| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A network service is running on a nonstandard port. |
| There is a one-way or two-way trust relationship between Windows NT domains. |
| A WWW server is not running in a restricted file system, e.g. through a chroot, thus allowing access to system-critical data. |
| A filter in a router or firewall allows unusual fragmented packets. |
| A system-critical Windows NT registry key has inappropriate permissions. |
| A system does not present an appropriate legal message or warning to a user who is accessing it. |
| An event log in Windows NT has inappropriate access permissions. |
| The Logon box of a Windows NT system displays the name of the last user who logged in. |
| The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. |
| A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive. |
| A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. |
| A Windows NT log file has an inappropriate maximum size or retention period. |
| (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. |
| Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command. |
| Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field. |
| Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command. |
| Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. |
| Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin. |
| Sun SunOS 4.1 through 4.1.3 allows local attackers to gain root access via insecure permissions on files and directories such as crash. |
| Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html. |