| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself. |
| A bug in Cyrix CPUs on Linux allows local users to perform a denial of service. |
| Buffer overflow in the Mail-Max SMTP server for Windows systems allows remote command execution. |
| A buffer overflow in lsof allows local users to obtain root privilege. |
| Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege. |
| By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. |
| Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. |
| Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access. |
| The cancel command in Solaris 2.6 (i386) has a buffer overflow that allows local users to obtain root access. |
| Several startup scripts in SCO OpenServer Enterprise System v 5.0.4p, including S84rpcinit, S95nis, S85tcp, and S89nfs, are vulnerable to a symlink attack, allowing a local user to gain root access. |
| In IIS and other web servers, an attacker can attack commands as SYSTEM if the server is running as SYSTEM and loading an ISAPI extension. |
| A buffer overflow in the SGI X server allows local users to gain root access through the X server font path. |
| In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection. |
| The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration. |
| Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port. |
| 64 bit Solaris 7 procfs allows local users to perform a denial of service. |
| Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection. |
| When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code, it quickly and repeatedly attempts to redeliver the message, causing a denial of service. |
| umapfs allows local users to gain root privileges by changing their uid through a malicious mount_umap program. |
| During a reboot after an installation of Linux Slackware 3.6, a remote attacker can obtain root access by logging in to the root account without a password. |
