Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long...
Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcurso...
PHP remote file inclusion vulnerability in Squirrelmail 1.2.6 allows remote attackers to execute arbitrary code via "URL manipulation."
Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with ...
Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line a...
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remo...
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code b...
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache or conduct certain attacks via headers that do not follow the HTTP specificati...
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to by...
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs af...
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using ...
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed...
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protectio...
changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication or NT domain authentication enabled, does not limi...
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary...
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed ima...
Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header ...
Buffer overflow in unarj before 2.63a-r2 allows remote attackers to execute arbitrary code via an arj archive that contains long filenames.
NetOp Host before 7.65 build 2004278 allows remote attackers to obtain sensitive hostname, username and local IP address information via (1) a NetOp H...
Unknown vulnerability in MySQL 3.23.58 and earlier, when a local user has privileges for a database whose name includes a "_" (underscore), grants pri...
FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (core dump) via malformed USR vendor-specific attributes (VSA) that cause...
Memory leak in FreeRADIUS before 1.0.1 allows remote attackers to cause a denial of service (memory exhaustion) via a series of Access-Request packets...
Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which al...
Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (applicat...
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via cer...
stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbit...
The (1) autopoint and (2) gettextize scripts in the GNU gettext package 1.14 and later versions, as used in Trustix Secure Linux 1.5 through 2.1 and o...
The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, an...
The catchsegv script in glibc 2.3.2 and earlier allows local users to overwrite files via a symlink attack on temporary files.
The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems...
The (1) gzexe, (2) zdiff, and (3) znew scripts in the gzip package, as used by other packages such as ncompress, allows local users to overwrite files...
The krb5-send-pr script in the kerberos5 (krb5) package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local us...
The lvmcreate_initrd script in the lvm package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to ov...
The netatalk package in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlin...
The der_chop script in the openssl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files v...
Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a s...
The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.
Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sit...
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, a...
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute...
awstats.pl in AWStats 6.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) "pluginmode", (2) "loadplugin", or...
Multiple directory traversal vulnerabilities in ArGoSoft Mail Server 1.8.7.3 allow remote authenticated users to read, delete, or upload arbitrary fil...
lspath in AIX 5.2, 5.3, and possibly earlier versions, does not drop privileges before processing the -f option, which allows local users to read one ...
Unknown vulnerability in BIND 9.2.0 in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to cause a denial of service.
Buffer overflow in pcdsvgaview in xpcd 2.08 allows local users to execute arbitrary code.
vsdatant.sys in Zone Lab ZoneAlarm before 5.5.062.011, ZoneAlarm Wireless before 5.5.080.000, Check Point Integrity Client 4.x before 4.5.122.000 and ...
The Quake 3 engine, as used in multiple game packages, allows remote attackers to cause a denial of service (shutdown game server) and possibly crash ...
A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information ...
CitrusDB 0.3.6 and earlier generates easily predictable MD5 hashes of the user name for the id_hash cookie, which allows remote attackers to bypass au...
CitrusDB 0.3.6 and earlier does not verify authorization for the (1) importcc.php and (2) uploadcc.php, which allows remote attackers to upload credit...
SQL injection vulnerability in importcc.php for CitrusDB 0.3.6 and earlier allows remote attackers to inject data via the fields of a CSV file.
Directory traversal vulnerability in index.php for CitrusDB 0.3.6 and earlier allows remote attackers and local users to include arbitrary PHP files v...
VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which...
Thunderbird 0.6 through 0.9 and Mozilla 1.7 through 1.7.3 does not obey the network.cookie.disableCookieForMailNews preference, which could allow remo...
The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be sw...
Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to (1) db.php, (2) mainfile.php, (3...
Multiple cross-site scripting (XSS) vulnerabilities in Php-Nuke 7.5 allow remote attackers to inject arbitrary HTML or web script via (1) the newdownl...
Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (hang) via a flood of certain ARP packets.
Unknown vulnerability in typespeed 0.4.1 and earlier allows local users to gain privileges.
Multiple cross-site scripting (XSS) vulnerabilities in Microsoft ASP.NET (.Net) 1.0 and 1.1 to SP1 allow remote attackers to inject arbitrary HTML or ...
The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the s...
Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could...
Cross-site scripting (XSS) vulnerability in MercuryBoard 1.0.x and 1.1.x allows remote attackers to inject arbitrary HTML and web script via the f par...
The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a maliciou...
Directory traversal vulnerability in Xinkaa 1.0.3 and earlier allows remote attackers to read arbitrary files via (1) ../ and (2) ..\ characters in an...
ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut (.LNK) file, using SI...
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to...
Cross-site scripting (XSS) vulnerability in ZeroBoard allows remote attackers to inject arbitrary web script or HTML via the (1) sn1, (2) year, or (3)...
PHP remote file inclusion vulnerability in mail_autocheck.php in the Email This Entry add-on for pMachine Pro 2.4, and possibly other versions includi...
Gigafast router (aka CompUSA router) with the DNS proxy option enabled allows remote attackers to cause a denial of service via malformed DNS queries.
Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly...
The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the ...
Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the fi...
uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privile...
misc.php for vBulletin 3.0.6 and earlier, when "Add Template Name in HTML Comments" is enabled, allows remote attackers to execute arbitrary PHP code ...
PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute arbitrary PHP code by modifying the mosConfig_abs...
Multiple SQL injection vulnerabilities in page.php for iGeneric (iG) Shop 1.2 may allow remote attackers to execute arbitrary SQL statements via the (...
Multiple buffer overflows in unace 1.2b allow attackers to execute arbitrary code via (1) 2 overflows in ACE archives, (2) a long command line argumen...
Multiple directory traversal vulnerabilities in unace 1.2b allow attackers to overwrite arbitrary files via an ACE archive containing (1) ../ sequence...
Cross-site scripting (XSS) vulnerability in Verity Ultraseek before 5.3.3 allows remote attackers to inject arbitrary HTML and web script via search p...
Cross-site request forgery (CSRF) vulnerability in MediaWiki 1.3.x before 1.3.11 and 1.4 beta before 1.4 rc1 allows remote attackers to perform unauth...
Some futex functions in futex.c for Linux kernel 2.6.x perform get_user calls while holding the mmap_sem semaphore, which could allow local users to c...
The logging feature in kcms_configure in the KCMS package on Solaris 8 and 9, and possibly other versions, allows local users to corrupt arbitrary fil...
The ImageGalleryPlugin (ImageGalleryPlugin.pm) in Twiki allows remote attackers to execute arbitrary commands via certain commands that generate thumb...
PeerFTP_5 stores sensitive information such as passwords in plaintext in the PeerFTP.ini files, which allows local users to gain privileges.
eXeem 0.21 stores sensitive information such as passwords in plaintext in the Exeem registry key, which allows local users to gain privileges via the ...
ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vul...
SendLink 1.5 stores sensitive information, possibly including passwords, in plaintext in the data.eat file, which allows local users to gain privilege...
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via (1) the strServer, cf...
Unknown vulnerability in ftpd on HP-UX B.11.00, B.11.04, B.11.11, B.11.22, and B.11.23 allows remote authenticated users to gain "unauthorized access ...
The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial o...
Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause...
bsmtpd 2.3 and earlier does not properly sanitize e-mail addresses, which allows remote attackers to execute arbitrary commands.
nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTHORITY environment variable is not set, which allows local users to access the X ...
cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd...
The web management interface for Mitel 3300 Integrated Communications Platform (ICP) before 4.2.2.11 allows remote authenticated users to cause a deni...
viewtopic.php in phpBB 2.0.12 and earlier allows remote attackers to obtain sensitive information via a highlight parameter containing invalid regular...
Heap-based buffer overflow in server.cpp for WebMod 0.47 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a...
Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files.
Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary...
Einstein 1.0.1 stores sensitive information such as usernames and passwords in plaintext in the registry, which allows local users to gain privileges.
reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost ...
reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd.