| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Linux PAM modules allow local users to gain root access using temporary files. |
| A malicious Palace server can force a client to execute arbitrary programs. |
| CGI PHP mlog script allows an attacker to read any file on the target server. |
| Internet Explorer 4.01 allows remote attackers to read local files and spoof web pages via a "%01" character in an "about:" Javascript URL, which causes Internet Explorer to use the domain specified after the character. |
| A buffer overflow in the FTP list (ls) command in IIS allows remote attackers to conduct a denial of service and, in some cases, execute arbitrary commands. |
| NT users can gain debug-level access on a system process using the Sechole exploit. |
| IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. |
| ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption. |
| rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory. |
| Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. |
| ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book. |
| Digital Unix 4.0 has a buffer overflow in the inc program of the mh package. |
| ptylogin in Unix systems allows users to perform a denial of service by locking out modems, dial out with that modem, or obtain passwords. |
| Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets. |
| FTP PASV "Pizza Thief" denial of service and unauthorized data access. Attackers can steal data by connecting to a port that was intended for use by a client. |
| NetWare version of LaserFiche stores usernames and passwords unencrypted, and allows administrative changes without logging. |
| WS_FTP server remote denial of service through cwd command. |
| SuSE 5.2 PLP lpc program has a buffer overflow that leads to root compromise. |
| Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. |
| The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. |
