| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file. |
| Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is used in a self-referencing URL, a different vulnerability than CAN-2002-0840. |
| Unspecified vulnerability in Sun Solaris 10 allows context-dependent attackers to cause a denial of service (panic) via unspecified vectors involving the event port API. |
| The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privileges. |
| emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message. |
| Multiple SQL injection vulnerabilities in index.php in DMANews 0.904 and 0.910 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in a comments action and the (2) sortorder and (3) display_num parameters in a news_list action. |
| Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user. |
| Multiple array index errors in the (1) recv_rules, (2) recv_select_unit, (3) recv_options, and (4) recv_unit_data functions in multiplay.cpp in UFO2000 svn 1057 allow remote attackers to execute arbitrary code and cause a denial of service (opponent crash) via certain packet data that specifies an out-of-bounds index. |
| The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (crash) via an HTTP request without a Content-Length parameter. |
| Unspecified vulnerability in the Trackback functionality in DotClear 1.2.1 has unknown impact and attack vectors. |
| Multiple SQL injection vulnerabilities in Zen Cart 1.3.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via (1) GPC data to the ipn_get_stored_session function in ipn_main_handler.php, which can be leveraged to modify elements of $_SESSION; and allow remote authenticated users to execute arbitrary SQL commands via (2) a session id within a cookie to whos_online_session_recreate, (3) the quantity field to the add_cart function, (4) an id[] parameter when adding an item to a shopping cart, or (5) a redemption code when checking out (dc_redeem_code parameter to includes/modules/order_total/ot_coupon.php). |
| Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak. |
| Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to insert arbitrary HTML or script via an HTTP request to a .jsp file whose name contains the malicious script and some encoded linefeed characters (%0a). |
| SQL injection vulnerability in index.php in Entergal MX 2.0 allows remote attackers to execute arbitrary SQL commands via the (1) idcat parameter in a showcat action and (2) the action parameter. |
| Directory traversal vulnerability in Zen Cart 1.3.0.2 and earlier allows remote attackers to include and possibly execute arbitrary local files via directory traversal sequences in the typefilter parameter. |
| PHP remote file inclusion vulnerability in constants.php in SiteDepth CMS 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the SD_DIR parameter. |
| Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow. |
| The Javascript engine in Mozilla Firefox before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 might allow remote attackers to execute arbitrary code via vectors involving garbage collection that causes deletion of a temporary object that is still being used. |
| The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's credentials after root uses su. |
| Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. |
