| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| htmlscript CGI program allows remote read access to files. |
| ICMP redirect messages may crash or lock up a host. |
| Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution. |
| MetaInfo MetaWeb web server allows users to upload, execute, and read scripts. |
| Denial of service in Slmail v2.5 through the POP3 port. |
| Denial of service in Windows NT DNS servers through malicious packet which contains a response to a query that wasn't made. |
| Denial of service in Windows NT DNS servers by flooding port 53 with too many characters. |
| Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote attackers to execute arbitrary code via a long HTTP_USER_AGENT CGI environment variable. |
| prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP code via an invalid language value, which prevents the variables (1) $l_statsblock in prefs.php or (2) $l_privnotify in auth.php from being properly initialized, which can be modified by the user and later used in an eval statement. |
| The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exists, which allows users to access services in a remote domain. |
| Directory traversal vulnerability in modules.php in Gallery before 1.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the include parameter. |
| Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection. |
| CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT). |
| Vulnerability in the Wguest CGI program. |
| The Apache web server for Win32 may provide access to restricted files when a . (dot) is appended to a requested URL. |
| Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension. |
| Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable. |
| fpkg2swpk in HP-UX allows local users to gain root access. |
| Buffer overflow in xmcd 2.1 allows local users to gain access through a user resource setting. |
| SGI mediad program allows local users to gain root access. |
