| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. |
| Internet Explorer 6.0 in Windows XP SP2 allows remote attackers to bypass the Information Bar prompt for ActiveX and Javascript via an XHTML page that contains an Internet Explorer formatted comment between the DOCTYPE tag and the HTML tag, as demonstrated using the DesignScience MathPlayer ActiveX plugin. |
| Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities. |
| Sendmail decode alias can be used to overwrite sensitive files. |
| Various vulnerabilities in the AIX portmir command allows local users to obtain root access. |
| Buffer overflow in AIX writesrv command allows local users to obtain root access. |
| Buffer overflow in AIX rcp command allows local users to obtain root access. |
| Buffer overflow in AIX libDtSvc library can allow local users to gain root access. |
| SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow remote attackers to bypass authentication by connecting to it from the same IP address as the administrator who is logged in, then accessing the setup_status.htm or status.HTM pages. |
| IRIX and AIX automountd services (autofsd) allow remote users to execute root commands. |
| Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. |
| A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap. |
| AIX routed allows remote users to modify sensitive files. |
| Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter. |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. |
| Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX. |
| getcwd() file descriptor leak in FTP. |
| Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to gain sensitive information via a direct request to (1) accountsettings_add.html or (2) topmenu.html. |
| wu-ftp allows files to be overwritten via the rnfr command. |
| Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary files via a ....// (doubled dot dot) in the folderold or folder parameters to folders.html. |
