| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
| Delete or create a file via rpc.statd, due to invalid information. |
| root privileges via buffer overflow in pset command on SGI IRIX systems. |
| root privileges via buffer overflow in login/scheme command on SGI IRIX systems. |
| in.rshd allows users to login with a NULL username and execute commands. |
| Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access. |
| Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. |
| Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. |
| Attackers can do a denial of service of IRC by crashing the server. |
| Cross-site scripting (XSS) vulnerability in Elite Forum 1.0.0.0 allows remote attackers to inject arbitrary web script or HTML via a Post Reply to a topic, in which the reply contains a javascript: URL in an <img> tag. |
| Microsoft Taskpads allows remote web sites to execute commands on the visiting user's machine via certain methods that are marked as Safe for Scripting. |
| DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root. |
| In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login. |
| Files created from interactive shell sessions in Cobalt RaQ microservers (e.g. .bash_history) are world readable, and thus are accessible from the web server. |
| Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection. |
| Remote attackers can perform a denial of service in WebRamp systems by sending a malicious string to the HTTP port. |
| phpBB 2.0.17 and earlier allows remote attackers to bypass protection mechanisms that deregister global variables by setting both a GET/POST/COOKIE (GPC) variable and a GLOBALS[] variable with the same name, which causes phpBB to unset the GLOBALS[] variable but not the GPC variable. |
| HP OpenMail can be misconfigured to allow users to run arbitrary commands using malicious print requests. |
| A Windows NT account policy has inappropriate, security-critical settings for lockout, e.g. lockout duration, lockout after bad logon attempts, etc. |
| A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking. |
