| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program. |
| glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command. |
| Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack. |
| Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts IntelliLink Pro 5.06 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter in addlink_lwp.cgi and the (2) id, (3) forgotid, and (4) forgotpass parameters in edit.cgi. |
| Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request. |
| Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands. |
| MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege. |
| Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message. |
| Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message. |
| get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program. |
| The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs. |
| Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of service via a malformed IMAP request. |
| search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack. |
| Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n option. |
| IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi. |
| Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. |
| Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files. |
| PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands. |
| Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name. |
| AIX techlibss allows local users to overwrite files via a symlink attack. |
