| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files. |
| Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. |
| Cross-site scripting (XSS) vulnerability in user_add.php in IDevSpot PhpLinkExchange 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter. |
| The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash. |
| Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and earlier has unknown attack vectors and unknown but "critical" impact. |
| Buffer overflow in healthd for FreeBSD allows local users to gain root privileges. |
| Format string vulnerability in the log function in Net::Server 0.87 and earlier, as used in Postfix Greylisting Policy Server (Postgrey) 1.18 and earlier, and possibly other products, allows remote attackers to cause a denial of service (crash) via format string specifiers that are not properly handled before being sent to syslog, as demonstrated using sender addresses to Postgrey. |
| LG U8120 mobile phone allows remote attackers to cause a denial of service (device crash) via a malformed MIDI file. |
| Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe. |
| Buffer overflow in LCDproc allows remote attackers to gain root privileges via the screen_add command. |
| PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets. |
| eGroupWare 1.0.6 and earlier, when an e-mail is composed with an attachment but not sent, will send that attachment in the next e-mail, which may cause sensitive information to be sent to the wrong recipient. |
| The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server. |
| Cross-site scripting (XSS) vulnerability in index.php in Pinnacle Cart allows remote attackers to inject arbitrary web script or HTML via the pg parameter. |
| Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept. |
| fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges. |
| The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts. |
| Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command. |
| Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus. |
| Cross-site scripting (XSS) vulnerability in search.php for Simple PHP Blog (sphpBlog) 0.4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter. |
