| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple SQL injection vulnerabilities in login in paFAQ 1.0 Beta 4 allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) username or (2) id parameters. |
| Cross-site scripting (XSS) vulnerability in index.php in Usenet Script 0.5 allows remote attackers to inject arbitrary web script or HTML via the group parameter. |
| The SunView (SunTools) selection_svc facility allows remote users to read files. |
| Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command. |
| Buffer overflow in NCSA WebServer (version 1.5c) gives remote access. |
| Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy. |
| Denial of service in Qmail through long SMTP commands. |
| IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL. |
| Remote command execution in Microsoft Internet Explorer using .lnk and .url files. |
| Buffer overflow in procmail before version 3.12 allows remote or local attackers to execute commands via expansions in the procmailrc configuration file. |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. |
| The ExAir sample site in IIS 4 allows remote attackers to cause a denial of service (CPU consumption) via a direct request to the (1) advsearch.asp, (2) query.asp, or (3) search.asp scripts. |
| Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. |
| A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. |
| The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authentication through the "cancel" button. |
| The Logon box of a Windows NT system displays the name of the last user who logged in. |
| Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable. |
| Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument. |
| Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option. |
| The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack. |