| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code. |
| Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code via a p->dir value that is larger than XFRM_POLICY_OUT, which is used as an index in the sock->sk_policy array. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Multiple cross-site scripting (XSS) vulnerabilities in phpLDAPadmin 0.9.8 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dn parameter in (a) compare_form.php, (b) copy_form.php, (c) rename_form.php, (d) template_engine.php, and (e) delete_form.php; (2) scope parameter in (f) search.php; and (3) Container DN, (4) Machine Name, and (5) UID Number fields in (g) template_engine.php. |
| main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack. |
| linki.py in ekg 2005-06-05 and earlier allows local users to overwrite or create arbitrary files via a symlink attack on temporary files. |
| mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference. |
| romload.c in DGen Emulator 1.23 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files during decompression of (1) gzip or (2) bzip ROM files. |
| The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. |
| CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of service via a malformed IPP request. |
| sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname. |
| rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. |
| Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information. |
| The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords. |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. |
| A cron job in fcheck before 2.7.59 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. |
| fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack. |
| Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. |
| Untrusted search path vulnerability in libtunepimp-perl 0.4.2-1 in Debian GNU/Linux includes an RPATH value under the /tmp/buildd directory for the tunepimp.so module, which might allow local users to gain privileges by installing malicious libraries in that directory. |
| Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file. |
