| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ImageCast Control Center 4.1.0 allows remote attackers to cause a denial of service (resource exhaustion or system crash) via a long string to port 12002. |
| Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error. |
| The Windows Media Device Manager (WMDM) Service in Microsoft Windows Media Player 7.1 on Windows 2000 systems allows local users to obtain LocalSystem rights via a program that calls the WMDM service to connect to an invalid local storage device, aka "Privilege Elevation through Windows Media Device Manager Service". |
| Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter. |
| Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument. |
| Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name. |
| exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file. |
| Cross-site scripting vulnerability in sgdynamo.exe for Sgdynamo allows remote attackers to execute arbitrary Javascript via a URL with the script in the HTNAME parameter. |
| Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet. |
| Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plugin) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long DefineSound tag. |
| Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field. |
| Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. |
| Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. |
| Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier. |
| htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack. |
| Gaim 0.57 stores sensitive information in world-readable and group-writable files in the /tmp directory, which allows local users to access MSN web email accounts of other users who run Gaim by reading authentication information from the files. |
| Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name. |
| Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed. |
| Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability. |
| inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. |
