CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
The vulnerability in strace allows local users to read arbitrary files via memory mapped file names.
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.
Cisco Cache Engine allows a remote attacker to gain access via a null username and password.
SSH server version 1.2.27 allows a client to use the 'none' cipher, even if it is not permitted by the server policy.
The PPP wvdial.lxdialog script in wvdial version 1.4 and earlier creates a .config file with world readable permissions, allowing a local attacker in the dialout group to access login and password information.
Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system.
Sendmail allows local users to reinitialize the aliases database via the newaliases command, which can lead to denial of service by interrupting Sendmail.
Error messages generated by gdm with the VerboseAuth setting allow an attacker to identify valid users on a system.
Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command.
The default permissions for UnixWare in the /var/mail directory allow local users to read and modify other users' mail.
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
The default permissions for Endymion MailMan allow local users to read email or modify files.
Insecure directory permissions in RPM distribution for PostgreSQL allow local users to gain privileges by reading a plaintext password file.
Debian GNU/Linux 2.1 has an issue with restoring symlinks, allowing a local user to modify the ownership of arbitrary files.
A vulnerability in Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.
The gdc program in FreeBSD allows local users to modify files via a symlink attack.
Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.
The gpm program in Linux allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
CVE-1999-0851 vulnerability affects BIND service, which can be exploited for a denial of service (DoS) attack via NAPTR records.

