| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges. |
| Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program. |
| When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information. |
| NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network. |
| NetBSD allows ARP packets to overwrite static ARP entries. |
| The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. |
| Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. |
| Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable. |
| Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems. |
| The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. (dot dot) attack. |
| Denial of service in Compaq Management Agents and the Compaq Survey Utility via a long string sent to port 2301. |
| Buffer overflow in Solaris lpset program allows local users to gain root access. |
| Buffer overflows in Mars NetWare Emulation (NWE, mars_nwe) package via long directory names. |
| Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. |
| Alibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack. |
| IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions. |
| Denial of service in HP-UX SharedX recserv program. |
| KDE klock allows local users to kill arbitrary processes by specifying an arbitrary PID in the .kss.pid file. |
| KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable. |
| FreeBSD allows local users to conduct a denial of service by creating a hard link from a device special file to a file on an NFS file system. |
