cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.

Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.

Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.

Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka...

The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.

The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories.

fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck.

Buffer overflow in LCDproc allows remote attackers to gain root privileges via the screen_add command.

Buffer overflow in healthd for FreeBSD allows local users to gain root privileges.

The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter.

Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter.

Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands.

Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros in external text files, which could allow an attacker to execute a macro virus, aka the "XLM Text Ma...

RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070.

Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability.

The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users.

Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL.

Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side...

The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields.

The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords.

The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program.

The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands.

Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain root privileges.

Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts.