Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to conduct a denial of service through the ldap_search request.

A Windows NT user can disable the keyboard or mouse by directly calling the IOCTLs which control them.

A kernel leak in the OpenBSD kernel allows IPsec packets to be sent unencrypted.

An attacker can conduct a denial of service in Windows NT by executing a program with a malformed file image header.

When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page".

Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function.

The Windows NT Client Server Runtime Subsystem (CSRSS) can be subjected to a denial of service when all worker threads are waiting for user input.

The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages.

Denial of service in Windows NT Local Security Authority (LSA) through a malformed LSA request.

The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users.

The Guile plugin for the Gnumeric spreadsheet package allows attackers to execute arbitrary code.

IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain administrator privileges by changing the GroupMapping registry key.

A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.

Buffer overflow in Windows NT 4.0 help file utility via a malformed help file.

Buffer overflow in Remote Access Service (RAS) client allows an attacker to execute commands or cause a denial of service via a malformed phonebook entry.

Vulnerability in Compaq Tru64 UNIX edauth command.

The dtlogin program in Compaq Tru64 UNIX allows local users to gain root privileges.

A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.

The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root.

The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems.