CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
The vulnerability in cgiwrap used in Cobalt RaQ 2.0 and RaQ 3i involves improper user identification when running certain scripts. This allows a malicious site administrator to access data from another virtual site on the same system.
Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.
By default, Internet Explorer 5.0 and other versions enable the 'Navigate sub-frames across different domains' option, which allows frame spoofing.
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack.
Shell Lock in Cactus Software uses weak encryption, allowing attackers to easily decrypt and obtain the source code.
The vulnerability in FreeBSD VFS cache (vfs_cache) allows local users to cause a denial of service by opening a large number of files.
The SSH authentication agent follows symlinks via a UNIX domain socket.
sccw allows local users to read arbitrary files.
FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large number of socket pairs using the socketpair function, setting a large buffer size via setsockopt, then writing large buffers.
FreeBSD 3.2 and possibly other versions allow a local user to cause a denial of service (panic) by accessing an NFS v3 mounted directory from a large number of processes.
Trn allows local users to overwrite other users' files via symlinks.
The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.
CVE-1999-0747 is a Denial of Service vulnerability in BSDi Symmetric Multiprocessing (SMP) that occurs when an fstat call is made under high CPU load.
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
A race condition in the SSL ISAPI filter in IIS and other servers may lead to information leakage in plaintext.
CVE-1999-0694 vulnerability concerns the ptrace system call in AIX, allowing local users to crash the system.
OpenBSD, BSDI, and other Unix operating systems allow users to set chflags and fchflags on character and block devices.
Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems.
Joe's Own Editor (joe) version 2.8 sets world-readable permissions on its crash-save file, DEADJOE, which could allow local users to read files being edited by other users.

