| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file. |
| Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability. |
| The forum.pl script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. |
| Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".." sequences. |
| Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. |
| Unknown vulnerability in Radia Management Agent (RMA) in HP OpenView Radia Management Portal (RMP) 1.x and 2.x allows remote attackers to execute arbitrary commands via unknown vectors. |
| Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. |
| SQL injection vulnerability in posting_notes.php in the notes module for phpBB allows remote attackers to execute arbitrary SQL commands via the p parameter, which is used in the $post_id variable, and other attack vectors. |
| SQL injection vulnerability in Accelerated Mortgage Manager allows remote attackers to execute arbitrary SQL commands via the password field. |
| Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets. |
| The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cache_dump_file parameter. |
| The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778. |
| Safari 1.3 allows remote attackers to cause a denial of service (application crash) via a long https URL that triggers a NULL pointer dereference. |
| iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms. |
| Unspecified vulnerability in HP-UX B.11.23 on Itanium platforms allows local users to cause a denial of service due to a "specific stack size." |
| Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file. |
| Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp. |
| AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. |
| Cocktail 3.5.4 and possibly earlier in Mac OS X passes the administrative password on the command line to sudo in cleartext, which allows local users to gain sensitive information by running listing processes. |
| Cross-site scripting (XSS) vulnerability in SURVIVOR before 0.9.6 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. |
