| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The default configuration of the DNS Server service on Windows Server 2003 and Windows 2000, and the Microsoft DNS Server service on Windows NT 4.0, allows recursive queries and provides additional delegation information to arbitrary IP addresses, which allows remote attackers to cause a denial of service (traffic amplification) via DNS queries with spoofed source IP addresses. |
| Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows local users to obtain hashed passwords or execute arbitrary code as other users. |
| PHP remote file inclusion vulnerability in user_check.php for Pavsta Auto Site allows remote attackers to execute arbitrary PHP code via the sitepath parameter. |
| Directory traversal vulnerability in Golden FTP Server 2.60 allows remote authenticated attackers to list arbitrary directories via a "\.." (backslash dot dot) in an LS (LIST) command. |
| Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page. |
| Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors. |
| Prevx Pro 2005 1.0 allows local users to bypass file protection and modify files by using MapViewOfFile to perform memory mapping on the file. |
| The kernel driver in Prevx Pro 2005 1.0 does not verify the source of certain messages, which allows local users to bypass protection by sending certain messages to the driver, as demonstrated by sending an "allow" message to bypass a warning message. |
| SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server. |
| Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier. |
| Cacti 0.8.6e and earlier does not perform proper input validation to protect against common attacks, which allows remote attackers to execute arbitrary commands or SQL by sending a legitimate value in a POST request or cookie, then specifying the attack string in the URL, which causes the get_request_var function to return the wrong value in the $_REQUEST variable, which is cleansed while the original malicious $_GET value remains unmodified, as demonstrated in (1) graph_image.php and (2) graph.php. |
| Multiple race conditions in the terminal layer in Linux 2.4.x, and 2.6.x before 2.6.9, allow (1) local users to obtain portions of kernel data via a TIOCSETD ioctl call to a terminal interface that is being accessed by another thread, or (2) remote attackers to cause a denial of service (panic) by switching from console to PPP line discipline, then quickly sending data that is received during the switch. |
| spf.c in Courier Mail Server does not properly handle DNS failures when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption. |
| SQL injection vulnerability in Geeklog before 1.3.11 allows remote attackers to execute arbitrary SQL commands via user comments for an article. |
| SQL injection vulnerability in class.ticket.php in osTicket 1.3.1 beta and earlier allows remote attackers to execute arbitrary SQL commands via the ticket variable. |
| EMC Dantz Retrospect 7 backup client 7.0.107, and other versions before 7.0.109, and 6.5 before 6.5.138 allows remote attackers to cause a denial of service (client termination and loss of backup service) via a malformed packet to TCP port 497, which triggers an assert error. |
| PHP local file inclusion vulnerability in (1) view.php and (2) open.php in osTicket 1.3.1 beta and earlier allows remote attackers to include and possibly execute arbitrary local files via the inc parameter. |
| SQL injection vulnerability in news.php in PHPNews 1.2.5 allows remote attackers to execute arbitrary SQL commands via the prevnext parameter. |
| A regression error in the embedded HSQLDB in JBoss jBPM 2.0 allows remote attackers to execute arbitrary comands, a re-introduction of a vulnerability that was originally identified by CVE-2003-0845. |
| PHP remote file inclusion vulnerability in form.inc.php3 in MyGuestbook 0.6.1 allows remote attackers to execute arbitrary PHP code via the lang parameter. |
