| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Darwin Streaming Server 5.0.1, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) via a DESCRIBE request with a location that contains a null byte. |
| Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities. |
| Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with administrator privileges, to execute arbitrary code via a long RedirectAll command. |
| Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename. |
| SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and delete mail metadata or e-mail addresses of contacts via the indexOfMail parameter. |
| Cross-site scripting (XSS) vulnerability in admin.asp in CMailServer 5.2 allows remote attackers to execute arbitrary web script or HTML via personal information fields, such as (1) username, (2) name, or (3) comments. |
| Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments. |
| Multiple cross-site scripting (XSS) vulnerabilities in Microsoft W3Who ISAPI (w3who.dll) allow remote attackers to inject arbitrary HTML and web script via (1) HTTP headers such as "Connection" or (2) invalid parameters whose values are echoed in the resulting error message. |
| Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string. |
| Multiple buffer overflows in WS_FTP Server 5.03 2004.10.14 allow remote attackers to cause a denial of service (service crash) via long (1) SITE, (2) XMKD, (3) MKD, and (4) RNFR commands. |
| Buffer overflow in CuteFTP Professional 6.0, and possibly other versions, allows remote FTP servers to cause a denial of service (application crash) via large replies to FTP commands. |
| Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function, which does not properly validate IGMP message parameters and performs an out-of-bounds read. |
| VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu. |
| Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). |
| Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (application hang) and possibly fill available disk space via an invalid RTP timestamp. |
| The HTTP dissector in Ethereal 0.10.1 through 0.10.7 allows remote attackers to cause a denial of service (application crash) via a certain packet that causes the dissector to access previously-freed memory. |
| Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. |
| The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack. |
| Buffer overflow in the open_aiff_file function in demux_aiff.c for xine-lib (libxine) 1-rc7 allows remote attackers to execute arbitrary code via a crafted AIFF file. |
| Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges. |
