| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| Buffer overflow in the Linux mail program "deliver" allows local users to gain root access. |
| Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. |
| mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference. |
| Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option. |
| znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. |
| Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time." |
| htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. |
| Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines. |
| gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp. |
| Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. |
| Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option. |
| Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function. |
| GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files. |
| Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments. |
| mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks. |
| Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. |
| Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command. |
| Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands. |
| man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion). |
