodmgrsu command allows local users to gain additional group privileges. |
| Directory traversal vulnerability in WebAPP 0.9.9 allows remote attackers to view arbitrary files via a .. (dot dot) in the viewcat parameter. |
| The "Allow cPanel users to reset their password via email" feature in cPanel 9.1.0 build 34 and earlier, including 8.x, allows remote attackers to execute arbitrary code via the user parameter to resetpass. |
| SQL injection vulnerability in index.php in TClanPortal 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands, and retrieve all usernames and passwords, via the id parameter. |
| Windows NT 4.0 beta allows users to read and delete shares. |
| Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root. |
| Race condition in Linux mailx command allows local users to read user files. |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| Livingston RADIUS code has a buffer overflow which can allow remote execution of commands as root. |
| The login page for cPanel 9.1.0, and possibly other versions, allows remote attackers to execute arbitrary code via shell metacharacters in the user parameter. |
| Buffer overflow in Solaris x86 mkcookie allows local users to obtain root access. |
| Denial of service in Qmail by specifying a large number of recipients with the RCPT command. |
| The handler CGI program in IRIX allows arbitrary command execution. |
| Java Bytecode Verifier allows malicious applets to execute arbitrary commands as the user of the applet. |
| The wrap CGI program in IRIX allows remote attackers to view arbitrary directory listings via a .. (dot dot) attack. |
