| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in AIX writesrv command allows local users to obtain root access. |
| Buffer overflow in AIX rcp command allows local users to obtain root access. |
| Buffer overflow in AIX libDtSvc library can allow local users to gain root access. |
| SMC routers SMC7004VWBR running firmware 1.00.014 and SMC7008ABR EU running firmware 1.42.003 allow remote attackers to bypass authentication by connecting to it from the same IP address as the administrator who is logged in, then accessing the setup_status.htm or status.HTM pages. |
| IRIX and AIX automountd services (autofsd) allow remote users to execute root commands. |
| Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. |
| A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap. |
| AIX routed allows remote users to modify sensitive files. |
| Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter. |
| Buffer overflow in rwhod on AIX and other operating systems allows remote attackers to execute arbitrary code via a UDP packet with a long hostname. |
| Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX. |
| getcwd() file descriptor leak in FTP. |
| Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to gain sensitive information via a direct request to (1) accountsettings_add.html or (2) topmenu.html. |
| wu-ftp allows files to be overwritten via the rnfr command. |
| Multiple directory traversal vulnerabilities Merak Mail Server 7.4.5 with Icewarp Web Mail 5.2.7, and possibly other versions, allow remote attackers to (1) create arbitrary directories via a .. (dot dot) in the user parameter to viewaction.html or (2) rename arbitrary files via a ....// (doubled dot dot) in the folderold or folder parameters to folders.html. |
| Buffer overflow in wu-ftp from PASV command causes a core dump. |
| PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password. |
| Multiple SQL injection vulnerabilities in index.php in Subjects 2.0 Postnuke module allow remote attackers to execute arbitrary SQL commands via the (1) pageid, (2) subid, or (3) catid parameters. |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. |
| Vacation program allows command execution by remote users through a sendmail command. |
