In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set.

When the Microsoft SMTP service attempts to send a message to a server and receives a 4xx error code, it quickly and repeatedly attempts to redeliver the message, causing a denial of service.

Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.

Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port.

In Linux before version 2.0.36, remote attackers can spoof a TCP connection and pass data to the application layer before fully establishing the connection.

Buffer overflow in gnuplot in Linux version 3.5 allows local users to obtain root access.

A bug in Cyrix CPUs on Linux allows local users to perform a denial of service.

wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself.

Denial of service in Linux 2.2.0 running the ldd command on a core file.

In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login.

A race condition in the BackWeb Polite Agent Protocol allows an attacker to spoof a BackWeb server.

Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.

Buffer overflow in Thomas Boutell's cgic library version up to 1.05.

DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root.

Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL.

The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.

SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File to point to the target file, th...

InterScan VirusWall for Solaris doesn't scan files for viruses when a single HTTP request includes two GET commands.

Process table attack in Unix systems allows a remote attacker to perform a denial of service by filling a machine's process tables through multiple connections to network services.

Local users in Windows NT can obtain administrator privileges by changing the KnownDLLs list to reference malicious programs.

In Sun Solaris and SunOS, man and catman contain vulnerabilities that allow overwriting arbitrary files.

WS_FTP server remote denial of service through cwd command.

Windows 98 and other operating systems allows remote attackers to cause a denial of service via crafted "oshare" packets, possibly involving invalid fragmentation offsets.

Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service.