| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. |
| Real Networks RealServer 7.x allows remote attackers to cause a denial of service via a malformed request for a page in the viewsource directory. |
| In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server. |
| Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. |
| Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files. |
| Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the lastrealm variable in the set_tgtkey function. |
| SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS. |
| Kodak Color Management System (KCMS) on Solaris allows a local user to write to arbitrary files and gain root access. |
| Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that contains an img bbcode tag that calls index.php with the signup action, which is executed when the administrator's browser loads the page with the img tag. |
| admintool in Solaris allows a local user to write to arbitrary files and gain root access. |
| vold in Solaris 2.x allows local users to gain root access. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. |
| Cross-site scripting (XSS) vulnerability in SettingsBase.php in Pinnacle ShowCenter 1.51 build 121 allows remote attackers to inject arbitrary HTML or web script via the Skin parameter, which is echoed in an error message. |
| SGI IRIX buffer overflow in xterm and Xaw allows root access. |
| Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon. |
| Buffer overflow in dtaction command gives root access. |
| AIX infod allows local users to gain root access through an X display. |
| The Base64 function in PopMessenger 1.60 (before 20 Sep 2004) and earlier allows remote attackers to cause a denial of service (application crash) via invalid characters in a message, which causes several alert dialogs to be displayed and leads to a crash. |
