Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.
The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.
Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.
Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0517, CVE-2014-0519, and CVE-2014-0520.
Adobe Flash Player before 13.0.0.214 on Windows and OS X and before 11.2.202.359 on Linux, Adobe AIR SDK before 13.0.0.111, and Adobe AIR SDK & Compiler before 13.0.0.111 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0518, CVE-2014-0519, and CVE-2014-0520.
The apt-get download command in APT before 1.0.9 does not properly validate signatures for packages, which allows remote attackers to execute arbitrary code via a crafted package.
IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected.
The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.
Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command.
A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email.
Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6748.
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin.
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.
The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.
Buffer overflow in the ActiveX control in qp2.cab in IBM Lotus Quickr for Domino 8.5.1 before 8.5.1.42-001b allows remote attackers to execute arbitrary code via a crafted HTML document, a different vulnerability than CVE-2013-6749.
genfilt in the AIX Packet Filtering Module does not properly filter traffic to destination ports greater than 32767.
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.
An SNMP community name is the default (e.g. public), null, or missing.
Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581.
rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd.
The Lotus Notes 4.5 client may send a copy of encrypted mail in the clear across the network if the user does not set the "Encrypt Saved Mail" preference.
AIX batch queue (bsh) allows local and remote users to gain additional privileges when network printing is enabled.
In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution.
Buffer overflow in NLS (Natural Language Service).
IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system.
Vacation program allows command execution by remote users through a sendmail command.
FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce.
The portmapper may act as a proxy and redirect service requests from an attacker, making the request appear to come from the local host, possibly bypassing authentication that would otherwise have taken place. For example, NFS file systems could be mounted through the portmapper despite export restrictions.
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts.
IBM dashDB Local uses hard-coded credentials that could allow a remote attacker to gain access to the Docker container or database.
The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities.
SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM X-Force ID: 84116.
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have a Command injection vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command.
Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided to the syslog function when the wall command cannot be executed.
IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 164064.
IBM API Connect's Developer Portal 2018.1 and 2018.4.1.3 is impacted by a privilege escalation vulnerability when integrated with an OpenID Connect (OIDC) user registry. IBM X-Force ID: 158544.
IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 164067.
IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 171511.
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-ForceID: 155998.
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 166801.
IBM BigFix WebUI Profile Management 6 and Software Distribution 23 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 155886.
IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. IBM X-Force ID: 159352.