| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter. |
| VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. |
| Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure." |
| Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter. |
| PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended. |
| The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data. |
| Help and Support Center for Windows XP allows remote attackers to delete arbitrary files via a link to the hcp: protocol that accesses uplddrvinfo.htm. |
| Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. |
| Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. |
| uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode. |
| NETBIOS share information may be published through SNMP registry keys in NT. |
| Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. |
| Buffer overflow in the Pirch 98 IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hyperlink in a channel or private message. |
| Vulnerability in a script in Texas A&M University (TAMU) Tiger allows local users to execute arbitrary commands as the Tiger user, usually root. |
| GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers to cause a denial of service via a long username. |
| Unauthorized privileged access or denial of service via dtappgather program in CDE. |
| Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. |
| Buffer overflow in ToxSoft NextFTP client through CWD command. |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. |
| Picserver web server allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTP GET request. |
