CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
The chargen service is running, which may lead to unauthorized use of system resources.
The rstat/rstatd service is running, which may lead to unauthorized access to system information.
The rpc.sprayd service is running, which may lead to unauthorized access to the system.
WinGate is being used, which may lead to potential security threats.
The ident/identd service is running, which may lead to the disclosure of user information.
The daytime service is running, which may lead to unauthorized access to time-related information.
The systat service is running, which may lead to the disclosure of system information.
The echo service is running, which may lead to information disclosure.
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
The PIM software for Royal daVinci does not properly password-protect access to data stored in the .mdb (Microsoft Access) file, allowing local users to read the data without a password by directly accessing the files with another application, such as Access.
Anonymous FTP is enabled, allowing users to access files without authentication.
A network service is running on a nonstandard port, which may lead to difficulties in detection and monitoring.
Linux versions 2.1.132 and earlier allow local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.
Corel Word Perfect 8 for Linux creates a temporary working directory with world-writable permissions, allowing local users to modify Word Perfect behavior by editing files in the working directory or to modify other users' files via a symlink attack.
Internet Explorer versions 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, known as frame spoofing.
KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, known as untrusted scripted paste.
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the 'Cross Frame Navigate' vulnerability.
Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases.
The dumpreg program in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, allowing local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.

