Vulnerability Index: Year 2007

File Watch Vulnerability in Red Hat Enterprise Linux 4 Kernel 2.6.9 Heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 Vulnerability: Weak Password Hashes in Linux-PAM 0.99.7.0 NFS Client Vulnerability in RHEL 3: False Success Status and Sensitive Information Disclosure Buffer Overflow Vulnerabilities in Omnikey CardMan 4040 Driver in Linux Kernel Null Dereference Vulnerability in Linux Kernel 2.6.9-2.6.20 Local File Overwrite Vulnerability in GnuCash 2.0.4 and Earlier SSLv2 Integer Underflow Vulnerability Stack-based Buffer Overflow in SSLv2 Support in Mozilla Network Security Services (NSS) Denial of Service Vulnerability in GdkPixbufLoader Function in GTK+ 2 Session Hijacking Vulnerability in Citrix Access Gateway Denial of Service Vulnerability in Sun JRE 5.0 before Update 14 Java Class Loader Vulnerability: Decompilation via Modified defineClass Method Buffer Overflow in Apple QuickTime 7.1.3 via Long rtsp:// URI Remote Code Execution Vulnerability in MoviePlay 4.76 via Long Filename in LST File Format string vulnerabilities in CDDA and VCDX plugins of VideoLAN VLC 0.7.0 through 0.8.6 Stack-based buffer overflow in NCTAudioFile2.AudioFile ActiveX control allows remote code execution Heap-based Buffer Overflow Vulnerabilities in Rumpus FTP and HTTP Services Arbitrary Code Execution via Long ftps:// URL in Panic Transmit (Transmit.app) Remote Code Execution and Denial of Service Vulnerability in Apple iChat 3.1.6 Privilege Escalation via Untrusted Search Path in writeconfig on Apple Mac OS X 10.4.8 Privilege Escalation via CFUserNotificationSendRequest Function in UserNotificationCenter.app VML Buffer Overrun Vulnerability Stack-based Buffer Overflow in MFC Component Allows Remote Code Execution Remote Code Execution via Malformed OLE Object in Microsoft Windows Arbitrary Code Execution via Malformed IMDATA Records in Microsoft Excel Improper Memory Access Vulnerability in Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac Excel Malformed String Vulnerability Arbitrary Code Execution Vulnerability in Microsoft Excel 2000-2004 and Excel for Mac Heap-based Buffer Overflow in Microsoft Excel Allows Remote Code Execution via BIFF8 Spreadsheet User-Assisted Remote Code Execution Vulnerability in Microsoft Outlook 2002 and 2003 Microsoft Outlook Advanced Find Buffer Overflow Vulnerability Word Array Overflow Vulnerability Stack-based buffer overflow in animated cursor code in Microsoft Windows Microsoft Exchange Server Multiple X-MICROSOFT-CDO-MODPROPS Denial of Service Vulnerability Arbitrary Code Execution Vulnerability in Windows Active Directory LDAP Service Remote Code Execution Vulnerability in Microsoft .NET Framework PE Loader Service Null Byte Termination Vulnerability in ASP.NET .NET JIT Compiler Buffer Overflow Vulnerability Universal CSRF and Session Riding Vulnerability in Adobe Acrobat Reader Plugin Universal Cross-Site Scripting (UXSS) Vulnerabilities in Adobe Acrobat Reader Plugin Double Free Vulnerability in Adobe Acrobat Reader Plugin before 8.0.0 Allows Remote Code Execution via JavaScript URI Call CRLF Injection Vulnerability in Adobe Acrobat Reader Plugin Denial of Service Vulnerability in Adobe Acrobat Reader Plugin Remote Account Addition Vulnerability in Geckovich TaskTracker Pro 1.5 and Earlier OpenPinboard 2.0 PHP Remote File Inclusion Vulnerability Remote Code Execution Vulnerability in Apple iPhoto 6.0.5 (316) via Format String Specifiers in RSS iPhoto Feed Title SQL Injection Vulnerability in haberdetay.asp in Vizayn Haber: Remote Code Execution via id Parameter SQL Injection Vulnerability in ASP SiteWare autoDealer 2.0 and Earlier: Arbitrary SQL Command Execution via iPro Parameter Arbitrary Web Script Injection Vulnerability in Belchior Foundry vCard PRO Directory Traversal Vulnerability in Formbankserver 1.9 Allows Remote File Read Multiple Cross-Site Scripting (XSS) Vulnerabilities in AShop Deluxe 4.5 and AShop Administration Panel Shared Secret Authentication Key Vulnerability in Cisco Clean Access (CCA) 3.6.x - 4.0.3.2 Authentication Bypass and Arbitrary Database Backup Download in Cisco Clean Access Manager Cross-zone scripting vulnerability in Apple Quicktime 3 to 7.1.3 Remote Code Execution Vulnerability in CA Message Queuing Server Remote Code Execution via Malformed DHCP Packet Stack-based buffer overflow vulnerability in ISC dhcpd 3.0.x and 3.1.x, and VMware DHCP server in various products, allows remote attackers to cause a denial of service or execute arbitrary code via a malformed DHCP packet. Arbitrary Code Execution via DHCP Server Integer Underflow Windows Media Format Runtime Heap-based Buffer Overflow Vulnerability Heap-based Buffer Overflow in OLE Automation in Microsoft Windows and Office Windows Kernel TCP/IP/ICMP Vulnerability Denial of Service Vulnerability in Lotus Domino Web Server Privilege Escalation via Modified Signed Scheduled Agent in IBM Lotus Domino 7.0.x Windows Kernel TCP/IP/IGMPv3 and MLDv2 Vulnerability Integer Overflow Leading to Buffer Overflow in Adobe Flash Player Heap-based Buffer Overflow in Trend Micro ServerProtect 5.7 and 5.58 Remote Code Execution Vulnerability in Trend Micro ServerProtect 5.7 and 5.58 Remote Code Execution Vulnerability in Trend Micro ServerProtect 5.7 and 5.58 Insufficient Access Control in AspBB Allows Remote Download of User Password Database Insufficient Access Control in Openforum Allows Remote Download of User Passwords Insufficient Access Control Allows Remote Download of Sensitive Database Insufficient Access Control in BattleBlog Allows Remote Database Download Insecure Storage of Sensitive Information in rblog Buffer Overflow in FreeRadius SMB_Connect_Server Function Local Privilege Escalation Vulnerability in Sunbelt Kerio Personal Firewall Arbitrary PHP Script Execution Vulnerability in IMGallery 2.5 and Earlier Cross-site scripting (XSS) vulnerability in Nuked Klan 1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a .swf file Buffer Overflow in Windows NT Message Compiler (MC) 1.00.5239 on Microsoft Windows XP Unspecified privilege escalation vulnerability in OpenBSD VGA graphics driver Apache HTTP Server Denial of Service Vulnerability via Range Header Denial of Service via Large Window Size in Microsoft IIS OpenMedia Directory Traversal Vulnerabilities Insecure Storage of Sensitive Information in jgbbs Web Application Insecure Storage of Sensitive Information in WineGlass Web Application Insufficient Access Control in newsCMSlite Allows Remote Download of Password Database Arbitrary SQL Command Execution in E-SMARTCART 1.0 via productdetail.asp Arbitrary SQL Command Execution in Simple Web Content Management System via page.php Sensitive Information Exposure in Sven Moderow GuestBook 0.3a Information Disclosure Vulnerability in phpMyAdmin 2.9.1.1 Insufficient Access Control in CarbonCommunities Allows Unauthorized Database Download Stack-based buffer overflows in LoadTree and ReadHeader functions in PAISO.DLL 1.7.3.0 in ConeXware PowerArchiver 2006 9.64.02 Directory Traversal Vulnerability in VerliAdmin 0.3 and Earlier MSXML3 Module Race Condition Vulnerability Arbitrary File Overwrite Vulnerability in Perforce Client CSRF Vulnerability in SPINE Allows Unauthorized Actions as Administrators Adobe PDF Specification 1.3 Vulnerability in Apple Mac OS X Preview Adobe Acrobat PDF Specification 1.3 Remote Code Execution Vulnerability Adobe PDF Specification 1.3 Remote Code Execution Vulnerability CSAdmin Service Stack-based Buffer Overflow in Cisco Secure Access Control Server (ACS) Cross-site scripting (XSS) vulnerability in WordPress CSRF Protection Scheme SQL Injection Vulnerability in WordPress with mbstring Enabled User Profile Deletion Vulnerability in Novell Client 4.91 SP3 for Windows 2000/XP/2003 Information Disclosure and Brute Force Vulnerability in WordPress 2.0.5 and Earlier Arbitrary Script Injection in Novell Access Manager Identity Server Remote Code Execution Vulnerability in Resco Photo Viewer for PocketPC SQL Injection Vulnerability in createauction's cats.asp Allows Remote Code Execution Buffer Overflow Vulnerability in Packeteer PacketShaper PacketWise 8.x Information Disclosure Vulnerability in Sun Java System Content Delivery Server 5.0 and 5.0 PU1 Arbitrary PHP Code Execution via Static Code Injection in Coppermine Photo Gallery Insecure Storage of Sensitive Information in Digger Solutions Intranet Open Source (IOS) Privilege Escalation via DiskManagementTool in DiskManagement.framework Absolute Path Traversal Vulnerabilities in EditTag 1.2 Cross-Site Scripting (XSS) Vulnerabilities in EditTag 1.2 Denial of Service Vulnerability in Acunetix Web Vulnerability Scanner (WVS) 4.0 Build 20060717 and Earlier Cross-Site Scripting (XSS) Vulnerability in RI Blog 1.3's search.asp Multiple SQL Injection Vulnerabilities in Coppermine Photo Gallery 1.4.10 and Earlier Arbitrary PHP Script Execution via Unrestricted File Upload in Uber Uploader 4.2 Denial of Service Vulnerability in Drupal Page Cache Denial of Service Vulnerability in Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux Opera 9.02 Heap-Based Buffer Overflow Vulnerability Arbitrary Code Execution Vulnerability in Opera's JavaScript SVG Support SQL Injection Vulnerability in Digirez 3.4 and Earlier: Remote Code Execution via book_id Parameter in info_book.asp SQL Injection Vulnerability in LocazoList 2.01a beta5 and Earlier: Remote Code Execution via subcatID Parameter Arbitrary SQL Command Execution in iGeneric iG Calendar 1.0 via user.php Unauthenticated Remote Code Execution in JAMWiki before 0.5.0 Arbitrary SQL Command Execution in compare_product.php in iGeneric iG Shop 1.4 SQL Injection Vulnerabilities in iGeneric iG Shop 1.4 and Earlier: Remote Code Execution Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 and 1.4 Aratix 0.2.2 beta 11 PHP Remote File Inclusion Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Drupal 4.6.11 and 4.7.5 Unspecified Cross-Site Scripting (XSS) Vulnerability in SimpleBoxes/SerendipityNZ Serene Bach Denial of Service Vulnerability in Fersch Formbankserver 1.9 Unspecified Privilege Escalation Vulnerability in DECnet-Plus 7.3-2 for OpenVMS SQL Injection Vulnerability in Kolayindir Download (Yenionline) Down.asp Allows Remote Code Execution Arbitrary Script Injection in Yet Another Link Directory 1.0 SQL Injection Vulnerability in ShopStoreNow E-commerce Shopping Cart PHP Remote File Inclusion Vulnerabilities in NUNE News Script 2.0pre2 Arbitrary Web Script Injection Vulnerability in Digitizing Quote And Ordering System 1.0 PHP Remote File Inclusion Vulnerability in BinGoPHP News (BP News) 3.01 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Fix and Chips CMS 1.0 Improper Privilege Assignment in Cuyahoga before 1.0.1 OmniGroup OmniWeb 5.5.1 Format String Vulnerability in Javascript Alert Function Insufficient Access Control in eMembersPro 1.0 Allows Remote Password Database Download Dayfox Blog Multiple PHP Remote File Inclusion Vulnerabilities Insufficient Access Control Allows Remote Download of Sensitive Database Insufficient Access Control in OhhASP Allows Remote Password Database Download Insecure Storage of Sensitive Information in AJLogin 3.5 Insufficient Access Control Allows Remote Download of Sensitive Database Insufficient Access Control in HarikaOnline 2.0 Allows Remote Password Database Download Sensitive Information Exposure: Database Stored Under Web Document Root Buffer under-read vulnerability in neon URI parser (0.26.0-0.26.2) allows remote denial of service Buffer Underflow Vulnerability in thttpd 2007 Arbitrary File Overwrite Vulnerability in GeoIP 1.4.0 Stack-based Buffer Overflow in CenterICQ LiveJournal Support Insecure DACL Permissions in HP All-in-One Drivers Allow Privilege Escalation Insecure Permissions in Unsanity Application Enhancer (APE) 2.0.2 Authentication Bypass and Password Disclosure in SecureKit Steganography 1.7.1 and 1.8 Camouflage 1.2.1 Vulnerability: Password Information Embedding in Carrier File Denial of Service Vulnerability in libnsl in Sun Solaris 8 and 9 Symlink Attack Vulnerability in FreeBSD Jail rc.d Script Multiple PHP File Inclusion Vulnerabilities in WGS-PPC (PPC Search Engine) Remote Code Execution Vulnerability in CA BrightStor ARCserve Backup and CA Server/Business Protection Suite Multiple Buffer Overflows in CA BrightStor ARCserve Backup and CA Server/Business Protection Suite Remote File Inclusion Vulnerability in AllMyVisitors 0.4.0: Arbitrary PHP Code Execution PHP Remote File Inclusion Vulnerability in AllMyLinks 0.5.0 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in AllMyGuests 0.3.0 and Earlier Directory Traversal Vulnerability in L2J Statistik Script 0.09 and Earlier Stack-based buffer overflows in BRWOSSRE2UC.dll ActiveX Control in Sina UC2006 and earlier versions Arbitrary Script Injection in b2evolution 1.8.6 Login Page GForge 4.5.11 Advanced Search Cross-Site Scripting (XSS) Vulnerability MediaWiki AJAX Module Cross-Site Scripting (XSS) Vulnerability Arbitrary PHP Code Execution in Easy Banner Pro 2.8 via Remote File Inclusion SQL Injection Vulnerability in comment.php in PHPKIT 1.6.1 R2 Arbitrary Code Execution via Crafted ISO File in EF Commander 5.75 Remote File Inclusion Vulnerability in Magic Photo Storage Website's include/common_function.php Multiple PHP Remote File Inclusion Vulnerabilities in Magic Photo Storage Website Cross-Site Scripting (XSS) Vulnerability in iPlanet Web Server 4.x via NS-max-records Parameter Unauthenticated Access to Public Methods in Getahead Direct Web Remoting (DWR) before 1.1.4 Denial of Service Vulnerability in Getahead Direct Web Remoting (DWR) before 1.1.4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in F5 FirePass SSL VPN F5 FirePass Multiple URL Access Vulnerabilities Vulnerability: Bypassing Host Access Restrictions in F5 FirePass 5.4 through 5.5.1 Remote File Inclusion Vulnerability in GeoBB Georgian Bulletin Board index.php Arbitrary PHP Code Execution via Remote File Inclusion in edit_address.php MKPortal admin.php XSS vulnerability in ad_contents section Cross-Site Request Forgery (CSRF) Vulnerability in MKPortal Allows Privilege Modification Unauthenticated Remote Tunneling via DNS Requests in FON La Fonera Routers Information Disclosure Vulnerability in admin.php of MKPortal M1.1 RC1 Different Error Messages Disclosure Vulnerability in F5 FirePass 5.4 through 5.5.1 and 6.0 SQL Injection Vulnerability in Motionborg Web Real Estate 2.1 and Earlier Denial of Service and Arbitrary Code Execution via Long Volume Name in Finder 10.4.6 on Apple Mac OS X 10.4.8 Denial of Service Vulnerability in Cisco Unified Contact Center Denial of Service Vulnerability in Cisco IOS DLSw Feature Remote File Inclusion Vulnerability in Axiom Photo/News Gallery (axiompng) 0.8.6 Buffer Overflow in cmd_usr function in ftp-gw in TIS Internet Firewall Toolkit (FWTK): Remote Code Execution Arbitrary SQL Command Execution in @lex Guestbook 4.0.2 and Earlier Unspecified Vulnerabilities in phpMyAdmin Before 2.9.2-rc1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin before 2.9.2-rc1 Directory Traversal Vulnerability in @lex Guestbook 4.0.2 and Earlier Arbitrary File Read Vulnerability in HP OpenView Network Node Manager (OV NNM) Macro Execution Vulnerability in Microsoft Word User-Assisted Remote Code Execution via Malformed Drawing Object in Microsoft Word Privilege Escalation Vulnerability in Windows XP SP2 WIA Service Privilege Escalation via Unvalidated Parameter in Windows Hardware Detection Functionality Arbitrary Code Execution via MIME Decoding Vulnerability in Microsoft Exchange Server Arbitrary Code Execution Vulnerability in HTML Help ActiveX Control Microsoft Excel Named Graph Record Stack-based Buffer Overflow Vulnerability Microsoft Works File Converter Input Validation Vulnerability Heap Corruption Vulnerability in Microsoft Internet Explorer FTP Client Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer 5.01 and 6 Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer ActiveX Controls Outlook Web Access (OWA) Cross-Site Scripting (XSS) Vulnerability IMAP Literal Processing Vulnerability in Microsoft Exchange Server 2000 SP3 Directory Traversal Vulnerability in EmChartBean Server Side Component for Oracle Application Server 10g Arbitrary SQL Command Execution in Nicola Asuni All In One Control Panel (AIOCP) SQL Injection Vulnerability in VP-ASP Shopping Cart 6.09 and Earlier: LoginLastname Parameter Arbitrary Web Script Injection Vulnerability in VP-ASP Shopping Cart 6.09 and Earlier SQL Injection Vulnerability in wbsearch.aspx in uniForum 4 and Earlier: Remote Code Execution via by User Field Information Disclosure Vulnerability in slocate 3.1 Remote Denial of Service Vulnerability in DataCollector Service Integer Overflow in ffs_mountfs Function in Mac OS X and FreeBSD CS-Cart 1.3.3 Remote File Inclusion Vulnerability in install.php Arbitrary Script Injection in Movable Type (MT) 3.33 Comments Field Remote File Inclusion Vulnerability in Jshop Server 1.3 Arbitrary SQL Command Execution in WordPress 2.0.6 and Earlier Stack-based Buffer Overflow in libgtop2: Arbitrary Code Execution Double Free Vulnerability in Apple Mac OS X 10.4.8 Allows Remote Code Execution Local Privilege Escalation via Symlink Attack in Lookup (lookup-el) Stack-based Buffer Overflow in StarCalc Parser in OpenOffice.org Arbitrary Command Execution Vulnerability in OpenOffice.org Office Suite Zope 2.10.2 XSS Vulnerability in HTTP GET Request UTF-8 Decoder Vulnerability in Qt 3.3.8 and 4.2.3 Buffer Overflow Vulnerability in Sun JDK and JRE Allows Privilege Escalation via GIF Image Denial of Service Vulnerability in PoPToP Point to Point Tunneling Server (pptpd) Heap-based Buffer Overflow in OpenOffice.org (OOo) Allows Remote Code Execution via Crafted RTF File Arbitrary Command Execution in GForge 4.5.16 via CVSWeb Plugin Denial of Service Vulnerability in Squid FTP Directory Listing Handling Denial of Service Vulnerability in Squid's aclMatchExternal Function Arbitrary Web Script Injection Vulnerability in Nwom Topsites 3.0 SQL Injection Vulnerability in Nwom topsites 3.0 Integer Underflow Vulnerability in Snort 2.6.1.2 Allows Remote Memory Corruption and Log File Manipulation Unspecified Remote File Upload Vulnerability in easy-content filemanager Unspecified Remote Attack Vector in grsecurity Patch Format String Vulnerability in errors_create_window Function in xine-ui Denial of Service and Arbitrary Code Execution Vulnerability in XINE 0.99.4 Denial of Service Vulnerability in VideoLAN VLC 0.8.6a via Crafted .wmv File Unspecified Privilege Escalation Vulnerability in grsecurity PaX Arbitrary Script Injection in index.php of Fastilo 2.0 and Open Solution Quick.Cart 2.0 Information Disclosure Vulnerability in Ezboxx Portal System Beta 0.7.6 and Earlier Remote File Inclusion Vulnerability in Naig 0.5.2 and Earlier via this_path Parameter Authentication Bypass and Remote Code Execution in sNews 1.5.30 and Earlier WordPress Information Disclosure Vulnerability User-assisted remote file deletion and filesystem corruption vulnerability in Total Commander before 6.5.6 via crafted RAR file Buffer Overflow Vulnerability in WinZip 9.0 Allows Arbitrary Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ezboxx Portal System Beta 0.7.6 and Earlier SQL Injection Vulnerability in Ezboxx Portal System Beta 0.7.6 and Earlier Denial of Service and Filesystem Corruption Vulnerability in ufs_lookup Function Unspecified Vulnerabilities in Oracle Database Components Unspecified vulnerability in Oracle Database related to Change Data Capture and sys.dbms_cdc_subscribe privileges (DB02) DBMS_DRS Buffer Overflow Vulnerability Unspecified Buffer Overflow Vulnerability in Oracle Database Log Miner Component (DB04) Buffer Overflow Vulnerabilities in MDSYS.MD in Oracle Database Versions 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 (CVE-DB05) Unspecified Cross-Site Scripting (XSS) Vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 via XMLDB (DB06) Unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10.1.0.5 with unknown impact and attack vectors related to Export and sys.dbms_logrep_util (DB08) and Oracle Streams and sys.dbms_capture_adm_internal privileges (DB09) Oracle Reports Web Cartridge (RWCGI60) Cross-Site Scripting (XSS) Vulnerability Unspecified Vulnerabilities in Oracle Database 8.1.7.4 and 9.0.1.5 with Unknown Impact and Attack Vectors Unspecified vulnerability in Oracle Database client-only 10.1.0.4 related to Export component and expdp or impdp Unspecified Vulnerabilities in Oracle Database Versions 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 with Unknown Impact and Attack Vectors Unspecified Vulnerabilities in Oracle HTTP Server and E-Business Suite: OHS01-OHS07 Unspecified Buffer Overflow Vulnerability in Oracle Notification Service (ONS) Unspecified vulnerabilities in Oracle HTTP Server and Application Server with unknown impact and attack vectors Unspecified vulnerability in Oracle Process Mgmt & Notification component (OPMN02) with unknown impact and attack vectors Unspecified Vulnerability in Oracle Application Server and Collaboration Suite with Unknown Impact and Attack Vectors (OC4J02) Unspecified Vulnerabilities in Oracle Application Server and Collaboration Suite with Unknown Impact and Attack Vectors Unspecified vulnerability in Oracle Reports Developer (REP01) with unknown impact and attack vectors Unspecified Vulnerability in Oracle Application Server and Collaboration Suite: OC4J07 Unspecified vulnerability in Oracle Application Server and Collaboration Suite with unknown impact and attack vectors related to Containers for J2EE (OC4J08) OID01: Unspecified Vulnerability in Oracle Application Server 10.1.4.0 with Unknown Impact and Attack Vectors Related to Oracle Internet Directory Unspecified Vulnerabilities in Oracle Collaboration Suite 9.0.4.2 with Unknown Impact and Attack Vectors Unspecified Vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 Unspecified Vulnerability in Oracle E-Business Suite and Applications 6.2.3 with Unknown Impact and Attack Vectors: Oracle Exchange (APPS02) Unspecified Vulnerabilities in Oracle Enterprise Manager 10.1.0.5 with Unknown Impact and Attack Vectors Unspecified Vulnerabilities in Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 EM06: Unspecified Vulnerability in Oracle Enterprise Manager 10.2.0.1 Related to Database Cloning & Data Guard Management Unspecified Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.13 and 8.47.11: PSE01 Unspecified Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne: PSE02 Unspecified Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.47.11 and 8.48.06: PSE03 LunarPoll PHP Remote File Inclusion Vulnerability Integer Overflow in byte_swap_sbin Function in Mac OS X 10.4.8 Remote File Inclusion Vulnerability in TLM CMS 1.1 and Earlier: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in FdWeB Espace Membre 2.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in InstantASP 4.1.0 Unspecified Vulnerabilities in Zina 1.0rc1 and Earlier: Potential Security Bugs SQL Injection Vulnerability in MiNT Haber Sistemi 2.7 duyuru.asp Allows Remote Code Execution SQL Injection Vulnerability in Okul Web Otomasyon Sistemi 4.0.1: Remote Code Execution via etkinlikbak.asp Arbitrary SQL Command Execution in DigiAffiliate 1.4 and Earlier via visu_user.asp Remote File Inclusion Vulnerability in Poplar Gedcom Viewer 2.0 and Earlier Arbitrary Web Script Injection via Wiki Page Titles in Plain Black WebGUI SQL Injection Vulnerability in Francisco Burzi PHP-Nuke 7.9 and Earlier BMC Remedy Action Request System 5.01.02 Patch 1267 Login Vulnerability Denial of Service Vulnerability in Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and Earlier Insecure Storage of Sensitive Information in wcSimple Poll Remote authenticated users can modify settings, including admin password, in GONICUS System Administration (GOsa) before 2.5.8 PHP Remote File Inclusion Vulnerabilities in Article System 1.0 Buffer Overflow Vulnerabilities in FileZilla 2.2.30a and Earlier Multiple SQL Injection Vulnerabilities in All In One Control Panel (AIOCP) 1.3.010 and Earlier Format String Vulnerability in FileZilla LogMessage Function Denial of Service Vulnerability in Mac OS X 10.4.8 via Crafted HFS+ Filesystem in DMG Image Stack-based buffer overflows in Motive ActiveEmailTest.EmailData ActiveX Control in Motive Service Activation Manager and Self Service Manager Buffer Overflow Vulnerabilities in Macrovision InstallFromTheWeb ActiveX Control and Netscape Plug-in Buffer Overflow in Macrovision FLEXnet Connect Update Service Agent ActiveX Control Stack-based Buffer Overflows in Intuit QuickBooks Online Edition ActiveX Control Buffer Overflow in RIM TeamOn Import Object ActiveX Control (TOImport.dll) SetLanguage Function Buffer Overflow Vulnerabilities in LizardTech DjVu Browser Plug-in before 6.1.1 Buffer Overflow Vulnerabilities in Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX Control Stack-based Buffer Overflow in PNI Digital Media Photo Upload Plugin ActiveX Control Arbitrary Command Execution in Macrovision FLEXnet Connect and Update Service Remote File Disclosure Vulnerability in Joonas Viljanen JV2 Folder Gallery Buffer Overflow Vulnerability in Ipswitch WS_FTP 2007 Professional Cross-Site Scripting (XSS) Vulnerability in liens.php3 in liens_dynamiques 2.1 Unauthenticated Remote Administrative Access in liens_dynamiques 2.1 Local Privilege Escalation Vulnerability in Agnitum Outpost Firewall PRO 4.0 Replay Attack Vulnerability in InGate Firewall and SIParator Arbitrary File Inclusion Vulnerabilities in Jax Petition Book 1.0.3.06 Race Condition Vulnerability in Rixstep Undercover Allows Local File Overwrite Directory Traversal Vulnerability in KGB 1.9 and Earlier: Arbitrary File Inclusion Dream FTP Server Heap-Based Buffer Overflow Vulnerability SQL Injection Vulnerability in Scriptme SMe FileMailer 1.21 Login Form SQL Injection Vulnerability in ThWboard 3.0b2.84-php5 and Earlier XSS Vulnerability in phpMyAdmin 2.8.1 and Earlier with Internet Explorer 6 Denial of Service Vulnerability in Apple WebKit (CVE-2006-2020) Denial of Service Vulnerability in OpenBSD (20070116) Multiple Format String Vulnerabilities in Colloquy 2.1 and Earlier Weak Permissions in Mac OS X Utilities Allow Local Admin Users to Gain Root Privileges SQL Injection Vulnerability in SmE FileMailer 1.21: Remote Code Execution via us Parameter SQL Injection Vulnerability in CVSTrac before 2.0.1 Stack-based Buffer Overflow in IASystemInfo.dll ActiveX Control Arbitrary File Inclusion Vulnerability in INDEXU 5.x upgrade.php Multiple SQL Injection Vulnerabilities in SmE FileMailer 1.21 and Earlier User Profile Unload Failure Vulnerability in Microsoft Windows XP and Windows Server 2003 Microsoft Help Workshop 4.03.0002 Stack-Based Buffer Overflow Vulnerability Arbitrary Web Script Injection Vulnerability in myBloggie 2.1.5 Arbitrary SQL Command Execution in MGB OpenSource Guestbook 0.5.4.5 and Earlier Buffer Overflow in Apple Minimal SLP v2 Service Agent (slpd) in Mac OS X 10.4.11 and Earlier Denial of Service Vulnerability in CCRP FolderTreeview ActiveX Control Fritz!DSL 02.02.29 AVM IGD CTRL Service Directory Traversal Vulnerability Unspecified Denial of Service Vulnerability in HP Jetdirect FTP Server Implementation Arbitrary PHP Code Execution via Remote File Inclusion in Uberghey CMS 0.3.1 Oreon 1.2.3 RC4 and Earlier: PHP Remote File Inclusion Vulnerability in lang/index.php Arbitrary PHP Code Execution via Remote File Inclusion in PHPMyphorum 1.5a Unspecified Cross-Site Scripting (XSS) Vulnerability in FreshReader RSS Feed Component Arbitrary Web Script Injection Vulnerability in Openads and Openads for PostgreSQL Multiple Cross-Site Scripting (XSS) Vulnerabilities in INDEXU 5.3 and Earlier on nicecoder.com Unspecified Cross-Site Scripting (XSS) Vulnerabilities in All In One Control Panel (AIOCP) 1.3.009 and Earlier Untrusted Search Path Vulnerability in Rumpus 5.1 and Earlier: Privilege Escalation via Modified PATH Weak Permissions in Rumpus 5.1 and Earlier: Local User File Manipulation Vulnerability Stack-based Buffer Overflow in mbse-bbs 0.70 and Earlier via MBSE_ROOT Environment Variable SQL Injection Vulnerability in phpBP RC3 (2.204) and Earlier: Remote Code Execution via Comment Forum Unrestricted File Upload Vulnerability in phpBP RC3 (2.204) and Earlier Denial of Service Vulnerability in CCRP BrowseDialog Server (ccrpbds6.dll) Multiple SQL Injection Vulnerabilities in Francisco Burzi PHP-Nuke 7.9 Multiple SQL Injection Vulnerabilities in Joomla! 1.5.0 Beta Arbitrary SQL Command Execution Vulnerability in Joomla! and Mambo Information Disclosure Vulnerability in Joomla! 1.5.0 Beta Arbitrary Web Script Injection Vulnerability in Virtuemart 1.0.7 Multiple SQL Injection Vulnerabilities in Xoops 2.0.16 SQL Injection Vulnerabilities in DocMan 1.3 RC2 DocMan 1.3 RC2 Cross-Site Scripting (XSS) Vulnerability Information Disclosure Vulnerability in DocMan 1.3 RC2 Multiple SQL Injection Vulnerabilities in ATutor 1.5.3.2 Multiple SQL Injection Vulnerabilities in Letterman 1.2.3 Component for Joomla! Remote Access to /WorldClient.dll in WDaemon 9.5.4 Arbitrary Script Injection in PostNuke 0.764 Reviews Preview Sensitive Information Disclosure in PostNuke 0.764 FAQ Section Unspecified Vulnerability in PostNuke 0.764 Rating Section with Unknown Impact and Attack Vectors SQL Injection Vulnerability in Joomla! Weblinks Component (com_weblinks) Allows Remote Code Execution SQL Injection Vulnerability in Woltlab Burning Board (wBB) 1.0.2 and earlier, and 2.3.6 and earlier in the 2.x series Directory Traversal Vulnerability in ArsDigita Community System (ACS) and ArsDigita Community Education Solution (ACES) Arbitrary Web Script Injection Vulnerability in sabros.us 1.7 Format String Vulnerability in BitDefender Client Professional Plus 8.02 Log Creation Functionality Privilege Escalation via File Descriptor Manipulation in IBM AIX 5.3 File Descriptor Verification Vulnerability in Sun Solaris 9 Privilege Escalation via File Descriptor Manipulation in HP-UX B11.11 Remote File Inclusion Vulnerability in ComVironment 4.0: Arbitrary PHP Code Execution Unspecified Denial of Service Vulnerability in HP-UX B.11.23 with IPFilter and PHNE_34474 Lack of SSL/TLS Certificate and SSH Public Key Validation in Cisco CS-MARS and ASDM Arnaud Guyonne (aka Arnotic) a-forum Multiple Cross-Site Scripting (XSS) Vulnerabilities in forum.php3 Cross-Site Scripting (XSS) Vulnerabilities in Simple Machines Forum (SMF) 1.1 RC3 via PM Action Arbitrary Script Injection in Easebay Resources Login Manager 3.0 SQL Injection Vulnerability in Easebay Resources Login Manager 3.0: Remote Code Execution via admin/memberlist.php Arbitrary Web Script Injection Vulnerability in Easebay Resources Paypal Subscription Manager SQL Injection Vulnerability in Easebay Resources Paypal Subscription Manager Arbitrary Command Execution in Django 0.95's bin/compile-messages.py User Impersonation Vulnerability in Django 0.95 AuthenticationMiddleware Buffer Overflow Vulnerabilities in gxine 0.5.9 and Earlier Cross-site scripting (XSS) vulnerability in Plain Black WebGUI before 7.3.5 (beta) in Operation/User.pm Improper Validation of Client Certificates in BEA Weblogic Server 8.1 through 8.1 SP4 Cleartext Password Storage Vulnerability in BEA WebLogic Unspecified Denial of Service Vulnerability in BEA WebLogic Certificate Validation Vulnerability in BEA WebLogic Server Arbitrary File Read Vulnerability in BEA WebLogic Server Cleartext Data Exposure in BEA WebLogic Server 8.1 through 8.1 SP5 Backup Files Denial of Service Vulnerability in BEA WebLogic Server Access Control Bypass Vulnerability in BEA WebLogic Server 8.1 through 8.1 SP5 Insecure Credential Verification in BEA WebLogic Server 9.0 and 9.1 EJB Container Persistence Operations Privilege Escalation Vulnerability in BEA WebLogic Server Unenforced Security Policy for EJB Methods with Array Parameters in BEA WebLogic Server Denial of Service Vulnerability in BEA WebLogic Server Proxy Plug-In Sensitive Information Disclosure via Malformed HTTP Requests in BEA WebLogic Server 9.0, 9.1, and 9.2 Gold Denial of Service Vulnerability in BEA WebLogic Server 6.1 through 6.1 SP7 and 7.0 through 7.0 SP7 Denial of Service Vulnerability in BEA WebLogic Server 9.0, 9.1, and 9.2 Gold on Solaris 9 Role Entitlement Deletion Vulnerability in BEA WebLogic Portal 9.2 Denial of Service Vulnerability in BEA WebLogic Server Proxy Plug-in for Netscape Enterprise Server Unspecified Privilege Escalation Vulnerability in BEA WebLogic Platform and Server 8.1 through 8.1 SP5 and JRockit 1.4.2 R4.5 and Earlier Inadequate Propagation of Entitlement Policy Changes in BEA WebLogic Portal 9.2 Microsoft Help Workshop 4.03.0002 Stack-based Buffer Overflow Vulnerability Denial of Service Vulnerability in WzdFTPD 8.0 and Earlier Denial of Service Vulnerability in DivX Web Player (npdivx32.dll) Denial of Service Vulnerability in shared_region_map_file_np Function Denial of Service Vulnerability in AVM Fritz!Box 7050 and Other Models via Zero-Length UDP Packet Improper Request Message Handling in BEA AquaLogic Service Bus 2.0, 2.1, and 2.5 Account Persistence Vulnerability in BEA AquaLogic Enterprise Security Inadequate Severity Level Setting in BEA AquaLogic Enterprise Security Authentication Bypass and Device Reconfiguration in T-Com Speedport 500V Routers Privilege Escalation Vulnerability in Barron McCann X-Kryptor Driver Multiple Cross-Site Scripting (XSS) Vulnerabilities in InterSystems Cache' Server Page (CSP) Scripts Arbitrary Command Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) Unspecified Remote Integrity Problem Vulnerability in IBM OS/400 R530 and R535 Buffer Overflow Vulnerabilities in Gracenote CDDBControl ActiveX Control Stack-based Buffer Overflow in Citrix Presentation Server Print Provider Library Arj.ppl Module Heap-Based Buffer Overflow Vulnerability Remote Code Execution Vulnerability in Hewlett-Packard Mercury LoadRunner Agent 8.0 and 8.1, Performance Center Agent 8.0 and 8.1, and Monitor over Firewall 8.1 Heap-based Buffer Overflow in Symantec Decomposer Component Allows Remote Code Execution via Crafted CAB Archives Bypassing safe_mode restrictions in PHP 5.2.0 via invalid URI handlers in fopen function Buffer Overflow Vulnerabilities in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 Directory Traversal Vulnerability in Apache HTTP Server and Tomcat Denial of Service Vulnerability in Apache SpamAssassin 3.1.8 Denial of Service Vulnerability in Samba 3.0.6 through 3.0.23d Buffer Overflow Vulnerability in Samba's nss_winbind.so.1 Library Format String Vulnerability in Samba's afsacl.so VFS Module Buffer Overflow in gdImageStringFTEx Function in GD Graphics Library 2.0.33 and Earlier Unspecified Denial of Service Vulnerability in Wireshark LLT Dissector Denial of Service Vulnerability in Wireshark IEEE 802.11 Dissector Unspecified Denial of Service Vulnerability in Wireshark HTTP Dissector Denial of Service Vulnerability in Wireshark TCP Dissector Multiple Buffer Overflows in Ulogd: Improper String Length Calculations Vulnerability Memory Leak Vulnerabilities in Dazuko Anti-Virus Helper Module before 2.3.2 Apple QuickDraw ARGB Record Memory Corruption Vulnerability Format String Vulnerability in Apple Software Update 2.0.5 on Mac OS X 10.4.8 NULL Pointer Dereference Vulnerability in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 Apple Installer 2.1.5 Format String Vulnerability Remote Code Execution via Crafted ASF_File_Properties_Object Size Field in Telestream Flip4Mac Windows Media Components for Quicktime 2.1.0.33 Symlink Attack Vulnerability in Apple Mac OS X 10.4.8 CrashDump Stack-based Buffer Overflow in Visual C++ (MSVC) in Microsoft Visual Studio 6.0 SP6 Arbitrary File Overwrite and Code Execution Vulnerability in RubyGems Unspecified Local Privilege Escalation Vulnerabilities in Sun Solaris 8, 9, and 10 Bypassing Security Requirements via Crafted Report Parameter in Check Point Connectra NGX R62 Race conditions in Smb4K before 0.8.0 allow local users to modify files and add lines to sudoers file Insecure File Permissions in Smb4K's writeFile Function Local Privilege Escalation in Smb4K before 0.8.0 Multiple stack-based buffer overflows in Smb4K utilities/smb4k_*.cpp leading to privilege escalation Insecure Temporary Directory Creation in OpenLDAP Installation Script Cross-site scripting (XSS) vulnerability in Openads, Max Media Manager, and phpAdsNew/phpPgAds before 2.0.9-pr1 Cross-Site Scripting (XSS) Vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 Cisco IOS TCP Listener Memory Leak Vulnerability IP Option Vulnerability in Cisco IOS and IOS XR Cisco IOS Denial of Service Vulnerability via Crafted IPv6 Type 0 Routing Header Local Privilege Escalation in Sun Ray Server Software 2.0 and 3.0 Cross-Site Scripting (XSS) Vulnerabilities in Enthusiast 3.1 SQL Injection Vulnerabilities in Enthusiast 3.1: Remote Code Execution Remote File Inclusion Vulnerability in WebChat 0.77 via defines.php Openads (phpAdsNew) 2.0.7 - Multiple PHP Remote File Inclusion Vulnerabilities FreeForum 0.9.0 PHP Remote File Inclusion Vulnerability Denial of Service Vulnerability in Huawei Versatile Routing Platform 1.43 2500E-003 Firmware VisoHotlink 1.01 PHP Remote File Inclusion Vulnerability Sensitive Information Disclosure in Open-Realty 2.3.4 via Invalid listingID Parameter PHP Remote File Inclusion Vulnerability in Sky GUNNING MySpeach 3.0.6 and Earlier SQL Injection Vulnerabilities in webSPELL 4.01.02 and Earlier: Remote Code Execution via gallery.php ISC BIND Use-After-Free Vulnerability DNSSEC Validation vulnerability in ISC BIND 9.x.x PHP Remote File Inclusion Vulnerability in PhpSherpa's include/config.inc.php Allows Arbitrary Code Execution Neon Labs Website (nlws) 3.2 and Earlier Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in Upload-Service 1.0 Remote File Inclusion Vulnerability in MySpeach 2.1 Beta and Earlier Versions Remote File Inclusion Vulnerability in Sangwan Kim phpIndexPage 1.0.1 and Earlier Remote File Inclusion Vulnerability in Bradabra 2.0.5 and Earlier: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Mafia Scum Tools 2.0.0 in Advanced Random Generators (adv-random-gen) SQL Injection Vulnerability in gallery.php in webSPELL 4.01.02 (picID Parameter) Unspecified Arbitrary Command Execution Vulnerability in kcms_calibrate in Sun Solaris 8 and 9 Eval Injection Vulnerability in Vote! Pro 4.0 poll_frame.php Arbitrary Code Execution via Unrestricted File Upload in Drupal Project Issue Tracking File Access and Information Disclosure Vulnerability in Project Issue Tracking Module for Drupal SQL Injection Vulnerability in Acidfree Module for Drupal BBClone 0.31 Remote File Inclusion Vulnerability Unspecified Vulnerabilities in MaklerPlus Before 1.2 with Potential XSS and Information Leak Risks Multiple Buffer Overflows in AWFFull 3.7.1 and Earlier: Unknown Impact and Attack Vectors PHP Remote File Inclusion Vulnerabilities in phpXMLDOM (phpXD) 0.3 and Earlier OpenTP1 Port Denial of Service Vulnerability Denial of Service (CPU Consumption) Vulnerability in Hitachi HiRDB Datareplicator Cross-Site Scripting (XSS) Vulnerabilities in Hitachi Web Server, uCosminexus, and Cosminexus Products Unspecified Remote Code Execution Vulnerability in Microsoft Word Arbitrary Modification and Deletion of Guestbook Profiles in Yana Framework Insufficient Access Control in Scriptsez Random PHP Quote 1.0 Allows Password Disclosure Insufficient Access Control in Scriptsez Smart PHP Subscriber: Exposing Encoded Passwords XMB U2U Instant Messenger memcp.php Cross-Site Scripting (XSS) Vulnerability Arbitrary SQL Command Execution in Unique Ads (UDS) 1.x via banner.php Denial of Service Vulnerability in Sony Ericsson K700i and W810i Phones Denial of Service Vulnerability in Motorola MOTORAZR V3 Phone via Bluetooth OBEX Push Denial of Service Vulnerability in Nokia N70 Phone via Bluetooth OBEX Push Denial of Service Vulnerability in LG Chocolate KG800 Phone via Bluetooth OBEX Push Multiple Buffer Overflows in MiniWebsvr v0.05: Unveiling Unknown Impact and Attack Vectors Multiple Cross-Site Scripting (XSS) Vulnerabilities in Bitweaver 1.3.1 SQL Injection Vulnerability in is_remembered function in Website Baker 2.6.5 and earlier Unauthenticated Access to Admin Web Console in Centrality Communications PA168 Chipset Arbitrary Code Injection through Link Validation in PHP Link Directory (phpLD) 3.0.6 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Advanced Guestbook 2.4.2 FreeWebShop 2.2.3 and 2.2.4 - PHP Remote File Inclusion Vulnerability in includes/login.php Sensitive Information Exposure in Tuan Do Uploader 6 Beta 1 Denial of Service Vulnerability in AToZed IntraWeb Component Cross-Site Scripting (XSS) Vulnerabilities in Drupal Project Issue Tracking Modules Multiple eval injection vulnerabilities in Vote! Pro 4.0 and earlier versions allow remote code execution Insecure Permissions Vulnerability in rMake for rPath Linux 1 Cross-Site Scripting (XSS) Vulnerability in KDE HTML Library Denial of Service Vulnerability in Telligent Community Server 2.1 and Earlier Denial of Service Vulnerability in wp_remote_fopen Function in WordPress WordPress Pingback Denial of Service Vulnerability WordPress Pingback File Disclosure Vulnerability Arbitrary Script Injection in 212cafe Guestbook 4.00 beta's show.php Insecure Storage of Sensitive Information in ZixForum MyBB (MyBulletinBoard) Private.php Cross-Site Scripting (XSS) Vulnerability Insufficient Access Control in Maxtricity Tagger 0.1 Allows Remote Password Database Download Insecure Storage of Sensitive Information in Toxiclab Shoutbox 1 Arbitrary Web Script Injection Vulnerability in CGI-RESCUE WebFORM 4.3 and Earlier Denial of Service Vulnerability in KarjaSoft Sami HTTP Server 2.0.1 Arbitrary Web Script Injection Vulnerability in 212cafeBoard 6.30 Beta Arbitrary Web Script Injection Vulnerability in 212cafeBoard 0.08 Beta's search.php Arbitrary PHP Code Execution via Remote File Inclusion in CMSimple 2.7 Arbitrary Web Script Injection in Onnac CMS 0.0.8.4 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHProxy before 0.5 beta 2 SQL Injection Vulnerability in Guo Xu Guos Posting System (GPS) 1.2: Remote Code Execution via print.asp SQL Function Argument Type Check Bypass Vulnerability in PostgreSQL Remote code execution and memory disclosure vulnerability in PostgreSQL Root Privilege Retention Vulnerability in rMake 1.0.4 Remote File Inclusion Vulnerability in Inter7 vHostAdmin 1.0 Remote File Inclusion Vulnerability in RPW 1.0.2 config.php Allows Arbitrary PHP Code Execution SQL Injection Vulnerability in user.asp in ASP EDGE 1.2b and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Xero Portal 1.2 Denial of Service Vulnerability in Windows Explorer via Crafted .avi File Cross-Site Scripting (XSS) Vulnerabilities in Symantec Web Security (SWS) before 3.0.1.85 Denial of Service Vulnerability in Symantec Web Security (SWS) License Registering Interface Arbitrary Command Injection in CGI-Rescue Shopping Basket Professional 7.50 and Earlier Arbitrary SQL Command Execution in ASP NEWS 3 and Earlier via news_detail.asp Arbitrary Web Script Injection Vulnerability in Interactive-Scripts.Com PHP Membership Manager 1.5 Remote File Inclusion Vulnerability in MyPHPCommander 2.0 via gl_root Parameter SQL Injection Vulnerability in xNews 1.3: Remote Code Execution via id Parameter Remote File Inclusion Vulnerability in Johannes Gijsbers Ad Fundum Integratable News Script (AINS) 0.02b Arbitrary PHP Code Execution via Remote File Inclusion in phpMyReports 3.0.11 and Earlier Remote File Inclusion Vulnerability in Drunken:Golem Gaming Portal 0.5.1 Alpha 2 and Earlier Remote File Inclusion Vulnerability in nsGalPHP 0.41 and Earlier SQL Injection Vulnerability in SpoonLabs Vivvo Article Management CMS 3.40 SQL Injection Vulnerabilities in ASPCode.net AdMentor Administrative Login Page PHP Remote File Inclusion Vulnerability in Xt-Stats 2.3.x up to 2.4.0.b3 ACGVclick 0.2.0 and Earlier: PHP Remote File Inclusion Vulnerability in function.inc.php Denial of Service Vulnerability in mpg123 http_open Function Unspecified File Inclusion Vulnerability in Horde Groupware Webmail Edition and Groupware Remote File Inclusion Vulnerability in Foro Domus 2.10 menu.php Remote File Inclusion Vulnerability in EclipseBB 0.5.0 Lite's functions.php SQL Injection Vulnerability in ChernobiLe 1.0 Default.asp Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in HTTP Commander 6.0 and Earlier Remote File Inclusion Vulnerability in PhP Generic Library & Framework for comm (g-neric) Remote Code Disclosure in Webfwlog 0.92 and Earlier via conffile Parameter Memory Corruption Vulnerability in Apple QuickDraw's InternalUnpackBits Function SQL Injection Vulnerability in Forum Livre 1.0: Remote Code Execution via info_user.asp Arbitrary Web Script Injection Vulnerability in Forum Livre 1.0 busca2.asp PHP Remote File Inclusion Vulnerability in Vu Le An Virtual Path (VirtualPath) 1.0 Arbitrary Web Script Injection in EzDatabase 2.1.3 via XSS Vulnerability Insecure Storage of Sensitive Information in Siteman 1.1.11 Insufficient Access Control Allows Remote Download of Sensitive Information in Siteman 2.0.x2 High 5 Review Site Search Box XSS Vulnerability Aztek Forum 4.00 - Remote File Inclusion Vulnerability in index/main.php Information Disclosure Vulnerability in Aztek Forum 4.00 SQL Injection Vulnerability in Aztek Forum 4.00 Variable Overwrite Vulnerability in Aztek Forum 4.00: Unauthorized Activities via extract Operations SQL Injection Vulnerability in Martyn Kilbryde Newsposter Script (aka makit news/blog poster) 3 and Earlier Remote Code Execution Vulnerability in Aztek Forum 4.00 Buffer Overflow in Trend Micro VirusWall 3.81 for Linux via libvsapi.so Privilege Escalation via Unvalidated Data Objects in PGP Desktop Arbitrary Script Injection in Movable Type (MT) Comment Preview Screen Arbitrary Web Script Injection Vulnerability in Advanced Guestbook 2.4.2 Sensitive Information Disclosure in w-agora 4.2.1 via bn[] Array Parameter and delete_forum.php Insufficient Access Control in W-Agora 4.2.1 Allows Path Disclosure Information Disclosure Vulnerabilities in Advanced Guestbook 2.4.2 Advanced Guestbook 2.4.2 Directory Traversal Vulnerability Arbitrary Script Injection in CMSimple 2.7 fix1 Mailform Feature Multiple Cross-Site Scripting (XSS) Vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC2 Multiple ActiveX Controls Denial of Service Vulnerability Denial of Service Vulnerability in Bonjour Functionality in Apple Mac OS X 10.4.8 Denial of Service Vulnerability in Bonjour Functionality in Apple Mac OS X 10.4.8 Denial of Service Vulnerability in Hitachi JP1/HIBUN Advanced Edition Management Server and Log Server Zenphoto Directory Traversal Vulnerability Arbitrary Email and Domain Whitelisting Vulnerability in Earthlink TotalAccess Unspecified Authentication Vulnerability in IBM AIX 5.3.0's POP3 and IMAP Services Arbitrary Code Execution via Crafted CHM File in chmlib Arbitrary File Disclosure in FD Script 1.3.2 and Earlier MyBB 1.2.2 Cross-Site Request Forgery (CSRF) Vulnerability Allows Remote Message Sending SQL Injection Vulnerability in MAXdev MDPro 1.0.76 - Remote Code Execution via startrow Parameter Path Disclosure Vulnerability in MAXdev MDPro 1.0.76 Unvalidated User Invocation in NoMachine NX Server Configuration (CVE-XXXX-XXXX) Arbitrary Code Execution via Comment Preview in Drupal Command Line Argument Vulnerability in Michael Still gtalkbot before 1.2 Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Access Manager Unauthenticated Asset Deletion Vulnerability in Plain Black WebGUI Multiple SQL Injection Vulnerabilities in X-dev xNews 1.3 and Earlier SQL Injection Vulnerability in Eclectic Designs CascadianFAQ 4.1 and Earlier: Remote Code Execution via catid Parameter SQL Injection Vulnerability in artreplydelete.asp in ASP EDGE 1.3a and Earlier MyNews 4.2.2 Remote File Inclusion Vulnerability Denial of Service Vulnerability in Sun Solaris 10 before 20070130 Multiple PHP Remote File Inclusion Vulnerabilities in EncapsCMS 0.3.6 Unspecified Vulnerability in inotify Before 0.3.5: Access Rights to Watched Files Directory Traversal Vulnerability in Galeria Zdjec 3.0 and Earlier Sensitive Information Disclosure in PHPFootball 1.6 via show.php Multiple Static Code Injection Vulnerabilities in GuppY 4.5.16 and Earlier Buffer Overflow Vulnerability in ZABBIX 1.1.5: Exploiting SNMP IP Addresses Buffer Overflow in EnumPrintersA Function in dapcnfsd.dll 0.6.4.0: Remote Code Execution Vulnerability SQL Injection Vulnerability in tForum 2.00 in Raymond BERTHOU Script Collection Bloodshed Dev-C++ 4.9.9.2 Stack-Based Buffer Overflow Vulnerability Remote Denial of Service Vulnerability in Apple Safari 2.0.4 (419.3) iPhoto 6.0.5 Format String Vulnerability Format String Vulnerability in iMovie HD 6.0.3 and Safari in Apple Mac OS X 10.4 through 10.4.10 Format String Vulnerability in Help Viewer 3.0.0 Allows Remote Denial of Service Denial of Service Vulnerability in Cisco IOS with Voice Support Variable Overwrite Vulnerability in OpenEMR 2.8.2 and Earlier: Remote Code Execution and XSS Attacks via Interface/Globals.php Buffer overflow in open_sty function in makeindex 2.14 in teTeX Multiple Cross-Site Scripting (XSS) Vulnerabilities in MailEnable Professional before 2.37 CSRF Vulnerability in MailEnable Professional before 2.37 Allows Unauthorized Configuration Modification and Actions Arbitrary Code Execution via Integer Overflow in xmms Skin Bitmap Image Processing Arbitrary Code Execution via Crafted Skin Bitmap Image in XMMS 1.2.10 Remote Code Execution Vulnerability in MicroWorld Agent Service Remote File Inclusion Vulnerability in phpBB2-MODificat 0.2.0 and Earlier Arbitrary File Read and Write Vulnerability in Nexuiz 2.2.2 Bypassing CAPTCHA Test via Empty Captcha Element in Drupal Modules Arbitrary File Download Vulnerability in MuddyDogPaws FileDownload Snippet Arbitrary Script Injection Vulnerability in DotNetNuke (DNN) IFrame Module Remote Command Execution Vulnerability in Intel Enterprise Southbridge 2 BMC Hailboards 1.2.0 - PHP Remote File Inclusion Vulnerability in usercp_viewprofile.php SQL Injection Vulnerability in Eclectic Designs CascadianFAQ 4.1 and Earlier (qid Parameter) Arbitrary File Read Vulnerability in thttpd before 2.25b-r6 in Gentoo Linux Format String Vulnerability in Ipswitch WS_FTP 2007 Professional's SCP Module Allows Remote Command Execution Arbitrary Code Execution Vulnerability in Ipswitch WS_FTP Server 5.04 Arbitrary Code Execution via Redirects in LedgerSMB and SQL-Ledger Vulnerability: Local Users in Non-Global Zones Can Manipulate Read-Only Filesystems in Sun Solaris 10 Unspecified Local Code Execution Vulnerability in Twiki 4.0.0 through 4.1.0 Buffer Overflow Vulnerability in IBM AIX 5.2 and 5.3: Local Code Execution via r-commands Remote Code Execution Vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac Denial of Service Vulnerability in BrightStor Mobile Backup 4.0 Denial of Service Vulnerability in BrightStor ARCserve Backup for Laptops & Desktops r11.1 JPEG File Denial of Service Vulnerability in Windows Mobile 5.0 and Windows Mobile 2003/2003SE Arbitrary File Deletion and Unauthorized Activities via Speech API in Windows Vista Arbitrary SQL Command Execution in ExoPHPDesk 1.2.1 and Earlier via faq.php PHP Remote File Inclusion Vulnerability in Cadre PHP Framework 20020724 SQL Injection Vulnerability in Fullaspsite Asp Hosting Sitesi's windows.asp Allows Remote Code Execution PHPMyRing 4.1.3b and Earlier - Remote File Inclusion Vulnerability in lang/leslangues.php Remote File Inclusion Vulnerability in Phpbb Tweaked 3 and Earlier via phpbb_root_path Parameter Arbitrary Password Change Vulnerability in ExtCalendar 2 and Earlier Remote File Inclusion Vulnerability in JV2 Folder Gallery 3.0.2 and Earlier Remote File Inclusion Vulnerability in Omegaboard 1.0beta4 and Earlier Cerulean Portal System 0.7b - PHP Remote File Inclusion Vulnerability in portal.php Unspecified Buffer Overflow Vulnerability in Internet Explorer on Windows Mobile Devices Denial of Service Vulnerability in Intel 2200BG 802.11 Wireless Mini-PCI Driver SQL Injection Vulnerability in i-search.php in Michelle's L2J Dropcalc 4 and Earlier SQL Injection Vulnerability in Hunkaray Duyuru Scripti's oku.asp Allows Remote Code Execution via id Parameter Information Disclosure Vulnerability in MyBB 1.2.4 Sensitive Information Disclosure in myEvent 1.6 Sensitive Information Disclosure in DGNews 2.1 SQL Injection Vulnerability in DGNews 2.1 Allows Remote Code Execution and XSS Arbitrary Script Injection in DGNews 2.1 footer.php via copyright Parameter Multiple SQL Injection Vulnerabilities in Free LAN In(tra|ter)net Portal (FLIP) before 1.0-RC3 Arbitrary Script Injection in Free LAN In(tra|ter)net Portal (FLIP) User Profile Manipulation Vulnerability in ACGVannu 1.3 and Earlier Multiple SQL Injection Vulnerabilities in ACGVannu 1.3 and Earlier Remote File Inclusion Vulnerability in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) before 2.5.1.1 Directory Traversal Vulnerability in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) Epistemon 1.0 - Remote File Inclusion Vulnerability in inc/common.inc.php PHP Remote File Inclusion Vulnerabilities in phpEventMan 1.0.2 WebBuilder 2.0 Remote File Inclusion Vulnerability PHP Remote File Inclusion Vulnerability in Somery 0.4.6 install.php Cross-zone scripting vulnerability in Sleipnir and Portable Sleipnir versions 2.49 and earlier allows remote attackers to bypass Web content zone restrictions via RSS data. Cross-zone scripting vulnerability in Darksky RSS bar for Internet Explorer, Sleipnir, and unDonut before version 1.29 Stack-based Buffer Overflow in GOM Player 2.0.12.3375 via Long URI in .ASX File Privilege Escalation and Denial of Service Vulnerability in Comodo Firewall Pro Privilege Escalation and Denial of Service Vulnerability in Comodo Firewall Pro Denial of Service Vulnerability in iChat's Bonjour Functionality in Mac OS X 10.3.9 Integer Overflow Vulnerability in Apple QuickTime 7.1.5 and Earlier Heap-based Buffer Overflow in Apple QuickTime MIDI File Parsing Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution Integer Overflow in Apple QuickTime: Remote Code Execution Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution via Crafted PICT File Stack-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution via Crafted QTIF File Integer Overflow Vulnerability in Apple QuickTime Heap-based Buffer Overflow in Apple QuickTime 7.1.5 and earlier versions Remote Code Execution via Crafted ColorSync Profile in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 CUPS Service Denial of Service Vulnerability Remote Code Execution Vulnerability in diskimages-helper in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 Apple Mac OS X Integer Overflow Vulnerability in AppleSingleEncoding Disk Image Unspecified vulnerability in DirectoryService authentication feature allows remote authenticated LDAP users to modify root password and gain privileges Privilege Escalation via IOKit HID Interface in Apple Mac OS X Buffer Overflow Vulnerability in AirPortDriver Module for Apple Mac OS X Denial of Service Vulnerability in SSH Key Generation Process in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 Insecure File Creation Vulnerability in Apple Mac OS X USB Printer Initialization Privilege Escalation via Unsanitized Environment Variables in Apple File Protocol (AFP) Client Authentication Bypass Vulnerability in Apple Mac OS X Server Manager (servermgrd) Apple Mac OS X Samba Module Stack-based Buffer Overflow Vulnerability Privilege Escalation Vulnerability in CoreServices Daemon in Apple Mac OS X 10.4 through 10.4.9 Memory Corruption Vulnerability in ImageIO in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 Vulnerability: Password Bypass and Arbitrary Code Execution in AirPort Disk Feature Use-after-free vulnerability in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 Integer Overflow in Libinfo RPC Library Allows Remote Code Execution Privilege Escalation Vulnerability in Apple Mac OS X Login Window Bypassing Authentication Controls in Mac OS X Login Window Authentication Bypass Vulnerability in Mac OS X Login Window File Display Vulnerability in Alias Manager of Apple Mac OS X 10.3.9 and 10.4.9 Buffer Overflow Vulnerability in natd in Apple Mac OS X 10.3.9 through 10.4.9 with Internet Sharing Enabled Subdomain Cookie Access Vulnerability in Apple Mac OS X 10.3.9 and Earlier Sensitive Information Exposure in URLMount on Apple Mac OS X 10.3.9 through 10.4.9 Privilege Escalation via Unspecified Environment Variables in Apple Mac OS X 10.3.9 through 10.4.9 Incorrect Configuration File in Apple Mac OS X Server 10.4.9 Allows Unauthorized Access to Additional Directories Heap-based Buffer Overflow in Apple Mac OS X VideoConference Framework Privilege Escalation via WebDAV Mount in Apple Mac OS X 10.3.9 through 10.4.9 Heap-based Buffer Overflow in Apple Darwin Streaming Proxy Stack-based Buffer Overflow in Apple Darwin Streaming Proxy Integer Overflow Vulnerability in CoreGraphics in Apple Mac OS X 10.4 up to 10.4.9 Vulnerability: Cleanup Script in crontabs Allows Deletion of Mounted Filesystems in Apple Mac OS X Privilege Escalation Vulnerability in Apple Mac OS X 10.4.8 PPP Daemon (pppd) Format String Vulnerability in Apple Mac OS X VPN Daemon (vpnd) Allows Arbitrary Code Execution Heap-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution Denial of Service Vulnerability in Chicken of the VNC (cotv) 2.0 Remote File Inclusion Vulnerability in Miguel Nunes Call of Duty 2 (CoD2) DreamStats System 4.2 and Earlier PHPProbid 5.24 lang.php Remote File Inclusion Vulnerability SQL Injection Vulnerabilities in EasyMoblog 0.5.1 Authentication Bypass Vulnerability in EQdkp 1.3.1 and Earlier Remote File Inclusion Vulnerability in phpBB ezBoard Converter (ezconvert) 0.2 Remote File Inclusion Vulnerability in phpBB++ Build 100 Arbitrary Script Injection in F3Site News Comment Functionality Arbitrary PHP Script Execution via Unrestricted File Upload in F3Site 2.1 and Earlier Arbitrary SQL Command Execution in dB Masters Curium CMS 1.03 and Earlier Remotesoft .NET Explorer 2.0.1 Stack-Based Buffer Overflow Vulnerability Phorum Core XSS Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Yahoo! Messenger Contact Details Functionality Phorum 5.1.18 register.php Cross-Site Scripting (XSS) Vulnerability Buffer Overflow in GraphicsMagick and ImageMagick ReadPALMImage Function Denial of Service Vulnerability in Linux Kernel 2.6.18 and Other Versions: MT exec + utrace_attach Spin Failure Mode Denial of Service Vulnerability in Linux Kernel 2.6.13 and Earlier Versions Denial of Service Vulnerability in Linux Kernel 2.6.9-42.0.8 Stack-based Buffer Overflow in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20 Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Heap-based buffer overflow in _cairo_pen_init function in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote code execution via large stroke-width attribute in clipPath element in SVG file. Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Page Cache Hash Collision Vulnerability CSS3 Hotspot Property Vulnerability in Mozilla Firefox and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and SeaMonkey SQL Injection Vulnerability in tPassword Login Page Remote File Inclusion Vulnerability in Flipsource Flip 2.01-final 1.0 and Earlier: Arbitrary PHP Code Execution SQL Injection Vulnerability in Noname Media Photo Galerie Standard 1.1.1 and Earlier Remote File Inclusion Vulnerability in Simple Invoices Controller.php Arbitrary Script Injection in MediaWiki 1.9.x before 1.9.2 SQL Injection Vulnerability in Mambo 4.5.5 and Earlier Versions SmartFTP 2.0.1002 Heap-Based Buffer Overflow Vulnerability Arbitrary Script Injection in Atom Feeds in Bugzilla Bugzilla 2.23.3 mod_perl Initialization Script Vulnerability Arbitrary PHP Code Execution via Remote File Inclusion in GlobalMegaCorp dvddb 0.6 SQL Injection Vulnerability in GlobalMegaCorp dvddb 0.6 via user parameter in inc/common.php PHP Remote File Inclusion Vulnerabilities in Wap Portal Server 1.x Heap Corruption Vulnerability in Blue Coat Systems WinProxy 6.1a and 6.0 r1c Arbitrary PHP Code Execution via Remote File Inclusion in bluevirus-design SMA-DB 0.3.9 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ublog Reload 1.0.5 Arbitrary SQL Command Execution in Ublog Reload 1.0.5 via badword.asp Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 allows remote attackers to read arbitrary file:// URIs through blocked popups Predictable Temporary File Names in Mozilla Firefox 1.5.0.9 Bypassing Phishing Protection Mechanism in Mozilla Firefox 2.0.0.1 Buffer Overflow Vulnerabilities in STLport 5.0.3 and Earlier Arbitrary PHP Code Injection via Directory Traversal in GGCMS 1.1.0 RC1 and Earlier Information Disclosure Vulnerability in HP Tru64 UNIX 5.1 1885's ps Command Remote Authentication Bypass Vulnerability in Les News 2.2 Arbitrary Script Injection in flashChat 4.7.8 via Channel Title Mina Ajans Script PHP Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in Categories Hierarchy 2.1.2 Allows Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in GeekLog 2 and Earlier via glConf[path_libraries] Parameter in MVCnPHP/BaseView.php Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 SP1 and SP2 SQL Injection Vulnerability in Woltlab Burning Board (wBB) Lite 1.0.2pl3e and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerability in Home Production MySearchEngine Adrenalin's ASP Chat Multiple Cross-Site Scripting (XSS) Vulnerabilities Arbitrary Code Injection via XSS in Uapplication Uphotogallery 1.1 Denial of Service Vulnerability in CA BrightStor ARCserve Backup 11.5 SP2 and Earlier Arbitrary HTML Injection via User-Agent Header in Adobe ColdFusion Web Server Privilege Escalation via Insecure Permissions in HP Network Node Manager (NNM) Remote Console Multiple PHP Remote File Inclusion Vulnerabilities in Cedric CLAIRE PortailPhp 2 Directory Traversal Vulnerabilities in Cedric CLAIRE PortailPhp 2 NULL dereference vulnerability in umount in the Linux 2.6.15 kernel on Slackware Linux 10.2 allows local users to crash applications and potentially access sensitive information Information Leakage in xterm Process on Slackware Linux 10.2 Remote File Inclusion Vulnerability in LightRO CMS 1.0 - Arbitrary PHP Code Execution FlashFXP 3.4.0 build 1145 Denial of Service Vulnerability SQL Injection Vulnerability in Kisisel Site 2007 Forum.asp Allows Remote Code Execution Remote Code Execution Vulnerability in Alibaba Alipay PTA Module ActiveX Control MySQLNewsEngine affichearticles.php3 Remote File Inclusion Vulnerability Authentication Bypass Vulnerability in avast! Server Edition Multiple Cross-Site Scripting (XSS) Vulnerabilities in Jelsoft vBulletin 3.6.4 Admin Control Panel PHP Remote File Inclusion Vulnerabilities in Atsphp 5.0.1 Delayed Clipboard Availability in VMware Workstation 5.5.3: Exploiting Weaker Isolation for Information Disclosure and Attacks Clipboard Data Persistence Vulnerability in VMware Workstation 5.5.3 FlashChat 4.7.8 Cross-Site Scripting (XSS) Vulnerability Arbitrary Command Execution in Coppermine Photo Gallery 1.4.10 Arbitrary File Inclusion Vulnerability in Coppermine Photo Gallery 1.4.10 Remote File Inclusion Vulnerability in AgerMenu 0.03 and Earlier Denial of Service Vulnerability in FreeProxy before 3.92 Build 1626 PHP Remote File Inclusion Vulnerabilities in Valarsoft WebMatic 2.6 HLstats before 1.35 Cross-Site Scripting (XSS) Vulnerability in Search Class Unspecified Remote Vulnerabilities in vbDrupal before 4.7.6.0 Assertion Error in Microsoft Visual C++ 8.0 Standard Library Time Functions Directory Traversal Vulnerability in ReadDirectoryChangesW API Function Bypassing Authentication Restrictions in pam_ssh via Non-Blank Passphrase Authentication Bypass Vulnerability in Advanced Poll 2.0.0 through 2.0.5-dev Arbitrary HTML Injection Vulnerability in Open Tibia Server CMS (OTSCMS) 2.1.5 and Earlier SQL Injection Vulnerability in Open Tibia Server CMS (OTSCMS) 2.1.5 and Earlier Maian Recipe 1.0 - Remote File Inclusion Vulnerability in class_mail.inc.php Local Privilege Escalation in SysCP 1.2.15 and earlier through Unquoted Pathnames in User Home Directories Arbitrary Code Execution via Cronscript.php in SysCP 1.2.15 and Earlier Remote Code Execution Vulnerability in Trend Micro Scan Engine DevTrack 6.x Cross-Site Scripting (XSS) Vulnerability in Keyword Search Field SQL Injection Vulnerability in DevTrack 6.0.3: Remote Code Execution via Username Field Remote Code Execution via Remote File Inclusion in cPanel WebHost Manager (WHM) Stack-based Buffer Overflow in RARLabs Unrar Allows Arbitrary Code Execution via Crafted Archive Privilege Escalation Vulnerability in Trend Micro Anti-Rootkit Common Module (RCM) Multiple Cross-Site Scripting (XSS) Vulnerabilities in MoinMoin before 1.5.7 Palm OS Treo Smart Phones Vulnerability: Bypassing System Password Lock to Access Sensitive Information Multiple PHP Remote File Inclusion Vulnerabilities in Local Calendar System 1.1 PHP remote file inclusion vulnerability in phpCOIN RC-1 and earlier versions Remote Code Execution in gnopaste 0.5.3 and earlier via PHP Remote File Inclusion Vulnerability Remote Code Execution in Trevorchan 0.7 and earlier via PHP Remote File Inclusion SQL Injection Vulnerability in LushiWarPlaner 1.0 register.php SQL Injection Vulnerability in LushiNews 1.01 and Earlier: Remote Code Execution via comments.php Unspecified Arbitrary Code Execution Vulnerability in HP OpenView Storage Data Protector Remote File Inclusion Vulnerability in Site-Assistant 0990 and Earlier: Arbitrary PHP Code Execution Unspecified Denial of Service Vulnerability in Yahoo! Messenger Chat Room Functionality Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 3.6.4 Attachment Manager Unspecified Denial of Service Vulnerability in Microsoft Word 2000 Unrestricted File Upload Vulnerability in eXtremePow eXtreme File Hosting Arbitrary File Read Vulnerability in POW Add-on for Mozilla Firefox Remote Authentication Bypass Vulnerability in nabopoll 1.1.2 Authentication Bypass and Cross-Site Scripting (XSS) Vulnerability in Allons_voter 1.0 SQL Injection Vulnerability in mcRefer's install.php Arbitrary Web Script Injection in Quick Digital Image Gallery (Qdig) 1.2.9.3 and devel-20060624 Unspecified Denial of Service Vulnerability in March Networks DVR 3000 and 4000 Digital Video Recorders Denial of Service Vulnerability in Microsoft Internet Explorer on Windows Mobile 5.0 Buffer Overflow in SmidgeonSoft PEBrowse Professional 8.2.1.0: Remote Code Execution Vulnerability Insufficient Access Control in Capital Request Forms Allows Remote Database Credential Retrieval Remote File Inclusion Vulnerability in Seitenschutz Plugin for OPENi-CMS 1.0 Telnet Daemon Argument Injection Vulnerability in Solaris 10 and 11 IP3 NetAccess Directory Traversal Vulnerability Buffer Overflow Vulnerability in Roaring Penguin MIMEDefang 2.59 and 2.60 Cross-Site Scripting (XSS) Vulnerability in Rainbow.Zen Extension for Jira Heap-based Buffer Underflow Vulnerability in Axigen 1.2.6 through 2.0.0b1 Denial of Service Vulnerability in Axigen 1.2.6 through 2.0.0b1 Directory Traversal Vulnerability in Kiwi CatTools TFTP Server Weak Encryption Vulnerability in Kiwi CatTools Arbitrary Web Script Injection Vulnerability in cPanel WebHost Manager (WHM) Arbitrary Web Script Injection Vulnerability in phpMyVisites CRLF Injection Vulnerability in phpMyVisites Allows HTTP Response Splitting Attacks Directory Traversal Vulnerability in phpMyVisites before 2.2 Sensitive Information Disclosure in MediaWiki Skins Race condition vulnerability in rm command in Solaris 8 through 10 before 20070208 allows unauthorized file and directory deletion Cross-site scripting (XSS) vulnerability in Sage and Sage++ extensions for Firefox Denial of Service Vulnerability in Clam AntiVirus ClamAV Directory Traversal Vulnerability in ClamAV Allows Remote File Overwrite Heap Overflow Vulnerability in libclamav/fsg.c (CVE-XXXX-XXXX) Multiple PHP Remote File Inclusion Vulnerabilities in TagIt! Tagboard 2.1.B Build 2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in MoinMoin 1.5.7 Info Pages Unspecified Information Disclosure Vulnerability in MoinMoin 1.5.7 Unspecified Vulnerability in mod_roster_odbc Module in ejabberd Arbitrary SQL Command Execution in LightRO CMS 1.0 via projects.php Bypassing safe_mode and open_basedir restrictions in PHP session extension (CVE-XXXX-XXXX) Multiple Buffer Overflows in PHP 5.2.1 and Earlier Versions Buffer Underflow Vulnerability in PHP sapi_header_op Function Improper Initialization of key_length Variable in WDDX Deserializer in PHP Multiple Format String Vulnerabilities in PHP before 5.2.1 Unspecified vulnerability in PHP before 5.2.1 allows attackers to manipulate super-global variables via unspecified vectors Off-by-one Error in PHP 5.2.1 str_ireplace Function Allows Denial of Service CSRF Vulnerability in Jportal 2.3.1 Allows Remote Privilege Escalation Unspecified Remote Code Execution Vulnerability in Microsoft Powerpoint Race condition in Solaris 10 TCP Subsystem Allows Remote Denial of Service Arbitrary File Overwrite and Privilege Escalation in Distributed SLS Daemon (SLSd) on HP-UX B.11.11 Unspecified Denial of Service Vulnerability in HP-UX ARPA Transport Functionality Bypassing IPS Signatures via Fragmented Packets Denial of Service Vulnerability in Cisco IOS IPS ATOMIC.TCP Signature Engine Directory Traversal Vulnerability in MiniWebsvr 0.0.6 SQL Injection Vulnerability in Philboard Forum URL Redirection Vulnerability in Portal Search Arbitrary Web Script Injection Vulnerability in Portal Search Sensitive Information Disclosure in Portal Search via Query String Manipulation Authentication Bypass Vulnerability in phpPolls 1.0.3 Arbitrary Script Injection in Community Server SearchResults.aspx Remote Code Execution in KvGuestbook 1.0 Beta via dologin function Remote Code Execution Vulnerability in uTorrent 1.6 via Crafted Announce Header Insecure Storage of Sensitive Information in Virtual Calendar Directory Traversal Vulnerability in PHP RRD Browser Allows Arbitrary File Reading Apache Stats Variable Extract Vulnerability Heap-based Buffer Overflow in Aruba Mobility Controllers and Alcatel-Lucent OmniAccess Wireless: Remote Code Execution Vulnerability Authentication and Privilege Assignment Vulnerability in Aruba Mobility Controllers and Alcatel-Lucent OmniAccess Wireless Buffer Overflow Vulnerability in D-Link DWL-G650+ Wireless Driver 6.0.0.18 Remote Code Execution Vulnerability in Microsoft Visio 2002 via Crafted Version Number Visio Document Packaging Vulnerability CMS Memory Corruption Vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 Cross-site Scripting and Spoofing Vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 CAPICOM.Certificates Vulnerability Arbitrary Code Execution via Crafted COM Object in Microsoft Internet Explorer Memory Corruption Vulnerability in Internet Explorer 5.01 and 6 SP1 via Crafted CSS Strings Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer Property Memory Corruption Vulnerability in Microsoft Internet Explorer HTML Objects Memory Corruption Vulnerability in Microsoft Internet Explorer 7 Use-after-free vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista Heap-based Buffer Overflow in Microsoft Virtual PC and Virtual Server Stack-based Buffer Overflow in iTinySoft Studio Total Video Player Arbitrary Web Script Injection Vulnerability in Fullaspsite ASP Hosting Site SQL Injection Vulnerability in listmain.asp in Fullaspsite ASP Hosting Site Cross-Site Scripting (XSS) Vulnerabilities in Scriptsez.net Virtual Calendar Arbitrary Web Script Injection via search.pl in @Mail 4.61 and Earlier Unauthenticated Access to MOHA Chat Plug-in API: Unknown Impact and Attack Vectors Out-of-Bounds Read Vulnerability in MailEnable Professional 2.35 and Earlier Authentication Bypass Vulnerability in MIT krb5 Telnet Daemon Stack-based Buffer Overflow in krb5_klog_syslog Function in MIT krb5 Local Privilege Escalation via Unreadable Binaries in Linux Kernel 2.6.x Denial of Service Vulnerability in Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2 Privilege Escalation Vulnerability in Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2 Denial of Service Vulnerability in Cisco PIX and ASA Security Appliances and FWSM Denial of Service Vulnerability in Cisco PIX, ASA, and FWSM Appliances Denial of Service Vulnerability in Cisco Firewall Services Module (FWSM) Denial of Service Vulnerability in Cisco FWSM 3.x Denial of Service Vulnerability in Cisco FWSM 3.x Denial of Service Vulnerability in Cisco FWSM 3.x Denial of Service Vulnerability in Cisco Firewall Services Module (FWSM) 3.x Improper Evaluation of Access Control Entries in Cisco Firewall Services Module (FWSM) Allows Bypass of ACL Protections Multiple Cross-Site Scripting (XSS) Vulnerabilities in WebTester 5.0.20060927 and Earlier Multiple SQL Injection Vulnerabilities in WebTester 5.0.20060927 and Earlier SQL Injection Vulnerabilities in Jupiter CMS 1.1.5 Unrestricted File Upload Vulnerability in Jupiter CMS 1.1.5 Cross-Site Scripting (XSS) Vulnerabilities in Jupiter CMS 1.1.5 Unspecified Vulnerabilities in Ian Bezanson DropBox Before 0.0.4 Beta Variable Extraction Vulnerability in Ian Bezanson Apache Stats Buffer Overflow in ActSoft DVD-Tools ActiveX Control (dvdtools.ocx) Allows Remote Code Execution IBM Lotus Domino R5 and R6 WebMail HTTPPassword Hash Disclosure Vulnerability Buffer Overflow Vulnerability in swcons on IBM AIX 5.3 Sensitive Information Disclosure Vulnerability in LifeType before 1.1.6 and 1.2 before 1.2-beta2 Unspecified Remote Access Vulnerability in HP Serviceguard for Linux Null byte bypass vulnerability in Mozilla-based browsers Cross-Site Scripting (XSS) Vulnerability in TaskFreak! 0.5.5 via tznMessage Parameter in error.php AT Contenator 1.0 and Earlier: PHP Remote File Inclusion Vulnerability in _admin/nav.php SQL Injection Vulnerability in PollMentor 2.0: Remote Code Execution via admin_poll.asp SQL Injection Vulnerability in nickpage.php in phpCC 4.2 Beta and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in Jupiter CMS 1.1.5 Directory Traversal Vulnerability in Jupiter CMS 1.1.5 Allows Remote File Inclusion Denial of Service Vulnerability in zend_hash_init Function Remote Code Execution via HTML Mail Message in Mozilla Firefox and SeaMonkey Trailing Invalid HTML Characters Bypass in Mozilla Firefox and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox, SeaMonkey Race condition in tee system call in Linux kernel 2.6.17 through 2.6.17.6 Arbitrary File Read Vulnerability in QEMU VNC Server Implementation Remote Code Execution via Format String Vulnerability in Ekiga 2.0.3 NULL Dereference Vulnerability in Linux Kernel's ipv6_getsockopt_sticky Function SQL Injection Vulnerability in web-cyradm's search.php (VDB-217449) Critical SQL Injection Vulnerability in web-cyradm (VDB-217640) Critical SQL Injection Vulnerability in The Hackers Diet Plugin up to 0.9.6b on WordPress Integer overflows in GD library allow arbitrary code execution via WBMP images Format String Vulnerability in Evolution Shared Memo 2.8.2.1 and Earlier Versions Arbitrary Code Execution via Integer Overflow in X.Org X11 Server Remote Code Execution and Location Bar Overlay Vulnerability in Mozilla Firefox Remote Denial of Service Vulnerability in CA eTrust Intrusion Detection Format string vulnerabilities in Ekiga's gm_main_window_flash_message function Format String Vulnerability in GnomeMeeting 1.0.2 and Earlier Denial of Service Vulnerability in Apple iTunes 7.0.2 Unauthorized Installations in Macrovision InstallAnywhere Enterprise PHP Remote File Inclusion Vulnerabilities in ZebraFeeds 1.0 with Enabled Register Globals Remote File Inclusion Vulnerability in VS-Gastebuch 1.5.3 and Earlier Arbitrary Script Injection in DeskPRO 1.1.0 faq.php Remote File Inclusion Vulnerability in VirtualSystem Htaccess Passwort Generator 1.1 VicFTPS 5.0 Stack-Based Buffer Overflow Vulnerability SQL Injection Vulnerability in HaberDetay.asp in Aktueldownload Haber Script SQL Injection Vulnerability in Aktueldownload Haber Script Remote File Inclusion Vulnerability in VirtualSystem VS-News-System 1.2.1 and Earlier Remote File Inclusion Vulnerability in VirtualSystem VS-News-System 1.2.1 and Earlier SQL Injection Vulnerability in news.php in webSPELL 4.01.02 with enabled register_globals CedStat 1.31 index.php Cross-Site Scripting (XSS) Vulnerability Arbitrary SQL Command Execution in CodeAvalanche News 1.x via inc_listnews.asp SQL Injection Vulnerability in h_goster.asp in Turuncu Portal 1.0 SQL Injection Vulnerability in Snitz Forums 2000 3.1 SR4: Remote Code Execution via pop_profile.asp Remote File Inclusion Vulnerability in Meganoide's News 1.1.1: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in VS-Link-Partner 2.1 and Earlier SQL Injection Vulnerability in XLAtunes 0.1 and Earlier: Remote Code Execution via album Parameter in view.php Symlink Attack Vulnerability in IBM DB2 for Linux and Unix Barry Jaspan Image Pager Drupal Module XSS Vulnerability Stack-based Buffer Overflow in Quiksoft EasyMail Objects Connect Method Denial of Service Vulnerability in libevent 1.2 and 1.2a via DNS Response Label Pointer Arbitrary File Inclusion Vulnerability in SpoonLabs Vivvo Article Management CMS 3.4 Remote File Upload Vulnerability in phpMyFAQ 1.6.9 and earlier Access Restriction Bypass Vulnerability in Secure Site Module for Drupal Arbitrary SQL Command Execution in Emporium PHP-Nuke Module Unspecified Arbitrary File Manipulation Vulnerability in getID3 1.7.1 Unrestricted Access to JBoss Console and Web Management Interfaces Vulnerability Stack-based Buffer Overflow in News File Grabber 4.1.0.1 and Earlier via Long Subject Field in .nzb File Denial of Service Vulnerability in Shemes.com Grabit 1.5.3 and Earlier Unspecified Vulnerability in Peanut Knowledge Base (PeanutKB) 0.0.3 and Earlier Directory Traversal Vulnerability in Xpression News (X-News) 1.0.1: Arbitrary File Inclusion and Information Disclosure Stack-based buffer overflows in S&H Computer Systems News Rover 12.1 Rev 1: Remote Code Execution via .nzb File Directory Traversal Vulnerability in Xpression News (X-News) 1.0.1 Authentication Bypass Vulnerability in Ezboo Webstats 3.0.3 Arbitrary File Listing Vulnerability in Pearson Education PowerSchool 4.3.6 Default Account Vulnerability in mAlbum 0.3 Allows Remote Privilege Escalation Information Disclosure Vulnerability in Dem_trac Allows Remote Attackers to Read Log File Contents Remote Host Manipulation Vulnerability in Distributed Checksum Clearinghouse (DCC) Arbitrary PHP Code Execution via Remote File Inclusion in phpbb_wordsearch's admin_rebuild_search.php Arbitrary Web Script Injection Vulnerability in WordPress wp_explain_nonce Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in AbleDesign MyCalendar Weak Cryptographic Hashing Function in Comodo Firewall Pro Allows Bypassing Security Protections PHP Remote File Inclusion Vulnerability in PBLang (PBL) 4.60 and Earlier PHP Remote File Inclusion Vulnerabilities in phpXmms 1.0 MediaWiki AJAX Cross-Site Scripting (XSS) Vulnerability Cross-site scripting (XSS) vulnerability in MediaWiki 1.9.x and earlier versions Privilege Escalation Vulnerability in VMware Workstation 5.5.3 Insecure Permissions Vulnerability in Nortel Application Switch 2424, VPN 3050 and 3070, and SSL VPN Module 1000 SQL Injection Vulnerability in Online Web Building 2.0: Remote Code Execution via art_id Parameter PHP Remote File Inclusion Vulnerability in Ultimate Fun Book 1.02 PHP Remote File Inclusion Vulnerabilities in Interspire SendStudio 2004.14 and Earlier SQL Injection Vulnerability in Francisco Burzi PHP-Nuke 8.0 Final and Earlier with Enabled HTTP Referers Block Cisco Unified IP Conference Station Authentication Bypass Vulnerability Hard-coded SSH Credentials in Cisco Unified IP Phone Firmware Privilege Escalation in Cisco Secure Services Client (CSSC), Trust Agent, Cisco Security Agent (CSA), and Meetinghouse AEGIS SecureConnect Client Privilege Escalation Vulnerability in Cisco Secure Services Client (CSSC), Trust Agent, Cisco Security Agent (CSA), and Meetinghouse AEGIS SecureConnect Client (CSCsf15836) Insecure Default DACL in Cisco Secure Services Client and Meetinghouse AEGIS SecureConnect Client Privilege Escalation Vulnerability in Cisco Secure Services Client (CSSC), Trust Agent, Cisco Security Agent (CSA), and Meetinghouse AEGIS SecureConnect Client Plaintext Log File Vulnerability in Cisco Secure Services Client, Trust Agent, Cisco Security Agent, and Meetinghouse AEGIS SecureConnect Client VMware Workstation Memory Management Denial of Service Vulnerability Multiple stack-based buffer overflows in Trend Micro ServerProtect for Windows and EMC 5.58, and for Network Appliance Filer 5.61 and 5.62 Integer Overflow in gifGetBandProc Function in ImageIO in Mac OS X 10.4.8 Privilege Escalation and Denial of Service Vulnerability in Cisco Unified IP Phone CLI Static Code Injection Vulnerability in mcRefer's install.php Buffer Overflow Vulnerabilities in NewsBin Pro 5.33 and 4.x Denial of Service Vulnerability in TurboFTP 5.30 Build 572 Multiple Directory Traversal Vulnerabilities in phpTrafficA 1.4.1 SQL Injection Vulnerability in Design4Online UserPages2 2.0 - Remote Code Execution via art_id Parameter Remote Code Execution via PHP File Inclusion in FlashGameScript 1.5.4 Rhino Software FTP Voyager 14.0.0.3 and Earlier Stack-Based Buffer Overflow Vulnerability Heap-based Buffer Overflows in TurboFTP 5.30 Build 572: Remote Denial of Service Vulnerabilities Arbitrary Email Header Injection in TYPO3's class.t3lib_formmail.php FTP Explorer 1.0.1 Build 047 Denial of Service Vulnerability Arbitrary Code Execution Vulnerability in ConfigChk ActiveX Control Bookmarklet Same-Domain Policy Bypass in Mozilla Firefox 2.0.0.1 and Earlier Google Desktop XSS Vulnerability: Bypassing Protection Schemes and Gaining System Access Arbitrary File Creation and Modification Vulnerability in IBM DB2 8.x and 9.1 Heap-based Buffer Overflow in IBM DB2 8.x and 9.1 Stack-based Buffer Overflow in IBM DB2 8.x and 9.1 Unauthorized SQL Command Execution Vulnerability in IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 Remote Denial of Service Vulnerability in Microsoft Windows Explorer Remote Code Execution and Address Bar Spoofing Vulnerability in Microsoft Internet Explorer 7 Arbitrary Code Execution Vulnerability in Mozilla Firefox, SeaMonkey, and Mozilla Firefox Unspecified Remote Code Execution and Denial of Service Vulnerabilities in JP1/Cm2/Network Node Manager (NNM) Denial of Service Vulnerability in Microsoft Internet Explorer 7 JavaScript Code Execution and DOM Access Vulnerability in Mozilla Firefox and SeaMonkey Cross-site scripting (XSS) vulnerability in VirtueMart ps_cart.php Unrestricted File Upload Vulnerability in Wiclear 0.11.1 Unspecified Denial of Service Vulnerabilities in ScryMUD before 2.1.11 Insufficient Warning of Hostkey Mismatch in Dropbear SSH Client Directory Traversal Vulnerability in Ahmet Sacan Pickle download.php Cross-Site Scripting (XSS) Vulnerabilities in Photostand 1.2.0 Sensitive Information Disclosure in Photostand 1.2.0 via PHPSESSID Cookie and id Parameter Tor Node Resource Advertisement Vulnerability Remote File Inclusion Vulnerability in PHP Module Implementation (PHP-MIP) 0.1: Arbitrary PHP Code Execution Extreme phpBB (aka phpBB Extreme) 3.0.1 - PHP Remote File Inclusion Vulnerability in functions.php PHP Remote File Inclusion Vulnerability in NoMoKeTos Rules 0.0.1 Module for phpBB SQL Injection Vulnerability in Coppermine Photo Gallery (CPG) 1.3.x and 1.4.x via cpg131_fav Cookie CS-Gallery 2.0 PHP Remote File Inclusion Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Phpwebgallery 1.4.1 ActiveCalendar 1.2.0 - Directory Traversal Vulnerability in data/showcode.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in ActiveCalendar 1.2.0 Arbitrary File Manipulation in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 ActiveX Controls Cross-Site Scripting (XSS) Vulnerability in Microsoft Internet Explorer 7 Cross-Site Scripting (XSS) Vulnerability in Opera 9 before 9.20 Sensitive Information Disclosure via CheckLoadURI Function in Mozilla Firefox 1.8 Unspecified Remote Code Execution Vulnerability in Publisher 2007 eFiction 3.1.1 Multiple PHP Remote File Inclusion Vulnerabilities Unspecified Remote Image Upload Vulnerability in Novell ZENworks 7 Desktop Management Support Pack 1 Arbitrary File Download Vulnerability in TeeChart Pro ActiveX Control SQL Injection Vulnerabilities in ZephyrSoft Toolbox Address Book Continued (ABC) 1.00 SQL Injection Vulnerabilities in ZephyrSoft Toolbox Address Book Continued (ABC) 1.00 and 1.01 Multiple PHP Remote File Inclusion Vulnerabilities in ZPanel 2.0 XeroXer Simple one-file gallery Directory Traversal Vulnerability XeroXer Simple one-file gallery - Cross-site scripting (XSS) vulnerability in gallery.php Directory Traversal Vulnerability in xtcommerce index.php Allows Arbitrary File Read Directory Traversal Vulnerability in shopkitplus' enc/stylecss.php Allows Arbitrary File Read Sensitive Information Disclosure in shopkitplus via events.php and stylecss.php Unrestricted File Upload Vulnerabilities in MTCMS 3.2 Arbitrary PHP Code Execution via Remote File Inclusion in Sinapis Gastebuch 2.2 Remote Code Execution in Sinapis Forum 2.2 via PHP Remote File Inclusion Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in MTCMS 2.2 Contact Us Functionality FCRing 1.3 PHP Remote File Inclusion Vulnerability Unspecified Unauthorized Account Vulnerability in Watchtower (WT) Multiple SQL Injection Vulnerabilities in WebMplayer before 0.6.1-Alpha Arbitrary Code Execution in WebMplayer via Shell Metacharacters TLS Misconfiguration in Putmail 1.4 Allows Plaintext Transmission of Sensitive Information Absolute Path Traversal Vulnerability in Cromosoft Simple Plantilla PHP (SPP) Allows Arbitrary Directory Listing and File Reading Unrestricted File Upload Vulnerability in Cromosoft Simple Plantilla PHP (SPP) Arbitrary File Access and Modification Vulnerability in edit.php in pheap Remote File Inclusion Vulnerability in Magic News Plus 1.0.2 via preview.php Arbitrary Script Injection in Magic News Plus 1.0.2 Directory Traversal Vulnerability in J-Web Pics Navigator 1.0 Arbitrary Directory Listing Vulnerability in J-Web Pics Navigator 2.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kayako SupportSuite - ESupport 3.00.13 and 3.04.10 Arabhost Function.php Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in view.php in HBM Allows Arbitrary PHP Code Execution LoveCMS 1.4 Remote File Inclusion Vulnerability in install/index.php Multiple Directory Traversal Vulnerabilities in LoveCMS 1.4 Unrestricted File Upload Vulnerability in LoveCMS 1.4 LoveCMS 1.4 Cross-Site Scripting (XSS) Vulnerability Directory Traversal Vulnerabilities in Pyrophobia 2.1.3.1 Multiple PHP Remote File Inclusion Vulnerabilities in CutePHP CuteNews 1.3.6 SQL Injection Vulnerability in webSPELL: Remote Code Execution via ws_auth Cookie Unrestricted File Upload Vulnerability in webSPELL's Add Squad Feature Remote Authentication Bypass Vulnerability in JBrowser CSRF Vulnerability in JBoss JMX-Console/HtmlAdaptor Allows Remote Privilege Escalation Arbitrary File Read Vulnerability in Pagesetter Module for PostNuke Cross-Site Scripting (XSS) Vulnerability in Pyrophobia 2.1.3.1 via modules/out.php Authentication Bypass Vulnerability in webSPELL 4.0 and Later Versions Arbitrary Code Injection via problem_desc Parameter in Call Center Software 0.93 Denial of Service Vulnerability in CCRP BrowseDialog Server (ccrpbds6.dll) SQL Injection Vulnerability in printview.php in webSPELL 4.01.02 and earlier PHP Remote File Inclusion Vulnerabilities in DBImageGallery 1.2.2 Multiple PHP Remote File Inclusion Vulnerabilities in DBGuestbook 1.1 Arbitrary SQL Command Execution in Nabopoll 1.2 via surv Parameter Remote MySQL Data Disclosure in deV!L`z Clanportal (DZCP) 1.4.5 and earlier Arbitrary Web Page Access and Reconfiguration Vulnerability in Trend Micro ServerProtect for Linux (SPLX) Unencrypted HTTP Logon Vulnerability in Trend Micro ServerProtect for Linux Denial of Service Vulnerability in SimBin Racing Games Arbitrary SQL Command Execution via Admin Cookie in NukeSentinel SQL Injection Vulnerability in NukeSentinel 2.5.05: File Disclosure Exploit Multiple Buffer Overflows in CentennialIPTransferServer Service (XFERWAN.EXE) Multiple Cross-Site Scripting (XSS) Vulnerabilities in WebAPP before 20070214 Unspecified Cross-Site Scripting (XSS) Vulnerability in WebAPP Admin Feature Multiple Cross-Site Scripting (XSS) Vulnerabilities in WebAPP before 0.9.9.5 Cross-Site Scripting (XSS) Vulnerability in WebAPP before 0.9.9.5 Unauthenticated Access Control Vulnerability in WebAPP Email Address Management Vulnerability in WebAPP before 0.9.9.5 Unvalidated Referrer Check in WebAPP before 0.9.9.5 Allows for Remote CSRF Attacks Information Leakage and Username Exposure in WebAPP before 0.9.9.5 Remote Guest User Profile Editing Vulnerability User Real Name Spoofing Vulnerability in WebAPP WebAPP Default CAPTCHA Setting Vulnerability Hidden Input Vulnerability in WebAPP Forms Unfiltered Display of Latest Member Real Name in WebAPP before 0.9.9.5 Information Disclosure Vulnerability in WebAPP before 0.9.9.5 Unvalidated Search Form Input Vulnerability in WebAPP Integer Overflow Vulnerability in Alcatel-Lucent Bell Labs Plan 9 Kernel's envwrite Function Unspecified Remote Code Execution Vulnerability in EmbeddedWB Web Browser ActiveX Control Plaintext Password Exposure in Quicksilver's Social Bookmarks (del.icio.us) Plug-in Insufficient Access Control in Thomas R. Pasawicz HyperBook Guestbook 1.30 Unspecified Vulnerabilities in OrangeHRM Login Page Improper Range for IDT Entries in Norman SandBox Analyzer Allows Emulator Detection and Evasion Multiple Buffer Overflows in XM Easy Personal FTP Server 5.3.0 Unspecified Remote Code Execution Vulnerability in Citrix Presentation Server Client for Windows Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Epiware before 4.7.5 TaskFreak! before 0.5.7 XSS Vulnerability Arbitrary File Reading Vulnerability in Adobe Reader and Acrobat Trial Office Web Components DataSource Vulnerability Word RTF Parsing Vulnerability Arbitrary Code Execution via Crafted Set Font Value in Microsoft Excel Stack-based Buffer Overflow in Microsoft Windows XP SP2 UPnP Service Remote Code Execution Vulnerability in Microsoft Agent (msagent\agentsvr.exe) Insecure Permissions in Virtual DOS Machine (VDM) Allows Privilege Escalation CSRSS Use-After-Free Vulnerability in Windows Vista Kernel GDI Function Denial of Service Vulnerability in Microsoft Windows Privilege Escalation via Crafted Enhanced Metafile (EMF) Image Format File Uninitialized Function Pointer Privilege Escalation in Microsoft Windows 2000 SP4 TrueType Fonts Rasterizer Arbitrary Code Execution via Crafted AutoFilter Filter Record in Microsoft Excel Privilege Escalation via Color-related Parameters in GDI Double Free Vulnerability in GSS-API Library Allows Remote Code Execution and Key Database Modification Buffer Overflow Vulnerability in libcapi's bufprint Function 802.11 Printer Code Off-by-One Buffer Overflow Vulnerability Remote File Inclusion Vulnerability in Admin Phorum 3.3.1a Hypervisor Parameter Verification Bypass Vulnerability in Microsoft Xbox 360 Kernel 4532 and 4548 Hypervisor Bypass Vulnerability in Microsoft Xbox 360 Kernel 4532 and 4548 Arbitrary Code Execution and File Write Vulnerability in Parallels Desktop for Mac Denial of Service Vulnerability in Hitachi OSAS/FT/W URL Filtering Bypass in Grok Developments NetProxy 4.03 Incomplete Logging of HTTP Requests in Grok Developments NetProxy 4.03 Weak Permissions in McAfee VirusScan for Mac (Virex) Allows Arbitrary File Exclusion Arbitrary File Permissions Change Vulnerability in McAfee VirusScan for Mac Unauthorized Directory Access Vulnerability in IBM DB2 UDB 8.2 and DB2 9 on UNIX Arbitrary Script Injection in Nullsoft ShoutcastServer 1.9.7 Cross-Site Scripting (XSS) Vulnerabilities in WordPress before 2.1.2-alpha Multiple Cross-Site Scripting (XSS) Vulnerabilities in SQLiteManager 1.2.0 SQLiteManager 1.2.0 Directory Traversal Vulnerability STWC-Counter 3.4.0.0 and Earlier: PHP Remote File Inclusion Vulnerability in downloadcounter.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sitex Unrestricted File Upload Vulnerability in Sitex Allows Remote Code Execution Sensitive Information Disclosure in Sitex Calendar Remote SQL Injection Vulnerability in Sitex User-Assisted Remote Denial of Service Vulnerability in Microsoft Office 2003 Microsoft Excel 2003 Denial of Service Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Docebo CMS 3.0.3 through 3.0.5 Audins Audiens 3.3 setup.php PATH_INFO Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Audins Audiens 3.3 via PHPSESSID Cookie Authentication Bypass Vulnerability in Audins Audiens 3.3 CSRF Vulnerability in WordPress AdminPanel Allows Remote Privileged Actions and XSS Attacks Denial of Service Vulnerability in IrfanView 3.99 via Malformed WMF File Buffer Overflow in DMO_VideoDecoder_Open function in MPlayer 1.0rc1 and earlier Remote File Inclusion Vulnerabilities in aWebNews 1.5: Arbitrary PHP Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in built2go News Manager Blog 1.0 Unauthenticated Remote Component Reordering in C1 Financial Services Contelligent 9.1.4 SQL Injection Vulnerability in ANGEL Learning Management Suite (LMS) 7.1: Remote Code Execution via id Parameter Format String Vulnerability in Netrek Vanilla Server 2.12.0's new_warning Function Buffer Overflow Vulnerability in Symantec Mail Security for SMTP 5.0 (Patch 175) Eval Injection Vulnerability in Blender's kmz_ImportWithMesh.py Script SQL Injection Vulnerability in Connectix Boards 0.7 and Earlier: Remote Privilege Escalation via p_skin Parameter Unrestricted File Upload Vulnerability in Connectix Boards 0.7 and Earlier Address Bar Spoofing Vulnerability in Mozilla Firefox 2.0.0.2 Arbitrary Command Execution Vulnerability in Cisco Catalyst Series 6000, 6500, and 7600 NAM Denial of Service Vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF Unspecified Vulnerabilities in WebAPP before 0.9.9.6 with Unknown Impact and Attack Vectors Stack-based Buffer Overflow in WebMod 0.48 via Content-Length HTTP Header Privilege Escalation Vulnerability in OpenBiblio Reports System Cross-Site Scripting (XSS) Vulnerabilities in SquirrelMail HTML Filter Lack of Visual Distinction in GnuPG and GPGME Allows Message Forgery Enigmail 0.94.2 and earlier: Remote Message Forgery Vulnerability OpenPGP Message Forgery Vulnerability in KMail 1.9.5 and Earlier OpenPGP Message Forgery Vulnerability in Evolution 2.8.1 and Earlier OpenPGP Message Forgery Vulnerability in Sylpheed 2.2.7 and Earlier OpenPGP Message Forgery Vulnerability in Mutt 1.5.13 and Earlier OpenPGP Message Forgery Vulnerability in GNUMail 1.1.2 and Earlier Double Free Vulnerability in VMware ESX Server 3.0.0 and 3.0.1 Buffer Overflow Vulnerability in VMware ESX Server 3.0.0 and 3.0.1 Integer Overflow Vulnerability in NetBSD Kernel with COMPAT_FREEBSD or COMPAT_DARWIN Option Arbitrary Web Script Injection in Webmin and Usermin via chooser.cgi Arbitrary Command Execution Vulnerability in WordPress 2.1.1 Unspecified Denial of Service Vulnerability in Adobe JRun and ColdFusion MX Privilege Escalation Vulnerability in Adobe Bridge 1.0.3 Installer for Apple OS X Cross-site scripting (XSS) vulnerability in Adobe RoboHelp X5, 6, and Server 6 Denial of Service Vulnerability in Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux Buffer overflow vulnerability in Mozilla Thunderbird and SeaMonkey allows remote attackers to execute arbitrary code via a specially crafted email message Stack Exhaustion and PHP Crash Vulnerability in Zend Engine Arbitrary Code Execution via Integer Overflow in PHP Unserialize Function Cross-Site Scripting (XSS) Vulnerability in PHPinfo Function in PHP 4.4.3 to 4.4.6 and PHP 6.0 PHP Remote File Inclusion Vulnerabilities in Webmobo WB News 1.4.1 and Earlier SQL Injection Vulnerability in Tyger Bug Tracking System (TygerBT) 1.1.3 via ViewBugs.php SQL Injection Vulnerability in TygerBT 1.1.3: Remote Code Execution via ViewReport.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in TygerBT 1.1.3 SQL Injection Vulnerability in Jelsoft vBulletin before 3.5.8 and 3.6.5 SQL Injection Vulnerability in Rigter Portal System (RPS) 6.2 with Disabled Magic Quotes GPC Denial of Service Vulnerability in DivX Web Player ActiveX Control AJ Forum 1.0 - SQL Injection Vulnerability in topic_title.php AJ Classifieds 1.0 - SQL Injection Vulnerability in postingdetails.php AJDating 1.0 - Remote SQL Injection in view_profile.php AJ Auction 1.0 Subcat.php SQL Injection Vulnerability Remote File Inclusion Vulnerability in Mani Stats Reader 1.2 and Earlier Insufficient Access Control in DOURAN Software Technologies ISPUtil 3.32.84.1 Remote Code Execution via Stack-based Buffer Overflow in MailEnable IMAP Service SQL Injection Vulnerability in LI-Guestbook 1.1 and 1.2 Directory Traversal Vulnerability in RRDBrowse 1.6 and Earlier SQL Injection Vulnerabilities in Sava's Guestbook 23.11.2006 Cross-Site Scripting (XSS) Vulnerabilities in Sava's Guestbook 23.11.2006 Denial of Service Vulnerability in Asterisk 1.4 and 1.2 Unspecified Vulnerability in Lenovo Intel PRO/1000 LAN Adapter Denial of Service Vulnerability in KDE JavaScript (KJS) in Konqueror Bypassing VPN Restrictions in Novell Access Management 3 SSLVPN Server NETxAutomation NETxEIB OPC Server before 3.0.1300 OLE for Process Control (OPC) Server Handle Validation Vulnerability Arbitrary Code Execution Vulnerability in Takebishi Electric DeviceXPlorer OPC Server Cirrus VGA Extension Heap-Based Buffer Overflow Vulnerability QEMU NE2000 receive Integer Signedness Error Vulnerability QEMU 0.8.2 Local Privilege Escalation Vulnerability Denial of Service Vulnerability in SnapGear Appliances Denial of Service Vulnerability in PMA_ArrayWalkRecursive Function SQL Injection Vulnerability in Serendipity 1.1.1: Remote Code Execution via serendipity[multiCat][] Parameter Denial of Service Vulnerability in silc-server 1.0.2 Unspecified Parameter XSS Vulnerability in formulaire.php in Bernard JOLY BJ Webring Directory Traversal Vulnerability in SQL-Ledger and LedgerSMB: Arbitrary File Read, Write, and Code Execution Local Privilege Escalation Vulnerability in Comodo Firewall Pro (CFP) Cross-Site Scripting (XSS) Vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java CSRF Vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java VMware Workstation VMX Denial of Service Vulnerability Default Configuration of Apple AirPort Extreme Allows Bypass of Access Restrictions via IPv6 Tunnel SQL Injection Vulnerability in Links Management Application 1.0: Remote Code Execution via lcnt Parameter Remote File Inclusion Vulnerability in Weltennetz News-Letterman 1.1 eintrag.php Unprotected Print Preview Pages in Simple Invoices (before 2007 03 05) Expose Sensitive Information Arbitrary Script Injection Vulnerability in Jelsoft vBulletin 3.6.5 and Earlier Arbitrary Global Variable Modification Vulnerability in Craig Knudsen WebCalendar Buffer overflow vulnerabilities in Ezstream before 0.3.0 Authentication Bypass Vulnerability in CA eTrust Admin GINA Component Privilege Escalation and Server Control Vulnerability in ipmitool for Sun Fire X2100M2 and X2200M2 Denial of Service Vulnerability in Microsoft Windows Explorer via Crafted Office File Denial of Service Vulnerability in Apache mod_perl Remote Code Execution Vulnerability in Novell NetMail 3.5.2 via Stack-based Buffer Overflow Heap Overflow Vulnerability in libXfont and freetype FontFileInitTable Function Integer Overflow Vulnerability Uninitialized Stack Buffer Vulnerability in Linux Kernel Bluetooth Support Privilege Escalation via Race Condition in JBoss Application Server JMX Console Arbitrary Web Script Injection Vulnerabilities in Tomcat Versions 4.0.0 - 6.0.10 AppleTalk Denial of Service Vulnerability Apache Tomcat Cross-Site Scripting (XSS) Vulnerability via Crafted Accept-Language Headers Vulnerability: Bypassing Request Rules in ModSecurity via ASCIIZ Byte in POST Data Unspecified User Profile Access and Modification Vulnerability in Nodefamily Module for Drupal 5.x Unspecified Cross-Site Scripting (XSS) Vulnerability in VirtueMart Path Abuse in Cookies Vulnerability Multiple SQL Injection Vulnerabilities in DropAFew before 0.2.1 Unauthenticated Privilege Escalation in DropAFew before 0.2.1 Remote Code Execution via Fragmented IPv6 Packets in OpenBSD 3.9 and 4.0 QEMU 0.8.2 Local Denial of Service Vulnerability Cross-site scripting (XSS) vulnerability in Avaya Communications Manager (CM) login page before 3.1.3 Vulnerability: Unauthorized Access to Private Nodes in Drupal Project Issue Tracking Module Local Privilege Escalation via ini_modifier in Zend Platform 2.2.3 and earlier Improper Ownership Vulnerability in Zend Platform 2.2.3 and Earlier Multiple Buffer Overflows in Conquest 8.2a and Earlier PostGuestbook 0.6.1 PHP-Nuke Module Remote File Inclusion Vulnerability Stack-based Buffer Overflow in Mercury/32 4.01b and Earlier: Remote Code Execution via Long LOGIN Command Cross-site scripting (XSS) vulnerability in Snitz Forums 2000 3.4.06 via pop_profile.asp Integer Overflow in substr_compare Function in PHP 5.2.1 and Earlier Inadequate Verification of Arguments in PHP's shmop Functions Denial of Service Vulnerability in AcroPDF.DLL in Adobe Reader 8.0 Arbitrary Memory Write Vulnerability in Ovrimos Extension for PHP Arbitrary Code Execution Vulnerability in Ovrimos Extension for PHP PHP Binary Serialization Handler Buffer Over-read Vulnerability Buffer overflow vulnerability in wddx_deserialize function in PHP 5 allows remote attackers to execute arbitrary code via a malformed WDDX packet. Arbitrary Code Execution Vulnerability in PHP COM Extensions on Windows Systems PHP 4 Integer Overflow Vulnerability Directory Traversal Vulnerability in KTorrent Allows Remote File Overwrite Denial of Service and Heap Corruption Vulnerability in KTorrent Buffer Overflow Vulnerability in MPlayer DirectShow Loader Denial of Service Vulnerability in Linux Kernel's do_ipv6_setsockopt Function Remote Authentication Bypass Vulnerability in Dynaliens 2.0 and 2.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dynaliens 2.0 and 2.1 Remote File Inclusion Vulnerability in Leo West WEBO (WebOrganizer) 1.0 Directory Traversal Vulnerability in netForo! 0.1g's down.php Allows Arbitrary File Reading Arbitrary PHP Code Execution via Remote File Inclusion in Magic CMS 4.2.747 Arbitrary PHP Code Execution via Chat Name Field in Flat Chat 2.0 Incomplete Blacklist Vulnerability in phpMyAdmin 2.8.0 through 2.9.2 Allows for Cross-Site Scripting (XSS) Attacks Vulnerability: Overwriting Superglobals in PHP import_request_variables Function Stack-based Buffer Overflow Vulnerabilities in FiSH Functions Denial of Service Vulnerability in Snort's frag3 Preprocessor Stack-based Buffer Overflow in PECL ZIP 1.8.3 and Earlier Allows Remote Code Execution Sandbox Escape Vulnerability: Arbitrary Command Execution via /dev/tty Buffer Overflow Vulnerability in CrackLib Extension of PHP Denial of Service Vulnerability in Rediff Toolbar 2.0 ActiveX Control Stack-based buffer overflows in SwDir.dll ActiveX Control in Macromedia Shockwave 10.1.4.20 Denial of Service Vulnerability in ProSysInfo TFTP Server TFTPDWIN 0.4.2 Arbitrary Script Injection in Trac's Download Wiki Page as Text Feature Missing Content-Disposition Header in Trac before 0.10.3.1 Unspecified Low Critical Exploit in OpenSolution Quick.Cart before 2.1 Multiple Remote Code Execution Vulnerabilities in Bartek Jasicki Vallheru before 1.3 beta Information Disclosure Vulnerability in WordPress wp-admin/admin-functions.php SQL Injection Vulnerability in kategori.asp in GaziYapBoz Game Portal Buffer Overflow Vulnerability in PHP mssql_connect and mssql_pconnect Functions Sensitive Information Disclosure in cpdf_open Function in PHP 4.4.6 Buffer Overflow Vulnerability in PHP SNMP Extension Multiple PHP Remote File Inclusion Vulnerabilities in Coppermine Photo Gallery (CPG) Multiple PHP Remote File Inclusion Vulnerabilities in PMB Services 3.0.13 and Earlier Remote File Inclusion Vulnerability in JCcorp URLshrink's createurl.php Allows Arbitrary PHP Code Execution HC NEWSSYSTEM 1.0-4 index.php SQL Injection Vulnerability Arbitrary Web Script Injection in MindTouch OpenGarden DekiWiki Inadequate Enforcement of java.policy in JMX RMI-IIOP API in Java Dynamic Management Kit 5.1 MySQL 5.x Denial of Service Vulnerability via Information_Schema Table Subselects PHP Remote File Inclusion Vulnerabilities in Premod SubDog 2 SQL Injection Vulnerability in goster.asp in fystyq Duyuru Scripti Multiple PHP Remote File Inclusion Vulnerabilities in WORK System E-Commerce 3.0.5 and Earlier PHP Remote File Inclusion Vulnerabilities in Softnews Media Group DataLife Engine SQL Injection Vulnerability in Triexa SonicMailer Pro 3.2.3 and Earlier: Remote Code Execution via index.php Denial of Service Vulnerability in AstroCam Web Interface Arbitrary File Read Vulnerability in AssetMan 2.4a and Earlier SQL Injection Vulnerability in PHP Labs JobSitePro 1.0: Remote Code Execution via Salary Parameter PHP Remote File Inclusion Vulnerabilities in Moodle 1.7.1 ClipShare 1.5.3 PHP Remote File Inclusion Vulnerability Unspecified Denial of Service Vulnerabilities in PennMUSH 1.8.3 and 1.8.2 Remote Privilege Escalation in Grayscale Blog 0.8.0 and Earlier Versions Arbitrary Web Script Injection in Grayscale Blog 0.8.0 and Earlier Versions SQL Injection Vulnerability in Grayscale Blog 0.8.0 and Earlier Versions Buffer Overflow in D-Link TFTP Server 1.0 Authentication Bypass Vulnerability in admin.pl in SQL-Ledger and LedgerSMB Arbitrary File Overwrite and Authentication Bypass Vulnerability in LedgerSMB and SQL-Ledger Arbitrary SQL Command Execution Vulnerability in X-Ice News System 1.0 Arbitrary PHP Code Execution via Remote File Inclusion in bitesser MySQL Commander 2.7 and Earlier SQL Injection Vulnerability in JGBBS 3.0 Beta 1 - Remote Code Execution via author parameter in search.asp Denial of Service Vulnerability in 4thPass Browser on BlackBerry 8100 Oracle Database 10g SetSecurityDescriptorDacl Function Privilege Escalation Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Woltlab Burning Board (wBB) 2.3.6 and Burning Board Lite 1.0.2pl3e Arbitrary File Overwrite Vulnerability in netserver of netperf 2.4.3 SQL Injection Vulnerability in BP Blog 7.0 through 7.0.2: Remote Code Execution via layout Parameter Multiple PHP Remote File Inclusion Vulnerabilities in Open Education System (OES) 0.1beta Remote Code Execution and Denial of Service Vulnerability in CA BrightStor ARCserve Backup 11.5 and Earlier Denial of Service Vulnerability in CA BrightStor ARCserve Backup 11.5 and Earlier Arbitrary File Read Vulnerability in PHP-Nuke 8.0 and Earlier SQL Injection Vulnerability in PHP-Nuke 8.0 and Earlier: Remote Code Execution via lang Parameter Arbitrary File Deletion Vulnerability in GuppY 4.0 Bypassing Web Site Filters via FDF Support in PHP 5.2.0 and Earlier Buffer Underflow Vulnerability in PHP FILTER_VALIDATE_INT Mode Cross-Site Scripting (XSS) Vulnerability in PHP 5.2.0 with FILTER_SANITIZE_STRING and FILTER_FLAG_STRIP_LOW Multiple Absolute Path Traversal Vulnerabilities in Fantastico PHP Photo Album Remote File Inclusion Vulnerability Buffer Overflow Vulnerability in UniquE RAR File Library (unrarlib) 0.4 Multiple PHP Remote File Inclusion Vulnerabilities in CARE2X 1.1 Multiple PHP Remote File Inclusion Vulnerabilities in WebCreator 0.2.6-rc3 and Earlier Zip:// URL Wrapper Vulnerability in PHP PECL Extension Remote File Inclusion Vulnerability in PHP bz2 Extension Insecure Password Storage in Luci Server Component Format String Vulnerability in Inkscape: Remote Code Execution via URI Format String Vulnerability in Inkscape's Whiteboard Jabber Protocol Remote Code Execution Vulnerability in dproxy 0.1-0.5 via Long DNS Query Packet Integer Overflow in WordPerfect Document Importer/Exporter (libwpd) Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cisco Products Arbitrary Web Script Injection via Attachment in IBM Rational ClearQuest (CQ) Web 7.0.0.0 SQL Injection Vulnerability in Absolute Image Gallery 2.0: Remote Code Execution via gallery.asp Buffer Overflow Vulnerabilities in LIBFtp 5.0 Authentication Bypass Vulnerability in Orion-Blog 2.0 Remote File Inclusion and Arbitrary Code Execution Vulnerability in Groupit 2.00b5 Arbitrary Web Script Injection in Horde Framework's NLS.php Argument Injection Vulnerability in Horde Project Horde and IMP Buffer Overflow Vulnerabilities in PHP Interbase Extension Denial of Service Vulnerability in Symantec Norton Personal Firewall 2006 and Other Norton Products Directory Traversal Vulnerability in PHP Point Of Sale for osCommerce 1.1 Arbitrary File Read Vulnerability in McGallery 0.5b Arbitrary Web Script Injection Vulnerability in Creative Guestbook 1.0 Remote Code Execution via Direct Request to createadmin.php in Creative Guestbook 1.0 SQL Injection Vulnerability in WBBlog's index.php Allows Remote Code Execution WBBlog index.php XSS Vulnerability PHP Remote File Inclusion Vulnerabilities in WebCalendar 0.9.45 Memory Corruption Vulnerability in PHP's array_user_key_compare Function Buffer Overflow in set_umask Function in LIBFtp 3.1-1 Allows Local Code Execution Remote File Inclusion Vulnerability in Carbonize Lazarus Guestbook 1.7.3 Arbitrary File Read Vulnerability in Sascha Schroeder WebLog Unspecified Remote Data Access Vulnerability in Sun Java System Web Server 6.0 and 6.1 CSRF Vulnerability in web-app.org WebAPP 0.9.9.4 to 0.9.9.6 Allows Remote Admin Access Shell Command Injection Vulnerability in Avaya S87XX, S8500, and S8300 before CM 3.1.3 and Avaya SES Vulnerability: Exposed Port 8009 in Apache Tomcat on Avaya S87XX, S8500, and S8300 before CM 3.1.3 and Avaya SES Denial of Service Vulnerability in winmm.dll via Large cch Argument Value in mmioRead Function Arbitrary SQL Command Execution in NukeSentinel 2.5.06 and Earlier Arbitrary Web Script Injection in NukeSentinel before 2.5.06 Denial of Service Vulnerability in Symantec Norton Personal Firewall 2006 Denial of Service via nfnetlink_log in Linux Kernel Vulnerability: nf_conntrack Fragmented Packet Bypass Stack-based buffer overflows in McAfee ePolicy Orchestrator and ProtectionPilot ActiveX Control Navigation Cancel Page Spoofing Vulnerability in Microsoft Internet Explorer 7.0 Local Privilege Escalation Vulnerability in Linux Security Auditing Tool (LSAT) Stack-based Buffer Overflow in Avant Browser 11.0 Build 26 via Long Content-Type HTTP Header Multiple Buffer Overflow Vulnerabilities in Rhapsody IRC 0.28b Multiple Format String Vulnerabilities in Rhapsody IRC 0.28b Arbitrary Web Script Injection Vulnerability in Fujitsu Interstage Application Server (IJServer) 8.0.2 and Earlier Information Disclosure Vulnerability in Fujitsu FENCE-Pro and Systemwalker Desktop Encryption Oracle Portal 10g Cross-Site Scripting (XSS) Vulnerability in PORTAL.wwv_main.render_warning_screen Privilege Escalation via AFS Cache Manager FetchStatus Response Spoofing CMD_USER_STATS in DirectAdmin Cross-Site Scripting (XSS) Vulnerability Directory Traversal Vulnerability in enkrypt.php in Sascha Schroeder Krypt (Holtstraeter Rot 13) Arbitrary SQL Command Execution in Particle Blogger 1.0.0 through 1.2.0 via postid Parameter Buffer Overflow Vulnerability in FrontBase Relational Database Server 4.2.7 and Earlier Stack-based buffer overflow in AfxOleSetEditMenu function in MFC component allows remote attackers to crash systems via a malformed OLE object in an RTF file, leading to an off-by-two overflow in MFC42u.dll. Remote File Inclusion Vulnerability in GraFX Company WebSite Builder (CWB) PRO 1.9.8 Remote File Inclusion Vulnerability in ViperWeb Portal alpha 0.1 Allows Arbitrary PHP Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Horde IMP H3 4.1.3 and Earlier Remote File Inclusion Vulnerability in Cicoandcico CcMail 1.0 SQL Injection Vulnerability in WSN Guest 1.02 and 1.21: Remote Code Execution via comments.php SQL Injection Vulnerability in Woltlab Burning Board (wBB) 2.x Usergroups.php PHP-Nuke 8.0 and Earlier Downloads Module Cross-Site Scripting (XSS) Vulnerability CSRF Vulnerability in PHP-Nuke 8.0 and Earlier Double Free Vulnerability in PHP Session Handling Double Free Vulnerability in PHP Session Extension: Arbitrary Code Execution via Session Identifier Heap-based Buffer Overflow Vulnerability in BSD Derived Operating Systems Arbitrary File Inclusion Vulnerability in ZomPlog 3.7.6 and Earlier Direct static code injection vulnerability in Dayfox Blog (dfblog) 4: Remote execution of arbitrary PHP code via postpost.php Bypassing Certificate Revocation List (CRL) Authorization Control in Sun Java System Web Server 6.1 Spoof and Management URL IP Redirect Vulnerability in Microsoft Windows Vista Spoof on Bridge: Exploiting LLTD Mapper Vulnerability in Windows Vista Total Spoof Attack: Vulnerability in LLTD Responder in Windows Vista Denial of Service Vulnerability in LLTD Mapper in Microsoft Windows Vista ARP Table Overwrite Vulnerability in Microsoft Windows XP and Vista Neighbor Discovery Implementation Vulnerability in Microsoft Windows Vista Teredo Implementation in Windows Vista Vulnerability: Nonce Spoofing through Brute Force Attacks Vulnerability: Remote Access to DFSR.exe in Windows Meeting Space Teredo Address Auto-Assignment Vulnerability in Microsoft Windows Vista Heap-based Buffer Overflow via Integer Underflow in file_printf Function Weak Permissions in \Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 Insecure Permissions in McAfee VirusScan Enterprise 8.5.0.i Windows Registry Keys Directory Traversal Vulnerability in pragmaMX Landkarten 2.1 Module Directory Traversal Vulnerability in am.pl in SQL-Ledger and LedgerSMB SQL-Ledger 2.6.27 Directory Traversal Vulnerability Denial of Service Vulnerability in Cisco IP Phone 7940 and 7960 Stack-based Buffer Overflow in NAS Server Allows Remote Code Execution Integer Overflow in ProcAuWriteElement Function in NAS Denial of Service Vulnerability in Network Audio System (NAS) Denial of Service Vulnerability in Network Audio System (NAS) Multiple Simultaneous Connections Vulnerability in Network Audio System (NAS) SQL Injection Vulnerability in Web Wiz Forums before 8.05a (MySQL version) Unrestricted File Upload Vulnerability in phpx 3.5.15 Gallery.php Multiple SQL Injection Vulnerabilities in phpx 3.5.15 Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpx 3.5.15 Unrestricted File Upload Vulnerability in MetaForum 0.513 Beta Remote Account Modification in Guestbara 1.2 and Earlier via admin/configuration.php Direct static code injection vulnerability in admin/configuration.php in Guestbara 1.2 and earlier SQL Injection Vulnerability in Minerva Mod 2.0.21 Build 238a and Earlier for phpBB Arbitrary SQL Command Execution in Creative Files 1.2 via kommentare.php Format String Vulnerability in F-Secure Anti-Virus Client Security 6.02 APOP Protocol Vulnerability: Password Guessing via MITM Attacks Stack-based Buffer Overflow Vulnerabilities in Roxio CinePlayer 3.2 Denial of Service Vulnerability in Squid 2.6.STABLE12 via Crafted TRACE Requests Denial of Service Vulnerability in Asterisk Channel Driver FTP Protocol Implementation Vulnerability in Mozilla Firefox FTP Protocol Implementation Vulnerability in Opera 9.10 FTP Protocol Implementation Vulnerability in Konqueror 3.5.5 Denial of Service Vulnerability in Konqueror 3.5.5 via JavaScript and ftp:// URI SQL Injection Vulnerability in NetVIOS Portal's News/page.asp Allows Remote Code Execution via NewsID Parameter Stack-based Buffer Overflow in War FTP Daemon 1.65 and Earlier Stack-based Buffer Overflow in DaanSystems NewsReactor 20070220.21: Remote Code Execution via Long Filename in yEnc Encoded Article Stack-based Buffer Overflow in NewsBin Pro 4.32 via yEnc Encoded Article with Long Filename Remote File Inclusion Vulnerability in Radical Designs Activist Mobilization Platform (AMP) 3.2 SQL Injection Vulnerability in JGBBS 3.0 Beta 1 and Earlier (search.asp) Arbitrary SQL Command Execution Vulnerability in Jelsoft vBulletin 3.6.5 Information Disclosure Vulnerability in CARE2X 2.2 and Earlier Versions Multiple SQL Injection Vulnerabilities in PHProjekt 5.2.0 with Disabled Magic Quotes GPC Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHProjekt 5.2.0 Directory Traversal Vulnerability in GeBlog 0.1 Allows Remote File Inclusion Stack-based Buffer Overflow in Atrium MERCUR IMAPD (mcrimap4.exe) 5.00.14 with SP4 Atrium MERCUR IMAPD SUBSCRIBE Command Stack-based Buffer Overflow Vulnerability FTPDMIN 0.96 Denial of Service Vulnerability Arbitrary Code Execution Vulnerability in PHP Resource System Arbitrary Code Execution Vulnerability in PHP Resource System Remote Code Execution via mb_parse_str in PHP Buffer Underflow Vulnerability in PHP 5.2.0 Header Function Remote Information Disclosure Vulnerability in Linksys WAG200G and WRT54GC Routers ZynOS 3.40 Denial of Service Vulnerability via SMB Mail Slot Protocol Arbitrary Program Execution in Tim Soderstrom StatsDawg 0.92 via qshapeLocation Parameter Improper Privilege Dropping in MyServer 0.8.5 Allows Remote Code Execution Denial of Service Vulnerability in TrueCrypt Denial of Service Vulnerability in Grandstream BudgeTone 200 IP Phone Denial of Service Vulnerability in Trend Micro AntiVirus 14.10.1041 Denial of Service and Double Free Vulnerability in Linux Kernel 2.6.x up to 2.6.21-rc3 Denial of Service Vulnerability in Symantec Veritas Volume Replicator (VVR) Denial of Service Vulnerability in Asterisk SIP Response Handling Arbitrary Extension Execution Vulnerability in Asterisk's AEL Multiple PHP Remote File Inclusion Vulnerabilities in NFN Address Book Component for Mambo and Joomla! Sensitive Information Disclosure in Unclassified NewsBoard 1.6.3 Stack-based Buffer Overflow in InterVations FileCOPA FTP Server 1.01 WordPress wp-login.php Open Redirect Vulnerability Remote File Inclusion Vulnerability in Digital Eye Gallery 1.1 Beta (aka 0.1.1b) Module.php Directory Traversal Vulnerability in check_vote.php in Weekly Drawing Contest 0.0.1 Arbitrary SQL Command Execution in Weekly Drawing Contest 0.0.1 Authentication Bypass and Database Manipulation in Weekly Drawing Contest 0.0.1 Arbitrary PHP Code Execution through Unrestricted File Upload in w-Agora Remote Information Disclosure Vulnerabilities in w-Agora Multiple Cross-Site Scripting (XSS) Vulnerabilities in w-Agora SQL Injection Vulnerability in w-Agora's search.php CRLF Injection Vulnerability in IBM WebSphere Application Server (WAS) Cross-site scripting (XSS) vulnerability in Oracle Application Server (OAS) 10g 10.1.2.0.0 through servlet/Spy in Dynamic Monitoring Services (DMS) Arbitrary Script Injection in Glue Software NewsGlue RSS Reader Arbitrary Script Injection in SOURCENEXT RSS Reader SQL Injection Vulnerability in Katalog Plyt Audio 1.0 and Earlier: Remote Code Execution via kolumna Parameter Arbitrary File Inclusion Vulnerability in MPM Chat 2.5 Stack-based Buffer Overflow in ZZIPlib Library Allows Remote Code Execution SQL Injection Vulnerability in ScriptMagix Jokes 2.0 and Earlier: Remote Code Execution via catid Parameter SQL Injection Vulnerability in ScriptMagix Lyrics 2.0 and Earlier: Remote Code Execution via recid Parameter SQL Injection Vulnerability in ScriptMagix Recipes 2.0 and Earlier: Remote Code Execution via catid Parameter SQL Injection Vulnerability in ScriptMagix FAQ Builder 2.0 and Earlier: Remote Code Execution via catid Parameter SQL Injection Vulnerability in ScriptMagix Photo Rating 2.0 and Earlier: Remote Code Execution via viewcomments.php PHP Remote File Inclusion Vulnerabilities in PHP DB Designer 1.02 and Earlier Remote File Inclusion Vulnerability in Active PHP Bookmark Notes (APB) 0.2.5 and Earlier Arbitrary Web Script Injection Vulnerability in WordPress Administration Interface Multiple Cross-Site Scripting (XSS) Vulnerabilities in realGuestbook 5.01 Multiple SQL Injection Vulnerabilities in realGuestbook 5.01 Cross-site scripting (XSS) vulnerability in save_entry.php in realGuestbook 5.01 via homepage parameter in add_entry.php Remote File Inclusion Vulnerability in iFrame Module for PHP-NUKE Allows Arbitrary Code Execution Multiple PHP Remote File Inclusion Vulnerabilities in Study Planner (Studiewijzer) 0.15 and Earlier Active Photo Gallery Default.asp SQL Injection Vulnerability Active Link Engine Default.asp SQL Injection Vulnerability Remote File Inclusion Vulnerability in CLBOX 1.01 Signup.php Allows Arbitrary PHP Code Execution via Header Parameter Unspecified Major Security Hole in TYPOlight webCMS before 2.2 Build 5 Directory Traversal Vulnerability in Giorgio Ciranni Splatt Forum 4.0 RC1 Module for PHP-Nuke SQL Injection Vulnerability in NPDS 5.10 and Earlier via grab_globals.php Static Code Injection Vulnerability in NPDS 5.10 and Earlier: Arbitrary PHP Code Injection in admin/settings.php Directory Traversal Vulnerability in RoseOnlineCMS 3 B1 Allows Remote File Inclusion Buffer Overflow Vulnerabilities in Ipswitch IMail Server ActiveX Control Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in PHProjekt 5.2.0 Unrestricted File Upload Vulnerability in PHProjekt 5.2.0 PHP Remote File Inclusion Vulnerabilities in ClassWeb 2.03 and Earlier SQL Injection Vulnerability in PortailPHP 2.0 index.php Allows Remote Code Execution Remote authenticated users can access any common file in ManageEngine Firewall Analyzer via direct URL request PHP Remote File Inclusion Vulnerabilities in LAN Management System (LMS) 1.8.9 Vala and Earlier Dynamic DNS Update Vulnerability in Microsoft Windows DNS Server Service Buffer Overflow in FutureSoft TFTP Server 2000 on Microsoft Windows 2000 SP4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in SubHub 2.3.0 Sensitive Information Exposure in Moodle 1.5.2 and Earlier Remote Denial of Service Vulnerability in 0irc 1345 Build 20060823 Heap Memory Disclosure Vulnerability in PHP 5.2.1 NULL Pointer Dereference Vulnerability in pcapsipdump OpenID Cross-Site Request Forgery (CSRF) Vulnerability OpenID Remote Login and Personal Information Disclosure Vulnerability Denial of Service Vulnerability in GlowWorm FW before 1.5.3b4 Buffer Overflow in Ne7sshSftp::addOpenHandle Function in NetSieben SSH Library (ne7ssh) Buffer Overflow in fun_ladd function in TinyMUX Multiple SQL Injection Vulnerabilities in Katalog Plyt Audio 1.0 and Earlier Stack-based Buffer Overflow in minigzip Allows Arbitrary Code Execution User-Assisted Remote Code Execution in Windows Mail Denial of Service and Arbitrary Code Execution Vulnerability in PCRE Library Buffer Overflow Vulnerability in PCRE Library PCRE Library Backtracking Vulnerability PCRE Library Denial of Service Vulnerability Memory Leak in Image Message Functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch Denial of Service Vulnerability in EKG Prior to 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch Memory Leak in Token OCR Functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch Allows Remote DoS Authentication Bypass Vulnerability in DataRescue IDA Pro Debugger Server Integer Overflow Vulnerabilities in X.Org libx11 and ImageMagick Infinite Loop Denial of Service Vulnerability in Zoo Decoder 2.10 Denial of Service Vulnerability in Panda Software Antivirus Denial of Service Vulnerability in Avira AntiVir (CVE-2008-4036) Denial of Service Vulnerability in avast! Antivirus Denial of Service Vulnerability in unzoo.c Remote Code Execution Vulnerability in LANDesk Management Suite 8.7 Buffer Overflow in CRAM-MD5 Authentication Mechanism in IBM Lotus Domino IMAP Server Buffer Overflow Vulnerabilities in NetBSD Kernel's ISO Network Protocol Support Fizzle 0.5 Extension for Firefox XSS Vulnerability via RSS Feeds Cross-Site Scripting (XSS) Vulnerabilities in Horde Groupware Webmail 1.0 Stack-based Buffer Overflow in Yahoo! Messenger ActiveX Control Format string vulnerability in Sun Java Web Console allows remote attackers to cause a denial of service and execute arbitrary code Multiple stack-based buffer overflows in FileManager ActiveX Control in SoftArtisans XFile before 2.4.0 Stack-based Buffer Overflow in IncrediMail IMMenuShellExt ActiveX Control (ImShExt.dll) Arbitrary Command Execution Vulnerability in SolidWorks sldimdownload ActiveX Control Buffer Overflow Vulnerability in BlueCoat K9 Web Protection 3.2.36 Buffer Overflow Vulnerabilities in iPIX Image Well ActiveX Control Arbitrary Code Execution Vulnerability in PhPInfo ActiveX Control Buffer Overflow in ISAlertDataCOM ActiveX Control in Norton Personal Firewall 2004 and Internet Security 2004 Stack-based Buffer Overflow in Second Sight Software ActiveGS ActiveX Control (ActiveGS.ocx) ActiveMod ActiveX Control Stack-Based Buffer Overflow Vulnerability WPAD Protocol Misconfiguration Vulnerability NULL Dereference and Application Crash Vulnerability in Yate SIP Channel Module PHP remote file inclusion vulnerability in phpBB 2.0.19 allows remote code execution via phpbb_root_path parameter in includes/usercp_register.php Active Newsletter 4.3 SQL Injection Vulnerability in ViewNewspapers.asp Philex 0.2.3 and Earlier: PHP Remote File Inclusion Vulnerability in header.inc.php Arbitrary File Read and Source Code Disclosure in Philex 0.2.3 and Earlier PHP Remote File Inclusion Vulnerabilities in SWmenu Component for Mambo and Joomla! Arbitrary Code Execution Vulnerability in PHP Session Extension Arbitrary Code Execution via Session Data Deserialization Remote Code Execution in Flatmenu Mambo Module via mod_flatmenu.php Arbitrary SQL Command Execution in RWCards Joomla Component (com_rwcards) 2.4.3 and Earlier SQL Injection Vulnerability in Car Manager Component for Joomla! Active Trade 2 Default.asp SQL Injection Vulnerability Arbitrary SQL Command Execution in eWebQuiz 8 via QuizID Parameter Net Side Content Management System (Net-Side.net CMS) Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in ttCMS 4 and Earlier: Arbitrary PHP Code Execution Buffer Overflow in confirm_phpdoc_compiled Function in phpDOC Extension Arbitrary File Read Vulnerability in PHP's readfile Function Double Free Vulnerability in PHP Unserializer Allows Arbitrary Code Execution Active Auction Pro 7.1 Default.asp SQL Injection Vulnerability CRLF Injection Vulnerability in BSMTP.DLL in B21Soft BASP21 CcCounter 2.0 index.php Cross-Site Scripting (XSS) Vulnerability PHP Remote File Inclusion Vulnerability in Free Image Hosting 2.0 and Earlier Improper Ownership Restoration in pam_console Vulnerability Email Truncation Vulnerability CRLF Injection Vulnerability in PHP Mail Function Arbitrary Code Execution Vulnerability in mcweject 0.9 on FreeBSD Arbitrary File Inclusion Vulnerability in Addressbook 1.2 Module for PHP-Nuke Multiple PHP Remote File Inclusion Vulnerabilities in C-Arbre 0.6PR7 and Earlier Buffer Overflow in SignKorea SKCommAX ActiveX Control Module 7.2.0.2 and 3280 6.6.0.1: Remote Code Execution via Long pszUserID Argument Multiple Cross-Site Scripting (XSS) Vulnerabilities in Secure Computing CipherTrust IronMail 6.1.1 Administration Console Unspecified vulnerability in ReactOS 0.3.1 with unknown impact and attack vectors introduced by fix for win32k bugs and failures, possibly related to copy failures. SQL Injection Vulnerability in IceBB 1.0-rc5: Remote Code Execution via Avatar Function Unrestricted File Upload Vulnerability in IceBB 1.0-rc5 Unspecified Privilege Escalation Vulnerability in HP OpenView Network Node Manager (OV NNM) Denial of Service Vulnerability in Sony Playstation 3 (PS3) and Playstation Portable (PSP) Remote Play Feature SQL Injection Vulnerability in Flexbb 1.0.0 10005 Beta Release 1 Integer Signedness Error in DCCP Support in Linux Kernel: Local Memory Read and Denial of Service Vulnerability Multiple Stack-Based Buffer Overflows in HPAFTPD 1.01 Cross-Site Scripting (XSS) Vulnerability in WordPress 2.1.2 via mt Import in wp-admin/admin.php Remote Code Execution Vulnerability in InterVations NaviCOPA HTTP Server 2.01 via Long CGI Pathname in HTTP GET Request Unbounded optlen in do_dccp_getsockopt function in Linux kernel Stack-based Buffer Overflow in Corel WordPerfect Office X3 (13.0.0.565) via Long Printer Selection Name in Wordperfect Document Phishing Protection Bypass in Mozilla Firefox 2.0.0.3 Bypassing Phishing Protection in Opera 9.10 Privilege Escalation and Denial of Service Vulnerability in TrueCrypt 4.3 Heap-based Buffer Overflow in IBM Lotus Domino LDAP Server Race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 allowing privilege escalation and arbitrary code execution Vulnerability: Insecure Verification of Current Directory in Apache HTTP Server (httpd) 2.2.3 Insecure suexec Configuration in Apache HTTP Server (httpd) 2.2.3 VMware Workstation Shared Folders Directory Traversal Vulnerability File Descriptor Leak Vulnerability in Clam AntiVirus (ClamAV) before 0.90.2 User-assisted remote code execution vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 Stack-based Buffer Overflow in DNS Server Service in Microsoft Windows Heap-based Buffer Overflow in CDownloadSink Class Code in VML Component (VGX.DLL) in Internet Explorer 5.01, 6, and 7 Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer 6 via Crafted CSS Tag Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01, 6, and 7 Publisher Invalid Memory Reference Vulnerability Calculation Error Vulnerability in Microsoft Excel URL Canonicalization Bypass Vulnerability in Mozilla Firefox 2.0.0.1 through 2.0.0.3 Denial of Service Vulnerability in ATI Kernel Driver (atikmdag.sys) in Windows Vista FastStone Image Viewer 2.8 User-Assisted Remote Code Execution Vulnerability Remote Code Execution Vulnerability in Microsoft Windows 2000 SP4 through Vista via Malformed ANI File Remote File Inclusion Vulnerability in Advanced Login 0.76 and Earlier Unspecified Denial of Service Vulnerability in AOL 9.0 Arbitrary Script Injection in Mephisto Comment Author Name Field Buffer Overflow Vulnerability in ArcSDE Service (giomgr) in ESRI ArcGIS Remote File Inclusion Vulnerability in Ay System Solutions WCS 2.7.1 Denial of Service Vulnerability in HP JetDirect Print Servers via Long Pathname in FTP RETR Command Directory Traversal Vulnerabilities in aBitWhizzy: Remote Directory Listing Cross-Site Scripting (XSS) Vulnerabilities in aBitWhizzy's whizzery/whizzypic.php and whizzery/whizzylink.php Unrestricted File Upload Vulnerability in JBrowser 2.4 and Earlier Arbitrary SQL Command Execution in DesignForJoomla.com D4J eZine (com_ezine) 2.8 and Earlier Heap Overflow Vulnerability in PHP zip_read_entry Function Remote File Inclusion Vulnerability in Eve-Nuke 0.1 (EN-Forums) Module for PHP-Nuke Multiple SQL Injection Vulnerabilities in Advanced Website Creator (AWC) before 1.9.0 Arbitrary Web Script Injection Vulnerability in Overlay Weaver DHT Shell Improper User Access Control in Minna De Office 1.x and 2.x Insufficient User Access Restrictions in CruiseWorks 1.09e and Earlier Arbitrary Code Execution Vulnerability in IBM Lotus Notes Sametime Remote Code Execution Vulnerability in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 SQL Injection Vulnerability in Hitachi Collaboration - Online Community Management PHP Remote File Inclusion Vulnerabilities in Softerra Time-Assistant 6.2 and Earlier Authentication Bypass Vulnerability in Flyspray 0.9.9 Sensitive Information Disclosure in Flyspray 0.9.9 Multiple PHP Remote File Inclusion Vulnerabilities in Kaqoo Auction Software Free Edition SQL Injection Vulnerability in Picture-Engine 1.2.0 and Earlier: Remote Code Execution via cat Parameter in wall.php Denial of Service Vulnerability in Symantec Mail Security for SMTP and Mail Security Appliance Arbitrary Code Execution and Denial of Service Vulnerability in Symantec Norton Personal Firewall 2006 and Norton Internet Security 2008 Remote Code Execution Vulnerability in Mozilla Javascript Engine on Sun Solaris Arbitrary PHP Code Execution in JCcorp URLshrink 1.3.1 via Email Address Field Unspecified Vulnerabilities in JCcorp URLshrink 1.3.2 Integer overflows in ImageMagick before 6.3.3-5 leading to arbitrary code execution Buffer Overflow Vulnerability in IBM AIX 5.2 and 5.3 drmgr Command Directory Traversal Vulnerability in KTorrent before 2.1.3 Allows Remote File Overwrite Unauthenticated Network Access Vulnerability in Cisco Secure ACS Directory Traversal Vulnerability in sBLOG 0.7.3 Beta Allows Remote File Inclusion Arbitrary Web Script Injection Vulnerability in MailDwarf 3.01 and Earlier Remote Code Execution Vulnerability in MailDwarf 3.01 and earlier PulseAudio 0.9.5 Remote Denial of Service Vulnerability SQL Injection Vulnerability in Genre.php in Debaser 0.92 and Earlier Module for Xoops SQL Injection Vulnerability in RM+Soft Gallery (rmgallery) 1.0 Module for Xoops SQL Injection Vulnerability in myAlbum-P 2.0 and Earlier Module for Xoops SQL Injection Vulnerability in Camportail 1.1 and Earlier Module for Xoops Multiple PHP Remote File Inclusion Vulnerabilities in GraFX Company WebSite Builder (CWB) PRO 1.5 SQL Injection Vulnerability in Kshop 1.17 and Earlier: Remote Code Execution via id Parameter SQL Injection Vulnerability in Tiny Event Module for Xoops BT-Sondage 112 - Remote File Inclusion Vulnerability in gestion_sondage.php SQL Injection Vulnerability in eCal 2.24 and Earlier Module for Xoops SQL Injection Vulnerability in Xoops Core Module: Remote Code Execution via viewcat.php SQL Injection Vulnerability in Xoops Library Module's viewcat.php SQL Injection Vulnerability in Xoops Tutoriais Module's viewcat.php SQL Injection Vulnerability in Lykos Reviews Module for Xoops PHP Remote File Inclusion Vulnerability in MOD_forum_fields_parse.php in phpBB Forum Picture and META Tags 1.7 Module Stack-based Buffer Overflow in SPIDERLib.Loader ActiveX Control Caller ID Spoofing Vulnerability in Nortel Networks CallPilot and Meridian Mail Voicemail Systems Sprint Nextel Voice Mail System Caller ID Spoofing Vulnerability Caller ID Spoofing Vulnerability in Alcatel-Lucent Lucent Technologies Voice Mail Systems T-Mobile Voice Mail System Vulnerability: Remote Attackers Exploit Caller ID Spoofing to Access and Manipulate Messages Buffer Overflow in php_stream_filter_create Function in PHP 5 before 5.2.1 Buffer Overflow in imap_mail_compose Function in PHP 5 and PHP 4 Denial of Service Vulnerability in Cisco Unified CallManager and Unified Presence Server Unspecified Form Input Validation Vulnerabilities in web-app.org WebAPP Multiple Cross-Site Scripting (XSS) Vulnerabilities in web-app.org WebAPP before 0.9.9.6 Unspecified Multiple Vulnerabilities in web-app.net WebAPP Unspecified Remote Administrative Access Vulnerability in Username Hijacking Patch for web-app.org WebAPP 0.9.9.6 Arbitrary File Access and Data Manipulation in WebAPP before 0.9.9.6 Remote File Upload Vulnerability in WebAPP before 0.9.9.6 Denial of Service Vulnerability in Cisco Unified CallManager Denial of Service Vulnerability in Cisco Unified CallManager and Cisco Unified Presence Server Bypassing open_basedir Restrictions in PHP 4 and PHP 5 Arbitrary Command Execution Vulnerability in Data Domain OS Command Line Administration Interface PHP Remote File Inclusion Vulnerabilities in MangoBery CMS 0.5.5 SQL Injection Vulnerability in Friendfinder Xoops Module (<=3.3) view.php CodeBB 1.1b3 and Earlier: Multiple PHP Remote File Inclusion Vulnerabilities Cross-Site Scripting (XSS) Vulnerability in LDAP Account Manager (LAM) before 1.3.0 Denial of Service Vulnerability in racoon's isakmp_info_recv Function Directory Traversal Vulnerability in JSBoard Login.php (CVE-2006-2019) Remote File Inclusion Vulnerability in MapLab 2.2.1 Allows Arbitrary PHP Code Execution Multiple PHP Remote File Inclusion Vulnerabilities in Aardvark Topsites PHP 5 Arbitrary SQL Command Execution in Expanded Calendar (calendar_panel) 2.00 Module for PHP-Fusion SQL Injection Vulnerability in MyAds 2.04jp and Earlier Module for Xoops (index.php) SQL Injection Vulnerability in Xoops Repository Module's viewcat.php Cross-site scripting (XSS) vulnerability in Drake CMS admin/classes/ui.dta.php allows remote code injection via desc[][title] field Directory Traversal Vulnerability in Drake CMS 404.php Directory Traversal Vulnerability in Drake CMS Captcha Image File Directory Traversal Vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 PHP Remote File Inclusion Vulnerabilities in 2BGal 3.1.1 Local User Authentication Information Disclosure in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager Session Management Vulnerability in Hitachi Cosminexus Component Container Multiple PHP Remote File Inclusion Vulnerabilities in Shop-Script FREE Insecure Permissions in Vixie Cron on Gentoo Linux Allow Denial of Service Insecure SSL Cipher Configuration in Apache Tomcat Authentication Bypass Vulnerability in XScreenSaver 4.10 Directory Traversal Vulnerability in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 Denial of Service Vulnerability in Linux Kernel's nl_fib_lookup Function Apache HTTP Server Information Disclosure Vulnerability Denial of Service in Apache HTTP Server with Caching and Threaded MPM Buffer Overflow Vulnerability in PHP's libxmlrpc Library Kernel Memory Disclosure Vulnerability in ipv6_getsockopt_sticky Function Stack-based Buffer Overflow in dns_decode_reverse_name function in dproxy-nexgen Remote Code Execution Vulnerability in IrfanView 3.99 via Crafted ANI File Arbitrary Code Execution and Denial of Service Vulnerability in IBM Tivoli Provisioning Manager for OS Deployment Denial of Service Vulnerability in lighttpd 1.4.12 and 1.4.13 Denial of Service Vulnerability in lighttpd before 1.4.14 Arbitrary Script Injection in chcounter 3.1.3 Login_name Parameter Cross-site scripting (XSS) vulnerability in toendaCMS 1.5.3 via searchword parameter in search id Mephisto 0.7.3 Cross-Site Scripting (XSS) Vulnerability in Search Script Insecure Permissions Vulnerability in Adobe ColdFusion MX 7 for Linux and Solaris VMware Workstation Local Privilege Escalation via Debugging Vulnerability Denial of Service Vulnerability in VMware Workstation Cross-zone scripting vulnerability in Firebug extension allows remote attackers to execute arbitrary code in the browser chrome Arbitrary File Read Vulnerability in KL.SysInfo ActiveX Control Integer Overflow in Kaspersky Anti-Virus Allows Arbitrary Code Execution Unspecified Privilege Escalation Vulnerability in Kaspersky Anti-Virus Arbitrary SQL Command Execution in HP Mercury Quality Center 9.0 Arbitrary Memory Read Vulnerability in PHP 4.0.0 - 4.4.6 and 5.0.0 - 5.2.1 Arbitrary Code Execution via Integer Signedness Errors in PHP printf Function Family Integer Overflow in str_replace Function in PHP Integer Overflow in str_replace Function in PHP Buffer Overflow Vulnerability in PHP's SQLite Library Buffer Overflow in SQLite's sqlite_decode_binary() Function Arbitrary Code Execution via Integer Signedness Error in PHP 5.2.0 Arbitrary Code Execution via Integer Overflow in PHP's msg_receive Function Stack-based Buffer Overflow in Akamai Download Manager ActiveX Control Akamai Download Manager ActiveX Control Stack-based Buffer Overflow Vulnerability XMLRPC Authentication Bypass in WordPress 2.1.2 and Earlier Arbitrary Web Script Injection via wp_title Function in WordPress Remote File Inclusion Vulnerability in Sky GUNNING MySpeach 3.0.7 and Earlier Arbitrary File Inclusion Vulnerability in Sky GUNNING MySpeach 3.0.7 and Earlier SQL Injection Vulnerability in WordPress XMLRPC (xmlrpc.php) Allows Remote Code Execution Arbitrary Email Sending Vulnerability in Jetbox CMS 2.1 SQL Injection Vulnerabilities in myWebland myBloggie 2.1.6 CRLF Injection Vulnerability in PHP FILTER_VALIDATE_EMAIL Filter Information Disclosure Vulnerability in SonicBB 1.0 Multiple SQL Injection Vulnerabilities in SonicBB 1.0 Arbitrary Script Injection in SonicBB 1.0 search.php Arbitrary File Write Vulnerability in AOL Instant Messenger (AIM) and ICQ Arbitrary Web Script Injection in Pineapple Technologies QuizShock 1.6.1 and Earlier Arbitrary File Inclusion Vulnerability in eCardMAX HotEditor and MyBB HotEditor Plugin Pathos CMS 0.92-2 warn.php Remote File Inclusion Vulnerability PHP121 Instant Messenger 2.2 - Remote Code Execution via File Inclusion Vulnerability SQL Injection Vulnerability in Ryan Haudenschilt Battle.net Clan Script for PHP 1.5.1 and earlier: Remote Code Execution via login.php Buffer Overflow Vulnerability in Microsoft Word 2007 (wwlib.dll) Denial of Service Vulnerabilities in Microsoft Word 2007 Heap-based Buffer Overflow in Microsoft Windows via Crafted .HLP File User and Group Existence Disclosure in SAP RFC Library Unspecified Remote Information Disclosure Vulnerability in SAP RFC Library Buffer Overflow in SAP RFC Library 6.40 and 7.00: Remote Code Execution Vulnerability Buffer Overflow in SAP RFC Library Allows Remote Code Execution Buffer Overflow in SAP RFC Library Allows Remote Code Execution Denial of Service Vulnerability in SAP RFC Library 6.40 and 7.00 Arizona Dream Livre d'or (livor) 2.5 index.php Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in SmodBIP 1.06 and Earlier: Remote Code Execution via index.php Arbitrary Code Execution via Crafted .MAT File in LIBSNDFILE.DLL Memory Corruption Vulnerability in IN_MOD.DLL in Winamp 5.33 Access Control Bypass in LedgerSMB and DWS Systems SQL-Ledger PHP Remote File Inclusion Vulnerabilities in phpContact Account Deletion Vulnerability in Tru-Zone Nuke ET 3.4 Cross-site scripting (XSS) vulnerability in JBMC Software DirectAdmin before 1.293 allows injection of arbitrary web script or HTML via log files. Arbitrary Web Script Injection Vulnerability in CmailServer WebMail 5.3.4 and Earlier Arbitrary File Inclusion Vulnerability in witshare 0.9 Directory Traversal Vulnerability in Beryo 2.0 and 2.4: Arbitrary File Read via downloadpic.php Arbitrary File Read Vulnerability in cattaDoc 2.21 and 3.0 SQL Injection Vulnerability in SmodCMS 2.10 and Earlier: Remote Code Execution via ssid Parameter in index.php Directory Traversal Vulnerability in ScarNews 1.2.1 Allows Remote File Inclusion Arbitrary File Inclusion Vulnerabilities in PcP-Guestbook (PcP-Book) 3.0 Arbitrary File Inclusion Vulnerability in eBoard 1.0.7 Module for PHP-Nuke Remote Code Execution via PHP File Inclusion in ScarAdControl 1.1 Remote File Inclusion Vulnerability in ScarAdControl 1.1 Allows Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Scorp Book 1.0's smilies.php Allows Arbitrary PHP Code Execution Unspecified Remote Code Execution Vulnerability in Ichitaro 2005-2007 Arbitrary Web Script Injection in Daniel Naber LanguageTool Embedded Webserver Plaintext Password Logging Vulnerability in IBM Tivoli Business Service Manager (TBSM) 4.1 Cross-site scripting (XSS) vulnerability in IBM Lotus Notes before 6.5.6 and 7.x before 7.0.2 FP1 in Domino Web Access (DWA) Active Content Filter feature Integer Overflow Vulnerability in FastStone Image Viewer 2.9 ACDSee Photo Manager 9.0 Integer Overflow Vulnerability Double Release Vulnerability in IBM WebSphere Application Server JMS Unspecified Vulnerability in IBM WebSphere Application Server (WAS) with Unknown Impact and Attack Vectors Integer Overflow in Windows Explorer: Remote Code Execution via Crafted BMP Image Cross-zone scripting vulnerability in Firebug extension's DOM templates (domplates) allows remote attackers to execute arbitrary code in the browser chrome. Buffer Overflow Vulnerability in IrfanView 3.99: Denial of Service and Arbitrary Code Execution Session Fixation Vulnerability in WebBlizzard CMS: Remote Session Hijacking via PHPSESSID Cookie WebBlizzard CMS index_cms.php XSS Vulnerability Session Fixation Vulnerability in onelook obo Shop: Remote Session Hijacking Session Fixation Vulnerability in Onelook Onebyone CMS: Remote Session Hijacking Session Fixation Vulnerability in Onelook Courts Online: Hijacking Web Sessions via PHPSESSID Cookie Directory Traversal Vulnerabilities in ArchiveXpert 2.02 Build 80 Multiple Stack-Based Buffer Overflows in SignKorea SKCrypAX ActiveX Control Module 5.4.1.2 SQL Injection Vulnerability in UBB.threads 6.1.1 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Guernion Sylvain Portail Web Php (aka Gsylvain35 Portail Web, PwP) Buffer Overflow Vulnerability in TinyMUX 2.4: Denial of Service via Regexp $-Command Unspecified Buffer Overflow Vulnerability in TinyMUX 2.4 Arbitrary SQL Command Execution in Rha7 Downloads Module for XOOPS Remote File Inclusion Vulnerability in Mutant 0.9.2 Portal for phpBB 2.2 SQL Injection Vulnerability in WF-Snippets 1.02 and Earlier Module for XOOPS SQL Injection Vulnerability in MyBB (MyBulletinBoard) 1.2.3 and Earlier: Remote Code Execution via Client-IP Header MyBB Member.php Debug Mode Password Change Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in eXV2 CMS 2.0.4.3 and Earlier Session Fixation Vulnerability in eXV2 CMS 2.0.4.3 and Earlier: Remote Session Hijacking PHP Remote File Inclusion Vulnerability in stat12's index.php Allows Arbitrary Code Execution Remote File Inclusion Vulnerability in Sam Crew MyBlog Games.php Arbitrary Web Script Injection Vulnerability in Sam Crew MyBlog's admin/modify.php Unauthenticated Content Injection Vulnerability in Mozilla Firefox SQL Injection Vulnerability in fotokategori.asp in Gazi Okul Sitesi 2007 Unauthenticated Remote Code Execution in BMC Performance Manager Race condition vulnerability in Windows NT 4.0 VDM allows local privilege escalation via \Device\PhysicalMemory handle SQL Injection Vulnerability in WF-Section 1.0.1 Allows Remote Code Execution Multiple PHP Remote File Inclusion Vulnerabilities in SLAED CMS 2 PHP Remote File Inclusion Vulnerability in Virii Info 1.10 and Earlier Module for Xoops Arbitrary Web Script Injection Vulnerability in holaCMS 1.4.10 SQL Injection Vulnerability in Arcade 1.00 Module for PHP-Fusion SQL Injection Vulnerability in PopnupBlog Module for Xoops SQL Injection Vulnerability in Topliste 1.0 Module for PHP-Fusion: Remote Code Execution via cid Parameter in index.php Denial of Service Vulnerability in Metamod-P 1.19p29 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Really Simple PHP and Ajax (RSPA) 2007-03-23 and Earlier Cyboards PHP Lite 1.21 - Remote File Inclusion Vulnerability in include/default_header.php Remote File Inclusion Vulnerability in lite-cms 0.2.1: Arbitrary PHP Code Execution PHP Remote File Inclusion Vulnerabilities in phpexplorator.php in phpexplorator 2.0 Multiple PHP Remote File Inclusion Vulnerabilities in barnraiser AROUNDMe 0.7.7 PHP Remote File Inclusion Vulnerabilities in PHPEcho CMS 2.0 PHPEcho CMS 2.0 Cross-Site Scripting (XSS) Vulnerability in kernel/filters.inc.php Cross-Site Scripting (XSS) Vulnerabilities in DotClear before 1.2.6 PHP Remote File Inclusion Vulnerability in Sam Crew MyBlog Games.php Arbitrary Web Script Injection in CmailServer WebMail 5.4.3 PHP Remote File Inclusion Vulnerabilities in com_zoom Module for Mambo Remote Code Execution Vulnerability in HP-UX PFS Mountd RPC Daemon Unspecified Denial of Service Vulnerability in HP-UX ARPA Transport Functionality Denial of Service in Quagga BGP Attribute Length Validation CodeBreak PHP Remote File Inclusion Vulnerability Stack-based buffer overflow in Clam AntiVirus before 0.90.2 via crafted CHM file HIOX Guest Book (HGB) 4.0 - Direct Static Code Injection Vulnerability Remote Code Execution in Weatimages 1.7.1 and Earlier via PHP Remote File Inclusion Vulnerability SQL Injection Vulnerabilities in Crea-Book 1.0: Remote Code Execution via admin/admin.php StarWind iSCSI Target Denial of Service Vulnerability Multiple Direct Static Code Injection Vulnerabilities in Crea-Book 1.0 and Earlier Arbitrary PHP Code Execution via Admin Cookie in InoutMailingListManager Arbitrary PHP Code Execution Vulnerability in InoutMailingListManager SQL Injection Vulnerabilities in InoutMailingListManager 3.1 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Taskhopper 1.1 Component for Mambo and Joomla! Multiple SQL Injection Vulnerabilities in pL-PHP Beta 0.9 Login.php Authentication Bypass in pL-PHP beta 0.9 via is_admin Parameter Arbitrary File Inclusion Vulnerability in pL-PHP beta 0.9 Remote File Inclusion Vulnerability in SimpCMS Light 04.10.2007 and Earlier Double Free Vulnerability in bftpd before 1.8 Allows Remote Authenticated Users to Cause Denial of Service Arbitrary Web Script Injection Vulnerability in DeskPro 2.0.1 Login Page Arbitrary File Creation Vulnerabilities in MimarSinan CompreXX 4.1 Arbitrary Web Script Injection Vulnerability in JEx-Treme Einfacher Passworschutz MyNews 4.2.2 PHP Remote File Inclusion Vulnerability in week_events.php Remote File Inclusion Vulnerability in Request It 1.0b: Arbitrary PHP Code Execution Arbitrary Web Script Injection Vulnerability in phpMyAdmin 2.6.1 Unauthenticated User Information Disclosure and Modification in AlstraSoft Video Share Enterprise SQL Injection Vulnerability in AlstraSoft Video Share Enterprise's msg.php Remote File Inclusion Vulnerability in phpGalleryScript 1.0 via init.gallery.php Arbitrary Code Execution Vulnerability in xodagallery's administration.php Multiple PHP Remote File Inclusion Vulnerabilities in Pineapple Technologies Lore 1 Information Leakage in Adobe Macromedia Flash Player 7 and 9 Authentication Bypass Vulnerability in Secustick USB Flash Drive Unrestricted File Upload Vulnerability in PhpWiki 1.3.x UpLoad Feature Unrestricted File Upload Vulnerability in PhpWiki 1.3.11p1 UpLoad Feature Denial of Service Vulnerability in GNU Regular Expression Code Untrusted Search Path Vulnerability in Elinks 0.11.1 Allows Format String Attacks Memory Leak Vulnerability in freeRADIUS 1.1.5 and Earlier: Denial of Service via EAP-TTLS Tunnel Connections PDF File Descriptor Leak Vulnerability in ClamAV Insecure Temporary File Creation in LHA's lharc.c Buffer Overflow Vulnerability in 3proxy HTTP Proxy Service Hard-coded FTP Credentials in Cisco Wireless Control System (WCS) Unspecified vulnerability in Cisco Wireless Control System (WCS) before 4.0.81.0 allows remote authenticated users to read any configuration page by changing group membership Privilege Escalation Vulnerability in Cisco Wireless Control System (WCS) Insufficient Access Control in Cisco Wireless Control System (WCS) Allows Unauthorized Access to Sensitive Information Default SNMP Community Strings in Cisco Wireless LAN Controller (WLC) Allow Remote Access and Modification of Variables Denial of Service Vulnerability in Cisco Wireless LAN Controller Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) Hard-coded password vulnerability in Cisco Aironet 1000 and 1500 Series Lightweight Access Points Invalid Checksum Vulnerability in Cisco Wireless LAN Controller (WLC) PHP Remote File Inclusion Vulnerabilities in Avant-Garde Solutions MOSMedia Lite 1.0.6 and Earlier PHP Remote File Inclusion Vulnerabilities in Avant-Garde Solutions MOSMedia Module for Mambo and Joomla! Remote File Inclusion Vulnerability in Antonis Ventouris Weather Module for Mambo and Joomla! Unspecified Denial of Service Vulnerability in Sun Solaris IP Implementation CRLF Injection Vulnerabilities in Openads (phpAdsNew) and Openads for PostgreSQL (phpPgAds) CRLF Injection Vulnerability in Openads 2.3 Arbitrary File Read Vulnerability in webMethods Glue Management Console Arbitrary PHP Code Execution via Remote File Inclusion in Mambo Calendar Module (com_calendar) 1.5.5 Directory Traversal Vulnerabilities in RicarGBooK 1.2.1: Arbitrary File Inclusion Buffer Overflow Vulnerability in parsecmd function of bftpd 1.8 with Unknown Impact and Attack Vectors Involving confstr Variable Buffer Over-read Vulnerability in PyLocale_strxfrm Function Multiple stack-based buffer overflows in AFFLIB before 2.2.6 Multiple Format String Vulnerabilities in AFFLIB before 2.2.6 Arbitrary Command Execution in AFFLIB 2.2.8 and Earlier Remote Code Execution Vulnerability in aircrack-ng airodump-ng 0.7 Acubix PicoZip 4.02 Directory Traversal Vulnerability Buffer Overflow Vulnerabilities in eIQnetworks Enterprise Security Analyzer (ESA) 2.5 Cross-zone scripting vulnerability in Wizz RSS Reader before 2.1.9 extension to Mozilla Firefox AfterLogic MailBee WebMail Pro 3.4 - Cross-Site Scripting (XSS) Vulnerability in check_login.asp Stack-based Buffer Overflow in VCDGear 3.55 and 3.56 BETA via Long FILE Argument in CUE File Insecure Permissions in SSH Tectia Server for IBM z/OS PHP Remote File Inclusion Vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0 and 1.1.1 PHP Remote File Inclusion Vulnerability in ActionPoll 1.1.1 Information Disclosure Vulnerability in UseBB before 1.0.6 Multiple PHP Remote File Inclusion Vulnerabilities in Marco Antonio Islas Cruz Web Slider (WebSlider) 0.6 PHP Remote File Inclusion Vulnerabilities in StoreFront Mods for Gallery Arbitrary File Inclusion Vulnerability in openMairie 1.11 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Turnkey Web Tools SunShop Shopping Cart before 3.5.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Open-gorotto 2.0a Remote File Inclusion Vulnerability in Ivan Gallery Script 0.1 Remote File Inclusion Vulnerability in Ivan Gallery Script 0.3 Privilege Escalation via SUID Permissions in ScramDisk 4 Linux Containers Privilege Escalation via Mount Point Vulnerability in ScramDisk 4 Linux Maian Gallery 1.0 PHP Remote File Inclusion Vulnerability Maian Search 1.1 PHP Remote File Inclusion Vulnerability Maian Weblog 3.1 Remote File Inclusion Vulnerability Buffer Overflow Vulnerability in ADONewConnection Connect Function in XAMPP 1.6.0a and Earlier SQL Injection Vulnerabilities in XAMPP 1.6.0a for Windows Authentication Bypass Vulnerability in MyBlog 0.9.8 and Earlier Direct static code injection vulnerability in admin/settings.php in MyBlog 0.9.8 and earlier Arbitrary Code Execution and Denial of Service Vulnerability in Check Point ZoneAlarm Pro MobilePublisherphp 1.1.2 Remote File Inclusion Vulnerability Cross-Site Scripting (XSS) Vulnerability in oe2edit.cgi PHP Remote File Inclusion Vulnerabilities in CNStats 2.9 Multiple PHP Remote File Inclusion Vulnerabilities in CNStats 2.12 PHP Remote File Inclusion Vulnerabilities in Sitebar 3.3.5 and Earlier PHP Remote File Inclusion Vulnerabilities in Jx Development Article Component for Mambo and Joomla! Arbitrary Script Injection Vulnerability in TuMusika Evolution 1.6 Remote File Inclusion Vulnerability in tsdisplay4xoops_block2.php in tsdisplay4xoops 0.1 Direct static code injection vulnerability in Limesoft Guestbook (LS Simple Guestbook) in index.php Arbitrary PHP Code Injection in Limesoft Guestbook (LS Simple Guestbook) 1.0 Anthologia 0.5.2 - Remote File Inclusion Vulnerability in index.php MySpeach 1.9 chat.php Remote File Inclusion Vulnerability PHP Remote File Inclusion Vulnerability in Hinton Design PHPHD Download System (phphd_downloads) Multiple PHP Remote File Inclusion Vulnerabilities in OpenConcept Back-End CMS 0.4.7 Cross-Site Scripting (XSS) Vulnerabilities in Wabbit PHP Gallery 0.9's showpic.php Arbitrary Web Script Injection Vulnerability in OpenConcept Back-End CMS 0.4.7 Insecure Storage of Sensitive Information in FAC Guestbook 2.0 Insecure Storage of Sensitive Information in FAC Guestbook 3.01 Arbitrary Web Script Injection Vulnerability in Weblog.php PHP Remote File Inclusion Vulnerabilities in My Little Forum 1.7 Arbitrary Local File Inclusion Vulnerabilities in iXon CMS 0.30 Arbitrary File Inclusion Vulnerability in Monkey CMS 0.0.3 K-CMS 1.0 Directory Traversal Vulnerability SQL Injection Vulnerability in Rha7 Downloads (rha7downloads) 1.0 Module for XOOPS Unspecified privilege escalation vulnerability in Oracle Database on Windows (DB01) Unspecified Vulnerabilities in Oracle Database 10.2.0.3 with Remote Authenticated Attack Vectors Unspecified vulnerability in Oracle Database RDBMS component on Windows systems (DB03) SQL Injection Vulnerability in SYS.DBMS_AQADM_SYS Package in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 (DB04) Unspecified Authentication Bypass Vulnerability in Oracle Database 10.1.0.5 and 10.2.0.3 (DB05) SQL Injection Vulnerability in Oracle Database 10.1.0.5 Upgrade/Downgrade Component (DBMS_UPGRADE_INTERNAL) Unspecified Remote Code Execution Vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 Unspecified SQL Injection Vulnerabilities in Oracle Database CDC Component Unspecified Buffer Overflow Vulnerability in Oracle Database Advanced Replication Component Unspecified Buffer Overflow Vulnerability in Oracle Text Component (DB12) Unspecified Buffer Overflow Vulnerability in Oracle Database Upgrade/Downgrade Component (DB13) Oracle Enterprise (Ultra) Search Administration Front End XSS Vulnerability Oracle Discoverer Servlet Remote Shutdown Vulnerability Unspecified Vulnerability in Oracle Application Server 7.0.4.4 (AS02) AS03: Unspecified Wireless Component Vulnerability in Oracle Application Server 9.0.4.3 AS04 Unspecified Vulnerability in Oracle Application Server Portal Component AS05: Unspecified Remote Vulnerability in Oracle Application Server Portal Component OCS01: Unspecified Vulnerability in Oracle Collaboration Suite 10.1.2 with Unknown Impact and Attack Vectors Unspecified Remote Vulnerability in Oracle E-Business Suite 11.5.10CU2 with Unknown Impact Unspecified Remote Vulnerabilities in Oracle E-Business Suite 12.0.0 APPS08: Unspecified Remote Authenticated Vulnerability in Oracle E-Business Suite Sales Online Component EM01: Unspecified Remote Vulnerability in Oracle Enterprise Manager 9.2.0.8 OWF01: Unspecified Remote Authenticated Vulnerability in Workflow Cartridge Unspecified Vulnerability in Oracle PeopleSoft Enterprise PeopleTools (PSE01) Unspecified Vulnerability in Oracle PeopleSoft Enterprise 8.47.12 and 8.48.08 (PSE02) Unspecified Vulnerability in Oracle PeopleSoft Enterprise Human Capital Management (PSEHCM01) Unspecified HTML Server Vulnerability in Oracle JD Edwards EnterpriseOne SP23_Q1 and 8.96.I1 Arbitrary Document Download Vulnerability in Oracle E-Business Suite ADI_BINARY Component Remote Code Execution Vulnerability in BMC Patrol PerformAgent Heap-based Buffer Overflow in IBM Tivoli Monitoring Express 6.1.0 Untrusted Search Path Vulnerability in PostgreSQL Multiple Stack-Based Buffer Overflows in CA BrightStor ARCserve Media Server Remote File Inclusion Vulnerability in Franklin Huang Flip 2.0 Direct static code injection vulnerability in shoutbox.php in ShoutPro 1.5.2 Multiple PHP Remote File Inclusion Vulnerabilities in AjPortal2Php Remote File Inclusion Vulnerability in Be2004-2 Joomla! Template's index.php Allows Arbitrary Code Execution Remote File Inclusion Vulnerability in JoomlaPack (com_jpack) 1.0.4a2 RE Component for Joomla! Arbitrary PHP Code Injection in MiniGal b13's imagecomments Function Arbitrary PHP Code Injection in MiniGal b13's imagecomments Function Unauthenticated Remote File Read/Write Vulnerability in Chatness 2.5.3 and Earlier Direct Static Code Injection Vulnerability in Chatness 2.5.3 and Earlier: Remote Code Execution via admin/save.php Insecure Storage of Credentials in Stephen Craton (aka WiredPHP) Chatness 2.5.3 and Earlier FTP Bounce Vulnerability in BlueArc Titan 2x00 Devices with Firmware 4.2.944b Denial of Service Vulnerability in McAfee e-Business Server Buffer Overflow Vulnerability in McAfee VirusScan Enterprise On-Access Scanner Arbitrary Web Script Injection Vulnerability in @Mail 5.0 Arbitrary PHP Code Execution via Remote File Inclusion in Cabron Connector 1.1.0 Arbitrary File Read Vulnerability in phpFaber TopSites 3 PHP Remote File Inclusion Vulnerabilities in Rezervi Generic 0.9 Arbitrary File Read Vulnerability in Zomplog 3.8 Remote File Inclusion Vulnerability in jGallery 1.3 index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Drupal Database Administration Module Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Drupal Database Administration Module Denial of Service Vulnerability in Microsoft Internet Explorer 7 Regular Expression Denial of Service (ReDoS) Vulnerability in Mozilla Firefox and GNU IceWeasel Denial of Service Vulnerability in Apple Safari via Long String Regular Expression Matching Denial of Service Vulnerability in Konqueror 3.5.5 Release 45.4 Authentication Bypass Vulnerability in ProFTPD Arbitrary PHP Code Execution via Remote File Inclusion in OpenSurveyPilot (osp) 1.2.1 and Earlier Static Code Injection Vulnerability in AimStats 3.2 process.php Allows Remote Code Injection via number Parameter Static Code Injection Vulnerability in AimStats 3.2 and Earlier: Remote PHP Code Injection via databasehost Parameter Static Code Injection Vulnerability in Mozzers SubSystem 1.0: Remote PHP Code Injection via add.php Remote Code Execution in APPLSYS.FND_DM_NODES Package in Oracle E-Business Suite Remote Code Execution Vulnerability in Novell GroupWise WebAccess Out of Bounds Access Vulnerability in Linux Kernel 2.6 and 2.4 Eval Injection Vulnerability in Courier-IMAPd and Courier-POP3d on Gentoo Linux Arbitrary Code Execution Vulnerability in ZoneAlarm Spyware Removal Engine Arbitrary Code Execution Vulnerability in Apple QuickTime Java Extensions Unspecified Remote Code Execution Vulnerability in Mozilla Firefox Arbitrary Code Execution Vulnerability in Microgaming Download Helper ActiveX Control Unspecified Remote Denial of Service Vulnerabilities in Objective Development Sharity Unspecified Denial of Service Vulnerabilities in RaidenFTPD 2.4 Buffer Overflow Vulnerability in Nullsoft Winamp 5.3 via Crafted WMV File Webinsta FM Manager 0.1.4 and Earlier - PHP Remote File Inclusion Vulnerability in admin/login.php Unrestricted File Upload Vulnerability in Maran PHP Forum SQL Injection Vulnerability in PHP-Ring Webring System 0.9: Remote Code Execution via ring Parameter Directory Traversal Vulnerability in Jchit Counter 1.0.0 Multiple PHP Remote File Inclusion Vulnerabilities in Supasite 1.23b Denial of Service Vulnerability in Foxit Reader 2.0 Stack-based Buffer Overflow in eXtremail 2.1.1 and Earlier via Long DNS Response Unverified ID Field in eXtremail 2.1.1 and Earlier Allows DNS Spoofing Remote File Inclusion Vulnerability in MX Smartor Full Album Pack (FAP) 2.0 RC1 Module for mxBB Eba News 1.1 - Remote File Inclusion Vulnerability in webpages.php Cross-Site Scripting (XSS) Vulnerabilities in freePBX 2.2.x Buffer Overflow Vulnerability in Photofiltre Studio 8.1.1 via Crafted .tif File Stack-based Buffer Overflow in ACDSee Plugin Allows Arbitrary Code Execution XnView 1.90.3 Stack-Based Buffer Overflow Vulnerability Denial of Service Vulnerability in aMSN 0.96 and Earlier Remote File Inclusion Vulnerability in Jambook.php in Jambook 1.0 Beta7 Module for Mambo and Joomla! Race condition vulnerability in NeatUpload ASP.NET component allows remote attackers to obtain other clients' HTTP responses Arbitrary Web Script Injection Vulnerability in LAN Management System (LMS) before 1.6.9 PHP Remote File Inclusion Vulnerability in PclTar Module 1.3 and 1.3.1 Directory Traversal Vulnerability in Pagode 0.5.8 PHP Remote File Inclusion Vulnerabilities in Post Revolution 6.6 and 7.0 RC2 Remote File Inclusion Vulnerability in ACVSWS_PHP5 1.0 Big Blue Guestbook XSS Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in GPL PHP Board (GPB) Unstable-2001.11.14-1 Remote File Inclusion Vulnerability in LAN Management System (LMS) 1.5.3 and 1.5.4 Arbitrary Web Script Injection Vulnerability in Ripe Website Manager 0.8.4 and Earlier SQL Injection Vulnerability in Ripe Website Manager 0.8.4 and Earlier: Remote Code Execution via ripeformpost Parameter Extreme PHPBB2 3.0 Pre Final - Multiple PHP Remote File Inclusion Vulnerabilities Buffer Overflow in igcore15d.dll for AccuSoft ImageGear Buffer Overflow Vulnerability in Netsprint Ask IE Toolbar 1.1 SQL Injection Vulnerability in MyBB Calendar.php SQL Injection Vulnerabilities in MyBB Calendar.php Denial of Service Vulnerability in NetscapeFTPHandler in WS_FTP Home and Professional 2007 Unrestricted File Upload Vulnerability in DmCMS Incorrect IObjectsafety Implementation in tblinf32.dll ActiveX Control: Remote Code Execution Vulnerability Arbitrary Code Execution Vulnerability in Kodak Image Viewer Remote Code Execution Vulnerability in Windows Schannel Security Package Unspecified Remote Code Execution Vulnerability in Win32 API on Microsoft Windows 2000, XP SP2, and Server 2003 SP1 and SP2 Arbitrary File Rewrite Vulnerability in Microsoft Windows Media Server Buffer Overflow Vulnerabilities in ActiveListen and ActiveVoice Controls in Microsoft Internet Explorer Integer Overflow and Buffer Overflow in Microsoft XML Core Services (MSXML) 3.0 through 6.0 via substringData Method Integer Overflow and Buffer Overflow in OLE Automation URL Parsing Cross Domain Information Disclosure Vulnerability in Microsoft Outlook Express 6 and Windows Mail Content Disposition Parsing Cross Domain Information Disclosure Vulnerability Denial of Service and System Restart Vulnerability in rpcrt4.dll Windows Vista Permissive User Information Store ACLs Information Disclosure Vulnerability SQL Injection Vulnerability in CA Clever Path Portal Directory Traversal Vulnerability in Dovecot Allows Remote Reading of Arbitrary Gzipped Mailboxes Bypassing Authentication Requirements in Cosign 2.0.1 and Earlier via CR Sequences in Cosign Cookie Parameter Arbitrary User Injection Vulnerability in Cosign 2.0.2 and Earlier SQL Injection Vulnerability in PunBB 1.2.14 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in PunBB 1.2.14 and Earlier Local File Inclusion (LFI) Vulnerability in footer.php of PunBB 1.2.14 and Earlier Denial of Service Vulnerability in Microsoft Windows Graphics Device Interface (GDI+) Stack-based buffer overflows in Whale Client Components ActiveX control allow remote code execution Stack-based Buffer Overflow in AXIS Camera Control ActiveX Control Digital Signature Spoofing Vulnerability in IBM Lenovo Access Support acpRunner ActiveX Control Denial of Service Vulnerability in ISC BIND 9.4.0 and 9.5.0a1-9.5.0a3 IPv6 Type 0 Route Header Vulnerability: Network Amplification Denial of Service OpenSSH User Account Existence Disclosure Vulnerability Buffer Overflow Vulnerabilities in Adobe Creative Suite Applications Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin before 2.10.1.0 Unspecified Denial of Service Vulnerability in HP-UX Sendmail SQL Injection Vulnerability in phpMySpace Gold 8.10 - Remote Code Execution via item_id Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Phorum Admin Panel Privilege Escalation Vulnerability in Phorum before 5.1.22 Path Disclosure Vulnerability in Phorum before 5.1.22 Privilege Escalation Vulnerability in Xaraya Roles Module Exponent CMS 0.96.6 Alpha and Earlier Directory Traversal Vulnerability in iconspopup.php Information Disclosure Vulnerability in Exponent CMS 0.96.6 Alpha and Earlier PHP Classifieds 6.04 Remote File Inclusion Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in Download-Engine 1.4.3 Arbitrary Script Injection in TJSChat 0.95 via XSS Vulnerability in you.php Remote File Inclusion Vulnerability in Fully Modded phpBB2 subscp.php PHPMyBibli Remote File Inclusion Vulnerability SQL Injection Vulnerability in EsForum 3.0 via idsalon Parameter in forum.php Multiple PHP Remote File Inclusion Vulnerabilities in bibtex mase beta 2.0 PHP Remote File Inclusion Vulnerability in C-Arbre 0.6PR7 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Sinato jmuffin's html/php/detail.php Heap-based Buffer Overflow in RealPlayer SWF File Parsing Heap-based Buffer Overflow in RealPlayer and RealOne Player Cross-site scripting (XSS) vulnerability in YA Book 0.98-alpha in index.php Arbitrary File Manipulation Vulnerability in Progress Webspeed Messenger Denial of Service Vulnerability in Sun Cluster and Solaris Cluster Directory Traversal Vulnerabilities in SWsoft Plesk for Windows 7.6.1, 8.1.0, and 8.1.1 Directory Traversal Vulnerability in SWsoft Plesk for Windows 8.1 and 8.1.1 Remote Denial of Service Vulnerability in Linksys SPA941 VoIP Phone Directory Traversal Vulnerability in Rajneel Lal TotaRam USP FOSS Distribution 1.01 Remote File Inclusion Vulnerability in AWBS 2.4.0: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Alessandro Lulli wavewoo 0.1.1 Denial of Service Vulnerability in Opera 9.2 BitTorrent Implementation Unspecified User Account Access Vulnerability in HP StorageWorks Command View Advanced Edition Denial of Service Vulnerability in 3Com TippingPoint IPS Session Fixation Vulnerability in Plogger: Remote Session Hijacking Multiple PHP Remote File Inclusion Vulnerabilities in DCP-Portal 6.1.1 Authentication Bypass and Arbitrary Code Execution in Symantec Storage Foundation for Windows 5.0 Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Arbitrary Code Execution via Integer Overflow in HP OpenView Storage Data Protector Default Password Vulnerability in Cisco Network Services (CNS) NetFlow Collection Engine (NFC) Buffer Overflow Vulnerability in Fresh View 7.15 via Crafted .PSP File ABC-View Manager 1.42 Buffer Overflow Vulnerability Directory Traversal Vulnerability in Jack Slocum Ext 1.0 alpha1 (Ext JS) Remote File Inclusion Vulnerability in Built2Go PHP Link Portal 1.79 via config.php Remote File Inclusion Vulnerability in accept.php in Comus 2.0 Final Remote File Inclusion Vulnerability in Doruk100.net Allows Arbitrary PHP Code Execution PHP Remote File Inclusion Vulnerability in Download Engine 1.4.1 Multiple PHP Remote File Inclusion Vulnerabilities in B2 Weblog and News Publishing Tool 0.6.1 CRLF Injection Vulnerability in Microsoft Internet Explorer 7.0.5730.11 Digest Authentication CRLF Injection Vulnerability in Mozilla Firefox and SeaMonkey Digest Authentication Stack-based buffer overflows in SIP channel T.38 SDP parser in Asterisk before 1.4.3 Denial of Service Vulnerability in Asterisk Manager Interface Heap-based Buffer Overflow in Apple Quicktime 7.1.5 and Earlier Versions Arbitrary Code Execution via Integer Overflow in Apple Quicktime 7.1.5 SIP Channel Driver Denial of Service Vulnerability PHP Remote File Inclusion Vulnerabilities in Garennes 0.6.1 and Earlier Multiple SQL Injection Vulnerabilities in Frogss CMS 0.7 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpwebnews 0.2 and Earlier PHP Remote File Inclusion Vulnerabilities in audioCMS arash 0.1.4 Expow 0.8 autoindex.php Remote File Inclusion Vulnerability Arbitrary File Inclusion Vulnerability in News Manager Deluxe (NMDeluxe) 1.0.1 Directory Traversal Vulnerabilities in Quick and Dirty Blog (QDBlog) 0.4 SQL Injection Vulnerabilities in Quick and Dirty Blog (QDBlog) 0.4 and Earlier Versions Cross-Site Scripting (XSS) Vulnerabilities in Virtual War (VWar) 1.5.0 R15 and Earlier Module for PHP-Nuke WebKalk2 1.9.0 - PHP Remote File Inclusion Vulnerability in engine/engine.inc.php FloweRS 2.0 cas.php Cross-Site Scripting (XSS) Vulnerability Cross-site scripting (XSS) vulnerability in cas.php in FloweRS 2.0 via den parameter Arbitrary Web Script Injection in BloofoxCMS 0.2.2 via img_popup.php BlooFoxCMS 0.2.2 Remote File Inclusion Vulnerability in install/index.php Multiple SQL Injection Vulnerabilities in Virtual War (VWar) 1.5.0 R15 Module for PHP-Nuke Remote File Inclusion Vulnerability in Shotcast 1.0 RC2 Module for mxBB Multiple SQL Injection Vulnerabilities in Crea-Book 1.0 Denial of Service Vulnerability in MiniShare 1.5.4 Unspecified Remote Code Execution Vulnerability in Open Business Management (OBM) Admin Script Multiple PHP Remote File Inclusion Vulnerabilities in MiniBB Forum 1.5a and Earlier Format string vulnerabilities in FileZilla before 2.2.32 allow remote code execution Remote File Inclusion Vulnerability in AutoStand Joomla! Module SQL Injection Vulnerability in kontakt.php in Papoo 3.02 and Earlier Unspecified Search Functionality Vulnerability in SilverStripe 2.0.0 Denial of Service Vulnerability in Nero MediaHome 2.5.5.0 and CE 1.3.0.4 Buffer Overflow Vulnerabilities in WinDVDX ActiveX Control Arbitrary File Read Vulnerability in JulmaCMS 1.4 MyNewsGroups PHP Remote File Inclusion Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in HYIP Manager Pro HTMLeditbox 2.2 - PHP Remote File Inclusion Vulnerability in _editor.php Remote File Inclusion Vulnerability in phpMYTGP 1.4b addvip.php Remote File Inclusion Vulnerability in Searchactivity's searchbot.php Allows Arbitrary PHP Code Execution DynaTracker 151 includes_handler.php Remote File Inclusion Vulnerability Remote Code Execution in Shop-Script 2.0 via PHP Remote File Inclusion in cart.php Fixed DES Key Vulnerability in Nortel VPN Router (Contivity) 1000, 2000, 4000, and 5000 Default Accounts in Nortel VPN Router LDAP Template Vulnerability Unauthenticated Remote Access and Configuration Modification in Nortel VPN Router Arbitrary Script Injection in Lunascape RSS Feed Reader Unspecified Denial of Service Vulnerability in InterVations NaviCOPA Web Server 2.01 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Exponent CMS 0.96.6 Alpha and Earlier CSRF Vulnerability in Phorum's banlist.php Allows Unauthorized Deletions Multiple SQL Injection Vulnerabilities in Phorum 5.1.22 and Earlier Versions PHP Remote File Inclusion Vulnerabilities in phporacleview's inc/include_all.inc.php Remote File Inclusion Vulnerability in phpBandManager 0.8 Allows Arbitrary PHP Code Execution CreaScripts CreaDirectory 1.2 Error.asp SQL Injection Vulnerability Stack-based Buffer Overflow in Enterasys NetSight Console and Inventory Manager Denial of Service Vulnerability in Enterasys NetSight Console and Inventory Manager CodeWand phpBrowse Remote File Inclusion Vulnerability PHP Remote File Inclusion Vulnerabilities in PHP-Generics 1.0 Beta Remote File Inclusion Vulnerability in OneClick CMS (aka Sisplet CMS) 05.10 and Earlier Remote Code Execution via Unquoted Shell Metacharacters in lftp Mirror Script Arbitrary Web Script Injection via Image and PDF Upload in Invision Power Board (IP.Board) 2.1.x and 2.2.x Arbitrary Command Execution in FreePBX Music-on-Hold Module Unspecified Code Execution Vulnerability in HP Power Manager Remote Agent Multiple Format String Vulnerabilities in AFFLIB 2.2.6 Information Disclosure Vulnerability in Apache Axis 1.0 Information Disclosure in Progress Webspeed Messenger Arbitrary Command Execution Vulnerability in OPeNDAP 3's get_url Function Stack-based Buffer Overflow in SUNRAS Plugin in Gimp 2.2.14 Arbitrary Web Script Injection Vulnerability in SineCms 2.3.4 Multiple PHP Remote File Inclusion Vulnerabilities in b2evolution Buffer Overflow Vulnerability in Ghost Service Manager Insecure Credential Encryption in Symantec Backup Solutions Weak Permissions on Configuration File in Symantec Backup Software Allows Credential Theft Multiple Buffer Overflows in MyDNS 1.1.0: Remote Code Execution and Denial of Service Vulnerabilities Remote Code Execution Vulnerability in IrfanView 4.00 and Earlier via Crafted .IFF File Multiple PHP Remote File Inclusion Vulnerabilities in burnCMS 0.2 and Earlier User-Assisted Remote Code Execution Vulnerability in Adobe Creative Suite Software User-assisted remote code execution vulnerability in Corel Paint Shop Pro 11.20 via crafted .PNG file Buffer Overflow Vulnerability in Wserve HTTP Server (whttp) 4.6 Arbitrary File Read Vulnerability in WebSPELL 4.01.02 and Earlier Directory Traversal Vulnerability in WebSPELL 4.01.02: Arbitrary File Read via picture.php SQL Injection Vulnerability in John Mordo Jobs 2.4 and Earlier Module for XOOPS Remote Code Injection and Denial of Service Vulnerability in phpMyNewsletter 0.8 beta5 and Earlier Unauthenticated Remote Email Composition and Sending in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and Earlier Arbitrary SQL Command Execution Vulnerability in WF-Links Module for XOOPS Unspecified Remote Code Execution Vulnerability in Microsoft Windows 2000, XP, and Server 2003 Unauthenticated Remote Code Execution in Symantec Enterprise Security Manager (ESM) JavaScript Hijacking Vulnerability in Dojo Framework JavaScript Hijacking Vulnerability in Getahead Direct Web Remoting (DWR) Framework 1.1.4 JavaScript Hijacking Vulnerability in Google Web Toolkit (GWT) JavaScript Hijacking Vulnerability in jQuery Framework JavaScript Hijacking Vulnerability in Microsoft Atlas Framework JavaScript Hijacking Vulnerability in MochiKit Framework JavaScript Hijacking Vulnerability in Moo.fx Framework JavaScript Hijacking Vulnerability in Prototype Framework JavaScript Hijacking Vulnerability in Script.aculo.us Framework JavaScript Hijacking Vulnerability in Yahoo! UI Framework Buffer Overflow Vulnerability in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 Unauthenticated Remote Administrative Access in Apple Xserve Lights-Out Management Arbitrary Code Execution Vulnerability in Apple QuickTime for Java 7.1.6 Memory Leakage Vulnerability in Apple QuickTime for Java 7.1.6 Buffer Overflow Vulnerability in iChat in Apple Mac OS X 10.3.9 and 10.4.9 via Crafted UPnP IGD Packet Arbitrary Script Injection Vulnerability in Apple Safari Beta 3.0.1 for Windows Memory Corruption Vulnerability in Apple Quicktime Remote Code Execution Vulnerability in QuickTime for Java Integer Overflow in Apple Quicktime SMIL File Parsing Remote Code Execution Vulnerability in Apple QuickTime JDirect Support Vulnerability in Apple QuickTime Remote Code Execution Vulnerability in QuickTime for Java Arbitrary Content Injection Vulnerability in Apple Safari 3.0.1 beta (522.12.12) on Windows Invalid Type Conversion Vulnerability in WebKit Cross-Site Scripting (XSS) Vulnerability in Apple Safari 3 Beta CRLF Injection Vulnerability in WebCore in Apple Mac OS X and iPhone Insufficient Access Control in QuickTime for Java Allows Remote Information Disclosure Arbitrary FTP Command Injection Vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 CRLF Injection Vulnerability in CFNetwork on Apple Mac OS X 10.3.9 and 10.4.10 Integer Underflow Vulnerability in Preview PDFKit on Mac OS X 10.4.10 Allows Remote Code Execution Uninitialized Object Pointer Vulnerability in Quartz Composer on Apple Mac OS X 10.4.10 Disk Quota Bypass Vulnerability in Samba Server on Apple Mac OS X Remote Code Execution via Unchecked Enable Java Setting in Apple Safari 3 Beta Cross-Domain Information Disclosure Vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 Cross-Site Scripting (XSS) Vulnerability in WebCore on Apple Mac OS X 10.3.9 and 10.4.10 PHP Remote File Inclusion Vulnerability in Sphider 1.2.x index.php Directory Traversal Vulnerability in Seir Anphin's modules/file.php Allows Information Disclosure Denial of Service Vulnerability in MyServer before 0.8.8 Denial of Service via Long URI in Pi3Web Web Server 2.0.3 PL1 SQL Injection Vulnerability in E-Annu's home.php Allows Remote Code Execution via 'a' Parameter Heap-based Buffer Overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x Heap-based Buffer Overflow in Trillian Pro XMPP Component Multiple Buffer Overflows in Macrovision FLEXnet Connect ActiveX Control (boisweb.dll) Arbitrary SQL Command Execution Vulnerability in Burak Yilmaz Blog 1.0 Buffer Overflow Vulnerability in Hitachi Groupmax Mobile Option for Mobile-Phone PHP Remote File Inclusion Vulnerabilities in Modules Builder 4.1 for Comdev One Admin Arbitrary Script Injection in MoinMoin 1.5.7 index.php Remote File Inclusion Vulnerability in The Merchant 2.2 Arbitrary File Read Vulnerability in Imageview 5.3 Remote File Inclusion Vulnerability in myGallery Plugin for WordPress SQL Injection Vulnerability in pnFlashGames 1.5 Module for PostNuke Ahhp-Portal Multiple PHP Remote File Inclusion Vulnerabilities Remote Code Execution Vulnerability in ManageEngine PasswordManager Pro (PMP) Arbitrary PHP File Creation Vulnerability in TCExam 4.0.011 and Earlier Dynamic Variable Evaluation Vulnerability in TCExam 4.0.011 and Earlier: Remote Cross-Site Scripting (XSS) and Other Attacks via shared/config/tce_config.php Arbitrary Script Injection in nukedit 4.9.7b's utilities/search.asp Cross-Site Scripting (XSS) Vulnerability in Ariadne 2.4.1 index.php Buffer Overflow Vulnerability in Aventail Connect 4.1.2.13: Remote Code Execution via DNS Query Privilege Escalation via Incorrect Use of System Classes in Sun Java Web Start Xrender Extension Denial of Service Vulnerability Vulnerability: Unsafe Functions in Vim Sandbox Allow Command Execution and File Manipulation via Modelines Denial of Service and Data Leakage Vulnerability in Caucho Resin Professional 3.1.0 and Earlier Caucho Resin Directory Traversal Vulnerability Information Disclosure Vulnerability in Caucho Resin Professional 3.1.0 and Earlier Remote Code Execution Vulnerability in MIT Kerberos 5 (krb5) 1.6.1 and earlier Arbitrary Code Execution Vulnerability in MIT Kerberos 5 (krb5) 1.6.1 and Earlier Privilege Escalation via Logic Error in Samba's SID/Name Translation Functionality Denial of Service Vulnerability in libpng's png_handle_tRNS Function Multiple Heap-Based Buffer Overflows in Samba 3.0.0 through 3.0.25rc3 Arbitrary Command Execution Vulnerability in Samba's MS-RPC Functionality Vulnerability: Information Disclosure via Partial Access Privilege in Subversion 1.4.3 and Earlier Arbitrary Web Script Injection in Apache Tomcat JSP Files Cross-Site Scripting (XSS) Vulnerabilities in Apache Tomcat Manager and Host Manager Applications Unspecified Information Disclosure Vulnerability in GEODE-AES Driver Heap-based Buffer Overflow in GNU findutils' locate Database Processing Vulnerability: Inadequate Random Number Generation in Linux Kernel Vulnerability: Heap-based Buffer Overflow in Parallels VGA Device Vulnerability: Denial of Service in Parallels Virtual Machine PHP Remote File Inclusion Vulnerabilities in FireFly 1.1.01 Remote File Inclusion Vulnerability in Pixaria Gallery 1.4.3: Arbitrary PHP Code Execution Pixaria Gallery 1.4.3 - Multiple PHP Remote File Inclusion Vulnerabilities Heap-based Buffer Overflow in Imager Perl Module BMP Reader FireFly 1.1.01 and Earlier PHP Remote File Inclusion Vulnerability Denial of Service Vulnerability in Cisco ASA and PIX DHCP Relay Agent Unspecified LDAP Authentication Bypass Vulnerability in Cisco ASA and PIX Denial of Service Vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX Race condition vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19 in clientless SSL VPNs leading to denial of service (device reload) via non-standard SSL sessions. Denial of Service Vulnerability in Solaris Auditing (BSM) on Sun Solaris 9 Denial of Service Vulnerability in LDAP SDK for C Denial of Service Vulnerability in ZoneAlarm Pro Denial of Service Vulnerability in HP OpenVMS for Integrity Servers 8.2-1 and 8.3 SQL Injection Vulnerability in FileRun 1.0 and Earlier: Remote Code Execution via fid Parameter in index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in FileRun 1.0 and Earlier Sendcard 3.4.1 Directory Traversal Vulnerability Cross-Site Scripting (XSS) Vulnerability in Sendcard 3.4.1 and Earlier Arbitrary SQL Command Execution in CMS Made Simple 1.0.5 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in Turnkey Web Tools SunShop Shopping Cart 4.0 Unspecified vulnerability in Novell SecureLogin (NSL) 6 SP1 allows for unauthorized attribute access Unspecified Remote Vulnerability in Novell SecureLogin (NSL) 6 SP1 Remote File Inclusion Vulnerability in phpMyChat.php3 in phpMyChat 0.14.5 Heap-based Buffer Overflows in Trillian Pro IRC Component Remote Information Disclosure Vulnerability in Cerulean Studios Trillian Pro UDP Port Hijacking Vulnerability WordTube Plugin for WordPress PHP Remote File Inclusion Vulnerability WordTube Plugin for WordPress Directory Traversal Vulnerability Arbitrary File Inclusion Vulnerability in wp-Table WordPress Plugin Remote File Inclusion Vulnerability in wp-Table Plugin for WordPress Remote File Inclusion Vulnerability in myflash-button.php Plugin for WordPress Motobit 1.3 and 1.5 Directory Traversal Vulnerability AtomixMP3 Stack-based Buffer Overflow Vulnerability Null Termination Vulnerability in Asterisk's IAX2 Channel Driver Heap-based Buffer Overflow in LiveData Protocol Server 5.00.045 and Earlier Versions Denial of Service Vulnerability in LiveData Server before 5.00.62 via Crafted COTP Packets Arbitrary Memory Write Vulnerability in VMware Workstation and Server SQL Injection Vulnerability in v4bJournal Module for PostNuke Remote File Inclusion Vulnerability in FAQ & RULES 2.0.0 and Earlier Module for mxBB Stack-based buffer overflows in PowerPointViewer.ocx ActiveX Control: Denial of Service Vulnerability Stack-based buffer overflows in ExcelOCX ActiveX control in ExcelViewer.ocx 3.1.0.6 Denial of Service Vulnerability in WordViewer.ocx 3.2.0.5 Denial of Service Vulnerability in RealPlayer 10 Gold via Malicious .ra File Arbitrary Code Execution Vulnerability in Winamp 5.02 through 5.34 via libmp4v2.dll Multiple Cross-Site Scripting (XSS) Vulnerabilities in DVDdb 0.6 and Earlier Arbitrary Code Execution via Memory Corruption in GNU Gnash 0.7.2 CodePress Eval Injection Vulnerability Unspecified Denial of Service Vulnerability in HP ProCurve 9300m Series Switches Directory Traversal Vulnerability in PHP Turbulence 0.0.1 Alpha PHP Turbulence 0.0.1 alpha Remote File Inclusion Vulnerability Stack-based Buffer Overflow in InterVations MailCOPA 8.01 20070323 via Long Command Line Argument Denial of Service Vulnerability in WebSpeed 3.x in OpenEdge 10.x Arbitrary File Read Vulnerability in Treble Designs 1024 CMS 0.7 Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 CRLF Injection Vulnerability in PHP FTP Functions Buffer Overflow in PHP make_http_soap_request Function Buffer Overflow in PHP User Filter Factory Create Function Default Mini Switch Vulnerability in Alcatel-Lucent IP-Touch Telephone Man-in-the-Middle Attack Vulnerability in Novell GroupWise 7 and 6.5 Stack-based Buffer Overflow in XferWan.exe in Multiple Products Directory Traversal Vulnerability in PEAR Installer SQL Injection Vulnerability in MyNews 0.10: Remote Code Execution via authacc Cookie Arbitrary PHP Code Execution via Remote File Inclusion in E-GADS! before 2.2.7 Stack-based Buffer Overflow in CA Anti-Virus Console Server Allows Remote Code Execution Weak Permissions in CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 Cross-site scripting (XSS) vulnerability in OTRS 2.0.x index.pl Memory Leak in Linux Kernel's PPPoE Socket Implementation Heap-based Buffer Overflow in SmartCode VNC Manager 3.6's ConnectAsyncEx Function DynamicPAD 1.03.31 - Multiple PHP Remote File Inclusion Vulnerabilities Buffer Overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows Integer Signedness Error in Solaris 10 ACL System Call Allows Privilege Escalation and Denial of Service PHP Remote File Inclusion Vulnerabilities in Tropicalm Crowell Resource 4.5.2 Berylium2 2003-08-18 PHP Remote File Inclusion Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 Multiple Buffer Overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 SQL Injection Vulnerabilities in phpHoo3 admin.php Denial of Service Vulnerability in WinAce via ZOO Archive with Direntry Structure PicoZip Denial of Service Vulnerability Multiple SQL Injection Vulnerabilities in NPDS 5.10 and Earlier Versions SQL Injection Vulnerability in RunCms 1.5.2 and Earlier: Remote Code Execution via debug_show.php Information Disclosure Vulnerability in RunCms 1.5.2 and Earlier PHP Remote File Inclusion Vulnerabilities in PMECMS 1.0 and Earlier Remote File Inclusion Vulnerability in Versado CMS 1.07 allows Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Workbench Survival Guide 0.11: Arbitrary PHP Code Execution Arbitrary SQL Command Execution in Flashgames 1.0.1 Module for XOOPS PHP TopTree BBS 2.0.1a Remote File Inclusion Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in Persism CMS 0.9.2 and Earlier Session Fixation Vulnerability in Simple Machines Forum (SMF) 1.1.2 and Earlier: Remote Session Hijacking TurnkeyWebTools SunShop Shopping Cart 4.0 - Cross-Site Scripting (XSS) Vulnerability in index.php Unspecified Remote Cookie Manipulation Vulnerability in TurnkeyWebTools SunShop Shopping Cart 4.0 SQL Injection Vulnerability in TurnkeyWebTools SunShop Shopping Cart 4.0 CRLF Injection Vulnerabilities in Devellion CubeCart 3.0.15 Arbitrary Script Injection in WikkaWiki User Settings Information Disclosure Vulnerability in WikkaWiki's RecentChanges Feature Privilege Escalation Vulnerability in HP Tru64 UNIX 5.1B-4, 5.1B-3, and 5.1A PK6 via Large Environment Variable Default Blank Password for MySQL Root Account in AP Newspower 4.0.1 and Earlier Unspecified Remote Code Execution Vulnerability in Podium CMS Default.aspx Remote Code Execution via SQL Injection in Nuked-klaN 1.7.6 Privilege Escalation Vulnerability in MOStlyDB Admin in Mambo 4.6.1 PHP remote file inclusion vulnerability in phpFullAnnu CMS (pfa CMS) 6.0 index.php allows remote code execution via repinc parameter Multiple PHP Remote File Inclusion Vulnerabilities in American Cart 3.5 ACGVannu 1.3 Directory Traversal Vulnerability SQL Injection Vulnerability in index.asp in fipsCMS 2.1 (pid parameter) Kayako eSupport 3.00.90 - Cross-Site Scripting (XSS) Vulnerability in index.php Buffer Overflow in VersalSoft HTTP File Upload ActiveX Control (UFileUploaderD.dll) AddFile Function Stack-based buffer overflow vulnerabilities in Sienzo Digital Music Mentor (DMM) 2.6.0.4 ActiveX Control User-Assisted Remote Denial of Service Vulnerability in Cdelia Software ImageProcessing Denial of Service Vulnerability in Taltech Tal Bar Code ActiveX Control Buffer Overflow Vulnerability in Taltech Tal Bar Code ActiveX Control Stack-based buffer overflows in VCDGear 3.55: Arbitrary Code Execution via Long Tag or Track Type in CUE File Multiple PHP Remote File Inclusion Vulnerabilities in Friendly 1.0d1 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in Wikivi5 SQL Injection Vulnerability in wfquotes 1.0 0 Module for XOOPS Remote File Inclusion Vulnerability in NoAh (PHP Content Architect) 0.9 pre 1.2 and earlier Arbitrary PHP Code Execution via Remote File Inclusion in PHPtree 1.3 Arbitrary File Read Vulnerability in Archangel Weblog 0.90.02 Remote File Inclusion Vulnerability in watermark.php in Gallery Watermark 0.4.1 Mod Buffer Overflow in East Wind Software advdaudio.ocx ActiveX Control (CVE-2007-0976) Multiple SQL Injection Vulnerabilities in ACP3 4.0 Beta 3 Unspecified Cookie Manipulation Vulnerability in ACP3 4.0 beta 3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ACP3 4.0 Beta 3 Local Information Disclosure Vulnerability in Apple Safari Cross-Site Scripting (XSS) Vulnerabilities in Microsoft Windows SharePoint Services 3.0 and Office SharePoint Server 2007 Multiple Buffer Overflows in IBM DB2 JDBC Applet Server (DB2JDS) Service MySQL Denial of Service Vulnerability via Divide-by-Zero Error Buffer Overflow in McAfee SecurityCenter ActiveX Control Allows Remote Code Execution Stack-based Buffer Overflow in BarCodeWiz ActiveX Control Allows Remote Code Execution Cisco IOS FTP Server Authorization Bypass and Arbitrary Code Execution Vulnerability Denial of Service Vulnerability in Cisco IOS FTP Server (CSCse29244) Multiple Buffer Overflows in Office Viewer OCX ActiveX Control (oa.ocx) 3.2 Cross-Site Request Forgery (CSRF) Vulnerability in SquirrelMail 1.4.0 through 1.4.9a Information Disclosure Vulnerability in Nokia Intellisync Mobile Suite User Account Modification and Denial of Service Vulnerability in Nokia Intellisync Mobile Suite Cross-Site Scripting (XSS) Vulnerabilities in Nokia Intellisync Mobile Suite and Novell Groupwise Mobile Server Remote Desktop Protocol (RDP) 6.0 Client Vulnerability in Microsoft Windows 2003 Server Remote File Inclusion Vulnerability in phpMyPortal 3.0.0 RC3 Remote authenticated users can bypass account suspension in RSAuction 2.73.1.3 by exploiting activation URL vulnerability Remote File Inclusion Vulnerability in aForum 1.32 and Earlier: Arbitrary PHP Code Execution Multiple PHP Remote File Inclusion Vulnerabilities in telltarget CMS 1.3.3 SQL Injection Vulnerability in SimpleNews 1.0.0 FINAL: Remote Code Execution via news_id Parameter in print.php Multiple SQL Injection Vulnerabilities in TutorialCMS 1.00 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in TutorialCMS 1.00 and Earlier Buffer Overflow Vulnerability in GDivX Zenith Player AviFixer Class Buffer Overflow Vulnerability in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 Denial of Service Vulnerability in Audio CD Ripper OCX 1.0 ActiveX Control Denial of Service Vulnerability in FlexLabel ActiveX Control Denial of Service Vulnerability in GetPropertyById Function in Brujula Toolbar Multiple Buffer Overflows in Firebird 2.1 Remote File Inclusion Vulnerability in LaVague 0.3 and Earlier: Arbitrary PHP Code Execution Remote File Inclusion Vulnerability in Miplex2 Alpha 1 Multiple PHP Remote File Inclusion Vulnerabilities in GNUedu 1.3b2 Arbitrary Web Script Injection in OpenLD Search Feature CGX 20050314 Multiple PHP Remote File Inclusion Vulnerabilities SQL Injection Vulnerability in WikkaWiki (Wikka Wiki) Allows Remote Code Execution via limit Parameter Arbitrary Configuration File Execution in WikkaWiki (Wikka Wiki) before 1.1.6.3 PHP Remote File Inclusion Vulnerability in phpHtmlLib 2.4.0 and Earlier PHP Remote File Inclusion Vulnerabilities in Crie seu PHPLojaFacil 0.1.5 Remote Code Execution Vulnerability in Novell NetMail 3.52e FTF2 File Permission Bypass in Sun Remote Services (SRS) Net Connect Software Proxy Core Package CRLF Injection Vulnerability in Drake CMS 0.4.0 Allows HTTP Response Splitting Attacks Unencrypted Login Credentials Retention Vulnerability in Symantec pcAnywhere 11.5.x and 12.0.x Remote File Inclusion Vulnerability in Jakub Steiner's Original 0.11: Arbitrary PHP Code Execution SQL Injection Vulnerability in Thyme Calendar 1.3 - Remote Code Execution via eid Parameter SQL Injection Vulnerabilities in TaskDriver 1.2 and Earlier Buffer Overflow Vulnerabilities in RControl.dll in Remote Display Dev Kit 1.2.1.0 Dynamic Variable Evaluation Vulnerability in All In One Control Panel (AIOCP) before 1.3.016 Arbitrary Web Script Injection Vulnerability in All In One Control Panel (AIOCP) SQL Injection Vulnerability in SchoolBoard's admin.php Allows Remote Code Execution Arbitrary Code Injection via Custom 404 Pages in WordPress Sidebar.php Arbitrary PHP Code Execution via Remote File Inclusion in Justin Koivisto SecurityAdmin for PHP 4.0.2 Information Disclosure in Bradford CampusManager Network Control Application Server 3.1(6) Incomplete Blacklist Vulnerability in FCKeditor Module Allows Remote Code Execution Unspecified Cross-Site Request Forgery (CSRF) Vulnerability in SquirrelMail 1.4.8-4.fc6 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in PHP Multi User Randomizer (phpMUR) 2006.09.13 H-Sphere SiteStudio 1.6 Directory Traversal Vulnerability Remote File Inclusion Vulnerability in aForum 1.32 and Earlier Versions Unspecified Denial of Service Vulnerability in Interchange before 5.4.2 Unspecified newline vulnerability in phpTodo before 0.8.1 Inadequate ACL Enforcement in MoinMoin before 20070507 Allows Unauthorized Page Access Authentication Bypass Vulnerability in eFileCabinet 3.3 TFTPdWin 0.4.2 Directory Traversal Vulnerability Vulnerability: Lack of Range Check in LibTMCG Allows Information Disclosure SQL Injection Vulnerability in W1L3D4 Philboard 0.2 via forumid Parameter Arbitrary File Read Vulnerability in R2K Gallery 1.7 Directory Traversal Vulnerability in phpThumb.php in PinkCrow Designs Gallery or maGAZIn 2.0 Arbitrary File Overwrite Vulnerability in Morovia Barcode ActiveX Professional 3.3.1304 Integer Overflow in libexif: Remote Code Execution Vulnerability Heap-based Buffer Overflow in yEnc32 1.0.7.207 via Long Filename in NTX File Arbitrary PHP Code Injection in Monalbum 0.8.7 via admin_configuration.php Clever Database Comparer 2.2 ActiveX Control Stack-Based Buffer Overflow Vulnerability Bypassing JavaScript Delays in Deutsche Telekom (T-com) Speedport W 700v for Brute-Force Attacks Denial of Service Vulnerability in Clam AntiVirus (ClamAV) OLE2 Parser Off-by-one errors in VooDoo cIRCle before 1.1.beta27 leading to remote code execution and denial of service Multiple Unspecified Buffer Overflow Vulnerabilities in Free-SA before 1.2.2 Insecure Permissions in xfs_fsr's .fsr Temporary Directory Unspecified Remote Code Execution Vulnerability in NetWin Webmail 3.1s-1 Stack-based Buffer Overflow in HP Magview ActiveX Control Denial of Service Vulnerability in PrecisionID Barcode 1.3 ActiveX Control Denial of Service Vulnerability in ID Automation Linear Barcode ActiveX Control Directory Traversal Vulnerability in PHP Advanced Transfer Manager (phpATM) 1.30 Allows Remote File Disclosure PHP Remote File Inclusion Vulnerability in PclTar Module in Vincent Blavet PhpConcept Library SQL Injection Vulnerability in archshow.asp in BlogMe 3.0 SQL Injection Vulnerability in EfesTECH Haber 5.0: Remote Code Execution via id Parameter Remote File Inclusion Vulnerability in Beacon 0.2.0 Yaap 1.5 and Earlier: PHP Remote File Inclusion Vulnerability in includes/common.php Remote Code Execution via PHP File Inclusion in PhpFirstPost 0.1 Stack-based Buffer Overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73: Remote Code Execution in Notepad++ Buffer Overflow in VImpX.ocx 4.7.3 ActiveX Control Allows Remote Code Execution Remote Code Execution Vulnerability in webdesproxy 0.0.1 via Buffer Overflow in URL Handling Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHPChain 1.0 and Earlier Remote Path Disclosure Vulnerability in PHPChain 1.0 and Earlier Denial of Service Vulnerability in Mozilla Firefox 2.0.0.3 Arbitrary SQL Command Execution in PHP Coupon Script 3.0 via index.php SQL Injection Vulnerability in Censura 1.15.04 and Earlier Versions Arbitrary SQL Command Execution in Pre Shopping Mall 1.0 via prodid Parameter SQL Injection Vulnerability in Pre Classifieds Listings 1.0: Remote Code Execution via category parameter in search.php Open Translation Engine (OTE) 0.7.8 - PHP Remote File Inclusion Vulnerability in skins/header.php Multiple PHP Remote File Inclusion Vulnerabilities in phpChess Community Edition 2.0 Buffer Overflow Vulnerability in isChecked Function in Netsprint Toolbar 1.1 PHP File Inclusion Vulnerability in Ivan Peevski Gallery 0.3 in Simple PHP Scripts (sphp) Canon Network Camera Server VB100, VB101, and VB150 Multiple Cross-Site Scripting (XSS) Vulnerabilities Arbitrary File Inclusion Vulnerability in b2evolution 1.6 Adobe Version Cue CS3 Server Installer Does Not Re-enable Personal Firewall, Allowing Remote Firewall Bypass Buffer Overflow Vulnerability in Mutt 1.4.2 via GECOS Field Sensitive Information Disclosure in Jetbox CMS 2.1 SQL Injection Vulnerabilities in Jetbox CMS 2.1: Remote Code Execution via index.php Cross-Site Scripting (XSS) Vulnerability in Jetbox CMS 2.1 Remote Code Execution Vulnerability in MicroWorld Agent Service Unicode Character Encoding Evasion Vulnerability in Cisco IPS and IOS Firewall/IPS Feature Set Unicode Character Encoding Evasion Vulnerability in Check Point Web Intelligence Unicode Character Encoding Evasion Vulnerability in IBM ISS Proventia Series Products MySQL Remote Table Renaming Vulnerability Privilege Escalation in MySQL's mysql_change_db Function Information Disclosure Vulnerability in MySQL Partitioned Tables Multiple Cross-Site Scripting (XSS) Vulnerabilities in BEA WebLogic Server Remote Code Execution via HttpClusterServlet and HttpProxyServlet in BEA WebLogic Server Remote Access to Protected Queues in BEA WebLogic Server Unlimited Authentication Attempts Vulnerability in BEA WebLogic Server Sensitive Credential Information Disclosure in BEA WebLogic Server 9.0 Administration Console Arbitrary File Upload Vulnerability in BEA WebLogic Server 9.0 and 9.1 Unencrypted Attribute Vulnerability in WLST Script Generation in BEA WebLogic Server 9.0 and 9.1 JMS Message Bridge in BEA WebLogic Server: Unauthorized Message Sending Vulnerability Cross-Site Scripting (XSS) Vulnerability in BEA WebLogic Portal 9.2 GA GroupSpace Application Remote Privilege Escalation in BEA WebLogic Portal 9.2 GA via Long Role Description Denial of Service Vulnerability in BEA WebLogic Server 9.0 through 9.2 Directory Traversal Vulnerability in BEA WebLogic Integration and WebLogic Workshop Remote File Inclusion Vulnerability in Media Gallery 1.4.8a and Earlier for Geeklog Remote File Inclusion Vulnerability in Linksnet Newsfeed 1.0 Feindt Computerservice News (News-Script) 2.0 - PHP Remote File Inclusion Vulnerability in newsadmin.php Arbitrary PHP Code Execution via Remote File Inclusion in NagiosQL 2005 2.00 Remote File Inclusion Vulnerability in NagiosQL 2.00-P00 and Earlier Remote Code Execution Vulnerability in TinyIdentD 2.2 and Earlier Unspecified Vulnerability in MH Software Connect Daily Before 3.3.3 Unauthenticated Remote Administrative Access Vulnerability in ifdate 2.x Unspecified Vulnerability in Akismet.php Plugin: Unknown Impact and Attack Vectors Arbitrary Username and Password Change Vulnerability in Snaps! Gallery 1.4.4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in EQdkp 1.3.2c and Earlier SQL Injection Vulnerability in iGeneric (iG) Shop 1.4 - Remote Code Execution via type_id[] Parameter Arbitrary Script Injection via STYLE Tags in Stalker CommuniGate Pro WebMail System Session Fixation Vulnerability in HP Systems Insight Manager (SIM) 4.2 and 5.0 SP4 and SP5 User ID Validation Bypass in Group-Office before 2.16-13 Heap Corruption Vulnerability in JasPer JPEG-2000 Library Denial of Service Vulnerability in NewzCrawler 1.8 via Invalid Strings in URL Attribute Denial of Service Vulnerability in Media Player Classic 6.4.9.0 via Empty .MPA File Arbitrary Script Injection in fotolog's all_photos.html via user Parameter Arbitrary File Overwrite Vulnerability in DB Software Laboratory DeWizardX ActiveX Control Denial of Service Vulnerability in BitsCast 0.13.0 via Invalid Strings in pubDate Element Uninitialized Seed Variable in mcrypt_create_iv Function in PHP Uninitialized Seed Variable Vulnerability in PHP Soap Extension Vulnerability: Process Identifier Equivalence Bypass in Comodo Firewall Vulnerability: Process Identifier Equivalence Bypass in Check Point ZoneAlarm Pro CRLF Injection Vulnerability in Jetbox CMS 2.1 Formmail.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Jetbox CMS Unrestricted File Upload Vulnerability in Jetbox CMS Unicode Character Encoding Evasion Vulnerability in 3Com TippingPoint IPS SQL Injection Vulnerability in ResManager 1.2.1 and Earlier: Remote Code Execution via edit_day.php Remote File Inclusion Vulnerability in Achievo 1.1.0 index.php SQL Injection Vulnerability in MyConference 1.0 Module for Xoops SQL Injection Vulnerability in Glossaire Module for Xoops Unspecified Cross-Site Scripting (XSS) Vulnerability in xajax before 0.2.5 Unspecified Vulnerability in xajax Before 0.2.5 with Unknown Impact and Attack Vectors Vulnerability: Stack-based Buffer Overflow in Little CMS (lcms) before 1.15 Unrestricted File Upload Vulnerability in w2box 4.0.0 Beta4 Allows Arbitrary PHP Code Execution Arbitrary PHP Code Execution via Remote File Inclusion in GlossWord 1.8.1 PrecisionID Barcode 1.9 ActiveX Control Stack-Based Buffer Overflow Vulnerability Arbitrary Web Script Injection Vulnerability in vDesk Webmail 4.03 Information Disclosure in Plain Black WebGUI before 7.3.14 Arbitrary File Read Vulnerability in rdiffWeb (CVE-2021-XXXX) Unspecified Vector Information Disclosure Vulnerability in PHP 5.2.1 and Earlier SQL Injection Vulnerability in FAQEngine 4.16.03 and Earlier: Remote Code Execution via questionref Parameter Arbitrary SQL Command Execution in SimpNews 2.40.01 and Earlier via print.php PHPGlossar 0.8 - Multiple Remote File Inclusion Vulnerabilities SQL Injection Vulnerability in RunawaySoft Haber Portal 1.0: Remote Code Execution via id Parameter Insufficient Access Control in RunawaySoft Haber Portal 1.0 Allows Remote Database Download Heap-based Buffer Overflow in Freetype 2.3.4 and earlier due to Integer Signedness Error Arbitrary File Overwrite Vulnerability in PrecisionID Barcode 1.9 ActiveX Control Denial of Service Vulnerability in libgd's gdPngReadData Function Cross-Site Scripting (XSS) Vulnerabilities in Redoable 1.2 Buffer Overflow Vulnerabilities in WinImage 8.0.8000 SQL Injection Vulnerabilities in Adempiere's ValuePreference Class Privilege Escalation Vulnerability in Adempiere before 3.1.6 Stack-based Buffer Overflow in MagicISO 5.4 Build 239 and Earlier via Long Filename in .cue File Multiple PHP Remote File Inclusion Vulnerabilities in Build it Fast (bif3) 0.4.1 Buffer Overflow in UnlockSupport Function in ltmm15.dll ActiveX Control in Sienzo Digital Music Mentor (DMM) 2.6.0.4 Denial of Service Vulnerability in Sun-Brocade SilkWorm Switches Arbitrary Deny Entry Injection in BlockHosts Plaintext MySQL Password Exposure in Backup Manager Unspecified Remote Filesystem Listing and Information Disclosure Vulnerability in BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 OpenSSH OPIE User Account Existence Disclosure Vulnerability Arbitrary File Upload and Command Execution in BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 Eudora 7.1 SMTP Reply Buffer Overflow Vulnerability Arbitrary Code Execution Vulnerability in LEAD Technologies LeadTools JPEG 2000 ActiveX Control Remote Denial of Service Vulnerability in CA BrightStor Backup 11.5.2.0 SP2 SQL Injection Vulnerability in Zomplog 3.8 and Earlier: Arbitrary SQL Command Execution via speler Parameter PHP Remote File Inclusion Vulnerabilities in SunLight CMS 5.3 Unauthenticated Remote Administrative Access in AlstraSoft Live Support 1.21 Unauthenticated Remote Code Execution in AlstraSoft Template Seller Pro Arbitrary PHP Code Execution via Unrestricted File Upload in AlstraSoft Template Seller Pro Arbitrary File Read Vulnerabilities in MolyX BOARD 2.5.0 Libstats 1.0.3 and Earlier: PHP Remote File Inclusion Vulnerability in template_csv.php Information Disclosure Vulnerability in PsychoStats 3.0.6b and Earlier Arbitrary Web Script Injection Vulnerability in WikyBlog before 1.4.13 Fixed Increment TCP Initial Sequence Number Vulnerability in Packeteer PacketShaper Unspecified Remote Code Execution Vulnerability in Rational Soft Hidden Administrator 1.7 and Earlier Denial of Service Vulnerability in globus-job-manager in Globus Toolkit 4.1.1 and earlier Arbitrary Administrative Account Creation in eSyndiCat Pro 1.x Denial of Service Vulnerability in Ratbox IRC Daemon 2.2.5 and Earlier Stack-based Buffer Overflow in LeadTools Raster Thumbnail Object Library 14.5.0.44 ActiveX Control Integer Overflow in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) Allows Remote Code Execution BMP Image Parser Denial of Service Vulnerability Arbitrary Web Script Injection in VP-ASP Shopping Cart 6.50 Unspecified Timing Attack Vulnerability in HP Tru64 UNIX SSH SQL Injection Vulnerability in Yet another Newsletter Component (YANC) Allows Remote Code Execution Geeklog 2.x ImageImageMagick.php Remote File Inclusion Vulnerability Buffer Overflow Vulnerabilities in Ipswitch IMail Server Denial of Service Vulnerability in Arris Cadant C3 CMTS Incorrect Group Ownership of tty Devices in xterm Remote Code Execution Vulnerability in MIT Kerberos Integer Overflow in file Program 4.20 Allows Arbitrary Code Execution Sensitive Information Disclosure in eTicket 1.5.5.1 and earlier via Error Messages Multiple Cross-Site Scripting (XSS) Vulnerabilities in eTicket 1.5.5 and 1.5.5.1 Arbitrary Web Script Injection Vulnerability in RM EasyMail Plus Login SQL Injection Vulnerability in Vizayn Urun Tanitim Sitesi 0.2 Default.asp Cross-Site Scripting (XSS) Vulnerabilities in CandyPress Store 3.5.2.14 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in ClientExec (CE) 3.0 beta2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in GaliX 2.0 index.php Eggdrop 1.6.18 Stack-based Buffer Overflow in servrmsg.c Arbitrary Web Script Injection Vulnerability in Gnatsweb.pl Buffer Overflow in Opera Transfer Manager Allows Remote Code Execution via Crafted Torrent File SQL Injection Vulnerability in Gazi Download Portal's down_indir.asp Arbitrary Web Script Injection Vulnerability in OSK Advance-Flow 4.41 and Earlier HLstats.php Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Cisco IOS 12.4 and Earlier with SSL Support Multiple stack-based buffer overflows in Pegasus ImagN' ActiveX Control (IMW32O40.OCX) 4.00.041 Remote Access to Private Web Directories via hit-highlighting Vulnerability in Microsoft IIS Web Server 5.0 Multiple PHP Remote File Inclusion Vulnerabilities in ol'bookmarks 0.7.4 Arbitrary SQL Command Execution in ol'bookmarks 0.7.4 via id Parameter Arbitrary Web Script Injection Vulnerability in CactuSoft Parodia 6.4 and Earlier Arbitrary Web Script Injection Vulnerability in Track+ 3.3.2 and Earlier Stack-based buffer overflows in KSign KSignSWAT ActiveX Control (AxKSignSWAT.dll) 2.0.3.3 Arbitrary SQL Command Execution via Cookie Parameter in WordPress Authentication Bypass Vulnerability in TutorialCMS 1.01 and Earlier Buffer Overflow Vulnerabilities in HT Editor 2.0.6 and Earlier SQL Injection Vulnerability in AlstraSoft E-Friends 4.21 and Earlier: Remote Code Execution via paypal.php Cross-Site Scripting (XSS) Vulnerabilities in @Mail 5.02 and Earlier: ReadMsg.php Remote File Inclusion Vulnerability in Madirish Webmail 2.0's lib/addressbook.php Allows Arbitrary Code Execution Heap-based Buffer Overflow in LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and Earlier CSRF Vulnerability in AdSense-Deluxe WordPress Plugin Denial of Service Vulnerability in MadWifi 802.11 Network Stack Denial of Service Vulnerability in MadWifi's ath_beacon_config Function Array Index Error in MadWifi Wireless Driver Cisco CallManager Web Application Firewall XSS Vulnerability Denial of Service Vulnerability in Emacs 21 via Crafted Images Heap-based Buffer Overflow in TIFF Parser in OpenOffice.org and Sun StarOffice Stack-based buffer overflows in CCE_pinyin.c and xl_pinyin.c in unicon-imc2 3.0.4 Arbitrary File Deletion via Directory Traversal in Hiki Session Handling Arbitrary File Overwrite Vulnerability in FireFlier 1.1.6 Arbitrary File Overwrite Vulnerability in GSAMBAD 0.1.4 Insecure Temporary File Creation in gfax 0.4.2 and Other Versions Cross-Domain Information Leakage Vulnerability in Apple Safari 2.0.4 Race condition vulnerability in PHP versions 4.x and 5.x before 5.2.1 allows remote attackers to gain system access Heap-based Buffer Overflow in avast! Anti-Virus Managed Client: Remote Code Execution via Crafted CAB Archive Heap-based Buffer Overflow in avast! Anti-Virus Managed Client SIS Unpacker Multiple Cross-Site Scripting (XSS) Vulnerabilities in HLstats.php in HLstats 1.35 and Earlier Stack-based Buffer Overflow in SetPath Function of shComboBox ActiveX Control in Sky Software Shell MegaPack ActiveX 8.0 Unauthenticated Access to KnowledgeTree Document Management System Bypassing Network Security Policies in Citrix MetaFrame Presentation Server and Access Essentials Arbitrary File Overwrite Vulnerability in LeadTools Raster Variant Object Library (LTRVR14e.dll) 14.5.0.44 Stack-based Buffer Overflows in ESET NOD32 Antivirus Allow Remote Code Execution Arbitrary Command Execution in VCDAPILibApi ActiveX Control Multiple SQL Injection Vulnerabilities in BtiTracker 1.4.1 and Earlier in account_change.php Buffer Overflow in DartZipLite.dll ActiveX Control (CVE-2007-2856) Buffer Overflow in Dart Communications PowerTCP ZIP Compression ActiveX Control Arbitrary PHP Code Execution via Remote File Inclusion in ABC Excel Parser Pro 4.0 Arbitrary SQL Command Execution Vulnerability in IP-Tracking Mod for phpBB 2.0.x Multiple PHP Remote File Inclusion Vulnerabilities in SimpGB 1.46.0 Privilege Escalation Vulnerability in BoastMachine 3.0 Platinum Arbitrary PHP Code Execution in Simple Accessible XHTML Online News (SAXON) 4.6 Multiple SQL Injection Vulnerabilities in CubeCart 3.0.16 Remote Code Execution Vulnerability in CA Anti-Virus Engine Stack-based Buffer Overflow in CA Anti-Virus Engine: Remote Code Execution Vulnerability Arbitrary Web Script Injection Vulnerability in phpPgAdmin 4.1.1 SQL Injection Vulnerabilities in PHPEcho CMS 2.0-rc1 and Earlier Multiple Denial of Service Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Memory Corruption Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Denial of Service Vulnerability in Mozilla Firefox Form Autocomplete Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and SeaMonkey Browser Chrome Spoofing Vulnerability Integer Overflow Vulnerabilities in PHP's chunk_split Function Symlink Attack Vulnerability in SpamAssassin 3.1.x, 3.2.0, and 3.2.1 Buffer Overflow in wpa_supplicant's wpa_printf Function Allows Remote Code Execution Integer Underflow Vulnerability in cpuset_tasks_read Function Denial of Service Vulnerability in Netfilter's SCTP Handling Buffer Overflow Vulnerability in TclWinReg.c in Tcl (Tcl/Tk) Allows Privilege Escalation via Long Registry Key Paths VFAT compat ioctls Vulnerability in Linux Kernel Arbitrary Web Script Injection Vulnerability in GTP GNUTurk Portal System 3G Multiple Cross-Site Scripting (XSS) Vulnerabilities in Digirez 3.4 Stack-based Buffer Overflow in Sun Java Web Proxy Server SOCKS Proxy Support Denial of Service Vulnerability in Solaris NFS Client Module Insecure Storage of Account Credentials in Credant Mobile Guardian Shield for Windows Stack-based buffer overflows in Microsoft Visual Basic 6 via long Description or Company Name fields Denial of Service Vulnerability in MSVDTDatabaseDesigner7 ActiveX Control Denial of Service Vulnerability in Nortel CS 1000 M Media Card Arbitrary Script Injection in WIYS 1.0 via No Parameter in Sayfa Page Stack-based Buffer Overflow in UltraISO 8.6.2.2011 and Earlier SQL Injection Vulnerability in Dokeos 1.6.5 and Earlier: Remote Code Execution via scormcontopen Parameter SQL Injection Vulnerability in cpCommerce 1.1.0 and Earlier: Remote Code Execution via id_category Parameter in category.php Multiple PHP Remote File Inclusion Vulnerabilities in FirmWorX 0.1.2 Arbitrary Script Injection in ASP-Nuke 2.0.7 news.asp (XSS Vulnerability) RX Frame Heap Overflow in Bochs 2.3 NE2000 Emulation Divide-by-Zero Denial of Service Vulnerability in Bochs 2.3 Floppy Disk Controller Buffer Overflow in LeadTools Raster Dialog File Object ActiveX Control Race condition vulnerability in Symantec ESM 6.5.3 on Windows allows remote attackers to cause denial of service Denial of Service and Information Disclosure Vulnerability in Microsoft IIS 6.0 Arbitrary SQL Command Execution in 2z Project 0.9.5 via rating parameter in includes/rating.php Direct static code injection vulnerability in admin_config.php in NavBoard 2.6.0 PHP Remote File Inclusion Vulnerabilities in Scallywag 2005-04-25 Template.php Cross-Site Scripting (XSS) Vulnerabilities in Dokeos 1.8.0 and Earlier SQL Injection Vulnerability in Dokeos 1.8.0 and Earlier: Remote Code Execution via course Parameter Buffer Overflow Vulnerability in Microsoft Office 2000 Controllo UA di Microsoft Office ActiveX Control (OUACTRL.OCX) 1.0.1.9 Unspecified Cross-Site Scripting (XSS) Vulnerability in Sun Java System Messaging Server 6.0 through 6.3 with Internet Explorer SQL Injection Vulnerability in 2z Project 0.9.5: Remote Code Execution via post_id Parameter in includes/rating.php Denial of Service Vulnerability in Java Embedding Plugin 0.9.6.1 Unspecified vulnerability in SSL-Explorer before 0.2.13 allows remote authenticated users to enter malicious redirect URLs Arbitrary Web Script Injection in Jelsoft vBulletin Calendar.php Arbitrary Script Injection in Jelsoft vBulletin 3.6.x Calendar.php Jelsoft vBulletin XSS Vulnerability SQL Injection Vulnerability in Jelsoft vBulletin AdminCP Attachment.php Unauthenticated User Infraction Permissions Bypass in Jelsoft vBulletin ClonusWiki .5 index.php Cross-Site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in PsychoStats 3.0.6b Arbitrary Web Script Injection in RM EasyMail Plus via Email Title Field GMTT Music Distro 1.2 - Cross-Site Scripting (XSS) Vulnerability in showown.php Buffer Overflow Vulnerabilities in Authentium Command Antivirus ActiveX Control Multiple stack-based buffer overflows in Logitech VideoCall ActiveX controls allow remote code execution and denial of service. Multiple stack-based buffer overflows in FlipViewerX.dll ActiveX Control Zoomify Viewer ActiveX Control Multiple Stack-Based Buffer Overflows Vulnerability Buffer Overflow Vulnerabilities in Corel / Micrografx ActiveCGM Browser ActiveX Control Arbitrary Command Execution Vulnerability in Novell exteNd Director 4.1 and Portal Services Buffer Overflow Vulnerabilities in RealNetworks GameHouse dldisplay ActiveX Control Default Access Control Vulnerability in ISC BIND 9.4.0 - 9.5.0a5 Weak Random Number Generator in ISC BIND 9 through 9.5.0a5 Allows DNS Cache Poisoning Denial of Service Vulnerability in Atheros Wireless Adapter Drivers Format String Vulnerability in IBM Lenovo Access Support acpRunner ActiveX Control Remote Code Execution Vulnerability in IBM Lenovo Access Support acpRunner ActiveX Control Predictable DNS Query Identifiers in ISC BIND 8 before 8.4.7-P1 Heap-based Buffer Overflow in Microsoft MSN Messenger and Live Messenger Allows Remote Code Execution via Video Conversation Handling Arbitrary Script Injection in BoastMachine's index.php Arbitrary SQL Command Execution in Phil-a-Form Joomla Component Arbitrary File Read Vulnerability in Vistered Little 1.6a Arbitrary Command Execution in Fundanemt Spellcheck.php PHP Remote File Inclusion Vulnerabilities in Frequency Clock 0.1b (Beta 0.1) Remote File Inclusion Vulnerability in TROforum 0.1: Arbitrary PHP Code Execution Buffer Overflow in Ademco ATNBaseLoader100 ActiveX Control Multiple PHP Remote File Inclusion Vulnerabilities in Mazen's PHP Chat 3.0.0 FlaP 1.0b Multiple PHP Remote File Inclusion Vulnerabilities PHP Remote File Inclusion Vulnerabilities in vBulletin Google Yahoo Site Map (vBGSiteMap) 2.41 SQL Injection Vulnerability in My Little Forum 1.7 and Earlier: Remote Code Execution via user.php Remote File Inclusion Vulnerability in Webavis 0.1.1: Arbitrary PHP Code Execution Insecure Storage of Sensitive Information in WabCMS 1.0 Insufficient Access Control in RMForum Allows Remote Database Download Buffer Overflow Vulnerability in LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL) 14.5.0.44 OpenBASE Alpha 0.6 - Multiple PHP Remote File Inclusion Vulnerabilities Stack-based buffer overflow in MPlayer stream_cddb.c allows remote attackers to execute arbitrary code via a long album title or category. Integer Overflow in Gimp 2.2.15 PSD Plugin Allows Remote Code Execution Insecure Permissions Vulnerability in Centennial Discovery 2006 Feature Pack 1 Arbitrary Command Execution via Shell Metacharacters in KVIrc's parseIrcUrl Function Multiple stack-based buffer overflows in Blue Coat K9 Web Protection 3.2.44 Format String Vulnerability in Vim's helptags_one Function Stack-based Buffer Overflow in Novell Client Spooler Service (nwspool.dll) Arbitrary Code Execution Vulnerabilities in NavComUI.dll ActiveX Controls Stack-based Buffer Overflow in readRadianceHeader Function in pfstools and Qtpfsgui Heap-based Buffer Overflow in McAfee E-Business Server Format String Vulnerability in Sylpheed and Sylpheed-Claws Allows Remote Code Execution SQL Injection Vulnerability in cpCommerce Manufacturer.php Multiple Directory Traversal Vulnerabilities in Scallywag 2005-04-25 Unrestricted File Upload Vulnerability in FileCloset 1.1.5 and Earlier Arbitrary Script Injection Vulnerability in Particle Gallery 1.0.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Invision Power Board (IPB or IP.Board) 2.2.2 and Earlier Denial of Service Vulnerability in F-Secure Policy Manager Server 7.00 and Earlier Privilege Escalation Vulnerability in F-Secure Real-time Scanning Component Buffer Overflow in F-Secure Anti-Virus Products Allows Remote Code Execution Denial of Service Vulnerability in F-Secure Anti-Virus Products Arbitrary Web Script Injection in cpCommerce 1.1.0 and Earlier Remote File Inclusion Vulnerability in WAnewsletter 2.1.3 and Earlier: Arbitrary PHP Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in 8e6 R3000 Internet Filter's cgi/block.cgi SQL Injection Vulnerability in gCards 1.46 and Earlier: Remote Code Execution via newsid Parameter Denial of Service Vulnerability in Avira Antivir Antivirus Denial of Service Vulnerability in Avira Antivir Antivirus Buffer Overflow in Avira Antivir Antivirus Allows Remote Code Execution via Crafted LZH Archive Arbitrary Code Execution via Ignite Realtime Openfire Admin Console Cross-Site Scripting (XSS) Vulnerability in Centrinity FirstClass and Server and Internet Services Buffer Overflow in Submit Daemon Allows Remote Attackers to Cause Denial of Service or Other Impact Session Fixation Vulnerability in Eggblog 3.1.0 and Earlier: Remote Session Hijacking Insufficient Access Control in Techno Dreams Web Directory / Search Engine 2.0 Allows Remote Database Download Heap-based Buffer Overflow in LEADTOOLS LEAD Raster ISIS Object (LTRIS14e.DLL) 14.5.0.44 ActiveX Control Buffer Overflow in LEADTOOLS Raster OCR Document Object Library (ltrdc14e.dll) 14.5.0.44 Buffer Overflow Vulnerabilities in British Telecommunications Business Connect Webhelper ActiveX Control Buffer Overflow Vulnerabilities in British Telecommunications Consumer Webhelper ActiveX Control Stack-based Buffer Overflows in CDPass ActiveX Control in CDPass.dll Pheap 2.0 Authentication Bypass and Remote Code Execution Vulnerability Remote File Inclusion Vulnerability in AdminBot MX 9.0.5 Buffer Overflow Vulnerabilities in Zenturi ProgramChecker's ActiveX Controls Arbitrary PHP Code Injection in Inout Meta Search Engine's Admin Script Denial of Service Vulnerability in libike Library in Sun Solaris 9 Denial of Service Vulnerability in inetd on Sun Solaris 10 Evenzia CMS PATH_INFO Cross-Site Scripting (XSS) Vulnerability Multiple SQL Injection Vulnerabilities in OmegaMw7.asp in OMEGA INSEL Multiple Cross-Site Scripting (XSS) Vulnerabilities in OmegaMw7.asp in OMEGA INSEL SQL Injection Vulnerability in DGNews 2.1 news.php Allows Remote Code Execution Unspecified Vulnerability in IBM AIX 5.2.0 and 5.3.0 with Unknown Impact and Attack Vectors Privilege Escalation Vulnerability in Perl.rte on IBM AIX SQL Injection Vulnerabilities in SalesCart Shopping Cart Denial of Service Vulnerability in Pascal Run-time Library on OpenVMS Context-dependent error message disclosure in Microsoft Windows Server 2003 SQL Injection Vulnerabilities in PHP JackKnife (PHPJK) Allow Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHP JackKnife (PHPJK) PHP JackKnife (PHPJK) Path Disclosure Vulnerability Multiple SQL Injection Vulnerabilities in myBloggie 2.1.6 and Earlier Buffer Overflow in Acoustica MP3 CD Burner 4.32 and 4.51 Build 147 File Existence Disclosure Vulnerability in PHP 5 before 5.2.3 HTTP TRACE Method Enabled in Mbedthis AppWeb before 2.2.2: Potential Remote Information Leaks and XST Attacks Format String Vulnerability in Mbedthis AppWeb 2.0.5-4 Allows Remote Denial of Service Arbitrary Command Execution via Shell Metacharacters in Alcatel OmniPCX Enterprise Communication Server R7.1 and Earlier Arbitrary Command Execution in Fujitsu-Siemens ServerView Web Interface Information Disclosure Vulnerability in Fujitsu-Siemens PRIMERGY BX300 Switch Blade Web Interface SQL Injection Vulnerability in activeWeb ContentServer Cross-Site Scripting (XSS) Vulnerabilities in activeWeb ContentServer before 5.6.2964 Arbitrary JavaScript Injection Vulnerability in activeWeb contentserver CMS Arbitrary Directory File Creation Vulnerability in activeWeb contentserver CMS before 5.6.2964 Arbitrary Executable File Creation Vulnerability in Symantec Reporting Server Password Hash Disclosure Vulnerability Buffer Overflow Vulnerability in unsp.c in ClamAV Insecure Permissions for Temporary Files in ClamAV Denial of Service Vulnerability in ClamAV's libclamav/phishcheck.c on Solaris Heap-based Buffer Overflow in Panda Software AdminSecure Language Pack Installation Vulnerability in Microsoft Internet Explorer 5.01, 6, and 7 Windows Active Directory Denial of Service Vulnerability Memory Corruption Vulnerability in Microsoft Excel 2002 and 2003 Workbook Memory Corruption Vulnerability in Microsoft Excel 2000, 2002, 2003, and Viewer User-assisted remote code execution vulnerability in Windows Vista Contacts Gadget Windows Vista Feed Headlines Gadget XSS Vulnerability Heap-based Buffer Overflow in GDI's AttemptWrite Function via Crafted Metafile Windows Media Player Skin File Code Execution Vulnerability Privilege Escalation Vulnerability in Windows Services for UNIX and Subsystem for UNIX-based Applications Windows Media Player Skin File Heap-Based Buffer Overflow Vulnerability Teredo Interface Information Disclosure Vulnerability in Windows Vista Remote Code Execution via Stack-based Buffer Overflow in Microsoft Message Queuing (MSMQ) Service Stack-based Buffer Overflow in Microsoft Agent ActiveX Control ActiveX Object Memory Corruption Vulnerability in pdwizard.ocx Unspecified Cross-Site Scripting (XSS) Vulnerability in Meneame before 2 Arbitrary web script injection vulnerability in Hitachi Groupmax Collaboration Portal and uCosminexus Collaboration Portal Denial of Service Vulnerability in Hitachi XP/W Map I/O Service Denial of Service Vulnerability in Hitachi TP1/NET/OSI-TP-Extended Buffer Overflow in Advanced Software Production Line Vortex Library before 1.0.3: Remote Denial of Service Vulnerability Default Administrator Credentials in Vonage VoIP Telephone Adapter Local Privilege Escalation in GNU Screen 4.0.3 via CTRL-C Sequence at Password Prompt Arbitrary Web Script Injection via Title Parameter in Buttercup Web File Manager (BWFM) May 2007 Session Fixation Vulnerability in Chameleon CMS 3.0 and Earlier: Remote Session Hijacking SQL Injection Vulnerability in RevokeSoft RevokeBB 1.0 RC4 and Earlier SQL Injection Vulnerability in PNphpBB2 1.2i and Earlier Module for PostNuke Session Fixation Vulnerability in Calimero.CMS 3.3.1232 and Earlier: Remote Session Hijacking Cross-site scripting (XSS) vulnerability in Codelib Linker 2.0.4 and earlier via kword parameter in search.php Arbitrary Web Script Injection Vulnerability in Codelib Linker 2.0.4 and Earlier Arbitrary Script Injection in WebSVN 2.0rc4 filedetails.php PHP Remote File Inclusion Vulnerability in icontent 4.5 Module for XOOPS Multiple PHP Remote File Inclusion Vulnerabilities in Madirish Webmail 2.0 Information Disclosure in SendCard 3.3.0 via Invalid sc_language Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHP Live! 3.2.2 Sensitive Information Exposure in Cactushop 6 and Earlier: Unauthorized Database Download Arbitrary Web Script Injection Vulnerability in HP System Management Homepage (SMH) SQL Injection Vulnerability in diary.php in My Databook Allows Remote Attackers to Execute Arbitrary SQL Commands Arbitrary Web Script Injection Vulnerability in My Databook's diary.php SQL Injection Vulnerability in Particle Soft Particle Gallery 1.0.1 and Earlier: Remote Code Execution via editcomment Parameter Multiple PHP Remote File Inclusion Vulnerabilities in php(Reactor) 1.2.7 and Earlier Arbitrary Web Script Injection Vulnerability in Attunement and Key Tracker Plugin for EQdkp DVD X Player 4.1 Professional Stack-based Buffer Overflow Vulnerability Vulnerability: Session Takeover via Alt-Tab in xscreensaver on Sun Solaris 10 Arbitrary Web Script Injection Vulnerability in BDigital Web Solutions WebStudio Buffer Overflow in GetWebStoreURL Function in eSellerateControl365.dll 3.6.5.0: Remote Code Execution Vulnerability Directory Traversal Vulnerability in Mozilla Firefox on Windows Directory Traversal Vulnerability in Mozilla Firefox 2.0.0.4 and Earlier on Mac OS X and Unix Local File Disclosure Vulnerability in Mozilla Firefox 2.0.0.4 and Earlier Directory Traversal Vulnerability in Microsoft Internet Explorer Arbitrary File Download Vulnerability in Zenturi ProgramChecker's ActiveX Control SQL Injection Vulnerability in EQdkp 1.3.2 and Earlier: Remote Code Execution via listmembers.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Aigaion 1.3.3 Path Disclosure Vulnerability in listmembers.php in EQdkp 1.3.2c and earlier SQL Injection Vulnerability in haberoku.asp in Hunkaray Okul Portaly 1.1 Remote File Inclusion Vulnerability in Comdev eCommerce 4.1 Allows Arbitrary PHP Code Execution Arbitrary File Inclusion Vulnerability in Sendcard 3.4.1 and Earlier Insufficient Access Control in Z-Blog 1.7 Allows Remote Database Download Remote File Inclusion Vulnerability in Comdev Web Blogger 4.1's sampleblogger.php Multiple PHP Remote File Inclusion Vulnerabilities in PBSite Denial of Service Vulnerability in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and Earlier Cleartext Password Exposure in Peercast Query String SQL Injection Vulnerability in Comicsense's index.php Allows Remote Code Execution via epi Parameter Promiscuous IFRAME Access Bug in Mozilla Firefox Race Condition Cross-Domain Information Disclosure Vulnerability in Microsoft Internet Explorer URL Bar and SSL Certificate Spoofing Vulnerability in Microsoft Internet Explorer 6 Unspecified Remote Code Execution Vulnerability in Solaris Management Console (SMC) Unspecified Remote Code Execution Vulnerability in Solaris Management Console (SMC) Authentication Bypass Vulnerability in Symantec Reporting Server Arbitrary File Inclusion Vulnerability in PBLang (PBL) 4.67.16.a and Earlier Arbitrary Command Execution in F5 FirePass 4100 SSL VPN Denial of Service Vulnerability in SNMPc Server (crserv.exe) Improper Access Control in iscsid Management Interface Insecure Permissions in iscsid Log Management Semaphore Arbitrary Web Script Injection in Apache MyFaces Tomahawk (XSS Vulnerability) Arbitrary Character Write Vulnerability in OpenSSH 4.3p2 Local Privilege Escalation via Symlink Attack on X.Org X11 xfs Font Server Null Pointer Dereference Vulnerability in sysfs_readdir Function Stack-based Buffer Overflow in Linux Kernel RNG Implementation Heap overwrite vulnerability in libvorbis 1.1.2 and earlier versions before 1.2.0 Denial of Service Vulnerability in Linux Kernel Signal Handling on PowerPC Systems Side-channel attack vulnerability in OpenSSL's BN_from_montgomery function allows retrieval of RSA private keys Arbitrary File Disclosure Vulnerability in CERN Image Map Dispatcher XSS Vulnerability in Andy Frank Beatnik 1.0 Extension for Firefox via RSS Feed Injection Buffer Overflow Vulnerability in Provideo Camimage ActiveX Control Denial of Service Vulnerability in Cacti 0.8.6i Denial of Service Vulnerability in Cacti 0.8.6i and Other Versions Memory Leak Vulnerability in MaraDNS Server (Versions 1.2.12.05 and earlier, and 1.3.x before 1.3.03) Multiple Memory Leaks in MaraDNS Server (CVE-2007-3114, CVE-2007-3116) Memory Leak Vulnerability in MaraDNS 1.2.12.06 and 1.3.05 ADPLAN 3 SEO Module Cross-Site Scripting (XSS) Vulnerability Kravchuk Letter (K-letter) 1.0 - Multiple PHP Remote File Inclusion Vulnerabilities Arbitrary SQL Command Execution in Kartli Alisveris Sistemi (Free-PayPal-Shopping-Cart) 1.0 via news.asp Cross-site scripting (XSS) vulnerability in All In One Control Panel (AIOCP) before 1.3.017 in cp_dpage.php Buffer Overflow in CCdecode Function in Zapping VBI Library (ZVBI) Allows for Denial of Service and Possible Code Execution Bypassing Scanning in ClamAV via RAR File Header Flag Vulnerability Heap-based Buffer Overflow in unrar.c in libclamav in ClamAV Buffer Overflow Vulnerability in FreeVMS Backup Utility Denial of Service Vulnerability in Gimp 2.8.22 Sensitive Information Disclosure in WSPortal 1.0 via content.php SQL Injection Vulnerability in WSPortal 1.0 Allows Remote Code Execution via content.php Arbitrary Script Injection in Utopia News Pro 1.4.0 Login Page OpenWiki Component (com_jd-wiki) 1.0.2 Multiple PHP Remote File Inclusion Vulnerabilities Arbitrary Web Script Injection Vulnerability in Light Blog 4.1 Denial of Service Vulnerabilities in Symantec Ghost Solution Suite Arbitrary SQL Command Execution in urunbak.asp in W1L3D4 WEBmarket 0.1 Cross-Site Scripting (XSS) Vulnerabilities in Atom PhotoBlog 1.0.9 and Earlier Cross-Site Scripting (XSS) Vulnerability in Atom Photoblog 1.0.9 and Earlier Remote File Inclusion Vulnerability in newsSync 1.5.0rc6 Allows Arbitrary PHP Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in WmsCMS 2.0 and Earlier via 4print.asp Directory Traversal Vulnerability in Open Solution Quick.Cart 2.2 and Earlier Default Username and Password Vulnerability in Quick.Cart 2.2 and Earlier SQL Injection Vulnerability in WordPress 2.2 XML-RPC wp.suggestCategories MethodCall PHP Remote File Inclusion Vulnerability in phpWebThings 1.5.2 via editor_insert_top Parameter Address bar spoofing vulnerability in Opera 9.21 through visual truncation Address bar spoofing vulnerability in Konqueror 3.5.5 Address bar spoofing vulnerability in Mozilla 1.7.12 allows for phishing attacks via visual truncation. Galeon 2.0.1 Address Bar Spoofing Vulnerability Insufficient Access Control in Zen Help Desk 2.1 Allows Remote Password Theft Buffer Overflow in Yahoo! Webcam Upload ActiveX Control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 Buffer Overflow in Yahoo! Webcam Viewer ActiveX Control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 Privilege Escalation via Misconfigured KRB5_ Environment Variables in sudo Arbitrary Program Execution Vulnerability in Google Desktop Denial of Service Vulnerability in Packeteer PacketShaper Web Management Interface Predictable Seed for DNS Transaction ID Field in c-ares before 1.4.0 Weak Random Number Generation in c-ares: A Potential DNS Spoofing Vulnerability Unspecified Remote Vulnerability in Walter Zorn wz_tooltip.js Unspecified ADOdb Vulnerability in eGroupWare before 1.2.107-2 Cross-Site Scripting (XSS) Vulnerabilities in pam_login.cgi in Webmin and Usermin Denial of Service Vulnerability in SafeNET High Assurance Remote 1.4.0 Build 12 and SoftRemote Arbitrary File Read Vulnerability in download_script.asp Denial of Service Vulnerability in MiniWeb Http Server 0.8.x via Negative Content-Length Header PHP Real Estate Classifieds Premium Plus Remote File Inclusion Vulnerability Ace-FTP Client 1.24a Buffer Overflow Vulnerability Buffer Overflow Vulnerability in idaiehlp ActiveX Control in Internet Download Accelerator (ida) 5.2 Arbitrary PHP File Upload Vulnerability in FCKeditor 2.4.2 IDN Homograph Phishing Vulnerability in Internet Explorer 7 Anonymity Compromise: Tor Vulnerability in Circuit Construction Buffer Overflow in Qualcomm Eudora 7.1.0.9: Remote Code Execution via IMAP Server Response Arbitrary Code Execution Vulnerability in Vivotek Motion Jpeg ActiveX Control Arbitrary File Deletion Vulnerability in EDraw Office Viewer Component Buffer Overflow Vulnerability in EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20 and Earlier Versions Multiple Cross-Site Scripting (XSS) Vulnerabilities in Uebimiau Webmail Information Disclosure Vulnerability in Uebimiau Webmail via Invalid Parameter Values Directory Traversal Vulnerability in Uebimiau Webmail's error.php Allows Remote Directory Enumeration Remote Information Disclosure Vulnerability in Almnzm's activateorder Request Cross-site scripting (XSS) vulnerability in auth.w2b in W2B Online Banking via adtype parameter Multiple SQL Injection Vulnerabilities in W2B Online Banking Unspecified Vulnerability in Ingate Firewall and SIParator: Unauthorized Support Report Download SIP Authentication Bypass in Ingate Firewall and SIParator SQL Injection Vulnerabilities in Zindizayn Okul Web Sistemi 1.0: Remote Code Execution SQL Injection Vulnerabilities in Particle Blogger 1.2.1 and Earlier: Remote Code Execution Buffer Overflow in Help and Support Center on HP Windows Systems Allows Remote File Access Buffer Overflow in Firebird SQL 2 Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Calendarix 0.7.20070307 Multiple SQL Injection Vulnerabilities in Calendarix 0.7.20070307 Bypassing Authentication and Modifying System Preferences in Cisco Trust Agent on MacOS X Denial of Service Vulnerability in Apple Safari Beta 3.0.1 for Windows Arbitrary Command Execution Vulnerability in Apple Safari Beta 3.0.1 for Windows Unspecified Remote Code Execution Vulnerabilities in Apple Safari for Windows Arbitrary SQL Command Execution in Fullaspsite GeometriX Download Portal Arbitrary Web Script Injection Vulnerability in JFFNMS 0.8.3 SQL Injection Vulnerabilities in Just For Fun Network Management System (JFFNMS) 0.8.3 Information Disclosure Vulnerability in Just For Fun Network Management System (JFFNMS) 0.8.3 Remote Configuration Settings Modification Vulnerability in JFFNMS 0.8.3 Authentication Bypass Vulnerability in PhpWiki LDAP Integration Multiple PHP Remote File Inclusion Vulnerabilities in myBloggie 2.1.5 Arbitrary Script Injection in ERFAN WIKI 1.00 via title parameter Arbitrary SQL Command Execution in vSupport Integrated Ticket System 3.x.x vBSupport 1.1 SQL Injection Vulnerability Arbitrary Web Script Injection in Maran PHP Blog (Maran Blog) Comments Arbitrary PHP Code Execution via Unrestricted File Upload in Link Request Contact Form 3.4 Information Disclosure Vulnerability in NMASINST.LOG WinPT 1.2.0 Visual Truncation Vulnerability Webwiz Rich Text Editor XSS Vulnerability Remote Code Execution Vulnerability in 602Pro LAN SUITE 2003 SMTP Service SQL Injection Vulnerability in Just For Fun Network Management System (JFFNMS) 0.8.4-pre2 Arbitrary Variable Overwrite Vulnerability in parse_str Function Buffer Overflow Vulnerability in Novell NetWare 6.5 SP6 NFS Mount Daemon CRLF Injection Vulnerability in YaBB 2.1 Allows Remote Administrative Access and Code Execution Unencrypted Connections in Mail Notification 4.0 Allow for Information Sniffing Stack-based Buffer Overflow in Cellosoft Tokens Object 2.0.0.6 Extension for Vitalize! Arbitrary Web Script Injection in Domain Technologie Control (DTC) 404.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Beehive Forum 0.7.1 via links.php Parameters Cross-Site Scripting (XSS) Vulnerabilities in Sporum Forum 3.0.9 and Earlier SQL Injection Vulnerability in e-Vision CMS 2.02 and Earlier: Remote Code Execution via style.php Arbitrary Shell Command Execution in PHPMailer 1.7 via Sendmail Configuration Multiple Buffer Overflows in CA BrightStor ARCserve Backup for Laptops and Desktops r11.1 Multiple PHP Remote File Inclusion Vulnerabilities in Prototype of an PHP Application 0.1 Arbitrary Web Script Injection Vulnerability in PHP Live! 3.2.2 and Earlier Unspecified Remote Profile Data Modification Vulnerability in Invision Power Board (IPB or IP.Board) 2.2.0 through 2.2.2 PHP Remote File Inclusion Vulnerability in Cjay Content 3 Module for XOOPS PHP Remote File Inclusion Vulnerability in XT-Conteudo Module for XOOPS XFsection 1.07 Module for XOOPS - PHP Remote File Inclusion Vulnerability in modify.php Denial of Service Vulnerability in Sun Solaris 10 NFS Server Unspecified Attribute Disclosure Vulnerability in Sun ONE/Java System Directory Server Unspecified Remote Data Modification Vulnerability in Sun Java System Directory Server Unspecified Cross-Site Scripting (XSS) Vulnerability in dotProject before 2.1 RC2 Arbitrary Web Script Injection via to_json Function in Ruby on Rails PHP Remote File Inclusion Vulnerability in Sitellite CMS 4.2.12 and Earlier Path Disclosure Vulnerability in Singapore Gallery's index.php PHP Remote File Inclusion Vulnerability in Idan Sofer PHP::HTML 0.6.4 Buffer Overflow Vulnerability in MeCab 0.96: Unknown Impact and Attack Vectors Blank Password Vulnerability in IBM TotalStorage DS400 Firmware 4.15 Arbitrary File Overwrite Vulnerability in TEC-IT TBarCode OCX ActiveX Control Arbitrary SQL Command Execution in Fuzzylime Forum 1.0 via topic Parameter Arbitrary Web Script Injection via topic Parameter in Fuzzylime Forum 1.0 Horoscope 1.0 Module for XOOPS - PHP Remote File Inclusion Vulnerability in footer.php PHP Remote File Inclusion Vulnerability in TinyContent 1.5 Module for XOOPS Arbitrary Script Injection in WordPress 2.2 Default Theme's functions.php Cross-Site Scripting (XSS) Vulnerability in AndyBlue WordPress Theme Arbitrary Code Execution via Cross-Site Scripting (XSS) in Vistered-Little WordPress Theme Arbitrary Web Script Injection in cordobo-green-park WordPress Theme Arbitrary Command Execution via Title Injection in WebAPP Menu Manager Cross-site scripting (XSS) vulnerability in bbPress 0.8.1 bb-login.php SQL Injection Vulnerability in bbPress 0.8.1: Quirky Slashes Bug Guest Nickname Disconnection Vulnerability in IRC Services Preservation of Channel Founder Privileges in IRC Services SQL Injection Vulnerability in VirtueMart 1.0.11 and Earlier Denial of Service Vulnerability in Sun Solaris 10 Arbitrary Web Script Injection Vulnerability in Joomla! Letterman Subscriber Module SQL Injection Vulnerability in Elxis CMS mod_banners.php Multiple Directory Traversal Vulnerabilities in e-Vision CMS 2.02 and Earlier Insecure Storage of Sensitive Information in PortalApp Unspecified Denial of Service Vulnerabilities in Astaro Security Gateway (ASG) Multiple Cross-Site Scripting (XSS) Vulnerabilities in Xythos Enterprise Document Manager (XEDM) and Xythos Digital Locker (XDL) Cross-Site Request Forgery (CSRF) Vulnerabilities in Xythos Enterprise Document Manager (XEDM) and Xythos Digital Locker (XDL) Arbitrary Content-Type Header Vulnerability in Xythos Enterprise Document Manager (XEDM), Digital Locker (XDL), and WebFile Server Arbitrary Code Execution Vulnerability in Evolution Data Server 1.11 Information Disclosure in Calendarix 0.7.20070307 via Large Values in year and month Parameters Information Disclosure in Calendarix 0.7.20070307 Privilege Escalation in HP System Management Homepage (SMH) for Linux with Novell eDirectory Arbitrary Web Script Injection Vulnerability in dKret 2.6 Denial of Service Vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.7 and Earlier Unspecified Authorization Vulnerability in IBM WebSphere Application Server Unspecified Vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.7 and Earlier Arbitrary Web Script Injection Vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.7 and Earlier Arbitrary File Inclusion Vulnerability in ifnet WEBIF's webif.cgi Arbitrary Web Script Injection in Fuzzylime Forum 1.01b and Earlier Denial of Service Vulnerability in IBM Tivoli Provisioning Manager for OS Deployment 5.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Papoo Light 3.6 before 20070611 Remote File Inclusion Vulnerability in phpMyInventory 2.8 Allows Arbitrary Code Execution Remote File Inclusion Vulnerability in YourFreeScreamer 1.0 Arbitrary File Read Vulnerability in MiniBB 2.0.5 SQL Injection Vulnerability in FuseTalk 2.0 index.cfm Denial of Service Vulnerability in Apple Safari 3.0 and 3.0.1 on Windows XP SP2 Arbitrary User Account Access and Spam Email Reading Vulnerability in MailWasher Server Cross-site scripting (XSS) vulnerability in Site@School (S@S) 2.4.10 index.php Unspecified Administrative Access Vulnerability in WIKINDX Localization Module Arbitrary Account Access and SQL Injection via PostgreSQL dblink Host Parameter PL/pgSQL Privilege Escalation Vulnerability Arbitrary Library Mapping Vulnerability in PostgreSQL 8.1 Arbitrary Web Script Injection Vulnerability in Php Hosting Biller 1.0 Buffer Overflow in MSODataSourceControl ActiveX Object: Remote Code Execution Vulnerability Lack of Automatic Screen Locking in GNOME XScreenSaver on Sun Solaris 8 and 9 Denial of Service Vulnerability in Apple Safari 3.0.1 (552.12.2) for Windows File Type Bypass Vulnerability in Mozilla Firefox Arbitrary Code Execution Vulnerability in Avaya IP Softphone R5.2 and R6.0 Arbitrary Web Script Injection Vulnerability in skeltoac stats (Automattic Stats) 1.0 Plugin for WordPress PHP Remote File Inclusion Vulnerability in WiwiMod 0.4 Module for XOOPS Sensitive Information Disclosure in LiveCMS 3.4 and Earlier via ' (quote) Character in cid Parameter Arbitrary Web Script Injection Vulnerability in LiveCMS 3.4 and Earlier Arbitrary PHP Code Execution via Unrestricted File Upload in LiveCMS 3.4 and Earlier Arbitrary SQL Command Execution in LiveCMS 3.4 and Earlier via categoria.php Buffer Overflow Vulnerabilities in libtidy Directory Traversal Vulnerability in YaBB 2.1 and Earlier: Remote Code Execution Arbitrary File Download and Unauthorized Actions in ThunderServer.webThunder.1 ActiveX Control Musoo 0.21 Multiple PHP Remote File Inclusion Vulnerabilities SQL Injection Vulnerability in Spey 0.4.1 and Earlier Versions AWFFull before 3.7.4 Cross-Site Scripting (XSS) Vulnerability in AllSearchStr Bypassing Scanning in F-Secure Anti-Virus Products via Crafted Archive Header SQL Injection Vulnerability in FuseTalk Forum Software Arbitrary DLL Loading and Code Execution Vulnerability in CallCode ActiveX Control Denial of Service Vulnerability in Apache HTTP Server with Prefork MPM Apache httpd Denial of Service Vulnerability via SIGUSR1 Killer Heap-based Buffer Overflow in Trillian 3.x Allows Remote Code Execution Remote File Inclusion Vulnerability in MiniBill 1.2.5's crontab/run_billing.php Allows Arbitrary PHP Code Execution SQL Injection Vulnerability in Solar Empire 2.9.1.1 and Earlier: Remote Code Execution via User-Agent Header Insufficient Randomization in SMF 1.1.2 WAV CAPTCHA Vulnerability Arbitrary PHP Code Execution Vulnerability in Simple Machines Forum (SMF) 1.1.2 Cross-Site Scripting (XSS) Vulnerability in TDizin's arama.asp SQL Injection Vulnerability in print.php in Articles 1.02 and Earlier Module for Xoops Directory Traversal Vulnerability in Jasmine CMS 1.0 SQL Injection Vulnerabilities in Jasmine CMS 1.0: Remote Code Execution Stack-based Buffer Overflow in Altap Servant Salamander PE Viewer Multiple PHP Remote File Inclusion Vulnerabilities in YourFreeScreamer 1.0 Format string vulnerabilities in VideoLAN VLC Media Player before 0.8.6c Denial of Service Vulnerability in Avaya one-X Desktop Edition 2.1.0.70 and Earlier Buffer Overflow Vulnerability in Avaya one-X Desktop Edition SIP UAC Message Parsing Module SIP Firmware Vulnerability in Avaya 4602SW IP Phone: Man-in-the-Middle Attack and Communication Hijacking Arbitrary Source IP Address Vulnerability in Avaya 4602SW IP Phone Denial of Service Vulnerability in Avaya 4602 SW IP Phone Constant Media Port Vulnerability in Avaya 4602 SW IP Phone SQL Injection Vulnerability in Comersus Shop Cart 7.07 via comersus_optReviewReadExec.asp Cross-Site Scripting (XSS) Vulnerabilities in Comersus Cart 7.07 Remote File Inclusion Vulnerability in LAN Management System (LMS) 1.9.6 and Earlier Multiple Directory Traversal Vulnerabilities in vBulletin 3.x.x Sensitive Information Disclosure in HTTP Server 1.6.2 via Trailing Encoded Space in URI Multiple Cross-Site Scripting (XSS) Vulnerabilities in Interact 2.4 Beta 1 Multiple Array Index Errors in Xvid 1.1.2: Remote Code Execution Vulnerability STphp EasyNews PRO 4.0 Cross-Site Scripting (XSS) Vulnerability CSRF Vulnerability in STphp EasyNews PRO 4.0 Allows Unauthorized Password Change Satel Lite for PhpNuke Directory Traversal Vulnerability Stack-based Buffer Overflow in Capture in IBM AIX 5.3 SP6 and 5.2.0 Heap-based Buffer Overflow Vulnerabilities in Ingres Database Server Components SQL Injection Vulnerabilities in PHPEcho CMS Admin Panel Remote Code Execution Vulnerabilities in Ingres Database Server 2006 9.0.4 and CA Products Symlink Attack Vulnerability in Ingres Database Server 2006 9.0.4, r3, 2.6, and 2.5 Stack-based Buffer Overflow Vulnerabilities in Ingres Database Server 2006 Cross-Site Scripting (XSS) Vulnerabilities in FuseTalk Basic, Standard, Enterprise, and ColdFusion Denial of Service Vulnerability in BugHunter HTTP SERVER (httpsv.exe) 1.6.2 Unspecified Memory Address Disclosure Vulnerability in Microsoft Internet Explorer FTP Implementation Cross-Site Scripting (XSS) Vulnerabilities in Movable Type (MT) before 3.34 Arbitrary Web Script Injection Vulnerability in RaidenHTTPD before 2.0.14 Multiple Cross-Site Scripting (XSS) Vulnerabilities in netjukebox 4.01b Multiple SQL Injection Vulnerabilities in PHPAccounts 0.5 Arbitrary Local File Inclusion Vulnerability in PHPAccounts 0.5 Arbitrary SIP Communication Vulnerability in D-Link DPH-540/DPH-541 Phone Remote Denial of Service Vulnerability in D-Link DPH-540/DPH-541 Phone Denial of Service Vulnerabilities in Aastra 9112i SIP Phone Firmware 1.4.0.1048 Denial of Service Vulnerability in AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP Denial of Service Vulnerability in SJPhone SIP Soft Phone 1.60.303c on Dell Axim X3 Cross-site scripting (XSS) vulnerability in Stephen Ostermiller Contact Form before 2.00.02 MyEvent 1.6 PHP Remote File Inclusion Vulnerability in includes/template.php SQL Injection Vulnerabilities in NetClassifieds Premium Edition NetClassifieds Premium Edition Multiple Cross-Site Scripting Vulnerabilities Sensitive Information Disclosure in NetClassifieds Premium Edition Lack of Encryption in NetClassifieds Premium Edition Puts User Data at Risk SerWeb 0.9.6 and Earlier: PHP Remote File Inclusion Vulnerability in html/load_lang.php Multiple PHP Remote File Inclusion Vulnerabilities in SerWeb 0.9.6 and Earlier Arbitrary Command Execution via Buffer Overflow in BitchX 1.1-final IRC Client Denial of Service Vulnerability in Nortel PC Client SIP Soft Phone 4.1 Denial of Service Vulnerabilities in AGEphone before 1.6.2 on Windows Mobile 5 Unspecified Remote Code Execution Vulnerabilities in ageet AGEphone Arbitrary Web Script Injection Vulnerability in MyServer 0.8.9 Improper Handling of Uppercase Characters in Filename Extensions in MyServer 0.8.9 and Earlier Cross-site scripting (XSS) vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel before 10.9.1, and 11.x before 11.4.19-R14378 Information Disclosure Vulnerability in Simple CGI Wrapper (scgiwrap) in cPanel Buffer Overflow Vulnerability in Polycom SoundPoint IP 601 SIP Phone HTTP Server Buffer Overflow in Polycom SoundPoint IP 601 SIP Phone: Denial of Service via Long Via Header PHP Remote File Inclusion Vulnerabilities in Sun Board 1.00.00 Alpha Arbitrary PHP Code Execution via Remote File Inclusion in Powl 0.94 Denial of Service Vulnerability in Avahi Daemon Buffer Overflow Vulnerability in cman Daemon Buffer Overflow Vulnerability in cman Daemon Allows for Denial of Service and Arbitrary Code Execution Lhaca File Archiver Stack-based Buffer Overflow Vulnerability Buffer Overflow in Apple Safari 3.0.2 on Windows XP SP2 via Long Title HTML Tag Predictable Sequence IDs and Same Starting ID Vulnerability in Net::DNS Remote Code Execution Vulnerability in PHP via .htaccess File Denial of Service Vulnerability in Red Hat Enterprise Linux (RHEL) 4 Kernel Distributed Lock Manager Denial of Service Vulnerability Denial of Service vulnerability in GDM daemon Cookie Delimiter Vulnerability in Apache Tomcat Cross-site scripting (XSS) vulnerability in SendMailServlet in Apache Tomcat 4.x allows remote attackers to inject arbitrary web script or HTML via the From field and other fields. Cross-Site Scripting (XSS) Vulnerabilities in Apache Tomcat 3.3 through 3.3.2 Apache Tomcat Cookie Value Handling Vulnerability Arbitrary HTML and Web Script Injection in Apache Tomcat Host Manager Servlet Stack-based buffer overflow in StreamPredictor::getNextLine function in xpdf 3.02 and other products allows remote attackers to execute arbitrary code via a crafted PDF file. Multiple Format String Vulnerabilities in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 Denial of Service Vulnerability in Wireshark before 0.99.6 Denial of Service Vulnerability in Wireshark 0.99.5 and 0.10.x up to 0.10.14 Denial of Service Vulnerability in Wireshark 0.99.5 via Malformed DCP ETSI Packet Denial of Service Vulnerability in Wireshark Versions Prior to 0.99.6 Denial of Service Vulnerability in Wireshark DHCP/BOOTP Dissector Multiple SQL Injection Vulnerabilities in eNdonesia 8.4 Arbitrary Web Script Injection Vulnerability in KeyFocus (KF) Web Server 3.1.0 Information Leakage Vulnerability in IBM WebSphere Application Server Denial of Service Vulnerability in LiteWEB 2.7 Arbitrary SQL Command Execution in Power Phlogger (PPhlogger) 2.2.5 and Earlier Arbitrary File Overwrite Vulnerability in NCTAudioEditor2 ActiveX Control Remote File Inclusion Vulnerability in B1G b1gBB 2.24 footer.inc.php SQL Injection Vulnerability in pagetool 1.07: Remote Code Execution via news_id Parameter Unrestricted File Upload Vulnerability in DreamLog 0.5 Arbitrary File Read Vulnerability in SiteDepth CMS 3.44 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Lebisoft zdefter 4.0 Multiple Absolute Path Traversal Vulnerabilities in Microsoft Internet Explorer 6 on Windows XP SP2 Information Disclosure Vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 Unspecified Vulnerabilities in Dia Before 0.96.1-6 with Potential FreeType Exploits Denial of Service Vulnerability in Net::DNS Perl Module Stack-based Buffer Overflow in SmilTimeValue::parseWallClockValue function in RealPlayer Arbitrary SQL Command Execution in ClickGallery Server 5.1 and Earlier via edit_image.asp Arbitrary Web Script Injection Vulnerability in ClickGallery Server 5.1 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in bosDataGrid 2.50 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in access2asp 4.5 and Earlier SQL Injection Vulnerabilities in phpRaider 1.0.0 rc8: Remote Code Execution via index.php Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in WebAPP Administration Cross-Site Scripting (XSS) Vulnerabilities in web-app.org WebAPP before 0.9.9.7 User Impersonation Vulnerability in web-app.org WebAPP before 0.9.9.7 Insecure Profile Settings Handling in web-app.org WebAPP Unauthenticated User Cookie Persistence Vulnerability in web-app.org WebAPP Unverified User Presence in WebAPP Web-App.org Vulnerability Remote Code Execution Vulnerability in web-app.org WebAPP before 0.9.9.7 Arbitrary File Disclosure Vulnerability in WebAPP Arbitrary Directory Traversal Vulnerability in web-app.org WebAPP Arbitrary File Inclusion Vulnerability in phpTrafficA 1.4.2 and Earlier Arbitrary Web Script Injection Vulnerability in phpTrafficA 1.4.2 and Earlier SQL Injection Vulnerability in phpTrafficA 1.4.2 and Earlier: Remote Code Execution via stats Action Unspecified Remote Code Execution Vulnerabilities in phpTrafficA before 1.4.2 Arbitrary PHP Code Execution via Unrestricted File Upload in e107 0.7.8 and Earlier SQL Injection Vulnerability in Simple Invoices 2007 05 25: Remote Code Execution via Email Action Remote File Inclusion Vulnerability in Valerio Capello Dagger - The Cutting Edge r23jan2007 Unrestricted File Upload Vulnerability in Pluxml 0.3.1 Allows Remote Code Execution SQL Injection Vulnerability in Pharmacy System 2: Remote Code Execution via ID Parameter Sensitive Information Disclosure via ' (quote) Character in Pharmacy System 2 and Earlier Stack-based Buffer Overflow in BeginPrint Method of BarCodeAx.dll 4.9 Allows Remote Code Execution Denial of Service Vulnerability in Microsoft MSN Messenger 4.7 Denial of Service Vulnerability in AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP Buffer Overflow Vulnerability in Nortel PC Client SIP Soft Phone 4.1 3.5.208[20051015] Snom 320 SIP Phone Information Disclosure Vulnerability Arbitrary Phone Number Call Vulnerability in Snom 320 SIP Phone Format string vulnerability in Aastra 9112i SIP Phone firmware 1.4.0.1048 and boot version 1.1.0.10 Format String Vulnerability in BlackBerry 7270 Allows Denial of Service Denial of Service Vulnerability in Research in Motion BlackBerry 7270 Denial of Service Vulnerability in Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 Buffer Overflow Vulnerability in SJ Labs SJphone 1.60.303c on Samsung SCH-i730 Default Credentials Vulnerability in BugMall Shopping Cart 2.5 and Earlier SQL Injection Vulnerability in BugMall Shopping Cart 2.5 and Earlier: Remote Code Execution via Basic Search Box Arbitrary Script Injection in BugMall Shopping Cart 2.5 and Earlier SQL Injection Vulnerability in member.php in 6ALBlog Allows Remote Code Execution via newsid Parameter SQL Injection Vulnerability in member.php in 6ALBlog 6ALBlog Remote File Inclusion Vulnerability in admin/index.php SQL Injection Vulnerability in eDocStore's doc.php Allows Remote Code Execution SQL Injection Vulnerability in Papoo 3.6 and Earlier: Remote Code Execution via selmenuid Parameter Stack-based Buffer Overflow in Trend Micro OfficeScan Corporate Edition 8.0 Bypassing Password Requirement in Trend Micro OfficeScan Corporate Edition 8.0 Arbitrary Code Execution via Integer Overflow in Adobe Flash Player CSRF Vulnerability in Adobe Flash Player 8.0.34.0 and Earlier Denial of Service Vulnerability in libsldap Library in Sun Solaris 8, 9, and 10 Arbitrary File Creation/Overwrite Vulnerability in Avaxswf.dll 1.0.0.1 PHP Remote File Inclusion Vulnerabilities in EVA-Web 1.1 through 2.2 SQL Injection Vulnerability in elkagroup Image Gallery 1.0: Remote Code Execution via pid Parameter CSRF Vulnerability in Check Point SofaWare Safe@Office Arbitrary Process Killing Vulnerability in Microsoft Windows XP SP2 Insecure Password Change Process in Check Point SofaWare Safe@Office Default Password Vulnerability in Check Point SofaWare Safe@Office Firmware Integer Overflow in VLC Media Player Allows Remote Denial of Service via Large Sample Rate in WAV File Denial of Service Vulnerability in VideoLAN VLC Media Player Denial of Service Vulnerability in Sun Solaris 10 TCP Loopback/Fusion Implementation Unspecified Denial of Service Vulnerabilities in KSSL Kernel Module in Sun Solaris 10 Buffer Overflow Vulnerability in dtsession CDE Session Manager in Sun Solaris 8, 9, and 10 Integer Overflow in gdImageCreateTrueColor Function in libgd Denial of Service Vulnerability in gdImageCreateXbm Function Unspecified Vulnerabilities in GD Graphics Library GIF Reader Denial of Service Vulnerability in GD Graphics Library (libgd) before 2.0.35 Array Index Error in GD Graphics Library Allows Remote Denial of Service Denial of Service Vulnerability in GD Graphics Library (libgd) due to Large Angle Degree Values in imagearc and imagefilledarc Functions Race condition vulnerability in gdImageStringFTEx in libgd before 2.0.35 allows denial of service Stack-based Buffer Overflow in PCSoft WinDEV 11 (01F110053p) via Long String in Used DLL Field Denial of Service Vulnerability in PCSoft WinDEV 11 (01F110053p) Cross-domain vulnerability in Microsoft Internet Explorer 6 and 7: Bypassing Same Origin Policy Cross-domain vulnerability in Apple Safari for Windows 3.0.1 allows remote attackers to bypass same origin policy and access restricted information Default Configuration Allows Installation of Arbitrary Third-Party Applications on BlackBerry Devices, Facilitating Malware Loading Disputed Cross-Site Scripting (XSS) Vulnerability in Google Custom Search Engine Yandex.Server Multiple Cross-Site Scripting (XSS) Vulnerabilities AltaVista Search Engine XSS Vulnerability Arbitrary File Creation and Overwrite Vulnerability in HP Photo Digital Imaging ActiveX Control Heap-based Buffer Overflow in Sony Network Camera ActiveX Control CSRF Vulnerability in Check Point VPN-1 Edge X Embedded NGX 7.0.33x Unspecified Remote Code Execution Vulnerability in Microsoft Excel 2003 SP2 Buffer Overflow in _mprosrv: Remote Code Execution Vulnerability Denial of Service Vulnerability in Conti FtpServer 1.0 via LIST Command Argument Arbitrary File Creation/Overwrite Vulnerability in NCTWavChunksEditor2.dll Unauthenticated Access to Backend Administration Plugins in Papoo CMS 3.6 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in SAP Internet Communication Framework (BC-MID-ICF) Arbitrary Web Script Injection via User-Agent Header in SAP Web Dynpro Java Information Disclosure Vulnerability in Microsoft Internet Explorer 7 HTML Purifier 2.0.1 - Cross-Site Scripting (XSS) Vulnerability in configForm.php Vulnerability: SlackRoll before 8 Accepts Invalid GPG Exit Codes Remote Privilege Escalation in Xeweb XEForum via Modified Cookie Arbitrary Web Script Injection in CMD_USER_STATS in DirectAdmin 1.30.1 and Earlier Unspecified Directory Access Vulnerability in Kaspersky Anti-Spam Web-Based Product Configuration System Cross-Site Scripting (XSS) Vulnerability in Javadoc Tool of Sun JDK 6 and JDK 5.0 Update 11 Java Web Start Directory Traversal Vulnerability Directory Traversal Vulnerabilities in QuickTalk Forum 1.3 Memory Buffer Overwrite Vulnerability in FreeType 2.3.3 Stack-based Buffer Overflow in flac123 Allows Arbitrary Code Execution Potential Integer Overflow in glibc's process_envvars Function Heap-based Buffer Overflow in Symantec Backup Exec for Windows Servers RPC Subsystem Buffer Overflow Vulnerability in IBM Lotus Domino IMAP Service Focus Manipulation Vulnerability in Mozilla Firefox and SeaMonkey Stack-based Buffer Overflow in Lhaca File Archiver Allows Arbitrary Code Execution Unbounded Memory Consumption in Linux Kernel's lcd_write Function Cross-domain vulnerability in Apple Safari for Windows 3.0.2: Bypassing Same Origin Policy and Accessing Restricted Information Arbitrary SQL Command Execution in TotalCalendar 2.402 and Earlier via view_event.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Gorki Online Santrac Sitesi Multiple Cross-Site Scripting (XSS) Vulnerabilities in Claroline 1.8.3 SQL Injection Vulnerability in HispaH YouTube Clone Script (youtubeclone) Allows Remote Code Execution via msg.php Arbitrary SQL Command Execution in phpEventCalendar 0.2.3 and Earlier Arbitrary SQL Command Execution in Easybe 1-2-3 Music Store via CategoryID Parameter SQL Injection Vulnerability in ArcadeBuilder Game Portal Manager 1.7 PHP Remote File Inclusion Vulnerabilities in sPHPell 1.01 Arbitrary Local File Inclusion Vulnerabilities in XCMS 1.1 Ripe Website Manager 0.8.9 Multiple PHP Remote File Inclusion Vulnerabilities Information Disclosure Vulnerability in Ripe Website Manager 0.8.9 and Earlier SQL Injection Vulnerabilities in Buddy Zone 1.5 and Earlier Firebird 2.0.0 Integer Overflow Denial of Service Vulnerability Weak Blowfish-CBC Cryptography and Predictable IV Values in DAR Sensitive Information Disclosure via Empty id[] Parameter in PHPDirector 0.21 and Earlier Local Privilege Escalation in PHPDirector 0.21 and Earlier Arbitrary File Overwrite Vulnerability in NVidia NVClock Insecure Permissions in NVIDIA Drivers: Local Exploitation and Information Disclosure Denial of Service Vulnerability in 3Com IntelliJack Switch NJ220 SQL Injection Vulnerability in WebChat 0.78 Login.php Allows Remote Code Execution Directory Traversal Vulnerabilities in GL-SH Deaf Forum 6.4.4 and Earlier Buffer Overflow Vulnerabilities in AMX NetLinx VNC ActiveX Control (AmxVnc.dll 1.0.13.0) TCP SYN-FIN Response Vulnerability in IBM OS/400 (aka i5/OS) on iSeries Machines Arbitrary SQL Command Execution in QuickTalk Guestbook 1.2 via SQL Injection in qtg_msg_view.php Multiple SQL Injection Vulnerabilities in QuickTicket and QuickTalk Forum Multiple Cross-Site Scripting (XSS) Vulnerabilities in rwAuction Pro 5.0's search.asp Arbitrary Web Script Injection Vulnerability in Kurinton sHTTPd Pluxml 0.3.1 admin/auth.php XSS Vulnerability Arbitrary PHP Code Execution via Unrestricted File Upload in WordPress Unrestricted File Upload Vulnerability in WordPress 2.2.1 and WordPress MU 1.2.3 Buffer Overflow Vulnerability in Warzone 2100 Resurrection before 2.0.7 Nessus Vulnerability Scanner Windows GUI Cross-Site Scripting (XSS) Vulnerability QuickTicket 1.2 Directory Traversal Vulnerability Remote Code Execution Vulnerability in W3Filer 2.1.3 via Stack-based Buffer Overflow SQL Injection Vulnerability in Buddy Zone 1.5: Remote Code Execution via view_sub_cat.php Internet Explorer Zone Domain Specification Denial of Service Vulnerability Buffer Overflow Vulnerability in bbs100 before 3.2 Unspecified Denial of Service Vulnerabilities in bbs100 before 3.2 Cross-Site Scripting (XSS) Vulnerability in Oracle Application Server 11i Remote Code Execution Vulnerability in HP Instant Support - Driver Check ActiveX Control Cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1 via style expression in search parameter Insecure Storage of Sensitive Information in Liesbeth Base CMS SQL Injection Vulnerability in Wheatblog (wB) 1.1 Allows Remote Code Execution SQL Injection Vulnerability in Coppermine Photo Gallery (CPG) Allows Remote Code Execution Cross-site scripting (XSS) vulnerability in PHP-Fusion 6.01.10 and 6.01.9 in shoutbox_panel.php Unspecified Vulnerabilities in Esqlanelapse 2.6 with Unknown Impact and Attack Vectors Cross-Site Scripting (XSS) Vulnerability in Efendy Blog 1.0's ara.asp Arbitrary SQL Command Execution in PHP Director 0.21 and Earlier SQL Injection Vulnerability in AV Arcade 2.1b - Remote Code Execution SSL/TLS Certificate Expiration Bypass in libcurl 7.14.0 - 7.16.3 with GnuTLS Support Remote Code Execution Vulnerability in Borland InterBase 2007 Database Service Authentication Bypass Vulnerability in MySQLDumper 1.21b through 1.23 REV227 Denial of Service Vulnerability in imlib's _LoadBMP Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in Oliver Library Management System Bypassing Security Controls in Novell Access Manager Apache Web Server Information Disclosure Vulnerability Remote Command Execution Vulnerability in Yoggie Pico and Pico Pro Web Interface Multiple SQL Injection Vulnerabilities in Akocomment Cross-Site Scripting (XSS) Vulnerabilities in Cisco Linksys WAG54GS Wireless-G ADSL Gateway Firmware 1.00.06 Arbitrary SQL Command Execution Vulnerability in FreeDomain.co.nr Clone Arbitrary Scheme XSS Bypass in Microsoft Internet Explorer 6 Arbitrary Web Script Injection in PHPIDS (before 20070703) Arbitrary Web Script Injection in PHPIDS (before 20070703) Arbitrary Web Script Injection in PHPIDS (before 20070703) Arbitrary Web Script Injection Vulnerability in PHPIDS Cleartext Password Transmission Vulnerability in Jedox Palo 1.5 Client SQL Injection Vulnerability in SuperCali PHP Event Calendar 0.4.0 SQL Injection Vulnerability in Girlserv Ads 1.5 and Earlier: Remote Code Execution via idnew Parameter SQL Injection Vulnerability in PNphpBB2 1.2i and Earlier: Remote Code Execution via viewforum.php Remote File Inclusion Vulnerability in MyCMS 0.9.8 and Earlier: Arbitrary PHP Code Execution Multiple Direct Static Code Injection Vulnerabilities in MyCMS 0.9.8 and Earlier Remote Code Execution via Admin Cookie Parameter in MyCMS 0.9.8 and Earlier SQL Injection Vulnerability in VBZooM 1.12's reply.php Allows Remote Code Execution SQL Injection Vulnerabilities in b1gbb 2.24.0: Remote Code Execution via id Parameter Arbitrary Web Script Injection in visitenkarte.php in b1gBB 2.24.0 Unspecified Remote Profile Modification Vulnerability in Elite Bulletin Board Arbitrary Message Deletion and Attack Vulnerability in Elite Bulletin Board (before 1.0.10) Multiple Cross-Site Scripting (XSS) Vulnerabilities in ManageEngine NetFlow Analyzer 5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in AdventNet ManageEngine OpManager 6 and 7 Cross-Site Scripting (XSS) Vulnerability in phpVideoPro before 0.8.8 Session Fixation Vulnerability in Zen Cart 1.3.7 and Earlier: Remote Session Hijacking Information Disclosure and User Enumeration in vtiger CRM before 5.0.3 Unauthorized Import and Export of Contact Information in vtiger CRM before 5.0.3 Arbitrary Field Merge Vulnerability in Vtiger CRM WordPlugin Information Disclosure in vtiger CRM before 5.0.3 via Home Page and Event List View Insecure Account Activation in vtiger CRM Allows Unauthorized Data Access and Modification SQL Injection Vulnerability in vtiger CRM Dashboard Vulnerability: Unauthorized Access to Organization's Pipeline Data in vtiger CRM Arbitrary Code Execution Vulnerability in EnjoySAP SAP GUI ActiveX Control Heap-based Buffer Overflow in EnjoySAP SAP GUI ActiveX Control Unspecified Denial of Service Vulnerabilities in EnjoySAP SAP GUI ActiveX Controls Unspecified Remote File Creation Vulnerabilities in EnjoySAP SAP GUI ActiveX Controls SQL Injection Vulnerabilities in eMeeting Online Dating Software 5.2 SQL Injection Vulnerability in categories_type.php in phpVID 0.9.9 Unauthenticated Remote Administrative Actions in VRNews 1.1.1 Visual IRC (ViRC) 2.0 Stack-Based Buffer Overflow Vulnerability Arbitrary Web Script Injection Vulnerability in SAP Internet Graphics Service (IGS) Multiple Stack-Based Buffer Overflows in SAP DB Web Server (waHTTP.exe) Denial of Service Vulnerability in SAP NetWeaver Application Server Arbitrary Profile Settings Modification Vulnerability in vtiger CRM Arbitrary Read Access Vulnerability in vtiger CRM before 5.0.3 Stack-based Buffer Overflow in EMC NetWorker Remote Exec Service Directory Traversal Vulnerability in Maia Mailguard 1.0.2 and Earlier Multiple Directory Traversal Vulnerabilities in Maia Mailguard 1.0.2 and Earlier CRLF Injection Vulnerabilities in AsteriDex 3.0 and Earlier Versions Denial of Service Vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 Cross-Site Scripting (XSS) Vulnerability in Hitachi JP1/HiCommand Device Manager and Related Applications Heap-based Buffer Overflow in SAP Message Server Allows Remote Code Execution Denial of Service Vulnerability in Citrix Presentation Server Clients Denial of Service Vulnerability in Hitachi TPBroker ADM Daemon Multiple SQL Injection Vulnerabilities in PHP Lite Calendar Express 2.2 Unspecified vulnerability in fetch function in PEAR Structures-DataGrid-DataSource-MDB2 0.1.9 and earlier SQL Injection Vulnerability in Levent Veysi Portal 1.0 (oku.asp) Allows Remote Code Execution Unauthenticated Password Change Vulnerability in AV Tutorial Script (avtutorial) 1.0 SQL Injection Vulnerability in GameSiteScript (GSS) 3.1 and Earlier: Remote Code Execution via index.php LimeSurvey (PHPSurveyor) 1.49RC2 Multiple PHP Remote File Inclusion Vulnerabilities Chilkat Zip ActiveX Control Absolute Path Traversal Vulnerability Arbitrary Command Execution Vulnerability in G/PGP Plugin 2.0 for Squirrelmail 1.4.10a (CVE-XXXX-XXXX) Unspecified Command Injection Vulnerabilities in G/PGP (GPG) Plugin for Squirrelmail Unspecified Remote Code Execution Vulnerabilities in G/PGP (GPG) Plugin 2.1 for Squirrelmail SQL Injection Vulnerability in MKPortal 1.1.1 (ZD-00000008) Buffer Overflow Vulnerability in Yahoo! Messenger 8.1 (ZD-00000005) WordPress Redirect and Information Disclosure Vulnerability Arbitrary File Modification and Cross-Site Scripting (XSS) Vulnerability in Adobe Integrated Runtime (AIR) Buffer Overflow Vulnerability in libarchive NULL Pointer Dereference Vulnerability in Linux Kernel's decode_choice Function Remote Code Execution in AV Arcade 2.1b via admin/index.php Denial of Service Vulnerability in libarchive before 2.2.4 Denial of Service Vulnerability in libarchive before 2.2.4 SQL Injection Vulnerability in FlashGameScript 1.7 and Earlier: Remote Code Execution via User Parameter Authentication Bypass Vulnerability in phpTrafficA 1.4.3 and Earlier SQL Injection Vulnerability in Webmatic <= 2.6.2 and possibly <= 2.7 Absolute Path Traversal Vulnerability in HPQVWOCX.dll 2.1.0.556 ActiveX Control Sensitive Information Disclosure in myWebland myBloggie 2.1.6 Sensitive Information Disclosure in FaScript FaName 1.0 via id Parameter SQL Injection Vulnerability in FaScript FaName 1.0 via id Parameter in class/page.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Farsi Script (FaScript) FaName 1.0 Denial of Service Vulnerability in NetBSD Display Driver Allocattr Functions Remote Code Execution via Stack-based Buffer Overflow in Sun Java Web Start Security Zone Check Bypass Vulnerability in Mozilla Firefox Denial of Service Vulnerability in Mozilla Firefox 2.0.0.4 Denial of Service Vulnerability in Microsoft Register Server (REGSVR) via Crafted DLL Library Buffer Overflow in FreeWRL 1.19.3's doBrowserAction Function via Crafted BROWSER Environment Variable Arbitrary File Overwrite Vulnerability in Nonnoi ASP/Barcode ActiveX Control Denial of Service Vulnerability in Eltima Software Virtual Serial Port (VSPAX) ActiveX Control Remote Code Execution Vulnerability in Media Player Classic (MPC) 6.4.9.0 via Crafted FLV File Remote Code Execution Vulnerability in Media Player Classic (MPC) 6.4.9.0 via Crafted MPA File Unspecified Denial of Service Vulnerabilities in Eltima Software RunService ActiveX Control Unspecified Denial of Service Vulnerabilities in Symantec Norton Ghost 12.0 Remote Code Execution Vulnerability in Symantec Norton Ghost 12.0 via RemoteCommand.DLL Denial of Service Vulnerability in ActiveReportsExcelReport's EXCLEXPT.DLL Unspecified Denial of Service Vulnerabilities in NuMedia NMSDVDX Unspecified Vulnerabilities in Innovasys DockStudioXP ActiveX Control with Denial of Service Impact Cross-Browser Scripting and Command Execution Vulnerability in Microsoft Internet Explorer Unspecified Remote Attack Vector Vulnerability in Microsoft Windows Vista Kernel Arbitrary Script Injection Vulnerability in DotClear 1.2.6 Memory Overwrite Vulnerability in Symantec symtdi.sys Format String Vulnerabilities in Kaspersky Online Scanner ActiveX Control Remote Code Execution and Denial of Service Vulnerability in IBM DB2 Universal Database (UDB) Administration Server (DAS) SQL Injection Vulnerabilities in Maxsi eVisit Analyst QuarkXPress 7.2 Stack-Based Buffer Overflow Vulnerability Arbitrary Code Execution Vulnerability in Citrix Access Gateway Stack-based Buffer Overflow in libodm in IBM AIX 5.2.0 and 5.3.0 Arbitrary Code Execution via IOCTL 9031 (BIOCGSTATS) Handler in NPF.SYS Driver SQL Injection Vulnerability in OpenLD 1.2.2 and Earlier: Remote Code Execution via id Parameter in index.php SQL Injection Vulnerability in pagetopic.php in Aigaion 1.3.3 and Earlier SQL Injection Vulnerabilities in Unobtrusive Ajax Star Rating Bar Unobtrusive Ajax Star Rating Bar before 1.2.0 - Cross-Site Scripting (XSS) Vulnerability in rpc.php CRLF Injection Vulnerability in Unobtrusive Ajax Star Rating Bar SQL Injection Vulnerability in Inferno Technologies RPG Inferno 2.4 and Earlier Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in DotClear 1.2.6 Remote Code Execution Vulnerability in Drupal Print Module Remote Access Vulnerability in Drupal Forward Module Multiple SQL Injection Vulnerabilities in changePW.php in AV Tutorial Script (avtutorial) 1.0 EZFactory KDDI Download CGI 1.x - Directory Traversal Vulnerability Gobi Cross-Site Scripting (XSS) Vulnerability in Search Function Arbitrary Web Script Injection in Miro Project Broadcast Machine 0.9.9.9 Login Page Buffer Overflow in LICRCMD.EXE in CA ERwin Process Modeler 7.1 Remote Denial of Service Vulnerabilities in CA ERwin Data Model Validator Remote Code Execution via PHP Remote File Inclusion in FlashBB 1.1.8 and Earlier Denial of Service Vulnerability in Java Secure Socket Extension (JSSE) Denial of Service Vulnerability in Symantec Products via RAR Archive File Header Cleartext Password Logging Vulnerability in Sun Java System Access Manager TippingPoint IPS Vulnerability: Hex-encoded Alternate Unicode Slash Bypass Arbitrary File Read Vulnerability in Mail Machine 3.989 and Earlier Stack-based Buffer Overflow in Zenturi Program Checker Pro ActiveX Control Remote Authentication Bypass in Entertainment CMS via adminLogged Cookie Remote SQL Injection Vulnerability in FuseTalk 2.0 Arbitrary Global Variable Unsetting Vulnerability in CodeIgniter 1.5.3 CodeIgniter 1.5.3 Directory Traversal Vulnerability CodeIgniter 1.5.3 XSS Vulnerability in xss_clean Function CRLF Injection Vulnerability in CodeIgniter 1.5.3 Redirect Function Arbitrary PHP Code Execution via Remote File Inclusion in PHP Comet-Server Fragmented Packet Evasion Vulnerability in TippingPoint IPS Multiple Cross-Site Scripting (XSS) Vulnerabilities in HiddenChest is ve Bayi Basvuru Formu Multiple Buffer Overflows in Konst CenterICQ 4.9.11 through 4.21 Directory Traversal Vulnerability in Ada Image Server (ImgSvr) 0.6.5 Allows Remote File Read Arbitrary Java Method Execution Vulnerability in Sun Java System Application Server and Web Server Arbitrary Code Execution Vulnerability in Java XML Digital Signature Implementation Privilege Escalation via Improper Helper Application Calling in Sun Solaris 8, 9, and 10 Unspecified Remote Code Execution Vulnerabilities in Apple Safari 3 Beta for Windows Denial of Service Vulnerability in Linux Kernel 2.6.16 Process Scheduler Denial of Service Vulnerability in Linux Kernel 2.4 Process Scheduler CPU Consumption Denial of Service Vulnerability in FreeBSD's ULE Process Scheduler Denial of Service Vulnerability in 4BSD Process Scheduler in FreeBSD Kernel Denial of Service Vulnerability in Sun Solaris Process Scheduler Denial of Service Vulnerability in Windows XP Process Scheduler NULL Pointer Dereference Vulnerability in Clam Antivirus (ClamAV) Integer Signedness Error in SET_VALUE Function in unrar 3.70 Beta 3 Unspecified Vulnerabilities in Webmatic Administration Area Buffer Overflow in SILC Client and SILC Toolkit: Remote Denial of Service via NICK_CHANGE Notifications Username Enumeration Vulnerability in TCP/IP Services 5.6 for HP OpenVMS 8.3 Lack of Logging in Default Configuration of POP Server in TCP/IP Services 5.6 for HP OpenVMS 8.3 Invalid LDT Segment Selector Vulnerability in Linux Kernel 2.6.20 and 2.6.21 Kernel Crash Vulnerability Due to Improper Segment Restoration in Linux 2.6 Unspecified Memory Corruption Vulnerabilities in Mozilla Firefox and Thunderbird Unspecified Memory Corruption Vulnerabilities in Mozilla Firefox and Thunderbird Timing-based Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox Arbitrary Code Execution with Chrome Privileges in Mozilla Firefox Arbitrary Code Execution Vulnerabilities in Mozilla Firefox Kernel Stack Expansion Vulnerability in hugetlb on PowerPC Systems CIFS Filesystem Privilege Escalation Vulnerability User-assisted Denial of Service Vulnerability in GIMP Plugins IDN Homograph Phishing Vulnerability in Apple Safari and iPhone Stack-based Buffer Overflow in Apple Safari 3 Beta Allows Arbitrary Code Execution via Long Bookmark Title Heap-based Buffer Overflow in UPnP IGD Implementation in mDNSResponder on Apple Mac OS X 10.4.10 Remote Code Execution Vulnerability in Java Interface to CoreAudio on Apple Mac OS X Heap Bounds Check Bypass Vulnerability in Java Interface to CoreAudio on Apple Mac OS X Arbitrary Code Execution Vulnerability in Java Interface to CoreAudio on Apple Mac OS X Buffer Overflow Vulnerability in iChat on Apple Mac OS X 10.3.9 and 10.4.10 Privilege Escalation Vulnerability in Apple Mac OS X 10.4 through 10.4.10 Heap-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution via Crafted STSD Atoms Unspecified Remote Code Execution Vulnerability in QuickTime for Java Heap-based Buffer Overflow in Apple iTunes Allows Remote Code Execution via Crafted Album Cover Art Bluetooth Denial of Service and Code Execution Vulnerability in Apple iPhone 1.1.1 Lack of SSL Certificate Validation in Apple iPhone 1.1.1 Mail App Remote User-Assisted Call Exploit in Apple iPhone 1.1.1 Cross-Domain Information Disclosure Vulnerability in Safari Remote User-Assisted Call Spoofing Vulnerability in Safari for Apple iPhone 1.1.1 Cross-Site Scripting (XSS) Vulnerability in Safari 1.1.1 and Safari 3.0.4 Delayed Disabling of Javascript in Safari on Apple iPhone 1.1.1 Arbitrary Web Script Injection Vulnerability in Safari on Apple iPhone and Mac OS X Safari XSS Vulnerability in Apple iPhone 1.1.1 Stack-based Buffer Overflow in Asterisk IAX2 Channel Driver NULL pointer dereference vulnerability in IAX2 channel driver in Asterisk Denial of Service Vulnerability in Asterisk Skinny Channel Driver Denial of Service Vulnerability in Asterisk STUN Implementation Denial of Service Vulnerability in SurgeFTP 2.3a1 via Malformed PASV Response SurgeFTP 2.3a1 Mirrored Server Management Interface Cross-Site Scripting (XSS) Vulnerability Arbitrary Command Execution via Crafted Link in Xfce Terminal 0.2.6 Stack-based Buffer Overflow in Symantec AntiVirus Corporate Edition and Client Security PsNews 1.1 Directory Traversal Vulnerability Arbitrary File Upload Vulnerability in Email-Template Module of Generic YouTube Clone Script Insufficient Access Control in Dvbbs 7.1.0 SP1 Allows Remote Database Download Denial of Service Vulnerability in Cisco Unified Communications Manager and Unified Presence Server Information Disclosure Vulnerabilities in Cisco Unified Communications Manager and Unified Presence Server Arbitrary Address Copy Vulnerability in Grisoft AVG Anti-Virus 7.5.448 and Free Edition 7.5.446 Arbitrary Command Execution in G/PGP Plugin for Squirrelmail Arbitrary Local File Inclusion Vulnerability in G/PGP Plugin for Squirrelmail Denial of Service Vulnerability in MySQL Community Server MySQL Community Server CREATE TABLE LIKE Statement Privilege Escalation Vulnerability Privilege Escalation via Cross-Database View in MySQL Community Server SQL Injection Vulnerability in enVivo!CMS Default.asp Arbitrary Web Script Injection Vulnerability in Belkin G Plus Router F5D7231-4 Absolute Path Traversal Vulnerability in EldoS SecureBlackbox (sbb) 5.1.0.112 ActiveX Control CSRF Vulnerability on eSoft InstaGate EX2 UTM Device Allows Remote Privilege Escalation Vulnerability: Password Change Bypass in eSoft InstaGate EX2 UTM Device Insecure Storage of Admin Password in eSoft InstaGate EX2 UTM Device SQL Injection Vulnerability in Inmostore 4.0 Admin Panel Denial of Service Vulnerability in PHP 5.2.3's com_print_typeinfo Function Buffer Overflow in w_read function in policyd before 1.81 for Postfix allows remote code execution PHP Remote File Inclusion Vulnerabilities in AzDG Dating Gold 3.0.5 SQL Injection Vulnerability in JP1/NETM/DM Manager on Windows Buffer Overflow Vulnerability in Hitachi Cosminexus V4 through V7 and Third-Party Products via GIF Image Processing APIs Denial of Service Vulnerability in Hitachi TP1/Server Base on HP-UX SQL Buffer Truncation Vulnerability in MailMarshal SMTP 6.2.0.x Arbitrary Code Execution via Integer Overflow in BGP Dissector in tcpdump Arbitrary Attribute Injection in PHP Session Cookie Privilege Escalation Vulnerability in Symantec AntiVirus Corporate Edition and Client Security SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00: Address Blacklist Bypass Vulnerability Bypassing Scanning in Clavister CorePlus AntiVirus Engine Denial of Service Vulnerability in Clavister CorePlus IKE Implementation Denial of Service and Arbitrary Code Execution Vulnerability in PHP 5.2.3 glob Function Cross-Site Scripting (XSS) Vulnerabilities in SiteScape Forum before 7.3 SQL Injection Vulnerability in paFileDB 3.6 via categories[] Parameter in includes/search.php Multiple SQL Injection Vulnerabilities in Prozilla Directory Script SQL Injection Vulnerability in Realtor 747's index.php Allows Remote Code Execution Multiple SQL Injection Vulnerabilities in eSyndiCat SQL Injection Vulnerability in CMScout 1.23 and Earlier: Remote Code Execution via forums.php NoBoard BETA Module for MKPortal PHP Remote File Inclusion Vulnerability Multiple SQL Injection Vulnerabilities in MKPortal 1.1.1 Buffer Overflow Vulnerability in PIRS 2007 Allows for Denial of Service and Possible Code Execution Potential Denial of Service Vulnerability in JWIG via Loops of References to External Templates Cross-site scripting (XSS) vulnerability in LoginToboggan module for Drupal Arbitrary JavaScript Injection in LoginToboggan Module for Drupal Address Bar Spoofing Vulnerability in Opera 9.21 Address Bar Spoofing Vulnerability in Konqueror 3.5.7 CSRF Vulnerability in Webcit Allows Unauthorized Configuration Modification Multiple Cross-Site Scripting (XSS) Vulnerabilities in Webcit Before 7.11 Denial of Service Vulnerability in IPSwitch WS_FTP 7.5.29.0 Logging Server SQL Injection Vulnerability in katgoster.asp in MzK Blog (tr): Remote Code Execution via katID Parameter Multiple Stack-Based Buffer Overflows in CA Alert Notification Server Remote Code Execution and Address Bar Spoofing Vulnerability in Microsoft Internet Explorer 7 Null Domain Cookie Vulnerability in Mozilla Firefox Remote Code Execution Vulnerability in mDNSResponder in Apple Mac OS X Stack-based buffer overflows in InterActual Player and Roxio CinePlayer ActiveX Controls allow remote code execution Cross-Site Scripting (XSS) Vulnerability in ISS Proventia Network IPS GX5108 and GX5008 Remote File Inclusion Vulnerability in ISS Proventia Network IPS GX5108 1.3 and GX5008 1.5 Buffer Overflow in Trillian AIM.DLL Allows Remote Code Execution via Malformed aim: URI Arbitrary File Creation and Code Execution Vulnerability in Trillian AIM Protocol Handler Cross-Site Scripting (XSS) Vulnerabilities in Ex Libris ALEPH through Keyword Search Arbitrary Web Script Injection Vulnerability in Ex Libris MetaLib Format String Vulnerability in HydraIRC 0.3.151: Denial of Service via DCC File Transfer Negotiation Heap-based Buffer Overflow in HydraIRC 0.3.151 via Long CTCP Request Message Cross-Site Scripting (XSS) Vulnerability in TBDev.NET DR 11-10-05-BETA-SF1:111005 and Earlier Cross-Site Scripting (XSS) Vulnerability in TBDev.NET DR 010306 and Earlier SQL Injection Vulnerability in Traffic Stats' referralUrl.php Allows Remote Code Execution Unspecified Remote Command Execution Vulnerability in Pidgin 2.0.2 for Linux (CVE-XXXX-XXXX) Unspecified Cross-Site Scripting (XSS) Vulnerability in 8e6 R3000 Enterprise Filter Incorrect Global Variable Check in Linux Kernel Allows for CIFS Network Traffic Spoofing Cross Context Scripting Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Command Execution via File Handling Program in Mozilla Firefox, Thunderbird, and SeaMonkey Directory Traversal Vulnerability in Subversion Allows Arbitrary File Overwrite Apache 2.3.0 mod_proxy Date Handling Buffer Over-read Vulnerability Privilege Escalation via Parent Process Death Signal in Linux Kernel 2.4.35 and Other Versions Vulnerability: File Integrity Check Bypass in AIDE RPM for RHEL 5 eHCA Driver Vulnerability: Unauthorized Access to Physical Address Space Privilege Escalation via Crafted Batchbuffer in Linux Kernel Insecure Creation of /tmp/sysstat.run Allows Arbitrary Code Execution Unspecified Remote Code Execution Vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 Unspecified Remote Code Execution Vulnerabilities in Oracle Database Components Unspecified vulnerabilities in Oracle Database components Unspecified vulnerability in Oracle Data Mining component for Oracle Database versions 9.2.0.7, 9.2.0.8, 10.1.0.5, and 10.2.0.2/10.2.0.3 with remote authenticated attack vectors (DB04) Unspecified Remote Code Execution Vulnerabilities in Oracle Database 10.1.0.5 Unspecified Remote Code Execution Vulnerabilities in Oracle Database 10.2.0.3 OID01: Unspecified Remote Vulnerability in Oracle Internet Directory SQL Injection Vulnerability in Oracle Application Express (APEX01) Unspecified vulnerability in Oracle JDeveloper in Oracle Application Server 10.1.2.2 and Collaboration Suite 10.1.2 Unspecified Remote Code Execution Vulnerability in Oracle Application Server 9.0.4.3 and 10.1.2.0.2 via Oracle Single Sign On (AS01) Unspecified vulnerability in Oracle JDeveloper for Application Server 10.1.2.2 and 10.1.3.1, and Collaboration Suite 10.1.2, allows context-dependent attackers to have an unknown impact via custom applications that use JBO.SERVER, aka JDEV02. Unspecified Remote Vulnerabilities in Oracle Collaboration Suite 10.1.2 Unspecified Remote Vulnerability in Oracle Customer Intelligence Component in Oracle E-Business Suite 12.0.1 (APPS01) Unspecified Remote Vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 Unspecified Vulnerabilities in Oracle E-Business Suite 11.5.10CU2 with Unknown Impact and Attack Vectors Unspecified Remote Code Execution Vulnerabilities in Oracle PeopleSoft Enterprise 8.22.15, 8.47.13, 8.48.10, and 8.49.02 Unspecified Remote Code Execution Vulnerabilities in Oracle PeopleSoft Enterprise CRM Online Marketing Component Unspecified Local Vulnerabilities in Oracle PeopleSoft Enterprise 8.9 Bundle 11 Guessable ID Values in Stampit Web Allow Remote Denial of Service Attack Remote Code Execution Vulnerability in HP OpenView Operations A.07.50 for Windows Stack-based Buffer Overflow in vstlib32.dll in Trend Micro AntiSpyware and PC-Cillin Internet Security Directory Traversal Vulnerability in Symantec Altiris Deployment Solution 6.x PXE Server Component Denial of Service Vulnerability in CA Anti-Virus 8 and Other CA Products Stack-based Buffer Overflow in SMB on Apple Mac OS X 10.4.11 Format String Vulnerability in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4 SQL Injection Vulnerability in Pictures Rating Allows Remote Code Execution Arbitrary SQL Command Execution Vulnerability in Expert Advisor's index.php Arbitrary File Creation and Overwrite Vulnerability in Data Dynamics ActiveBar ActiveX Control SQL Injection Vulnerability in husrevforum 1.0.1 and 2.0.1 via forumid Parameter Cross-Site Scripting (XSS) Vulnerability in husrevforum 1.0.1's philboard_search.asp Element CMS Default.asp Cross-Site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in ASP Ziyaretci Defteri 1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Insanely Simple Blog 0.5 and Earlier SQL Injection Vulnerabilities in Insanely Simple Blog 0.5 and Earlier Arbitrary Code Execution Vulnerability in Microsoft Excel Arbitrary Code Execution Vulnerability in Windows Vista Weather Gadgets URL Spoofing Vulnerability in Microsoft Internet Explorer 5.01 through 7 Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01 through 7 Buffer Overflow Vulnerability in Microsoft DirectShow Allows Remote Code Execution via Crafted WAV or AVI File Arbitrary Program Execution via Invalid % Sequences in Windows Shell URL Handling Heap-based Buffer Overflow in Microsoft Outlook Express and Windows Mail Predictable Transaction IDs in Microsoft Windows DNS Server Word Memory Corruption Vulnerability Stack-based Buffer Overflow in DirectShow SAMI Parser Use-after-free vulnerability in CRecalcProperty function in mshtml.dll in Internet Explorer Uninitialized or Deleted Object Vulnerability in Microsoft Internet Explorer 6 and 7 SQL Injection Vulnerability in Zoph before 0.7.0.1 Allows Remote Code Execution Denial of Service Vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 Authentication Bypass Vulnerability in LedgerSMB 1.2.0 through 1.2.6 Unspecified Privilege Escalation Vulnerability in HP ServiceGuard for Linux Multiple SQL Injection Vulnerabilities in Bandersnatch 0.4 Arbitrary JavaScript Injection in Bandersnatch 0.4 via XSS Vulnerability Heap-based Buffer Overflow Vulnerabilities in BakBone NetVault Reporter 3.5 Privilege Escalation via Shell Metacharacters in checkrestart in Debian-Goodies Gforge SQL Injection Vulnerability Insecure Handling of Temporary Files in Mondo 2.24 Arbitrary File Overwrite Vulnerability in SKK Tools 1.2 Denial of Service Vulnerability in Wesnoth Multiplayer Engine Arbitrary Web Script Injection Vulnerability in GForge 4.6b2 Arbitrary File Truncation Vulnerability in Xen 3.1 and Earlier Input Focus Vulnerability in GNOME Screensaver 2.20 with Compiz Local File Truncation Vulnerability in GForge 3.1 and 4.5.14 Unspecified vulnerability in Java Runtime Environment (JRE) Applet Class Loader allows remote attackers to bypass applet security model Denial of Service Vulnerability in Cisco Wide Area Application Services (WAAS) Cross-browser scripting and command execution vulnerability in Microsoft Internet Explorer Buffer Overflow Vulnerabilities in Ipswitch IMail Server 2006: Remote Code Execution Denial of Service Vulnerability in Ipswitch IMail Server 2006 Multiple Buffer Overflows in Ipswitch IMail Server 2006 before 2006.21: Remote Code Execution Vulnerabilities Buffer Overflow in Yahoo! Messenger 8.1 via Long E-mail Address in Address Book Entry BitTorrent Support Use-After-Free Vulnerability in Opera Cross-Site Scripting (XSS) Vulnerability in Microsoft Internet Explorer and DocuWiki before 2007-06-26b Privilege Escalation Vulnerability in Samsung SCX-4200 Driver 2.00.95 Arbitrary PHP Code Execution via Non-JPEG File Upload in Expose RC35 and Earlier SQL Injection Vulnerability in QuickEStore 8.2 and Earlier: Remote Code Execution via insertorder.cfm Arbitrary PHP Code Execution via Remote File Inclusion in BBS E-Market SupaNav 1.0.0 Module for phpBB - PHP Remote File Inclusion Vulnerability in link_main.php Arbitrary File Deletion Vulnerability in A-shop 0.70 and Earlier SQL Injection Vulnerabilities in A-shop 0.70 and Earlier SQL Injection Vulnerability in MAXdev MDPro (MD-Pro) 1.0.8x and Earlier SQL Injection Vulnerability in SpoonLabs Vivvo Article Management CMS: Remote Code Execution via category parameter QuickerSite 1.7.2 Default.asp Cross-Site Scripting (XSS) Vulnerability Arbitrary Script Injection in Jasmine CMS 1.0_1 via profile_email Parameter Directory Traversal Vulnerability in Simple Machines Forum (SMF) 1.1.3 SQL Injection Vulnerability in Infinite Responder before 1.48 Heap-based Buffer Overflows in PCRE Library in Apple Safari and iPhone Authentication Bypass Vulnerability in RSBAC Denial of Service Vulnerability in mod_auth of lighttpd Denial of Service Vulnerability in lighttpd 1.4.15 via Duplicate Headers Denial of Service Vulnerability in lighttpd before 1.4.16 Trailing Slash Bypass Vulnerability in lighttpd 1.4.15 Denial of Service Vulnerability in lighttpd 1.4.15 on 32-bit Platforms Buffer Overflow Vulnerabilities in Norman Antivirus 5.90 via Crafted ACE and LZH Files OLE2 Parsing Integer Cast Vulnerability Denial of Service Vulnerability in Norman Antivirus OLE2 Parsing Cross-Browser Scripting and Command Execution Vulnerability in Microsoft Internet Explorer with SeaMonkey Integration Buffer Overflow in LinkedIn Toolbar ActiveX Control Denial of Service Vulnerability in TeamSpeak WebServer 2.0 for Windows Buffer Overflow Vulnerability in Nipun Jain xserver 0.1 Alpha Denial of Service Vulnerability in Microsoft Windows Explorer via Art.gif Denial of Service Vulnerability in IM Server 2.0.5.30 and Earlier Versions Unspecified Vulnerabilities in IBM WebSphere Application Server with Unknown Impact and Attack Vectors Denial of Service Vulnerability in fsp_readdir_r function in fsplib.c Stack-based buffer overflows in fsplib.c in fsplib before 0.9 Multiple Cross-Site Scripting (XSS) Vulnerabilities in UseBB 1.0.7 and Other Versions Authentication Bypass Vulnerability in Itaka before 0.2.1 Unspecified Vulnerability in uFMOD Before 1.2.5: Potential Impact and Attack Vectors SQL Injection Vulnerability in Munch Pro's Login Field Directory Traversal Vulnerability in PHP Directory Lister (dirLIST) Allows Listing of Parent Directory Directory Listing Vulnerability in dirLIST before 0.1.1 Buffer Overflow Vulnerability in Panda Antivirus Allows Remote Code Execution Race condition vulnerability in ESET NOD32 Antivirus allows remote code execution via crafted CAB file Denial of Service Vulnerability in ESET NOD32 Antivirus via Crafted ASPACK Packed File Denial of Service Vulnerability in ESET NOD32 Antivirus Multiple Cross-Site Scripting (XSS) Vulnerabilities in JBlog 1.0 Unauthenticated Account Creation in JBlog 1.0 Arbitrary Script Injection in Elite Forum 1.0.0.0 via title parameter in index.php SQL Injection Vulnerability in bwired's index.php Allows Remote Code Execution via newsID Parameter Unspecified Cross-Site Scripting (XSS) Vulnerability in bwired Session Fixation Vulnerability in bwired: Remote Session Hijacking via PHPSESSID Parameter Arbitrary SQL Command Execution in BlogSite Professional 1.x via index.php RCMS Pro RGameScript Pro PHP Remote File Inclusion Vulnerability SQL Injection Vulnerability in WSN Links Basic Edition: Remote Code Execution via catid Parameter ActiveReports ActiveX Control Absolute Path Traversal Vulnerability Absolute Path Traversal Vulnerability in ActiveReports 2.0 Professional Edition 2.5.0.1308 (SP5 RC) ActiveX Control Buffer Overflow Vulnerability in NixonMyPrograms ActiveX Control in sasatl.dll 1.5.0.531 Arbitrary File Download Vulnerability in Secure Computing SecurityReporter 4.6.3 Authentication Bypass and Arbitrary File Download in Secure Computing SecurityReporter 4.6.3 SQL Injection Vulnerability in ImageRacer 1.0: Remote Code Execution via SearchResults.asp Session Fixation Vulnerability in VHCS 2.4.7.1 and Earlier: Remote Session Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dora Emlak 1.0 Default.asp SQL Injection Vulnerability in Dora Emlak 1.0: Remote Code Execution via goster Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Asp cvmatik 1.1 and Earlier SQL Injection Vulnerability in vir_login.asp in iExpress Property Pro Unspecified Remote Attack Vulnerability in Kerio MailServer Attachment Filter Integer Overflow Vulnerabilities in libgd Library in PHP Remote Code Execution via MySQL LOCAL INFILE Operations PHP Wordwrap Function Denial of Service Vulnerability Stack-based Buffer Overflow in svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) 1.4 through 1.6.2 Uninitialized Pointer Write Vulnerability in MIT Kerberos 5 (krb5) Arbitrary Code Execution Vulnerability in IBM AIX 5.3 SP6 Buffer Overflow in IBM AIX FTP Client Allows Arbitrary Code Execution Stack-based Buffer Overflow in Mike Dubman Windows RSH Daemon (rshd) 1.7 Buffer Overflow in Mike Dubman Windows RSH Daemon (rshd) 1.7: Remote Code Execution Vulnerability Arbitrary PHP Code Execution via Remote File Inclusion in Article Directory Arbitrary File Inclusion Vulnerability in Entertainment Media Sharing CMS Remote File Inclusion Vulnerability in SWSoft Confixx Pro 2.0.12 through 3.3.1 Arbitrary Command Execution Vulnerability in PHP 5.2.3's win32std Extension Denial of Service Vulnerability in Cisco Wireless LAN Controllers Denial of Service Vulnerability in Cisco Wireless LAN Controller Software Multiple Unspecified Vulnerabilities in Net6Helper.DLL, npCtxCAO.dll, and CCAOControl Object Cross-site scripting (XSS) vulnerability in Blix WordPress Themes Unspecified Arbitrary Code Execution Vulnerability in Citrix Access Gateway CSRF Vulnerability in Citrix Access Gateway Administration Console Arbitrary Website Redirection and Phishing Vulnerability in Citrix Access Gateway Advanced Edition Cross-Site Scripting (XSS) Vulnerabilities in AdMan 1.0.20051202 FF 3 Patch and Earlier Versions Cross-Site Scripting (XSS) Vulnerabilities in Brain Book Software Secure 1.0.20070629 and Earlier Arbitrary Web Script Injection Vulnerability in cPanel 10.9.1 Aruba Mobility Controller XSS Vulnerability in Login CGI Program Arbitrary Web Script Injection in W1L3D4 Philboard 0.3 via searchterms Parameter Unspecified Remote Code Disclosure Vulnerability in Sun Java System Application Server Arbitrary PHP Code Execution via Unverified File Extensions in Epesi Framework Buffer Overflow Vulnerability in Areca CLI 1.72.250 and Earlier Absolute Path Traversal Vulnerability in Webspell 4.01.02 Denial of Service Vulnerabilities in libvorbis 1.1.2 and Earlier Versions Directory Traversal Vulnerability in Nessus Vulnerability Scanner 3.0.6 ActiveX Control Buffer Overflow in CrystalPlayer Pro 1.98 via Long String in .mls Playlist File Buffer Overflow in intT1_EnvGetCompletePath Function in t1lib 5.1.1 Stack-based Buffer Overflow in Yahoo! Installer Plugin for Widgets ActiveX Control Vulnerability: Remote Attackers Can Prevent Logical Collection and Examination in Guidance Software EnCase Denial of Service Vulnerabilities in Guidance Software EnCase Buffer Over-read Vulnerability in Guidance Software EnCase Cross-Browser Scripting and Command Execution Vulnerability in Mozilla Firefox Mozilla Argument Injection Vulnerability Allows Remote Cross-Browser Scripting Attacks and Arbitrary Command Execution Outlook and Outlook Express Argument Injection Vulnerability Argument Injection Vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha Argument Injection Vulnerabilities in Netscape Navigator 9 Authentication Bypass and Arbitrary File Download in Secure Computing SecurityReporter Incomplete Fix for CVE-2007-0720 in CUPS Service Allows Remote Denial of Service Arbitrary SQL Command Execution in Pony Gallery Joomla Component Unauthenticated Remote Deletion and Manipulation in geoBlog (aka BitDamaged) 1 Arbitrary Web Script Injection in phpSysInfo 2.5.4-dev and Earlier Remote Access to System-Level Windows in ADempiere Bazaar: Unspecified WebUI Vulnerability Heap-based Buffer Overflow in UltraDefrag 1.0.3 FindFiles Function Arbitrary Web Script Injection in nukedit 4.9.7 and Earlier via utilities/login.asp SQL Injection Vulnerability in LinPHA 1.3.1 and Earlier: Remote Code Execution via order Parameter SQL Injection Vulnerability in category.php in PHP123 Top Sites SQL Injection Vulnerability in SimpleBlog 3.0 comments_get.asp (CVE-2006-4300) SQL Injection Vulnerability in Prozilla Adult Directory's directory.php Arbitrary PHP Code Upload Vulnerability in Neocrome Seditio 121 and Earlier Absolute Path Traversal Vulnerability in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 Absolute Path Traversal Vulnerability in EMC VMware IntraProcessLogging.dll 5.5.3.42958 ActiveX Control Buffer Overflow Vulnerabilities in Frank Yaul corehttp 0.5.3alpha Directory Traversal Vulnerability in Nessus Vulnerability Scanner 3.0.6 Arbitrary File Deletion Vulnerability in Nessus Vulnerability Scanner 3.0.6 CSRF Vulnerabilities in Drupal 5.x before 5.2 Cross-Site Scripting (XSS) Vulnerabilities in Drupal 5.x and 4.7.x Denial of Service Vulnerability in libvorbisfile.c Buffer Overflow Vulnerabilities in Xiph.Org libvorbis before 1.2.0 Absolute Path Traversal Vulnerability in clInetSuiteX6.clWebDav ActiveX Control SQL Injection Vulnerabilities in Webyapar 2.0: Remote Code Execution SQL Injection Vulnerability in show_cat.php in IndexScript 2.8 and Earlier Unspecified Local File Read Vulnerability in Low Bandwidth X Proxy (lbxproxy) on Sun Solaris 8 through 10 Arbitrary Web Script Injection in Webbler CMS Uploader Sensitive Information Disclosure in Webbler CMS Arbitrary Email Sending Vulnerability in Webbler CMS Unauthenticated Remote Command Execution in CSTR Festival 1.95 Beta Cross-site scripting (XSS) vulnerability in Alisveris Sitesi Scripti index.asp allows remote code injection via the q parameter in search mod action SQL Injection Vulnerabilities in Alisveris Sitesi Scripti Multiple Cross-Site Scripting (XSS) Vulnerabilities in AlstraSoft Video Share Enterprise Multiple Cross-Site Scripting (XSS) Vulnerabilities in AlstraSoft Text Ads Enterprise Multiple Cross-Site Scripting (XSS) Vulnerabilities in AlstraSoft SMS Text Messaging Enterprise Cross-site scripting (XSS) vulnerability in index.php AlstraSoft E-Friends in people_card action Multiple Cross-Site Scripting (XSS) Vulnerabilities in AlstraSoft Affiliate Network Pro Arbitrary Web Script Injection Vulnerability in contact_author.php of AlstraSoft Article Manager Pro Cross-Site Scripting (XSS) Vulnerabilities in AlstraSoft AskMe Pro SQL Injection Vulnerabilities in AlstraSoft Affiliate Network Pro SQL Injection Vulnerabilities in AlstraSoft AskMe Pro Multiple SQL Injection Vulnerabilities in AlstraSoft Video Share Enterprise Sensitive Information Disclosure and Cross-Site Scripting Vulnerabilities in AlstraSoft Video Share Enterprise Multiple Cross-Site Scripting (XSS) Vulnerabilities in Vikingboard 0.1.2 Information Disclosure Vulnerability in Vikingboard 0.1.2 Cross-Site Scripting (XSS) Vulnerabilities in Vikingboard 0.1.2 Off-by-one errors in rsync 2.6.9's sender.c leading to arbitrary code execution Directory Traversal Vulnerability in iFoto 1.0.1 and Earlier: Arbitrary Directory Listing and Photo Download Insufficient Access Control in Minb Allows Unauthorized Access to Sensitive User Data PHP Remote File Inclusion Vulnerability in IDevSpot PhpHostBot's library/authorize.php SQL Injection Vulnerability in BSM Store Dependent Forums 1.02 Buffer Overflow Vulnerability in Tor 0.1.2.15 and earlier versions with BSD natd support Information Leakage Vulnerability in Tor Versions Prior to 0.1.2.15 Arbitrary Stream Injection Vulnerability in Tor before 0.1.2.15 Guard Node Selection Vulnerability in Tor Versions Prior to 0.1.2.15 Remote Code Execution Vulnerability in MLDonkey before 2.9.0 PHP Remote File Inclusion Vulnerabilities in Madoa Poll 1.1 sBlog 0.7.3 Beta search.php Cross-site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Asterisk IAX2 Channel Driver Cross-Site Scripting (XSS) Vulnerabilities in WP-FeedStats Plugin for WordPress Arbitrary Code Execution Vulnerability in Baidu Soba Search Bar 5.4 SQL Injection Vulnerability in CodeWidgets Pay Roll - Time Sheet and Punch Card Application With Web Interface Arbitrary SQL Command Execution in phpMyForum editpost.php (before 4.1.4) SQL Injection Vulnerability in WebEvents Sign-In Page SQL Injection Vulnerability in sign_in.aspx in WebStore (Online Store Application Template) Allows Remote Code Execution SQL Injection Vulnerability in sign_in.aspx SQL Injection Vulnerability in Real Estate Listing Website Login Script Multiple SQL Injection Vulnerabilities in Advanced Webhost Billing System (AWBS) before 2.6.0 with Disabled Magic Quotes GPC Information Disclosure Vulnerability in Advanced Webhost Billing System (AWBS) before 2.6.0 SQL Injection Vulnerabilities in SuskunDuygular Uyelik Sistemi 1.2: Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in IT!CMS 0.2 SQL Injection Vulnerability in Metyus Forum Portal 1.0 (philboard_forum.asp) Remote File Inclusion Vulnerability in phpWebFileManager 0.5 via PN_PathPrefix Parameter Arbitrary PHP Code Execution via Remote File Inclusion in phpVoter 0.6 SQL Injection Vulnerabilities in Berthanas Ziyaretci Defteri 2.0's yonetici.asp Multiple PHP Remote File Inclusion Vulnerabilities in Jelsoft vBulletin 3.6.5 SQL Injection Vulnerabilities in E-Commerce Scripts Shopping Cart, Multi-Vendor E-Shop, and Auction Script Denial of Service Vulnerability in Hitachi JP1/Cm2/Hierarchical Viewer (HV) Improper Management of Schedule Server Configuration Data in Hitachi Groupmax Groupware Server Session Data Leakage and Privilege Escalation Vulnerability in Cosminexus Component Container Unspecified Denial of Service Vulnerability in HP-UX ARPA Transport Functionality Unspecified Denial of Service Vulnerability in Solaris DTrace Framework Ralf Image Gallery (RIG) 1.0 PHP Remote File Inclusion Vulnerability Arbitrary SQL Command Execution in Firestorm Technologies GMaps (com_gmaps) 1.00 Component for Joomla! Local Privilege Escalation via Symlink Attack in CoolKey 1.1.0 Denial of Service Vulnerability in Linux Kernel 2.6.9-67 on RHEL 4 Itanium (ia64) GNU tar Directory Traversal Vulnerability Arbitrary Code Execution Vulnerability in Red Hat Network Satellite Server 5.0.0 Denial of Service Vulnerability in hugetlb_vmtruncate_list and hugetlb_vmtruncate Functions Directory Traversal Vulnerability in star before 1.5a84 Allows Arbitrary File Overwrite Improper Handling of getpwnam_r Return Values in NFSv4 ID Mapper Denial of Service Vulnerability in Red Hat Conga 0.10.0 Heap-based buffer overflow in QUtf8Decoder::toUnicode function in Trolltech Qt 3 Privilege Escalation Vulnerability in Samba 3.0.25 through 3.0.25c Arbitrary Script Injection Vulnerability in WordPress Temporary Uploads Editing Functionality Buffer Overflow in Live for Speed (LFS) S2 ALPHA PATCH 0.5x via Long Car Name in .mpr File Sensitive Information Disclosure via XSS in OpenRat CMS 0.8-beta1 and Earlier Arbitrary Web Script Injection in IBM Lotus Sametime Server 7.5.1 Remote authenticated users can gain Premium Member status and potentially acquire free coupons in phpCoupon's Billing Control Panel via a modified URL and specific billing parameters. Cross-Site Scripting (XSS) Vulnerability in MitriDAT eMail Form Processor Pro BlueSkychat ActiveX Control Heap-based Buffer Overflow Vulnerability Cross-site scripting (XSS) vulnerability in webevent.cgi in WebEvent 2.61 through 4.03 Unspecified Vulnerabilities in Interspire ArticleLive NX before 1.7.1.2 Heap-based Buffer Overflow in Visionsoft Audit 12.4.0.0: Remote Code Execution via Long Filename in VSAOD Service Unauthenticated File Manipulation and Denial of Service in Visionsoft Audit 12.4.0.0 Weak Cryptography Vulnerability in Visionsoft Audit 12.4.0.0 Sensitive Information Disclosure in Visionsoft Audit 12.4.0.0 Replay Attack Vulnerability in Visionsoft Audit 12.4.0.0 Cross-Site Scripting (XSS) Vulnerabilities in WordPress 2.2.1 SQL Injection Vulnerability in WordPress 2.2.1 options.php Absolute Path Traversal Vulnerability in EMC VMware 6.0.0 ActiveX Control Multiple SQL Injection Vulnerabilities in wolioCMS Insufficient Access Control in PHPBlogger Allows Remote Download of Admin Password Hash Memory Leak Vulnerability in TIBCO Rendezvous (RV) Daemon (rvd) 7.5.2, 7.5.3, and 7.5.4 Sensitive Information Disclosure in TIBCO Rendezvous (RV) 7.5.2 HTTP Administration Interface Default Configuration of TIBCO Rendezvous (RV) 7.5.2 Clients Allows Network Message Sniffing Denial of Service Vulnerability in TIBCO Rendezvous (RV) 7.5.2 TIBCO Rendezvous (RV) 7.5.2 Communication Vulnerability Multiple SQL Injection Vulnerabilities in IndexScript 2.7 and 2.8 before 20070726 CRLF Injection Vulnerability in Sun Java System Web Server Cross-site scripting (XSS) vulnerability in Blue Memories theme 1.5 for WordPress Cross-site scripting (XSS) vulnerability in Unnamed theme 1.217 and Special Edition (SE) 1.02 for WordPress AL-Caricatier 2.5 Cat_viewed.php Remote File Inclusion Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in vgallite AL-Athkar 2.0 Multiple PHP Remote File Inclusion Vulnerabilities SQL Injection Vulnerability in Forum Module for auraCMS Multiple Cross-Site Scripting (XSS) Vulnerabilities in Open Webmail (OWM) 2.52 and Earlier SQL Injection Vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 Remote Code Execution via Tor ControlPort Multiple Cross-Site Scripting (XSS) Vulnerabilities in OpenRat CMS 0.8-beta1 and Earlier Unspecified Vulnerabilities in EQDKP Plus before 0.4.4.5 with Unknown Impact and Attack Vectors Unspecified Multiple Cross-Site Scripting (XSS) Vulnerabilities in Interact before 2.4 Arbitrary Script Injection Vulnerability in WebDirector 2.2 and Earlier Unspecified Denial of Service Vulnerability in HP-UX ARPA Transport Functionality Directory Traversal Vulnerability in Pluck 4.3 PHP Remote File Inclusion Vulnerability in Pluck 4.3 with register_globals Enabled Unrestricted File Upload Vulnerability in WikiWebWeaver 1.1 and Earlier SQL Injection Vulnerability in paBugs 2.0 Beta 3 and Earlier: Remote Code Execution via cid Parameter in main.php Arbitrary SQL Command Execution in Joomla! 1.0.12 via pollid Parameter Information Disclosure Vulnerability in Joomla! 1.0.12 Arbitrary PHP Code Execution via Remote File Inclusion in Tour de France Pool Joomla Module Multiple eval injection vulnerabilities in Joomla! 1.5 beta before RC1 (aka Mapya) in com_search component Session Fixation Vulnerability in Joomla! before 1.0.13 (Sunglow) Allows Remote Session Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joomla! before 1.0.13 CRLF Injection Vulnerability in Joomla! before 1.0.13 (Sunglow) Allows HTTP Response Splitting and XSS Attacks Insecure Permissions in Panda Antivirus 2008 Allows Local Privilege Escalation Multiple Cross-Site Scripting (XSS) Vulnerabilities in IDE Group DVD Rental System (DRS) 5.1 Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in IDE Group DVD Rental System (DRS) 5.1 Denial of Service Vulnerability in Guidance Software EnCase 5.0 Use-after-free vulnerability in ext2fs.c in The Sleuth Kit (TSK) before 2.09 Memory Misinterpretation Vulnerability in Brian Carrier The Sleuth Kit (TSK) NULL Pointer Dereference Vulnerability in Brian Carrier The Sleuth Kit (TSK) Buffer over-read vulnerability in fs_data_put_str function in ntfs.c in fls in Brian Carrier The Sleuth Kit (TSK) before 2.09 allows denial of service Denial of Service Vulnerability in Brian Carrier The Sleuth Kit (TSK) before 2.09 Denial of Service Vulnerability in Brian Carrier The Sleuth Kit (TSK) Vulnerability in Guidance Software EnCase 6.2 and 6.5 Allows Remote Attackers to Prevent Examination of Certain Data Inadequate Verification of Acquisition Target Identity in Guidance Software EnCase Enterprise Edition (EEE) 6 Session Fixation Vulnerability in Mambo 4.6.2 CMS: Remote Session Hijacking User Schedule Data Leakage Vulnerability in Hitachi Groupmax Collaboration Denial of Service Vulnerability in XHA (Linux-HA) on BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2.8 Incorrect Permissions in Kaspersky Anti-Spam 3.0 MP1 Upgrade Scenarios SQL Injection Vulnerability in Gallery In A Box Admin Console SQL Injection Vulnerability in Next Gen Portfolio Manager's default.asp SQL Injection Vulnerability in Recherche.php in Aceboard Forum Multiple SQL Injection Vulnerabilities in LANAI CMS 1.2.14 Vulnerability: Unauthorized Flag Manipulation in Dovecot ACL Plugin Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHP-Nuke Search Module Denial of Service Vulnerability in Palm OS on Treo 650, 680, 700p, and 755p Smartphones Privilege Escalation via Crafted IOCTL Requests in ZoneAlarm Stack-based Buffer Overflow in FTP Macro Execution on IBM AIX 5.2 and 5.3 Multiple Buffer Overflows in Trend Micro ServerProtect Service (SpntSvc.exe) Heap-based Buffer Overflow in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 Directory Traversal Vulnerability in Motorola Timbuktu Pro: Arbitrary File Creation and Deletion Buffer Overflow Vulnerabilities in Motorola Timbuktu Pro for Windows Buffer Overflow in TagAttributeListCopy Function in IBM Lotus Notes Privilege Escalation via Unspecified Vectors in Microsoft Sysinternals DebugView (CVE-2021-34567) URL Address Bar Spoofing Vulnerability in KDE Konqueror 3.5.7 URL Spoofing Vulnerability in KDE Konqueror 3.5.7 Directory Traversal Vulnerability in BlueCat Networks Proteus IPAM Appliance 2.0.2.0 (Adonis DNS/DHCP Appliance 5.0.2.8) Denial of Service Vulnerability in Microsoft Windows Explorer (CVE-2007-3958) Denial of Service Vulnerability in rmpvc on IBM AIX 4.3 Denial of Service Vulnerability in KDE Konqueror 3.5.7 and Earlier Remote Code Execution in BellaBiblio via administrator Cookie Value PHP Remote File Inclusion Vulnerability in IDevSpot PhpHostBot 1.06 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in Andreas Robertz PHPNews 0.93 Unspecified Denial of Service Vulnerabilities in Camera Life before 2.6 Unspecified Remote Photo Download Vulnerability in Camera Life VietPHP Multiple PHP Remote File Inclusion Vulnerabilities Local Privilege Escalation via Buffer Overflow in lpd on AIX 5.2 and 5.3 Buffer Overflow Vulnerability in ATM Subset in ARP in IBM AIX 5.2 and 5.3 Privilege Escalation Vulnerability in AIX 5.2 and 5.3's pioinit Arbitrary Web Script Injection in C-SAM oneWallet 210_07062007;1.0 Unauthenticated Remote Deletion of Administrative Users in Help Center Live (hcl) 2.1.3a Buffer Overflow in ldcconn on HP-UX 11.11i Allows Remote Code Execution Bypassing Virus Scanning in Astaro Security Gateway (ASG) 7 via Large Attachments Denial of Service Vulnerability in Astaro Security Gateway (ASG) 7 Remote File Inclusion Vulnerability in J! Reactions (com_jreactions) 1.8.1 and earlier Arbitrary Web Script Injection Vulnerability in DiMeMa CONTENTdm (CDM) Search.php Remote Code Execution Vulnerability in Justsystem Ichitaro 2007 and Earlier Denial of Service Vulnerability in Windows Calendar on Microsoft Windows Vista Denial of Service Vulnerability in Toolbar Gaming Toolbar for Internet Explorer Denial of Service Vulnerability in ExportNation Toolbar for Internet Explorer Denial of Service Vulnerability in Advanced Searchbar Toolbar.DLL Denial of Service Vulnerability in OpenOffice.org (OOo) 2.2 Absolute Path Traversal Vulnerability in CkString.dll 1.1 and Earlier in CHILKAT ASP String SQL Injection Vulnerability in News Module in Envolution 1.1.0 and Earlier Stack-based buffer overflow in ActiveX control in VDT70.DLL in Microsoft Visual Database Tools Database Designer 7.0 for Microsoft Visual Studio 6 Buffer Overflow in mSQL Extension in PHP 5.2.3: Arbitrary Code Execution via Long Argument in msql_connect Directory Traversal Vulnerability in YNP Portal System 2.2.0 Buffer Overflow Vulnerabilities in Live for Speed (LFS) S1 and S2 via .spr and .ply Files SQL Injection Vulnerability in Prozilla Pub Site Directory's directory.php Arbitrary Image File Download Vulnerability in EZPhotoSales 1.9.3 and Earlier Default admin Account Vulnerability in EZPhotoSales 1.9.3 and Earlier Insufficient Access Control in EZPhotoSales 1.9.3 and Earlier Allows Remote Information Disclosure and Administrative Access Arbitrary PHP Code Execution via Unrestricted File Upload in EZPhotoSales 1.9.3 and Earlier Unspecified Remote File Manipulation Vulnerability in Cisco IOS SCP Server Cross-Site Scripting (XSS) Vulnerabilities in Kai Blankenhorn Bitfolge Simple and Nice Index File (aka snif) 1.5.2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in VisionProject 3.1 and Earlier Stack-based Buffer Overflow in Apple Mac OS X Networking Component Integer Signedness Error in Apple Mac OS X Networking Component Apple Mac OS X Integer Overflow Vulnerability in Networking Component Symlink Attack Vulnerability in IBM DB2 UDB 8 and 9.1 Arbitrary File Creation Vulnerability in IBM DB2 UDB Arbitrary File Creation Vulnerabilities in IBM DB2 UDB 8 and 9.1 Arbitrary Code Execution via Crafted Localized Message File in IBM DB2 UDB Privilege Escalation Vulnerabilities in IBM DB2 UDB 8 and 9.1 Stack-based Buffer Overflow in IBM DB2 UDB: Arbitrary Code Execution via Long DASPROF Weak Permissions and Buffer Overflow in Trend Micro AntiVirus Scan Engine Stack-based Buffer Overflow in ESRI ArcSDE Service 9.2 Allows Remote Code Execution Remote File Inclusion Vulnerability in FrontAccounting 1.12 Build 31 config.php Denial of Service Vulnerability in Asterisk Open Source and Related Products Cross-site scripting (XSS) vulnerability in KnowledgeTree Open Source 3.4 and 3.4.1 Bypassing Password Protection in Serendipity 1.1.3 via Extended Properties Plugin Coppermine Photo Gallery (CPG) 1.3.1 Remote File Inclusion Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing (MP) 5.3.235.0 and Earlier Cisco IOS and Cisco IOS XR Unspecified Vulnerability: Information Disclosure and Denial of Service via Crafted IPv6 Packets Cisco IOS NHRP Buffer Overflow Vulnerability FishCart 3.2 RC2 and Earlier PHP Remote File Inclusion Vulnerability Denial of Service Vulnerability in Microsoft Windows Media Player 11 Arbitrary Java Method Execution Vulnerability in Sun Java System Portal Server 7.0 PHP Remote File Inclusion Vulnerabilities in Guestbook Script 1.9 Denial of Service Vulnerabilities in Cisco IOS 12.0 through 12.4 Multiple Memory Leaks in Cisco IOS 12.0 through 12.4 via Malformed SIP Packet Vulnerability Denial of Service Vulnerabilities in Cisco IOS 12.0 through 12.4 Arbitrary Code Execution Vulnerability in Cisco Unified Communications Manager (CUCM) and IOS (CSCsi80102) Arbitrary Code Execution via Malformed SIP Packet in Cisco IOS 12.0-12.4 (CSCsi80749) Unspecified vulnerability in assp.pl in Anti-Spam SMTP Proxy Server (ASSP) 1.3.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dersimiz Haber Ekleme Modulu's yorumkaydet.asp Multiple Cross-Site Scripting (XSS) Vulnerabilities in WebCart Management Interface Race conditions in Generic Software Wrappers Toolkit (GSWTK) can lead to privilege escalation and auditing bypass Race conditions in rules and argument copying in CerbNG for FreeBSD 4.8 allow local users to bypass auditing and gain privileges VM Protection Vulnerability in CerbNG for FreeBSD 4.8 Race conditions in Sudo monitor mode and Sysjail policies in Systrace on NetBSD and OpenBSD Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin 2.10.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Storesprite 7 and Earlier Vulnerability: Lack of Permission Checking in aacraid SCSI Layer IOCTL Path Cleartext Password Disclosure in IBM Lotus Notes 5.x through 7.0.2 Remote Account Enumeration Vulnerability in Sun Solaris Finger Daemon Predictable Output Vulnerability in Linux Kernel's xfer_secondary_pool Function SQL Injection Vulnerability in Php Blue Dragon CMS 3.0.0 - Remote Code Execution via article_id Parameter PHP Remote File Inclusion Vulnerability in Php Blue Dragon CMS 3.0.0 Remote Directory Traversal and Denial of Service Vulnerability in Pixlie 1.7 Driver Signing Bypass and Kernel Memory Write Vulnerability in AMD ATI atidsmxx.sys 3.0.502.0 Driver on Windows Vista Default Password Vulnerability in ZyNOS Firmware 3.62(WK.6) on Zyxel Zywall 2 Cross-Site Request Forgery (CSRF) Vulnerabilities in ZyNOS Firmware 3.62(WK.6) on Zyxel Zywall 2 Device Arbitrary Web Script Injection Vulnerability in ZyNOS Firmware 3.62(WK.6) on Zyxel Zywall 2 Denial of Service Vulnerability in ZyNOS Firmware 3.62(WK.6) on Zyxel Zywall 2 Remote File Inclusion Vulnerability in Ncaster 1.7.2: Arbitrary PHP Code Execution Arbitrary Host Addition Vulnerability in fail2ban 0.8 and Earlier Arbitrary Deny Entries and Denial of Service Vulnerability in BlockHosts Arbitrary Host Addition Vulnerability in DenyHosts 2.6 Remote Port Scanning Vulnerability in Adobe Flash Player 9.0.47.0 and Earlier Versions Remote File Inclusion Vulnerability in Gaestebuch 1.5 index.php Allows Arbitrary Code Execution Multiple PHP Remote File Inclusion Vulnerabilities in Bilder Uploader 1.3 PHP Remote File Inclusion Vulnerabilities in File Uploader 1.1 PHP Remote File Inclusion Vulnerabilities in Mapos Bilder Galerie 1.0 and 1.1 PHP Remote File Inclusion Vulnerabilities in Web News 1.1 Remote File Inclusion Vulnerability in Shoutbox 1.0 Allows Arbitrary PHP Code Execution Remote File Inclusion and Cross-Site Scripting (XSS) Vulnerability in FindNix index.php SQL Injection Vulnerability in Article Dashboard's article.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Article Dashboard Signup Page Arbitrary Web Script Injection Vulnerability in Php-stats 0.1.9.2 Format String Vulnerability in Qbik WinGate SMTP Server Component Buffer Overflow in DXSurface.LivePicture.FlashPix.1 ActiveX Control Allows Remote Code Execution Buffer overflow in Streamripper's httplib_parse_sc_header function allows remote attackers to execute arbitrary code. Arbitrary Account Access and Code Execution in Ryan Haudenschilt Family Connections (FCMS) before 0.9 PHP Remote File Inclusion Vulnerabilities in PHPCentral Poll Script 1.0 Remote File Inclusion Vulnerability in phpDVD 1.0.4 Allows Arbitrary PHP Code Execution Omnistar Lib2 PHP 0.2 - Remote File Inclusion Vulnerability in my_statistics.php PHP Remote File Inclusion Vulnerability in PHPCentral Login 1.0 via include.php IrfanView Buffer Overflow Vulnerability in Palette File Processing Heap-based buffer overflow vulnerability in ACDSee Photo Manager and Pro Photo Manager allows remote code execution Buffer Overflow in IMail Client 9.22 Allows Remote Code Execution via Multipart MIME E-mail Message Denial of Service Vulnerability in Symantec Backup Exec for Windows Servers (BEWS) 11d Denial of Service Vulnerability in Symantec Backup Exec for Windows Servers (BEWS) 11d Arbitrary Web Script Injection Vulnerability in IBM Tivoli Storage Manager (TSM) Client Denial of Service Vulnerability in HP Performance Agent and Reporter HP SiteScope 9.0 build 911 SNMP Trap Message Cross-Site Scripting (XSS) Vulnerability Stack-based buffer overflow vulnerability in CUPS 1.3.3 in ippReadIO function Array Index Error in DCTStream::readProgressiveDataUnit Method in Xpdf 3.02pl1 Allows Remote Code Execution Buffer Overflow Vulnerabilities in IBM AIX 5.2 and 5.3 Buffer Overflow Vulnerability in IBM AIX 5.2 and 5.3's bos.perf.tools Fileplace Buffer Overflow Vulnerability in IBM AIX 5.3's at Program Allows Local Privilege Escalation FTP Credentials Leakage in Microsoft Internet Explorer 6 and 7 Status Bar Spoofing Vulnerability in Mozilla Firefox 2.0.0.6 and Earlier Denial of Service Vulnerability in Zoidcom 0.6.7 and Earlier via JOIN Packet Multiple SQL Injection Vulnerabilities in SkilMatch Staffing Systems JobLister3 Denial of Service Vulnerability in Dell Remote Access Card 4 (DRAC4) Firmware 1.50 Build 02.16 Default SSH Root Password Derived from Hardware Serial Number in NETGEAR ReadyNAS RAIDiator SQL Injection Vulnerability in Prozilla Webring's category.php Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in Drupal Content Construction Kit (CCK) Nodereference Module Authentication Bypass Vulnerability in Fedora Commons Arbitrary Script Injection via set_lang Cookie in eXV2 CMS 2.0.5 and Earlier Denial of Service Vulnerability in WengoPhone 2.1 Arbitrary Code Execution Vulnerability in Opera before 9.23 SQL Injection Vulnerability in IBM Rational ClearQuest (CQ) Web 7.0.0.0-IFIX02 and 7.0.0.1 Arbitrary File Read Vulnerability in SOTEeSKLEP before 4.0 Buffer Overflow Vulnerabilities in Racer 0.5.3 beta 5: Remote Code Execution Unrestricted File Upload Vulnerability in Neuron Blog 1.1 Unspecified Remote Vulnerability in NetWin SurgeMail 38k on Windows Server 2003 Bypassing Authentication in Babo Violent 2 Server Unvalidated Sender Field in Babo Violent 2 2.08.00 Allows Message Spoofing Remote Memory Disclosure and Denial of Service Vulnerability in Diskeeper Administrative Interface Arbitrary PHP File Execution Vulnerability in Szymon Kosok Best Top List SurgeMail 38k IMAP Service Stack-Based Buffer Overflow Vulnerability Arbitrary Code Execution via Format String Vulnerabilities in Babo Violent 2 2.08.00 and Earlier Denial of Service Vulnerabilities in Babo Violent 2 2.08.00 and Earlier Privilege Escalation via Log File Viewer in Symantec Altiris Deployment Solution 6 Font Parsing Implementation Vulnerability Denial of Service Vulnerability in CounterPath X-Lite 3.0 34025 and eyeBeam Remote Code Execution in Trackeur 1 via PHP Remote File Inclusion in tracking.php PHP Remote File Inclusion Vulnerabilities in Stephane Pineau VOTE 1c depouilg.php3 Multipart Encoding Bypass Vulnerability in OWASP Stinger before 2.5 SQL Injection Vulnerability in GetMyOwnArcade's search.php CSRF Vulnerability in 2wire 1701HG and 2071 Gateway Routers Default Blank Password Vulnerability in 2wire 1701HG and 2071 Gateway Routers CSRF Vulnerability in 2wire Gateway Routers Allows DNS Poisoning Attacks Command Injection Vulnerability in BlueCat Networks Adonis DNS/DHCP Appliance 5.0.2.8 Heap-based Buffer Overflow in Yahoo! Messenger 8.1.0.413 via JPEG2000 Data Denial of Service Vulnerability in Winamp 5.35 via Recursive M3U File Inclusion Insecure Disk Group Assignment in Orarun Installation Script Arbitrary File Deletion Vulnerability in findutils-locate Cron Job Unspecified Privilege Escalation Vulnerabilities in Sun Solaris 8 RBAC Functionality CRLF Injection Vulnerabilities in Multiple Scripts for irssi CRLF Injection Vulnerabilities in Multiple XMMS Scripts and Applications CRLF Injection Vulnerabilities in WeeChat Scripts Allow Remote Command Execution CRLF Injection Vulnerability in xmms.bx 1.0 Script for BitchX CRLF Injection Vulnerability in Konversation Media Script Allows Remote Command Execution CRLF Injection Vulnerabilities in Advanced mIRC Integration Plugin and Other Scripts Arbitrary Code Execution Vulnerability in mIRC via Song Name Metacharacter Remote Code Execution Vulnerability in mIRC Control Plug-in for Winamp Multiple Denial of Service Vulnerabilities in ircu 2.10.12.01 Denial of Service Vulnerability in ircu 2.10.12.02 through 2.10.12.04 Vulnerability: Channel Takeover during Split in ircu 2.10.12.01 through 2.10.12.04 Timestamp Vulnerability in ircu 2.10.12.03 and 2.10.12.04 Timestamp Ignoring Vulnerability in ircu 2.10.12.05 and Earlier Race condition vulnerability in ircu 2.10.12.01 through 2.10.12.05 allows remote attackers to bypass Apass authentication during a netburst Vulnerability: Synchronization Issue in ircu 2.10.12.05 and Earlier Remote Discovery of Hidden IP Addresses in ircu 2.10.12.05 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Headstart Solutions DeskPRO 3.0.2 Direct Static Code Injection Vulnerability in Headstart Solutions DeskPRO 3.0.2 Privilege Escalation via Cisco VPN Client SBL and Dial-Up Networking Interaction Privilege Escalation Vulnerability in Cisco VPN Client on Windows Remote Code Execution in BellaBook via Captcha.php Privilege Revocation Vulnerability in IBM DB2 UDB 8 and 9.1 Authorization Bypass Vulnerability in IBM DB2 UDB 8 before Fixpak 15 Insecure Cookie Generation in Olate Download (od) 3.4.1 Allows for Remote Admin Access Absolute Path Traversal Vulnerability in EDraw Office Viewer Component 5.1 SQL Injection Vulnerability in Admin.php of Olate Download (od) 3.4.1 Username Enumeration Vulnerability in Symantec Enterprise Firewall 6.x with VPN PSK Authentication Stack-based Buffer Overflow in AUTH_LIST_GROUPS_FOR_AUTHID Function in IBM DB2 UDB 9.1 Arbitrary File Download Vulnerability in Apple Safari for Windows Buffer Overflow Vulnerabilities in Live for Speed (LFS) Demo, S1, and S2: Remote Code Execution and Denial of Service Denial of Service Vulnerability in Live for Speed (LFS) S1 and S2 Cache' Server Page (CSP) Login Page Redirection Logic Vulnerability Remote Code Execution Vulnerability in Lhaz 1.33 Unspecified Denial of Service Vulnerability in Skype Denial of Service Vulnerability in Cisco IOS 12.0 through 12.4 via show ip bgp regexp Command Classic JavaScript Frame Hijacking Vulnerability in Apple Safari for Windows 3.0.3 and earlier Privilege Escalation via Untrusted Search Path Vulnerability in SUSE Linux Wrapper Scripts Arbitrary Web Script Injection Vulnerability in Text File Search ASP.NET Edition Arbitrary Web Script Injection in Text File Search ASP (Classic) Edition Multiple SQL Injection Vulnerabilities in TorrentTrader before 1.07 Inadequate Permission Enforcement in Drupal Project and Project Issue Tracking Modules SQL Injection Vulnerability in Ampache albums.php Session Fixation Vulnerability in Ampache 3.3.3.5 and earlier versions Remote File Inclusion Vulnerability in Squirrelcart 1.x.x: Arbitrary PHP Code Execution Remote Code Execution via Stack-based Buffer Overflow in MercuryS SMTP Server Buffer Overflow in win32std Extension for PHP 5.2.0 and Earlier Stack-based Buffer Overflow in Unreal Engine Logging Function Denial of Service Vulnerability in UCC Dedicated Server for Unreal Engine Buffer Overflow Vulnerabilities in Image Space rFactor 1.250 and Earlier Remote Denial of Service Vulnerabilities in Image Space rFactor 1.250 and Earlier Remote Code Execution Vulnerability in Toribash Server via Format String Specifiers in NICK Command Multiple Buffer Overflow Vulnerabilities in Toribash Client and Server Denial of Service Vulnerability in Toribash Server Denial of Service Vulnerability in Toribash 2.71 and Earlier Protocol Violation in Toribash Server Allows Remote Code Execution Denial of Service Vulnerability in Toribash 2.71 and Earlier on Windows Denial of Service Vulnerability in Toribash 2.71 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in vBulletin 3.6.8 Eval Injection Vulnerability in Olate Download (od) 3.4.1: Arbitrary Code Execution via Crafted Version String Denial of Service Vulnerability in Asterisk SIP Channel Driver SQL Injection Vulnerability in SimpleFAQ Component for Mambo and Joomla! Arbitrary File Inclusion Vulnerability in Dalai Forum 1.1 Firesoft PHP Remote File Inclusion Vulnerability in class_tpl.php Denial of Service Vulnerability in Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 Firmware Arbitrary File Overwrite Vulnerability in id3lib 3.8.3 Time-based Packet Filtering Bypass Vulnerability in NuFW Arbitrary File Overwrite Vulnerability in po4a before 0.32 Denial of Service Vulnerability in Fileinfo 2.0.9 Plugin for Total Commander CRLF Injection Vulnerability in Fileinfo 2.0.9 Plugin for Total Commander Apache HTTP Server mod_autoindex.c XSS Vulnerability Stack-based Buffer Overflows in EA SnoopyCtrl ActiveX Control (NPSnpy.dll) Enable Remote Code Execution Multiple Stack-Based Buffer Overflows in Oracle JInitiator ActiveX Control Stack-based Buffer Overflow Vulnerabilities in Earth Resource Mapping NCSView ActiveX Control Arbitrary File Creation and Overwrite Vulnerabilities in Intuit QuickBooks Online Edition ActiveX Control Buffer Overflow Vulnerabilities in Broderbund Expressit 3DGreetings Player ActiveX Control Remote Code Execution and Denial of Service Vulnerability in Gesytec Easylon OPC Server Stack-based buffer overflows in IBM Lotus Domino Web Access ActiveX Control Remote Code Execution Vulnerability in SAPgui ActiveX Control Buffer Overflow Vulnerability in GNU Tar's safer_name_suffix Function Denial of Service Vulnerability in Planet VC-200M VDSL2 Router Administration Interface User-assisted remote script injection vulnerability in Microsoft Internet Explorer 6.0 and 7 Cross-Site Scripting (XSS) Vulnerability in Search Engine Builder's search.html Arbitrary Web Script Injection in Sirius 1.0 WordPress Theme Arbitrary Web Script Injection Vulnerability in Blix WordPress Themes Arbitrary Script Injection in Pool 1.0.7 WordPress Theme Arbitrary Web Script Injection Vulnerability in WordPress Classic 1.5 Theme My_REFERER 1.08 - PHP Remote File Inclusion Vulnerability in login.php PHP Remote File Inclusion Vulnerability in Butterfly Online Visitors Counter 1.08 PHP Remote File Inclusion Vulnerabilities in Linkliste 1.2 Arbitrary Web Script Injection Vulnerability in D22-Shoutbox for IP.Board Siemens Gigaset SE361 WLAN Router Firmware 1.00.0 - Multiple Cross-Site Scripting (XSS) Vulnerabilities Buffer Overflow in IUAComFormX ActiveX Control in uacomx.ocx 2.0.1: Remote Code Execution Vulnerability Buffer Overflow Vulnerabilities in Trend Micro ServerProtect 5.58 for Windows SQL Injection Vulnerability in Gurur Haber 2.0: Remote Code Execution via id Parameter in uyeler2.php Unspecified Denial of Service Vulnerabilities in Sun Solaris ATA Disk Driver Unauthenticated Access to Discount Functionality in eZ Publish Unrestricted Access to Tipafriend Function Allows for Spam Attacks Unspecified ioctl function vulnerability in Sun Solaris 10 ATA Disk Driver (Bug 6433124) Unspecified Memory Corruption Vulnerability in EMC VMware Workstation, Player, ACE, and Server Unspecified Denial of Service Vulnerability in EMC VMware Workstation, Player, ACE, and Server Remote Silent Call Completion and Eavesdropping Vulnerability in Grandstream SIP Phone GXV-3000 Unrestricted File Upload Vulnerability in American Financing eMail Image Upload 4.1 Privilege Escalation Vulnerability in TunnelRunner in SSHKeychain Unspecified Vulnerability in PassphraseRequester in SSHKeychain: Sensitive Information Disclosure Arbitrary SQL Command Execution Vulnerability in BibTeX Component for Joomla! Arbitrary SQL Command Execution Vulnerability in Nice Talk Component for Joomla! Directory Traversal Vulnerability in RSfiles Component for Joomla! SQL Injection Vulnerability in RemoSitory Component for Mambo Arbitrary SQL Command Execution Vulnerability in NeoRecruit Component for Joomla Multiple Buffer Overflows in php_ntuser Component of PHP 5.2.3 Stack-based Buffer Overflow in Rebellion Asura Engine: Remote Code Execution Arbitrary SQL Command Execution in EventList Component (com_eventlist) for Joomla! Remote Denial of Service Vulnerability in ClamAV Persistent Configuration Vulnerability in Sun Admin Console of Sun Application Server 9.0_0.1 Sophos Anti-Virus for Windows XSS Vulnerability in SavMain.exe Stack-based Buffer Overflow Vulnerabilities in IBM AIX 5.2 and 5.3 Unspecified Remote Information Disclosure Vulnerability in HP ProCurve Manager Buffer Overflow in YVerInfo.dll ActiveX Control in Yahoo! Messenger Denial of Service Vulnerability in Symantec Veritas Storage Foundation 5.0 for Windows Buffer Overflow in Oracle 10g R2 XDB_PITRIG_PKG.PITRIG_DROPMETADATA Procedure Denial of Service Vulnerability in Asterisk Open Source 1.4.5 through 1.4.11 with IMAP Voicemail Storage Backend Multiple SQL Injection Vulnerabilities in Ripe Website Manager 0.8.9 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ripe Website Manager 0.8.9 and Earlier PhPress 0.2.0 - Remote File Inclusion Vulnerability in adisplay.php PHP Remote File Inclusion Vulnerability in SPIP 1.7.2 inc-calcul.php3 Local File Disclosure Vulnerability in Novell Identity Manager CLE Unrestricted File Upload Vulnerability in phUploader.php Arbitrary Code Execution via Unsafe Foreign Function Interface (FFI) Extension in PHP 5.0.5 Privilege Escalation in TeamSpeak Server WebAdmin Interface Cross-Site Scripting (XSS) Vulnerabilities in TeamSpeak Server 2.0.20.1 Denial of Service Vulnerability in Soldat Game Server and Dedicated Server Denial of Service (Client Lockout) Vulnerability in Soldat Game Server Format String Vulnerability in Vavoom's Say Command Allows Remote Code Execution Buffer Overflow in Vavoom's VThinker::BroadcastPrintf Function Denial of Service Vulnerability in Vavoom 1.24 and Earlier Arbitrary PHP Code Execution Vulnerability in TorrentTrader 1.07 and Earlier Heap-based Buffer Overflow in Skulltag 0.97d-beta4.1 and Earlier: Remote Code Execution via Crafted UDP Packet Arbitrary Command Execution via Email::Send::Sendmail in Bugzilla 2.23.4 through 3.0.0 Unrestricted Access to Time-Tracking Fields in Bugzilla WebService Interface SQL Injection Vulnerabilities in Olate Download (od) 3.4.2 via HTTP_REFERER and HTTP_USER_AGENT Headers Cross-Site Scripting (XSS) Vulnerabilities in Olate Download (od) 3.4.2 Cross-Site Scripting (XSS) Vulnerabilities in MapServer before 4.10.3 Arbitrary Web Script Injection Vulnerability in Bugzilla's enter_bug.cgi Arbitrary Web Script Injection in WordPress Multi-User (MU) 1.0 and Earlier Unreal Commander 0.92 Build 565 and 573 - Multiple Directory Traversal Vulnerabilities ZIP Archive Filename Mismatch Vulnerability in Unreal Commander 0.92 build 565 and 573 Heap Memory Disclosure Vulnerability in Unreal Commander 0.92 build 565 and 573 Authentication Bypass and Arbitrary Module Deployment Vulnerability in Apache Geronimo 2.0 Buffer Overflow Vulnerabilities in ALPass 2.7 and 3.02 Allow Remote Code Execution ALPass 2.7 and 3.02 Format String Vulnerability Agares Media Arcadem 2.01 - Remote File Inclusion Vulnerability in index.php SQL Injection Vulnerability in Agares Media Arcadem 2.01 index.php Denial of Service Vulnerability in Thomson ST 2030 SIP Phone Arbitrary Code Injection via Tikiwiki's tiki-remind_password.php (CVE-2006-2635.7) Arbitrary Code Injection and Account Creation Vulnerability in Ipswitch WS_FTP Arbitrary Code Execution and Denial of Service Vulnerability in OpenSymphony XWork Cross-site scripting (XSS) vulnerability in Novell GroupWise 6.5 WebAccess webacc servlet Python tarfile Module Directory Traversal Vulnerability Arbitrary Command Execution in ClamAV's Clamav-milter Heap-based Buffer Overflow in Helix DNA Server RTSP Service Denial of Service Vulnerability in Hitachi and Cosminexus DABroker Privilege Escalation Vulnerability in Cosminexus Manager Privilege Escalation Vulnerability in Cosminexus Manager Denial of Service Vulnerability in fetchmail (CVE-2007-4565) Buffer Overflow Vulnerabilities in Alpha Centauri Software SIDVault LDAP Server IPv6 Hop-by-Hop Extension Header Validation Vulnerability Heap-based buffer overflow in X.Org X Font Server (xfs) before 1.0.5 via crafted size values in QueryXBitmaps and QueryXExtents protocol requests Authentication Bypass Vulnerability in KDM with Autologin and Shutdown with Password Algorithmic Complexity Vulnerability in MCS Translation Daemon in mcstrans 0.2.3 ALSA Kernel Vulnerability: Information Disclosure via snd_mem_proc_read Stack-based Buffer Overflow in nmbd in Samba 3.0.0 through 3.0.26a Privilege Escalation via Out-of-Bounds Access in Linux Kernel x86_64 Architecture Unspecified Denial of Service Vulnerability in Red Hat Enterprise Linux 5 Kernel Arbitrary Code Execution via Crafted Database Documents in HSQLDB Denial of Service Vulnerability in Sophos Anti-Virus for Unix/Linux Denial of Service and Remote Code Execution Vulnerability in Sophos Anti-Virus Buffer Underflow Vulnerability in redlight.sys in BufferZone 2.1 and 2.5 SQL Injection Vulnerability in Acrotxt 1: Remote Code Execution via acrotxt.php Buffer Overflow Vulnerability in ACTi Network Video Recorder (NVR) SP2 2.0's nvUnifiedControl.AUnifiedControl.1 ActiveX Control Multiple Absolute Path Traversal Vulnerabilities in ACTi Network Video Recorder (NVR) SP2 2.0 Remote Code Execution Vulnerability in BitchX 1.1 Final via Stack-based Buffer Overflow 2532|Gigs 1.2.1 - Directory Traversal Vulnerability in activateuser.php Buffer Overflow Vulnerabilities in php_iisfunc.dll Extension for PHP 5.2.0 and Earlier Arbitrary Web Script Injection Vulnerability in Easy Software Cafeteria escafeWeb Multiple Cross-Site Scripting (XSS) Vulnerabilities in InterWorx Hosting Control Panel (InterWorx-CP) Server Admin Level (NodeWorx) 3.0.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in InterWorx Hosting Control Panel Ignite-UX and DynRootDisk Networking Changes Disclosure Vulnerability Denial of Service and Privilege Escalation Vulnerability in vstor-ws60.sys Cross-Site Scripting (XSS) Vulnerabilities in IBM Rational ClearQuest Web Interface Unspecified Denial of Service Vulnerability in vstor2-ws60.sys in VMWare Workstation 6.0 Certificate Validation Vulnerability in Entrust Entelligence Security Provider (ESP) 8 Mayaa 1.1.12 XSS Vulnerability: Arbitrary Script Injection via META Element Unsafe Perl Extension in PHP Allows Arbitrary Code Execution SQL Injection Vulnerability in TurnkeyWebTools SunShop Shopping Cart 4.0 RC 6 index.php Default Password Vulnerabilities in IBM SurePOS 500 Stack-based Buffer Overflow in RealPlayer and RealOne Player for Windows via Crafted PLS File Bypassing File Access Restrictions in Mathsoft Mathcad and PTC Mathcad Bypassing Access Restrictions in tcp-wrappers 7.6.dbs-10 and 7.6.dbs-11 Arbitrary SQL Command Execution Vulnerability in Implied by Design Micro CMS (Micro-CMS) 3.5 SQL Injection Vulnerabilities in ACG News 1.0: Remote Code Execution SQL Injection Vulnerability in DL PayCart 1.01: Remote Code Execution via ItemID Parameter Remote File Inclusion Vulnerability in Virtual War (VWar) 1.5.0 R15 and Earlier PHP remote file inclusion vulnerability in convert/mvcw_conver.php in Virtual War (VWar) module for PHPNuke-Clan (PNC) 4.2.0 and earlier Buffer Overflow in EasyMailSMTPObj ActiveX Control in emsmtp.dll 6.0.1 Remote File Inclusion Vulnerability in ePersonnel RC_2004_02 protection.php Predictable Checksum Values in eyeOS Access Control Unrestricted File Upload Vulnerability in Moonware's Dale Mooney Gallery SQL Injection Vulnerability in Moonware's viewevent.php CRLF Injection Vulnerability in Moonware's contact.php Allows Arbitrary Mail Header Manipulation SSL Stream Plaintext Disclosure Vulnerability Improper Handling of Security Policy Change Log Propagation in BEA WebLogic Server 9.1 Insecure Cipher Selection in BEA WebLogic Server Null Cipher Vulnerability in BEA WebLogic Server Denial of Service Vulnerability in BEA WebLogic Server 6.1-8.1 Denial of Service Vulnerability in BEA WebLogic Server 6.1 and 7.0 Heap-based buffer overflow in libFLAC before 1.2.1 allows remote attackers to execute arbitrary code via a malformed FLAC file. Stack-based Buffer Overflow Vulnerabilities in Computer Associates (CA) Alert Notification Service Buffer Overflow Vulnerability in crontab on IBM AIX 5.2 Integer Underflow Vulnerability in IBM AIX 5.2 DNS Name Parsing Stack-based Buffer Overflow in bellmail Allows Arbitrary Code Execution Arbitrary Script Injection in AbleDesign Dynamic Picture Frame 1.00 via pframe.php Denial of Service Vulnerability in Polipo before 1.0.2 Denial of Service Vulnerability in Polipo before 1.0.2 SQL Injection Vulnerability in ABC eStore 3.0: Remote Code Execution via cat_id Parameter SQL Injection Vulnerability in Shownews.php in PHPNS 1.1 Buffer Overflow in MapServer's processLine Function Arbitrary Web Script Injection Vulnerability in Absolute Poll Manager XE 4.1 Symlink Attack Vulnerability in QGit DataLoader::doStart Function Authentication Bypass Vulnerability in Cisco IOS 12.2E, 12.2F, and 12.2S Cross-Site Scripting (XSS) Vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) SQL Injection Vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) Remote Denial of Service Vulnerability in Yahoo! Messenger 8.1.0.209 and 8.1.0.402 Multiple PHP Remote File Inclusion Vulnerabilities in phpBG 0.9.1 Unauthenticated Remote Code Execution in xGB 2.0 Denial of Service Vulnerability in Blizzard Entertainment StarCraft Brood War 1.15.1 and Earlier Remote Code Execution and Denial of Service Vulnerability in EnterpriseDB Advanced Server 8.2 Arbitrary PHP File Execution via Unrestricted File Upload in Pakupaku CMS 0.4 and Earlier Directory Traversal Vulnerability in Pakupaku CMS 0.4 and Earlier: Arbitrary File Inclusion Multiple Buffer Overflow Vulnerabilities in Doomsday (aka deng) 1.9.0-beta5.1 and Earlier Doomsday Integer Underflow Denial of Service Vulnerability Format String Vulnerability in Doomsday Client's Cl_GetPackets Function SQL Injection Vulnerability in NMDeluxe 2.0.0 index.php Buffer Overflow in Hexamail Server 3.0.0.001 Lite POP3 Service Unrestricted File Upload Vulnerability in newswire/uploadmedia.cgi in Our Space (Ourspace) 2.0.9 Privilege Escalation Vulnerability in Norman Virus Control (NVC) 5.82 Weak Permissions in MicroWorld eScan Virus Control 9.0.722.1, Anti-Virus 9.0.722.1, and Internet Security 9.0.722.1 Installation Directory Unspecified Vulnerabilities Allowing Unauthorized Access and Manipulation in Gallery 2.2.3 Unspecified Remote Access Vulnerability in Adobe Connect Enterprise Server 6 Local Privilege Escalation via Symlinked Session Files in PHP SQL Injection Vulnerability in Links MOD 1.2.2 and Earlier for phpBB 2.0.22 and Earlier Denial of Service Vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cisco WebNS 8.20.0.1 on Cisco Content Services Switch (CSS) Series 11000 Devices Directory Traversal Vulnerabilities in CGI RESCUE Shopping Basket Professional 7.51 and Earlier Sensitive Information Disclosure in backup-manager-upload Integer Overflow Vulnerability in PHP strspn and strcspn Functions Multiple %i and %n Tokens in money_format Function: Potential Format String Vulnerability Memory Limit Violation Vulnerability in zend_alter_ini_entry Function Unspecified vulnerability in PHP chunk_split function leading to incorrect size calculation Incomplete Fix for CVE-2007-2872: Potential Heap-Based Buffer Overflow in PHP 5.2.3 Buffer Overflow in php_openssl_make_REQ Function in PHP Directory Traversal Vulnerability in PHP glob Function Allows Bypass of open_basedir Restrictions Unspecified vulnerability in Firebird's attach and create database functionality Denial of Service Vulnerability in Firebird Server (CORE-1403) Denial of Service Vulnerability in Firebird Server (CORE-1397) Denial of Service Vulnerability in Firebird Services API (CORE-1149) Unspecified File Access Vulnerability in Firebird Server (CORE-1312) Firebird Services API Log Disclosure Vulnerability Unspecified vulnerability in PHP before 5.2.4 with unknown impact and attack vectors Unspecified vulnerability in Safari allows remote attackers to alter or access HTTPS content QuickTime PICT Image UncompressedQuickTimeData Opcode Length Buffer Overflow Vulnerability Argument Injection Vulnerability in Apple QuickTime 7.2 for Windows XP SP2 and Vista Stack-based Buffer Overflow in Apple QuickTime 7.2 via Crafted Movie File Heap-based Buffer Overflow in QuickTime VR Extension 7.2.0.240 Heap-based Buffer Overflow in Apple QuickTime PICT Image Parsing Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution via Invalid Color Table Size AppleRAID in Mac OS X 10.3.9 and 10.4 through 10.4.10 Denial of Service Vulnerability FTP Server Response Spoofing Vulnerability in CFFTP for Apple Mac OS X 10.4 through 10.4.10 CFNetwork SSL Certificate Validation Vulnerability Buffer Overflow Vulnerability in CoreFoundation in Apple Mac OS X 10.3.9 and 10.4 through 10.4.10 Uninitialized Object Pointer Vulnerability in CoreText on Apple Mac OS X 10.4 through 10.4.10 Kernel Directory Traversal Vulnerability in Apple Mac OS X 10.4 through 10.4.10 Integer Overflow in i386_set_ldt System Call in Apple Mac OS X 10.4 through 10.4.10 Privilege Escalation via Unexpected File Descriptor State in Apple Mac OS X 10.4 through 10.4.10 Integer Signedness Error in ttioctl Function in Apple Mac OS X 10.4 through 10.4.10 Symbolic Link Vulnerability in Apple Mac OS X 10.4 through 10.4.10 Information Disclosure Vulnerability in Apple Mac OS X Networking Component Double Free Vulnerability in Apple Mac OS X Networking Component Double Free Vulnerability in NFS Component in Apple Mac OS X 10.4 through 10.4.10 Allows Remote Code Execution Case-Sensitive Comparison Vulnerability in NSURL Component Tabbed Browsing Vulnerability in Apple Safari 3: Remote Authentication Spoofing and Phishing Attack Bypassing Authentication Dialog and Keystroke Injection Vulnerability in Mac OS X Screen Saver Local Content Access Vulnerability in Safari on Apple Mac OS X 10.4 through 10.4.10 Unspecified input validation vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to modify form field values via unknown vectors related to file uploads. Race condition vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to access form information from other sites via unspecified vectors related to page transitions in Safari. Unspecified Remote Code Execution Vulnerability in WebCore in Apple Mac OS X 10.4 through 10.4.10 Cross-Site Scripting (XSS) Vulnerability in Apple Safari 3 Safari Keychain Vulnerability: Unauthorized Access to Private Key Unspecified Remote Proxy Vulnerability in WebKit on Apple Mac OS X 10.4 through 10.4.10 Insecure Temporary File Creation in WebKit on Mac OS X 10.4 through 10.4.10 Bypassing Access Restrictions in Apple Mac OS X 10.5 Application Firewall Bypassing Access Restrictions in Apple Mac OS X 10.5 Application Firewall Inconsistent Application Firewall Settings Application Vulnerability in Apple Mac OS X 10.5 Apple QuickTime QTL File Heap-Based Buffer Overflow Vulnerability Unspecified Remote Code Execution Vulnerabilities in Apple QuickTime Flash Media Handler Remote Code Execution via Format String Vulnerability in Apple Mac OS X 10.4.11 Address Book CFNetwork Directory Traversal Vulnerability in Apple Mac OS X 10.5.1 ColorSync Profile Memory Corruption Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Toms Gaestebuch 1.00 eNetman 1 index.php Remote File Inclusion Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Urchin 5.6.00r2 Yvora 1.0 Error_view.php SQL Injection Vulnerability Weblogicnet Multiple PHP Remote File Inclusion Vulnerabilities SQL Injection Vulnerabilities in PHD Help Desk before 1.31 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Claroline 1.8.6 Directory Traversal Vulnerability in Claroline 1.8.6: Arbitrary File Inclusion SQL Injection Vulnerability in read.php in 212cafeBoard 6.30 Beta Arbitrary Code Execution Vulnerability in Hitachi JP1/Cm2/Network Node Manager (NNM) Stack-based buffer overflows in Quantum Streaming Internet Explorer Player ActiveX Control Directory Traversal Vulnerability in Ragnarok Online Control Panel 4.3.4a Allows Authentication Bypass Arbitrary Event Addition Vulnerability in Apache Tomcat 4.1.31 Calendar Examples Application Heap-based buffer overflow in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04 allows remote code execution Web Oddity 0.09b Directory Traversal Vulnerability Buffer Overflow in mod_fastcgi Extension in lighttpd Buffer Overflow in compNewPixmap Function in X.org X11 Server Remote Code Execution Vulnerability in Trend Micro ServerProtect Unspecified vulnerability in strfreectty function in SPECFS in Sun Solaris 8 through 10 Insecure Web Interface Access on Aztech DSL600EU Router Buffer Overflow Vulnerability in Ots Labs OTSTurntables 1.00 via Long File Path in M3U File Buffer Overflow in Next Generation Software Virtual DJ (VDJ) 5.0: Arbitrary Code Execution via Long File Path in m3u File SQL Injection Vulnerability in CartKeeper CKGold Shopping Cart 2.0 - category.php PHP Remote File Inclusion Vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 Multiple PHP Remote File Inclusion Vulnerabilities in SpeedTech PHP Library (STPHPLibrary) 0.8.0 Insecure Signature Verification in Reprepro Allows Distribution of Malicious Release.gpg File Remote Registry Key Creation Vulnerability in HPRevolutionRegistryManager ActiveX Control Arbitrary Script Injection in Claroline 1.8.6 admin/adminusers.php Information Disclosure Vulnerability in Claroline before 1.8.6 Buffer Overflow Vulnerability in MIT Kerberos 5 (krb5) 1.4 through 1.6.2 PHP Remote File Inclusion Vulnerability in AnyInventory 1.9.1 and 2.0 Cross-Site Scripting (XSS) Vulnerabilities in AkoBook 3.42 and Earlier Component for Mambo Default Password Vulnerability in Cisco Video Surveillance IP Gateway Encoder/Decoder Unauthenticated Remote Administrative Access in Cisco Video Surveillance IP Gateway Encoder/Decoder Buffer Overflow in PowerPlayer.dll ActiveX Control in PPStream 2.0.1.3829 Remote Command Execution in Autodesk Backburner 3.0.2 RemoteDocs R-Viewer Unspecified Arbitrary Code Execution Vulnerability Unencrypted Temporary File Storage Vulnerability in RemoteDocs R-Viewer Privilege Escalation via Untrusted X11 Cookie in OpenSSH Denial of Service Vulnerability in Thomson ST 2030 SIP Phone Software 1.52.1 Format String Vulnerability in Alien Arena 2007 6.10 and Earlier: Remote Denial of Service via Nickname Denial of Service Vulnerability in Alien Arena 2007 6.10 and Earlier Directory Traversal Vulnerability in Total Commander FTP Client Arbitrary PHP Code Execution via Remote File Inclusion in phpMytourney's menu.php Buffer Overflow Vulnerabilities in Cosminexus Developer's Kit for Java: Remote Code Execution and Denial of Service Unspecified Denial of Service Vulnerabilities in Cosminexus Developer's Kit for Java Cross-Site Scripting (XSS) Vulnerability in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 Unrestricted File Upload Vulnerability in Barbo91 1.1 Multiple SQL Injection Vulnerabilities in E-SMARTCART 1.0 Login Page (embadmin/login.asp) PHP Object Framework (PHPOF) Remote File Inclusion Vulnerability Directory Traversal Vulnerability in Pawfaliki 0.5.1 Integer overflows in PCRE library leading to denial of service and arbitrary code execution Denial of Service and Arbitrary Code Execution Vulnerability in PCRE Library Heap-based Buffer Overflow in PCRE Library Allows Arbitrary Code Execution Out-of-Bounds Backref Number Denial of Service Vulnerability Out-of-Bounds Memory Access in libicu's Processing of Backreferences Heap-based Buffer Overflow in doInterval Function in libicu Denial of Service Vulnerability in TCL Regular Expression Parser Insufficient Escape Policy Enforcement in Systrace before 1.6.0 Race condition vulnerability in Linux kernel before 2.4.36-rc1 allows bypassing of systrace policies through flooding of ptraced process with SIGCONT signals Buffer Overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 via Long Reference Line in VBP File SQL Injection Vulnerability in Joomla! 1.5 before RC2 (Endeleo) SQL Injection Vulnerabilities in Joomla! 1.5 Beta1, Beta2, and RC1 Content Component Unspecified Cross-Site Scripting (XSS) Vulnerability in Joomla! 1.5 before RC2 Information Disclosure Vulnerability in Joomla! 1.5 before RC2 Arbitrary File Upload Vulnerability in Joomla! 1.5 Beta1, Beta2, and RC1 Denial of Service Vulnerability in PHP Glob and Fnmatch Functions Denial of Service Vulnerability in PHP's iconv_substr Function Denial of Service Vulnerability in PHP setlocale Function Sony Micro Vault Fingerprint Access Software Vulnerability Cleartext Password Disclosure in Cisco ASA with AAA Enabled Vulnerability: Malformed File Header Bypass in Sophos Anti-Virus Denial of Service Vulnerability in Cisco Content Switching Modules (CSM) and Cisco Content Switching Module with SSL (CSM-S) Denial of Service Vulnerability in Cisco Content Switching Modules (CSM) and Cisco Content Switching Module with SSL (CSM-S) Stack-based Buffer Overflow in ActiveX Controls in Microsoft Visual FoxPro 6.0 and Internet Explorer Buffer Overflow in swcons Command in IBM AIX 5.2 and 5.3 Allows Local Privilege Escalation Buffer Overflow Vulnerability in ibstat in IBM AIX 5.3 Buffer Overflow Vulnerability in xlplm in plm.server.rte in IBM AIX 5.2 and 5.3 Buffer Overflow Vulnerability in fcstat in IBM AIX 5.2 and 5.3 Buffer Overflow in mkpath in IBM AIX 5.2 and 5.3: Privilege Escalation via Long ODM Name Buffer Overflow Vulnerability in IBM AIX uucp (bos.net.uucp) Buffer Overflow Vulnerabilities in IBM AIX svprint Commands Hostname Alias Vulnerability in invscout in IBM AIX 5.2 and 5.3 Privilege Verification Vulnerability in AIX 5.3's perfstat Kernel Extension Heap-based Buffer Overflow Vulnerabilities in GlobalLink 2.7.0.8 ActiveX Controls Buffer Overflow in AtomixMP3 2.3 via Long Strings in .pls File Fields Multiple SQL Injection Vulnerabilities in AuraCMS 1.5rc Arbitrary File Inclusion Vulnerability in Fuzzylime (CMS) 3.0 and Earlier Remote File Inclusion Vulnerability in Focus/SIS 1.0: Arbitrary PHP Code Execution PHP Remote File Inclusion Vulnerabilities in Focus/SIS 2.2 Multiple SQL Injection Vulnerabilities in TLM CMS 3.2 Arbitrary PHP Code Execution via Remote File Inclusion in Online Fantasy Football League (OFFL) 0.2.6 Multiple SQL Injection Vulnerabilities in Netjuke 1.0-rc2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Netjuke 1.0-rc2 Buffer Overflow in Apple Safari 3.0.3 and Earlier Versions Allows Remote Denial of Service Domino Blogsphere 3.01 Beta 7 XSS Vulnerability in Name Field Buffer Overflow in SQLServer ActiveX Control in Microsoft SQL Server Enterprise Manager PHP Remote File Inclusion Vulnerabilities in WebED in Markus Iser ED Engine 0.8999 Alpha Multiple Buffer Overflows in BaoFeng2 Storm ActiveX Control in Mps.dll Unrestricted File Upload Vulnerability in Restaurante Component for Joomla! PHP Remote File Inclusion Vulnerabilities in Txx CMS 0.2 Arbitrary Web Script Injection in Txx CMS 0.2 Absolute Path Traversal Vulnerability in Sisfo Kampus 2006's blanko.preview.php Allows Remote File Read and Possible PHP Script Execution Buffer Overflow in EDraw Office Viewer Component 5.2 (officeviewer.ocx) Allows Remote Code Execution CSRF Vulnerability in Buffalo AirStation WHR-G54S 1.20 Device Management Interface Unspecified Buffer Overflow Vulnerabilities in Google Picasa Unspecified Cross-Application Scripting (XAS) Vulnerabilities in Google Picasa PHP Directory Traversal Vulnerability in dl Function Denial of Service Vulnerability in Quagga's BGP Daemon (bgpd) Heap Corruption Vulnerability in MiniHMI.exe for Automated Solutions Modbus Slave ActiveX Control MediaWiki API Pretty-Printing Mode Cross-Site Scripting (XSS) Vulnerability Directory Traversal Vulnerability in Archive::Tar Perl Module 1.36 and Earlier Arbitrary Web Script Injection in DirectAdmin 1.30.2 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in TorrentTrader 1.07 via avatar and title parameters in account_settings.php CellFactor Revolution 1.03 and Earlier Format String Vulnerability Unspecified Vulnerability in IBM WebSphere Application Server Edge Component (PK44789) PHP Remote File Inclusion Vulnerabilities in phpRealty 0.02 Arbitrary SQL Command Execution in phpMyQuote 0.20 via index.php Arbitrary Web Script Injection Vulnerability in phpMyQuote 0.20 Arbitrary SQL Command Execution in Proxy Anket 3.0.1 via anket.asp SQL Injection Vulnerability Multiple Buffer Overflows in CellFactor Revolution 1.03 and Earlier: Remote Code Execution Vulnerability Unspecified Vulnerability in IBM WebSphere Application Server (WAS) 6.1 before Fix Pack 11 (6.1.0.11) with Unknown Impact and Attack Vectors (PK33803) Denial of Service Vulnerability in PHP 5.2.4 and Earlier Arbitrary Command Execution via Invalid % Encoding in Mozilla Firefox, Thunderbird, and SeaMonkey Directory Traversal Vulnerability in Enriva Development Magellan Explorer 3.32 Build 2305 and Earlier Directory Traversal Vulnerability in X-Diesel Unreal Commander 0.92 Build 565 and 573 Unreal Commander 0.92 Denial of Service Vulnerability SQL Injection Vulnerabilities in RW::Download 2.0.3 Lite: Remote Code Execution SQL Injection Vulnerability in Webace-Linkscript (WLS) 1.3 SE via start.php Remote File Disclosure Vulnerability in Google Picasa via picasa:// URI Remote File Disclosure Vulnerability in Microsoft Internet Explorer 4.0 through 7 Inconsistent Permissions Vulnerability in JFFS2 Filesystem Arbitrary File Read Vulnerability in cURL Library in PHP 5.2.4 and 5.2.5 Sensitive Information Disclosure in SAXON 5.4 with display_errors Enabled Arbitrary Web Script Injection Vulnerability in SAXON 5.4 SQL Injection Vulnerability in example.php in SAXON 5.4 Information Disclosure Vulnerability in SimpNews 2.41.03 Arbitrary File Download Vulnerability in SimpNews 2.41.03 Multiple Cross-Site Scripting (XSS) Vulnerabilities in SimpNews 2.41.03 Automatic Installation and Transmission of TLS Client Certificates in Mozilla Firefox and SeaMonkey Buffer Overflow Vulnerability in IBM Tivoli Storage Manager (TSM) Client Acceptor Daemon (CAD) (CVE-2010-52905) SQL Injection Vulnerability in psi-labs.com Social Networking Script (psisns) - Remote Code Execution via u Parameter Unspecified Cross-Site Scripting (XSS) Vulnerabilities in TechExcel CustomerWise Cross-site scripting (XSS) vulnerability in BotQuery extension in MediaWiki 1.7.x and earlier Denial of Service Vulnerability in Media Player Classic (MPC) via Malformed .au File Divide-by-Zero Denial of Service Vulnerability in Avnex AV MP3 Player Incomplete Blacklist Vulnerability in AuraCMS: Remote Code Execution via Non-HTTP URLs Denial of Service Vulnerability in PHP's dl Function Arbitrary Document Access Vulnerability in XWiki 1.0 B1 and 1.0 B2 Remote Code Execution in PHP MySQL Extension Absolute Directory Traversal Vulnerability in VB To VSI Support Library (VBTOVSI.DLL) 1.0.0.0 Arbitrary Code Execution Vulnerability in PDWizard.ocx 6.0.0.9782 and Earlier SQL Injection Vulnerabilities in SWSoft Plesk 7.6.1, 8.1.0, 8.1.1, and 8.2.0 for Windows Cross-Site Scripting (XSS) Vulnerability in WordPress before 2.2.3 and WordPress MU before 1.2.5a SQL Injection Vulnerabilities in WordPress and WordPress MU Arbitrary File Read Vulnerability in Sisfo Kampus 2006 (Semarang 3) Cross-Site Scripting (XSS) Vulnerabilities in Toms Gaestebuch 1.01 and Earlier Denial of Service Vulnerability in pwlib's PString::vsprintf Function Unspecified Information Disclosure Vulnerability in XWiki Multiwiki Plugin Multiple Cross-Site Scripting (XSS) Vulnerabilities in Boinc Forum 5.10.20 and Earlier RSA EnVision 3.3.6 Build 0115 Logon Page Cross-Site Scripting (XSS) Vulnerability Arbitrary Code Execution via HTML Injection in AIM Instant Messages Absolute Path Traversal Vulnerability in CryptoX.dll 2.0 and Earlier: Arbitrary File Write via SaveToFile Method Buffer Overflow Vulnerabilities in CryptoX.dll ActiveX Control Denial of Service Vulnerability in RealPlayer and Helix Player Unrestricted File Upload Vulnerability in AuraCMS 2.1 Remote File Inclusion Vulnerability in NuclearBB Alpha 2 Multiple PHP Remote File Inclusion Vulnerabilities in X-Cart Directory Traversal Vulnerability in AuraCMS 2.1 and Earlier Vulnerability: Interpretation Conflict in WinSCP before 4.0.4 Unspecified Vulnerability in netInvoicing before 2.7.3: security check soap Denial of Service Vulnerability in JetCast Server 2.0.0.4308 Arbitrary Script Injection in Invision Power Board (IPB) User Profile Fields Arbitrary Script File Upload Vulnerability in Invision Power Board (IPB or IP.Board) Privilege Escalation Vulnerability in Invision Power Board (IPB or IP.Board) 2.3.1 Stack Write Vulnerability in Intersil isl3893 Extensions for Boa 0.93.15 Heap-based Buffer Overflow in FileFind::FindFile Method in MFC Library 8.0 Arbitrary Web Script Injection in PHP-Stats 0.1.9.2 Tracking.php SQL Injection Vulnerability in Gelato's gelato.class.php Allows Remote Code Execution Multiple SQL Injection Vulnerabilities in JBlog 1.0 Arbitrary SQL Command Execution in PHP Webquest 2.5 and Earlier Remote Code Execution in Ajax File Browser 3 Beta via PHP Remote File Inclusion Vulnerability SQL Injection Vulnerability in play.php in Jeuxflash 1.0 Module for KwsPHP Remote File Inclusion Vulnerability in Joomla Radio 5 Component Denial of Service Vulnerability in Opal Library via Invalid Content-Length Header Field Arbitrary Command Execution in eWire Payment Client (ePC) 1.60 and 1.70 Base64-encoded Cleartext Authentication Vulnerability in AXIS 207W Camera Remote Authenticated Denial of Service (Reboot) Vulnerability in AXIS 207W Camera Clear-text Storage of WEP/WPA Key in AXIS 207W Camera Configuration File Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in AXIS 207W Camera Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in AXIS 207W Camera HP System Management Homepage (SMH) for Windows Leaves Active Old OpenSSL Software After Update Unauthenticated Access to Admin Panel in Shop-Script FREE 2.0 and Earlier Direct static code injection vulnerability in Shop-Script FREE 2.0 and earlier: Remote PHP code injection in conf_appearence.php PHP Remote File Inclusion Vulnerabilities in phpFFL 1.24 Multiple PHP Remote File Inclusion Vulnerabilities in phpFFL 1.24 Unspecified Vulnerability in Office Efficiencies SafeSquid 4.1.x with Unknown Impact and Attack Vectors Insufficient Access Control in CS Guestbook Allows Remote Retrieval of Admin Credentials Heap-based Buffer Overflow in MPlayer 1.0rc1 and Earlier via AVI File Processing Heap-based Buffer Overflow in Media Player Classic (MPC) 6.4.9.0 and Earlier Integer Overflow Vulnerability in Media Player Classic (MPC) 6.4.9.0 and Earlier Denial of Service Vulnerability in KMPlayer 2.9.3.1210 and Earlier PHP Remote File Inclusion Vulnerability in Focus/SIS 1.0 Multiple Buffer Overflows in Baofeng Storm ActiveX Control (sparser.dll) Memory Leakage Vulnerability in Opera 9.x for Linux, FreeBSD, and Solaris Multiple Cross-Site Scripting (XSS) Vulnerabilities in LetterGrade Unspecified Remote Information Disclosure Vulnerability in LetterGrade Multiple PHP Remote File Inclusion Vulnerabilities in myphpPagetool 0.4.3 Multiple PHP Remote File Inclusion Vulnerabilities in Webmedia Explorer (Webmex) 3.2.2 PHP Remote File Inclusion Vulnerabilities in php(Reactor) 1.2.7pl1 PHPortal 0.2.7 Remote File Inclusion Vulnerability in employee.php YaPiG 0.95b PHP Remote File Inclusion Vulnerability SQL Injection Vulnerability in OmniStar Article Manager's article.php Arbitrary SQL Command Execution in SimpCMS via index.php Remote File Inclusion Vulnerability in Joom12Pic Component for Joomla! Remote File Inclusion Vulnerability in JoomlaFlashFun Component Allows Arbitrary PHP Code Execution Multiple SQL Injection Vulnerabilities in KwsPHP 1.0 Directory Traversal Vulnerabilities in Chupix CMS 0.2.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in TinyWebGallery (TWG) 1.6.3.4 Cross-Site Scripting (XSS) Vulnerability in osCMax 2.0.0-RC3-0-1 Second Life Secondlife:// Protocol Handler Argument Injection Vulnerability Cleartext MD5 Hash Vulnerability in Second Life Login Mechanism Directory Traversal Vulnerability in WinImage 8.10 and Earlier Visual Truncation Vulnerability in WinImage 8.10 and Earlier: Spoofing Destination Filename Denial of Service Vulnerability in WinImage 8.10 and Earlier Multiple Integer Overflows in Python Imageop Module Leading to Denial of Service and Information Disclosure SQL Injection Vulnerability in GForge 4.6b2 and Earlier: Remote Code Execution via skill_delete[] Parameter Privilege Escalation and Denial of Service Vulnerability in Online Armor Personal Firewall 2.0.1.215 Privilege Escalation and Denial of Service Vulnerability in Privatefirewall 5.0.14.2 Vulnerability in Process Monitor 1.22 allows for Denial of Service and Privilege Escalation ProcessGuard 3.410 Local Privilege Escalation and Denial of Service Vulnerability Vulnerability in ProSecurity 1.40 Beta 2 Allows Local Users to Crash System and Potentially Gain Privileges Vulnerability in RegMon 7.04 Allows Privilege Escalation and Denial of Service Heap-based Buffer Overflow in libsndfile's flac_buffer_copy Function Arbitrary Web Script Injection Vulnerability in b1gMail 6.3.1 Arbitrary File Inclusion Vulnerability in Coppermine Photo Gallery (CPG) 1.4.12 and Earlier Arbitrary Web Script Injection Vulnerability in Coppermine Photo Gallery (CPG) 1.4.12 and Earlier PHP Remote File Inclusion Vulnerabilities in phpSyncML 0.1.2 and Earlier SQL Injection Vulnerability in Sondages Module in KwsPHP 1.0 Denial of Service Vulnerability in GCALDaemon 1.0-beta13 via Content-Length Header User-assisted remote cross-site scripting (XSS) vulnerability in Obedit 3.03 save function Multiple Absolute Path Traversal Vulnerabilities in MW6QRCode ActiveX Control Directory Traversal Vulnerability in JetAudio.Interface.1 ActiveX Control in JetFlExt.dll SQL Injection Vulnerability in Ktauber.com StylesDemo Mod for phpBB 2.0.xx Denial of Service Vulnerability in ImageMagick Heap-based buffer overflow in ImageMagick Off-by-one error in ReadBlobString function in ImageMagick before 6.3.5-9 allows arbitrary code execution via crafted image file Heap-based buffer overflow in ImageMagick's ReadDIBImage function allows for arbitrary code execution Arbitrary Code Execution via Heap Corruption in X.Org X Font Server Information Disclosure Vulnerability in Microsoft ISA Server 2004 SP1 and SP2 Remote Code Execution Vulnerability in Firebird SQL 2.0.2 via Stack-based Buffer Overflow Arbitrary Command Execution in Xen 3.0.3 via Crafted grub.conf File Delayed Revocation Handling in Red Hat Certificate System DTLS Off-by-One Error in OpenSSL 0.9.8 Allows Remote Code Execution Denial of Service Vulnerability in libpurple in Pidgin before 2.2.1 Integer Underflow Vulnerability in Linux Kernel 2.6.x Allows Remote Denial of Service Symlink Attack Vulnerability in cp Command Denial of Service Vulnerability in libpurple HTML Logging Apache HTTP Server Cross-Site Scripting (XSS) Vulnerability in mod_imap and mod_imagemap FIFO Special File Denial of Service Vulnerability in Linux Kernel Stack-based buffer overflows in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 Arbitrary Code Execution Vulnerability in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 Directory Traversal Vulnerability in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 Unauthenticated Remote Command Execution in CA BrightStor ARCserve Backup for Laptops and Desktops Stack-based Buffer Overflow in ir_fetch_seq Function in Balsa 2.3.20 HP-UX Logins Command Privilege Escalation Vulnerability PHP Remote File Inclusion Vulnerability in phpBB Plus 1.53 and 1.53a WebBatch Remote Cross-Site Scripting (XSS) Vulnerability Sensitive Information Disclosure in WebBatch via dumpinputdata Parameter Arbitrary Script Injection in PhpWebGallery 1.7.0 via picture.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Phormer 3.31 index.php Multiple PHP Remote File Inclusion Vulnerabilities in pSlash 0.70 PHP Remote File Inclusion Vulnerabilities in Streamline PHP Media Server 1.0-beta4 SQL Injection Vulnerability in OneCMS 2.4 User Reviews Module Absolute Path Traversal Vulnerability in Yahoo! Messenger 8.1.0.421 ActiveX Control Stack-based Buffer Overflow in IMAPD in Mercury/32 4.52 Buffer Overflow in Sun Java Web Start ActiveX Control in JRE 1.6.0_X via dnsResolve Method Argument Arbitrary Code Execution Vulnerability in Adobe Acrobat and Reader 8.1 on Windows IC53616: Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) clients allows remote data reading Unquoted Windows Search Path Privilege Escalation Vulnerability Cleartext Password Storage Vulnerability in EMC VMware Server Unspecified Vulnerability in EMC VMware ACE Allows for Unknown Impact via Manipulation of Downloaded Virtual Machine Images Insecure Storage of Sensitive Information in dBlog CMS Cross-Site Scripting (XSS) Vulnerabilities in WBR3404TX Broadband Router's Web Management Panel Weak World-Writable Permissions in Dibbler 0.6.0 on Linux Buffer Over-read Vulnerability in Dibbler 0.6.0 Multiple Integer Overflows in Dibbler 0.6.0: Remote Denial of Service Vulnerability Dibbler 0.6.0 Denial of Service Vulnerability in TSrvOptIA_NA::rebind Method CSRF Vulnerability in Francisco Burzi PHP-Nuke Allows Unauthorized Administrative Account Creation Arbitrary Web Script Injection in phpBB XS 2 profile.php Sensitive Data Exposure in ELinks when Sending POST Requests via HTTPS with Proxy Remote File Inclusion Vulnerability in openEngine 1.9 beta1 Buffer overflow vulnerabilities in AirDefense Airsensor M520 firmware 4.3.1.1 and 4.4.1.4: Denial of Service via Crafted HTTPS Requests Buffer Overflow in inotify-tools Library Allows Arbitrary Code Execution Account Creation Bypass Vulnerability in Bugzilla WebService Local Privilege Escalation and Denial of Service Vulnerability in Ghost Security Suite beta 1.110 Vulnerability in Ghost Security Suite Alpha 1.200 Allows Privilege Escalation and Denial of Service Privilege Escalation and Denial of Service Vulnerability in G DATA InternetSecurity 2007 Outpost Firewall Pro 4.0.1025.7828 Local Privilege Escalation Vulnerability Local Privilege Escalation and Denial of Service Vulnerability in Kaspersky Internet Security 7.0.0.125 ZoneAlarm Pro 7.0.362.000 Local Privilege Escalation Vulnerability Argument Injection Vulnerability in Apple QuickTime 7.1.5 and earlier with Mozilla Firefox 2.0.0.7 and earlier installed Arbitrary JavaScript Injection via Cross-Site Scripting (XSS) in IceWarp Merak Mail Server Webmail Interface Norton Internet Security 2008 15.0.0.60 SSDT Function Handlers Validation Vulnerability Lhaplus Heap-Based Buffer Overflow Vulnerability Neuron News 1.0 - Directory Traversal Vulnerability in index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in PhpGedView 4.1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Vigile CMS 1.8 Multiple Incomplete Blacklist Vulnerabilities in iziContents 1 RC6 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in iziContents 1 RC6 and Earlier Directory Traversal Vulnerabilities in iziContents 1 RC6 and Earlier Remote Code Execution via Eval Injection in ADOdb Lite 1.42 and Earlier NetSupport Manager Client Vulnerability: Authentication Bypass via Spoofing Cross-site scripting (XSS) vulnerability in Barracuda Spam Firewall Web administration interface Multiple Cross-Site Scripting (XSS) Vulnerabilities in GreenSQL Arbitrary Password Change Vulnerability in XCMS SQL Injection Vulnerability in Clansphere 2007.4: Remote Code Execution via cat_id Parameter Remote Code Execution Vulnerability in Adam Scheinberg Flip 3.0 and Earlier Insufficient Access Control in Adam Scheinberg Flip 3.0 and Earlier Allows Unauthorized Access to Login Credentials Buffer Overflow in Xunlei Web Thunder ActiveX Control Remote File Inclusion Vulnerability in Joomla! Flash Slide Show Component Arbitrary Command Execution Vulnerability in Webmin 1.370 on Windows Multiple Buffer Overflows in iMatix Xitami Web Server 2.5c2: Remote Code Execution Vulnerability SQL Injection Vulnerability in phpFullAnnu (PFA) 6.0 index.php Directory Traversal Vulnerability in Nuke Mobile Entertainment 1 Addon for PHP-Nuke Heap-based Buffer Overflow in EasyMailMessagePrinter ActiveX Control Incomplete Blacklist Vulnerability in Simple PHP Blog before 0.5.1 Allows Arbitrary Code Execution Cross-Site Scripting (XSS) Vulnerabilities in Simple PHP Blog (SPHPBlog) before 0.5.1 eGov Manager Multiple Cross-Site Scripting (XSS) Vulnerabilities Remote Code Execution Vulnerability in Red Hat Enterprise Linux 4 RealPlayer Integer Overflow Vulnerability Heap-based Buffer Overflow in RealPlayer and RealOne Player Allows Remote Code Execution via Crafted RM File Stack-based Buffer Overflows in CA BrightStor HSM: Remote Code Execution Vulnerability Heap-based Buffer Overflow in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) Allows Remote Code Execution SQL Injection Vulnerabilities in CA BrightStor Hierarchical Storage Manager (HSM) before r11.6 Authentication Bypass Vulnerability in Apache Geronimo's Management EJB (MEJB) Kaspersky Anti-Virus and Internet Security 7.0 Build 125 Local Denial of Service Vulnerability Denial of Service Vulnerability in Linux Kernel ATM Module Arbitrary Web Script Injection Vulnerability in Freeside 1.7.2 Remote File Inclusion Vulnerability in sk.log 0.5.3 and Earlier: Arbitrary PHP Code Execution Data Corruption Vulnerability in IBM Rational ClearQuest (CQ) with Microsoft SQL Server or IBM DB2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in eGroupWare 1.4.001 Directory Traversal Vulnerability in Dance Music Module for phpNuke Denial of Service Vulnerability in Philips USB Webcam (pwc) Driver Heap-based Buffer Overflow in Ipswitch IMail Server SMTP Server Remote Code Execution via Windows Media Player's HTMLView Parameter Remote File Inclusion Vulnerability in guanxiCRM Business Solution 0.9.1 Remote File Inclusion Vulnerability in Online Fantasy Football League (OFFL) 0.2.6 PHP Remote File Inclusion Vulnerabilities in DFD Cart 1.1.4 and Earlier Remote File Inclusion Vulnerability in David Watters Helplink 0.1.0's show.php Allows Arbitrary PHP Code Execution PHP Remote File Inclusion Vulnerabilities in phpBB Plus 1.53 and 1.53a Privilege Escalation in ChironFS before 1.0 RC7 Remote Code Execution in Wordsmith 1.0 RC1 via PHP Remote File Inclusion Vulnerability Directory Traversal Vulnerability in Wordsmith 1.0 RC1 Allows Remote File Inclusion SQL Injection Vulnerability in Arcade Module of bcoos 1.0.10 Arbitrary Script Injection Vulnerability in WordPress 2.0 and 2.0.1 Arbitrary Script Injection Vulnerability in WordPress 2.0 Stack-based Buffer Overflow in AskJeevesToolBar.SettingsPlugin.1 ActiveX Control in askBar.dll Unspecified Remote Code Execution Vulnerability in IAC Search & Media ask.com Toolbar CSRF vulnerability in FlatNuke 2.6 and 3 allows unauthorized account manipulation Absolute Path Traversal Vulnerability in EbCrypt.eb_c_PRNGenerator.1 ActiveX Control in EBCRYPT.DLL Denial of Service Vulnerability in EBCRYPT.DLL 2.0 Cross-Site Scripting (XSS) Vulnerability in Google Urchin 5 session.cgi Authentication Bypass Vulnerability in Google Urchin's report.cgi PHP remote file inclusion vulnerability in Peter Schmidt phpmyProfiler 0.9.6b in include/plugin/block.t.php Multiple PHP Remote File Inclusion Vulnerabilities in Ekke Doerre Contenido 42VariablVersion (42VV10) Buffer Overflow in Perl 5.8 Regular Expression Engine Allows Arbitrary Code Execution Multiple PHP Remote File Inclusion Vulnerabilities in FrontAccounting 1.13 Unspecified Denial of Service Vulnerability in Sun Solaris HID Class Driver Sensitive Information Disclosure in JSPWiki 2.4.103 and 2.5.139-beta Multiple Cross-Site Scripting (XSS) Vulnerabilities in JSPWiki 2.4.103 and 2.5.139-beta JSPWiki 2.5.139-beta Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in SoftBiz Classifieds PLUS: Remote Code Execution via store_info.php SQL Injection Vulnerability in notas.asp in Novus 1.0 Arbitrary Code Execution Vulnerability in AOL Instant Messenger (AIM) 6.5.3.12 and Earlier Unspecified Remote Vulnerability in Symantec Veritas Backup Exec for Windows Servers 11d Multiple Cross-Site Scripting (XSS) Vulnerabilities in SimpGB 1.46.02 Information Disclosure Vulnerability in SimpNews 2.41.03 on Windows Insufficient Access Control in SimpGB 1.46.02 Allows Remote Information Disclosure and Arbitrary File Download Sensitive Information Disclosure in SimpGB 1.46.02 SQL Injection Vulnerability in Interspire ActiveKB NX 2.x and ActiveKB 1.5 Kernel Race Condition in Sun Solaris 8-10: Denial of Service via Thread Context Handling Denial of Service Vulnerability in Microsoft Windows Explorer via PNG File Cisco Catalyst 6500 and Cisco 7600 Series Devices EOBC IP Address Vulnerability Off-by-one Buffer Underflow Vulnerability in OpenSSL Unspecified Cross-Site Scripting (XSS) Vulnerability in DFD Cart 1.1.4 and Earlier Buffer Overflow in ReadImage Function in Tcl/Tk 8.4.13-8.4.15 Allows Remote Code Execution via Interlaced GIF Files Remote File Inclusion Vulnerability in lustig.cms BETA 2.5 Forum Module Remote File Inclusion Vulnerability in chupix 0.2.3 Allows Arbitrary PHP Code Execution IntegraMOD Nederland 1.4.2 PHP Remote File Inclusion Vulnerability in archive_topic.php SQL Injection Vulnerability in SiteX CMS 0.7.3 Beta's search.php Solidweb Novus 1.0 buscar.asp Cross-Site Scripting (XSS) Vulnerability Local Privilege Escalation Vulnerability in F-Secure Anti-Virus for Windows Servers 7.0 64-bit Edition Buffer Overflow Vulnerability in Windows Live Messenger GDI Engine Multiple Buffer Overflow Vulnerabilities in Microsoft Windows XP Multiple PHP Remote File Inclusion Vulnerabilities in Dedi-Group Der Dirigent 1.0 Multiple PHP Remote File Inclusion Vulnerabilities in Puzzle Apps CMS 2.2.1 Multiple PHP Remote File Inclusion Vulnerabilities in FrontAccounting (FA) 1.12 Remote File Inclusion Vulnerability in North Country Public Radio Public Media Manager (PMM) 1.3 SQL Injection Vulnerability in NukeSentinel 2.5.11's is_god Function via Base64-Encoded Admin Cookie SQL Injection Vulnerability in NukeSentinel 2.5.12 Allows Remote Code Execution via Admin Cookie Unauthenticated Administrative Access in Sun Java System Access Manager 7.1 Arbitrary Code Execution Vulnerability in Sun Java System Access Manager 7.1 Session Fixation Vulnerability in Aipo and Aipo ASP 3.0.1.0 and Earlier: Remote Session Hijacking ICEOWS 4.20b ACE Archive Filename Header Stack-based Buffer Overflow Vulnerability Arbitrary PHP Code Execution via Incomplete Blacklist Vulnerability in FCKeditor Remote File Inclusion Vulnerability in Alex Kocharin PHP Fidonet Tosser (PhFiTo) 1.3.0 Remote Focus Manipulation Vulnerability in Microsoft Internet Explorer 6.0 Incorrect Permissions on ntfs-3g Package Allowing Arbitrary Block Device Access Multiple PHP Remote File Inclusion Vulnerabilities in Thierry Leriche Restaurant Management System (ReMaSys) 0.5 Cross-zone scripting vulnerability in i-Systems Feedreader 3.10 internal browser allows remote code injection via feed items Lack of Common Name Verification in Ruby Net::HTTP and Net::HTTPS Libraries Remote File Inclusion Vulnerability in Nexty 1.01.A Beta via rel Parameter PHP Remote File Inclusion Vulnerability in UniversiBO 1.3.4 Remote Code Execution in Jens Tkotz myIpacNG-stats (MINGS) 0.05 via PHP Remote File Inclusion in init.php PHP Remote File Inclusion Vulnerabilities in SiteSys 1.0a PHPLister 0.5-pre2 Remote File Inclusion Vulnerability PHP Remote File Inclusion Vulnerabilities in ClanLite 1.23.01.2005 Stack-based Buffer Overflow in MAIPM6.dll in Adobe PageMaker 7.0.1 and 7.0.2 on Windows Arbitrary Network Traffic and Spam Proxy Vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) Arbitrary PM Deletion Vulnerability in Quicksilver Forums before 1.4.1 Database Password Disclosure in Quicksilver Forums before 1.4.1 PHP remote file inclusion vulnerability in phpBB Openid 0.2.0 Directory Traversal Vulnerability in actSite 1.56's news.php Allows Remote File Inclusion Remote Code Execution via PHP File Inclusion in actSite 1.991 Beta Multiple Cross-Site Scripting (XSS) Vulnerabilities in GroupLink eHelpDesk 6.2.2 SQL Injection Vulnerability in MambAds (com_mambads) 1.5 and Earlier Component for Mambo Remote File Inclusion and Arbitrary Code Execution in mx_glance 2.3.3 Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in Y&K Iletisim Formu Multiple SQL Injection Vulnerabilities in Ohesa Emlak Portali Netkamp Emlak Scripti detay.asp SQL Injection Vulnerability Netkamp Emlak Scripti mail.asp XSS Vulnerability Arbitrary Web Script Injection Vulnerability in OdysseySuite Mailbox.mws SmbFTPD 0.96 Format String Vulnerability in SMBDirList Function PHP Remote File Inclusion Vulnerabilities in phpWCMS XT 0.0.7 BETA and Earlier Remote File Inclusion Vulnerability in Segue CMS 1.8.4 and Earlier Arbitrary SQL Command Execution in Expanded Calendar 2.x Module for PHP-Fusion Arbitrary File Upload Vulnerability in XOOPS Uploader Class SQL Injection Vulnerabilities in x-script GuestBook 1.3a: Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in Alcatel OmniVista 4760 R4.2 and Earlier Privilege Escalation via Incorrect Order of setuid and setgid Functions in mount and umount Sensitive Information Disclosure in Twiki 4.1.2 on Debian GNU/Linux Privilege Escalation Vulnerability in rMake 1.0.11 Chroot Server Unspecified SSL Vulnerability in Groupwise Client System in SUSE Linux Enterprise Desktop 10 Unspecified SSL Vulnerability in Groupwise Client System in SUSE Linux Enterprise Desktop 10 Arbitrary Code Execution Vulnerability in Mono.Math.BigInteger Class Buffer Overflow in Nagios Plugins: Remote Code Execution via Redirects Remote Code Execution Vulnerability in X.Org libXfont 1.3.1 Local File Overwrite Vulnerability in Hugin on SUSE openSUSE 10.2 and 10.3 FTP Backend Password Exposure Vulnerability Symlink Attack Vulnerability in Guilt 0.27 Arbitrary Command Execution in Hewlett-Packard Linux Imaging and Printing Project (hplip) Stack-based Buffer Overflow in DriveLock.exe in CenterTools DriveLock 5.0 Arbor Networks Peakflow SP Access Restriction Bypass Vulnerability Arbor Networks Peakflow SP Multiple Cross-Site Scripting (XSS) Vulnerabilities Multiple Cross-Site Scripting (XSS) Vulnerabilities in AXIS 2100 Network Camera 2.02 Firmware CSRF Vulnerabilities in AXIS 2100 Network Camera 2.02 Firmware 2.43 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in AXIS 2100 Network Camera 2.02 Firmware 2.43 and Earlier Remote File Inclusion Vulnerabilities in Jacob Hinkle GodSend 0.6 Multiple PHP Remote File Inclusion Vulnerabilities in eArk (e-Ark) 1.0 Stack-based Buffer Overflow in ADM4 ActiveX Control in Altnet Download Manager 4.0.0.6 Arbitrary Web Script Injection Vulnerability in Don Barnes DRBGuestbook 1.1.13 Directory Traversal Vulnerability in CyberLink PowerDVD 7.0 ActiveX Control SQL Injection Vulnerability in ASP Product Catalog's catalog.asp Arbitrary PHP Code Execution via Remote File Inclusion in Poppawid 2.7 SQL Injection Vulnerability in MAXdev MDPro (MD-Pro) 1.0.76 via Referer HTTP Header Unspecified File Inclusion and Remote Code Execution Vulnerabilities in AlstraSoft Affiliate Network Pro Arbitrary Program Execution via exif_prog Parameter in Original Photo Gallery 0.11.2 and Earlier FIFO Filesystem Vulnerability: Memory Leak via Negative Maximum Length Value in I_PEEK ioctl Null Pointer Dereference in dircproxy 1.2.0 and earlier via ACTION command Cross-Site Scripting (XSS) Vulnerabilities in BlackBoard Learning System 6.3.1.593 and Earlier Cross-site scripting (XSS) vulnerability in Drupal Project issue tracking module subscription functionality CSRF Vulnerability in FeedBurner FeedSmith 2.2 Plugin for WordPress Unauthenticated Remote Code Execution in Zomplog 3.8.1 and Earlier Unrestricted File Upload Vulnerability in Zomplog 3.8.1 and Earlier DNS Rebinding Vulnerability in Sun Java Runtime Environment (JRE) SQL Injection Vulnerability in Web Template Management System 1.3: Remote Code Execution via index.php Remote File Inclusion Vulnerability in Ossigeno CMS 2.2 alpha3 Arbitrary Script Injection in Uebimiau 2.7.2 through 2.7.10 via f_email Parameter Unrestricted File Access Vulnerability in Java Web Start Unrestricted File Access Vulnerability in Java Web Start Unrestricted Access Vulnerability in Java Web Start File Copy and Rename Vulnerability in Java Web Start Visual Truncation Vulnerability in Java Runtime Environment Allows Circumvention of Untrusted-Code Warning Banner Buffer Overflow Vulnerability in NET$CSMACD.EXE in HP OpenVMS 8.3 and Earlier Denial of Service Vulnerability in HP OpenVMS 8.3 and Earlier Multiple Stack-Based Buffer Overflows in Borland InterBase LI and WI Remote Code Execution Vulnerability in Borland InterBase LI 8.0.0.53 through 8.1.0.253 Multiple stack-based buffer overflows in Firebird LI and WI versions 1.5.3.4870 and 1.5.4.4910 Stack-based Buffer Overflow Vulnerabilities in Firebird LI and WI Versions 2.0.0.12748 and 2.0.1.12855 Multiple Format String Vulnerabilities in Monolith Lithtech Engine with Punkbuster Enabled Format string vulnerabilities in ID Software Doom 3 engine with Punkbuster enabled Multiple Buffer Overflows in Unreal Engine Logging Function with Punkbuster Denial of Service Vulnerability in Windows Dedicated Server for Unreal Engine with Punkbuster Multiple Cross-Site Scripting (XSS) Vulnerabilities in Helm 3.2.16 Buffer Overflow Vulnerability in NetSupport Manager (NSM) Client and NetSupport School Student (NSS) Allows Remote Code Execution Arbitrary File Read Vulnerability in McMurtrey/Whitaker Cart32 Weak Permissions in VirusBlokAda Vba32 AntiVirus 3.12.2 Installation Directory Allows Privilege Escalation Arbitrary Script Injection in Google Mini Search Appliance 3.4.14 Multiple stack-based buffer overflow vulnerabilities in FSD and FSFDT versions prior to 3.000 d9 EDraw.OfficeViewer ActiveX Control Stack-based Buffer Overflow Vulnerability PHP Remote File Inclusion Vulnerability in phpFreeLog Alpha 0.2.0 CSRF Vulnerability in Ilient SysAid 4.5.03 and 4.5.04 Allows Remote Administrators to Change Passwords Insufficient Access Control in ASP-CMS 1.0 Allows Unauthorized Access to Sensitive Information Multiple SQL Injection Vulnerabilities in MultiCart 1.0 Format String Vulnerabilities in Battlefront Dropteam 1.3.3 and Earlier: Remote Code Execution Buffer Overflow Vulnerabilities in Battlefront Dropteam 1.3.3 and Earlier: Remote Code Execution and Denial of Service Account Information Theft Vulnerability in Battlefront Dropteam 1.3.3 and Earlier Multiple Format String Vulnerabilities in Dawn of Time 1.69s beta4 and Earlier Denial of Service Vulnerability in libpng's png_set_iCCP Function ICC Profile Chunk Handling Vulnerability in libpng Denial of Service Vulnerability in libpng Out-of-bounds read vulnerability in libpng chunk handlers Unspecified File Creation and XSS Vulnerability in Boost Module for Drupal PHP Remote File Inclusion Vulnerabilities in Trionic Cite CMS 1.2 rev9 and Earlier SQL Injection Vulnerability in kategori.asp in Furkan Tastan Blog Vulnerability: DNS Rebinding Attack in Sun Java Runtime Environment (JRE) Vulnerability in Sun Java Runtime Environment (JRE) Allows JavaScript DNS Rebinding Attack Adobe Macromedia Flash 9 Plug-in DNS Rebinding Vulnerability Opera 9 DNS Rebinding Vulnerability DNS Rebinding Vulnerability in Microsoft Internet Explorer 6 Insufficient Access Control in Zomplog 3.8.1 and Earlier Allows Remote File Download Heap-based Buffer Overflow in PowerArchiver: Remote Code Execution via Long Filename in BlackHole Archive Multiple Cross-Site Scripting (XSS) Vulnerabilities in AppFuse 2.0 Final Denial of Service Vulnerability in Hitachi Cosminexus Developer's Kit for Java Remote Denial of Service Vulnerability in Hitachi Cosminexus Agent and Library Denial of Service Vulnerability in Hitachi TPBroker Object Transaction Monitor and Cosminexus TPBroker Object Transaction Monitor Arbitrary Code Execution via HP Mercury Quality Center (QC) and TestDirector Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in MailBee WebMail Pro and Related Products Arbitrary Web Script Injection Vulnerability in DB Manager 2.0 Edit.asp Arbitrary Web Script Injection in Directory Image Gallery 1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in IDMOS 1.0-beta (aka Phoenix) PHP Remote File Inclusion Vulnerability in IDMOS 1.0-beta (Phoenix) Cross-Site Scripting (XSS) Vulnerabilities in Wikepage Opus 13 2007.2 and TipiWiki 2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in dbList 8.1 Arbitrary Script Injection Vulnerability in Minki 1.30 index.php PHP Remote File Inclusion Vulnerabilities in CMS Creamotion Directory Traversal Vulnerabilities in SkaDate 5.0 and 6.0 Stack-based buffer overflow in do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0 and 0.8.2 allows remote attackers to cause a denial of service (daemon crash) via a long USER command. Buffer Overflow in AlsaPlayer's Vorbis Engine Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in HP System Management Homepage (SMH) Arbitrary Web Script Injection Vulnerability in SnewsCMS Rus 2.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ELSEIF CMS Beta 0.6 Multiple PHP Remote File Inclusion Vulnerabilities in ELSEIF CMS Beta 0.6 Sensitive Information Disclosure in CMS Beta 0.6 via Unspecified Vectors in utilisateurs/votesresultats.php Arbitrary PHP Code Execution via Numeric Parameter in ELSEIF CMS Beta 0.6 SQL Injection Vulnerability in PHP Homepage M (phpHPm) 1.0 via galerie.php Arbitrary PHP Code Execution via Remote File Inclusion in Webmaster-Tips.net Flash Image Gallery for Joomla! Remote File Inclusion Vulnerability in Joomla! Wmtportfolio 1.0 Component Arbitrary File Inclusion Vulnerability in TorrentTrader Classic Edition 1.07 Cross-Site Scripting (XSS) Vulnerability in TorrentTrader Classic 1.07 Remote Code Execution in Picturesolution 2.1 and Earlier via PHP Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in xKiosk WEB 3.0.1i Remote File Inclusion Vulnerability in LiveAlbum 0.9.0 SQL Injection Vulnerability in Softbiz Jobs and Recruitment Script's browsecats.php Arbitrary File Download Vulnerability in TYPOlight webCMS 2.4.6 Denial of Service Vulnerability in vuidmice STREAMS Modules in Sun Solaris 8, 9, and 10 Multiple Absolute Path Traversal Vulnerabilities in Pegasus Imaging ImagXpress 8.0 Arbitrary File Inclusion Vulnerability in Verlihub Control Panel (VHCP) 1.7 and Earlier Arbitrary Code Execution Vulnerability in FPOLE.OCX ActiveX Control Buffer Overflow Vulnerability in EMC Replistor 6.1.3 Multiple Buffer Overflows in CA BrightStor ARCServe BackUp and Enterprise Backup Buffer Overflow Vulnerabilities in CA BrightStor ARCServe BackUp and Enterprise Backup Remote Code Execution Vulnerability in CA BrightStor ARCServe BackUp and Enterprise Backup Privileged Function Exposure in CA BrightStor ARCServe BackUp and Enterprise Backup Unspecified Memory Corruption Vulnerability in CA BrightStor ARCServe BackUp and Enterprise Backup Remote Code Execution and Memory Corruption Vulnerabilities in CA BrightStor ARCServe BackUp and Enterprise Backup Arbitrary Code Execution Vulnerability in CA BrightStor ARCServe BackUp Unspecified Memory Corruption Vulnerabilities in CA BrightStor ARCServe BackUp and Enterprise Backup Apache Tomcat Cookie Handling Vulnerability Title: Window Titlebar Hiding Vulnerability in Mozilla Firefox and SeaMonkey Information Disclosure Vulnerability in Mozilla Firefox 2.0 before 2.0.0.8 Arbitrary File Read Vulnerability in Mozilla Firefox and SeaMonkey on Linux with gnome-vfs Support Arbitrary JavaScript Execution via XPCNativeWrappers Modification Memory Corruption and Assert Error Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Memory Corruption Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Critical Remote Code Execution Vulnerability in Mozilla Firefox Venkman Script Debugger Arbitrary File Overwrite Vulnerability in Apache Tomcat Logging Component Remote Code Execution Vulnerability in Microsoft Internet Explorer 5.01 through 7 DHTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01 through 7 GDI+ VML Buffer Overrun Vulnerability Unspecified Privilege Escalation Vulnerability in Windows Advanced Local Procedure Call (ALPC) SMBv2 Signing Vulnerability Privilege Escalation Vulnerability in LSASS Service WPAD DNS Suffix Configuration Vulnerability Multiple buffer overflows in Asterisk voicemail functionality Buffer Overflow in OpenPegasus Management Server with PAM Authentication (CVE-2008-0004) Vulnerability: IP Address Caching in Alcatel-Lucent OmniPCX Enterprise Communication Server Multiple PHP Remote File Inclusion Vulnerabilities in Avant-Garde Solutions MOSMedia Lite Component Remote File Inclusion Vulnerability in Panoramic Picture Viewer (com_panoramic) Mambot 1.0 for Joomla! Directory Traversal Vulnerability in ViArt Shopping Cart's iDEAL Transaction Handler Stack-based Buffer Overflow in DHCPD Allows Remote Code Execution or DoS Sensitive Information Disclosure in Fujitsu Interstage Application Server and Interstage Apworks/Studio Denial of Service Vulnerability in Sun Solaris 10 Virtual File System (VFS) Unspecified Denial of Service Vulnerabilities in Trusted Extensions in Sun Solaris 10 Remote Denial of Service Vulnerability in Massive Entertainment World in Conflict 1.000 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in NetWin DNewsWeb (DNews News Server) 57e1 SQL Injection Vulnerabilities in MODx 0.9.6: Remote Code Execution via mutate_content.dynamic.php SQL Injection Vulnerabilities in LedgerSMB and DWS Systems SQL-Ledger Command Line Password Exposure in ldapscripts 1.4 and 1.7 Privilege Escalation Vulnerability in LightBlog 8.4.1.1 Multi-Pin DNS Rebinding Vulnerability in Sun Java Virtual Machine (JVM) Local File Overwrite Vulnerability in Tramp 2.1.10 Extension for Emacs Buffer Overflow in FileReadGIF Function in Tk Toolkit 8.4.12 and Earlier Arbitrary File Disclosure and XML Reading Vulnerability in Ruby on Rails Session Fixation Vulnerability in Ruby on Rails before 1.2.4 Stack-based Buffer Overflow in Cisco IOS LPD Default Administrator Accounts Created During Conversion Utility for CiscoWorks WLSE to WCS Double-Slash Authentication Bypass Vulnerability in Thomson/Alcatel SpeedTouch 7G Router Multiple CSRF Vulnerabilities in Thomson/Alcatel SpeedTouch 7G Router Cross-Site Scripting (XSS) Vulnerabilities in Thomson/Alcatel SpeedTouch 7G Router Arbitrary Web Script Injection Vulnerability in phpMyAdmin 2.11.1 Remote File Inclusion Vulnerability in Pindorama 0.1's XMLRPC Client PHP Remote File Inclusion Vulnerabilities in WebDesktop 0.1 PHP Remote File Inclusion Vulnerability in swMenuFree Component for Joomla! Arbitrary PHP Code Execution via Remote File Inclusion in PicoFlat CMS 0.4.14 and Earlier Unspecified Remote Access Vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 Heap-based buffer overflow in Xpdf 3.02p11 via crafted PDF file Heap-based Buffer Overflow in CCITTFaxStream::lookChar Method in Xpdf 3.02p11 AldFs32.dll Stack-based Buffer Overflow Vulnerability in Adobe PageMaker 7.0.1 and 7.0.2 Stack-based Buffer Overflow in separate_word function in Link Grammar 4.1b and AbiWord Link Grammar 4.2.4 Remote Code Execution Vulnerability in Miranda IM 0.7.1 via Format String Specifiers in Yahoo! Contact Handle Heap-based Buffer Overflow in activePDF Server Service (APServer.exe) Stack-based Buffer Overflow in Samba WINS Server Allows Remote Code Execution Multiple Heap-Based Buffer Overflows in Autonomy KeyView EML Reader Heap-based Buffer Overflow in RealPlayer 10.5 Build 6.0.12.1483 SWF Frame Handling Vulnerability Unrestricted File Upload Vulnerability in Layton HelpBox 3.7.1 Multiple SQL Injection Vulnerabilities in Layton HelpBox 3.7.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Layton HelpBox 3.7.1 Username Enumeration Vulnerability in Layton HelpBox 3.7.1 Buffer overflow vulnerabilities in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in Applix Presents reader Denial of Service Vulnerability in Applix Presents Reader Multiple PHP Remote File Inclusion Vulnerabilities in JContentSubscription Component for Joomla! SQL Injection Vulnerability in cpDynaLinks 1.02: Remote Code Execution via category parameter Remote File Inclusion Vulnerability in NuSEO PHP Enterprise 1.6 (NuSEO.PHP) Arbitrary PHP Code Execution via Remote File Inclusion in Webmaster-Tips.net Flash RSS Reader Arbitrary Web Script Injection in Linksys SPA941 VoIP Phone Firmware 5.1.8 PHP Remote File Inclusion Vulnerabilities in Quoc-Huy MP3 Allopass Component for Joomla! Arbitrary File Read Vulnerability in Radia Integration Server in HP OpenView CM Infrastructure and CCM Mozilla Firefox UTF-7 Cross-Site Scripting (XSS) Vulnerability Mozilla Firefox 2.0 UTF-7 Cross-Site Scripting (XSS) Vulnerability Arbitrary PHP Code Execution in Drupal 5.2 and Earlier Directory Traversal Vulnerability in bMachine 2.8 Allows Remote File Read Multiple PHP Remote File Inclusion Vulnerabilities in CARE2X 2G 2.2 Unintended Incoming Traffic Vulnerability in 3Com 3CRWER100-75 Router Information Disclosure Vulnerability in 3Com 3CRWER100-75 Router Denial of Service Vulnerability in Solaris Auditing Module Arbitrary Code Execution in TikiWiki 1.9.8 via tiki-graph_formula.php Bypassing Restrictions in PHP 4 and 5 via disable_functions Feature SQL Injection Vulnerability in Interspire ActiveKB 1.5 via questId Parameter in hideQuestion ToDo Action Multiple Cross-Site Scripting (XSS) Vulnerabilities in ActiveKB NX 2.5.4 Joomla! 1.0.13 and Earlier Cross-Site Scripting (XSS) Vulnerability in com_search Component UMI CMS Cross-Site Scripting (XSS) Vulnerability in search_do/ Arbitrary Web Script Injection Vulnerability in Nucleus 3.01 index.php Multiple SQL Injection Vulnerabilities in Stride 1.0 Sensitive Information Exposure in MyFTPUploader Module in Stride 1.0 Default Administrator Credentials in Stride 1.0 Cross-Site Scripting (XSS) Vulnerabilities in Site-Up 2.64 and Earlier via index.cgi Arbitrary Web Script Injection Vulnerability in PRO-search 0.17.1 and Earlier Denial of Service Vulnerability in CA ERwin Process Modeler 7.2 Buffer Overflow in G DATA Antivirus 2007 ActiveX Control Arbitrary Website Redirection Vulnerability in CA eTrust ITM 8.1 Web Console Unspecified Denial of Service Vulnerability in VMware Workstation, Player, ACE, and Server Sensitive User Information Exposure in CA eTrust ITM (Threat Manager) 8.1 PHP Remote File Inclusion Vulnerabilities in CRS Manager: Arbitrary Code Execution User Permission Bypass in CMS Made Simple 1.1.3.1 Unrestricted File Upload Vulnerability in CMS Made Simple 1.1.3.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in CMS Made Simple 1.1.3.1 Path Disclosure Vulnerability in CMS Made Simple 1.1.3.1 Buffer Overflow in DB Software Laboratory VImpX ActiveX Control (VImpAX1) in VImpX.ocx 4.7.3.0 Absolute Path Traversal Vulnerability in PBEmail7Ax.dll Allows Arbitrary File Creation or Overwrite Bypassing Safe Mode and Disable Functions Restrictions in ionCube Loader 6.5 Extension for PHP 5.2.4 Denial of Service Vulnerability in Madwifi 0.9.3.2 and Earlier SQL Injection Vulnerability in Softbiz Recipes Portal Script Remote Denial of Service and Filesystem Browsing Vulnerability in Safari on Apple iPod touch and iPhone 1.1.1 Arbitrary PHP Code Execution via Remote File Inclusion in Joomla! com_colorlab Component SQL Injection Vulnerabilities in Php-Stats 0.1.9.2: Remote Code Execution Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 Directory Traversal Vulnerability in PHP File Sharing System 1.5.1 Arbitrary Web Script Injection in WWWISIS 7.1 and Earlier Arbitrary .exe File Download Bypass in Microsoft Internet Explorer 7 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in Michael Dempfle Joomla Flash Uploader (com_jfu or com_joomla_flash_uploader) 2.5.1 Component SQL Injection Vulnerability in Newsletter Module 1.0 for KwsPHP Arbitrary Code Injection through MouseoverDictionary Extension for Mozilla Firefox Weak Encryption of PIN/Password in Microsoft ActiveSync 4.1 Apache Tomcat Absolute Path Traversal Vulnerability Denial of Service Vulnerability in Sun Solaris RPC Services Library Path Disclosure Vulnerability in iDEAL Payment Module in ViArt Shop 3.3 Beta and Earlier Stack-based Buffer Overflow in Live for Speed 0.5X10 and Earlier: Remote Code Execution Vulnerability Arbitrary File Inclusion Vulnerability in doop CMS 1.3.7 and Earlier Multiple Buffer Overflows in eXtremail 2.1.1 and Earlier Integer Overflow in eXtremail 2.1.1 and Earlier Allows Remote Code Execution via Long USER Command Cisco CallManager 5.1.1.3000-5 Digest Authentication Bypass Vulnerability Unverified Digest Authentication Header URI Vulnerability in OpenSER 1.2.2 Clear-text Storage of Catalog Password in Microsoft Expression Media IVC File Denial of Service in libgssapi in ISC BIND named daemon CA Host-Based Intrusion Prevention System (HIPS) Server Component XSS Vulnerability Sensitive File Source Code Disclosure in Mono's StaticFileHandler Vulnerability: Remote Code Execution and Denial of Service in Linksys WRT350N Wi-Fi Access Point Buffer Overflow Vulnerabilities in Marvell Wireless Driver Unspecified Highly Severe Vulnerability in Adobe Flash Player on Opera for Mac OS X XSS Vulnerability in djeyl.net WebMod 0.48 Half-Life Dedicated Server Plugin Arbitrary Web Script Injection in Nabh Stringbeans Portal (sbportal) 3.2 XSS Vulnerability in Search.asp of Xcomputer Allows Remote Code Injection Multiple Cross-Site Scripting (XSS) Vulnerabilities in InnovaAge InnovaShop Distributed Checksum Clearinghouse (DCC) 1.3.65 Denial of Service Vulnerability via SOCKS Flood Denial of Service Vulnerability in Sun StorEdge/StorageTek 3510 FC Array Unspecified Vulnerability in IBM WebSphere Application Server Administrative Scripting Tools Arbitrary File Read Vulnerability in WWWISIS 7.1 SQL Injection Vulnerability in mg2 1.0 Module for KwsPHP: Remote Code Execution via album Parameter Unauthenticated Remote Access to Companies Module in dotProject Stack-based Buffer Overflow in COWON America jetAudio Basic 7.0.3 via Long URL in EXTM3U Section SQL Injection Vulnerabilities in cdr_addon_mysql in Asterisk-Addons Arbitrary File Inclusion Vulnerability in Artmedic CMS 3.4 and Earlier SQL Injection Vulnerability in Okul Otomasyon Portal 2.0 Default.asp Arbitrary File Chmod Vulnerability in SiteBar Translation Module Static Code Injection Vulnerability in SiteBar 3.3.8 Translation Module (translator.php) Sender Field Spoofing Vulnerability in Windows Mobile 2005 Pocket PC Phone Edition Memory Leak Vulnerability in Red Hat Content Accelerator Kernel Patch in RHEL 4 and 5 Local Privilege Escalation via Symlink Attack in sealert.log Temporary File Cross-site scripting (XSS) vulnerability in setroubleshoot 2.0.5 Arbitrary Code Execution via Crafted Filesystem Image in libext2fs Denial of Service Vulnerability in Xen Hypervisor Block Backend Driver for Linux Kernel 2.6.18 Denial of Service Vulnerability in Linux Kernel's wait_task_stopped Function TCP SACK Tag Write Queue NULL Pointer Dereference Vulnerability Insecure Auto-Seeding in OpenSSL FIPS Object Module 1.1.1 PRNG Implementation Integer Overflow in Cairo's read_png Function Unspecified Vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 with Remote Attack Vectors Unspecified Vulnerabilities in Oracle Database Components Denial of Service Vulnerability in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 (DB20) Oracle Database GIOP Service Denial of Service and Memory Disclosure Vulnerability SQL Injection Vulnerabilities in CTXSYS Intermedia Application for Oracle Text Component Unspecified Remote Attack Vulnerability in Oracle Database Spatial Component (DB06) Unspecified Vulnerabilities in Oracle Database Workspace Manager Component SQL Injection Vulnerability in Workspace Manager for Oracle Database Unspecified Remote Attack Vulnerability in Oracle Database Vault (DB21) XML DB (XMLDB) Component in Oracle Database Generates Incorrect Audit Entries in USERID Column (Vulnerability: DB23) Unspecified Vulnerabilities in Oracle Database 10.2.0.3 with Unknown Impact and Attack Vectors Unspecified Remote Attack Vulnerability in Oracle Database Spatial Component (DB27) AS01: Unspecified Remote Vulnerability in Oracle Process Mgmt & Notification Component AS02: Unspecified Remote Vulnerability in Oracle Portal Component Unspecified Remote Code Execution Vulnerability in Oracle HTTP Server (AS03) AS04: Unspecified Remote Vulnerability in Oracle Portal Unspecified Remote Attack Vulnerability in Oracle Internet Directory (AS05) AS06: Unspecified Remote Vulnerability in Oracle Containers for J2EE Component AS07: Unspecified Remote Vulnerability in Oracle Portal Component Unspecified Remote Code Execution Vulnerability in Oracle Internet Directory (AS08) Unspecified Remote Vulnerability in Oracle Single Sign-On Component Unspecified Remote Vulnerability in Oracle Single Sign-On Component (AS10) Unspecified Remote Vulnerability in Oracle Portal Component (AS11) Unspecified Remote Vulnerabilities in Oracle E-Business Suite 11.5.10.2 Unspecified Vulnerabilities in Oracle E-Business Suite 12.0.2 with Unknown Impact and Attack Vectors in Public Sector Human Resources and Quoting Component Unspecified Remote Attack Vulnerability in Oracle Self-Service Web Applications (APP08) Unspecified Remote Attack Vulnerability in Oracle Database Control (EM01) Unspecified Remote Vulnerability in Oracle Help for Web (EM02) Unspecified Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne Unspecified Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne PSE_HCM01: Unspecified Remote Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne HCM Component Unspecified Vulnerability in RunCms 1.5.2's newbb_plus Module Unspecified Denial of Service Vulnerability in OpenSSL on HP-UX Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) and Unified CallManager Buffer Overflow Vulnerability in Cisco Unified Communications Manager (CUCM) and Unified CallManager Privilege Escalation and Unauthorized Access Vulnerability in Cisco Unified Contact Center Unspecified Remote Code Execution Vulnerability in Opera Arbitrary Command Execution Vulnerability in Opera before 9.24 Miranda IM 0.6.8 Stack-Based Buffer Overflow Vulnerability Remote Code Execution Vulnerability in Miranda IM 0.6.8 and 0.7.0 via Crafted Yahoo! Messenger Packet Weak Permissions in IBM Lotus Notes and Domino: Local Information Disclosure and Session Injection Vulnerability TIBCO SmartPGM FX Format String Vulnerability Multiple stack-based buffer overflows in TIBCO SmartPGM FX Cisco IOS Cross-Site Scripting (XSS) Vulnerability (CVE-2007-1016) Multiple Stack-Based Buffer Overflows in Cisco IOS Command EXEC Unspecified Command EXEC Vulnerability in Cisco IOS Unspecified Remote Information Disclosure Vulnerability in Cisco IOS Cisco IOS Off-by-One Heap-Based Buffer Overflow Vulnerability Integer Overflow Vulnerability in Cisco IOS Remote Memory Disclosure Vulnerability in Oracle (CVE-2007-7892711) CVE-2021-XXXX: Unspecified Authentication Credentials Information Leakage in Symantec Altiris Deployment Solution Unspecified Denial of Service Vulnerability in Avaya VoIP Handset Unspecified Denial of Service Vulnerability in NEC Mobile Handset Integer Overflow Vulnerability in LG Mobile Handset IBM ThinkVantage TPM Service Heap-based Buffer Overflow Vulnerability Juniper HTTP Service Heap-based Buffer Overflow Vulnerability Format String Vulnerability in Oracle OPMN Daemon Logging Function Netgear SSL312 PROSAFE SSL VPN-Concentrator 25 Cross-Site Scripting (XSS) Vulnerability in Login Page Arbitrary PHP Code Execution Vulnerability in VirtueMart before 1.0.13 Multiple Cross-Site Scripting (XSS) Vulnerabilities in NSSboard 6.1 Remote File Inclusion Vulnerability in phpSCMS 0.0.1-Alpha1 via dir Parameter PHP Remote File Inclusion Vulnerabilities in PHPBlog 0.1 Alpha Galmeta Post 0.11 - PHP Remote File Inclusion Vulnerability in upload_config.php Denial of Service Vulnerability in Cisco PIX, ASA, and FWSM Appliances via Crafted MGCP Packet Denial of Service Vulnerability in Cisco PIX and ASA Appliances with TLS Configuration Denial of Service Vulnerability in Cisco Firewall Services Module (FWSM) 3.2(1), and 3.1(5) and earlier (CSCsi77844) Bypassing ACL Restrictions in Cisco Firewall Services Module (FWSM) (CSCsj52536) CSRF Vulnerabilities in Simple PHP Blog (SPHPBlog) 0.4.9 Allow Remote Administrators to Perform Unauthorized Delete Actions LimeSurvey 1.5.2 and Earlier: PHP Remote File Inclusion Vulnerability in classes/core/language.php PHPDJ 0.5 - Remote File Inclusion Vulnerability in djpage.php CSRF Vulnerability in 1024 CMS 1.2.5 Allows Remote Attackers to Perform Administrative Actions Cleartext Password Echo Vulnerability in BEA Tuxedo and WebLogic Enterprise Cross-Site Scripting (XSS) Vulnerabilities in Joomla! before 1.0.13 Authentication Bypass Vulnerability in BASE (Basic Analysis and Security Engine) before 1.3.8 Guessable Confirmation Code Vulnerability in Pligg CMS 9.5 Allows Password Reset by Remote Attackers Buffer Overflow Vulnerability in Cisco Security Agent Driver Cross-Site Scripting (XSS) Vulnerabilities in Cisco Unified MeetingPlace CiscoWorks Server (CS) Login Page Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Cisco IP Phone 7940 with Firmware P0S3-08-7-00 Denial of Service Vulnerability in Cisco Firewall Services Module (FWSM) 3.2(3) Vulnerability: Unauthorized Access to Locked Session via xscreensaver Buffer Overflow Vulnerability in Macrovision SafeDisc secdrv.sys Arbitrary Script Injection in mnoGoSearch before 3.2.43 via search.cgi Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin Multiple Buffer Overflows in Miranda: Remote Code Execution Vulnerabilities CS1000 Signaling Server Denial of Service Vulnerability PHP Remote File Inclusion Vulnerabilities in awzMB 4.2 beta 1 and Earlier Arbitrary Code Execution via Modified settings.php in Drupal 5.x Cross-Site Request Forgery (CSRF) Vulnerability in Drupal 5.x before 5.3 CRLF Injection Vulnerability in Drupal's drupal_goto Function Cross-Site Scripting (XSS) Vulnerability in Drupal Upload Module Unpublished Comment Email Disclosure Vulnerability in Drupal 4.7.x and 5.x Unspecified Cross-Site Scripting (XSS) Vulnerability in Weblinks for Drupal Multiple PHP Remote File Inclusion Vulnerabilities in Awrate 1.0 Arbitrary PHP Code Execution via Incomplete Blacklist Vulnerability in Artmedic CMS 3.4 and Earlier Stack-based Buffer Overflow in RealPlayer Database Component Stack-based Buffer Overflows in SwiftView Viewer: Remote Code Execution Vulnerability SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX Control Stack-Based Buffer Overflow Vulnerability Buffer Overflow in HP Instant Support ActiveX Control Allows Remote Code Execution Buffer Overflow in HPISDataManagerLib.Datamgr ActiveX Control in HP Instant Support Buffer Overflow in HPISDataManagerLib.Datamgr ActiveX Control in HP Instant Support Buffer Overflow in HPISDataManagerLib.Datamgr ActiveX Control in HP Instant Support Arbitrary File Download Vulnerability in HP Instant Support Arbitrary File Deletion Vulnerability in HP Instant Support Denial of Service Vulnerability in CIM Server of IBM Director 5.20.1 and Earlier Arbitrary Web Script Injection Vulnerability in Mortbay Jetty Dump Servlet HTML Cookie Parameter Hijacking Vulnerability in Mortbay Jetty CRLF Injection Vulnerability in Mortbay Jetty before 6.1.6rc0 Privilege Escalation in SSH Tectia Client and Server 5.x and 5.3.x on Unix and Linux Unspecified vulnerability in VMware Player and Workstation allows denial of service via untrusted virtual machine images Unquoted Windows Search Path Vulnerability in VMware Player, Server, and Workstation Cleartext Password Logging Vulnerability in VMware Server Directory Traversal Vulnerability in ZZ:FlashChat 3.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Token Module for Drupal Double Free Vulnerability in ftpprchild Function in 3proxy 0.5 through 0.5.3i Buffer Overflow Vulnerability in Nagios Plugins (nagios-plugins) 1.4.10 Nagios 2.x Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection in ASP Site Search SearchSimon Lite 1.0 via QUERY Parameter Vulnerability: Cleartext Transmission of MySQL Password in Bacula 2.2.5 and Earlier Remote File Inclusion Vulnerability in SocketMail 2.2.8 Remote File Inclusion Vulnerability in TOWels 0.1: Arbitrary PHP Code Execution Cross-Site Scripting (XSS) Vulnerability in ShoppingTree CandyPress Store 4.1 SQL Injection Vulnerability in tnews.php in BBsProcesS BBPortalS 1.5.10 through 2.0 Multiple PHP Remote File Inclusion Vulnerabilities in PeopleAggregator 1.2pre6 Unspecified Denial of Service Vulnerabilities in Sun Solaris Kernel Arbitrary MSR Read/Write and Privilege Escalation Vulnerability in SpeedFan 4.33 Buffer Overflow Vulnerability in SpeedFan.sys Allows for Privilege Escalation and Denial of Service Unspecified Vulnerabilities in Salford Software Support Incident Tracker (SiT!) before 3.30 Nortel UNIStim IP Softphone 2050 Buffer Overflow Vulnerability Nortel IP Phone Surveillance Mode Vulnerability Nortel IP Phone Vulnerability: RUDP ID Spoofing and Eavesdropping Denial of Service Vulnerability in Nortel UNIStim IP Softphone and IP Phone Models Remote Call Blocking and Forced Re-registration Vulnerability in Nortel IP Phones Multiple PHP Remote File Inclusion Vulnerabilities in PHP Project Management 0.8.10 and Earlier Multiple Directory Traversal Vulnerabilities in PHP Project Management 0.8.10 and Earlier Multiple SQL Injection Vulnerabilities in Lussumo Vanilla 1.1.3 and Earlier Unauthenticated Remote Sort Operations and Unauthorized Activities in Lussumo Vanilla 1.1.3 and Earlier SQL Injection Vulnerability in Simple Machines Forum (SMF) 1.1.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in SocketKB 1.1.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in rNote 0.9.7.5 Arbitrary Web Script Injection in Creative Digital Resources SocketMail 2.2.1 Arbitrary File Inclusion Vulnerability in ReloadCMS 1.2.7 Denial of Service Vulnerability in Cisco EAP Implementation Improper Storage Management Vulnerability in IBM DB2 UDB 9.1 Bypassing Safe Mode and Disable Functions Restrictions in COM Functions in PHP 5.x on Windows Mime Type Injection in LiteSpeed Web Server Arbitrary Code Execution Vulnerability in TIBCO SmartSockets RTserver, RTworks, and EMS Memory Loop Operations Vulnerability in TIBCO SmartSockets RTserver, RTworks, and EMS Arbitrary Code Execution Vulnerability in TIBCO SmartSockets RTserver, RTworks, and EMS Heap-based Buffer Overflow in TIBCO SmartSockets RTserver, RTworks, and EMS Buffer Overflow Vulnerabilities in Adobe Reader and Acrobat 8.1.1 and Earlier Unspecified Remote Code Execution Vulnerability in Update Service ActiveX Control Unvalidated DLL File Parameter Vulnerability in Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX Control Arbitrary Code Execution via Insecure JavaScript Method in Adobe Reader and Acrobat Symlink Attack Vulnerability in DB2 Administration Server (DAS) Privilege Escalation Vulnerability in Novell ZENworks Endpoint Security Management (ESM) 3.5 Untrusted Search Path Vulnerability in Adobe Reader and Acrobat 8.1.1 and Earlier Arbitrary User-Mode Input Vulnerability in Novell Client 4.91 SP 1 through SP 4 Arbitrary Memory Modification Vulnerability in VMware Tools Arbitrary Web Script Injection Vulnerability in ifnet WebIf InstaGuide Weather 1.0 - Directory Traversal Vulnerability in index.php Stack-based Buffer Overflow in MultiXTpm Application Server DebugPrint Function Arbitrary PHP Code Execution via Remote File Inclusion in PHP-Nuke Platinum 7.6.b.5 Cross-Site Scripting (XSS) Vulnerability in Hackish BETA 1.1 Shoutbox/Blocco.php SQL Injection Vulnerability in phpBasic Music Module SQL Injection Vulnerability in DeeEmm.com DM CMS 0.7.0.Beta and 0.7.4 Arbitrary Code Execution via Incomplete Blacklist Vulnerability in TikiWiki Multiple Cross-Site Scripting (XSS) Vulnerabilities in TikiWiki 1.9.8.1 and Earlier Directory Traversal Vulnerabilities in TikiWiki 1.9.8.1 and Earlier Directory Traversal Vulnerability in shttp before 0.0.5 Insecure Permissions in rPath Linux 1's initscripts Allow Unauthorized Access to Authentication Attempts Multiple Buffer Overflows in JustSystems Ichitaro: Remote Code Execution Vulnerability SQL Injection Vulnerabilities in Multi-Forums Module 1.3.3 Arbitrary Code Execution and File Manipulation Vulnerability in Sun Java Runtime Environment Buffer Overflow Vulnerability in Asterisk Zaptel 1.4.5.1: Local Privilege Escalation via Long Device Name Denial of Service Vulnerability in Mozilla Firefox 2.0.0.7 via Crafted FTP Reply Multiple Cross-Site Scripting (XSS) Vulnerabilities in SiteBar 3.3.8 Eval Injection Vulnerability in SiteBar 3.3.8 Translation Module (translator.php) Absolute Path Traversal Vulnerability in SiteBar 3.3.8 Translation Module (translator.php) Open Redirect Vulnerability in SiteBar 3.3.8's command.php Allows Remote Attackers to Redirect Users PHP Remote File Inclusion Vulnerability in phpBasic's includes.php Allows Arbitrary Code Execution PHP Image 1.2 Multiple Remote File Inclusion Vulnerabilities Arbitrary Web Script Injection in CREApark GOLD KOY PORTALI via aranan Parameter Remote Code Execution Vulnerability in eIQNetworks Enterprise Security Analyzer (ESA) 2.5 Insecure Security Context in IBM Lotus Domino Allows Privilege Escalation and Information Disclosure Incomplete Blacklist Vulnerability in IBM Lotus Domino CA: Cleartext Password Disclosure Cross-Site Scripting (XSS) Vulnerability in Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x RSA KEON Registration Authority Web Interface 1.0 - Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerabilities in CodeWidgets.com Online Event Registration Template Arbitrary PHP Code Execution Vulnerability in Jeebles Directory 2.9.60 Absolute Path Traversal Vulnerability in Jeebles Directory 2.9.60's download.php Denial of Service Vulnerability in OpenLDAP 2.3.39 Memory Allocation Vulnerability in slapo-pcache in OpenLDAP Remote Code Execution Vulnerability in Sony SonicStage CONNECT Player (CP) 4.3 via Long File Name in M3U File Arbitrary Script Injection Vulnerability in WordPress 2.3 Denial of Service Vulnerability in World in Conflict 1.001 and Earlier Denial of Service Vulnerability in Django Internationalization Framework Buffer overflow vulnerability in GeoIP module of AMX Mod X 1.76d plugin for Half-Life Server Empty Default Password Vulnerability in MLDonkey Ebuild Incorrect Regular Expression in DenyHosts 2.6 Allows Remote Attackers to Bypass Detection and Blocking Unspecified Denial of Service Vulnerability in Sun Solaris 10 IP Functionality Remote Code Execution Vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) Arbitrary File Modification Vulnerability in vobcopy 0.5.14 Arbitrary SQL Command Execution in miniBB 2.1 via bb_func_search.php Unrestricted File Upload Vulnerability in ProfileCMS 1.0 Remote File Inclusion Vulnerability in MySpacePros MySpace Resource Script (MSRS) 1.21 Stack-based buffer overflow in GLChat.ocx 2.5.1.32 allows remote code execution Heap-based Buffer Overflow in NuFW's samp_send Function in nuauth/sasl.c Multiple Cross-Site Scripting (XSS) Vulnerabilities in Omnistar Live Multiple Cross-Site Scripting (XSS) Vulnerabilities in Smart-Shop Denial of Service Vulnerability in Solaris 10 SCTP Functionality Incomplete Blacklist Vulnerability in OneOrZero Helpdesk 1.6.5.4 and Earlier Versions Allows Cross-Site Scripting (XSS) Attacks Arbitrary Web Script Injection Vulnerability in phpPgAdmin 3.5 to 4.1.1 NE2000 mtu Heap Overflow Vulnerability QEMU 0.8.2 Heap-Based Buffer Overflow in Net Socket Listen Option Apache Jakarta Slide 2.1 Absolute Path Traversal Vulnerability Directory Traversal Vulnerability in eLouai's Force Download of Media Files Script Unrestricted File Upload Vulnerability in Japanese PHP Gallery Hosting Unrestricted File Upload Vulnerability in eFileMan 7.1.0.87-88 Insufficient Access Control in eFileMan 7.1.0.87-88 Allows Unauthorized Access to Sensitive Information Unrestricted File Upload Vulnerability in SeeBlick 1.0 Beta Allows Arbitrary File Upload Unrestricted File Upload Vulnerability in Korean GHBoard's component/upload.jsp Bypassing Client-Side Protection Mechanism in Korean GHBoard FlashUpload Component Arbitrary File Read Vulnerability in Korean GHBoard FlashUpload Component Format String Vulnerability in Perdition Mail Retrieval Proxy 1.17 and Earlier Remote Code Execution via Pickled Objects in Plone 2.5 and 3.0 Wesnoth WML Engine Preprocessor Directory Traversal Vulnerability Improper Access Control in ViewVC 1.0.3 with Forbidden Configuration Option Heap-based Buffer Overflows in OpenOffice.org: Remote Code Execution Vulnerability OpenOffice.org Integer Overflow Vulnerability in EMF File Processing Integer Underflow Vulnerability in OpenOffice.org Allows Remote Code Execution Weak Permissions on Liferea Feedlist.opml Backup File Allows Credential Theft Unauthenticated Account Creation with Admin Privileges in PHP-AGTC Membership System 1.1a Unspecified Vulnerability in LightFMan PHP (lfman or lightfman) Before 2.0rc1: Actions-related Attack Vector PHP Remote File Inclusion Vulnerability in phpFaber URLInn 2.0.5 AOL AmpX ActiveX Control Multiple Stack-Based Buffer Overflow Vulnerabilities Privilege Escalation via Crafted IOCTL Requests in WinPcap Untrusted Search Path Vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 and 9 Stack-based Buffer Overflow in db2dasrrm in IBM DB2 Universal Database XFree86-Misc Extension Array Index Error Vulnerability Weak Permissions in NantSys Device Interface (nantsys.sys) in Motorola netOctopus 5.1.2 Build 1011 Arbitrary Code Execution Vulnerability in NICM.SYS Driver 3.0.0.4 Buffer Overflow Vulnerability in pioout Program in IBM AIX SQL Injection Vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 Heap-based Buffer Overflow in Novell BorderManager 3.8 Client Trust Application Cleartext Transmission of Credentials in Globe7 Soft Phone Client 7.3 Double Free Vulnerability in netkit-ftp's getreply Function Lack of Common Name Verification in Ruby SSL Libraries Remote Code Execution in Flatnuke 3 via myforum%00 Cookie Direct static code injection vulnerability in Flatnuke 3 Download Module CSRF Vulnerability in Flatnuke 3 File Manager Module Sensitive Information Disclosure in Flatnuke 3 File Manager Module Unspecified Arbitrary Code Execution Vulnerability in BitDefender (CVE-2007-1024) Arbitrary File Read Vulnerability in Blue-Collar Productions i-Gallery 3.4 Insufficient Access Control in Blue-Collar Productions i-Gallery 3.4 Allows Remote Password Disclosure Cleartext Storage and Transmission of Login Credentials in Mobile Spy Buffer Overflow in GomManager ActiveX Control Allows Remote Code Execution Teatro 1.6 pub/pub08_comments.php Remote File Inclusion Vulnerability Sige 0.1 - Remote File Inclusion Vulnerability in inc/sige_init.php FireConfig 0.5 dl.php Directory Traversal Vulnerability SQL Injection Vulnerability in emc.asp in emagiC CMS.Net 4.0 CaupoShop Pro 2.x - PHP Remote File Inclusion Vulnerability in index.php SQL Injection Vulnerability in JobSite Professional 2.0: Remote Code Execution via id Parameter in file.php Multiple PHP Remote File Inclusion Vulnerabilities in GoSamba 1.0.1 Insufficient Access Control in Micro Login System 1.0 Allows Password Disclosure Buffer Overflow Vulnerability in Grandstream HT-488 0.1 SIP Parser Denial of Service Vulnerability in Grandstream HT-488 0.1 Weak Cryptography in Globe7 Soft Phone Client 7.3: A Potential Breach of Sensitive Information Vonage Motorola Phone Adapter VT 2142-VD SIP INVITE Spoofing Vulnerability Unencrypted RTP packets in Vonage Motorola Phone Adapter VT 2142-VD: A Potential Eavesdropping Vulnerability Fullwidth/Halfwidth Unicode Encoding Vulnerability in Stonesoft StoneGate IPS Race condition vulnerability in nss_ldap leading to improper handling of LDAP connection and potential data leakage Emacs Local Variables Bypass Vulnerability Arbitrary Web Script Injection in Blue Coat ProxySG Management Console Authentication Bypass Vulnerability in Apache Geronimo SQLLoginModule Cross-Site Scripting (XSS) Vulnerabilities in IBM WebSphere Application Server UDDI User Console Cross-Site Request Forgery (CSRF) Vulnerabilities in IBM WebSphere Application Server UDDI User Console Multiple PHP Remote File Inclusion Vulnerabilities in BackUpWordPress Plugin for WordPress Unspecified Ajax Pages Vulnerability in WORK System E-commerce 4.0.2 Directory Traversal Vulnerability in Firewolf Technologies Synergiser 1.2 RC1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Nagios CGI Programs Arbitrary File Overwrite and World Writability Vulnerability in cfgcon Incomplete Fix for Arbitrary File Creation Vulnerability in IBM AIX 5.2 and 5.3 Arbitrary Web Script Injection in ILIAS 3.8.3 and Earlier Buffer Overflow in Ultra Star Reader ActiveX Control Allows Remote Code Execution Unspecified vulnerability in Groupmax Collaboration - Schedule component in Hitachi Groupmax Collaboration Portal, uCosminexus Collaboration Portal, and Groupmax Collaboration Web Client Arbitrary Web Script Injection Vulnerability in Hitachi Web Server 01-00 through 03-10 SSL Client Certificate Spoofing Vulnerability in Hitachi Web Server Directory Traversal Vulnerability in PageTraiteDownload.php in phpMyConferences 8.0.2 and earlier Arbitrary File Read Vulnerability in ModuleBuilder 1.0 Directory Traversal Vulnerabilities in ISPworker 1.21's download.php Multiple Buffer Overflows in SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX Control Absolute Path Traversal Vulnerability in WebCacheCleaner ActiveX Control 1.3.0.3 in SonicWall SSL-VPN Sensitive Author Credentials Disclosure in CONTENTCustomizer 3.1mp and Earlier Remote Code Execution and Cross-Site Scripting (XSS) Vulnerability in dialog.php in CONTENTCustomizer 3.1mp and earlier CSRF Vulnerability in sBlog 0.7.3 Beta Allows Arbitrary Block Changes Unrestricted Write Permissions in IBM Tivoli CDP 3.1.0 Central Admin Global Download Directory Ax Developer CMS (AxDCMS) 0.1.1 Directory Traversal Vulnerability Directory Traversal Vulnerabilities in DM Guestbook 0.4.1 and Earlier Direct static code injection vulnerability in Ben Ng Scribe 0.2 and earlier: Remote PHP code injection via username parameter in Register action Arbitrary File Creation/Overwrite Vulnerability in Ben Ng Scribe 0.2 and Earlier Denial of Service Vulnerability in Firefly Media Server 0.2.4 and Earlier Format String Vulnerability in mt-dappd Allows Remote Code Execution EDraw Flowchart ActiveX Control Absolute Path Traversal Vulnerability Weak Permissions in iSCSI Enterprise Target (iscsitarget) 0.4.15 Allow Local Users to Obtain Passwords CSRF Vulnerability in Django 0.96 Admin Panel Allows Password Change Privilege Escalation via Weak Permissions in Symantec AntiVirus for Macintosh and Norton AntiVirus for Macintosh Denial of Service Vulnerability in Avaya Messaging Storage Server (MSS) and Message Networking (MN) 3.1 Directory Traversal Vulnerability in SSL-Explorer before 0.2.14 Unspecified HTTP Transaction Injection Vulnerability in SSL-Explorer before 0.2.15 Cross-Site Scripting (XSS) Vulnerabilities in BosDev BosMarket Business Directory System BosDev BosNews 4 Cross-Site Scripting (XSS) Vulnerability Unauthenticated Remote Code Execution and Admin Account Creation in BosDev BosNews 4 and 5 SQL Injection Vulnerability in Amazing Flash AFCommerce Arbitrary Command Execution in yarssr 0.2.2 via GUI.pm Vulnerability Privilege Escalation via Enable Key-Based Authentication in Symantec Altiris Deployment Solution 6.x Arbitrary File Overwrite Vulnerability in BitchX 1.1a Remote File Inclusion Vulnerability in Fred Stuurman SyndeoCMS 2.5.01 Remote File Inclusion Vulnerability in nuBoard 0.5 Allows Arbitrary PHP Code Execution Arbitrary PHP Code Execution via Remote File Inclusion in Vortex Portal 1.0.42 Remote File Inclusion Vulnerability in scWiki 1.0 Beta 2: Arbitrary PHP Code Execution Arbitrary File Inclusion Vulnerability in GuppY 4.6.3 Arbitrary File Inclusion and Authentication Bypass Vulnerability in GuppY 4.6.3 and Earlier Denial of Service Vulnerability in net-snmp SNMP Agent Insecure Permissions Vulnerability in CFURLWriteDataAndPropertiesToResource API Buffer Overflow Vulnerability in CUPS Service on Apple Mac OS X 10.4.11 Arbitrary Code Execution via SNMP Response in CUPS 1.2-1.3.4 Heap-based Buffer Overflow in Apple Mac OS X 10.4.11 Desktop Services Automatic Video Connection Vulnerability in iChat Memory Corruption Vulnerability in Apple Mac OS X 10.4.11 IO Storage Family Cross-Site Scripting (XSS) Vulnerability in Launch Services in Apple Mac OS X 10.4.11 and 10.5.1 Plaintext Authentication Vulnerability in Apple Mac OS X Mail Remote Information Disclosure Vulnerability in Quick Look Plug-ins Quick Look in Apple Mac OS X 10.5.1 URL Access Vulnerability Cross-Site Scripting (XSS) Vulnerability in WebKit Safari on Apple Mac OS X, iPhone, and iPod Touch Memory Corruption Vulnerability in Safari RSS in Apple Mac OS X 10.4.11 Insecure File Operation Vulnerability in Spin Tracer in Apple Mac OS X 10.5.1 Spotlight Vulnerability in Mac OS X 10.4.11 Allows Arbitrary Code Execution via Crafted .XLS File Keychain Access Control Bypass Vulnerability in Java for Mac OS X 10.4 through 10.4.11 Remote Code Execution via Man-in-the-Middle Attack in Apple Mac OS X 10.5.1 Software Update Arbitrary SQL Command Execution in ASP Message Board 2.2.1c Arbitrary Script Injection in Coppermine Photo Gallery (CPG) displayecard.php PHP Remote File Inclusion Vulnerabilities in IDMOS 1.0 Alpha (Phoenix) Directory Traversal Vulnerability in easyGB 2.1.1 via DatabaseType Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in ManageEngine OpManager MSP Edition and OpManager 7.0 Stack-based Buffer Overflow in pdg2.dll ActiveX Control in SSReader 4.0 and Earlier Denial of Service Vulnerability in C++ Sockets Library (HTTPSocket.cpp) Uninitialized Variable in gssftp FTP Server in MIT Kerberos 5 Denial of Service Vulnerability in Mozilla Firefox 2.0.0.9 Buffer Overflow Vulnerability in MDSYS.SDO_CS TRANSFORM Function in Oracle Database Server PHP htmlentities and htmlspecialchars Functions Partial Multibyte Sequence Vulnerability Remote Information Disclosure Vulnerability in PHP's output_add_rewrite_var Function Local Privilege Escalation in PHP 5.2.5 and earlier versions Use-after-free vulnerability in gss_indicate_mechs function in MIT Kerberos 5 (krb5) Integer Overflow in svcauth_gss_get_principal Function in MIT Kerberos 5 Allows Remote Attackers to Cause Unknown Impact Buffer Overflow Vulnerabilities in CIFS VFS in Linux Kernel 2.6.23 and Earlier Session Hijacking Vulnerability in Adobe ColdFusion 8 and MX 7 Denial of Service Vulnerability in Xen 3.1.1 via Debug Register (DR7) Denial of Service Vulnerability in Xen 3.1.1 Allows Modification of CR4 TSC Multiple stack-based buffer overflows in Autonomy KeyView Viewer, Filter, and Export SDK before 9.2.0.12 Stack-based Buffer Overflow in Autonomy KeyView Viewer, Filter, and Export SDK Allows Remote Code Execution via Crafted WordPerfect (WPD) File Multiple stack-based buffer overflows in AxMetaStream ActiveX control in Viewpoint Media Player 3.2 Remote SQL Injection Vulnerability in jPORTAL 2's mailer.php via the to Parameter Unauthenticated Remote Code Execution and Account Takeover in JBC Explorer Direct static code injection vulnerability in JBC Explorer 7.20 RC1 and earlier Directory Traversal Vulnerability in phphelpdesk 0.6.16 Allows Remote File Inclusion SQL Injection Vulnerability in phphelpdesk 0.6.16 Login Page Allows Remote Code Execution Arbitrary Privileged Account Addition via CSRF in Skalinks 1.5 and Earlier CSRF vulnerability in MS TopSites add-on for PHP-Nuke allows unauthorized account changes Insufficient Access Control in MyWebFTP Allows Remote Retrieval of MD5 Password Hash Directory Traversal Vulnerability in Domenico Mancini PicoFlat CMS before 0.4.18 Unspecified Denial of Service Vulnerability in Solaris Volume Manager (SVM) Cypress 1.0k BitchX Script Backdoor Vulnerability Cross-site scripting (XSS) vulnerability in CA eTrust SiteMinder Agent in forms/smpwservices.fcc Arbitrary Web Script Injection Vulnerability in IBM Lotus Domino Denial of Service Vulnerability in MySQL 5.1.23-BK and Earlier Arbitrary Command Execution in OpenBase 10.0.5 and Earlier OpenBase 10.0.5 Directory Traversal Vulnerability Arbitrary Memory Write Vulnerability in OpenBase 10.0.5 and Earlier Buffer Overflow Vulnerability in OpenBase 10.0.5 and Earlier: Remote Code Execution and Denial of Service Arbitrary Web Script Injection Vulnerability in Cerberus FTP Server Unverified Privilege Check in OrangeHRM Allows Unauthorized Data Access Multiple Cross-Site Scripting (XSS) Vulnerabilities in Fatwire Content Server (CS) CMS 6.3.0 Denial of Service Vulnerability in Pioneers (formerly gnocatan) before 0.11.3 URL Injection Vulnerability in PEAR MDB2 Arbitrary Code Execution via Long href Tag in dvips Local File Disclosure and Modification Vulnerability in dvips Buffer Overflow Vulnerabilities in dviljk: Arbitrary Code Execution via Crafted DVI Input File Dereferencing NULL Pointer in iwl_set_rate Function in iwlwifi 1.1.21 and Earlier Memory Allocation Vulnerability in Heimdal 0.7.2's gss_userok Function Arbitrary File Overwrite and Code Execution Vulnerability in feynmf 1.08 Stack-based Buffer Overflow in Adobe Shockwave SWCtl.SWCtl ActiveX Control Bandersnatch 0.4 Path Disclosure Vulnerability Information Disclosure Vulnerability in Simple Machines Forum (SMF) 1.1.4 Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 5.1.1.4 through 5.1.1.16 via Expect HTTP header Information Disclosure Vulnerability in USVN before 0.6.5 Unspecified Local Access Vulnerability in Aries PA-RISC Emulator on HP-UX B.11.23 and B.11.31 Cross-Site Scripting (XSS) Vulnerability via jar: URI in Mozilla Firefox and SeaMonkey Cross-Site Scripting (XSS) Vulnerabilities in SF-Shoutbox 1.2.1 through 1.4 Arbitrary Web Script Injection Vulnerability in IBM Tivoli Service Desk 6.2 NetCommons Multiple Cross-Site Scripting (XSS) Vulnerabilities Arbitrary SQL Command Execution in E-Vendejo 0.2 via articles.php Cross-Site Scripting (XSS) Vulnerability in Helios Calendar 1.2.1 Beta Unspecified Information Disclosure Vulnerability in Really Simple CalDAV Store (RSCDS) XSS Vulnerability in JLMForo System's buscador.php Allows Remote Code Injection via clave Parameter Arbitrary Web Script Injection Vulnerability in updir.php in UPDIR.NET Privilege Escalation via Directory Traversal in IBM Informix Dynamic Server Denial of Service Vulnerability in IBM Informix Dynamic Server (IDS) on Windows File Existence Disclosure Vulnerability in X.Org Xserver Unspecified Memory Corruption Vulnerabilities in Mozilla Firefox and SeaMonkey Referer Spoofing Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Web Script Injection Vulnerability in Red Hat Network Channel Search Feature Memory Leak Vulnerability in vsftpd 2.0.5 Patch on Red Hat-based Linux Systems Unspecified Denial of Service Vulnerability in KDEbase Privilege Escalation via Default Configuration of autofs 5 in Linux Distributions Insecure SSL Certificate Verification in Trolltech Qt 4.3.0 through 4.3.2 Integer Overflow in hrtimer_start Function in Linux Kernel Mozilla's Embedded Certificate Code Vulnerability: Unauthorized Installation of Root Certificates MySQL Server Symlink Privilege Escalation Vulnerability Arbitrary Table Privilege Escalation via DATA DIRECTORY and INDEX DIRECTORY Options Double Free Vulnerability in gss_krb5int_make_seal_token_v3 Function in MIT Kerberos 5 Double free vulnerability in krb5_def_store_mkey function in MIT Kerberos 5 (krb5) 1.5 allows remote authenticated attackers to execute arbitrary code or cause a denial of service. SQL Injection Vulnerability in JPortal 2.3.1 and Earlier: Remote Code Execution via articles.php SQL Injection Vulnerability in JPortal 2's mailer.php Allows Remote Code Execution SQL Injection Vulnerability in index.php in TBSource Arbitrary SQL Command Execution in phpMyAdmin's db_create.php Arbitrary Code Injection via Hex-encoded IMG Element in phpMyAdmin Arbitrary SQL Command Execution in mylinks module for XOOPS Arbitrary Web Script Injection in F5 Firepass 4100 SSL VPN Arbitrary Web Script Injection in eggblog before 3.1.1 Denial of Service Vulnerability in Lantronix SCS3200 Multiple Cross-Site Scripting (XSS) Vulnerabilities in X7 Chat 2.0.4 and 2.0.5 Arbitrary Web Script Injection in Justin Hagstrom AutoIndex PHP Script Denial of Service (CPU and Memory Consumption) Vulnerability in Justin Hagstrom AutoIndex PHP Script Multiple Cross-Site Scripting (XSS) Vulnerabilities in BtiTracker before 1.4.5 Arbitrary SQL Command Execution in BtiTracker before 1.4.5 Bypassing Guest Torrent Viewing Protection in BtiTracker Arbitrary User Posting Vulnerability in BtiTracker 1.4.4 Shoutbox Skype4com URI Handler Heap Corruption Vulnerability Arbitrary Web Script Injection in ExoPHPdesk User Profiles ExoPHPdesk index.php SQL Injection Vulnerability SQL Injection Vulnerability in datecomm Social Networking Script Arbitrary Web Script Injection Vulnerability in VTLS Web Gateway Remote File Inclusion Vulnerability in Fritz Berger Yappa-ng 2.3.2 Remote File Inclusion Vulnerability in patBBcode 1.0 Softbiz Link Directory Script SQL Injection Vulnerability in searchresult.php SQL Injection Vulnerability in Softbiz Banner Exchange Network Script 1.0: Remote Code Execution via campaign_stats.php SQL Injection Vulnerability in Softbiz Ad Management Plus Script 1 SQL Injection Vulnerability in Softbiz Auctions Script's product_desc.php Denial of Service Vulnerability in KDE Konqueror 3.5.6 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Bandersnatch 0.4 index.php Arbitrary Script Injection in Fenriru and Grani Search Field Thomson SpeedTouch 716 Firmware 5.4.0.14 Cross-Site Scripting (XSS) Vulnerability in cgi/b/ic/connect SQL Injection Vulnerabilities in Toko Instan 7.6: Remote Code Execution Denial of Service Vulnerability in GpcContainer.GpcContainer.1 ActiveX Control in WebEx Unspecified Authorization Mechanism Vulnerability in TestLink before 1.7.1 Heap-based Buffer Overflow in ACDSee Photo Manager 9.0, Pro Photo Manager 8.1, and Photo Editor 4.0 Heap-based Buffer Overflow in Autonomy KeyView Viewer, Filter, and Export SDK Multiple Buffer Overflows in ACD Products via Long Section String in XBM and XPM Files Denial of Service Vulnerability in Pioneers (formerly Gnocatan) 0.11.3 Unspecified Authentication Bypass Vulnerability in BugHotel Reservation System before 4.9.9 P3 SQL Injection Vulnerability in SearchR.asp in DocuSafe 4.1.0 and 4.1.2 WordPress Authentication Bypass Vulnerability SQL Injection Vulnerability in Beehive Forum 0.7.1 and Earlier: Remote Code Execution via post.php Remote Code Execution Vulnerability in Samba 3.0.0 through 3.0.27a Multiple Stack-Based Buffer Overflows in Symantec Backup Exec for Windows Server Arbitrary File Overwrite and Denial of Service in Symantec Backup Exec for Windows Server Unvalidated HTTP Requests in IMP Webmail Client, Horde Application Framework, and Horde Groupware Webmail Edition Arbitrary Code Execution Vulnerability in Adobe Flash Player (CVE-2007-0071) Multiple stack-based buffer overflows in foliosr.dll in Autonomy KeyView 10.3.0.0 Adobe PageMaker 7.0.1 and 7.0.2 Font Structure Buffer Overflow Vulnerability Stack-based Buffer Overflow in wpa_supplicant Driver_wext.c Stack-based Buffer Overflow in Microsoft Jet Engine (msjet40.dll) 4.0.8618.0 Remote File Inclusion Vulnerability in Carousel Flash Image Gallery Component for Joomla! Stack-based buffer overflows in ComponentOne FlexGrid 7.1 Light ActiveX Control Remote Code Execution Vulnerability in ClamAV 0.91.1 and 0.91.2 via Crafted Email Message Unspecified Remote Vulnerability in Weird Solutions BOOTPTurbo 1.2 Unspecified Denial of Service Vulnerability in VanDyke VShell 3.0.1 SQL Injection Vulnerability in Aleris Web Publishing Server 3.0: Remote Code Execution via calendar/page.asp Insecure Permissions in Invensys Wonderware InTouch 8.0 Allow Remote Code Execution Arbitrary SQL Command Execution in Cacti graph.php Denial of Service Vulnerability in LIVE555 Media Server 2007.11.01 and Earlier Arbitrary Web Script Injection Vulnerability in Citrix NetScaler 8.0 build 47.8 Remote File Inclusion Vulnerability in JUser (com_juser) 1.0.14 Component for Joomla! Denial of Service Vulnerability in PHP 5.2.5 and Earlier Denial of Service Vulnerability in Belkin F5D7230-4 Wireless G Router Buffer Overflow in Rigs of Rods Server Allows Remote Code Execution Remote File Inclusion Vulnerability in SWSoft Confixx Professional 3.2.1 Predictable Value Generation Vulnerability in CryptGenRandom Function Unspecified Memory Corruption Vulnerabilities in IBM WebSphere MQ 6.0 Unspecified Vulnerability in DB2WATCH and DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 Unspecified Local Privilege Escalation Vulnerability in IBM DB2 UDB 9.1 Arbitrary Command Execution Vulnerability in IBM DB2 UDB 9.1 Incorrect Permissions on ACLs for DB2NODES.CFG in IBM DB2 UDB 9.1 before Fixpak 4 Unspecified SSL LOAD GSKIT Vulnerability in IBM DB2 UDB 9.1 Unspecified Vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 Incorrect Privilege Assignment in IBM DB2 UDB 9.1 before Fixpak 4 Denial of Service Vulnerability in IBM DB2 UDB 9.1 before Fixpak 4 Potential Memory Corruption Vulnerability in IBM DB2 UDB 9.1 before Fixpak 4 Aruba 800 Mobility Controller XSS Vulnerability in Login Page Cross-site scripting (XSS) vulnerability in Liferay Portal 4.1.0 and 4.1.1 Remote Code Execution Vulnerability in Aida-Web's frame.html Remote File Inclusion Vulnerability in datecomm Social Networking Script (aka Myspace Clone Script) Allows Arbitrary Code Execution Multiple SQL Injection Vulnerabilities in ProfileCMS 1.0 and Earlier Denial of Service Vulnerability in Javamail Connection Pool ZIP File Filename Length Denial of Service Vulnerability Vulnerability: Predictable Temporary Directory Creation in Audacity 1.3.2 Denial of Service Vulnerability in ngIRCd 0.10.3 and earlier Buffer Overflow in isdn_net_setcfg Function in Linux Kernel 2.6.23 Algorithmic Complexity Vulnerability in TCL Regular Expression Parser Incomplete Fix for Session Fixation Vulnerability in Ruby on Rails Multiple SQL Injection Vulnerabilities in SkyPortal RC6 Directory Traversal Vulnerability in bcoos 1.0.10: Arbitrary File Inclusion via xoopsOption[pagetype] Parameter SQL Injection Vulnerability in Banners Module of bcoos 1.0.10 and 1.0.13 Unsecured Default root Account in AdventNet EventLog Analyzer Allows Remote Privilege Escalation and Log Modification Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel IceBB 1.0-rc6 SQL Injection Vulnerability in admin/index.php SQL Injection Vulnerability in HotScripts Clone Script's software-description.php Cross-Site Scripting (XSS) Vulnerabilities in VigileCMS 1.4 Arbitrary File Inclusion Vulnerability in VigileCMS 1.4 CSRF Vulnerability in VigileCMS 1.4 Allows Unauthorized Password Change Arbitrary PHP Code Execution via Remote File Inclusion in phpBBViet 02.03.07 and Earlier Remote File Inclusion Vulnerability in meBiblio 0.4.5: Arbitrary PHP Code Execution Arbitrary Script Injection in Nuked-Klan 1.7.5 index.php Multiple SQL Injection Vulnerabilities in JiRo's Banner System (JBS) 2.0 and JiRo's Upload Manager (JUS) Login Page Buffer Overflow Vulnerability in libsrtp in Ingate Firewall and SIParator Denial of Service Vulnerability in Ingate Firewall and SIParator Denial of Service Vulnerability in Ingate Firewall and SIParator VPN Component Improper User Registration and Message Distribution in Ingate Firewall and SIParator Cleartext Storage of Passwords in Ingate Firewall and SIParator Unspecified ICMP Vulnerability in Ingate Firewall and SIParator Ingate Firewall and SIParator Vulnerability: Unlogged Packets and Serial-Console Login Attempts Unspecified vulnerability in Ingate Firewall and SIParator before 4.6.0 allows unauthorized activities through open media pinholes upon SIP module restart Arbitrary Web Script Injection in phpMyAdmin Cookie Authentication Denial of Service Vulnerability in Ability Mail Server before 2.61 Feed2JS 1.91 XSS Vulnerability: Remote Script Injection via Feed URL Denial of Service Vulnerabilities in IHU 0.5.6 and Earlier Arbitrary Web Script Injection Vulnerability in FileMaker Pro and Server PHP Remote File Inclusion Vulnerabilities in TalkBack 2.2.7 SQL Injection Vulnerability in AlstraSoft E-Friends 4.98 and Earlier: Remote Code Execution via seid Parameter Stack-based Buffer Overflow in Emacs Arbitrary Script Injection via htsearch Sort Parameter Multiple Denial of Service Vulnerabilities in Wireshark Buffer Overflow Vulnerability in Wireshark (formerly Ethereal) 0.99.6 PPP Dissector DNP3 Dissector Integer Signedness Denial of Service Vulnerability Buffer overflow vulnerabilities in Wireshark 0.99.0 through 0.99.6: Remote code execution and denial of service Buffer Overflow Vulnerability in Wireshark ANSI MAP Dissector Denial of Service Vulnerability in Firebird/Interbase Dissector in Wireshark 0.99.6 HTTP Dissector Denial of Service and Arbitrary Code Execution Vulnerability Denial of Service Vulnerability in MEGACO Dissector in Wireshark Denial of Service Vulnerability in DCP ETSI Dissector in Wireshark 0.99.6 Bluetooth SDP Dissector Denial of Service Vulnerability Denial of Service Vulnerability in Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 via Malformed RPC Portmap Packet Denial of Service Vulnerability in IRC Services Default_Encrypt Function Unspecified Vulnerability in IRC Services 5.1.8: Unknown Impact and Attack Vectors Arbitrary Web Script Injection Vulnerability in Softbiz Freelancers Script 1 Softbiz Freelancers Script 1 SQL Injection Vulnerability in search_form.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Project Alumni 1.0.9 and Earlier SQL Injection Vulnerabilities in Project Alumni 1.0.9 and Earlier: Remote Code Execution SQL Injection Vulnerability in events.php in WorkingOnWeb 2.0.1400 Amber Script 1.0 Directory Traversal Vulnerability Vulnerability: Lack of Password Protection in gnump3d 2.9final Plugins Arbitrary File Overwrite Vulnerability in buttonpressed.sh DevMass Shopping Cart 1.0 Remote File Inclusion Vulnerability SQL Injection Vulnerability in PHPKIT 1.6.4pl1: Remote Code Execution via contentid Parameter Arbitrary Web Script Injection in PHPSlideShow 0.9.9.2 via directory parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in M2Scripts MySpace Scripts Poll Creator SQL Injection Vulnerability in Content Injector 1.52 Allows Remote Code Execution SQL Injection Vulnerability in VU Mass Mailer's redir.asp Allows Remote Code Execution Remote File Inclusion Vulnerability in Mp3 ToolBox 1.0 beta 5: Arbitrary PHP Code Execution Multiple SQL Injection Vulnerabilities in Dora Emlak 2.0 vBTube 1.1 Beta Cross-Site Scripting (XSS) Vulnerability in vBTube.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in ph03y3nk Just Another Flat File (JAF) CMS 4.0 RC2 SQL Injection Vulnerability in VU Case Manager Login Page Heap-based Buffer Overflow in Xunlei Thunder ActiveX Control Authentication Bypass Vulnerability in Hitachi JP1/File Transmission Server/FTP Denial of Service Vulnerability in Hitachi JP1/File Transmission Server/FTP Multiple PHP Remote File Inclusion Vulnerabilities in IAPR COMMENCE 1.3 Edge Server Use-After-Free Vulnerability in Adobe Flash Media Server and Connect Enterprise Server Integer Overflow Vulnerability in Adobe Flash Media Server and Connect Enterprise Server Vulnerability: Information Leakage in Random Device State Tracking Buffer Overflow Vulnerability in Linux Kernel 2.6.23's isdn_ioctl Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in BASE Analysis and Security Engine (BASE) before 1.3.9 Arbitrary Script Injection in SimpleGallery 0.1.3 via album Parameter SQL Injection Vulnerabilities in Proverbs Web Calendar 1.1 and Earlier SQL Injection Vulnerability in Tilde CMS 4.x and Earlier: Remote Code Execution via aarstal Parameter Arbitrary Web Script Injection in Tilde CMS 4.x and Earlier Sensitive Information Disclosure in Tilde CMS 4.x and Earlier via Search Parameter Arbitrary Web Script Injection in FMDeluxe 2.1.0 via index.php SQL Injection Vulnerability in GOUAE DWD Realty Admin Panel SQL Injection Vulnerabilities in Eurologon CMS: Remote Code Execution Arbitrary Code Execution via AppleDouble Attachment in Mac OS X Leopard (10.5.1) Mail Stack-based Buffer Overflow in Apple QuickTime RTSP Handling Untrusted Search Path Vulnerability in yast2-core: Arbitrary Code Execution SQL Injection Vulnerability in VU Case Manager's default.asp Allows Remote Code Execution SQL Injection Vulnerability in GOUAE DWD Realty Admin Panel SQL Injection Vulnerability in Asterisk CDR PostgreSQL Logging Engine SQL Injection Vulnerability in Postgres Realtime Engine in Asterisk 1.4.x and C.x before C.1.0-beta6 SQL Injection Vulnerabilities in wpQuiz 2.7 Cross-site scripting (XSS) vulnerability in Liferay Enterprise Portal 4.3.1 in c/portal/login Privilege Escalation in PHPDevShell before 0.7.0 Remote Code Execution Vulnerability in Lhaplus 1.55 and Earlier via Crafted LZH Archive Arbitrary Command Execution in kb_whois.cgi in K+B-Bestellsystem Remote File Inclusion Vulnerability in PHP_CON 1.3 via Exchange/include.php PHP Remote File Inclusion Vulnerabilities in Easy Hosting Control Panel for Ubuntu (EHCP) 0.22.8 and Earlier PHP Remote File Inclusion Vulnerabilities in Charray's CMS 0.9.3 Race condition in Solaris RPC kernel module allows local denial of service Heap-based Buffer Overflow in Cygwin1.dll Allows Arbitrary Code Execution Local Privilege Escalation in ISPsystem ISPmanager 4.2.15.1 via Shell Metacharacters Format String Vulnerability in Ruby-GNOME 2 (Ruby/Gnome2) 0.16.0 and earlier versions Arbitrary File Inclusion Vulnerability in Project Alumni 1.0.9 Eurologon CMS Directory Traversal Vulnerability Unspecified Vulnerability in PHPDevShell before 0.7.0 Involving Database Repair and Optimization Directory Traversal Vulnerabilities in PHP Content Architect (NoAh) 0.9 pre 1.2 and Earlier Directory Traversal Vulnerabilities in TuMusika Evolution 1.7R5 Heap-based Buffer Overflow in BitDefender Online Anti-Virus Scanner 8.0 Remote Eavesdropping Vulnerability in Cisco Unified IP Phone with Extension Mobility Armin Burger p.mapper 3.2.0 beta3 Multiple PHP Remote File Inclusion Vulnerabilities Weak Encryption of Credentials in Citrix NetScaler 8.0 Web Management Interface Information Disclosure Vulnerability in Citrix NetScaler 8.0 Build 47.8 Unspecified Remote Access Vulnerability in HP Select Identity 4.01 and 4.1x Buffer Overflow in sw_rpc_agent_init function in HP-UX Software Distributor (SD) Allows Remote Code Execution or Denial of Service Arbitrary Web Script Injection in Calacode @Mail 5.2 via util.php Information Disclosure Vulnerability in Plumtree Portal Username Enumeration Vulnerability in Plumtree Portal Vulnerability: Unauthorized Access to Restricted Files via Symlink in rsync Vulnerability in rsync allows remote attackers to bypass file exclusions and access hidden files Denial of Service and Command Execution Vulnerability in Wesnoth 1.2.x and 1.3.x SQL Injection Vulnerability in Neocrome Seditio CMS 121 and Earlier: Remote Code Execution via pag_sub[] Parameter Cross-Site Scripting (XSS) Vulnerability in Apache HTTP Server 2.0.x and 2.2.x Stack-based Buffer Overflow Vulnerabilities in HP OpenView Network Node Manager (OV NNM) Remote RSS Sidebar Plugin XSS Vulnerability in S9Y Serendipity before 1.2.1 Insecure Core Dump File Handling in Linux Kernel Memory Reading Vulnerability in Xen 3.x on IA64 Systems Arbitrary File Overwrite Vulnerability in sylprint.pl in Claws Mail Tools Symlink Attack Vulnerability in zsh 4.3.4's Util/difflog.pl Privilege Escalation in ZABBIX UserParameter Scripts Local Privilege Escalation via ICMP Nasty Garbage (sing) on Debian GNU/Linux Arbitrary File Read Vulnerability in KML Share 1.1 Directory Traversal Vulnerabilities in WebED 0.0.9 mod/chat/index.php LearnLoop 2.0 beta7 Directory Traversal Vulnerability Directory Traversal Vulnerabilities in Web-MeetMe 3.0.3: Arbitrary File Read Race condition vulnerability in Fibre Channel protocol (fcp) driver and Devices filesystem (devfs) in Sun Solaris 10 SQL Injection Vulnerabilities in Irola My-Time (aka Timesheet) 3.5 Login Page Multiple PHP Remote File Inclusion Vulnerabilities in Ossigeno CMS 2.2 pre1 Arbitrary Web Script Injection Vulnerability in IBM Tivoli Netcool Security Manager 1.3.0 Divide-by-Zero Denial of Service Vulnerability in typespeed before 0.6.4 Information Disclosure Vulnerability in TuMusika Evolution 1.7R5 Bypassing Access Restrictions in CRM-CTT Interleave 4.2.0 SQL Injection Vulnerability in phpBB Garage 1.2.0 Beta3 Denial of Service Vulnerability in RealPlayer 11's RealAudio ActiveX Control Denial of Service Vulnerability in Sun Solaris 10 64bit Mode on x86 Platform Authentication Bypass Vulnerability in APC AP7932 PDU QEMU 0.9.0 TranslationBlock Buffer Overflow Vulnerability Stack-based Buffer Overflow in Yahoo! Toolbar 1.4.1 ActiveX Control Remote File Inclusion Vulnerability in Rayzz Script 2.0 Directory Traversal Vulnerability in Rayzz Script 2.0 Multiple PHP Remote File Inclusion Vulnerabilities in Tellmatic 1.0.7 Arbitrary Web Script Injection in FTP Admin 0.1.0 via XSS Vulnerability Directory Traversal Vulnerability in FTP Admin 0.1.0 Allows Remote File Inclusion Authentication Bypass Vulnerability in FTP Admin 0.1.0 RealPlayer 11 ActiveX Control Denial of Service Vulnerability Denial of Service Vulnerability in Microsoft Windows Media Player Arbitrary Email Address Change Vulnerability in DeluxeBB 1.09 Unspecified Remote Code Execution Vulnerability in Apple QuickTime 7.2 on Windows XP Denial of Service Vulnerability in Squid Cache Update Reply Processing SQL Injection Vulnerability in Snitz Forums 2000 3.4.06 - Remote Code Execution via active.asp Unspecified Critical Vulnerabilities in Beehive Forum 0.7.1 Unspecified Remote Code Execution Vulnerability in Adobe Flash Player 9.0.48.0 and Earlier Cross-Domain Policy File Interpretation and XSS Vulnerability in Adobe Flash Player Cross-Site Scripting (XSS) Vulnerabilities in Adobe Flash Player 9.x and 8.x HTTP Request Splitting Vulnerability in Adobe Flash Player Insecure Memory Permissions in Adobe Flash Player on Linux Weak Permissions in etc-update Merge File on Gentoo Linux AOLMediaPlaybackControl Stack-Based Buffer Overflow Vulnerability Multiple Stack-Based Buffer Overflows in Learn2 Corporation STRunner ActiveX Control Buffer overflow vulnerabilities in Adobe Form Designer and Form Client ActiveX controls Stack-based Buffer Overflow in SAP Business Objects RptViewerAX ActiveX Control Buffer Overflow in Microsoft HeartbeatCtl ActiveX Control in HRTBEAT.OCX Allows Remote Code Execution Stack-based buffer overflows in mod_jk2 Apache module allow remote code execution Default Password Vulnerability in Oracle 10g and llg Installation Process Integer Overflow in Mach-O Loader Allows for Denial of Service Recursive Plugin Release Vulnerability in VideoLAN VLC 0.8.6 Uninitialized File Stream Vulnerability in netkit-ftpd 0.17 Unspecified Remote Code Execution Vulnerability in avast! 4 Home and Professional Editions Multiple SQL Injection Vulnerabilities in bcoos 1.0.10 and Earlier Insecure Storage of Database Credentials in Citrix EdgeSight Absolute News Manager.NET 5.1 Directory Traversal Vulnerability SQL Injection Vulnerabilities in Absolute News Manager.NET 5.1 Cross-Site Scripting (XSS) Vulnerabilities in Absolute News Manager.NET 5.1 Information Disclosure Vulnerability in Absolute News Manager.NET 5.1 Multiple SQL Injection Vulnerabilities in Joomla! 1.5 RC3 Format string vulnerabilities in SonicWALL Global VPN Client 3.1.556 and 4.0.0.810 Cross-Site Scripting (XSS) Vulnerabilities in Event Calendar Module of bcoos 1.0.10 and Earlier SQL Injection Vulnerability in bcoos 1.0.10 and Earlier: Remote Code Execution via ratefile.php Denial of Service Vulnerability in Apple Mac OS X 10.5's vpnd Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 Arbitrary File Download Vulnerability in libFLAC Double Free Vulnerabilities in FLAC libFLAC: Remote Code Execution Remote Code Execution Vulnerability in St. Bernard Open File Manager 9.5 Denial of Service Vulnerability in Linux Kernel IPsec Implementation World-readable permissions on Bind /etc/rndc.key file in Red Hat Enterprise Linux 5 and Fedora allow unauthorized local users to perform named commands, leading to a denial of service vulnerability. Denial of Service Vulnerability in libxml2's xmlCurrentChar Function Default Configuration Vulnerability in autofs 5 Allows Unauthorized Access to Important Devices Apache Tomcat SSL Port Empty Request Handling Vulnerability Cross-site scripting (XSS) vulnerability in Lxlabs HyperVM 2.0 login page through frm_emessage parameter SQL Injection Vulnerabilities in TCExam before 5.1.000 Multiple PHP Remote File Inclusion Vulnerabilities in SerWeb 2.0.0 dev1 and Earlier Directory Traversal Vulnerabilities in SERWeb 2.0.0 dev1 and Earlier SQL Injection Vulnerability in Xigla Absolute Banner Manager .NET 4.0 MWOpen 1.4 and Earlier: SQL Injection Vulnerability in leggi_commenti.asp Unspecified Privilege Escalation Vulnerabilities in IBM Hardware Management Console (HMC) 6 R1.3 Unspecified Privilege Escalation Vulnerabilities in IBM Hardware Management Console (HMC) 3 R3.7 Arbitrary Code Injection via URI in IBM Lotus Sametime WebRunMenuFrame Page Arbitrary PHP Code Execution via Remote File Inclusion in phpMyChat 0.14.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHPMyChat 0.14.5 Cross-site scripting (XSS) vulnerability in Drupal Shoutbox module allows injection of arbitrary web script or HTML via block messages Multiple SQL Injection Vulnerabilities in Drupal and vbDrupal 4.7.x and 5.x Unspecified Cross-Site Request Forgery (CSRF) Vulnerability in Fusion News 3.9.0 OpenNewsletter 2.5 and Earlier: Cross-Site Scripting (XSS) Vulnerability in compose.php Heap-based Buffer Overflow in Novell NetMail 3.5.2 Privilege Escalation via ALTER VIEW in MySQL 5.0.x, 5.1.x, and 6.0.x Denial of Service Vulnerability in MySQL Federated Engine Unspecified Privilege Escalation Vulnerabilities in IBM Hardware Management Console (HMC) 7 R3.2.0 Cross-Site Scripting (XSS) Vulnerabilities in JFreeChart Image Map Feature Cross-Site Scripting (XSS) Vulnerabilities in clickstats.php in wwwstats 3.21 HttpLogger 0.8.1 Cross-Site Scripting (XSS) Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in webSPELL 4.1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Falt4Extreme RC4 10.9.2007 SQL Injection Vulnerability in Falt4Extreme RC4 10.9.2007 XSS Vulnerability in Websense Enterprise and Web Security Suite 6.3 Logon Page MySQL Server Remote BINLOG Execution Vulnerability Source Code Disclosure Vulnerability in BarracudaDrive Web Server Denial of Service Vulnerability in BarracudaDrive Web Server 3.8 BarracudaDrive Web Server XSS Vulnerability Directory Traversal Vulnerabilities in BarracudaDrive Web Server SQL Injection Vulnerability in WordPress 2.3.1 and Earlier via wp-includes/query.php Unspecified Remote Code Execution and Privilege Escalation Vulnerabilities in Lyris ListManager Cross-Site Request Forgery (CSRF) Vulnerability in Drupal Module Feature 4.7.x-dev and 5.x-dev Cross-site scripting (XSS) vulnerability in RoundCube webmail 0.1rc2 and earlier versions Arbitrary File Read Vulnerability in xml2owl 0.1.1 Multiple Directory Traversal Vulnerabilities in MMS Gallery PHP 1.0 CityWriter 0.9.7 - Remote File Inclusion Vulnerability in head.php Fastpublish CMS 1.9999 - PHP Remote File Inclusion Vulnerability in adminbereich/designconfig.php Denial of Service Vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.3 on Windows Buffer Overflow in AVSMJPEGFILE.DLL ActiveX Control Allows Remote Code Execution Local Filesystem Access Vulnerability in DOSBox 0.72 and Earlier Metadata Tampering Vulnerability in Microsoft Office 2007 Cleartext or Weakly Encrypted Transmission of User Credentials in Meridian Prolog Manager 2007 and Earlier Versions Absolute Path Traversal Vulnerability in HPInfoDLL.HPInfo.1 ActiveX Control Arbitrary Registry Modification Vulnerability in HPInfoDLL.HPInfo.1 ActiveX Control Arbitrary Registry Value Read Vulnerability in HPInfoDLL.HPInfo.1 ActiveX Control Privilege Escalation Vulnerability in Ingres 2.5 and 2.6 on Windows Heap-based Buffer Overflow in libclamav in ClamAV 0.92 and earlier versions Remote Code Execution Vulnerability in ClamAV before 0.92 via Crafted MS-ZIP Compressed CAB File Unspecified Remote Attack Vulnerability in ClamAV's bzip2 Decompression Algorithm SQL Injection Vulnerability in Trivantis CourseMill Enterprise Learning Management System 4.1 SP4 Arbitrary Code Execution Vulnerability in Akamai Download Manager ActiveX Control Insecure Use of RC4 Stream Cipher in Geert Moernaut LSrunasE 1.0 and Supercrypt 1.0 Allows Password Extraction Denial of Service Vulnerability in Net::DNS 0.60 Build 654 SQL Injection Vulnerability in AuthCAS.pm 0.4 Allows Remote Code Execution Arbitrary Web Script Injection Vulnerability in HP OpenView Network Node Manager (OV NNM) Arbitrary File Inclusion Vulnerability in Mcms Easy Web Make 1.3 SQL Injection Vulnerability in Aurora Framework (before 20071208) Unspecified Cross-Site Scripting (XSS) Vulnerability in Rainboard before 2.10 PHP Remote File Inclusion Vulnerability in ViArt CMS, HelpDesk, Shop Evaluation, and Shop Free 3.3.2 SquirrelMail 1.4.11 and 1.4.12 PHP Remote File Inclusion Vulnerability Denial of Service Vulnerability in Perforce P4Web 2006.2 and Earlier Remote Code Execution in scponly 4.6 and Earlier via Dangerous Subcommands Denial of Service Vulnerability in libexif 0.6.16 and Earlier Arbitrary Code Execution via Crafted EXIF Tags in libexif 0.6.16 and Earlier Heap-based Buffer Overflow in exiv2 Library via Crafted EXIF File Unspecified Field Offset Overflow Vulnerability in exiftags before 1.01 Integer Overflow Vulnerability in exiftags 1.01: Unknown Impact and Attack Vectors Recursive IFD References Denial of Service Vulnerability in exiftags Stack-based Buffer Overflow in Microsoft Office Access Arbitrary File Overwrite Vulnerability in pdftops.pl Denial of Service Vulnerability in cs_validate_page Function in Apple Mac OS X 10.5.1 Memory Exhaustion Vulnerability in Sun eXtended System Control Facility (XSCF) Control Package (XCP) Firmware Sensitive Information Disclosure in Gekko 0.8.2 and Earlier SQL Injection Vulnerability in RSGallery Component for Mambo and Joomla! Unauthenticated Access Vulnerability in IBM Tivoli Netcool Security Manager 1.3.0 Arbitrary Code Injection via Signature in JLMForo System Cross-site scripting (XSS) vulnerability in Event Calendar in bcoos 1.0.10 via month parameter in modules/ecal/display.php Multiple SQL Injection Vulnerabilities in SineCMS 2.3.4 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in SineCMS Guestbook Directory Traversal Vulnerability in ezContents 1.4.5: Arbitrary File Read Directory Traversal Vulnerabilities in PictPress WordPress Plugin Denial of Service Vulnerability in Nokia N95 Cell Phone with RM-159 12.0.013 Firmware Denial of Service Vulnerability in Juniper JUNOS 7.3 through 8.4 via Malformed BGP Packets Multiple SQL Injection Vulnerabilities in GestDown 1.00 Beta Multiple Cross-Site Scripting (XSS) Vulnerabilities in Bitweaver 2.0.0 and Earlier Multiple SQL Injection Vulnerabilities in Bitweaver 2.0.0 and Earlier Directory Traversal Vulnerability in Francisco Burzi PHP-Nuke 8.0 Stack-based Buffer Overflow in BadBlue 2.72b and Earlier: Remote Code Execution Vulnerability Arbitrary File Creation and Overwrite Vulnerability in BadBlue 2.72b and Earlier Information Disclosure Vulnerability in BadBlue 2.72b and Earlier Multiple SQL Injection Vulnerabilities in e-Xoops (exoops) 1.08 and 1.05 Rev 1-3 Arbitrary SQL Command Execution in TYPO3 Indexed Search Extension Remote Code Execution via Event Dispatch Thread in Robocode Arbitrary Resource Creation Vulnerability in Chandler Server (Cosmo) Unspecified Remote File and Resource Access Vulnerability in BEA WebLogic Mobility Server Proxy Server Authentication Bypass in Kerio WinRoute Firewall Stack-based Buffer Overflow in Trend Micro AntiVirus Plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 Stack-based Buffer Overflow Vulnerabilities in awApi4.AnswerWorks.1 ActiveX Control Apache HTTP Server Cross-Site Scripting (XSS) Vulnerability in mod_status Clipboard Data Leakage Vulnerability in GNOME Screensaver CSRF Vulnerability in mycalendar Plugin Allows Remote Attackers to Perform Actions as Blog Administrators SQL Injection Vulnerability in SH-News 3.0 Patch/Comments.php SQL Injection Vulnerability in DWdirectory 2.1 and Earlier: Remote Code Execution via /search URI SQL Injection Vulnerability in Ace Image Hosting Script's albums.php SQL Injection Vulnerability in Content Injector 1.53: Remote Code Execution via id Parameter Insufficient Access Control in Flat PHP Board 1.2 and Earlier Allows Remote Credential Theft Direct static code injection vulnerability in Flat PHP Board 1.2 and earlier: Remote PHP code execution via user registration Directory Traversal Vulnerabilities in Flat PHP Board 1.2 and Earlier Authentication Bypass Vulnerability in Flat PHP Board 1.2 and Earlier Password Disclosure Vulnerability in Flat PHP Board 1.2 and Earlier PolDoc CMS (aka PDDMS) 0.96 - Directory Traversal Vulnerability in download_file.php Stack-based Buffer Overflow in Microsoft Windows Media Player (WMP) 6.4 with 3ivx Codec Stack-based Buffer Overflow in Media Player Classic (MPC) 6.4.9 with 3ivx Codec Stack-based Buffer Overflow in Winamp 5.32 via Crafted Unicode in .mp4 File Directory Traversal Vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and Earlier on Windows Arbitrary CGI Program Download Vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in CA eTrust Threat Management Console Cross-Site Scripting (XSS) Vulnerabilities in IBM Tivoli Provisioning Manager Express Information Disclosure in IBM Tivoli Provisioning Manager Express: Username Enumeration Vulnerability Denial of Service Vulnerability in Gadu-Gadu gg Protocol Handler Gadu-Gadu Protocol Handling Vulnerability Buffer Overflow Vulnerabilities in Gadu-Gadu 7.7 Build 3669 Arbitrary PHP Code Injection Vulnerability in Bitweaver 2.0.0 and Earlier Remote Root Access via NFS Requests in Sun Solaris 10 Arbitrary Code Execution and Authentication Bypass in Adult Script 1.6 and Earlier Remote Code Execution in scponly 4.6 and Earlier via OpenSSH's scp -F and -o Options Arbitrary Physical Memory Access Vulnerability in Xen 3.1.2 and Earlier on ia64 Systems Memory Leakage Vulnerability in shmem_getpage Function Insecure Command Line Argument Handling in libdspam7-drv-mysql Cron Job Unspecified Denial of Service Vulnerability in rpc.yppasswdd in HP-UX CSRF Vulnerability in Apache HTTP Server 2.2.x mod_proxy_balancer Apache HTTP Server 2.2.0-2.2.6 mod_proxy_balancer balancer-manager XSS vulnerability Denial of Service Vulnerability in Apache HTTP Server 2.2.0 through 2.2.6 Memory Corruption Vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x on Windows Remote Code Execution via DNS Spoofing in Fonality Trixbox 2.0 PBX Products Unspecified Denial of Service Vulnerability in HP-UX B.11.31 Heap-based Buffer Overflow Vulnerabilities in EMC RepliStor 6.2 SP2 Arbitrary Code Execution via XInput Extension in X.Org Xserver Arbitrary Memory Read Vulnerability in ProcGetReservedColormapEntries Function Integer overflows in X.Org Xserver leading to arbitrary code execution Authentication Bypass Vulnerability in Asterisk Open Source and Business Edition Unspecified Remote Code Execution Vulnerability in Adobe Flash Media Server and Connect Enterprise Server AldFs32.dll Stack-based Buffer Overflow Vulnerability in Adobe PageMaker 7.0.1 and 7.0.2 Arbitrary EJBQL Command Injection in JBoss Seam 2.x Bypassing mmap_min_addr Protection in Linux Kernel 2.6.23 Novell GroupWise HTML Preview Buffer Overflow Vulnerability Stack-based Buffer Overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 Denial of Service Vulnerability in Balabit syslog-ng 2.0.x and 2.1.x Unspecified Denial of Service Vulnerability in Wireshark SMB Dissector Denial of Service Vulnerability in Wireshark 0.99.6 via IPv6 or USB Dissector WiMAX Dissector Denial of Service Vulnerability Denial of Service Vulnerability in Wireshark RPL Dissector Denial of Service Vulnerability in Wireshark CIP Dissector Unspecified Cross-Site Scripting (XSS) Vulnerability in Google Web Toolkit (GWT) Benchmark Reporting System Arbitrary File Inclusion Vulnerability in RaidenHTTPD 2.0.19 Heap-based Buffer Overflow in PeerCast Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mambo 4.6.2 index.php Unspecified vulnerability in OpenOffice.org code in Planamesa NeoOffice 2.2.2 before Patch 4 on MacOS 10.3.9 with unknown impact and attack vectors related to .odb files SurgeMail 38k4 Webmail Feature Denial of Service Vulnerability SQL Injection Vulnerability in 123tkShop 0.9.1: Remote Code Execution via admin Parameter Arbitrary Command Execution in Anon Proxy Server 0.100 and 0.101 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Anon Proxy Server before 0.101 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Flyspray 0.9.9 through 0.9.9.3 Arbitrary SQL Command Execution in PHP Real Estate Classifieds via fullnews.php Arbitrary Web Script Injection in PHP Real Estate Classifieds Admin Panel PHP Remote File Inclusion Vulnerabilities in Form Tools 1.5.0b Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ganglia Web Interface Multiple SQL Injection Vulnerabilities in FreeWebshop 2.2.1 and MOG - Web Shop SQL Injection Vulnerability in MKPortal 1.1 RC1 - Remote Code Execution via Gallery Foto_Show Action Buffer Overflow in HuffDecode Function in Hammer of Thyrion 1.4.2 SQL Injection Vulnerability in phpRPG 0.8 index.php Insufficient Access Control in phpRPG 0.8 Allows Session Hijacking Directory Traversal Vulnerability in phPay 2.02.01 on Windows SQL Injection Vulnerabilities in phpMyRealty (PMR) 1.0.9 Heap-based Buffer Overflow in Texas Imperial Software WFTPD Pro Explorer 1.0 via Long LIST Command Reply Multiple Cross-Site Scripting (XSS) Vulnerabilities in GF-3XPLORER 2.4 Directory Traversal Vulnerabilities in GF-3XPLORER 2.4 Information Disclosure Vulnerability in GF-3XPLORER 2.4 Arbitrary Web Script Injection Vulnerability in Citrix Web Interface and NFuse Stack-based Buffer Overflow in Rosoft Media Player 4.1.7 and 4.1.8 Unrestricted File Upload Vulnerability in Dokeos 1.8.4 Default Account Vulnerability in Sun Management Center (Sun MC) 3.6.1, 3.6, and 3.5 Update 1 Arbitrary Directory Creation and Deletion Vulnerability in Sun Ray Server Software Unspecified Denial of Service Vulnerability in Sun Ray Server Software Arbitrary File Read Vulnerability in SafeNet Sentinel Protection Server and Sentinel Keys Server SQL Injection Vulnerability in phpRPG 0.8 index.php Allows Remote Code Execution PHP Remote File Inclusion Vulnerabilities in Centreon 1.4.1 Cross-Site Scripting (XSS) Vulnerabilities in LineShout 1.0's shout.php Unspecified vulnerability in Plain Black WebGUI 7.4.0 through 7.4.17 allows creation of unauthorized Admin accounts by remote authenticated users with Secondary Admin privileges Remote File Inclusion Vulnerabilities in Falcon Series One CMS 1.4.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Falcon Series One CMS 1.4.3 CSRF Vulnerability in Falcon Series One CMS 1.4.3 Allows Password Change Multiple SQL Injection Vulnerabilities in Kvaliitti WebDoc 3.0 CMS Denial of Service Vulnerability in iMesh 7.1.0.x and Earlier Arbitrary Code Execution Vulnerability in iMesh 7.1.0.x and Earlier Authentication Bypass Vulnerability in Hosting Controller 6.1 Hot fix 3.3 and Earlier Arbitrary Directory Permissions Modification Vulnerability in Hosting Controller 6.1 Hot fix 3.3 and Earlier Arbitrary User Registration Vulnerability in Hosting Controller 6.1 Hot fix 3.3 and Earlier Arbitrary User Profile Modification and Credit Manipulation Vulnerability in Hosting Controller 6.1 Hot fix 3.3 and Earlier Multiple SQL Injection Vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and Earlier Unspecified vulnerability in Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to uninstall FrontPage extensions Remote authenticated users can delete gateway information in Hosting Controller 6.1 Hot fix 3.3 and earlier Remote authenticated users can manipulate pay type in Hosting Controller 6.1 Hot fix 3.3 and earlier Information Disclosure Vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and Earlier Unspecified Remote Code Execution Vulnerabilities in Hosting Controller 6.1 Hot fix 3.3 and Earlier Unspecified Remote Header Manipulation Vulnerability in Hosting Controller 6.1 Hot fix 3.3 and Earlier Solaris 9 SSH Audit-ID Spoofing Vulnerability Arbitrary File Overwrite and Access Vulnerability in HPRulesEngine.ContentCollection.1 ActiveX Control Remote Code Execution Vulnerability in Trend Micro ServerProtect 5.58 for Windows Directory Traversal Vulnerability in xeCMS 1.0 view.php Denial of Service Vulnerability in Appian Enterprise BPM Suite 5.6 SP1 Stack-based Buffer Overflows in ProWizard 4 PC (prowiz) 1.62 and Earlier Bypassing Content Filtering in Websense Enterprise 6.3.1 Insufficient Access Control in PHP MySQL Banner Exchange 2.2.1 Allows Remote Database Information Retrieval HP eSupportDiagnostics ActiveX Control (hpediag.dll) 1.0.11.0 - Remote File and Registry Read Vulnerability Apache HTTP Server Vulnerability: Remote Access to Unprocessed Content via Trailing Backslash Arbitrary TCL Code Execution in support/dispatch.cgi in SiteScape Forum Remote Code Execution Vulnerability in RavWare Software MAS Flic ActiveX Control (masflc.ocx) 1.0.0.1 SQL Injection Vulnerability in LostPwd.asp in Eagle Software Aeries Browser Interface (ABI) 3.7.9.17 SQL Injection Vulnerabilities in WoltLab Burning Board (wBB) Lite 1.0.2 pl3e Denial of Service Vulnerability in HP Tru64 UNIX 5.1B-4 and 5.1B-3 Cross-Domain Scripting Vulnerability in Opera Versions Prior to 9.25 Arbitrary Code Execution via Crafted TLS Certificates in Opera before 9.25 Cross-Domain Scripting Vulnerability in Opera's Rich Text Editing Functionality Denial of Service Vulnerability in Opera 9.50 Beta and 9.x Memory Disclosure Vulnerability in Opera Browser Unspecified Scripting Vulnerability in IBM DB2 Content Manager (CM) Toolkit 8.3 Arbitrary Web Script Injection in TikiWiki's tiki-special_chars.php Arbitrary Content Execution Vulnerability in imgUpload Module 1.3.2 for PunBB Arbitrary File Read Vulnerability in TikiWiki's tiki-listmovies.php Unspecified Vulnerabilities in TikiWiki before 1.9.9 with Unknown Impact and Attack Vectors Buffer Overflow in XUpload.ocx ActiveX Control Allows Remote Code Execution Stack-based Buffer Overflow in Xfce Panel Component Double Free Vulnerability in Xfce Widget Library (libxfcegui4): Remote Code Execution Buffer Overflow in Zoom Player 6.00 Beta 2 and Earlier via Crafted ZPL File Unspecified Denial of Service Vulnerabilities in Microsoft Office Publisher Buffer Overflow Vulnerability in YShortcut ActiveX Control in Yahoo! Toolbar Vulnerability: Custom Button Installer Dialog Spoofing in Google Toolbar 4 and 5 Beta Stack-based Buffer Overflow in WinUAE zfile_gunzip Function SQL Injection Vulnerability in MRBS Plugin for Moodle IDevspot iSupport 1.8 - PHP Local File Inclusion Vulnerability in index.php SQL Injection Vulnerability in Neuron News 1.0 Allows Remote Code Execution Neuron News 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities Arcadem LE 2.04 and Earlier: PHP Remote File Inclusion Vulnerability in admin/frontpage_right.php Arbitrary SQL Command Execution in eSyndiCat Link Exchange Script via suggest-link.php Multiple SQL Injection Vulnerabilities in RunCMS before 1.6.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in RunCMS before 1.6.1 Predictable Session ID Vulnerability in RunCMS Password Change Vulnerability in RunCMS before 1.6.1 Multiple Direct Static Code Injection Vulnerabilities in RunCMS before 1.6.1 Unspecified Vulnerability in RunCMS before 1.6.1 with Unknown Impact and Attack Vectors Related to pagetype using Eval Injection Vulnerability in PMOS Help Desk 2.4 and Earlier SQL Injection Vulnerability in MailMachine Pro 2.2.4: Remote Code Execution via showMsg.php Directory Traversal Vulnerability in AuraCMS 2.2 Allows Remote File Inclusion Multiple PHP Remote File Inclusion Vulnerabilities in TeamCal Pro 3.1.000 and Earlier Multiple Directory Traversal Vulnerabilities in TeamCal Pro 3.1.000 and Earlier Remote File Inclusion Vulnerability in Joomla! mosDirectory Component (com_directory) 2.3.2 Multiple SQL Injection Vulnerabilities in websihirbazi 5.1.1 Multiple SQL Injection Vulnerabilities in MeGaCheatZ 1.1 Denial of Service Vulnerability in TotalPlayer 3.0 via Large .m3u File SQL Injection Vulnerabilities in Logaholic before 2.0 RC8 Cross-Site Scripting (XSS) Vulnerabilities in Logaholic before 2.0 RC8 Stack-based buffer overflows in PDFLib: Arbitrary Code Execution via Long Filename Argument Multiple stack-based buffer overflows in TCPreen before 1.4.4 Heap-based Buffer Overflow in WinAce UUE Archive Filename Handling Cross-Site Scripting (XSS) Vulnerability in Limbo CMS 1.0.4.2 admin.php SQL Injection Vulnerabilities in Blakord Portal 1.3.A Beta and Earlier: Remote Code Execution SQL Injection Vulnerability in XZero Community Classifieds 4.95.11 and Earlier: Remote Code Execution via subcatid Parameter Arbitrary File Inclusion Vulnerability in XZero Community Classifieds 4.95.11 and Earlier Remote File Inclusion Vulnerability in XZero Community Classifieds 4.95.11 and Earlier Arbitrary Script Injection in Sun Java System Web Proxy Server 4.x (BugID 6566246) Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 4.x and 3.x before 4.0.6 and 3.6 SP11 Cross-site scripting (XSS) vulnerability in Sun Java System Web Proxy Server 3.6 before SP11 on Windows (BugID 6611356) Arbitrary Web Script Injection Vulnerability in Sun Java System Web Server 6.1 and 7.0 QK SMTP Server 3 Denial of Service Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dokeos 1.8.4 and Earlier SQL Injection Vulnerability in MMSLamp's default.php Allows Remote Code Execution SQL Injection Vulnerabilities in Adult Script 1.6.5 and Earlier: Remote Code Execution Multiple SQL Injection Vulnerabilities in zBlog 1.2 SQL Injection Vulnerability in go.php in PHP ZLink 0.3 Multiple SQL Injection Vulnerabilities in Ip Reg 0.3 and 0.4 SQL Injection Vulnerabilities in Wallpaper Site 1.0.09 Directory Traversal Vulnerabilities in Social Engine 2.0 mBlog 1.2 - Directory Traversal Vulnerability in index.php Arbitrary SQL Command Execution in 1024 CMS 1.3.1 via SQL Injection in admin/ops/findip/ajax/search.php Multiple Directory Traversal Vulnerabilities in 1024 CMS 1.3.1 Remote File Inclusion Vulnerability in NmnNewsletter 1.0.7: Arbitrary PHP Code Execution SQL Injection Vulnerability in sezione_news.php in nicLOR-CMS SQL Injection Vulnerability in Plogger 1.0 Beta 3.0 plog-rss.php PHCDownload 1.10 Username Field Cross-Site Scripting (XSS) Vulnerability Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and SeaMonkey KDE Konqueror SSL Certificate Spoofing Vulnerability SSL Certificate Spoofing Vulnerability in Apple Safari 2 Stack-based buffer overflows in l123sr.dll in Autonomy KeyView SDK: Arbitrary Code Execution Privilege Escalation Vulnerability in IBM Lotus Notes 8 for Linux Local File Overwrite Vulnerability in ClamAV 0.92 ClamAV 0.92 Vulnerability: Bypassing Scanner with Base64-UUEncoded Files Multiple Cross-Site Scripting (XSS) Vulnerabilities in IPortalX before Build 033 LDAP+auth Cache Manipulation Vulnerability Race condition vulnerability in OpenAFS fileserver allows remote attackers to cause denial of service Privilege Escalation in PostgreSQL Index Functions Incomplete Fix for Remote Privilege Escalation in PostgreSQL DBLink Module SQL Injection Vulnerability in NoseRub 0.5.2 and Earlier: Remote Code Execution via Username Field Insufficient Access Control in Hot or Not Clone Allows Remote Attackers to Obtain Administrator Credentials Multiple Directory Traversal Vulnerabilities in XCMS 1.82 and Earlier Buffer Overflow Vulnerability in SkyFexClient.ocx 1.0.2.77: Remote Code Execution Information Disclosure Vulnerability in OpenBiblio 0.5.2-pre4 and Earlier Information Disclosure Vulnerability in OpenBiblio 0.5.2-pre4 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in OpenBiblio 0.5.2-pre4 and Earlier Stack-based buffer overflows in CPLI_ReadTag_OGG function in CoolPlayer 217 and earlier Arbitrary Command Execution via Unp Filename Argument Arbitrary Web Script Injection in Mantis view.php Directory Traversal Vulnerability in Mongrel's DirHandler Stack-based Buffer Overflow in print_iso9660_recurse function in libcdio PHP Remote File Inclusion Vulnerability in Agares Media phpAutoVideo 2.21 Agares Media phpAutoVideo 2.21 Directory Traversal Vulnerability Cross-Site Scripting (XSS) Vulnerability in SimpleForum 4.6.2 and Earlier Cross-site scripting (XSS) vulnerability in JIRA Enterprise Edition before 3.12.1 JIRA Enterprise Edition Vulnerability: Remote Deletion of Shared Filters Unrestricted Setup Attempts in Atlassian JIRA Enterprise Edition Joovili 2.x Directory Traversal Vulnerability in include/images.inc.php Directory Traversal Vulnerability in Joovili Allows Arbitrary File Read SQL Injection Vulnerability in ZeusCMS 0.3 and Earlier: Remote Command Execution via Referer Header Absolute Path Traversal Vulnerability in ZeusCMS 0.3 and Earlier Directory Traversal Vulnerability in PNphpBB2 1.2i and Earlier: Arbitrary File Inclusion in printview.php Denial of Service Vulnerability in Fan-Out Driver Platform Services for Novell Identity Manager (IDM) 3.5.1 Buffer Overflow Vulnerabilities in LScube Feng 0.1.15 and Earlier Integer Overflow in RTSP_remove_msg Function in LScube Feng 0.1.15 and Earlier: Remote Code Execution Vulnerability Denial of Service Vulnerability in LScube Feng 0.1.15 and Earlier Denial of Service Vulnerability in LScube Feng 0.1.15 and Earlier Netembryo 0.0.4 URL_init Function Denial of Service Vulnerability Multiple Buffer Overflows in LScube libnemesi 0.6.4-rc1 and Earlier Arbitrary Command Execution in xml2owl 0.1.1 via Path Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in FAQMasterFlexPlus Multiple SQL Injection Vulnerabilities in FAQMasterFlexPlus ClearText Password Storage Vulnerability in FAQMasterFlexPlus Arbitrary File Modification Vulnerability in Bitflu StorageFarabDb Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in Adobe Flash Player via Crafted SWF Files Insufficient Access Control in March Networks DVR 3204 Allows Remote Information Disclosure SQL Injection Vulnerability in IPTBB 0.5.4 and Earlier: Remote Code Execution via index.php Inadequate Function Access Control in Creammonkey and GreaseKit Arbitrary Web Script Injection Vulnerability in milliscripts Redirection Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Joomla! before 1.5 RC4 Arbitrary Web Script Injection Vulnerability in Joomla! com_poll Component Arbitrary User Promotion Vulnerability in Joomla! 1.5 RC4 Registered User Privilege Escalation Vulnerability in Joomla! before 1.5 RC4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in LiveCart 1.0.1 and Earlier Versions SQL Injection Vulnerability in w-Agora 4.2.1 and Earlier: Remote Code Execution via cat Parameter Arbitrary File Inclusion Vulnerability in SanyBee Gallery 0.1.0 and 0.1.1 Remote File Inclusion Vulnerability in MatPo Bilder Galerie 1.1: Arbitrary PHP Code Execution Unrestricted File Upload Vulnerability in Bitweaver R2 CMS Bitweaver R2 CMS Directory Traversal Vulnerability in wiki/edit.php Direct Static Code Injection Vulnerability in XCMS 1.83 and Earlier Arbitrary File Read Vulnerability in Mihalism Multi Host 2.0.7 Buffer Overflow in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 via ProductCode Argument in DownloadAndExecute Method Remote File Inclusion Vulnerability in Kontakt Formular 1.4 SQL Injection Vulnerability in TinyMCE Module for CMS Made Simple 1.2.2 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in Mihalism Multi Forum Host 3.0.x and Earlier Arbitrary SQL Command Execution in CustomCMS (CCMS) 3.1 Demo via p Parameter in admin.php/vars.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in 2z Project 0.9.6.1 Information Disclosure Vulnerability in 2z Project 0.9.6.1 Authentication Bypass Vulnerability in 2z Project 0.9.6.1 CuteNews 2.6 Directory Traversal Vulnerability SQL Injection Vulnerability in Pragmatic Utopia PU Arcade Component for Joomla! SQL Injection Vulnerability in WebPortal CMS 0.6.0 and Earlier: Remote Code Execution via index.php SQL Injection Vulnerability in Netchemia oneSCHOOL's admin/login.asp Allows Remote Code Execution SQL Injection Vulnerability in Zenphoto rss.php SQL Injection Vulnerability in faq.php in MyPHP Forum 3.0 and Earlier Unrestricted File Upload Vulnerability in MySpace Content Zone (MCZ) 3.x PHCDownload 1.1.0 search.php XSS Vulnerability SQL Injection Vulnerability in PHCDownload 1.1.0's search.php Allows Remote Code Execution SQL Injection Vulnerability in Instant Softwares Dating Site Login Form Multiple Slash Character Bypass Vulnerability in Mortbay Jetty 6.1.5 and 6.1.6 Makale Scripti Cross-Site Scripting (XSS) Vulnerability in Search Action Arbitrary Web Script Injection Vulnerability in RapidShare Database Default.asp Unrestricted Access to Comments in XOOPS Modules Lack of Extension Filtering in Uber Uploader (UU) 5.3.6 and Earlier Arbitrary Script Injection in Peter's Random Anti-Spam Image WordPress Plugin Unspecified vulnerability in IBM WebSphere Application Server Administrative Console Incorrect Pathname Argument in Trusted Execution in IBM AIX 6.1 Allows Local Users to Modify Trusted Files Vulnerability: Stack-based Buffer Overflow in VLC 0.8.6d Subtitle Processing Format String Vulnerability in VLC Media Player 0.8.6d Arbitrary File Overwrite Vulnerability in VideoLAN VLC 0.8.6d Browser Plugin Denial of Service Vulnerability in VideoLAN VLC 0.8.6d RTSP Module Unspecified vulnerability in Menalto Gallery before 2.2.4 allows unauthorized album creation and file upload. Arbitrary Local File Inclusion Vulnerability in Menalto Gallery URL Rewrite Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in Menalto Gallery before 2.2.4 Unspecified Vulnerability in Menalto Gallery Installation Application: Web-Accessibility Protection Bypass Arbitrary Code Execution Vulnerability in Menalto Gallery before 2.2.4 Unspecified GR Commands Permission Vulnerability in Menalto Gallery Unspecified Vulnerabilities in Menalto Gallery before 2.2.4 with Unknown Impact Open Redirect Vulnerability in Menalto Gallery before 2.2.4: Remote Phishing Attack via Core and Print Modules Unspecified Proxied Request Vulnerability in Menalto Gallery WebCam Module NULL pointer dereference vulnerability in chrp_show_cpuinfo function in Linux kernel Arbitrary Web Script Injection Vulnerability in Drake CMS 0.4.9 Multiple Cross-Site Scripting (XSS) Vulnerabilities in WebCalendar 1.1.6 Buffer Overflow in LWZReadByte Function in SDL_image Double Free Vulnerability in BDB Backend for OpenLDAP Buffer overflow vulnerabilities in AIM PicEditor 9.5.1.8 ActiveX Control in YGPPicEdit.dll Arbitrary Web Script Injection Vulnerability in OpenBSD 4.1 BGPD Web Interface Stack-based Buffer Overflow in Novell Client 4.91 SP4 for Windows Spooler Service (nwspool.dll) Password Exposure in goform/QuickStart_c0 on GoAhead Web Server on FS4104-AW VDSL Device Unspecified Denial of Service Vulnerability in SynCE-dccm Cross-Site Scripting (XSS) Vulnerabilities in F5 FirePass 4100 SSL VPN Privilege Escalation Vulnerability in WebSphere MQ XA Client for Windows Arbitrary Code Execution Vulnerability in IBM Lotus Notes Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cisco Linksys WAG54GS Wireless-G ADSL Gateway Firmware Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Cisco Linksys WAG54GS Wireless-G ADSL Gateway Firmware Default Password Vulnerability in Cisco Linksys WAG54GS Wireless-G ADSL Gateway Unspecified Remote Code Execution Vulnerability in FreeWebshop.org 2.2.5, 2.2.6, and 2.2.7WIP1/2 Integer Overflow in hrtimer_forward Function in Linux Kernel 2.6.21-rc4 Unspecified Vulnerability in Flip4Mac WMV: Malformed WMV File Attack LDAP Authentication Bypass in DBMail 2.2.9 and earlier Denial of Service Vulnerability in Mozilla Firefox via Crafted Image Denial of Service Vulnerability in Linux Kernel's Direct I/O Subsystem Buffer Overflow Vulnerability in tftp in IBM AIX 5.2.0 and 5.3.0 Denial of Service Vulnerability in MPlayer SQL Injection Vulnerability in Wiz-Ad 1.3 Denial of Service Vulnerability in libmikmod 3.1.9 through 3.2.0 Bleichenbacher Vulnerability in Simple RSA CMS Signatures Insecure Configuration File in Vidalia Bundle Allows Remote Modification Insecure Configuration File in TorK Allows Remote Modification Insecure Enable-Remote-HTTP-Toggle Setting in Vidalia Bundle Allows Remote Configuration Modification Buffer Underflow Vulnerability in Ghostscript's CCITTFax Decoding Filter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dojo 0.4.1 and 0.4.2 SQL Injection Vulnerability in KerviNet Forum 1.1 - Remote Code Execution via topic.php XMB 1.5 Cross-Site Scripting (XSS) Vulnerability in User Registration MSN Field ZyXEL P-330W Router Cross-Site Scripting (XSS) Vulnerability CSRF Vulnerabilities in ZyXEL P-330W Router's Web Management Interface Buffer Overflow Vulnerability in Extended Module Player (XMP) 2.5.1 and Earlier Buffer Overflow Vulnerabilities in XMP 2.5.1 and Earlier: Remote Code Execution Denial of Service Vulnerability in NFS Lock Function Directory Traversal Vulnerability in NWFTPD.nlm FTP Server in Novell NetWare 6.5 SP7 Container Name Partial Match Bypass in NWFTPD.nlm FTP Server Directory Traversal Vulnerabilities in pyftpdlib before 0.2.0 Invalid Username Brute-Force Vulnerability in pyftpdlib Information Disclosure Vulnerability in pyftpdlib before 0.1.1 Denial of Service Vulnerability in pyftpdlib FTPServer.py Unlimited Filename Discovery in pyftpdlib FTPServer.py FTP Bounce Attack Vulnerability in pyftpdlib Denial of Service Vulnerability in IBM Tivoli Directory Server Double Free Vulnerability in IBM Tivoli Directory Server (TDS) 5.2 Unintended Application Access to Digital-Signature Password in Flexera Macrovision InstallShield Floating Point Exception in ClamAV 0.91.2 when using ScanOLE2 Insecure SSL Certificate Verification in telepathy-idle before 0.1.15 Apache HTTP Server Denial of Service Vulnerability Arbitrary Code Injection through MailForm Plugin in Movable Type CSRF Vulnerability in Drupal 7.12 and Earlier Allows Session Hijacking via user/logout URI Untrusted Search Path Vulnerability in Shell32.dll Memory Allocation Vulnerability in jemalloc Library Possible Skeleton Key Vulnerability in Dual_EC_DRBG Algorithm Default Password Vulnerability in ZOLL Defibrillator / Monitor Series Unspecified Impact and Attack Vectors in GE Healthcare Centricity DMS 4.2, 4.1, and 4.0 Critical SSRF Vulnerability in extjs 5.0.0 feed-proxy.php Authentication Bypass and Power-Cycle Attack Vulnerability in Dataprobe iBootBar Authentication Bypass and Power-Cycle Attack Vulnerability in Dataprobe iBootBar Uninitialized Data Structures Vulnerability in Linux Kernel's videobuf-vmalloc.c Off-by-one Buffer Overflow in netlabel_cipso_v4.c SAS Drug Development (SDD) before 32DRG02 Vulnerability: Unauthorized Resource Access via Browser Navigation