| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unspecified vulnerability in weblog.pl in PerlBlog 1.09b and earlier allows remote attackers to create arbitrary files and possibly execute arbitrary code via unspecified attack vectors related to improper handling of (1) the reply parameter, possibly involving injection of (2) the name parameter and (3) the body parameter. |
| Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) $u2u_select array parameter to u2u.inc.php and (2) $val variable (fidpw0 cookie value) in today.php. |
| Cross-site scripting (XSS) vulnerability in calendar.php in MyBulletinBoard (MyBB) 1.0.4 allows remote attackers to inject arbitrary web script or HTML via a URL that is not sanitized before being returned as a link in "advanced details". NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| Buffer overflow in BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server 2.2 and 4.0 before SP3 Hotfix 4 for IBM Lotus Domino, 3.6 before SP7 and 5.0 before SP3 Hotfix 3 for Microsoft Exchangem, and 4.0 for Novell GroupWise before SP3 Hotfix 1 might allow user-assisted remote attackers to execute arbitrary code on the server via a crafted Microsoft Word document that is opened on a wireless device. |
| Denial of service in BIND by improperly closing TCP sessions via so_linger. |
| Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values. |
| UnixWare uidadmin allows local users to modify arbitrary files via a symlink attack. |
| Denial of service in BIND named via malformed SIG records. |
| The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters. |
| Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library. |
| Unspecified vulnerability in config.php in Skate Board 0.9 allows remote authenticated administrators to execute arbitrary PHP code by causing certain variables in config.php to be modified, possibly due to XSS or direct static code injection. |
| Buffer overflow in BIND 8.2 via NXT records. |
| Buffer overflow in NFS server on Linux allows attackers to execute commands via a long pathname. |
| Denial of service in Linux syslogd via a large number of connections. |
| Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter. |
| Buffer overflow in SCO UnixWare Xsco command via a long argument. |
| Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability. |
| By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. |
| Buffer overflow in FreeBSD angband allows local users to gain privileges. |
| Michael Salzer Guestbox 0.6, and other versions before 0.8, allows remote attackers to post an admin comment to a guestbook entry via a certain modified form, possibly related to the nummer parameter. |
