| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| HP-UX gwind program allows users to modify arbitrary files. |
| Buffer overflow in Solaris kcms_configure command allows local users to gain root access. |
| lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. |
| The open() function in FreeBSD allows local attackers to write to arbitrary files. |
| netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges. |
| ppl program in HP-UX allows local users to create root files through symlinks. |
| HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host. |
| vhe_u_mnt program in HP-UX allows local users to create root files through symlinks. |
| Vulnerability in HP-UX mediainit program. |
| Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_". |
| SGI syserr program allows local users to corrupt files. |
| Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066. |
| Buffer overflow in NetMeeting allows denial of service and remote command execution. |
| In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access. |
| AIX Licensed Program Product performance tools allow local users to gain root access. |
| Buffer overflow in the libauth library in Solaris allows local users to gain additional privileges, possibly root access. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker to monitor conversations happening near a machine that has a microphone. |
| CGI PHP mlog script allows an attacker to read any file on the target server. |
| Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character. |
