| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.46.12 and 8.47.04 has unknown impact and attack vectors, aka Vuln# PSE01. |
| Windows NT 4.0 beta allows users to read and delete shares. |
| When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies. |
| Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 has unknown impact and attack vectors, aka Vuln# JDE01. |
| Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root. |
| Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle. |
| Buffer overflow in AIX lchangelv gives root access. |
| Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon. |
| Windows NT 3.51 and 4.0 running WINS (Windows Internet Name Service) allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed packets, which causes the server to slow down and fill the event logs with error messages. |
| SGI IRIX buffer overflow in xterm and Xaw allows root access. |
| Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters. |
| swinstall and swmodify commands in SD-UX package in HP-UX systems allow local users to create or overwrite arbitrary files to gain root access. |
| Cross-site scripting (XSS) vulnerability in Martin Scheffler betaboard 0.1 allows remote attackers to inject arbitrary web script or HTML via a user's profile, possibly using the FormVal_profile parameter. NOTE: it is not clear whether this is a distributable product or a site-specific vulnerability. If it is site-specific, then it should not be included in CVE. |
| Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
| avast! 4 Linux Home Edition 1.0.5 allows local users to modify permissions of arbitrary files via a symlink attack on the /tmp/_avast4_ temporary directory. |
| Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. |
| Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. |
| Cross-site scripting (XSS) vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter. |
| Local users can start Sendmail in daemon mode and gain root privileges. |
| Multiple buffer overflows in World Wide Web Consortium (W3C) Amaya 9.4, and possibly other versions including 8.x before 8.8.5, allow remote attackers to execute arbitrary code via a long value in (1) the COMPACT attribute of the COLGROUP element, (2) the ROWS attribute of the TEXTAREA element, and (3) the COLOR attribute of the LEGEND element; and via other unspecified attack vectors consisting of "dozens of possible snippets." |
