Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.
CVSS Score
7.2
EPSS Score
0.853
Published
2009-05-14
Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file.
CVSS Score
9.3
EPSS Score
0.367
Published
2008-06-24
The init.d script for the X.Org X11 xfs font server on various Linux distributions might allow local users to change the permissions of arbitrary files via a symlink attack on the /tmp/.font-unix temporary file.
CVSS Score
6.2
EPSS Score
0.001
Published
2007-07-15
The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a "view source" or other operation to obtain the web page. NOTE: there are limited circumstances under which such an attack is feasible.
CVSS Score
4.3
EPSS Score
0.003
Published
2007-03-15
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access.
CVSS Score
2.1
EPSS Score
0.0
Published
2003-12-31
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
CVSS Score
2.1
EPSS Score
0.001
Published
2003-08-27
The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-08-27
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
CVSS Score
7.5
EPSS Score
0.255
Published
2003-07-24
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
CVSS Score
7.2
EPSS Score
0.001
Published
2003-06-16
Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").
CVSS Score
5.0
EPSS Score
0.017
Published
2003-06-16
Page 1