| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors. |
| Multiple cross-site scripting (XSS) vulnerabilities in index.php in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) 1.5.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) path and (2) download parameters. |
| Multiple cross-site scripting (XSS) vulnerabilities in VisionProject 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) projectIssueId parameter in EditProjectIssue.do, the (2) projectId parameter in ProjectSelected.do, the (3) folderId parameter in ProjectDocuments.do and the (4) sortField parameter in ProjectIssues.do. |
| Stack-based buffer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted IOCTL request that adds an AppleTalk zone to a routing table. |
| Integer signedness error in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk message with a negative value, which satisfies a signed comparison during mbuf allocation but is later interpreted as an unsigned value, which triggers a heap-based buffer overflow. |
| Integer overflow in the Networking component in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a crafted AppleTalk Session Protocol (ASP) message on an AppleTalk socket, which triggers a heap-based buffer overflow. |
| Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files. |
| Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink following. |
| Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm). |
| IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm). |
| Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on non-Windows systems, as demonstrated by AIX; and unspecified vectors involving (3) db2licm and (4) db2pd. |
| Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer. |
| The Trend Micro AntiVirus scan engine before 8.550-1001, as used in Trend Micro PC-Cillin Internet Security 2007, and Tmxpflt.sys 8.320.1004 and 8.500.0.1002, has weak permissions (Everyone:Write) for the \\.\Tmfilter device, which allows local users to send arbitrary content to the device via the IOCTL functionality. NOTE: this can be leveraged for privilege escalation by exploiting a buffer overflow in the handler for IOCTL 0xa0284403. |
| Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow in an sprintf function call. |
| PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter. |
| Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source 3.4 and 3.4.1 allows remote attackers to inject arbitrary web script or HTML via the login field on the login page, and other unspecified vectors. |
| The "Extended properties for entries" (entryproperties) plugin in serendipity_event_entryproperties.php in Serendipity 1.1.3 allows remote authenticated users to bypass password protection and "deliver custom entryproperties settings to the Serendipity Frontend" via a certain request that modifies the password being checked. |
| Unspecified vulnerability in Advanced Webhost Billing System (AWBS) before 2.6.0 allows remote authenticated users to obtain configuration data about other dedicated servers via unspecified vectors. |
| Multiple SQL injection vulnerabilities in Advanced Webhost Billing System (AWBS) before 2.6.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be leveraged for XSS attacks that "bypass AWBS's anti-XSS input validation." |
| SQL injection vulnerability in the login script in Real Estate listing website application template, when logging in as user or manager, allows remote attackers to execute arbitrary SQL commands via the Password parameter. |
