| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book. |
| Digital Unix 4.0 has a buffer overflow in the inc program of the mh package. |
| ptylogin in Unix systems allows users to perform a denial of service by locking out modems, dial out with that modem, or obtain passwords. |
| WS_FTP server remote denial of service through cwd command. |
| Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. |
| The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. |
| In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. |
| NetBSD netstat command allows local users to access kernel memory. |
| Linux ftpwatch program allows local users to gain root privileges. |
| Lynx allows a local user to overwrite sensitive files through /tmp symlinks. |
| Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root. |
| Debian GNU/Linux cfengine package is susceptible to a symlink attack. |
| Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands. |
| Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs. |
| Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services. |
| InterScan VirusWall for Solaris doesn't scan files for viruses when a single HTTP request includes two GET commands. |
| super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. |
| The screen saver in Windows NT does not verify that its security context has been changed properly, allowing attackers to run programs with elevated privileges. |
| ACC Tigris allows public access without a login. |
| The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. |