| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Ultimate PHP Board (UPB) 1.0 and 1.0b allows remote authenticated users to gain privileges and perform unauthorized actions via direct requests to (1) admin_members.php, (2) admin_config.php, (3) admin_cat.php, or (4) admin_forum.php. |
| Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) Message Server, (2) Web Dispatcher, or (3) Application Server. |
| kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod. |
| PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code. |
| Sendmail WIZ command enabled, allowing root access. |
| Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515. |
| Denial of service of inetd on Linux through SYN and RST packets. |
| Buffer overflow in FTP Serv-U 2.5 allows remote authenticated users to cause a denial of service (crash) via a long (1) CWD or (2) LS (list) command. |
| Attackers can do a denial of service of IRC by crashing the server. |
| Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords. |
| Remote command execution in Microsoft Internet Explorer using .lnk and .url files. |
| The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. |
| The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. |
| In IIS, an attacker could determine a real path using a request for a non-existent URL that would be interpreted by Perl (perl.exe). |
| A service or application has a backdoor password that was placed there by the developer. |
| A remote attacker can sometimes identify the operating system of a host based on how it reacts to some IP or ICMP packets, using a tool such as nmap or queso. |
| Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service. |
| Versions of rpcbind including Linux, IRIX, and Wietse Venema's rpcbind allow a remote attacker to insert and delete entries by spoofing a source address. |
| Remote attackers can crash Lynx and Internet Explorer using an IMG tag with a large width parameter. |
| The Webcom CGI Guestbook programs wguest.exe and rguest.exe allow a remote attacker to read arbitrary files using the "template" parameter. |