| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in NLS (Natural Language Service). |
| AIX passwd allows local users to gain root access. |
| Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request. |
| Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field. |
| Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer. |
| Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC7, 9.40.TC8, 10.00.TC4, and 10.00.TC5, when running on Windows, allows remote attackers to execute arbitrary code via a long username, which causes an overflow in vsprintf when displaying in the resulting error message. NOTE: this issue is due to an incomplete fix for CVE-2006-3853. |
| document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program. |
| Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error. |
| WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e. |
| The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow. |
| Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form. |
| BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. |
| The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server. |
| IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. |
| Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges. |
| Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges. |
| Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files including (2) pdisable, (3) pstart, (4) phold, (5) pdelay, or (6) pshare. |
| Multiple cross-site scripting (XSS) vulnerabilities in Lotus Domino iNotes Client 6.5.4 and 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) an email subject; (2) an encoded javascript URI, as demonstrated using "java script:"; or (3) when the Domino Web Access ActiveX control is not installed, via an email attachment filename. |
| Buffer overflow in the lex routines of nslookup for AIX 4.3 may allow attackers to cause a core dump and possibly execute arbitrary code via "long input strings." |
| Denial of service in BIND named via malformed SIG records. |
