Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.

Vulnerability in WebCalendar 0.9.26 allows remote command execution.

Multiple buffer overflows in s.cgi program in Aspseek search engine 1.03 and earlier allow remote attackers to execute arbitrary commands via (1) a long HTTP query string, or (2) a long tmpl parameter...

index.php in Jelsoft vBulletin does not properly initialize a PHP variable that is used to store template information, which allows remote attackers to execute arbitrary PHP code via special character...

Format string vulnerability in Mutt before 1.2.5 allows a remote malicious IMAP server to execute arbitrary commands.

SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack...

Buffer overflow in SNMP proxy agent snmpd in Solaris 8 may allow local users to gain root privileges by calling snmpd with a long program name.

Buffer overflow in FTPFS allows local users to gain root privileges via a long user name.

Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter.

template.cgi in Free On-Line Dictionary of Computing (FOLDOC) allows remote attackers to read files and execute commands via shell metacharacters in the argument to template.cgi.

Buffer overflows in ascdc Afterstep while running setuid allows local users to gain root privileges via a long (1) -d option, (2) -m option, or (3) -f option.

Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.

postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a high...

Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration.

INDEXU 2.0 beta and earlier allows remote attackers to bypass authentication and gain privileges by setting the cookie_admin_authenticated cookie value to 1.

Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request containing "%2e" (dot dot) character...

Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password.

Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command.

Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.

Buffer overflow in logging functions of licq before 1.0.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands.

licq before 1.0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.

dcboard.cgi in DCForum 2000 1.0 allows remote attackers to execute arbitrary commands by uploading a Perl program to the server and using a .. (dot dot) in the AZ parameter to reference the program.

Buffer overflow in Savant 3.0 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Host HTTP header.

Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands.