| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges. |
| AV Option for MS Exchange Server option for InoculateIT 4.53, and possibly other versions, only scans the Inbox folder tree of a Microsoft Exchange server, which could allow viruses to escape detection if a user's rules cause the message to be moved to a different mailbox. |
| Internet Explorer 5.0 does not properly reset the username/password cache for Web sites that do not use standard cache controls, which could allow users on the same system to access restricted web sites that were visited by other users. |
| Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages. |
| The chpass command in OpenBSD allows a local user to gain root access through file descriptor leakage. |
| Multiple buffer overflows in how dtmail handles attachments allows a remote attacker to execute commands. |
| test-cgi program allows an attacker to list files on the server. |
| Apache httpd cookie buffer overflow for versions 1.1.1 and earlier. |
| HP Laserjet printers with JetDirect cards, when configured with TCP/IP, can be configured without a password, which allows remote attackers to connect to the printer and change its IP address or disable logging. |
| finger allows recursive searches by using a long string of @ symbols. |
| Multiple buffer overflows in WindowMaker 0.52 through 0.60.0 allow attackers to cause a denial of service and possibly execute arbitrary commands by executing WindowMaker with a long program name (argv[0]). |
| Buffer overflow in Apache 1.2.5 and earlier allows a remote attacker to cause a denial of service with a large number of GET requests containing a large number of / characters. |
| RIP v1 is susceptible to spoofing. |
| Palm Pilot HotSync Manager 3.0.4 in Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to port 14238 while the manager is in network mode. |
| Buffer overflow in AIX dtterm program for the CDE. |
| Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request. |
| Buffer overflow in AIX lchangelv gives root access. |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
| fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access. |
| The ghostscript command with the -dSAFER option allows remote attackers to execute commands. |
