111.5K CVEs classified as high severity
Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.
The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.
The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other...
Buffer overflow in cfingerd allows local users to gain root privileges via a long GECOS field.
The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization.
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables.
Buffer overflow in INN inews program.
Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.
Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability.
After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password.
The Bluestone Sapphire web server allows session hijacking via easily guessable session IDs.
Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux.
SCO Doctor allows local users to gain root privileges through a Tools option.
Buffer overflow in CDE Calendar Manager Service Daemon (rpc.cmsd).
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges.
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
HP CDE program includes the current directory in root's PATH variable.
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows remote attackers to execute commands via m_invite invite option.
The WebRamp web administration utility has a default password.
The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve.
The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service.