111.5K CVEs classified as high severity
AAA authentication on Cisco systems allows attackers to execute commands without authorization.
The WinGate proxy is installed without a password, which allows remote attackers to redirect connections without authentication.
Vulnerability in the Wguest CGI program.
In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages.
Denial of service in telnet from the Windows NT Resource Kit, by opening then immediately closing a connection.
Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
The Java Web Server would allow remote users to obtain the source code for CGI programs.
Remote command execution in Microsoft Internet Explorer using .lnk and .url files.
Excite for Web Servers (EWS) allows remote command execution via shell metacharacters.
The WorkMan program can be used to overwrite any file to get root access.
mSQL v2.0.1 and below allows remote execution through a buffer overflow.
MetaInfo MetaWeb web server allows users to upload, execute, and read scripts.
Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution.
The info2www CGI script allows remote file access or remote command execution.
Hylafax faxsurvey CGI script on Linux allows remote attackers to execute arbitrary commands via shell metacharacters in the query string.
The jj CGI program allows command execution via shell metacharacters.
Buffer overflow in War FTP allows remote execution of commands.
Buffer overflow in ircd allows arbitrary command execution.
A hidden SNMP community string in HP OpenView allows remote attackers to modify MIB tables and obtain sensitive information.
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to read source code for ASP programs by using a %2e instead of a . (dot) in the URL.
Buffer overflow in listserv allows arbitrary command execution.
Denial of service in Qmail through long SMTP commands.
Windows NT RSHSVC program allows remote users to execute arbitrary commands.
A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.