| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. |
| Cross-site scripting (XSS) vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoed in an error message. |
| SGI IRIX buffer overflow in xterm and Xaw allows root access. |
| Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon. |
| Buffer overflow in dtaction command gives root access. |
| AIX infod allows local users to gain root access through an X display. |
| The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earlier allows remote attackers to cause a denial of service (application crash) via invalid characters in a message, which causes several alert dialogs to be displayed and leads to a crash. |
| AIX passwd allows local users to gain root access. |
| Denial of service when an attacker sends many SYN packets to create multiple connections without ever sending an ACK to complete the connection, aka SYN flood. |
| AIX bugfiler program allows local users to gain root access. |
| The "Forgot your Password" link in Computer Associates (CA) Unicenter Management Portal 2.0 and 3.1 displays different error messages for users that exist and users that do not exist, which could allow remote attackers to guess valid usernames. |
| Buffer overflow in ffbconfig in Solaris 2.5.1. |
| The printers program in IRIX has a buffer overflow that gives root access to local users. |
| Finger redirection allows finger bombs. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm. |
| Buffer overflow in SLmail 3.x allows attackers to execute commands using a large FROM line. |
| EmuLive Server4 Commerce Edition Build 7560 allows remote attackers to bypass authentication for the remote administration feature via a URL that contains an extra leading / (slash). |
| Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names. |
| PHP remote file inclusion vulnerability in Function.php in Mambo 4.5 (1.0.9) allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_absolute_path parameter to reference a URL on a remote web server that contains the code. |
