CVE List for January 2011 (396 vulnerabilities)

MHonArc 2.6.16 allows remote attackers to cause a denial of service (CPU consumption) via start tags that are placed within other start tags, as demon...

drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 on ThinkPad devices, when the X.Org X server is used, does not properly restric...

The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, which allows remote attackers to cause a denial of ser...

The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local user...

net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain structure members, which allows local users to obtai...

The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to ...

Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of ...

Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted...

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local users to cause a denial of service (panic) via a ...

Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attacker...

Cross-site scripting (XSS) vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to inject arbitrary web scri...

admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive information via an invalid db_type parameter, which ...

Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to include and execute arbitrary lo...

Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in MHonArc 2.6.16 allows remote attackers to inject arbitrary web script or HTML via a ma...

Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used in WordPress before 3.0.4, allow remote attackers to inject arbitrary web script ...

The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows local users to cause a denial of service (panic) via ...

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allow remote attackers to cause a denial of service (ASDM sys...

Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in...

directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allows remote authenticated users to cause a denial of...

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008...

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8....

The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of serv...

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow remote attackers to cause a denial of service (blo...

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allow remote attackers to cause a denial of service via ...

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allows remote attackers to ...

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET con...

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote authenticated user...

emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of service...

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permit packets to pass before the configuration has been load...

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OC...

The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permits the viewing of CIFS shar...

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to bypas...

Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) allows remote attackers to cause a denial of s...

Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers t...

Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a den...

CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an exte...

Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (...

Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (...

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other ...

Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via ...

elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGI...

ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LD_AUDIT environment va...

Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Nove...

Multiple SQL injection vulnerabilities in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 an...

Cross-site scripting (XSS) vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 ...

Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatal...

Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and Active...

Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of ...

The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote au...

Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumpti...

Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REG...

Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP co...

Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass ...

CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a "peculiar" request...

STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which all...

Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a ...

Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2...

Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assis...

Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-a...

Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers t...

ActiveCollab before 2.3.2 allows remote authenticated users to bypass intended access restrictions, and (1) delete an attachment or (2) subscribe to a...

Cross-site scripting (XSS) vulnerability in NetWin Surgemail before 4.3g allows remote attackers to inject arbitrary web script or HTML via the userna...

Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service...

Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 and r12.5 SP2 rollup, CA XOsoft High Availability r12.0 SP1 and r12.5 SP2 rollu...

Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web scri...

Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) al...

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) do not properly preserve ACL behavior after a migration, whic...

The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly a...

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause...

Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) allows remote attackers to cause...

Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to exec...

Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors re...

Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-middle attackers to execute arbitrary code or cause...

The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not properly restric...

The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, and 1.3.x before 1.3 beta 1 does not validate the ...

Multiple cross-site scripting (XSS) vulnerabilities in Piwik before 1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified ...

The Piwik_Common::getIP function in Piwik before 1.1 does not properly determine the client IP address, which allows remote attackers to bypass intend...

Piwik before 1.1 does not prevent the rendering of the login form inside a frame in a third-party HTML document, which makes it easier for remote atta...

Cookie.php in Piwik before 1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to ...

Piwik before 1.1 does not properly limit the number of files stored under tmp/sessions/, which might allow remote attackers to cause a denial of servi...

Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via...

Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, a...

Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and poss...

Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) in Linux kernel 2.6.35 allows local users to cause a denial of service (crash) an...

Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote attackers to obtain the source code for .aspx (ASP.N...

The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does no...

The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c in Xen before 3.4.0 for the Linux kernel 2.6.18, ...

Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure member, which allows local users to obtain potential...

Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to ca...

strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to...

Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier allow remote attackers to inject arbitrary web scri...

MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vecto...

Cross-site scripting (XSS) vulnerability in the com_search module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web scr...

pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary files via a symlink attack on (1) pimd.dump when a US...

dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assisted remote attackers to modify arbitrary files via a symlink attack on unspecified file...

Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0, 2.5.4.0, and other versions allows local users, and possibly remote attackers, ...

Stack-based buffer overflow in NetSupport Manager Agent for Linux 11.00, for Solaris 9.50, and for Mac OS X 11.00 allows remote attackers to execute a...

Directory traversal vulnerability in module.php in PhpGedView 4.2.3 and possibly other versions, when magic_quotes_gpc is disabled, allows remote atta...

Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP p...

SQL injection vulnerability in the store function in _phenotype/system/class/PhenoTypeDataObject.class.php in Phenotype CMS 3.0 allows remote attacker...

storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertio...

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join q...

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL argu...

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLO...

Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables with ...

Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the ...

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXP...

Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authe...

The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web for...

Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in SGX-SP Final before 11.00 and SGX-SP Final NE before 11.00 allow remote attackers t...

Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windo...

Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation f...

Heap-based buffer overflow in IBM WebSphere MQ 6.0 before 6.0.2.11 and 7.0 before 7.0.1.5 allows remote authenticated users to execute arbitrary code ...

Cross-site scripting (XSS) vulnerability in the Servlet Engine / Web Container component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35...

The Administrative Console component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.35 and 7.0 before 7.0.0.15 does not properly restrict ...

The PolyVision RoomWizard with firmware 3.2.3 has a default password of roomwizard for the administrator account, which makes it easier for remote att...

Unspecified vulnerability in Research In Motion (RIM) BlackBerry Device Software before 6.0.0 allows remote attackers to cause a denial of service (br...

Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server...

The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has un...

SQL injection vulnerability in inc/tinybb-settings.php in tinyBB 1.2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary ...

Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote at...

The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets,...

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow r...

SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

Contents-Mall before 15 does not properly handle passwords, which allows remote attackers to discover the administrative password, and consequently ob...

The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to ...

Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, all...

The load_mixer_volumes function in sound/oss/soundcard.c in the OSS sound subsystem in the Linux kernel before 2.6.37 incorrectly expects that a certa...

Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local use...

Unspecified vulnerability in CrawlTrack before 3.2.7, when a public stats page is provided, allows remote attackers to execute arbitrary PHP code via ...

Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remot...

Unspecified vulnerability in jovgraph.exe in jovgraph in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute ar...

Buffer overflow in the stringToSeconds function in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows re...

Multiple stack-based buffer overflows in ovas.exe in the OVAS service in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attacker...

Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code...

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a...

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a...

Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary c...

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a...

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a...

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrar...

The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote atta...

Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application cra...

The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/c...

Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long com...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle extensions notification, which allows remote attackers to cau...

The node-iteration implementation in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 does not properly handle pointers, which allows...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle the printing of PDF documents, which allows user-assisted rem...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction w...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction w...

Use-after-free vulnerability in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allow remote attackers to cause a denial of service (stack memory corruption) or pos...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attacker...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle SVG use elements, which allows remote attackers to cause a de...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly interact with extensions, which allows remote attackers to cause a d...

Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.34...

Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly ...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of anchors...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of video, ...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a d...

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitra...

Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or ...

A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as distributed in gif2png-2.5.1-1200.fc12 on Fedora 12 and gif2png_2.5.2-1 on Debian ...

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a den...

Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of s...

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user...

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and...

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a p...

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a q...

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (infinite loop) via multiple invocations o...

The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remote authenticated users to cause a denial of servic...

SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute...

include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not properly implement exception fixup, which allows local users to cause a denial of s...

The _validatePost function in libs/controller/components/security.php in CakePHP 1.3.x through 1.3.5 and 1.2.8 allows remote attackers to modify the i...

The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/gnash-configure-errors.$$, (2...

Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted From address,...

The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise Edition 9.2-49.8 and earlier, and the NTLM authent...

Hastymail2 before RC 8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture ...

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_orde...

The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when S...

Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possi...

Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibl...

Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 allows remote attackers to inject arbitrary web script or HTML via a crafted backgr...

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_orde...

check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change b...

Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, relate...

pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code vi...

Cross-site scripting (XSS) vulnerability in cognos.cgi in IBM Cognos 8 Business Intelligence (BI) 8.4.1 before FP1 allows remote attackers to inject a...

ICQ 7 does not verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a crafted file that is fetch...

Stack-based buffer overflow in NTWebServer.exe in the test web service in InduSoft NTWebServer, as distributed in Advantech Studio 6.1 and InduSoft We...

The server components in Objectivity/DB 10.0 do not require authentication for administrative commands, which allows remote attackers to modify data, ...

PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placi...

Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial ...

Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of se...

The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the icon...

The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fet...

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly check the amount of compression in zlib-compressed data, which allows remote a...

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive i...

Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corru...

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to Libevent within Libevent log handlers, which might allow remote attackers to caus...

The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, whi...

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (assertion failure and daemon exit) via blo...

Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remote attackers to cause a denial of service (assertion failure and daemon exit) vi...

Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-A...

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previ...

Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote authenticated users to aff...

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, and 10.3.3 allows remot...

Unspecified vulnerability in Oracle Solaris 9 allows local users to affect confidentiality and integrity via unknown vectors related to XScreenSaver.

Unspecified vulnerability in the Oracle Common Applications component in Oracle Applications 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, and 12...

Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 10.1.2.3, 11.1.1.2.0, and 11.1.1.3.0 allows remote authentica...

Unspecified vulnerability in the Oracle Application Object Library component in Oracle Applications 11.5.10.2, 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2,...

Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users...

Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect...

Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect...

Unspecified vulnerability in the Health Sciences - Oracle Argus Safety component in Oracle Industry Applications 5.0, 5.0.1, 5.0.2, and 5.0.3 allows r...

Unspecified vulnerability in the Real User Experience Insight component in Oracle Enterprise Manager Grid Control 6.0 allows remote attackers to affec...

Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect...

Unspecified vulnerability in the mod_ssl component in Oracle Secure Backup 10.3.0.2 allows remote attackers to affect integrity and availability via u...

Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.0 allows local users to affect availability, r...

Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect...

Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 allows remote attackers to affect...

Unspecified vulnerability in the Client System Analyzer component in Oracle Database Server 11.1.0.7 and 11.2.0.1 and Enterprise Manager Grid Control ...

Unspecified vulnerability in the Scheduler Agent component in Oracle Database Server 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect...

Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors re...

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors...

Unspecified vulnerability in the Oracle GoldenGate Veridata component in Oracle Fusion Middleware 3.0.0.4 allows remote attackers to affect availabili...

Unspecified vulnerability in the Services for Beehive component in Oracle Fusion Middleware 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, and 2.0.1.3 allows r...

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.50.11 through 8.50.15 and 8.51...

Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #31 and 9.1 Bundle #6 allows ...

Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows local ...

Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote...

Unspecified vulnerability in the Cluster Verify Utility component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, when running o...

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.0 through 8.49.29, 8.50.0 t...

Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.3.2, 10.1.3.4.0, and 10.1.3.4.1 allows remote authen...

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.0 through 8.49.29, 8.50.0 t...

Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4.0, 10.1.3.4.1, and 11.1.1.3 allows remote authenti...

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 9.0 Update 2010-F allows remote authent...

Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote authenticated users to aff...

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 9.1 Update 2010-F allows remote authent...

Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related...

Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Products Suite 5.5.06, 6.0, 6.1, and 6.2 allows remote...

Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality via unknown vectors related to Ethernet and the Drive...

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.50.0 through 8.50.14 and 8.51....

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CD...

Unspecified vulnerability in Oracle Sun Management Center (SunMC) 4.0 allows remote attackers to affect confidentiality via unknown vectors related to...

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remot...

Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4.1 allows local users to affect confidentiality, i...

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #14 and 9.1 Bundle #4 allows...

Unspecified vulnerability in Oracle 10 and 11 Express allows local users to affect availability via unknown vectors related to the Kernel.

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 9.1 Bundle #4 allows remote authenticat...

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability via unknown vectors related to the Kernel.

Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availability, related to Kernel/NFS.

Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 allows remote attackers to affect confidentiality,...

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #14 and 9.1 Bundle #4 allows...

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to RDS and Kernel/InfiniB...

Unspecified vulnerability in the Audit Vault component in Oracle Audit Vault 10.2.3.2 allows remote attackers to affect confidentiality, integrity, an...

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7, 8.1.6, 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3....

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 and 11.1.1.3 allows remote attackers to affect conf...

Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to affect integrity via unknown vectors...

Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availability, related to SMB and CIFS.

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, related to ZFS.

Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors related to SCTP and Kernel/sockfs...

Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Fault Manager...

Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #23, 9.0 Bundle #14, and 9.1...

Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to...

Ruby Version Manager (RVM) before 1.2.1 writes file contents to a terminal without sanitizing non-printable characters, which might allow remote attac...

Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and earlier, P up bo...

Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject ar...

Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux Imaging and Printing (HPLIP) 1.6.7, 3.9.8, 3.10.9...

Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) defau...

ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink attack on temporary files that are generated when Cune...

The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermi...

Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows ...

SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via un...

SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId pa...

A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers f...

Stack-based buffer overflow in the ast_uri_encode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1....

Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpa...

Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpa...

Stack-based buffer overflow in Nokia Multimedia Player 1.00.55.5010, and possibly other versions, allows user-assisted remote attackers to cause a den...

Buffer overflow in VideoSpirit Pro 1.6.8.1 and possibly earlier versions, and VideoSpirit Lite 1.4.0.1 and possibly other versions, allows user-assist...

Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote a...

Stack-based buffer overflow in Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attac...

Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to cause a denial of servi...

Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1, and probably earlier versions allows remote attackers to hijack the authentica...

Multiple cross-site scripting (XSS) vulnerabilities in VaM Shop 1.6, 1.6.1, and probably earlier versions llow remote attackers to inject arbitrary we...

Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote...

Directory traversal vulnerability in modules/profile/user.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote attackers to execute arbitrary code via...

FTPService.exe in Blackmoon FTP 3.1 Build 1735 and Build 1736 (3.1.7.1736), and possibly other versions before 3.1.8.1737, allows remote attackers to ...

Cross-site scripting (XSS) vulnerability in system/modules/comments/Comments.php in Contao CMS 2.9.2, and possibly other versions before 2.9.3, allows...

Cross-site scripting (XSS) vulnerability in Vaadin before 6.4.9 allows remote attackers to inject arbitrary web script or HTML via unknown vectors rel...

SQL injection vulnerability in cart.php in Advanced Webhost Billing System (AWBS) 2.9.2 and possibly earlier allows remote attackers to execute arbitr...

SQL injection vulnerability in the allCineVid component (com_allcinevid) 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands v...

SQL injection vulnerability in team.php in the Teams Structure module 3.0 for PHP-Fusion allows remote attackers to execute arbitrary SQL commands via...

DCR.sys driver in SecurStar DriveCrypt 5.4, 5.3, and earlier allows local users to execute arbitrary code via a crafted argument to the 0x00073800 IOC...

The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large dat...

KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 allows local users to cause a denial of service (crash) via a crafted request th...

SQL injection vulnerability in mainx_a.php in E-PROMPT C BetMore Site Suite 4.0 through 4.2.0 allows remote attackers to execute arbitrary SQL command...

Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a de...

Directory traversal vulnerability in core/lib/router.php in LotusCMS Fraise 3.0, when magic_quotes_gpc is disabled, allows remote attackers to include...

SQL injection vulnerability in gallery.php in Gallarific PHP Photo Gallery script 2.1 and possibly other versions allows remote attackers to execute a...

The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layout...

FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a s...

The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a deni...

fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and ...

libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via...

Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecif...

libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtai...

Static code injection vulnerability in Simploo CMS 1.7.1 and earlier allows remote authenticated users to inject arbitrary PHP code into config/custom...

The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer drivers for Linux 260.19.26, and possibly other versio...

The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, ...

The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not perform the required setfsgid ...

The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) 1.1.2 does not check the return value of the ...

The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges during read access to files and directories that belo...

pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during exe...

Untrusted search path vulnerability in Lunascape before 6.4.0 allows local users to gain privileges via a Trojan horse DLL in the current working dire...

Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when th...

Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 7.x through 7.55 and 8.x through 8.05, and Business Service Manageme...

Buffer overflow in the web-based management interface on the Cisco Linksys WRT54GC router with firmware before 1.06.1 allows remote attackers to cause...

CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dep...

The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure t...

The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a re...

The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users ...

The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify th...

The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a d...

Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before 3.0 and beta allows remote authenticated users wit...

Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified m...

The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause...

Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-as...

Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assis...

The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, whic...

The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 does not properly determine whether a file is a named pipe, which allows local ...

Best Practical Solutions RT 3.x before 3.8.9rc2 and 4.x before 4.0.0rc4 uses the MD5 algorithm for password hashes, which makes it easier for context-...

Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of...

Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/admin.php in the StatPressCN plugin 1.9.0 for WordPress allow remote attackers to inje...

Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0 allows remote attackers to hijack the authentication ...

Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link Directory (phpLD) 4.1.0 allows remote attackers to hijack the...

SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the...

SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the where_time parameter in a ...

SQL injection vulnerability in viewfaqs.php in PHP LOW BIDS allows remote attackers to execute arbitrary SQL commands via the cat parameter.

Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 does not properly handle whitespace preceding a (1) javascrip...

Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2 does not properl...

Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML vi...

Cross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers ...

CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 allows remote at...

Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (cras...

The email function in manage_sql.c in OpenVAS Manager 1.0.x through 1.0.3 and 2.0.x through 2.0rc2 allows remote authenticated users to execute arbitr...

Multiple cross-site request forgery (CSRF) vulnerabilities in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2...

Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 creates a clickable link for a (1) javascript: or (2) data: U...

Balabit syslog-ng 2.0, 3.0, 3.1, 3.2 OSE and PE, when running on FreeBSD or HP-UX, does not properly perform cast operations, which causes syslog-ng t...

The compress_add_dlabel_points function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a de...

Cross-site request forgery (CSRF) vulnerability in Greenbone Security Assistant (GSA) before 2.0+rc3 allows remote attackers to hijack the authenticat...

Buffer overflow in the key exchange functionality in Icon Labs Iconfidant SSL Server before 1.3.0 allows remote attackers to execute arbitrary code vi...

lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a denial of service (crash) via a crafted 0x80000064 IO...

Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code ...

Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitra...

Cross-site scripting (XSS) vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web ...

Unspecified vulnerability in HP OpenView Storage Data Protector 6.0, 6.10, and 6.11 allows remote attackers to cause a denial of service via unknown v...

Unrestricted file upload vulnerability in the EasyEdit module in Lomtec ActiveWeb Professional 3.0 allows remote attackers to execute arbitrary code b...

IBM WebSphere Portal 6.0.1.1 through 7.0.0.0, as used in IBM Lotus Web Content Management (WCM) and IBM Lotus Quickr for WebSphere Portal, allows remo...

Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x be...

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers t...

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or...

Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a ...

Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (applicat...

Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (applicat...

The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number ...

Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attac...

soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges...

Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application...

Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application...

Cisco IOS 12.4(11)MD, 12.4(15)MD, 12.4(22)MD, 12.4(24)MD before 12.4(24)MD3, 12.4(22)MDA before 12.4(22)MDA5, and 12.4(24)MDA before 12.4(24)MDA3 on t...

Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote ...

Unspecified vulnerability in Cisco IOS 12.4(24)MD before 12.4(24)MD2 on the Cisco Content Services Gateway Second Generation (aka CSG2) allows remote ...

Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to...

Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execu...

Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary...

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header t...

Multiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agent components in Novell GroupWise before 8.02HP all...

Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary w...

Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote a...

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2,...

The downloads manager in Opera before 11.01 on Windows does not properly determine the pathname of the filesystem-viewing application, which allows us...

data/WorkingMessage.java in the Mms application in Android before 2.2.2 and 2.3.x before 2.3.2 does not properly manage the draft cache, which allows ...

Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x...

HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Sy...

Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x before 14.0.2, and RealPlayer SP 1.0 through 1.1.5, ...

The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers...

The Cascading Style Sheets (CSS) Extensions for XML implementation in Opera before 11.01 recognizes links to javascript: URLs in the -o-link property,...

Integer truncation error in opera.dll in Opera before 11.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory cor...

Opera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remote attackers to conduct clickjacking attacks via a...

Opera before 11.01 does not properly handle redirections and unspecified other HTTP responses, which allows remote web servers to obtain sufficient ac...

The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow ph...

Unspecified vulnerability in Opera before 11.01 allows remote attackers to cause a denial of service (application crash) via unknown content on a web ...

Opera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, which allows user-assisted remote attackers to caus...

Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center...