| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string. |
| The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe. |
| The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability. |
| The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the master browse tables, aka the "HostAnnouncement Flooding" or "HostAnnouncement Frame" vulnerability. |
| Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend. |
| The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. |
| Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet. |
| Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability. |
| Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary script as other users via the addview parameter of a ymsgr URI. |
| Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. |
| IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the "Malformed Extension Data in URL" vulnerability. |
| Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. |
| Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command. |
| XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000. |
| Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. |
| Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values. |
| An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data. |
| Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. |
| Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system. |
| NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog". |