Vulnerability Index: Year 2009

Heap-based Buffer Overflow in Apple QuickTime RTSP URL Parsing Heap-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution via Crafted QTVR Movie File Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution Buffer Overflow Vulnerability in Apple QuickTime 7.6 and Earlier Denial of Service and Arbitrary Code Execution Vulnerability in Apple QuickTime Integer Signedness Error in Apple QuickTime: Remote Code Execution Vulnerability Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution Unspecified vulnerability in Apple QuickTime MPEG-2 Playback Component before 7.60.92.0 on Windows Pixlet Codec Memory Corruption Vulnerability Heap-based buffer overflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple QuickTime before 7.6.2 Arbitrary File Overwrite Vulnerability in Apple Mac OS X 10.5.6 Certificate Assistant CoreText Heap-Based Buffer Overflow in Apple Mac OS X 10.5.6 Privilege Escalation via Password Exposure in dscl Command Insecure Default Permissions in Apple Mac OS X 10.5.6 Folder Manager Allows Unauthorized Access to Downloads Folder Unspecified vulnerability in fseventsd in FSEvents framework in Apple Mac OS X 10.5.6 Denial of Service Vulnerability in Apple iTunes on Windows Heap-based Buffer Overflow in csregprinter in Apple Mac OS X 10.4.11 and 10.5.6 Remote Memory Disclosure Vulnerability in Apple Mac OS X 10.4.11 and 10.5.6 Out-of-Bounds Memory Access Vulnerability in Remote Apple Events in Mac OS X 10.4.11 and 10.5.6 Memory Corruption Vulnerability in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 Improper Certificate Chain Validation in NTP 4.2.4 and 4.2.5 Remote Access to Root Filesystem via Crafted Connection Request in Samba 3.2.0 - 3.2.6 Heap-based Buffer Underflow Vulnerability in Apache APR-util Denial of Service and Privilege Escalation Vulnerability in Linux Kernel's sys_remap_file_pages Function Improper Certificate Chain Validation in BIND 9.6.0 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Apache Jackrabbit 1.5.2 and Earlier Arbitrary XML File Read Vulnerability in JBossWS Arbitrary Signal Injection Vulnerability in Linux Kernel 2.6.28 and Earlier ABI Sign Extension Vulnerability in Linux Kernel 2.6.28 and Earlier Insecure Session Management in Red Hat Patch for SquirrelMail 1.4.8 Memory Leak in keyctl_join_session_keyring Function in Linux Kernel 2.6.29-rc2 and Earlier Local Privilege Escalation Vulnerability in CUPS on Mandriva Linux Denial of Service Vulnerability in Apache Tomcat with Java AJP Connector and mod_jk Load Balancing Improper Interpretation of System Group in sudoers File Allows Privilege Escalation Local Privilege Escalation via Symlink Attack in alsa-utils 1.0.19 and Later Versions Buffer Overflow Vulnerability in libvirt_proxy 0.5.1: Privilege Escalation via Crafted Header Values Arbitrary Redirect Vulnerability in curl and libcurl Cross-Site Scripting (XSS) Vulnerabilities in Apache Geronimo Application Server Web Administration Console Cross-Site Request Forgery (CSRF) Vulnerabilities in Apache Geronimo Application Server Web Administration Console Uninitialized Pointer Vulnerability in libpng User Enumeration Vulnerability in Asterisk Open Source and Business Edition Unspecified Remote Code Execution Vulnerabilities in Arclib Library Remote Code Execution Vulnerability in CA Service Metric Analysis and Service Level Management Improper Certificate Chain Validation in Sun GridEngine 5.3 and Earlier Improper Validation of SSL/TLS Certificate Chain in Gale 0.99 and Earlier Improper Certificate Chain Validation in OpenEvidence 1.0.6 and Earlier Improper Certificate Chain Validation in Belgian eID Middleware (eidlib) 2.6.0 and Earlier Lasso SSL/TLS Signature Validation Bypass Vulnerability Insecure Certificate Chain Validation in ZXID 0.29 and Earlier Atheros Wireless Driver Denial of Service and Arbitrary Code Execution Vulnerability PXE Encryption Decryption Key Exposure Vulnerability in Cisco IronPort Encryption Appliance and Cisco IronPort PostX PXE Encryption Credential Capture Vulnerability Cross-Site Request Forgery (CSRF) Vulnerability in Cisco IronPort Encryption Appliance and Cisco IronPort PostX Cross-Site Request Forgery (CSRF) Vulnerability in Cisco IronPort Encryption Appliance and Cisco IronPort PostX Denial of Service Vulnerability in Cisco Unified Communications Manager CAPF Service Denial of Service Vulnerability in Cisco Wireless LAN Controllers Denial of Service Vulnerability in Cisco Wireless LAN Controllers and Catalyst Switches Unspecified Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) TSEC Driver Privilege Escalation Vulnerability in Cisco Wireless LAN Controller and Catalyst Devices Unspecified Cross-Site Scripting (XSS) Vulnerability in Symantec Brightmail Gateway Appliance Unspecified Privilege Escalation and Session Hijacking Vulnerabilities in Symantec Brightmail Gateway Control Center Buffer Overflow in Linux Kernel SCTP Implementation Unspecified Vulnerabilities in Intel System Software for Trusted Execution Technology (TXT) Remote Code Execution via Interaction Error in xdg-open Denial of Service Vulnerability in NFS 4 Client on Solaris 10 and OpenSolaris Integer Signedness Error in Apple Safari: Remote Memory Read and Denial of Service Vulnerability Denial of Service Vulnerability in Mozilla Firefox 3.0.x Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 through 8.0 beta2 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 7 CSS Memory Corruption Vulnerability in Microsoft Internet Explorer 7 Web Proxy TCP State Limited Denial of Service Vulnerability Windows WMI Service Isolation Vulnerability Windows RPCSS Service Isolation Vulnerability Windows Thread Pool ACL Weakness Vulnerability Windows Kernel Input Validation Vulnerability Windows Kernel Handle Validation Vulnerability Windows Kernel Invalid Pointer Vulnerability MJPEG Decompression Vulnerability in DirectShow SChannel Spoofing Vulnerability Windows HTTP Services Integer Underflow Vulnerability WordPad and Office Text Converter Memory Corruption Vulnerability Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability Windows HTTP Services Certificate Name Mismatch Vulnerability Microsoft .NET Framework Pointer Verification Vulnerability Microsoft .NET Framework Type Verification Vulnerability DNS Server Vulnerability in WPAD Registration Vulnerability WPAD and ISATAP NetBIOS Name Hijacking Vulnerability in Windows Server Memory Validation Vulnerability in Microsoft Office Visio 2002, 2003, and 2007 Memory Corruption Vulnerability in Microsoft Office Visio 2002, 2003, and 2007 Memory Corruption Vulnerability in Microsoft Office Visio 2002 SP2 and 2003 SP3 TNEF Message Memory Corruption Vulnerability Literal Processing Vulnerability in EMSMDB32 Provider Memory Corruption Vulnerability in Microsoft Office Excel Project Memory Validation Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in playSMS 0.9.3 SQL Injection Vulnerability in EZpack 4.2b2 index.php Allows Remote Code Execution Arbitrary Web Script Injection in EZpack 4.2b2 index.php Arbitrary SQL Command Execution in PHPAuctions' profile.php Arbitrary Web Script Injection in PHPAuctions profile.php Remote Authentication Bypass Vulnerability in PHPAuctions SQL Injection Vulnerability in RiotPix 0.61 and Earlier: Remote Code Execution via Username Parameter SQL Injection Vulnerability in RiotPix 0.61 and Earlier: Remote Code Execution via forumid Parameter SQL Injection Vulnerability in Goople CMS 1.8.2 and Earlier: Remote Code Execution via username Parameter in frontpage.php CSRF Vulnerability in PollPro 3.0 Allows Unauthorized Account Creation or Modification Directory Traversal Vulnerability in XStandard Component for Joomla! 1.5.8 and Earlier Clickjacking Vulnerability in Adobe Flash Player Settings Manager World-writable socket file vulnerability in Device Mapper multipathing driver Buffer Overflow Vulnerability in Microsoft Windows XP SP3 via Crafted .chm File Denial of Service Vulnerability in IBM WebSphere DataPower XML Security Gateway XS40 SQL Injection Vulnerability in Goople CMS 1.8.2: Remote Code Execution via frontpage.php Arbitrary File Ownership Change Vulnerability in HPLIP on Ubuntu Arbitrary File Reading Vulnerability in Apple Safari on Mac OS X and Windows Improper Validation of Certificate Chain in ARRL TQSL Library 2.0 Vulnerability: Improper Validation of SSL/TLS Certificate Chain in libnasl 2.2.11 Bypassing Certificate Chain Validation in BOINC Client Vulnerability: Inadequate Return Value Check in M2Crypto OpenSSL Functions Improper Validation of Certificate Chain in SLURM Plugin for OpenSSL Improper Return Value Checking in libcrypt-openssl-dsa-perl Improper Validation of SSL/TLS Signature in Erlang's crypto_drv.c Denial of Service Vulnerability in UFS Implementation in Sun OpenSolaris Integer Overflow in aio_suspend Function in Solaris and OpenSolaris Buffer Overflow in Microsoft HTML Help Workshop 4.74 and Earlier: Arbitrary Code Execution via Long Index File Field Arbitrary File Creation and Overwrite Vulnerability in EasyGrid.SGCtrl.32 ActiveX Control Heap-based buffer overflow in Audible::Tag::readTag function in Amarok 1.4.10 through 2.0.1 Multiple Array Index Errors in Audible::Tag::readTag Function in Amarok 1.4.10 through 2.0.1 Arbitrary JavaScript Execution Vulnerabilities in Safari RSS Authentication Bypass Vulnerability in Apple Mac OS X 10.5.6 Server Manager Integer Overflow Vulnerability in Apple Mac OS X SMB Component Denial of Service Vulnerability in Apple Mac OS X SMB Component Insecure World-Writable Permissions in XTerm with Luit on Apple Mac OS X 10.4.11 and 10.5.6 Race condition in AFP Server in Apple Mac OS X 10.5.6 allows local users to cause a denial of service (infinite loop) via file enumeration logic vulnerability. iTunes Authentication Request Origin Spoofing Vulnerability Insecure Parsing of Set-Cookie Headers in CFNetwork Memory Corruption Vulnerability in CoreGraphics Buffer Overflow Vulnerabilities in JBIG2 Decoder Leading to Denial of Service Integer Overflow Vulnerabilities in JBIG2 Decoder Multiple Buffer Overflows in Cscope before 15.7a: Remote Code Execution Vulnerability Memory Corruption Vulnerability in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 Stack-based Buffer Overflow in Apple Mac OS X 10.5: Privilege Escalation via Crafted Sparse Disk Image Vulnerability: Bypassing Lock Screen with Multi-Touch Gestures in Apple Mac OS X 10.5 Inconsistent SSL Configuration in iChat for AIM Communication in Apple Mac OS X 10.5 before 10.5.7 ICU Unicode Conversion Vulnerability Heap-based Buffer Overflow in Apple Type Services (ATS) Allows Remote Code Execution Integer Underflow Vulnerability in CoreGraphics Denial of Service Vulnerability in Launch Services in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 Heap-based Buffer Overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 Stack-based Buffer Overflow in Telnet on Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 Stack-based Buffer Overflow in ntpq Cookedprint Function Memory Corruption Vulnerability in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 Misinterpretation of Invalid OCSP Response in OpenSSL::OCSP Module in Apple Mac OS X 10.5 before 10.5.7 Arbitrary Script Injection Vulnerability in Safari on Apple Mac OS X and Windows Integer Overflow and Heap-Based Buffer Overflow in CUPS TIFF Image Decoding Routines CUPS Web Interface DNS Rebinding Vulnerability Unspecified Impact Integer Overflow Vulnerability in Xpdf 3.02pl2 Uninitialized Memory Denial of Service Vulnerability in JBIG2 Decoder Denial of Service Vulnerability in lpadmin in Sun Solaris 10 and OpenSolaris Unspecified Denial of Service Vulnerability in ppdmgr in Sun Solaris 10 and OpenSolaris snv_61 through snv_106 Privilege Escalation Vulnerability in Sun Java System Access Manager 7.1 Vulnerability: Password Discovery and Unauthorized Resource Access in Sun Java System Access Manager Remote Root Login Vulnerability in Sun SPARC Enterprise M4000 and M5000 Servers Denial of Service Vulnerability in IBM DB2 8, 9.1, and 9.5 Denial of Service Vulnerability in IBM DB2 Server Vulnerability Title: Remote Code Execution via Stack-based Buffer Overflow in VUPlayer 2.49 Heap-based Buffer Overflow in MP3 TrackMaker 1.5: Remote Code Execution Vulnerability Heap-based Buffer Overflow Vulnerabilities in BlackBerry Enterprise Server (BES) and BlackBerry Unite! Denial of Service Vulnerability in VMware Workstation, Player, ACE, Server, and Fusion Unspecified Vulnerability in IBM Hardware Management Console (HMC) 7 Release 3.2.0 SP1 Denial of Service Vulnerability in libmikmod 3.1.11 through 3.2.0 Missing TCP Wrapper Support in Fedora Build Scripts for nfs-utils Buffer Overflow Vulnerability in VUPlayer Allows Arbitrary Code Execution via Long File Buffer Overflow in VUPlayer 2.49 and Earlier via Long URL in .pls File Remote Code Execution Vulnerability in Free Download Manager Buffer Overflow Vulnerabilities in Free Download Manager (FDM) Torrent Parsing Implementation Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability Heap-based buffer overflow in libsndfile 1.0.18 allows arbitrary code execution via crafted CAF audio file Stack-based Buffer Overflow in Orbit Downloader Sorenson 3 Video File Remote Code Execution Vulnerability in Apple QuickTime Arbitrary Code Execution via JBIG2 Symbol Dictionary Segment in Foxit Reader Stack-based buffer overflow in Novell eDirectory 8.8 SP3 and 8.8 SP3 FTF3 via crafted Accept-Language header in iMonitor component Adobe Acrobat Reader Heap-based Buffer Overflow in JBIG2 Symbol Dictionary Segment Parsing Improper Domain Locking Implementation in Garmin Communicator Plug-In 2.6.4.0 Remote Code Execution via Crafted JBIG2 Symbol Dictionary Segments in Xpdf and CUPS Heap-based Buffer Overflow in JBIG2 Decoding Library Allows Remote Code Execution Integer Overflow in FORMATS Plugin for IrfanView: Remote Code Execution and Denial of Service Heap-based Buffer Overflow in Adobe Reader and Acrobat JBIG2 Filter Heap-based Buffer Overflow in VMware Movie Decoder Heap-based Buffer Overflow in OpenOffice.org and StarOffice/StarSuite Word Document Parsing Heap-based Buffer Overflow in OpenOffice.org and StarOffice/StarSuite Heap-based Buffer Overflow in FL21WIN.DLL in PowerPoint Freelance Windows 2.1 Translator HP Select Access 6.1 and 6.2 Cross-Site Scripting (XSS) Vulnerability Unspecified Denial of Service Vulnerability in HP ONCplus NFS Unspecified Local Privilege Escalation Vulnerability in HP-UX with VERITAS Software Unspecified Remote Code Execution Vulnerability in HP Virtual Rooms Client Unencrypted Default Authentication Process in OSIsoft PI Server Buffer Overflow Vulnerability in AREVA e-terrahabitat MLF Application (PD28578) Unspecified Denial of Service Vulnerability in AREVA e-terrahabitat WebFGServer Application (PD32018) Unspecified Denial of Service Vulnerability in WebFGServer Application in AREVA e-terrahabitat 5.7 and Earlier (PD32020) Unspecified Denial of Service Vulnerability in NETIO Application in AREVA e-terrahabitat 5.7 and Earlier (PD32021) Unspecified Privilege Escalation Vulnerability in WebFGServer Application in AREVA e-terrahabitat 5.7 and Earlier (PD32022) Stack-based Buffer Overflow in IBM Access Support ActiveX Control in IbmEgath.dll Weak Client-Side Authentication in GE Fanuc iFIX 5.0 and Earlier HMAC Truncation Length Spoofing Vulnerability Insecure Method Vulnerability in Particle Software IntraLaunch Application Launcher ActiveX Control Uninitialized Pointer Vulnerability in BlackBerry Enterprise Server (BES) and BlackBerry Unite! Legacy File Format Vulnerability in PowerPoint 4.0 Importer Integer Overflow Vulnerability in Microsoft Office PowerPoint 2002 and 2003 Legacy File Format Vulnerability in Microsoft Office PowerPoint 2000, 2002, and 2003 Legacy File Format Vulnerability in Microsoft Office PowerPoint 2000, 2002, and 2003 Memory Corruption Vulnerability in Microsoft Office PowerPoint PP7 Memory Corruption Vulnerability in Microsoft Office PowerPoint 2002 SP3 PowerPoint Legacy File Format Vulnerability Legacy File Format Vulnerability in Microsoft Office PowerPoint 2000, 2002, and 2003 Buffer Overflow in Windows Print Spooler Service (win32spl.dll) Allows Remote Code Execution Print Spooler Read File Vulnerability Print Spooler Load Library Vulnerability Embedded OpenType Font Heap Overflow Vulnerability Embedded OpenType Font Engine Integer Overflow Vulnerability DNS Server Query Validation Vulnerability DNS Server Response Validation Vulnerability WordPad Word 97 Text Converter Stack Overflow Vulnerability Cross-Site Scripting (XSS) Vulnerability in Microsoft Forefront Threat Management Gateway and ISA Server Arbitrary Code Execution Vulnerability in Microsoft Office Excel Windows Search 4.0 Cross-Site Scripting (XSS) Vulnerability Unauthorized Access to Restricted Project Changelogs and Diffs in WebSVN Stack-based Buffer Overflow in Ganglia 3.1.1's gmetad Process_Path Function Microsoft Windows Autorun and NoDriveTypeAutoRun Registry Values Vulnerability Directory Traversal Vulnerability in Microsoft Bluetooth Stack in Windows Mobile Unspecified Cross-Site Scripting (XSS) Vulnerability in Usagi Project MyNETS 1.2.0.1 and Earlier Arbitrary Code Execution Vulnerability in easyHDR PRO 1.60.2 via Invalid Radiance RGBE File Cross-Site Scripting (XSS) Vulnerability in 53KF Web IM 2009 Home, Professional, and Enterprise Editions Arbitrary Web Script Injection Vulnerability in Katy Whitton RankEm's rankup.asp Insufficient Access Control Allows Remote Download of Sensitive Database Insecure Storage of Sensitive Information in Ryneezy phoSheezy 0.2 Static Code Injection Vulnerability in admin.php in Ryneezy phoSheezy 0.2 SQL Injection Vulnerabilities in Enthrallweb eReservations Default.asp Clickjacking Vulnerability in Mozilla Firefox 3.0.5 Arbitrary Code Execution Vulnerability in easyHDR PRO 1.60.2 via Invalid FITS File Insufficiently Random Seed in TYPO3 System Extension Install Tool Session Fixation Vulnerability in TYPO3 Authentication Library Multiple Cross-Site Scripting (XSS) Vulnerabilities in TYPO3 4.x.x Arbitrary Command Execution in TYPO3 Indexed Search Engine Remote Code Execution and Denial of Service Vulnerability in OpenOffice.org Word Processor Arbitrary Web Script Injection in MoinMoin AttachFile.py Arbitrary Code Execution Vulnerability in EffectMatrix Total Video Player 1.31 Stack-based Buffer Overflow in Triologic Media Player 7 and 8.0.0.0 via Long String in .m3u Playlist File Buffer Overflow Vulnerabilities in Winamp 5.541 and Earlier Buffer Overflow Vulnerability in Fujitsu SystemcastWizard Lite 2.0A and Earlier Vulnerability: Improper Validation of SSL/TLS Certificate Chain in ISC BIND 9.6.0 and Earlier Stack-based Buffer Overflow in Triologic Media Player 8.0.0.0 via Long String in .m3l Playlist File Denial of Service Vulnerability in libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100 Race condition in pseudo-terminal driver module in Solaris and OpenSolaris allows denial of service Denial of Service and Memory Corruption Vulnerability in eCryptfs Subsystem Remote Code Execution Vulnerability in Fujitsu SystemcastWizard Lite 2.0A and Earlier Fujitsu SystemcastWizard Lite TFTP Service Directory Traversal Vulnerability CSRF Vulnerability in Novell GroupWise WebAccess Allows Unauthorized Configuration Modifications Multiple Cross-Site Scripting (XSS) Vulnerabilities in Novell GroupWise WebAccess Unspecified vulnerability in Novell GroupWise WebAccess allows remote information disclosure Static Code Injection Vulnerability in admin.php in Ryneezy phoSheezy 0.2 Cross-domain vulnerability in V8 JavaScript engine in Google Chrome before 1.0.154.46 Unspecified Denial of Service Vulnerability in OpenSolaris Kernel on Sun UltraSPARC T2 and T2+ Platforms Information Disclosure Vulnerability in Sun Java System Application Server (AS) 8.1 and 8.2 SQL Injection Vulnerability in comentar.php in Pardal CMS 0.2.0 and Earlier Authentication Bypass Vulnerability in Asp Project Management 1.0 SQL Injection Vulnerability in Login.aspx in WarHound Walking Club Integer Overflow Vulnerability in Ralink Technology USB Wireless Adapter (RT73) and Other Wireless Card Drivers Oblog err.asp Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Flax Article Manager 1.1: Remote Code Execution via cat_id Parameter in category.php Arbitrary Web Script Injection Vulnerability in BBSXP 5.13 and Earlier OpenGoo 1.1 Directory Traversal Vulnerability SQL Injection Vulnerability in patUser.php in KEEP Toolkit 2.5.1 and earlier Directory Traversal Vulnerability in k23productions TFTPUtil GUI 1.2.0 and 1.3.0 Denial of Service Vulnerability in k23productions TFTPUtil GUI 1.2.0 and 1.3.0 Directory Traversal Vulnerability in SIR GNUBoard 4.31.03 Allows Remote File Inclusion and Possible Remote Code Execution Arbitrary File Inclusion Vulnerability in OpenX 2.6.3 Arbitrary SQL Command Execution in SHOP-INET 4 via show_cat2.php SQL Injection Vulnerability in Wazzum Dating Software's profile_view.php Multiple PHP Remote File Inclusion Vulnerabilities in WB News 2.0.1 SQL Injection Vulnerability in ITLPoll 2.7 Stable 2 SQL Injection Vulnerability in shop_display_products.php in Script Toko Online 5.01 SQL Injection Vulnerability in ClickAuction's login_check.asp MW6 Technologies Barcode ActiveX Control Heap-Based Buffer Overflow Vulnerability SQL Injection Vulnerability in Groone GLinks 2.1 index.php Arbitrary File Creation and Overwrite Vulnerabilities in FlexCell.Grid ActiveX Control SQL Injection Vulnerability in PHP-Nuke Downloads Module Arbitrary Script Injection in Web Help Desk before 9.1.18 Denial of Service Vulnerability in Sun Solaris and OpenSolaris Stack-based Buffer Overflow in BlackBerry Application Web Loader ActiveX Control Buffer Overflow in BlackBerry Desktop Manager Allows Remote Code Execution XSS Vulnerability in Customize Statistics Page of BlackBerry Enterprise Server Buffer Overflow Vulnerability in SUSE blinux: Unknown Impact and Attack Vectors Arbitrary Code Execution Vulnerability in EMC AutoStart Arbitrary Web Script Injection in MoinMoin Antispam Feature Arbitrary File Overwrite Vulnerability in winetricks (before 20081223) Untrusted Search Path Vulnerability in gedit Python Module Allows Arbitrary Code Execution (CVE-2008-5983) Untrusted Search Path Vulnerability in Python Module in XChat (CVE-2008-5983) Untrusted Search Path Vulnerability in Python Interface in Vim Untrusted Search Path Vulnerability in Nautilus-Python Allows Arbitrary Code Execution (CVE-2008-5983) GObject Python Interpreter Wrapper Untrusted Search Path Vulnerability Unspecified vulnerability in autofs module in Sun Solaris and OpenSolaris allows privilege escalation and denial of service I/O Activity Measurement Exposure Vulnerability in Microsoft Windows Denial of Service Vulnerability in Apple Safari 3.2.1 on Windows Denial of Service Vulnerability in Dell RBU Driver Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 Multiple SQL Injection Vulnerabilities in BibCiter 1.4 Arbitrary File Read Vulnerability in Ninja Blog 4.8 SQL Injection Vulnerability in Dark Age CMS 0.2c Beta Login Page SQL Injection Vulnerability in Free Bible Search PHP Script 1.0 Insufficient Access Control in ROBS-PROJECTS Digital Sales IPN Allows Unauthorized Database Access SQL Injection Vulnerability in PcCookBook Component for Joomla! Arbitrary File Inclusion Vulnerability in SCMS 1 index.php Directory Traversal Vulnerability in Enhanced Simple PHP Gallery (ESPG) 1.72 Multiple SQL Injection Vulnerabilities in AV Book Library SQL Injection Vulnerability in WebAmoeba Ticket System Component for Joomla! SQL Injection Vulnerability in Katy Whitton BlogIt! Arbitrary Script Injection Vulnerability in Katy Whitton BlogIt! Insecure Storage of Sensitive Information in Katy Whitton BlogIt! SQL Injection Vulnerability in Katy Whitton BlogIt! DMXReady Blog Manager Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in DMXReady Blog Manager Directory Traversal Vulnerabilities in Simple PHP Newsletter 1.5 Remote Code Execution Vulnerability in Internet Explorer 7.0 on Windows XP SP3 Bypassing Access Restrictions in Niels Provos Systrace on x86_64 Linux Platform Race condition vulnerability in Niels Provos Systrace 1.6f and earlier on x86_64 Linux platform allows local users to bypass access restrictions through 32-bit syscalls. Unspecified Remote Access Vulnerability in Sun Fire X2100 M2 and X2200 M2 ELOM Unspecified Remote Access Vulnerability in Sun Fire X2100 M2 and X2200 M2 ELOM Denial of Service Vulnerability in Solaris and OpenSolaris IP-in-IP Packet Processing Open Redirect Vulnerability in Autonomy Ultraseek Search Engine User Enumeration Vulnerability in Sun Java System Access Manager FTPShell Server 4.3 Stack-Based Buffer Overflow Vulnerability Stack-based Buffer Overflow in Merak Media Player 3.2 via Long String in .m3u Playlist File Stack-based Buffer Overflow in WinFTP 2.3.0 Allows Remote Code Execution Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Memory Corruption and Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-domain vulnerability in Mozilla Firefox 3.x allows bypass of Same Origin Policy and enables cross-site scripting attacks Arbitrary File Reading Vulnerability in Mozilla Firefox Arbitrary Code Execution via .desktop Files in Mozilla Firefox and SeaMonkey Improper Restriction of Access to Cookies in Mozilla Firefox and SeaMonkey Sensitive Information Disclosure in Mozilla Firefox 3.x Cross-Site Scripting (XSS) Vulnerabilities in Samizdat before 0.6.2 Privilege Escalation via Uninitialized Kerberos Libraries in pam-krb5 Privilege Escalation via pam_setcred in pam-krb5 Incorrect Regular Expression in Fail2ban 0.8.3 Allows Denial of Service via Crafted DNS Name Entry Multiple Buffer Overflows in BarnOwl and Owl: Remote Code Execution Vulnerabilities Arbitrary Code Execution via Format String Vulnerability in Citadel.org WebCit 7.22 and Earlier Versions Incorrect Deny Setting in nm-applet.conf Allows Local Users to Discover Network Connection Passwords and Pre-Shared Keys Denial of Service Vulnerability in Wesnoth's uncompress_buffer Function Remote Code Execution Vulnerability in Python AI Module of Wesnoth 1.4.x and 1.5 before 1.5.11 Bypassing PIN Requirements and Reading Private Data Objects in OpenSC Clickjacking Vulnerability in Microsoft Internet Explorer 7 Unspecified Local File Append Vulnerabilities in IBM AIX Arbitrary File Inclusion Vulnerability in SiteXS CMS 0.1.1 and Earlier Arbitrary Code Execution via Unrestricted File Upload in Miltenovik Manojlo MemHT Portal 4.0.1 and Earlier SQL Injection Vulnerability in ElearningForce Flash Magazine Deluxe Component for Joomla! Clickjacking Vulnerability in Google Chrome 1.0.154.43 Buffer Overflow Vulnerability in RealPlayer and Helix Player Heap-based Buffer Overflow in RealPlayer DLL Allows Remote Code Execution SQL Injection Vulnerability in Beamospetition Component for Joomla! 1.0.12 Arbitrary Web Script Injection Vulnerability in Joomla! Beamospetition Component SQL Injection Vulnerability in Prince Clan Chess Club Component for Joomla! SQL Injection Vulnerability in SOBI2 RC 2.8.2 Component for Joomla! and Mambo SQL Injection Vulnerability in BazaarBuilder Ecommerce Shopping Cart (com_prod) 5.0 Component for Joomla! Unspecified Access Bypass Vulnerability in Internationalization (i18n) Translation Module for Drupal Arbitrary Blog Post Deletion Vulnerability in Max.Blog 1.0.6 SQL Injection Vulnerability in OwnRS CMS 1.2 autor.php Allows Remote Code Execution Integer Signedness Error in FFmpeg Allows Remote Code Execution via Malformed 4X Movie File Heap-based buffer overflow in qtdemux_parse_samples function in GStreamer Good Plug-ins 0.10.9-0.10.11 Array index error in qtdemux_parse_samples function in GStreamer Good Plug-ins 0.10.9-0.10.11: Remote code execution and denial of service vulnerability in QuickTime media .mov file parsing Remote Code Execution Vulnerability in UltraVNC and TightVnc Multiple Insecure Method Vulnerabilities in WOW ActiveX 2 Argument Injection Vulnerability in Enomaly Elastic Computing Platform (ECP) Allows Arbitrary Process Signal Manipulation Arbitrary File Read Vulnerability in IBM WebSphere Application Server (WAS) 6.0.1 on z/OS Directory Traversal Vulnerability in Motorola Wimax Modem CPEi300's sysconf.cgi Arbitrary Web Script Injection Vulnerability in Motorola Wimax Modem CPEi300 SQL Injection Vulnerability in login.php in Pre Lecture Exercises (PLEs) CMS 1.0 beta 4.2 SQL Injection Vulnerability in NetArt Media Car Portal 1.0 Login Feature Denial of Service Vulnerability in Sony Ericsson W910i and Other Phones Heap-based buffer overflow in qtdemux_parse_samples function in GStreamer Good Plug-ins and GStreamer Plug-ins Array Index Error in gst_qtp_trak_handler Function in GStreamer Plug-ins 0.6.0 Remote Code Execution in Chipmunk Blogger Script via Improper Installation SQL Injection Vulnerability in SocialEngine 3.06 Trial's blog.php Allows Remote Code Execution SQL Injection Vulnerability in E-Php CMS browsecats.php SQL Injection Vulnerability in Domain Technologie Control (DTC) before 0.29.16 in client/new_account.php SQL Injection Vulnerability in Chipmunk Blogger Script's admin/authenticate.php Cross-Site Scripting (XSS) Vulnerabilities in Bioinformatics htmLawed 1.1.3 and 1.1.4 SQL Injection Vulnerability in smartSite CMS 1.0 Allows Remote Code Execution via articles.php Arbitrary SQL Command Execution in Community CMS 0.4 and Earlier via index.php Arbitrary SQL Command Execution in PHP-CMS Project 1's admin/login.php CSRF Vulnerability in osCommerce 2.2 RC 2a Allows Remote Administrator Authentication Hijacking Arbitrary SQL Command Execution in Max.Blog 1.0.6 and Earlier Buffer Overflow Vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 Improper Restriction of Access to Set-Cookie Headers in Google Chrome Authentication Bypass Vulnerability in Interspire Shopping Cart (ISC) 4.0.1 Ultimate Edition Arbitrary Web Script Injection via Background Attribute in RoundCube Webmail Unspecified Heap Corruption Vulnerability in Tor before 0.2.0.33 Trickle 1.07 Local Code Execution Vulnerability Local Privilege Escalation via Symlink Attack in SBLIM SFCB SSL Certificate Setup Program AgaviWebRouting::gen(null) Cross-Site Scripting (XSS) Vulnerability HP-UX IPv6 Neighbor Discovery Protocol (NDP) Implementation Vulnerability Improper Restriction of Access to Cookies via XMLHttpRequest Calls SQL Injection Vulnerability in RD-Autos (com_rdautos) 1.5.5 Stable Component for Joomla! Arbitrary SQL Command Execution in Joomla! Eventing Component (com_eventing) 1.6.x Arbitrary Local File Inclusion Vulnerability in phpList 2.10.8 and Earlier Directory Traversal Vulnerability in Php Photo Album (PHPPA) 0.8 BETA Cross-Site Scripting (XSS) Vulnerability in AN Guestbook (ANG) 0.7.7 SQL Injection Vulnerability in Blue Eye CMS 1.0.0 and Earlier: Remote Code Execution via clanek Parameter SQL Injection Vulnerability in DMXReady Classified Listings Manager SQL Injection Vulnerability in DMXReady Member Directory Manager 1.1 and Earlier SQL Injection Vulnerability in DMXReady Secure Document Library 1.1 and Earlier: Remote Code Execution via cid Parameter Multiple SQL Injection Vulnerabilities in Active Bids Active Bids Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerability in Default.asp in LinksPro Standard Edition Unsecured Installation Process in IBM WebSphere Application Server Allows Information Disclosure Denial of Service Vulnerability in IBM WebSphere Application Server Information Disclosure in PerfServlet in IBM WebSphere Application Server Denial of Service Vulnerability in IBM WebSphere Application Server Incorrect Permissions for AF_UNIX Sockets in IBM HTTP Server and WebSphere Application Server Sensitive Information Disclosure in IBM WebSphere Application Server (WAS) 6.0.2 Installation Logs Bypassing Authorization Checking in IBM WebSphere Application Server (WAS) 7 on Windows Privilege Escalation Vulnerability in IBM WebSphere MQ Failure of Signature Verification in IBM WebSphere Partner Gateway (WPG) 6.0.0 through 6.0.0.7 Remote File Inclusion Vulnerability in TECHNOTE 7.2 Allows Arbitrary PHP Code Execution Arbitrary File Inclusion Vulnerability in PHPbbBook 1.3 and 1.3h Elecard AVC HD PLAYER 5.5.90116 M3U File Stack-based Buffer Overflow Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in GRBoard 1.8 SQL Injection Vulnerability in Dreampics Gallery Builder SQL Injection Vulnerability in photo.php in WEBalbum 2.4b SQL Injection Vulnerabilities in MyDesign Sayac 2.0 Default.asp Arbitrary File Inclusion Vulnerability in Syntax Desktop 2.7 Privilege Escalation via Buffer Overflow in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 BlazeVideo HDTV Player 3.5 Stack-Based Buffer Overflow Vulnerability SQL Injection Vulnerability in Skalfa SkaLinks 1.5: Remote Code Execution via Admin Name Field SQL Injection Vulnerabilities in Online Grades 3.2.4 Login System Information Disclosure Vulnerability in Online Grades 3.2.4 SQL Injection Vulnerabilities in DMXReady Online Notebook Manager 1.1 Cross-site scripting (XSS) vulnerability in glFusion allows remote attackers to inject arbitrary web script or HTML via the username parameter in anonymous comments. Remote File Inclusion Vulnerability in patForms Allows Arbitrary PHP Code Execution Multiple Directory Traversal Vulnerabilities in AJA Portal 1.2 SQL Injection Vulnerabilities in Whole Hog Ware Support 1.x SQL Injection Vulnerabilities in Whole Hog Password Protect: Enhanced 1.x Authentication Bypass Vulnerability in Whole Hog Ware Support 1.x Bypassing Authentication and Gaining Administrative Access in Whole Hog Password Protect: Enhanced 1.x Multiple SQL Injection Vulnerabilities in ClickTech ClickCart 6.0 Groone GLinks 2.1 - Remote File Inclusion Vulnerability in includes/header.php Groone GBook 2.0 PHP Remote File Inclusion Vulnerability in includes/header.php Arbitrary File Overwrite Vulnerability in Synactis ALL In-The-Box ActiveX 3 Vivvo CMS 404 Page Not Found XSS Vulnerability Arbitrary Web Script Injection Vulnerability in Profense Web Application Firewall CSRF Vulnerabilities in Profense Web Application Firewall 2.6.2 and 2.6.3 Allow Remote Authentication Hijacking Unspecified Remote Code Execution Vulnerability in futomi's CGI Cafe Fulltext search CGI 1.1.2 Cisco IOS 12.4(23) Multiple Cross-Site Scripting (XSS) Vulnerabilities Cisco IOS 12.4(23) HTTP Server Cross-Site Request Forgery (CSRF) Arbitrary Command Execution Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module Open Redirect Vulnerability in Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module Information Disclosure Vulnerability in Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module Huffman Decoding Integer Underflow Vulnerability in OpenCORE 2.0 Stack-based Buffer Overflow in MultiMedia Soft AdjMmsEng.dll Privilege Escalation Vulnerability in Sun OpenSolaris Process Filesystem Denial of Service Vulnerability in Squid HTTP Proxy SQL Injection Vulnerabilities in Online Grades 3.2.4 Improper Arena Allocation in Solaris IP Implementation: Denial of Service Vulnerability Cross-Site Scripting (XSS) Vulnerability in Bugzilla Bugzilla CSRF Vulnerability CSRF vulnerability in Bugzilla allows remote deletion of keywords and user preferences Bugzilla CSRF Vulnerability Allows Remote Deletion of Shared or Saved Searches Bugzilla CSRF Vulnerability: Unauthorized Deletion of Flag Types Insecure Random Token Generation in Bugzilla 3.2.1, 3.0.7, and 3.3.2 under mod_perl Mahara 1.0.9 XSS Vulnerability in Forum Post Injection Phorum XSS Vulnerability in Version 5.2.10 and Earlier Arbitrary User Ownership Vulnerability in Wicd DBus Configuration Stack-based Buffer Overflow in String_parse::get_nonspace_quoted function in Audacity 1.2.6 and earlier versions before 1.3.6 Elecard MPEG Player 5.5 Build 15884.081218 Stack-Based Buffer Overflow Vulnerability Unspecified Auth Vulnerability in SimpleIrcBot before 1.0 Stable SQL Injection Vulnerability in IT!CMS 2.1a and Earlier: Remote Code Execution via Username Field in login.php SQL Injection Vulnerability in Portfol (com_portfol) 1.2 Component for Joomla! Remote File Inclusion Vulnerability in REALTOR 747 4.11 via INC_DIR Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ignite Realtime Openfire 3.6.2 Ignite Realtime Openfire 3.6.2 Log.jsp Directory Traversal Vulnerability Insufficient Access Control in Virtual GuestBook (vgbook) 2.1 Allows Unauthorized Database Download CSRF vulnerability allows unauthorized deletion of forum posts in Moodle Arbitrary Web Script Injection in Moodle Log Report Unspecified vulnerability in Moodle Calendar Export Feature Allows Information Disclosure and Brute Force Attacks Cross-site scripting (XSS) vulnerability in Snoopy 1.2.3 in Moodle versions 1.6 to 1.9.4 Sensitive Information Disclosure in IBM WebSphere Message Broker 6.1.x Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) 7.0.x Forcepurge Handling Delay Vulnerability in IBM TXSeries for Multiplatforms 6.2 GA Unspecified vulnerability in IBM WebSphere Application Server (WAS) 5.1 and 6.0.2 before 6.0.2.33 on z/OS with CSIv2 Identity Assertion enabled and EJB interaction Improper Restriction of Configuration Data in IBM WebSphere Process Server Arbitrary File Read Vulnerability in IBM WebSphere Application Server Adobe Reader and Acrobat JBIG2 Filter Heap-Based Buffer Overflow Vulnerability Heap-based Buffer Overflow in JBIG2 Filter in Adobe Reader and Acrobat Heap-based Buffer Overflow in JBIG2 Filter in Adobe Reader and Acrobat Heap-based Buffer Overflow in JBIG2 Filter in Adobe Reader and Acrobat PHP Remote File Inclusion Vulnerabilities in WebFrame 0.76 WebFrame 0.76 Multiple Directory Traversal Vulnerabilities Directory Traversal Vulnerability in Yet Another NOCC (YANOCC) 0.1.0 and Earlier Arbitrary SQL Command Execution in BusinessSpace Classified Page Eval Injection Vulnerability in phpSlash 0.8.1.1 and Earlier: Remote Code Execution via index.php Password Retention Vulnerability in VMware VirtualCenter and ESX Servers Adobe Flash Player Remote Code Execution Vulnerability Buffer Overflow Vulnerability in Adobe Flash Player 9.x and 10.x Untrusted Search Path Vulnerability in Adobe Flash Player on Linux Clickjacking Vulnerability in Adobe Flash Player Adobe RoboHelp Server 6 and 7 Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection Vulnerability in Adobe RoboHelp and RoboHelp Server Cross-site scripting (XSS) vulnerability in Sajax 0.12 in sajax_get_common_js function Multiple Cross-Site Scripting (XSS) Vulnerabilities in AdaptCMS Lite 1.4 AdaptCMS Lite 1.4 - Remote File Inclusion Vulnerability in rss_importer_functions.php SQL Injection Vulnerability in Rhadrix If-CMS 2.07 and Earlier: Remote Code Execution via frame.php Arbitrary Code Injection via Language Parameter in SnippetMaster Webpage Editor 2.2.2 PHP Remote File Inclusion Vulnerabilities in SnippetMaster 2.2.2 with Enabled Register Globals SQL Injection Vulnerability in A Better Member-Based ASP Photo Gallery Unspecified Cross-Site Scripting (XSS) Vulnerability in password.php in Scripts For Sites (SFS) EZ Baby Cross-Site Scripting (XSS) Vulnerability in EZ Reminder's password.php FlexCMS SQL Injection Vulnerability in catId Parameter Arbitrary File Read Vulnerability in Thyme 1.3 and Earlier Privilege Escalation Vulnerability in bos.rte.cron on IBM AIX 5.2.0, 5.3.0 through 5.3.9, and 6.1.0 through 6.1.2 Integer Overflow Vulnerability in fts_build Function in libc Format String Vulnerability in Symantec pcAnywhere Allows Arbitrary Memory Access and Denial of Service Libero 5.3 SP5 XSS Vulnerability in Search Term Field Multiple Cross-Site Scripting (XSS) Vulnerabilities in Magento 1.2.0 and 1.2.1.1 SQL Injection Vulnerability in ProFTPD Server 1.3.1 through 1.3.2rc2 Bypassing SQL Injection Protection in ProFTPD Server 1.3.1 with NLS Support Buffer Overflow Vulnerability in PyCrypto ARC2 Module 2.0.1 Arbitrary Command Execution in ZeroShell 1.0beta11 and Earlier via NoAuthREQ x509List Action NewsGator FeedDemon 2.7 Stack-Based Buffer Overflow Vulnerability Vulnerability: Signature Spoofing in Evolution 2.22.3.1 Arbitrary Code Injection through XSS in ESET Remote Administrator Record Pointer Corruption Vulnerability in Microsoft Office Excel Windows HTTP Services Credential Reflection Vulnerability Page Transition Memory Corruption Vulnerability in Microsoft Internet Explorer 6 and 7 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer Windows Media Runtime Voice Sample Rate Vulnerability PowerPoint Memory Corruption Vulnerability Object Record Corruption Vulnerability in Microsoft Excel Array Indexing Memory Corruption Vulnerability in Excel String Copy Stack-Based Overrun Vulnerability in Excel Field Sanitization Memory Corruption Vulnerability in Microsoft Excel Record Integer Overflow Vulnerability in Microsoft Excel Office Web Components Memory Allocation Vulnerability Word Buffer Overflow Vulnerability in Multiple Microsoft Office Versions Remote Code Execution Vulnerability in Microsoft Office Word Pointer Dereference Vulnerability in Microsoft Office Publisher 2007 SP1 RPC Marshalling Engine Vulnerability Remote Code Execution Vulnerability in Becky! Internet Mail 2.48.02 and Earlier Directory Traversal Vulnerability in Ninja Designs Mailist 3.0 Insufficient Access Control in Ninja Designs Mailist 3.0 Allows Unauthorized Access to Sensitive Information Remote File Inclusion Vulnerability in FlatnuX CMS (Flatnuke3) 2009-01-27 and 2009-02-04 Multiple Cross-Site Scripting (XSS) Vulnerabilities in FotoWeb 6.0 (Build 273) SQL Injection Vulnerability in Easy CafeEngine index.php Cross-site scripting (XSS) vulnerability in theme_views_bulk_operations_confirmation function in Views Bulk Operations module in Drupal Denial of Service Vulnerability in Sun Java System Directory Server 5.2 p6 and Earlier Integer Overflow in WriteProlog Function in CUPS 1.1.17 on Red Hat Enterprise Linux (RHEL) 3 Privilege Escalation in GNOME NetworkManager via Unverified DBus Requests Bypassing Minimum Password Age in Linux-PAM User Enumeration Vulnerability in Apache Tomcat Memory Leak Vulnerability in LittleCMS (lcms/liblcms) Prior to 1.18beta2 NTLM SASL Authentication Length Validation Vulnerability Multiple Integer Overflows in ICC Format Library: Denial of Service and Arbitrary Code Execution Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in ICC Format Library Arbitrary Code Execution via Integer Overflow in libsoup's soup_base64_encode Function Arbitrary Code Execution via Integer Overflow in gst_vorbis_tag_add_coverart Function Arbitrary Code Execution Vulnerability in Evolution Data Server Arbitrary Agent Group Approval Vulnerability in Red Hat Certificate System Denial of Service Vulnerability in OpenSSL's ASN1_STRING_print_ex Function Vulnerability: Repudiation of Valid Signatures in OpenSSL CMS_verify Function Multiple Directory Traversal Vulnerabilities in PNphpBB2 1.2i and Earlier SQL Injection Vulnerability in plx Auto Reminder 3.7: Remote Code Execution via members.php Arbitrary Web Script Injection via PATH_INFO in phpSkelSite 1.4 Arbitrary PHP Code Execution via Remote File Inclusion in phpSkelSite 1.4 Arbitrary File Inclusion Vulnerability in phpSkelSite 1.4 SQL Injection Vulnerability in w3b>cms (aka w3blabor CMS) Allows Remote Code Execution SQL Injection Vulnerability in PhpMesFilms 1.0 and 1.8: Remote Code Execution via id Parameter Buffer Overflow Vulnerability in Wireshark's wiretap/netscreen.c Denial of Service Vulnerability in Wireshark 0.99.6 through 1.0.5 via Crafted Tektronix K12 Text Capture File Format String Vulnerability in Wireshark 0.99.8 through 1.0.5 on Non-Windows Platforms Arbitrary Code Execution via Unrestricted File Upload in WikkiTikkiTavi 1.11 Arbitrary Script Injection in Link Module for Drupal 5.x-2.5 Arbitrary SQL Command Execution in PHP Director 0.21 and Earlier Stack Consumption Vulnerability in Linux Kernel's do_page_fault Function Arbitrary File Creation Vulnerability in Android Dynamic Linker Integer overflows in malloc_leak.c in Bionic in Android 1.0: Unknown Impact and Attack Vectors Integer Overflow and Buffer Overflow Vulnerability in Android liblog Denial of Service Vulnerability in Sun Java System Directory Proxy Server Multiple Static Code Injection Vulnerabilities in Simple PHP News 1.0 Final Multiple Cross-Site Scripting (XSS) Vulnerabilities in QuickFinder Server in Novell Open Enterprise Server 1.x Proxy-Authorization Header Leakage in Trend Micro InterScan Web Security Remote authenticated users can bypass permission settings and modify system configuration in Trend Micro InterScan Web Security Suite (IWSS) 3.1 before build 1237 Authentication Bypass Vulnerability in Cisco Unified MeetingPlace Web Conferencing Directory Traversal Vulnerability in Cisco Application Networking Manager (ANM) and ACE Device Manager Default User Credentials Vulnerability in Cisco Application Networking Manager (ANM) Default MySQL Root Password Vulnerability in Cisco Application Networking Manager (ANM) Privilege Escalation and Denial of Service Vulnerability in Cisco Application Networking Manager (ANM) Denial of Service Vulnerability in Cisco 7600 Series Routers Default Usernames and Passwords in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers Default Usernames and Passwords in Cisco ACE 4710 Application Control Engine Appliance Remote Command Execution Vulnerability in Cisco ACE Application Control Engine Module and ACE 4710 Appliance Denial of Service Vulnerability in Cisco ACE Application Control Engine Module and ACE 4710 Appliance Denial of Service Vulnerability in Cisco ACE Application Control Engine Module and ACE 4710 Appliance Denial of Service Vulnerability in Cisco ACE Application Control Engine Module and ACE 4710 Appliance Denial of Service Vulnerability in Cisco IOS SSLVPN Feature Denial of Service Vulnerability in Cisco NX-OS on Nexus 5000 Platforms Cisco IOS SSLVPN Memory Leak Vulnerability Denial of Service Vulnerability in Cisco IOS 12.2 and 12.4 Denial of Service Vulnerability in Cisco Unified Communications Manager Express, SIP Gateway, and Cisco IOS Denial of Service Vulnerability in Cisco IOS 12.0 through 12.4 Cleartext Transmission of Privileged Credentials in Cisco Unified Communications Manager Denial of Service Vulnerabilities in Cisco IOS Mobile IP NAT Traversal and Mobile IPv6 Subsystem (CSCsm97220) Unspecified Denial of Service Vulnerabilities in Cisco IOS Home Agent Implementation Cisco IOS 12.4 cTCP Encapsulation Memory Leak Vulnerability Cisco IOS SIP Denial of Service Vulnerability SCP Server File Transfer Vulnerability Denial of Service Vulnerability in Cisco Firewall Services Module (FWSM) Remote File Inclusion Vulnerability in phpyabs 0.1.2: Arbitrary PHP Code Execution Swann DVR4-SecuraNet Administrative Web Server Directory Traversal Vulnerability Remote Code Execution Vulnerability in FreeBSD 7.x Telnetd Improper Return Value Check in OCSP Verification in Ruby 1.8 and 1.9 Arbitrary PHP Code Execution via Static Code Injection in Simple PHP News 1.0 final Default Administrative Credentials in Swann DVR4-SecuraNet HTTP Interface Directory Traversal Vulnerability in Jaws 0.8.8 index.php Multiple SQL Injection Vulnerabilities in 4Site CMS 2.6 and Earlier Denial of Service Vulnerability in Windows Live Messenger 2009 Cross-Site Request Forgery (CSRF) Vulnerabilities in Falt4 CMS RC4 Allow Password Hijacking Denial of Service Vulnerability in Symbian OS Web Browser on Nokia N95 Stack-based Buffer Overflow in GetStatsFromLine Function in TPTEST 3.1.7 and Earlier: Remote Code Execution Vulnerability Unspecified Remote Code Execution Vulnerability in Veritas NetBackup Server IDN Homograph Phishing Vulnerability OpenSSL Vulnerability: Man-in-the-Middle Attack via Spoofed Certificates End-to-End Correlation Attack in Tor 0.2.0.28 and Earlier Versions Lenovo Veriface III Vulnerability: Unauthorized Windows Account Access via Plain Image Asus SmartLogon 1.0.0005 Image Spoofing Vulnerability Toshiba Face Recognition 2.0.2.32 Vulnerability: Unauthorized Notebook Access via Image Manipulation Adobe Reader and Acrobat Buffer Overflow Vulnerability Stack-based Buffer Overflow in GetStatsFromLine Function in TPTEST 3.1.7 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mahara 1.0 and 1.1 Out-of-Bounds Read Denial of Service Vulnerability in WeeChat 0.2.6 Arbitrary User Identity Acquisition Vulnerability in PlonePAS Heap-based Buffer Overflow in DBD::Pg Perl Module Cross-Site Scripting (XSS) Vulnerabilities in Mahara 1.0.x and 1.1.x Untrusted Search Path Vulnerability in OCS Inventory Agent/Backend.pm Arbitrary Code Execution Vulnerability in Zope Object Database (ZODB) ZODB Authentication Bypass via ZEO Network Protocol SQL Injection Vulnerability in Resend_Email Module in RavenNuke 2.30 Eval Injection Vulnerability in Custom Fields Feature of RavenNuke 2.30 File Path Disclosure Vulnerability in RavenNuke 2.30 Inverted Logic Vulnerability in skfp_ioctl Function Uninitialized Structure Member Vulnerability in sock_getsockopt Function Arbitrary Code Execution in RavenNuke 2.30 via avatarlist.php Information Disclosure Vulnerability in RavenNuke 2.30 via Invalid aFonts Array Parameter Arbitrary Script Injection in RavenNuke 2.30 Your Account Module Denial of Service Vulnerability in Netgear SSL312 Web Interface Denial of Service and Arbitrary Code Execution Vulnerabilities in PGP Desktop Denial of Service Vulnerability in vetmonnt.sys in CA Internet Security Suite r3, r4, and r5 Privilege Escalation via Crafted IRP in TrendMicro Activity Monitor Module Remote Denial of Service Vulnerability in OpenBSD Packet Filter (PF) Buffer Overflow Vulnerabilities in CMU Cyrus SASL Library Heap-based buffer overflow in libc's dtoa implementation in dtoa.c and gdtoa implementation in gdtoa/misc.c allows remote attackers to execute arbitrary code or cause a denial of service via a large precision value in the format argument to a printf function. Denial of Service and Remote Code Execution Vulnerability in Foxit Reader Memory Corruption and Remote Code Execution Vulnerability in Foxit Reader Remote Code Execution via Crafted Subnet-Mask Option in ISC DHCP dhclient Buffer Overflow Vulnerabilities in Wyse Device Manager (WDM) 4.7.x Unauthenticated Remote Management Access in Wyse Device Manager (WDM) 4.7.x Remote Denial of Service Vulnerability in BIND DNS Server Integer Overflow in 4xm Demuxer in xine-lib 1.1.16.1 Cross-Site Scripting (XSS) Vulnerability in Plunet BusinessManager 4.1 and Earlier Remote Access Vulnerability in Plunet BusinessManager 4.1 and Earlier PHP Remote File Inclusion Vulnerabilities in Cybershade CMS 0.2b with Enabled Register Globals SQL Injection Vulnerability in Phoca Documentation Component for Joomla! Arbitrary SQL Command Execution in ASPThai.Net Webboard 6.0 via bview.asp SQL Injection Vulnerability in WSN Guest 1.23's search.php Allows Remote Code Execution Arbitrary SQL Command Execution in PowerScripts PowerNews 2.5.4 Arbitrary SQL Command Execution in Simple Review Component 1.3.5 for Joomla! and Mambo SQL Injection Vulnerability in PowerClan 1.14a Admin Login Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in SemanticScuttle before 0.91 SQL Injection Vulnerability in PHPFootball 1.6 Login Page Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHPFootball 1.6 Information Disclosure: Retrieval of Password Hashes in PHPFootball 1.6 and Earlier Unspecified Privilege Escalation Vulnerability in WMI Mapper for HP Systems Insight Manager Unspecified Information Disclosure Vulnerability in WMI Mapper for HP Systems Insight Manager Remote Code Execution Vulnerability in HP Data Protector Express and Express SSE Unspecified Remote Access Vulnerability in Secure NaviCLI in HP Storage Essentials Unspecified Remote Access Vulnerability in HP StorageWorks Storage Mirroring 5 Unspecified Denial of Service Vulnerability in HP StorageWorks Storage Mirroring 5 Unspecified Remote Code Execution Vulnerability in HP StorageWorks Storage Mirroring 5 Unspecified Local File Access Vulnerability in HP-UX Useradd Unspecified Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Arbitrary Code Execution Vulnerability in HP Remote Graphics Software (RGS) Sender Module Arbitrary File Inclusion Vulnerability in Potato News 1.0.0 Integer Overflow Vulnerability in LittleCMS (lcms/liblcms) Allows Arbitrary Code Execution Arbitrary SQL Command Execution in GigCalendar Component 1.0 for Mambo and Joomla! SQL Injection Vulnerability in jobdetails.php in Taifajobs 1.0 and Earlier SQL Injection Vulnerability in My_eGallery Module for MAXdev MDPro Directory Traversal Vulnerabilities in Page Engine CMS 2.0 Basic and Pro SQL Injection Vulnerabilities in GigCalendar Component 1.0 for Mambo and Joomla! Arbitrary File Inclusion Vulnerability in Free Arcade Script 1.0 Insufficient Access Control in Downloadcenter 2.1 Allows Remote Information Disclosure Multiple stack-based buffer overflows in ReadSetOfCurves function in LittleCMS Heap-based Buffer Overflow in Nokia PC Suite 6.86.9.3 Directory Traversal Vulnerability in Papoo CMS 3.6 Arbitrary Script Injection Vulnerability in Pebble before 2.3.2 Cross-Site Scripting (XSS) Vulnerabilities in MediaWiki Web-Based Installer SQL Injection Vulnerability in Auth Php 1.0 Login.php Allows Remote Attackers to Execute Arbitrary SQL Commands SQL Injection Vulnerability in MyNews 0.10 Login Page SQL Injection Vulnerability in login.php of BlueBird Prelease Craft Silicon Banking@Home 2.1 Login.asp SQL Injection Vulnerability Cleartext Password Storage Vulnerability in Cisco ACE Application Control Engine Arbitrary Script Injection in Cisco Unified MeetingPlace Web Conferencing Denial of Service Vulnerability in Apple Safari 4 Beta build 528.16 Improper Initialization in ext4_group_add Function during Resize Operation in Linux Kernel Denial of Service Vulnerability in Linux Kernel 2.6.27 and 2.6.28 Denial of Service Vulnerability in ext4_isize Function NULL pointer dereference and OOPS vulnerability in ext4_fill_super function OptiPNG GIFReadNextExtension Use-After-Free Vulnerability SQL Injection Vulnerability in smNews Login Page Denial of Service Vulnerability in Yaws 1.80: Memory Consumption and Crash via Large Number of Headers Unspecified Vulnerability in Movable Type Pro and Community Solution 4.x: Potential Password Recovery Exploit Absolute Path Traversal Vulnerability in MLDonkey 2.8.4 through 2.9.7 Apache Virtual Host Privilege Escalation Vulnerability Denial of Service Vulnerability in Poppler's FormWidgetChoice::loadDefaults Function Denial of Service Vulnerability in Poppler's JBIG2Stream::readSymbolDictSeg Function Buffer Overflow Vulnerabilities in GNU MPFR 2.4.0: Denial of Service via mpfr_snprintf and mpfr_vsnprintf Functions Denial of Service via Crafted Legacy Unicast mDNS Query Packet in avahi-daemon 0.6.23 CRLF Injection Vulnerabilities in ZNC Webadmin Allow Privilege Escalation Sensitive Information Exposure in Team Board 1.x and 2.x Arbitrary Web Script Injection Vulnerability in Team Board 1.x Cross-Site Scripting (XSS) Vulnerability in ScriptsEz Ez PHP Comment Arbitrary Web Script Injection Vulnerability in Kipper 2.01 default.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kipper 2.01 Arbitrary File Inclusion Vulnerability in Kipper 2.01 index.php Arbitrary File Inclusion Vulnerability in Kipper 2.01 default.php Sensitive Information Exposure in Kipper 2.01: Unauthorized Access to Credentials SQL Injection Vulnerability in YapBB 1.2 and Earlier: Remote Code Execution via forumhop.php Denial of Service Vulnerability in QIP 2005 build 8082 Denial of Service Vulnerability in dkim-milter 2.6.0 through 2.8.0 Memory Corruption and Assertion Failure Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Memory Corruption and Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Remote Code Execution and Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Double Free Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Domain XML Data Reading Vulnerability Invisible Character Decoding Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Denial of Service Vulnerability in Linux Kernel's icmp_send Function Buffer Overflow Vulnerability in pppdial in IBM AIX 5.3 and 6.1 Denial of Service Vulnerability in OpenBSD bgpd with Long AS Path Arbitrary Web Script Injection Vulnerability in Apache Tomcat Calendar Application XML Parser Replacement Vulnerability in Apache Tomcat Race condition vulnerability in SystemTap stap tool allows local users to gain privileges via unknown vectors Out-of-Bounds Read Vulnerability in eCryptfs_write_metadata_to_contents Function Unspecified URL Rewriting Vulnerability in Red Hat Network (RHN) Satellite Server 5.3 and 5.4 Denial of Service Vulnerability in OpenSSL 0.9.8k and Earlier on WIN64 and Certain Platforms IKE Daemon Crash and Restart Vulnerability Multiple Integer Overflows in Xpdf, Poppler, and CUPS pdftops Filter Vulnerability Multiple Integer Overflows in ICC Format Library (icclib) Allow Arbitrary Code Execution Denial of Service Vulnerability in LittleCMS 1.18 Integer Overflow Vulnerability in Pulse-Java Allows Remote Denial of Service Apache::Status and Apache2::Status XSS Vulnerability Denial of Service Vulnerability in ACPI Event Daemon (acpid) Out-of-Bounds Read Vulnerability in JBIG2 Decoder Arbitrary Code Execution via Crafted PDF File in JBIG2 Decoder Vulnerability: Host Header Manipulation in Squid Proxy Server Remote Bypass of Access Controls in Qbik WinGate HTTP Host Header Bypass Vulnerability in SmoothWall SmoothGuardian Ziproxy 2.6.0 Transparent Interception Mode Host Header Bypass Vulnerability Arbitrary Web Script Injection in piCal 0.91h and Earlier Unspecified Remote Permission Modification Vulnerability in OpenGoo before 1.2.1 Remote Code Execution Vulnerability in zFeeder 1.6 via admin.php Multiple SQL Injection Vulnerabilities in SimpleCMMS Remote Profile Card Reading Vulnerability in Dassault Systemes ENOVIA SmarTeam V5 SQL Injection Vulnerability in xGuestbook 2.0 Login Page Arbitrary Program Execution Vulnerability in SopCast SopCore ActiveX Control Remote Code Execution via Crafted Intel Hex Code File in BreakPoint Software Hex Workshop Arbitrary URL Execution Vulnerability in ImeraIEPlugin ActiveX Control Arbitrary Script Injection in Widgets.aspx in Blogsa 1.0 Beta 3 and Earlier Arbitrary File Read Vulnerability in TYPO3 jumpUrl Mechanism Multiple Cross-Site Scripting (XSS) Vulnerabilities in TYPO3 Backend User Interface Cross-site scripting (XSS) vulnerability in Protected Node module allows remote authenticated users to inject arbitrary web script or HTML Arbitrary Code Injection via Taxonomy Theme Module in Drupal XPath Expression Denial of Service Vulnerability in MySQL 5.1 and 6.0 Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 Denial of Service Vulnerability in Mozilla Firefox 2.0.0.20 and Earlier Buffer Validation Vulnerability in ElbyCDIO.sys 6.0.2.0 and Earlier Arbitrary SQL Command Execution in TinX/cms 3.x before 3.5.1 Insufficient Access Control in BlogHelper Allows Remote Download of User Credentials Insufficient Access Control in PollHelper Allows Remote Database Download Insufficient Access Control in QuoteBook Store Allows Remote Database Information Retrieval Multiple SQL Injection Vulnerabilities in QuoteBook Cross-Site Scripting (XSS) Vulnerability in QuoteBook's quotesadd.php SQL Injection Vulnerability in Members CV (Job) Module 1.0 for PHP-Fusion SQL Injection Vulnerability in E-Cart Module 1.3 for PHP-Fusion: Remote Code Execution via CA Parameter in items.php Heap-based Buffer Overflow in gen_msn.dll Plugin for Winamp 5.541 Vulnerability: Bypassing Syscall Audit Configurations in Linux Kernel 2.6.28.7 and Earlier Misinterpretation of Syscalls in seccomp Subsystem Vulnerability Unauthenticated Remote Code Execution in Foxit Reader Foxit Reader 3.0 Stack-Based Buffer Overflow Vulnerability Memory Freeing Vulnerability in Sun Solaris 10 and OpenSolaris snv_88 through snv_102 Arbitrary Code Execution via Crafted id Parameter in MapServer Heap-based Buffer Underflow in readPostBody Function in MapServer Arbitrary File Creation Vulnerability in MapServer Arbitrary File Read Vulnerability in MapServer File Existence Disclosure Vulnerability in msLoadQuery Function in MapServer Buffer Over-read Vulnerability in MIT Kerberos 5 SPNEGO Implementation NULL pointer dereference and daemon crash vulnerability in MIT Kerberos 5 SPNEGO Mechanism Uninitialized Pointer Free Vulnerability in MIT Kerberos 5 Denial of Service Vulnerability in MIT Kerberos 5 ASN.1 Decoder Untrusted Search Path Vulnerability in GTK2 in OpenSUSE 11.0 and 11.1 Stack-based Buffer Overflow in NovaStor NovaNET 12 DtbClsLogin Function Arbitrary Web Script Injection via Virus-Infected File Names in BitDefender Internet Security 2009 SQL Injection Vulnerabilities in CelerBB 0.0.2 with Disabled Magic Quotes GPC Information Disclosure in showme.php of CelerBB 0.0.2 via user parameter Authentication Bypass Vulnerability in CelerBB 0.0.2 Untrusted Search Path Vulnerability in Dash 0.5.4 Allows Arbitrary Code Execution via Trojan Horse .profile File Arbitrary Web Script Injection Vulnerability in IBM WebSphere Application Server (WAS) 6.1 on z/OS Arbitrary Web Script Injection in IBM WebSphere Application Server (WAS) 6.x Cross-site scripting (XSS) vulnerability in Sun Management Center (SunMC) Performance Reporting Module (PRM) allows remote code injection via the msg parameter Arbitrary Record Injection Vulnerability in djbdns 1.05 and Earlier Denial of Service Vulnerability in Linux Kernel's shm_get_stat Function NetMRI Login Application XSS Vulnerability phpDenora before 1.2.3 Cross-Site Scripting (XSS) Vulnerability in IRC Channel Name Arbitrary Web Script Injection in TangoCMS 2.2.x Arbitrary SQL Command Execution in S-Cms 1.1 Stable via admin/delete_page.php Authentication Bypass Vulnerability in S-Cms 1.1 Stable Directory Traversal Vulnerability in GeoVision LiveX ActiveX Control Insufficient Access Control in pHNews Alpha 1 Allows Remote Database Download Information Disclosure Vulnerability in Fujitsu Enhanced Support Facility 3.0 and 3.0.1 CRLF Injection Vulnerability in Fujitsu Jasmine2000 Enterprise Edition Buffer Overflow Vulnerability in IBM Tivoli Storage Manager (TSM) HSM Client Denial of Service Vulnerability in NFSv4 Server Module in Solaris and OpenSolaris SIP Channel Driver Denial of Service Vulnerability Vulnerability: Unauthorized Access and Modification in NFS Server on Sun Solaris 10 and OpenSolaris Vulnerability: Insecure Combination of Security Modes in NFS Daemon Unspecified Vulnerabilities in Solaris Doors Subsystem Race condition vulnerability in Doors subsystem in Sun Solaris and OpenSolaris allows for denial of service and potential privilege escalation Privilege Escalation via Hardlink Attack in Sun xVM VirtualBox on Linux Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Communications Express Denial of Service Vulnerability in Wesnoth's read_game_map Function Denial of Service Vulnerability in IBM Director CIM Server Arbitrary Local DLL Code Execution via Directory Traversal in IBM Director SQL Injection Vulnerability in isiAJAX 1: Remote Code Execution via id Parameter Multiple SQL Injection Vulnerabilities in nForum 1.5 Blue Eye CMS 1.0.0 and Earlier SQL Injection Vulnerability Buffer Overflow Vulnerability in FileZilla Server Allows Remote Denial of Service Heap-based Buffer Overflow Vulnerabilities in Media Commands 1.0 Arbitrary File Read Vulnerability in OneOrZero Helpdesk 1.6.5.7 and Earlier Integer Signedness Error in _pam_StrTok Function in Linux-PAM Allows for Denial of Service and User Impersonation Heap-based Buffer Overflow in JBIG2 Filter in Adobe Reader and Acrobat Heap-based Buffer Overflow in JBIG2 Filter in Adobe Reader and Acrobat WebSphere Application Server Session Hijacking Vulnerability Session Hijacking Vulnerability in IBM WebSphere Application Server (WAS) 6.1 and 7.0 Multiple Heap-Based Buffer Overflows in Xvidcore Library Heap-based Buffer Overflow in Xvid Decoder Initialization Function Heap-based Buffer Overflow in Novell eDirectory 8.7.3.x and 8.8.x Buffer Overflow Vulnerability in IBM WebSphere MQ Information Disclosure Vulnerability in IBM WebSphere Partner Gateway (WPG) Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Unspecified Information Disclosure Vulnerability in IBM WebSphere Application Server, WebSphere Portal Server, and Integrated Solutions Console Heap-based buffer overflow in IBM WebSphere MQ client allows privilege escalation via crafted SSL information in CCDT file ATL Uninitialized Object Vulnerability Inadequate Handling of WS-Security Policy in IBM WebSphere Application Server (WAS) 7.0 and Feature Pack for Web Services for WAS 6.1 XML Encoding Vulnerability in IBM WebSphere Application Server (WAS) 6.1 Privilege Escalation via Long Group Names in IBM WebSphere MQ 6.0 and 7.0 Authentication Bypass Vulnerability in IBM WebSphere Application Server SCA Feature Pack ACE Shared Folders Vulnerability in VMware ACE 2.5.1 and Earlier Heap-based buffer overflow in VMware Workstation, Player, ACE, and Server allows remote code execution via crafted web page or video file (ZDI-CAN-435) Heap-based buffer overflow in VMware Workstation, Player, ACE, and Server allows remote code execution via crafted web page or video file (ZDI-CAN-436) Privilege Escalation via String Handling Vulnerability in perl-MDK-Common Unspecified Denial of Service Vulnerability in Solaris 10 and OpenSolaris Arbitrary Code Execution via Crafted JPEG Image in Opera (CVE-2009-0689) Cross-Domain Scripting Vulnerability in Opera before 9.64 Unspecified Vulnerability in Opera Before 9.64 with Unknown Impact and Attack Vectors Cross-Site Scripting (XSS) Vulnerability in DFLabs PTK 1.0.0 through 1.0.4 Arbitrary Command Execution Vulnerabilities in DFLabs PTK 1.0.0 through 1.0.4 Insecure Default Passwords in XAMPP Installations Stack-based Buffer Overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 via OvOSLocale Cookie Heap-based Buffer Overflow Vulnerabilities in HP OpenView Network Node Manager (OV NNM) Denial of Service Vulnerability in PostgreSQL Encoding Conversion Denial of Service Vulnerability in Kerberos Incremental Propagation in Solaris 10 and OpenSolaris Denial of Service Vulnerability in Sun OpenSolaris (snv_39 - snv_45) on x86 Architectures Denial of Service Vulnerability in Sun Solaris and OpenSolaris Unspecified Denial of Service Vulnerability in UFS Filesystem Functionality in Sun OpenSolaris Stack-based Buffer Overflow in Adobe Reader and Adobe Acrobat 9, 8, and 7 Heap-based Buffer Overflow in Adobe Acrobat Reader and Acrobat Professional Arbitrary File Read Vulnerability in Nucleus CMS Media Manager Multiple Cross-Site Scripting (XSS) Vulnerabilities in Horde IMP Arbitrary Web Script Injection in Horde Tag Cloud Search Script Arbitrary File Inclusion Vulnerability in Horde Image.php Dotclear 2.1.5 Administrative Interface Cross-Site Scripting (XSS) Vulnerability Arbitrary Script Injection in ejabberd 2.0.4 and Earlier Versions Double Unlock Vulnerability in Linux Kernel's inotify_read Function Denial of Service Vulnerability in Tor 0.2.0.34 via Corrupt Votes Denial of Service Vulnerability in Tor before 0.2.0.34 Denial of Service Vulnerability in Tor 0.2.0.34: Directory Mirrors Exploit Incomplete IPv4 addresses treated as valid in Tor before 0.2.0.34: Potential Spec Conformance Vulnerability Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in HP Embedded Web Server (EWS) on HP LaserJet Printers, Edgeline Printers, and Digital Senders Default Password Vulnerability in HP Embedded Web Server (EWS) on LaserJet Printers, Edgeline Printers, and Digital Senders Arbitrary Code Execution via Unverified CSS in Apple Mac OS X Help Viewer Arbitrary Code Execution via Unverified HTML Pathnames in Apple Mac OS X Help Viewer Memory Corruption Vulnerability in Microsoft Office Spotlight Importer Array Index Error in WebKit's insertItemBefore Method Arbitrary Code Execution Vulnerabilities in FreeType 2.3.9 and Earlier Integer Overflow Vulnerabilities in File Before 5.02 Multiple Buffer Overflows in File Before 5.02 Memory Initialization Vulnerability in CUPS 1.3.10 Stack-based Buffer Overflow in Apple iTunes Allows Remote Code Execution Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability Buffer Overflow in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution and Application Crash via Crafted PICT Image Heap-based Buffer Overflow in Apple QuickTime on Windows Arbitrary Code Execution and Denial of Service Vulnerability in Apple QuickTime Memory Initialization Vulnerability in Apple QuickTime Heap-based Buffer Overflow in Apple QuickTime JP2 Image Parsing Untrusted Exchange Server Certificate Vulnerability in Apple iPhone OS and iPod touch Denial of Service Vulnerability in Apple iPhone OS and iPod touch Remote Image Loading Vulnerability in Apple iPhone OS and iPod Touch Vulnerability: Unauthorized Call Placement in Apple iPhone OS Unspecified Remote Administrative Privilege Vulnerability in Futomi's CGI Cafe MP Form Mail CGI eCommerce SQL Injection Vulnerabilities in PHPRunner 4.2 and Earlier Versions Cleartext Password Storage Vulnerability in PHPRunner 4.2 SQL Injection Vulnerability in Ganesha Digital Library (GDL) 4.0 and 4.2 Remote File Inclusion Vulnerability in YABSoft Mega File Hosting 1.2 Allows Arbitrary Code Execution Denial of Service Vulnerability in Serv-U FTP Server 7.0.0.1 - 7.4.0.1 SQL Injection Vulnerability in fMoblog Plugin 2.1 for WordPress CSRF Vulnerability in phpFoX 1.6.21 Allows Unauthorized Email Address Change PHP Pro Bid 6.05 Remote File Inclusion Vulnerability Arbitrary Web Script Injection Vulnerability in futomi's CGI Cafe Access Analyzer Unspecified vulnerability in Oracle Database Workspace Manager component Unspecified Remote Availability Vulnerability in Oracle Database 10.1.0.5 Cluster Ready Services Unspecified Remote Integrity Vulnerability in Oracle Application Server Portal Component Unspecified vulnerability in Oracle Database Workspace Manager component Unspecified vulnerability in Oracle Database Workspace Manager component allows remote authenticated users to affect confidentiality and integrity Unspecified SQL Injection Vulnerability in Oracle Database Advanced Queuing Component Unspecified vulnerability in Oracle Database Workspace Manager component Unspecified vulnerability in Oracle Database Resource Manager component SQLX Functions Component Remote Code Execution Vulnerability Unspecified vulnerability in Oracle Database 11.1.0.7 Application Express component allows remote authenticated users to obtain APEX password hashes Unspecified Integrity Vulnerability in PeopleSoft Enterprise PeopleTools Unspecified Remote Integrity Vulnerability in Oracle Application Server Portal Component Unspecified vulnerability in Oracle Database Vault component allows remote authenticated users to affect confidentiality and integrity Unspecified vulnerability in Oracle Database allows remote authenticated users to compromise confidentiality, integrity, and availability Unspecified vulnerability in Oracle Database Workspace Manager component allows remote authenticated users to affect confidentiality, integrity, and availability Unspecified vulnerability in Oracle Database Upgrade Component Unspecified Confidentiality Vulnerability in Oracle Database 11.1.0.6 Password Policy Component Unspecified vulnerability in Oracle BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 Unspecified vulnerability in Oracle BI Publisher component in Oracle Application Server 5.6.2, 10.1.3.2.1, and 10.1.3.3.3 Unspecified Remote Vulnerability in Oracle Database Listener Component Unspecified vulnerability in Oracle Database Advanced Queuing component Unspecified Remote Code Execution Vulnerability in OPMN Component of Oracle Application Server 10.1.2.3 Unspecified Confidentiality Vulnerability in Oracle BI Publisher Component Unspecified Remote Integrity Vulnerability in Oracle Applications Framework Unspecified Confidentiality Vulnerability in Oracle BI Publisher Component Remote Code Execution Vulnerability in Oracle Database Vault Component Unspecified Remote Vulnerability in PeopleSoft Enterprise HRMS - eBenefits Component Unspecified Remote Code Execution Vulnerability in Oracle E-Business Suite 12.0.6 Default Password Vulnerability in Oracle Applications Framework Cross-Site Scripting (XSS) Vulnerability in jianlinwei cool-php-captcha up to 0.2 Cross-Site Scripting (XSS) Vulnerability in dpup fittr-flickr Cross-Site Scripting (XSS) Vulnerability in capnsquarepants wordcraft up to 0.6 (VDB-219714) Cross-Site Scripting (XSS) Vulnerability in Turante Sandbox Theme up to 1.5.2 Unspecified Privilege Escalation Vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 Unspecified privilege escalation vulnerability in Oracle BEA WebLogic Server Unspecified Remote Code Execution Vulnerability in WebLogic Server Component Unspecified Remote Code Execution Vulnerability in WebLogic Server Component Unspecified vulnerability in Oracle Data Service Integrator in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 Unspecified Remote Code Execution Vulnerability in JRockit Component Unspecified vulnerability in Oracle Database 10.2.0.4 Data Mining component allows remote authenticated users to compromise confidentiality, integrity, and availability Unspecified vulnerability in Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 Unspecified Local Vulnerability in Oracle Application Server 8.1.9 Unspecified vulnerability in Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 Unspecified vulnerability in Outside In Technology component in Oracle Application Server 8.2.2 and 8.3.0 Unspecified Heap-based Buffer Overflow Vulnerability in Oracle BEA WebLogic Server Plug-ins Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools Unspecified Remote Integrity Vulnerability in Oracle Database Core RDBMS Component Unspecified stack-based buffer overflow vulnerability in WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 Unspecified Confidentiality Vulnerability in Oracle BI Publisher Component Unspecified vulnerability in Oracle Database 10.2.0.4 Workspace Manager component allows remote authenticated users to compromise confidentiality and integrity Unspecified vulnerability in Oracle Database Network Authentication component Unspecified vulnerability in Oracle Database Network Foundation component Unspecified vulnerability in Oracle Database Advanced Replication component Heap-based Buffer Overflow in GOM Encoder 1.0.0.11 and Earlier Allows Remote Code Execution via Subtitle File SQL Injection Vulnerability in phpComasy 0.9.1: Remote Code Execution via entry_id Parameter Multiple SQL Injection Vulnerabilities in Beerwin PHPLinkAdmin 1.0 Remote File Inclusion Vulnerability in Beerwin PHPLinkAdmin 1.0 SQL Injection Vulnerabilities in Kim Websites 1.0 Login Page OpenCart 1.1.8 SQL Injection Vulnerability in Order Parameter Stack-based Buffer Overflow in ediSys eZip Wizard 3.0 Arbitrary Code Execution via Long Date Header in POP Peeper 3.4.0.0 and Earlier Arbitrary Web Script Injection via HTTP Host Header in WordPress MU (WPMU) Directory Traversal Vulnerability in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 SQL Injection Vulnerability in YABSoft Advanced Image Hosting (AIH) Script 2.3 SQL Injection Vulnerability in DeluxeBB 1.3 and Earlier: Remote Code Execution via misc.php SQL Injection Vulnerability in Tasklist Module for Drupal Cross-site scripting (XSS) vulnerability in Tasklist module for Drupal CSRF Vulnerability in Plus 1 Module for Drupal Unspecified vulnerability in Send by e-mail module allows remote attackers to send unlimited spam messages SQL Injection Vulnerabilities in YAP Blog 1.1.1: Remote Code Execution Remote Code Execution Vulnerability in CDex 1.70b2 via Crafted Ogg Vorbis File Buffer Overflow Vulnerability in WinAsm Studio 5.1.5.0 via Crafted .wap File Out-of-Bounds Timer Value Write Vulnerability in FreeBSD 7.x Remote Code Execution Vulnerability in Apple Safari on Mac OS X 10.5.6 Remote Code Execution Vulnerability in Microsoft Internet Explorer 8 on Windows 7 Arbitrary Code Execution Vulnerability in Mozilla Firefox 3.0.7 on Windows 7 Denial of Service Vulnerability in VLC 0.9.8a via Long Input Argument in in_play Action Memory Corruption Vulnerability in Linux Kernel Console Selection Arbitrary Web Script Injection in Send by E-mail Module for Drupal Authentication Bypass Vulnerability in snom VoIP Phones Arbitrary SQL Command Execution Vulnerability in Bloginator 1A Remote Authentication Bypass Vulnerability in Bloginator 1A Insecure Storage of Sensitive Information in FubarForum 1.6 and Earlier Insecure Storage of Sensitive Information in FireAnt 1.3 and Earlier Insufficient Access Control in chaozzDB 1.2 and Earlier Allows Unauthorized Access to User Credentials Remote Code Execution Vulnerability in JustSystems Ichitaro Software Unspecified Remote Access Vulnerability in Sitecore CMS 5.3.1 rev. 071114 Arbitrary Report Access Vulnerability in IBM Rational AppScan Enterprise Remote Code Execution Vulnerability in MicroSmarts Enterprise ZipItFast! 3.0 Stack-based Buffer Overflow in ZipGenius: Remote Code Execution via Crafted .zip File Trident PowerZip 7.2 Stack-Based Buffer Overflow Vulnerability Remote Code Execution Vulnerability in Apple Safari on Mac OS X 10.5.6 Unspecified Remote Code Execution Vulnerability in Adobe Acrobat Reader Memory Corruption Vulnerability in Adobe Acrobat Reader versions 7, 8, and 9 Buffer Overflow Vulnerability in eXeScope 6.50 Orbit Downloader ActiveX Control Argument Injection Vulnerability SQL Injection Vulnerability in Pixie CMS 1.01a - Remote Code Execution via x Parameter SQL Injection Vulnerability in Pixie CMS 1.01a Referral Function Arbitrary Web Script Injection Vulnerability in Pixie CMS 1.01a Stack-based Buffer Overflow in BS.Player Allows Remote Code Execution via Long Hostname in .bsl Playlist File Cross-Site Scripting (XSS) Vulnerabilities in Drupal Content Construction Kit (CCK) Node Edit Form ExpressionEngine 1.6.4 - 1.6.6 Cross-Site Scripting (XSS) Vulnerability in system/index.php Icarus 2.0 Stack-Based Buffer Overflow Vulnerability Privilege Escalation Vulnerability in Linux Kernel's nfsd World-readable permissions for /etc/nss-ldapd.conf file allows local users to obtain cleartext LDAP server password SSL Termination Devices and Lack of Support for Relative URLs in Sun Java System Identity Manager (IdM) 7.0 through 8.0 Username Enumeration Vulnerability in Sun Java System Identity Manager (IdM) 7.0 through 8.0 User Enumeration Vulnerability in Sun Java System Identity Manager (IdM) 7.0 through 8.0 Password Change Vulnerability in Sun Java System Identity Manager Privilege Escalation in Sun Java System Identity Manager (IdM) 7.0 through 8.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 (Bug ID 19033) Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Identity Manager (IdM) 7.0 through 8.0 Remote Privilege Escalation in Sun Java System Identity Manager (IdM) 7.0 through 8.0 Arbitrary Command Execution via Password Control Characters in Sun Java System Identity Manager (IdM) Unrestricted Access to System Configuration Object in Sun Java System Identity Manager (IdM) 7.0 through 8.0 Sensitive Information Exposure in Piwik 0.2.32 and Earlier Heap-based Buffer Overflow in ldns_rr_new_frm_str_internal Function in ldns 1.4.x Multiple Argument Injection Vulnerabilities in PPLive.exe in PPLive 1.9.21 and Earlier Arbitrary Code Execution in Hannon Hill Cascade Server 5.7 and Other Versions Absolute Path Traversal Vulnerability in Rapidleech rev.36 and Earlier: Arbitrary File Read Arbitrary File Inclusion Vulnerability in Rapidleech rev.36 and Earlier Arbitrary Web Script Injection Vulnerability in Rapidleech rev.36 and Earlier LIVEAUDIO.LiveAudioCtrl.1 ActiveX Control Use-After-Free Vulnerability LDAP Service Hang Vulnerability Arbitrary Code Execution Vulnerability in Java LDAP Implementation Integer Overflow Vulnerability in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) Allows Remote Code Execution Buffer Overflow Vulnerability in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) Allows Remote Code Execution Buffer overflow vulnerabilities in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier Java SE Development Kit (JDK) and Java Runtime Environment (JRE) Buffer Overflow Vulnerability (CR 6804998) Type1 Font Integer Signedness Error Vulnerability Denial of Service Vulnerabilities in Java SE Development Kit and Java Runtime Environment Denial of Service Vulnerability in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier Unspecified Remote Code Execution Vulnerability in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier Unspecified vulnerability in Java Plug-in allows remote code execution via deserializing applets (CR 6646860) Java Plug-in Localhost Port Connection Vulnerability Java Plug-in User-Assisted Remote Code Execution Vulnerability Cross-Site Scripting (XSS) Vulnerability in Java Plug-in Misrepresentation of Security Warning Dialog in Java Plug-in Heap-based Buffer Overflow Vulnerabilities in EMC RepliStor 6.2 and 6.3 EMC RepliStor Server Service DoASOCommand Remote Code Execution Vulnerability IIS 5.0 WebDAV Authentication Bypass Vulnerability Windows Kernel Object Validation Vulnerability Windows Kernel Pointer Validation Vulnerability Windows Driver Class Registration Vulnerability Windows Desktop Parameter Edit Vulnerability Win32k NULL Pointer Dereferencing Vulnerability PP7 Memory Corruption Vulnerability in Microsoft Office PowerPoint 2000, 2002, and 2003 PP7 Memory Corruption Vulnerability in PowerPoint 95 Importer Heap Corruption Vulnerability in Microsoft Office PowerPoint Data Out of Bounds Vulnerability in Microsoft Office PowerPoint 2000 SP3 Wireless Frame Parsing Remote Code Execution Vulnerability in Microsoft Windows Vista and Server 2008 Remote Desktop Connection Heap Overflow Vulnerability Record Pointer Corruption Vulnerability in Excel 2007 and Office Compatibility Pack Radius OTP Bypass Vulnerability in Microsoft ISA Server 2006 Gold and SP1 Office Web Components HTML Script Vulnerability Legacy File Format Vulnerability in Microsoft Office PowerPoint 2000, 2002, and 2003 Active Directory Invalid Free Vulnerability Active Directory Memory Leak Vulnerability Cross-Domain Information Disclosure Vulnerability in Microsoft Internet Explorer DHTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer 6 Privilege Escalation via Symlink Attack in open-vm-tools Symlink Attack Exploiting Realpath Race Condition in open-vm-tools Untrusted Search Path Vulnerability in Gentoo Xpdf Package Unspecified Denial of Service Vulnerability in VMware Workstation, Player, ACE, and Server Unspecified privilege escalation vulnerability in VMware products Directory Traversal Vulnerability in phpMyAdmin BLOB Streaming Feature CRLF Injection Vulnerability in phpMyAdmin's BLOB Streaming Feature Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin Export Page Static Code Injection Vulnerability in phpMyAdmin setup.php Denial of Service Vulnerability in Siemens Gigaset SE461 WiMAX Router Denial of Service Vulnerability in Cisco IOS XR 3.8.1 and Earlier Authentication Bypass Vulnerability in Cisco ASA and PIX Security Appliances Denial of Service Vulnerability on Cisco ASA 5500 Series Devices Cisco ASA and PIX Memory Leak Vulnerability Denial of Service Vulnerability in Cisco ASA 5500 Series Devices with H.323 Inspection Enabled Denial of Service Vulnerability in Cisco ASA and PIX Security Appliances with SQL*Net Inspection Improper Implementation of Implicit Deny Statement in Cisco ASA and PIX Security Appliances (CSCsq91277) Directory Traversal Vulnerability in CiscoWorks Common Services (CWCS) on Windows Cisco IronPort AsyncOS XSS Vulnerability in Spam Quarantine Login Page Cisco Physical Access Gateway Memory Leak Vulnerability Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) Platform 4.2 and 5.x Memory Leak Vulnerability in Cisco Wireless LAN Controller (WLC) Platform Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) Platform Configuration Modification Vulnerability in Cisco Wireless LAN Controller (WLC) Platform Denial of Service Vulnerability in Cisco IOS and IOS XE with RFC4893 BGP Routing Arbitrary Code Execution and Denial of Service Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Code Execution Vulnerability in Sun OpenSolaris Arbitrary File Reading Vulnerability in Moodle TeX Filter Improper Validation of UsernameToken Objects in IBM WebSphere Application Server Weak Permissions in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.3 Unspecified XML Digital-Signature Security Vulnerability in IBM WebSphere Application Server Arbitrary Web Script Injection in Banshee 1.4.2 DAAP Extension Buffer-Overflow Vulnerability in MapServer's mapserv.c Multiple Stack-Based Buffer Overflows in MapServer's maptemplate.c Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) server's admin command line with unknown impact and attack vectors Arbitrary Code Execution via Integer Overflow in JBIG2 Decoder Arbitrary Code Execution via Crafted PDF File in JBIG2 Decoder NULL Pointer Dereference Vulnerability in JBIG2 Decoder Arbitrary Code Execution via Crafted PDF File in JBIG2 MMR Decoder Denial of Service Vulnerability in JBIG2 MMR Decoder Bypassing Network Traffic Restrictions in SELinux with compat_net Enabled Privilege Escalation via Unverified NETLINK Messages in udev Buffer Overflow in util_path_encode function in udev/lib/libudev-util.c Integer Overflow in JBIG2 Decoding Feature in Poppler Integer Overflow in JBIG2 Decoding Feature in Xpdf and Poppler Incorrect Signature Validation Logic in D-Bus (CVE-2008-3834) Algorithmic complexity vulnerability in java.util.regex.Pattern.compile method in Sun JDK allows remote attackers to cause denial of service (CPU consumption) Sensitive Response Data Disclosure in Apache HTTP Server 2.2.11 Information Leakage Vulnerability in Linux Kernel's agp_generic_alloc_page and agp_generic_alloc_pages Functions Integer Overflow in Pango Glyph String Set Size Function Privilege Escalation via Apache HTTP Server 2.2.11 and Earlier CUPS Directory-Services Functionality Denial of Service Vulnerability Log Spoofing Vulnerability in Apache jUDDI before 2.0 Apache jUDDI before 2.0 Cross-Site Scripting (XSS) Vulnerability in happyjuddi.jsp Eval Injection Vulnerability in Cisco Adaptive Security Appliances (ASA) WebVPN Cisco ASA WebVPN URL Rewriting and HTML Rewriting Bypass Vulnerability Improper Login Screen Distinguishing in Cisco ASA WebVPN (CSCsy80709) Arbitrary Web Script Injection in TikiWiki CMS/Groupware 2.2 Unspecified Remote Code Execution Vulnerability in futomi's CGI Cafe Access Analyzer Race condition vulnerability in dircmp script allows local users to overwrite arbitrary files SQL Injection Vulnerability in auth2db 0.2.5: Inadequate Input Sanitization Stack-based Buffer Overflow in W3C Amaya Web Browser 11.1 via Long Defer Attribute in Script Tag Format String Vulnerability in PROFINET/DCP Dissector in Wireshark 1.0.6 and Earlier Vulnerability: Transparent Interception Mode Bypass in Blue Coat ProxySG Arbitrary File Overwrite Vulnerabilities in PrecisionID Datamatrix ActiveX Control CSRF Vulnerability in Bugzilla Attachment Editing World-readable permissions on /tmp/screen-exchange file in GNU screen 4.0.3 Race condition vulnerability in GNU screen 4.0.3 allows local users to create or overwrite arbitrary files via symlink attack on /tmp/screen-exchange temporary file. Unspecified Remote Code Execution Vulnerabilities in Gzip Libraries Microsoft GdiPlus EMF GpFont.SetData Integer Overflow Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Sun Calendar Express Web Server Denial of Service Vulnerability in Sun Calendar Express Web Server Arbitrary Web Script Injection Vulnerability in Cisco ASA WebVPN Arbitrary File Inclusion Vulnerability in webEdition 6.0.0.4 and Earlier Insufficient Access Control in aspWebCalendar Free Edition Allows Unauthorized Access to User Credentials Arbitrary SQL Command Execution in vsp-core/pub/themes/bismarck/gamestat.php Arbitrary Script Injection in Turnkey Ebook Store 1.1 via XSS Vulnerability Arbitrary File Deletion Vulnerability in Podcast Generator 1.1 and Earlier Buffer Overflow in Check Point Firewall-1 PKI Web Service Cross-Site Scripting (XSS) Vulnerability in Arcadwy Arcade Script CMS register.php Arcadwy Arcade Script SQL Injection Vulnerability Static Code Injection Vulnerability in Podcast Generator 1.1 and Earlier: Remote Code Execution via config.php Unspecified Vulnerability in IBM DB2 Content Manager eClient Denial of Service Vulnerability in Mozilla Firefox 3.0.x Denial of Service Vulnerability in Apple Safari 3.2.2 and 4 Beta on Windows Denial of Service Vulnerability in Opera 9.64 and 9.52 Privilege Escalation via HFS IOCTL Handler in Apple Mac OS X 10.5.6 and earlier AppleTalk Networking Stack Heap-Based Buffer Overflow Vulnerability Memory Leak Vulnerabilities in XNU 1228.3.13 and Earlier on Apple Mac OS X 10.5.6 and Earlier Race condition in HFS vfs sysctl interface allows local users to cause kernel memory corruption Incorrect Query Results Vulnerability in IBM DB2 9.1 before FP7 Bypassing Malware Detection in IBM Proventia Engine 4.9.0.0.44 Bypassing Malware Detection in ClamAV via Modified RAR Archive Denial of Service Vulnerability in KVM Subsystem on Linux Kernel Denial of Service Vulnerability in Linux Kernel's UDP Sequence File Infrastructure Unspecified vulnerability in VMware virtual machine display function Multiple SQL Injection Vulnerabilities in CCCP Community Clan Portal Pastebin Multiple Directory Traversal Vulnerabilities in Blogplus 1.0 SQL Injection Vulnerability in Acute Control Panel 1.0.0 Login.php Acute Control Panel 1.0.0 - Multiple PHP Remote File Inclusion Vulnerabilities Arbitrary Web Script Injection in Feed Element Mapper Drupal Module Remote Denial of Service Vulnerability in OpenAFS and IBM AFS Heap-based Buffer Overflow in OpenAFS Cache Manager Stack-based Buffer Overflow in ntpd's crypto_recv function Symlink Attack Vulnerability in James Stone Tunapie 2.1 Remote Code Execution in James Stone Tunapie 2.1 via Stream URL Metacharacters Information Disclosure and ASLR Bypass in Memcached and MemcacheDB SQL Injection Vulnerability in FlexCMS 2.5: Remote Code Execution via ItemId Parameter Heap-based Buffer Overflow in Magic ISO Maker 5.5 Build 0274 via Crafted CCD File SQL Injection Vulnerability in RD-Autos Component 1.5.7 for Joomla! SQL Injection Vulnerability in Insane Visions AdaptBB 1.0 Stack-based Buffer Overflow Vulnerabilities in UltraISO 9.3.3.2685 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Web Help Desk 9.1.22 Fortinet FortiClient Format String Vulnerability SQL Injection Vulnerability in BookJoomlas Component for Joomla! Insecure Access Control in TYPO3 Frontend User Registration Extension Integer Overflow in rose_sendmsg Vulnerability Unspecified Vulnerability in Wireshark Before 1.0.7 Unspecified Denial of Service Vulnerability in Wireshark LDAP Dissector Denial of Service Vulnerability in Wireshark CPHAP Dissector Denial of Service Vulnerability in Wireshark 0.99.6 through 1.0.6 via Crafted Tektronix .rf5 File Denial of Service Vulnerability in ClamAV's untar.c Denial of Service Vulnerability in PHP JSON_parser Function Denial of Service Vulnerability in PHP 5.2.x Username Enumeration Vulnerability in pam_ssh 1.92 and Possibly Other Versions Heap-based Buffer Overflow in xine-lib's qt_error parse_trak_atom Function Double Evaluation of Expression Language (EL) in Apache Tiles 2.1 before 2.1.2 Allows XSS Attacks and Sensitive Information Disclosure Information Disclosure Vulnerability in XScreenSaver SQL Injection Vulnerability in Gravity Board X (GBX) 2.0 BETA - Remote Code Execution via member_id Parameter in viewprofile Action Static Code Injection Vulnerability in Gravity Board X (GBX) 2.0 BETA Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joomla! 1.5 through 1.5.9 CSRF Vulnerabilities in Joomla! com_media Component Unspecified Cross-Site Scripting (XSS) Vulnerability in glFusion before 1.1.3 SQL Injection Vulnerability in glFusion 1.1.2 and Earlier: Arbitrary SQL Command Execution via glf_session Cookie Parameter User Masquerading Vulnerability in glFusion before 1.1.3 Buffer Overflow Vulnerability in BibTeX 0.99: Denial of Service via Long .bib Bibliography File Static Code Injection Vulnerability in getConfigFile Function in phpMyAdmin Denial of Service Vulnerability in IBM Lotus Domino Server Cisco Subscriber Edge Services Manager (SESM) Cross-Site Scripting (XSS) Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in IBM BladeCenter AMM Information Disclosure Vulnerability in IBM BladeCenter AMM Cross-Site Request Forgery (CSRF) Vulnerabilities in IBM BladeCenter Web Administration Interface Stack-based Buffer Overflow in TIBCO SmartSockets and Enterprise Message Service (EMS) Command Line Credential Exposure in IBM Rational ClearCase Username Enumeration Vulnerability in Novell Teaming 1.0 through SP3 (1.0.3) Cross-Site Scripting (XSS) Vulnerabilities in Liferay 4.3.0 Portal in Novell Teaming 1.0 through SP3 (1.0.3) Local File Deletion Vulnerability in Apport eCryptfs-utils Vulnerability: Mount Passphrase Stored in Installation Logs Arbitrary File Overwrite Vulnerability in iSCSI Discovery in open-iscsi Denial of Service Vulnerability in Linux Kernel's ip_frag_reasm Function Symlink Attack Vulnerability in PulseAudio's pa_make_secure_dir Function Vulnerability: DST Midnight Time Zone Issue in apt 0.7.20 Integer Signedness Error in ID3v2 Code in mpg123 Allows Remote Code Execution Denial of Service and Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Denial of Service and Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Denial of Service and Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Denial of Service and Memory Corruption Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Origin Resource Sharing (CORS) bypass vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey XSS Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Allows Arbitrary Script Injection Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey MozSearch Plugin XSS Vulnerability Sensitive Information Disclosure via Embedded Frame in Mozilla Firefox and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and SeaMonkey Memory Corruption and Arbitrary Code Execution Vulnerability in Mozilla Firefox 3.0.9 Arbitrary File Creation and Code Execution in Web File Explorer 3.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in AbleSpace 1.0 SQL Injection Vulnerabilities in AbleSpace 1.0: Remote Code Execution Multiple SQL Injection Vulnerabilities in Aqua CMS 1.1 Arbitrary File Inclusion Vulnerability in Jamroom 3.1.2 through 3.2.6 and 4.0.2 Arbitrary File Inclusion Vulnerability in GuestCal 2.1 Cross-Site Scripting (XSS) Vulnerabilities in Zazzle Store Builder 1.0.2 ASP Product Catalog 1.0 - Cross-Site Scripting (XSS) Vulnerability in search.asp Insufficient Access Control in ASP Product Catalog 1.0 Allows Unauthorized Database Download SQL Injection Vulnerability in Web File Explorer 3.1 Allows Remote Code Execution via id Parameter in body.asp Remote Code Execution via Stack-based Buffer Overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 Remote Code Execution Vulnerability in Mini-stream Ripper 3.0.1.1 via Long URI in Playlist File Remote Code Execution via Stack-based Buffer Overflow in Mini-stream RM Downloader 3.0.0.9 Remote Code Execution via Stack-based Buffer Overflow in Mini-stream WM Downloader 3.0.0.9 Remote Code Execution Vulnerability in Mini-stream RM-MP3 Converter 3.0.0.7 via Long URI in Playlist File Remote Code Execution Vulnerability in Mini-stream Shadow Stream Recorder 3.0.1.7 via Long URI in Playlist File Stack-based Buffer Overflow in Easy RM to MP3 Converter: Remote Code Execution via Long Filename in Playlist File Denial of Service Vulnerability in Microsoft Windows Media Player 11.0.5721.5260 Information Disclosure Vulnerability in Sun Java System Directory Server 5.2 and Enterprise Edition 5 HP Deskjet 6840 Printer Firmware XSS Vulnerability Arbitrary Web Script Injection in IBM Tivoli Continuous Data Protection (CDP) for Files 3.1.4.0 Denial of Service Vulnerability in Microsoft Internet Explorer 7 and 8 on Windows XP and Vista (MSRC 9011jr) Uninitialized Structure Member Vulnerability in Linux Kernel NFS Client Arbitrary Signal Injection Vulnerability in Linux Kernel Vulnerability: Signal Processing Bypass in Linux Kernel CSRF Vulnerability in TWiki before 4.3.1 Allows Remote Authentication Hijacking Memory Leak in DBD::Pg Perl Module Allows Denial of Service Arbitrary Script Injection in CCK Comment Reference Module for Drupal Arbitrary Web Script Injection Vulnerability in Drupal Print Module Arbitrary Script Injection in Localization Client Module for Drupal SQL Injection Vulnerability in cpCommerce 1.2.8 - Remote Code Execution via document.php SQL Injection Vulnerability in NetHoteles 3.0: Remote Code Execution via id_establecimiento Parameter SQL Injection Vulnerabilities in chCounter 3.1.3: Remote Code Execution Vulnerability: Bypassing Virus Detection in McAfee Products via Malformed Archive Files C2Net Stronghold 2.3 Cross-Site Scripting (XSS) Vulnerability Arbitrary Code Execution Vulnerability in Novell NetIdentity Client Apollo 37zz Heap-Based Buffer Overflow Vulnerability Stack-based Buffer Overflow in Dawningsoft PowerCHM 5.7 via Long URL in HTML File Buffer Overflow in Zervit Webserver 0.02 Allows Remote DoS via Long URI Arbitrary File Read Vulnerability in Mongoose 2.4 Stack-based Buffer Overflow in muxatmd on IBM AIX 5.2, 5.3, and 6.1: Local Privilege Escalation via Long Filename Elecard AVC HD Player Stack-based Buffer Overflow Vulnerability CRLF Injection Vulnerability in Sun Java System Delegated Administrator Inadequate Error Code Validation in apt-get Allows Installation of Malicious Repositories Unspecified Denial of Service Vulnerability in Sun OpenSolaris SCTP Sockets Implementation NULL pointer dereference vulnerability in __inet6_check_established function in Linux kernel before 2.6.29 with Network Namespace Support (NET_NS) enabled allows remote attackers to cause denial of service. Remote Command Execution in dig.php of GScripts.net DNS Tools SQL Injection Vulnerability in chCounter 3.1.3 Administration Panel GD library in libwmf 0.2.8.4: Use-after-free vulnerability in embedded GD library allows for denial of service or arbitrary code execution Arbitrary Remote Procedure Execution Vulnerability in Adobe Flash Media Server Arbitrary Script Injection in DotNetNuke (DNN) PayPal IPN Functionality Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.11 via search action Directory Traversal Vulnerability in moziloCMS 1.11 index.php Sensitive Information Disclosure in moziloCMS 1.11 Stack-based Buffer Overflow in Xilisoft Video Converter Allows Remote Code Execution Denial of Service Vulnerability in ClamAV's CLI_ISCONTAINED Macro Stack-based Buffer Overflow in ClamAV's cli_url_canon Function Buffer Overflow in Pidgin XMPP SOCKS5 Bytestream Server Buffer Overflow Vulnerability in Pidgin's decrypt_out Function Denial of Service Vulnerability in Pidgin's PurpleCircBuffer Implementation Integer overflows leading to buffer overflows in MSN protocol handler in Pidgin DTLS Record Buffer Limitation Vulnerability DTLS Fragment Handling Memory Leak Vulnerability in OpenSSL 0.9.8k and Earlier Versions Use-after-free vulnerability in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause denial of service and possibly other impacts via a crafted DTLS packet Arbitrary web script injection vulnerability in JMX-Console in JBoss EAP 4.2 and 4.3 Arbitrary Command Execution via Shell Metacharacters in SquirrelMail's map_yp_alias Function Arbitrary Code Execution Vulnerability in mimeTeX Arbitrary Command Execution in mathTeX's getdirective Function Username Enumeration Vulnerability in pam_krb5 Integer Underflow Vulnerability in e1000 Driver Allows Remote Denial of Service Denial of Service Vulnerability in OpenSSL 0.9.8i and earlier Denial of Service Vulnerability in OpenSSL's dtls1_retrieve_buffered_fragment Function Denial of Service Vulnerability in Linux Kernel 2.6.18 Buffer Overflow Vulnerability in Linux Kernel RTL8169 NIC Driver TLS Certificate Chain Spoofing Vulnerability in Mutt 1.5.19 Heap-based buffer overflow vulnerability in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017 Memory Corruption and Application Crash Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Remote Code Execution via Stack-based Buffer Overflow in Motorola Timbuktu Pro 8.6.5 on Windows SQL Injection Vulnerability in CRE Loaded 6.2 product_info.php Arbitrary SQL Command Execution in PastelCMS 0.8.0 via admin.php Arbitrary File Inclusion Vulnerability in PastelCMS 0.8.0 Arbitrary File Inclusion Vulnerability in TotalCalendar 2.4 NotFTP 1.3.1 Directory Traversal Vulnerability WebSPELL 4.2.0c Cross-Site Scripting (XSS) Vulnerability via Nested BBcode Tags SQL Injection Vulnerability in usersettings.php in e107 0.7.15 and Earlier Arbitrary SQL Command Execution in Quick.Cms.Lite 0.5 via index.php Arbitrary SQL Command Execution in Events Plugin for Seditio CMS 1.0 ChromeHTML Protocol Handler Argument Injection Vulnerability Universal XSS Vulnerability in Google Chrome 1.0.x Persistent Global Object Modifications in Google Chrome 2.0.x: Facilitating Universal XSS Attacks Denial of Service and Memory Corruption Vulnerability in libgnutls RSA Key Generation Vulnerability in GnuTLS Lack of Time Checks in X.509 Certificate Verification in GnuTLS Arbitrary Web Script Injection Vulnerability in HP System Management Homepage (SMH) Unspecified Remote Access Vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) Stack-based Buffer Overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 with SNMP and MIB before 1.30.009 Unspecified Denial of Service Vulnerability in NFS / ONCplus on HP-UX B.11.31 Privilege Escalation Vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and Earlier (PR_41209) Unspecified Denial of Service Vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and Earlier Unspecified Denial of Service Vulnerability in HP ProCurve Threat Management Services zl Module (J9155A) ST.1.0.090213 and Earlier Denial of Service Vulnerability in HP ProCurve Threat Management Services zl Module Unspecified Denial of Service Vulnerability in HP ProLiant DL and ML 100 Series G5, G5p, and G6 Servers with ProLiant Onboard Administrator Powered by LO100i (formerly Lights Out 100) 3.07 and Earlier Unspecified Denial of Service Vulnerability in HP-UX B.11.31 Cross-Site Scripting (XSS) Vulnerabilities in Symantec Log Viewer Arbitrary Command Execution in Symantec Alert Management System 2 Multiple stack-based buffer overflows in IAO.EXE in Symantec Alert Management System 2 (AMS2) Arbitrary Code Execution in Symantec Alert Management System 2 (AMS2) Arbitrary Text Injection Vulnerability in Symantec Reporting Server Arbitrary SQL Command Execution in SilverStripe File::find Vulnerability Foswiki CSRF Vulnerability: Remote Authentication Hijacking Denial of Service Vulnerability in Trend Micro OfficeScan Client 8.0 SP1 and 8.0 SP1 Patch 1 Memory Initialization Vulnerability in FreeBSD's db Interface Stack-based Buffer Overflow in PortableApps CoolPlayer Portable 2.19.6 and Earlier Heap-based buffer overflow in libmodplug before 0.8.6 allows arbitrary code execution via crafted MED file Buffer Overflow in CIFS Tree Connect Response in Linux Kernel 2.6.29 and Earlier Argument Injection Vulnerability in amule 2.2.4 Allows Remote Command Execution via Crafted Filename Heap-based Buffer Overflow in ParamTraits::Read Function in Google Chrome Integer Overflow Vulnerabilities in Skia Unspecified Vulnerabilities in OCS Inventory NG Server Component Remote File Inclusion Vulnerability in WebPortal CMS 0.8-beta Multiple Directory Traversal Vulnerabilities in WebPortal CMS 0.8-beta Unrestricted File Upload Vulnerability in Elkagroup Image Gallery 1.0 Arbitrary Code Execution via Unrestricted File Upload in e-cart.biz Free Shopping Cart Unspecified Cross-Site Scripting (XSS) Vulnerability in LovPop.net APRICOT Stack-based Buffer Overflow in PortableApps CoolPlayer Portable 2.19.1 via Large PlaylistSkin Parameter in skin.ini Remote File Inclusion Vulnerability in SMA-DB 0.3.12 format.php Allows Arbitrary PHP Code Execution Arbitrary Web Script Injection Vulnerability in SMA-DB 0.3.12 Multiple PHP Remote File Inclusion Vulnerabilities in SMA-DB 0.3.13 SQL Injection Vulnerability in Tiny Blogr 1.0.0 rc4: Remote Code Execution via txtUsername Parameter Arbitrary Web Script Injection in WebCollab tasks.php CSRF Vulnerabilities in WebCollab before 2.50 Allow Remote Authentication Hijacking Arbitrary File Inclusion Vulnerability in Malleo 1.2.3 admin.php Arbitrary Script Injection in Nuke Evolution Xtreme 2.x player.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in razorCMS before 0.4 CSRF Vulnerability in razorCMS Allows Remote Authentication Hijacking Weak Permissions in razorCMS Before 0.4 Allow Unauthorized Access and Privilege Escalation Arbitrary Script Injection in Create New Page Form in razorCMS 0.3 RC2 and Earlier Inconsistent Permission Verification in razorCMS Allows Local Users to Gain Unauthorized Access Static Code Injection Vulnerability in razorCMS before 0.4 Allows Remote PHP Code Injection CSRF Vulnerabilities in Application Access Server (A-A-S) 2.0.48 Allow Remote Authentication Hijacking Default Password Vulnerability in Application Access Server (A-A-S) 2.0.48 Cleartext Storage of Passwords and Port Keyword in A-A-S 2.0.48 Cross-Site Scripting (XSS) Vulnerabilities in IceWarp eMail Server and WebMail Server before 9.4.2 SQL Injection Vulnerabilities in IceWarp eMail Server and WebMail Server CRLF Injection Vulnerability in IceWarp eMail Server and WebMail Server Hardcoded AES Encryption Key Vulnerability in ATEN KH1516i and KN9116 IP KVM Switches Insecure RSA Cryptography in ATEN KH1516i and KN9116 IP KVM Switches Vulnerability: Lack of Mouse Event Encryption and Insecure Session Cookie Handling in ATEN KH1516i and KN9116 IP KVM Switches Buffer Overflow Vulnerability in Darren Reed IPFilter 4.1.31: Privilege Escalation via Long Hostname in URL Hardcoded SSL Private Key Vulnerability in ATEN KH1516i, KN9116, and PN9108 Devices Unspecified Denial of Service Vulnerabilities in Solaris DTrace Ioctl Handlers Boxalino Directory Traversal Vulnerability in client/desktop/default.htm SQL Injection Vulnerability in Pragyan CMS 2.6.4: Remote Code Execution via index.php SQL Injection Vulnerability in PuterJam's Blog (PJBlog3) 3.0.6.170: Remote Code Execution via cname Parameter in action.asp Cross-Site Scripting (XSS) Vulnerabilities in MoinMoin 1.8.2 and Earlier in action/AttachFile.py Arbitrary Code Execution via Unrestricted File Upload in Adam Patterson Studio Lounge Address Book 2.5 Cross-Site Scripting (XSS) Vulnerability in AXIGEN Mail Server 6.2.2 Web Mail Interface Denial of Service Vulnerability in eMule Plus Logging Feature Flatchat 3.0 pmscript.php Directory Traversal Vulnerability SQL Injection Vulnerability in FunGamez RC1 Login Page FunGamez RC1 admin/load.php Directory Traversal Vulnerability Authentication Bypass Vulnerability in Fungamez RC1 Heap-based Buffer Overflow in Sendmail 8.13.2: Remote Code Execution Vulnerability Vulnerability: Bypassing Virus Detection in McAfee GroupShield for Microsoft Exchange Remote Code Execution via Crafted Integer Arguments in getAnnots Doc Method Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Reader's customDictionaryOpen Spell Method Memcached 1.2.8 Memory-Allocation Statistics Disclosure Vulnerability Insufficient Access Control in Web File Explorer 3.1 Allows Remote Database Download Arbitrary Directory Listing Vulnerability in Cmi Marketplace Component for Joomla! Stack-based Buffer Overflow in GOM Player 2.1.16.4635 Allows Remote Code Execution Arbitrary File Inclusion Vulnerability in Game Maker 2k Internet Discussion Boards (iDB) 0.2.5 Pre-Alpha SVN 243 SQL Injection Vulnerability in Joomla! MailTo Component SQL Injection Vulnerability in ProjectCMS 1.0 Beta: Remote Code Execution via sn Parameter in index.php Exif Module XSS Vulnerability in Drupal Arbitrary File Inclusion Vulnerability in S-Cms Plugin.php SQL Injection Vulnerabilities in Tiger DMS Login Page Authentication Bypass Vulnerability in Absolute Form Processor XE 1.5 SQL Injection Vulnerability in News Page Module 5.x SQL Injection Vulnerability in eLitius 1.0: Remote Code Execution via id Parameter Node Access User Reference Module Vulnerability Arbitrary SQL Command Execution in X-Forum 0.6.2 via Cookie_Username Parameter SQL Injection Vulnerability in MyioSoft AjaxPortal 3.0: Remote Code Execution via ajaxp_backend.php Directory Traversal Vulnerabilities in KoschtIT Image Gallery 1.82 Denial of Service Vulnerability in GDI+ of Microsoft Windows XP SP3 via Large btChunkLen Value in PNG File Arbitrary PHP Code Injection Vulnerability in X-Forum 0.6.2 Buffer Overflow in libmodplug Allows Remote Code Execution Denial of Service Vulnerability in Google Chrome 1.0.154.53 Heap-based Buffer Overflow in cdf_read_sat Function in Christos Zoulas File 5.00 IceWarp Merak Mail Server 9.4.1 - Stack-based Buffer Overflow in IceWarpServer.APIObject ActiveX Control Multiple insecure method vulnerabilities in Symantec Norton Ghost 14.0 EasySetup Wizard ActiveX Control Beltane 2.3.11 Cross-Site Request Forgery (CSRF) Vulnerability Arbitrary File Read Vulnerability in Pecio CMS 1.1.5 Buffer Overflow Vulnerability in IBM Tivoli Storage Manager (TSM) Web GUI Unspecified File Manipulation Vulnerability in IBM Tivoli Storage Manager (TSM) Client Unspecified Man-in-the-Middle Vulnerability in IBM Tivoli Storage Manager (TSM) Client Directory Traversal Vulnerability in Mort Bay Jetty HTTP Server Arbitrary Script Injection Vulnerability in Mort Bay Jetty Remote Code Execution via Shell Metacharacters in DirectAdmin CMD_DB Restore Action Arbitrary File Creation Vulnerability in JBMC Software DirectAdmin Race condition vulnerability in ptrace_attach function allows local privilege escalation HTML Object Memory Corruption Vulnerability Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 7 HTML Objects Memory Corruption Vulnerability in Microsoft Internet Explorer 7 HTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer 7 HTML Objects Memory Corruption Vulnerability File Converter Buffer Overflow Vulnerability Office Web Components Buffer Overflow Vulnerability IIS WebDAV Authentication Bypass Vulnerability Remote Unauthenticated Denial of Service in ASP.NET Vulnerability DirectX NULL Byte Overwrite Vulnerability in QuickTime Movie Parser Filter DirectX Pointer Validation Vulnerability in QuickTime Movie Parser Filter DirectX Size Validation Vulnerability in QuickTime Movie Parser Filter Virtual PC and Virtual Server Privileged Instruction Decoding Vulnerability Double Free Vulnerability in Microsoft Windows Workstation Service Malformed AVI Header Vulnerability AVI Integer Overflow Vulnerability in Avifil32.dll Data Stream Header Corruption Vulnerability in Microsoft Internet Explorer BluSky CMS index.php SQL Injection Vulnerability Authentication Bypass Vulnerability in AGTC MyShop 3.2b Unrestricted Access to Admin Credentials in Zakkis Technology ABC Advertise 1.0 PHP Remote File Inclusion Vulnerabilities in Qt quickteam 2 Unspecified Denial of Service Vulnerability in SCO Unixware IGMP Driver Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sun GlassFish Enterprise Server 2.1 Admin Console Cross-Site Scripting (XSS) Vulnerability in Sun Woodstock 4.2 ThemeServlet.java Information Disclosure Vulnerability in Cisco Linksys WVC54GCA Wireless Video Camera Arbitrary File Read Vulnerability in Cisco Linksys WVC54GCA Wireless Video Camera Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cisco Linksys WVC54GCA Wireless Video Camera Directory Traversal Vulnerability in Cisco Linksys WVC54GCA Wireless Video Camera Absolute Path Traversal Vulnerability in Cisco Linksys WVC54GCA Wireless Video Camera Cleartext Password Storage Vulnerability in Cisco Linksys WVC54GCA Wireless Video Camera CSRF Vulnerability in Cisco Linksys WRT54GC Router Allows Unauthorized Password Change Heap-based Buffer Overflow in VMware Movie Decoder Allows Remote Code Execution Heap-based Buffer Overflow in VMnc Media Codec in VMware Movie Decoder Arbitrary Code Execution via Crafted Image Dimensions in Roxio Easy Media Creator Stack-based buffer overflow in Lateral Arts Photobox uploader ActiveX control allows remote code execution Stack-based Buffer Overflow in Novell iPrint Client 5.30 Stack-based buffer overflows in Novell iPrint Client: Remote Code Execution Vulnerabilities Heap-based Buffer Overflow in GIMP 2.6.7 ReadImage Function via Crafted BMP File HTML Parser Use-After-Free Remote Code Execution Vulnerability Denial of Service Vulnerability in Quagga BGP Daemon (bgpd) Privilege Escalation via Magic Cookie Exposure in xvfb-run 1.6.1 Denial of Service Vulnerability in ipsec-tools before 0.7.2 Drupal UTF-8 to UTF-7 Cross-Site Scripting (XSS) Vulnerability User-assisted remote information disclosure vulnerability in Drupal 5.x and 6.x before 5.17.0 and 6.11. Stack-based buffer overflows in putstring function in find.c in Cscope before 15.6 allow remote code execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in SquirrelMail and NaSMail Arbitrary Command Execution via Username String in SquirrelMail and NaSMail Session Fixation Vulnerability in SquirrelMail before 1.4.18 Allows Remote Session Hijacking Cross-Site Scripting (XSS) and Phishing Vulnerability in SquirrelMail before 1.4.18 Unrestricted Administrator Access in Million Dollar Text Links 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in TemaTres 1.0.3 and 1.031 Multiple SQL Injection Vulnerabilities in TemaTres 1.0.3 and 1.031 SQL Injection Vulnerabilities in TemaTres 1.031 with Disabled Magic Quotes GPC Stack-based Buffer Overflow in GrabIt 1.7.2 Beta 3 and Earlier: Remote Code Execution Vulnerability Authentication Bypass Vulnerability in PHP Site Lock 2.0 Arbitrary Web Script Injection in CGI RESCUE MiniBBS Arbitrary Email Sending Vulnerability in CGI RESCUE MiniBBS22 before 1.01 Arbitrary Email Sending Vulnerability in CGI RESCUE FORM2MAIL CRLF Injection Vulnerability in CGI RESCUE Web Mailer before 1.04 ElectraSoft 32bit FTP 09.04.24 Long Banner Stack-based Buffer Overflow Vulnerability Cross-Site Scripting (XSS) Vulnerability in Armorlogic Profense Web Application Firewall Improper Implementation of Positive Model in Armorlogic Profense Web Application Firewall Allows XSS Bypass Arbitrary Password Change Vulnerability in Ignite Realtime Openfire Authentication Bypass Vulnerability in Ignite Realtime Openfire Remote Code Execution via javascript: URI in Mozilla Firefox PDF Viewer Remote Code Execution via javascript: URI in Google Chrome PDF Viewer Remote Code Execution via javascript: URI in Opera's PDF Viewer Remote Code Execution via javascript: URI in Safari PDF Form Improper Ownership Setting in Ubuntu ClamAV-Milter Init Script Denial of Service Vulnerability in Pablo Software Solutions Quick 'n Easy Mail Server 3.3 Incorrect Public Exponents in RSA Key Generation in OpenSC 0.11.7 Remote Code Execution and Sensitive Data Exposure in LimeSurvey before 1.82 Heap-based Buffer Overflow in MuPDF Allows Remote Code Execution via Crafted PDF File Multiple Remote Code Execution Vulnerabilities in Dafolo DafoloControl ActiveX Control Arbitrary Script Injection in phpForm.net LinkBase 2.0 Administrator Panel Buffer Overflow Vulnerabilities in Microchip MPLAB IDE 8.30 and Earlier Versions Arbitrary Code Execution via Unrestricted File Upload in Battle Blog 1.25 Remote Code Execution in Job Script Job Board Software 2.0 via admin/changepassword.php ElectraSoft 32bit FTP 09.04.24 CWD Command Stack-based Buffer Overflow Vulnerability Stack-based Buffer Overflow in MPS.StormPlayer.1 ActiveX Control in Baofeng Storm SQL Injection Vulnerabilities in Leap CMS 0.1.4: Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Leap CMS 0.1.4 Unrestricted File Upload Vulnerability in Leap CMS 0.1.4 Allows Remote Code Execution Arbitrary Web Script Injection in Coppermine Photo Gallery (CPG) before 1.4.22 Authentication Bypass Vulnerability in Teraway LinkTracker 1.0 Authentication Bypass Vulnerability in Teraway LiveHelp 2.0 Authentication Bypass Vulnerability in Teraway FileStream 1.0 Arbitrary Web Script Injection in MataChat's input.php OpenCart 1.1.8 Directory Traversal Vulnerability SQL Injection Vulnerability in EcShop 2.5.0 user.php Allows Remote Code Execution Arbitrary Web Script Injection Vulnerability in Dew-NewPHPLinks 2.0 Arbitrary File Read Vulnerability in Dew-NewPHPLinks 2.0 Thickbox Gallery 2 Index.php Directory Traversal Vulnerability SQL Injection Vulnerability in EZ-Blog before Beta 2 20090427 Remote Code Execution Vulnerability in SDP Downloader 2.3.0 via Long .asf URL Remote Code Execution Vulnerability in Unisys Business Information Server (BIS) 10 and 10.1 Predictable Session ID Generation in AjaxTerm 0.10 and Earlier NFS Client Vulnerability: Bypassing Execute Permissions on Linux Kernel 2.6.29.3 and Earlier World-readable Permissions in Evolution Mailer Component Memory leaks in Ipsec-tools before 0.7.2 leading to denial of service (DoS) via signature verification and NAT-Traversal Buffer overflows in Linux kernel CIFS subsystem leading to memory corruption and potential denial of service Improper Session Management in Novell GroupWise WebAccess Component Cross-Site Scripting (XSS) Vulnerabilities in Novell GroupWise WebAccess Component Buffer Overflow Vulnerabilities in Novell GroupWise Internet Agent Unauthenticated Remote Attackers Can Change Admin Credentials in Simple Customer 1.3 Authentication Bypass Vulnerability in Techno Dreams Job Career Package 3.0 Arbitrary Code Execution Vulnerability in Nucleus Data Recovery Kernel Recovery for Novell 4.03 Arbitrary Code Execution via Crafted .AMHH File in Nucleus Data Recovery Kernel Recovery for Macintosh 4.04 Stack-based buffer overflow vulnerabilities in Mini-stream Ripper 3.0.1.1: Remote Code Execution Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 Remote Code Execution Vulnerability in Sorinara Soritong MP3 Player 1.0 via Crafted .m3u File Sorinara Streaming Audio Player 0.9 Stack-Based Buffer Overflow Vulnerability Stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7: Remote Code Execution Vulnerabilities Remote Code Execution via Stack-based Buffer Overflow in Mini-stream RM Downloader 3.0.0.9 Heap-based Buffer Overflow in Ultrafunk Popcorn 1.87: Remote Denial of Service via Long String in +OK Response YaST2 LDAP Module Firewall Bypass Vulnerability Directory Traversal Vulnerability in beLive 0.2.3: Arbitrary File Read via arch.php Multiple SQL Injection Vulnerabilities in Shutter 0.1.1's photos.php SQL Injection Vulnerability in admin/member_details.php in 2daybiz Business Community Script Unrestricted Access Vulnerability in Business Community Script Allows Remote Privilege Escalation Arbitrary File Read Vulnerability in TinyButStrong 3.4.0 Arbitrary Web Script Injection in Easy Scripts Answer and Question Script SQL Injection Vulnerabilities in Easy Scripts Answer and Question Script Command Injection Vulnerability in Xerox WorkCentre and WorkCentre Pro Printers SQL Injection Vulnerabilities in Starrating Plugin for b2evolution (Version < 0.7.7) SQL Injection Vulnerabilities in Realty Web-Base 1.0 Unrestricted File Upload Vulnerability in eLitius 1.0 Stack-based Buffer Overflow in URUWorks ViPlay3 3.0 and Earlier: Remote Code Execution SQL Injection Vulnerability in uTopic 1.0: Remote Code Execution via admin/utopic.php SQL Injection Vulnerabilities in Wright Way Services Recipe Script 5 Arbitrary Code Execution via Unrestricted File Upload in Easy Scripts Answer and Question Script Unauthenticated Password Change Vulnerability in Easy Scripts Answer and Question Script Arbitrary User Account Removal Vulnerability in Easy Scripts Answer and Question Script Arbitrary Code Execution Vulnerabilities in CycloMedia CycloScopeLite 2.50.3.0 Stack-based Buffer Overflow in Mini-stream CastRipper 2.50.70 via Long Entry in .m3u File Denial of Service Vulnerability in TYPSoft FTP Server 1.11 Arbitrary Command Execution in Smarty 2.6.22 via math function equation attribute Unauthenticated Remote Account Addition in TCPDB 3.8 Multiple Buffer Overflows in Sun Java SE Runtime Environment (JRE) 6 Update 13 Deployment Toolkit ActiveX Control Remote Code Execution and Unauthorized JRE Installation Vulnerability in Sun Java SE Runtime Environment Denial of Service Vulnerability in Sun Solaris 9 Kernel Stack-based Buffer Overflow in Microchip MPLAB IDE 8.30 ElectraSoft 32bit FTP 09.04.24 Remote Code Execution via Stack-based Buffer Overflow Multiple static code injection vulnerabilities in saveFeed function in Bitweaver 2.6 and earlier Arbitrary File Creation/Overwrite Vulnerability in Bitweaver RSS Feed Creator Vulnerability: Weaker Password Policy Bypass in Apple iPhone OS and iPhone OS for iPod touch Search History Leakage in Safari on Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 Clickjacking Vulnerability in Apple Safari and iPhone OS Revoked Extended Validation (EV) Certificate Bypass in Apple Safari Denial of Service Vulnerability in Apple iPhone OS and iPhone OS for iPod touch Arbitrary Script Injection Vulnerability in Apple Safari and iPhone OS Arbitrary Script Injection Vulnerability in Apple Safari and iPhone OS Memory Corruption Vulnerability in WebKit JavaScript Garbage Collector Vulnerability in Apple Safari and iPhone OS Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari and iPhone OS versions 1.0 through 2.2.1 allows remote script injection Arbitrary Script Injection Vulnerability in Apple Safari and iPhone OS Webkit Use-After-Free Vulnerability in Multiple Products Insufficient Access Control for JavaScript Prototypes in WebKit Denial of Service Vulnerability in WebKit Cross-Site Image Capture Vulnerability in Apple Safari and iPhone OS Cross-Site Image Capture Vulnerability in Apple Safari and iPhone OS Arbitrary Script Injection Vulnerability in Apple Safari and iPhone OS Predictable Random Number Generation in WebKit Safari CRLF Injection Vulnerability in WebKit Allows HTTP Header Injection and Same Origin Policy Bypass Memory Corruption Vulnerability in WebKit XML External Entity (XXE) Vulnerability in WebKit Arbitrary XML Content Reading Vulnerability in WebKit Use-after-free vulnerability in WebKit DOM implementation in Apple Safari and iPhone OS allows remote code execution or denial of service Arbitrary Script Injection Vulnerability in Apple Safari and iPhone OS File Disclosure Vulnerability in Apple Safari WebKit Arbitrary JavaScript Code Execution via Misinterpreted Image Files in Apple Safari Arbitrary Code Execution and Denial of Service Vulnerability in CoreGraphics of Apple Safari on Windows Cookie Tracking Vulnerability in Apple Safari on Windows Race condition vulnerability in Reset Safari implementation in Apple Safari before 4.0 on Windows allows local users to read stored web-site passwords Arbitrary Code Execution and Information Disclosure via open-help-anchor URL Handler in Apple Safari Use-after-free vulnerability in WebKit garbage-collection implementation in Apple Safari before 4.0 Spoofing Vulnerability in Apple Safari's WebKit Memory Initialization Vulnerability in WebKit Remote Code Execution Vulnerability in Apple Safari WebKit Arbitrary File Reading Vulnerability in WebKit XSLT Functionality Arbitrary Script Injection and Local File Reading Vulnerability in Apple Safari Web Inspector User-assisted remote code execution and file read vulnerability in Apple Safari Web Inspector Information Disclosure Vulnerability in CFNetwork of Apple Safari on Windows Terminal Integer Overflow Vulnerability in Apple Mac OS X 10.5 User-assisted remote information disclosure vulnerability in WebKit in Apple Safari before 4.0 Remote Code Execution Vulnerability in Aqua Look and Feel for Java on Mac OS X 10.5 Multiple Integer Overflows in OpenEXR 1.2.2 and 1.6.1 Leading to Heap-Based Buffer Overflows Uninitialized Pointer Vulnerability in OpenEXR's Decompression Implementation OpenEXR 1.2.2 Compression Implementation Heap-Based Buffer Overflow Vulnerability Incorrect URL in Certificate Warning in CFNetwork in Apple Mac OS X 10.5 before 10.5.8 Arbitrary Script Injection Vulnerability in Apple Safari WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit ColorSync Heap-Based Buffer Overflow Vulnerability in Apple Mac OS X Incomplete Blacklist Vulnerability in CoreTypes in Apple Mac OS X 10.5 before 10.5.8 Stack-based Buffer Overflow in Image RAW Processing in Apple Mac OS X Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Communications Express 6.2 and 6.3 Directory Traversal Vulnerabilities in NetMechanica NetDecision TFTP Server 4.2 SQL Injection Vulnerability in MLFFAT 2.1 Panel/index.php Arbitrary Web Script Injection Vulnerability in IPplan 4.91a CSRF Vulnerability in IPplan 4.91a Allows Remote Authentication Hijacking SQL Injection Vulnerability in VidSharePro's listing_video.php Cross-Site Scripting (XSS) Vulnerability in VidSharePro's search.php SQL Injection Vulnerability in GridSupport Ticket System Component for Joomla! Arbitrary Directory Listing Vulnerability in MyPic 2.1 Arbitrary Script Injection in Drupal Feed Block Module Authentication Bypass Vulnerability in PAD Site Scripts 3.6 Heap-based Buffer Overflow in D-Link MPEG4 Viewer ActiveX Control (csviewer.ocx) 2.11.918.2006 SQL Injection Vulnerabilities in DM FileManager 3.9.2 Login Page SQL Injection Vulnerability in PC4Arb Pc4 Uploader 9.0 and Earlier Directory Traversal Vulnerability in Pinnacle Hollywood Effects 6.5.201.0 Denial of Service Vulnerability in Pinnacle Hollywood Effects 6 Default Root Password Hash and SSH Login Vulnerability in Armorlogic Profense Web Application Firewall SQL Injection Vulnerability in Dian Gemilang DGNews 3.0 Beta's berita.php Allows Remote Code Execution 26th Avenue bSpeak 1.10 - Remote SQL Injection Vulnerability Multiple Directory Traversal Vulnerabilities in Catviz 0.4.0 Beta 1 Cross-Site Scripting (XSS) Vulnerabilities in Catviz 0.4.0 beta 1 Arbitrary Code Execution via Unrestricted File Upload in VidSharePro SQL Injection Vulnerability in Realty Webware Technologies Web-Base 1.0: Remote Code Execution via id Parameter in list_list.php Unrestricted Access Vulnerability in exJune Office Message System 1 Arbitrary File Overwrite Vulnerability in Coccinelle 0.1.7 Insecure Developer Certificate Verification in PackageManagerService Buffer overflow vulnerability in nsd packet_read_query_section and process_query_section functions X Authority Magic Cookie Exposure in SLiM Simple Login Manager 1.3.0 CSRF Vulnerability in Transmission 1.5 and 1.6 Hypervisor Callback Denial of Service Vulnerability Stack-based Buffer Overflow in btFiles::BuildFromMI Function in Enhanced CTorrent and CTorrent Directory Traversal Vulnerability in Rasterbar libtorrent Denial of Service Vulnerability in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows Cross-Site Scripting (XSS) Vulnerabilities in Novell GroupWise 7.x Login Page Unspecified Privilege Escalation Vulnerability in Solaris Secure Digital Slot Driver SQL Injection Vulnerability in MaxCMS 2.0's inc/ajax.asp Allows Remote Code Execution Directory Traversal Vulnerabilities in pluck 4.6.2 with register_globals Enabled Arbitrary SQL Command Execution in LightOpenCMS 0.1 via index.php Unauthenticated Remote Account Modification in 2daybiz Template Monster Clone Arbitrary File Read Vulnerability in Rama Zaiten CMS 0.9.8 and Earlier Username Enumeration Vulnerability in OCS Inventory NG 1.01 Arbitrary File Inclusion Vulnerability in Flyspeck CMS 6.8 Unauthenticated Remote Account Creation and Modification in Flyspeck CMS 6.8 Cross-Site Scripting (XSS) Vulnerability in activeCollab 2.1 Corporate Login Script Sensitive Information Disclosure in activeCollab 2.1 Corporate Login Script Directory Traversal Vulnerability in Strawberry 1.1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ulteo Open Virtual Desktop 1.0 Cross-Site Scripting (XSS) Vulnerabilities in Matt Wright FormMail 1.92 CRLF Injection Vulnerability in Matt Wright FormMail 1.92 SQL Injection Vulnerability in BigACE CMS 2.5 User Registration Feature Frax.dk Php Recommend 1.3 Remote File Inclusion Vulnerability in admin.php Unauthenticated Remote Code Execution in Frax.dk Php Recommend 1.3 and Earlier Static Code Injection Vulnerability in Frax.dk Php Recommend 1.3 and Earlier: Remote PHP Code Injection via admin.php Bypassing Malware Detection in F-Secure Anti-Virus Products via Crafted ZIP and RAR Archives Bypassing Malware Detection in Multiple FRISK Software F-Prot Anti-Virus Products via Crafted CAB Archive Remote Code Execution Vulnerability in AVG Anti-Virus Products via Crafted RAR and ZIP Archives Arbitrary Script Injection in Ulteo Open Virtual Desktop 1.0 via header.php Symlink Attack Vulnerability in IBM AIX Malloc Subsystem Authentication Bypass and Administrative Access Vulnerabilities in PHP Dir Submit Heap-based Buffer Overflow in libsndfile: Remote Code Execution Vulnerability Denial of Service Vulnerability in Eggheads Eggdrop and Windrop 1.6.19 and Earlier Arbitrary Web Script Injection in CGI RESCUE Trees before 2.11 Heap-based Buffer Overflow in libsndfile: Remote Code Execution via AIFF File Arbitrary Command Execution in StoneTrip Ston3D StandalonePlayer and WebPlayer Arbitrary Web Script Injection Vulnerability in Sun Java System Portal Server Cross-Site Request Forgery (CSRF) Vulnerabilities in APC Switched Rack PDU Devices Multiple Cross-Site Scripting (XSS) Vulnerabilities in APC Switched Rack PDU and NMC SQL Injection Vulnerabilities in ST-Gallery 0.1 Alpha Stack-based Buffer Overflow in Chinagames CGAgent ActiveX Control 1.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in FreePBX 2.5.1 and Earlier Versions Cross-Site Request Forgery (CSRF) Vulnerabilities in FreePBX 2.5.1 and Earlier Versions User Enumeration Vulnerability in FreePBX 2.5.1 and Earlier Versions SQL Injection Vulnerabilities in VideoScript.us YouTube Video Script Unspecified Denial of Service Vulnerability in VMware Descheduled Time Accounting Driver Unspecified Vulnerability in IBM Hardware Management Console (HMC) 7 Release 3.4.0 SP2 with Active Memory Sharing Baofeng Products Config.dll Remote Code Execution Vulnerability Denial of Service Vulnerability in Microsoft Windows XP SP3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in myColex 1.4.2 Multiple SQL Injection Vulnerabilities in myColex 1.4.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in myGesuad 0.9.14 Multiple SQL Injection Vulnerabilities in myGesuad 0.9.14 (aka 0.9) SQL Injection Vulnerabilities in Submitter Script 2's admin/index.php SQL Injection Vulnerability in mail.php in PHPenpals 1.1 and Earlier Remote Code Execution Vulnerability in Sonic Spot Audioactive Player 1.93b SQL Injection Vulnerability in My Game Script 2.0's admin.php Allows Remote Code Execution Buffer Overflow Vulnerabilities in DigiMode Maya 1.0.2 MaxCMS 2.0 SQL Injection Vulnerability in admin_manager.asp SQL Injection Vulnerability in 2daybiz Custom T-shirt Design Script's product.php Allows Remote Code Execution via id Parameter Arbitrary Web Script Injection Vulnerability in 2daybiz Custom T-shirt Design Script Insufficient Access Control in DMXReady Registration Manager 1.1 Allows Remote Database Download PHP Remote File Inclusion Vulnerabilities in InterJoomla ArtForms Component 2.1b7 for Joomla! Cross-site scripting (XSS) vulnerability in Drupal Print module before 5.x-4.7 and 6.x-1.7 ArcaBit ArcaVir 2009 Antivirus Protection Privilege Escalation Vulnerability Unauthenticated Remote User Account Listing in myColex 1.4.2 Unauthenticated User Account Listing Vulnerability in myGesuad 0.9.14 Denial of Service Vulnerability in Mozilla Firefox 3.0.4 via SVG Component Denial of Service Vulnerability in Mozilla Firefox 3.0.10 Denial of Service Vulnerability in PCNFSD Dissector in Wireshark 0.8.20 through 1.0.7 Soulseek 156 and 157 NS Stack-Based Buffer Overflow Vulnerability Stack-based Buffer Overflow in Nullsoft Winamp's gen_ff.dll Module Double Frame Construction Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Memory Corruption and Arbitrary Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Visual Truncation Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Cookie Reading Vulnerability in Mozilla Firefox and SeaMonkey SSL Tampering Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Race condition vulnerability in NPObjWrapper_NewResolve function in Mozilla Firefox 3 before 3.0.11 allows remote attackers to execute arbitrary code via a page transition during Java applet loading Arbitrary JavaScript Execution via Garbage Collection Vulnerability File-URL-to-File-URL Scripting Vulnerability in Mozilla Firefox 3 Content Policy Bypass Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Web Script Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey SQL Injection Vulnerability in PHP-Nuke 8.0 UserLog.php Multiple SQL Injection Vulnerabilities in Flash Quiz Beta 2 Cross-Site Scripting (XSS) Vulnerabilities in Drupal 5.x and 6.x Arbitrary Script Injection Vulnerability in Lussumo Vanilla 1.1.5 and 1.1.7 Multiple Directory Traversal Vulnerabilities in SiteX 0.7.4 Build 418 and Earlier Arbitrary File Inclusion Vulnerability in Easy PX 41 CMS 9.0 B1 SQL Injection Vulnerability in JoomlaMe AgoraGroups Component 0.3.5.3 Arbitrary Web Script Injection Vulnerability in PRTG Traffic Grapher SQL Injection Vulnerability in phpBugTracker 1.0.3: Remote Code Execution via Password Parameter SQL Injection Vulnerability in phpBugTracker 1.0.4 and Earlier via username Parameter in include.php SQL Injection Vulnerabilities in Graphiks MyForum 1.3: Remote Code Execution via Username and Password Fields SQL Injection Vulnerabilities in Kensei Board 2.0 BETA and Earlier Versions Authentication Bypass Vulnerability in Million Dollar Text Links 1.0 Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Heap-based Buffer Overflow in Adobe Reader and Acrobat Memory Corruption and Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Versions 7, 8, and 9 Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Heap-based Buffer Overflow Vulnerabilities in Adobe Reader and Acrobat Adobe Reader and Acrobat Remote Code Execution Vulnerability Unspecified Privilege Escalation Vulnerability in Adobe Flash Player and Adobe AIR Heap-based Buffer Overflow in Adobe Flash Player and Adobe AIR Null Pointer Vulnerability in Adobe Flash Player and Adobe AIR Stack-based Buffer Overflow in Adobe Flash Player and Adobe AIR Adobe Flash Player and Adobe AIR Clickjacking Vulnerability Heap-based Buffer Overflow in Adobe Flash Player and Adobe AIR Allows for Denial of Service and Arbitrary Code Execution via URL Parsing Integer Overflow Vulnerability in Adobe Flash Player and Adobe AIR AVM2 abcFile Parser Local Sandbox Vulnerability in Adobe Flash Player and Adobe AIR Cross-Site Scripting (XSS) Vulnerabilities in Adobe ColdFusion Server 8.0.1 and Earlier Adobe JRun Application Server 4 Updater 7 - Directory Traversal Vulnerability in logviewer.jsp Arbitrary Web Script Injection in Adobe JRun 4.0 Management Console Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Adobe ColdFusion 8.0.1 and Earlier Double-Encoded Null Character Vulnerability in Adobe ColdFusion 8.0.1 and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerability in Adobe ColdFusion 8.0.1 and Earlier Session Fixation Vulnerability in Adobe ColdFusion 8.0.1 and Earlier Adobe Flex SDK XSS Vulnerability in express-install Templates MT312 REP-BBS Cross-Site Scripting (XSS) Vulnerability MT312 IMG-BBS Cross-Site Scripting (XSS) Vulnerability Integer Overflow in XMakeImage Function in ImageMagick and GraphicsMagick Unprivileged Local Users Can Force Driver Outage in Linux Kernel 2.6.9 Buffer overflow vulnerability in Bzip2.xs in Compress-Raw-Bzip2 module before 2.018 for Perl Stack Consumption Vulnerability in Apache Xerces C++ 2.7.0 and 2.8.0 Arbitrary Code Execution via Format String Vulnerabilities in Samba smbclient Denial of Service Vulnerability in net-snmp 5.0.9 Uninitialized Memory Read Access Control List Modification Vulnerability in Samba Denial of Service Vulnerability in Pidgin OSCAR Protocol Implementation Denial of Service Vulnerability in Apache HTTP Server's mod_proxy Module Apache httpd mod_deflate Denial of Service Vulnerability Denial of Service Vulnerability in ISC DHCP 3.0.4 and 3.1.1 Arbitrary File Overwrite Vulnerability in Red Hat DHCPD Init Script Privilege Escalation via Race Condition in PulseAudio Vulnerability: Memory Usage Details Leakage in Linux Kernel Arbitrary Code Execution Vulnerability in Java Web Start Framework Privilege Escalation via NULL Pointer Dereference in Linux Kernel's tun_chr_poll Function Insecure Login Page Redirection in IBM WebSphere Application Server Unspecified vulnerability in IBM WebSphere Application Server allows sensitive information disclosure Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) Administrative Console Vulnerability: Non-Standard HTTP Methods in IBM WebSphere Application Server (WAS) 6.0.2 Denial of Service Vulnerability in ModSecurity Multipart Processor PDF XSS Protection Bypass Vulnerability in ModSecurity Denial of Service Vulnerability in Ruby BigDecimal Library Bypassing Password Authentication in IBM DB2 LDAP Security Memory Corruption and Application Crash Vulnerability in IBM DB2 9.1 and 9.5 Arbitrary Web Script Injection via Referer Header in Claroline 1.8.11 Arbitrary Web Script Injection Vulnerability in Skip 1.0.2 and Earlier Arbitrary SQL Command Execution Vulnerability in Skip 1.0.2 and Earlier Versions SQL Injection Vulnerability in RTWebalbum 1.0.462: Remote Code Execution via AlbumId Parameter Directory Traversal Vulnerability in QuiXplorer and TinyWebGallery Directory Traversal and Local File Inclusion Vulnerability in webSPELL 4.2.0e and Earlier SQL Injection Vulnerability in LuxBum 0.5.5 manager.php Allows Remote Code Execution Denial of Service Vulnerability in pci_register_iommu_region Function on sparc64 Platform Stack-based Buffer Overflow in ICQ 6.5 URL Search Hook (ICQToolBar.dll) Remote Command Execution in dig.php of GScripts.net DNS Tools Memory Corruption Vulnerability in Microsoft Internet Explorer HTML Objects Memory Corruption Vulnerability Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer JScript Remote Code Execution Vulnerability MSMQ Null Pointer Vulnerability WINS Heap Overflow Vulnerability WINS Integer Overflow Vulnerability TCP/IP Timestamps Code Execution Vulnerability TCP/IP Orphaned Connections Vulnerability LSASS Recursive Stack Overflow Vulnerability Remote Desktop Connection ActiveX Control Heap Overflow Vulnerability Telnet Credential Reflection Vulnerability Buffer overflow vulnerability in GStreamer Good Plug-ins 0.10.15 Kerberos Credential Cache Management Vulnerability in Sun Solaris and OpenSolaris Cross-Site Scripting (XSS) Vulnerability in Sun Java System Web Server 6.1 Reverse Proxy Plug-in Integer Overflow in FreeBSD Pipe Implementation Allows Unauthorized Memory Access Unauthenticated Remote File Inclusion and Directory Traversal Vulnerability in cpCommerce 1.2.x Cross-Site Scripting (XSS) Vulnerability in LightNEasy Comment Posting Feature Unspecified Cross-Site Scripting (XSS) Vulnerability in Joomla! 1.5.x through 1.5.10 Arbitrary Code Injection through Cross-Site Scripting (XSS) in JA_Purity Template for Joomla! 1.5.x through 1.5.10 Arbitrary Code Injection through XSS in Joomla! 1.5.x through 1.5.10 Administrator Panel Insufficient Access Control in PAD Site Scripts 3.6 Allows Remote Database Download Arbitrary Code Injection in Drupal Quiz Module Stack-based Buffer Overflow in SafeNet SoftRemote IKE Service AIMP 2.51 Build 330 MP3 ID3 Tag Buffer Overflow Vulnerability Arbitrary SQL Command Execution in WebCal 3.04 via webCal3_detail.asp Remote File Inclusion Vulnerability in AdaptBB 1.0 Allows Arbitrary PHP Code Execution SQL Injection Vulnerability in UnbDbEncode Function in Unclassified NewsBoard (UNB) 1.6.4 Directory Traversal Vulnerabilities in Unclassified NewsBoard (UNB) 1.6.4 Sensitive Information Disclosure in Unclassified NewsBoard (UNB) 1.6.4 via import_wbb1.php Arbitrary SQL Command Execution in WebEyes Guest Book 3 via yorum.asp Arbitrary Script Injection in PropertyMax Pro FREE 0.3 via Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerabilities in PropertyMax Pro FREE 0.3 Administrative Login Unrestricted Access to Recently Authenticated User Credentials in IBM FileNet Content Manager Unspecified Denial of Service Vulnerability in IBM AIX 5.3 Portmapper Denial of Service Vulnerability in Apache APR-util XML Parser Off-by-one Error in apr_brigade_vprintf Function in Apache APR-util Denial of Service Vulnerability in strongSWAN IKE_SA_INIT Request Handling Denial of Service Vulnerability in charon/sa/tasks/child_create.c Off-by-one Error in irssi 0.8.13 Allows Remote Denial of Service Arbitrary Local File Inclusion in DokuWiki 2009-02-14, rc2009-02-06, and rc2009-01-30 Inode Double Locking Deadlock Vulnerability Arbitrary File Read and Write Vulnerability in Xfig Unspecified Remote Vulnerability in Oracle Database 11.1.0.6 Network Foundation Component Unspecified vulnerability in Oracle Database 10.2.0.4 Workspace Manager component Unspecified Remote Vulnerability in Oracle Database Net Foundation Layer Unspecified vulnerability in Config Management component in Oracle Database and Oracle Enterprise Manager Unspecified vulnerability in Config Management component in Oracle Database and Oracle Enterprise Manager Unspecified Remote Integrity Vulnerability in Oracle Database 10.1.8.3 Unspecified Confidentiality Vulnerability in Oracle Database Auditing Component Unspecified Remote Vulnerability in Oracle Database Listener Component Unspecified Integrity Vulnerability in Oracle Database Data Pump Component Remote Code Execution Vulnerability in Oracle Database Auditing Component Unspecified vulnerability in Oracle Database Virtual Private Database component allows remote authenticated users to compromise confidentiality and integrity Unspecified vulnerability in WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 Unspecified Remote Code Execution Vulnerability in WebLogic Server Component Unspecified Remote Integrity Vulnerability in Oracle Application Server 10.1.2.3 HTTP Server Component Unspecified vulnerability in Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 Unspecified Remote Code Execution Vulnerability in Oracle Secure Backup Unspecified vulnerability in Oracle Database Network Authentication component allows remote attackers to execute arbitrary code Unspecified vulnerability in Oracle Application Object Library component in Oracle E-Business Suite Unspecified Local Vulnerability in Siebel Highly Interactive Client Component Unspecified Remote Integrity Vulnerability in Oracle Applications Framework Unspecified Remote Integrity Vulnerability in Oracle iStore Component Unspecified vulnerability in Oracle E-Business Suite Application Install component Unspecified Remote Code Execution Vulnerability in Oracle Database Network Authentication Component Unspecified Remote Confidentiality Vulnerability in Oracle Applications Manager Unspecified Remote Integrity Vulnerability in PeopleSoft Enterprise PeopleTools - Enterprise Portal Component Unspecified Confidentiality Vulnerability in PeopleSoft Enterprise HRMS eProfile Manager Unspecified vulnerability in PeopleSoft Enterprise FMS component allows remote authenticated users to compromise confidentiality and integrity Unspecified Local Confidentiality Vulnerability in Oracle Application Server 10.1.3.4.1 Multiple SQL Injection Vulnerabilities in Oracle Text Component Unspecified Remote Code Execution Vulnerability in Oracle Database Core RDBMS Component Unspecified vulnerability in Oracle Database 3.0.1 Application Express component allows remote authenticated users to compromise confidentiality and integrity Unspecified vulnerability in Oracle Spatial component in Oracle Database 10.1.0.5 Unspecified vulnerability in Oracle Database Advanced Queuing component allows remote authenticated users to compromise confidentiality and integrity Unspecified Integrity Vulnerability in Oracle Database Logical Standby Component Unspecified Remote Confidentiality Vulnerability in Oracle Database Authentication Component Unspecified vulnerability in Oracle Communications Order and Service Management component in Oracle Industry Applications Unspecified Remote Integrity Vulnerability in Oracle Business Intelligence Enterprise Edition Unspecified Remote Confidentiality Vulnerability in Oracle Database 11.1.0.7 Authentication Component Persistent User Session Vulnerability Unspecified Remote Code Execution Vulnerability in Oracle Database PL/SQL Component Unspecified Remote Code Execution Vulnerability in WebLogic Portal Component Authentication Bypass Vulnerability in Ascad Networks Password Protector SD 1.3.1 Multiple SQL Injection Vulnerabilities in Dokeos 1.8.5 CSRF Vulnerability in Dokeos 1.8.5 Allows Unauthorized Addition of Personal Agenda Items Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dokeos 1.8.5 and Earlier Directory Traversal Vulnerabilities in Dokeos 1.8.5 Multiple SQL Injection Vulnerabilities in Dokeos 1.8.5 and Earlier Versions Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dokeos 1.8.5 Multiple SQL Injection Vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 1.9 and Earlier Arbitrary Command Execution in Worldweaver DX Studio Player Plugin for Firefox Denial of Service Vulnerability in idmap in Sun OpenSolaris Frontis 3.9.01.24 - SQL Injection Vulnerability in bin/aps_browse_sources.php SQL Injection Vulnerability in ComSchool Component 1.4 for Joomla! Arbitrary File Read Vulnerability in Ideal MooFAQ Component 1.0 for Joomla! SQL Injection Vulnerability in Virtue Shopping Mall's products.php Allows Remote Code Execution via cid Parameter SQL Injection Vulnerability in Virtue Book Store's products.php Allows Remote Code Execution SQL Injection Vulnerability in MyCars Admin Panel SQL Injection Vulnerability in Virtue News Manager's news_detail.php Arbitrary Web Script Injection Vulnerability in Virtue News Manager's news_detail.php SQL Injection Vulnerability in Virtue Classifieds' search.php Insufficient Access Control in fipsCMS Light 2.1 Allows Remote Database Download SQL Injection Vulnerability in Shop-Script Pro 2.12 via current_currency Parameter Insufficient Access Control in Vlad Titarenko ASP VT Auth 1.0 Allows Unauthorized Access to Sensitive Information Authentication Bypass Vulnerability in DM FileManager 3.9.2 Remote Code Execution Vulnerability in Data Transport Services Privilege Escalation via Immediate Launch in Apple Safari Installer Unspecified Vulnerabilities in Adobe Reader and Acrobat Versions 7, 8, and 9 Denial of Service Vulnerability in rpc.nisd in Sun Solaris and OpenSolaris Unspecified XML Digital Signature Verification Vulnerability in JDK 6.0 Arbitrary File Read and Directory Listing Vulnerability in Sun OpenSolaris SMBFS PDshopPro search.asp XSS vulnerability Yogurt 0.3 index.php Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Yogurt 0.3's writemessage.php with Enabled Register_Globals Unspecified Key-Based Access Vulnerability in Drupal Services Module SQL Injection Vulnerability in Open Biller 0.1: Remote Code Execution via username parameter in index.php Directory Traversal Vulnerabilities in Online Grades & Attendance 3.2.5 and Earlier Unspecified Vulnerability in Finnish Bank Payment Module 2.2 for osCommerce: Potential Exploitation of Bank Charges Unspecified Vulnerability in Luottokunta Module for osCommerce: Potential Impact on Orders Authentication Bypass and Unauthorized Account Creation in Grestul 1.2 Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab 0.7.1 Uninitialized Bits Vulnerability in libpng Denial of Service Vulnerability in Mozilla Firefox 3.0.2 through 3.0.10 Denial of Service Vulnerability in Mozilla Firefox 3.0.10 and Earlier on Linux Denial of Service Vulnerability in Cisco Video Surveillance Stream Manager Firmware Arbitrary File Read Vulnerability in Cisco Video Surveillance 2500 Series IP Camera Directory Traversal Vulnerability in Cisco Customer Response Solutions (CRS) Administration Interface Arbitrary Code Injection Vulnerability in Cisco Unified Contact Center Express Denial of Service Vulnerability in Cisco IOS and IOS XE with RFC4893 BGP Routing Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) Cisco IOS and Cisco Unified Communications Manager Denial of Service Vulnerability Denial of Service Vulnerability in Cisco Unified Communications Manager and Cisco Unified Presence Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) Cisco IOS XR BGP UPDATE Message Denial of Service Vulnerability Denial of Service Vulnerability in Cisco IOS XR 3.8.1 and Earlier SSL Tampering Vulnerability in Microsoft Internet Explorer SSL Tampering Vulnerability in Apple Safari Opera SSL Tampering Vulnerability SSL Tampering Vulnerability in Google Chrome Arbitrary Web Script Execution via HTTP CONNECT Response Vulnerability in Mozilla Firefox Arbitrary Web Script Execution via HTTP CONNECT Response Vulnerability in Apple Safari Opera Browser Vulnerability: Arbitrary Web Script Execution via Manipulated HTTP CONNECT Response HTTP-Intended-but-HTTPS-Loadable (HPIHSL) vulnerability in Microsoft Internet Explorer 8 and other versions HTTP-Intended-but-HTTPS-Loadable (HPIHSL) vulnerability in Mozilla Firefox HTTP-Intended-but-HTTPS-Loadable (HPIHSL) vulnerability in Apple Safari HPIHSL Vulnerability: Execution of Arbitrary Web Script in HTTPS Context HTTP-Intended-but-HTTPS-Loadable (HPIHSL) vulnerability in Google Chrome Cached Certificate Spoofing Vulnerability in Microsoft Internet Explorer Opera Browser Vulnerability: Man-in-the-Middle Attack via Cached Certificate Cached Certificate Vulnerability in Google Chrome Safari Vulnerability: HTTPS Spoofing via Crafted CONNECT Response CSRF Vulnerability in Linksys WRT160N Wireless Router Hardware and Firmware Arbitrary Script Injection Vulnerability in Nodequeue Drupal Module Improper Access Restriction in Nodequeue Module for Drupal Cross-Site Scripting (XSS) Vulnerability in Drupal Views Module Access Bypass Vulnerability in Drupal 6.x Cross-Site Scripting (XSS) Vulnerabilities in Booktree Drupal Module Arbitrary Code Injection through Cross-Site Scripting (XSS) in Taxonomy Manager Drupal Module Unrestricted Access and Password Manipulation in MRCGIGUY The Ticket System 2.0 Arbitrary File Read Vulnerability in phpWebThings 1.5.2 and Earlier SQL Injection Vulnerability in Creative Web Solutions Multi-Level CMS 1.21 Arbitrary Code Injection via Parent and Related Terms in Taxonomy Manager for Drupal Improper Group Setting Vulnerability in SLURM Bypassing CSIv2 Access Restrictions in IBM WebSphere Application Server Weak Password Obfuscation Vulnerability in IBM WebSphere Application Server Bypassing Authentication in IBM WebSphere Application Server Information Disclosure Vulnerability in IBM WebSphere Application Server Migration Component Unspecified Remote Code Execution Vulnerability in IBM WebSphere Application Server (WAS) 7.0 Weak File Permissions in IBM WebSphere Application Server (WAS) 7.0 on z/OS Bypassing Access Restrictions in IBM WebSphere Application Server (WAS) 7.0 SQL Injection Vulnerability in IBM WebSphere Partner Gateway (WPG) Enterprise 6.0 - 6.2 Unspecified Information Disclosure Vulnerability in IBM WebSphere Commerce 6.0 Enterprise PHP Remote File Inclusion Vulnerability in Mundi Mail 0.8.2 Arbitrary SQL Command Execution in phpCollegeExchange 0.1.5c SQL Injection Vulnerability in Zoki Catalog's Catalog Controller SQL Injection Vulnerability in phPortal 1.0's topicler.php Allows Remote Code Execution SQL Injection Vulnerability in iJoomla RSS Feeder Component for Joomla! Arbitrary File Read Vulnerability in JoomlaPraise Projectfork Component 2.0.10 Directory Traversal Vulnerability in TorrentVolve 1.4 Allows Arbitrary File Deletion SQL Injection Vulnerability in Jumi Component 2.0.3 for Joomla Arbitrary SQL Command Execution in Frontend MP3 Player Extension for TYPO3 Arbitrary Web Script Injection in Modern Guestbook / Commenting System Extension for TYPO3 Arbitrary SQL Command Execution in TYPO3 References Database Extension Arbitrary SQL Command Execution Vulnerability in Virtual Civil Services (civserv) Extension for TYPO3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Webmedia Explorer (Webmex) 5.09 and 5.10 Denial of Service in git-daemon via Unrecognized Arguments Directory Traversal Vulnerabilities in FretsWeb 1.2 Arbitrary File Inclusion Vulnerabilities in DB Top Sites 1.0 Static Code Injection Vulnerability in add_reg.php in DB Top Sites 1.0 Arbitrary File Inclusion Vulnerability in phpFK 7.03 Multiple SQL Injection Vulnerabilities in FretsWeb 1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in SkyBlueCanvas 1.1 r237 admin.php Information Disclosure Vulnerability in SkyBlueCanvas 1.1 r237 via admin.php Directory Traversal Vulnerability in SkyBlueCanvas 1.1 r237 admin.php Authentication Bypass Vulnerability in phPortal 1.0 Arbitrary Code Execution via Integer Overflow in IrfanView 4.23 TIFF Image Handling Arbitrary Web Script Injection in F5 FirePass SSL VPN Login Interface Multiple SQL Injection Vulnerabilities in TekBase All-in-One 3.1 Buffer Overflow Vulnerability in Google Chrome Browser Kernel Arbitrary SQL Command Execution in Paolo Palmonari Photoracer Plugin 1.0 for WordPress Multiple SQL Injection Vulnerabilities in Elvin 1.2.0 and 1.2.2 Arbitrary File Inclusion Vulnerability in Elvin 1.2.0 Arbitrary Bug Deletion Vulnerability in Elvin before 1.2.1 Arbitrary Web Script Injection in close_bug.php in Elvin before 1.2.1 Elvin 1.2.0 show_activity.php XSS Vulnerability Arbitrary SQL Command Execution in close_bug.php in Elvin before 1.2.1 CSRF Vulnerability in Elvin 1.2.0 Allows Remote Authentication Hijacking Remote Code Disclosure in Elvin 1.2.0 Arbitrary Script Injection via User Homepage Parameter in 4images 1.7.7 and Earlier Arbitrary File Inclusion Vulnerability in 4images before 1.7.7 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Pivot 1.40.4 and 1.40.7 Information Disclosure Vulnerability in Pivot 1.40.4 and 1.40.7 Race conditions in Solaris Event Port API leading to denial of service (DoS) vulnerability Denial of Service Vulnerability in Solaris TCP/IP Networking Stack with Cassini GigaSwift Ethernet Adapter Memory Leak Vulnerability in Ultra-SPARC T2 Crypto Provider Device Driver Open Redirect Vulnerabilities in TBDev.NET 01-01-08: Phishing and XSS Exploitation Heap-based Buffer Overflow in Go-oo Allows Remote Code Execution via Crafted EMF File Heap-based Buffer Overflow in Go-oo's EMF+ File Parsing Multiple Cross-Site Scripting (XSS) Vulnerabilities in TBDev.NET 01-01-08 SQL Injection Vulnerabilities in Zip Store Chat 4.0 and 5.0: Remote Code Execution FireStats Plugin for WordPress Remote File Inclusion Vulnerability FireStats Plugin SQL Injection Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in transLucid 1.75 Unrestricted File Upload Vulnerability in SugarCRM's Compose Email Feature Arbitrary SQL Command Execution in phpWebThings 1.5.2 and Earlier via fdown.php SQL Injection Vulnerability in Campus Virtual-LMS News Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in Campus Virtual-LMS Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Campus Virtual-LMS: Session Hijacking and User Authentication Hijacking Directory Traversal Vulnerability in AdaptWeb 0.9.2 Allows Remote File Read SQL Injection Vulnerability in AdaptWeb 0.9.2: Remote Code Execution via CodigoDisciplina Parameter Arbitrary Script Injection Vulnerability in Impleo Music Collection 2.0 SQL Injection Vulnerability in Impleo Music Collection 2.0 - Remote Code Execution via admin/login.php Cross-Site Scripting (XSS) Vulnerability in WebNMS Free Edition 5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in TorrentTrader Classic 1.09 Multiple SQL Injection Vulnerabilities in TorrentTrader Classic 1.09 Insufficiently Large Password Set Vulnerability in TorrentTrader Classic 1.09 Unauthenticated Backup Database Download Vulnerability in TorrentTrader Classic 1.09 Information Disclosure Vulnerabilities in TorrentTrader Classic 1.09 Arbitrary File Inclusion Vulnerability in TorrentTrader Classic 1.09 Arbitrary Web Script Injection Vulnerability in XOOPS MANIAC PukiWikiMod Module Arbitrary Web Script Injection in Sitecore CMS Login Page SQL Injection Vulnerabilities in Kjtechforce Mailman Beta1 with Disabled Magic Quotes GPC Predictable Session ID Vulnerability in SerendipityNZ (aka SimpleBoxes) Serene Bach 2.20R and Earlier, and 3.00 beta023 and Earlier 3.x Versions Absolute Path Traversal Vulnerability in OCS Inventory NG CVS.PHP SQL Injection Vulnerabilities in EgyPlus 7ammel (aka 7ml) 1.0.1 and Earlier Authentication Bypass in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier Arbitrary File Overwrite Vulnerability in Edraw PDF Viewer Component Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mahara 1.0 and 1.1 Artefact Read Vulnerability in Mahara 1.1 before 1.1.5 Arbitrary Script Injection Vulnerability in vBulletin Radio and TV Player Addon LAN Game Denial of Service Vulnerability in Carom3D 5.06 Denial of Service Vulnerability in GUPnP 0.12.7 Stack-based Buffer Overflow in flattenIncrementally function in xcftools 1.0.4 Arbitrary Local File Inclusion Vulnerabilities in fuzzylime (cms) 3.03a and Earlier Directory Traversal and Arbitrary File Overwrite Vulnerability in fuzzylime (cms) 3.03a and Earlier Arbitrary Script Injection Vulnerability in phpDatingClub 3.7 SQL Injection Vulnerability in phpDatingClub 3.7 - Remote Code Execution via sform[day] Parameter Directory Traversal Vulnerabilities in Pc4 Uploader 10.0 and Earlier Arbitrary Code Injection via listbasedir Parameter in Campsite 3.3.0 RC1 Multiple PHP Remote File Inclusion Vulnerabilities in Campsite 3.3.0 RC1 Campsite 3.3.0 RC1 Directory Traversal Vulnerability in admin-files/ad.php Absolute Path Traversal Vulnerability in Gravy Media Photo Host 1.0.8 Denial of Service Vulnerability in strongSwan and openSwan ASN.1 Parser Unspecified Remote Code Execution Vulnerability in Adobe Shockwave Player Memory leaks in IP and IPv6 multicast implementation in Solaris 10 and OpenSolaris snv_67 through snv_93 Buffer Overflow Vulnerability in ImageIO in Apple Mac OS X 10.5 and Safari Denial of Service Vulnerability in Apple Time Capsule, AirPort Extreme, and AirPort Express Base Stations Denial of Service Vulnerability in Apple Mac OS X 10.5's launchd Service Format String Vulnerability in Apple Mac OS X Login Window MobileMe Credential Hijacking Vulnerability Buffer Overflow Vulnerability in Apple Mac OS X 10.5 Allows Remote Code Execution or Denial of Service Denial of Service Vulnerability in Apple Mac OS X 10.5 Buffer Overflow Vulnerability in Apple Safari WebKit Arbitrary Website Placement and Phishing Vulnerability in Apple Safari 4 before 4.0.3 User Interface Spoofing Vulnerability in Apple Safari Cookie Hijacking Vulnerability in Apple GarageBand Homoglyph-based Domain Spoofing Vulnerability in Apple Safari Arbitrary File URL Launch Vulnerability in Apple Safari WebKit Cleartext Username and Password Exposure in Apple Xsan Admin Application Screensharing Feature H.264 Movie File Remote Code Execution Vulnerability in Apple QuickTime Buffer Overflow Vulnerability in Apple QuickTime CoreTelephony Component Remote Code Execution and Unauthorized Access Vulnerability Java Web Start Command Launcher Stack-based Buffer Overflow Vulnerability Heap-based Buffer Overflow Vulnerabilities in CoreAudio Component of Apple iPhone OS Spotlight Search Vulnerability in Apple iPhone OS 3.0 and 3.0.1 Unrestricted SIOCSIFINFO_IN6 IOCTL Permissions in FreeBSD 6.3, 6.4, 7.1, and 7.2 SQL Injection Vulnerability in RS-CMS 2.1: Remote Code Execution via rscms_mod_newsview.php Arbitrary Code Execution and Denial of Service Vulnerability in Mozilla Thunderbird and SeaMonkey Arbitrary Web Script Injection Vulnerability in IBM Rational ClearQuest Server Unspecified Vector User Credential Disclosure in IBM Rational ClearQuest Server Default Authorization Action Vulnerability Denial of Service Vulnerability in Citrix Secure Gateway 3.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in URD before 0.6.2 CMD_REDIRECT XSS vulnerability in DirectAdmin 1.33.6 and earlier Arbitrary Script Injection in NBBC 1.4.2 and Earlier Versions Multiple PHP Remote File Inclusion Vulnerabilities in phpCollegeExchange 0.1.5c Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpCollegeExchange 0.1.5c Multiple Directory Traversal Vulnerabilities in Tribiq CMS 5.0.12c PHP-I-BOARD 1.2 XSS Vulnerability Arbitrary File Read Vulnerability in PHP-I-BOARD 1.2 and Earlier Directory Traversal Vulnerability in LightOpenCMS 0.1 Allows Remote File Inclusion Arbitrary File Read Vulnerability in AN Guestbook 0.7.8 SureThing CD/DVD Labeler 5.1.616 Trial Version Buffer Overflow Vulnerability Arbitrary Web Script Injection Vulnerability in Let's PHP! Tree BBS 2004/11/23 and Earlier Remote Code Execution Vulnerability in B Labs Bopup Communication Server 3.2.26.5460 Kasseler CMS engine.php Cross-Site Scripting (XSS) Vulnerability Directory Traversal Vulnerability in Kasseler CMS 1.3.5 lite engine.php SQL Injection Vulnerability in MyBB User Data Handler MIDAS 1.43 Authentication Bypass Vulnerability SQL Injection Vulnerability in Softbiz Banner Ad Management Script Authentication Bypass Vulnerability in AWScripts.com Gallery Search Engine 1.5 SQL Injection Vulnerabilities in VICIDIAL Call Center Suite 2.0.5-173's admin.php SQL Injection Vulnerability in page.php of Your Articles Directory SQL Injection Vulnerability in Yad-Admin/Login.php in Your Article Directory Unspecified Remote Access Restriction Bypass Vulnerability in Views Bulk Operations Module for Drupal Unrestricted File Upload Vulnerability in DMXReady Registration Manager 1.1 Arbitrary SQL Command Execution in Joomla! Casino Components AD2000 Free-SW Leger (Web Conference Room Free) 1.6.4 XSS Vulnerability ASP Inline Corporate Calendar search.asp XSS vulnerability SQL Injection Vulnerability in Active_Appointments.asp SQL Injection Vulnerability in active_appointments.asp in ASP Inline Corporate Calendar Unauthenticated SQL Execution in Zen Cart 1.3.8a and Earlier Unauthenticated Arbitrary Code Execution in Zen Cart 1.3.8a and Earlier Denial of Service Vulnerability in Netgear DG632 Firmware 3.4.0_ap Remote Authentication Bypass Vulnerability in Netgear DG632 Firmware 3.4.0_ap Netgear DG632 Firmware 3.4.0_ap Directory Traversal Vulnerability Clipboard Data Leakage Vulnerability in Stardict 3.0.1 Arbitrary Command Execution via Pipe Characters in PeaZIP 2.6.1 and Earlier Remote Code Execution in AjaxPortal 3.0 via PHP Remote File Inclusion in install/di.php Directory Traversal Vulnerability in Awesome PHP Mega File Manager 1.0 Directory Traversal Vulnerabilities in FCKeditor: Remote Code Execution Sensitive Information Disclosure via Crafted Cookie in OXID eShop Privilege Escalation via Virtual-8086 Mode Exception Handling Vulnerability Cross-Site Scripting (XSS) Vulnerability in Sun Java System Access Manager SQL Injection Vulnerability in Empire CMS 5.1: Remote Code Execution via bid Parameter Unrestricted File Upload Vulnerability in DedeCMS 5.3 Default Password Vulnerabilities in Huawei D100 Routers Clear-text Storage of Administrator Credentials in Huawei D100 Cookie Unencrypted Wi-Fi Configuration Vulnerability on Huawei D100 Huawei D100 Vulnerability: Information Disclosure via Direct Requests Arbitrary File Read Vulnerability in cPanel's lastvisit.html SQL Injection Vulnerability in Vote For Us Extension 1.0.1 and Earlier for PunBB Arbitrary Web Script Injection Vulnerability in VMware VirtualCenter and ESX Heap-based Buffer Underflows in readPostBody Function in MapServer Unauthorized Guest Console Access Vulnerability in Sun Solaris 10 and OpenSolaris Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sun Java Web Console phpMyAdmin XSS Vulnerability in SQL Bookmark Buffer Underflow in LZWDecodeCompat Function in libtiff 3.8.2 Buffer Overflow Vulnerability in compface 1.5.2 and Earlier via Long Declaration in .xbm File NULL pointer dereference vulnerability in KVM in Linux kernel 2.6 before 2.6.30 Arbitrary Command Execution in Nagios statuswml.cgi Arbitrary Web Script Injection in Arcade Trade Script 1.0 beta SQL Injection Vulnerability in Boy Scout Advancement Component for Joomla! Bypassing Access Restrictions in LoginToboggan Drupal Module Appleple a-News 2.32 Cross-Site Scripting (XSS) Vulnerability Authentication Bypass Vulnerability in Optimum Web Design Tutorial Share 3.5.0 and Earlier Integer Overflow in Png_datainfo_callback Function in Dillo 2.1 and Earlier Heap-based Buffer Overflow in CamlImages PNG Image Processing NFSv4 Server Kernel Module Vulnerability in Sun Solaris 10 and OpenSolaris Unspecified Denial of Service Vulnerability in Solaris Trusted Extensions Stack-based Buffer Overflow in HP OpenView Network Node Manager (OV NNM) 7.53 on Linux via rping Artofdefence Hyperguard WAF Module Denial of Service Vulnerability Arbitrary Command Execution and Denial of Service Vulnerability in phion airlock Web Application Firewall (WAF) 4.1-10.41 Information Disclosure Vulnerability in radware AppWall Web Application Firewall Aardvark Topsites PHP Cross-Site Scripting (XSS) Vulnerability in index.php Sensitive Information Disclosure in Aardvark Topsites PHP 5.2.1 and Earlier Sensitive Information Disclosure in Aardvark Topsites PHP 5.2.0 and earlier Denial of Service Vulnerability in ARD-9808 DVR Card Security Camera Insufficient Access Control in ARD-9808 DVR Card Exposes Sensitive Information SQL Injection Vulnerability in CWGuestBook Module 2.1 and Earlier for MAXdev MDPro SQL Injection Vulnerabilities in Affiliation Module for PunBB Codice CMS 2 index.php SQL Injection Vulnerability Arbitrary SQL Command Execution in Extensible-BioLawCom CMS (X-BLC) 0.2.0 and Earlier SQL Injection Vulnerability in rGallery Plugin 1.2.3 for WoltLab Burning Board (WBB3) Cleartext Storage of User Credentials in SmartFilter Web Gateway Security 4.2.1.00 Directory Traversal Vulnerability in Jinzora Media Jukebox 2.8 and Earlier Sun Lightweight Availability Collection Tool 3.0 Local File Overwrite Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0 and 4.6.0 Default Administrator Password Vulnerability in Axesstel MV 410R Remote Denial of Service Vulnerability in Axesstel MV 410R Unencrypted Wi-Fi Configuration Vulnerability in Axesstel MV 410R Client-side JavaScript Validation Vulnerability in Axesstel MV 410R Web Interface Denial of Service Vulnerability in Axesstel MV 410R's cgi-bin/sysconf.cgi Axesstel MV 410R Cross-Site Scripting (XSS) Vulnerability in sysconf.cgi Cross-Site Request Forgery (CSRF) Vulnerability in Axesstel MV 410R Web Interface Arbitrary Script Injection in FCKeditor Samples Directory Clicknet CMS 2.1 Directory Traversal Vulnerability Multiple SQL Injection Vulnerabilities in KerviNet Forum 1.1 and Earlier Arbitrary Web Script Injection in KerviNet Forum 1.1 and Earlier Unauthenticated Account Deletion and SQL Injection in KerviNet Forum 1.1 and Earlier Information Disclosure Vulnerability in KerviNet Forum 1.1 and earlier Arbitrary Web Script Injection Vulnerability in CMS Chainuk 1.2 and Earlier Multiple Static Code Injection Vulnerabilities in CMS Chainuk 1.2 and Earlier Information Disclosure in CMS Chainuk 1.2 and Earlier Multiple Directory Traversal Vulnerabilities in CMS Chainuk 1.2 and Earlier Unauthenticated Access to Plugin Configuration in WordPress and WordPress MU WordPress User Enumeration Vulnerability User Enumeration Vulnerability in WordPress and WordPress MU Arbitrary SQL Command Execution in w3b|cms Gaestebuch Guestbook Module 3.0.0 Arbitrary File Inclusion Vulnerability in FreeWebshop.org 2.2.9 R2 SQL Injection Vulnerability in Rentventory's index.php Allows Remote Code Execution SQL Injection Vulnerability in Opial 1.0 Admin Panel Opial 1.0 albumdetail.php SQL Injection Vulnerability Arbitrary Web Script Injection in CMME Login Page Arbitrary Web Script Injection in Zoph before 0.7.0.6 Privilege Escalation in Sourcefire Defense Center and 3D Sensor Web Interfaces SQL Injection Vulnerabilities in ClanSphere before 2009.0.1 IAX2 Protocol Implementation Denial of Service Vulnerability Heap-based buffer overflow in libtiff's inter-color spaces conversion tools Android 1.5 CRBxx Local User Bypass of Camera and Microphone Permissions Cross-Site Scripting (XSS) Vulnerability in Microsoft Internet Explorer 6.0.2900.2180 and Earlier Cross-Site Scripting (XSS) Vulnerability in Opera 9.52 and Earlier Cross-Site Scripting (XSS) Vulnerability in Google Chrome 1.0.154.48 and Earlier Arbitrary Code Execution Vulnerability in eAccelerator's encoder.php SQL Injection Vulnerability in NullLogic Groupware 1.2.7 Login Page Denial of Service Vulnerability in NullLogic Groupware 1.2.7 Forum Module Multiple stack-based buffer overflows in NullLogic Groupware 1.2.7 allow remote code execution Default Configuration of TekRADIUS 3.0 Allows Remote Attackers to Obtain Privileged Access TekRADIUS 3.0 Local User Privilege Escalation Vulnerability Multiple SQL Injection Vulnerabilities in TekRADIUS 3.0 Arbitrary Web Script Injection Vulnerability in Passwd Module SQL Injection Vulnerability in osTicket 1.6 RC5: Remote Code Execution via staff username parameter Stack-based Buffer Overflow in KUDRSOFT AudioPLUS 2.0.0.215 via Long String in Playlist File Stack-based Buffer Overflow in KUDRSOFT AudioPLUS 2.00.215 via Long File1 Argument in .pls Playlist File Stack-based Buffer Overflow in Mp3-Nator 2.0: Remote Code Execution Vulnerability SQL Injection Vulnerability in DataCheck Solutions GalleryPal FE 1.5 Login Page SQL Injection Vulnerability in login.asp in DataCheck Solutions ForumPal FE 1.1 and ForumPal 1.5 Predictable Session IDs in Iomega StorCenter Pro's cgi-bin/makecgi-pro Vulnerability Unspecified Vulnerability in Socks Server 5 before 3.7.8-8 Integer Overflow and Heap-Based Buffer Overflow in wxImage::Create Function in wxWidgets 2.8.10 Unspecified Cross-Site Scripting (XSS) Vulnerability in Advanced Forum Drupal Module Arbitrary Code Injection in Advanced Forum 6.x Arbitrary Code Injection in Drupal 6.x User Signatures Drupal 6.x Forum Module Cross-Site Scripting (XSS) Vulnerability Unsanitized Failed Login Attempts in Drupal's Sortable Table Vulnerability Stack-based Buffer Overflow in Photo DVD Maker 8.02 Cross-site scripting (XSS) vulnerability in TangoCMS Contact module Buffer Overflow in Avax Vector ActiveX Control in avPreview.ocx Arbitrary PHP Code Execution via Remote File Inclusion in Jax FormMailer 3.0.0 Arbitrary File Inclusion Vulnerability in BIGACE Web CMS 2.6 Arbitrary Web Script Injection via url Variable in 4images 1.7 through 1.7.7 Gizmo 3.1.0.79 on Linux SSL Certificate Verification Vulnerability Authentication Bypass Vulnerability in phpMyBlockchecker 1.0.0055 Arbitrary SQL Command Execution in Related Sites Plugin 2.1 for WordPress Buffer Overflow in Brothersoft PEamp 1.02b: Remote Code Execution via .m3u Playlist File SQL Injection Vulnerability in Member Awards Component 1.0.2 for Simple Machines Forum (SMF) Arbitrary File Download and Execution Vulnerability in Awingsoft Awakening Winds3D Viewer Plugin Unspecified Denial of Service Vulnerability in Sun OpenSolaris SQL Injection Vulnerability in Opial 1.0 Admin Panel Multiple SQL Injection Vulnerabilities in USOLVED NEWSolved 1.1.6 Arbitrary SQL Command Execution Vulnerability in BookFlip Component 2.1 for Joomla! Arbitrary Web Script Injection Vulnerability in Virtuenetz Virtue Online Test Generator SQL Injection Vulnerability in Virtuenetz Virtue Online Test Generator Unauthenticated Access to Admin Panel in Virtuenetz Virtue Online Test Generator Arbitrary SQL Command Execution in SMSPages 1.0 via CatID Parameter SQL Injection Vulnerability in K2 Component 1.0.1 Beta and Earlier for Joomla! Remote File Inclusion Vulnerability in DM Albums 1.9.2 Audio Article Directory download.php Directory Traversal Vulnerability Arbitrary File Read Vulnerability in PHP-Sugar 0.80 Remote File Inclusion Vulnerability in DM FileManager 3.9.4 Arbitrary SQL Command Execution Vulnerability in Joomla! PHP Component PHPEcho CMS 2.0-rc3 Forum Post XSS Vulnerability SQL Injection Vulnerability in PHPEcho CMS 2.0-rc3 Forum Module SCMPX 1.5.1 Heap-Based Buffer Overflow Vulnerability Heap-based Buffer Overflow in NSS X.509 Certificate Parsing Multiple Cross-Site Scripting (XSS) Vulnerabilities in Red Hat JBoss EAP Web Console Stack-based Buffer Overflow in eCryptfs Subsystem in Linux Kernel Heap-based Buffer Overflow in eCryptfs Subsystem in Linux Kernel Arbitrary SSL Server Spoofing Vulnerability MD2 Hash Collision Vulnerability Vulnerability: Improper Handling of Blank-Password Accounts in sssd 0.4.1 Integer overflows in libsvn_delta library leading to heap-based buffer overflow Multiple Integer Overflows in Apache Portable Runtime (APR) and APR-util Libraries Leading to Buffer Overflows and Potential Code Execution Stack Consumption Vulnerability in libxml2 and libxml Heap-based Buffer Overflow Vulnerabilities in memcached 1.1.12 and 1.2.2 Use-after-free vulnerabilities in libxml2 and libxml allow denial of service attacks Arbitrary SSL Server Spoofing Vulnerability Use-after-free vulnerability in servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 Arbitrary File Read and Denial of Service Vulnerability in Apple Safari 3.2.3 NULL Pointer Dereference and Arbitrary Code Execution Vulnerability in CFCharacterSetInitInlineBuffer Method Authentication Bypass Vulnerability in Ruby on Rails Digest Authentication SQL Injection Vulnerability in Category.php in Ebay Clone 2009 Arbitrary Script Injection in Ebay Clone 2009 Search Functionality Denial of Service Vulnerability in Tor before 0.2.0.35 Unspecified Impact Vulnerability in Tor's Connection Edge Process Relay Cell Handling SQL Injection Vulnerability in co-profile.php in Jobbr 2.2.7 Multiple SQL Injection Vulnerabilities in Tausch Ticket Script 3 Cleartext Storage of User Credentials in SmartFilter Web Gateway Security 4.2.1.00 Unspecified Privilege Escalation Vulnerability in Solaris Auditing Information Disclosure Vulnerability in WordPress 2.7.1 Information Disclosure Vulnerability in WordPress and WordPress MU 2.8.1 and earlier Stack-based Buffer Overflow in Microsoft Internet Explorer's AddFavorite Method Privilege Escalation via Buffer Overflow in IBM AIX 5.3 Syscall Implementation User Enumeration Vulnerability in IBM Lotus Instant Messaging and Web Conferencing 6.5.1 SQL Injection Vulnerability in MyPHPDating 1.0: Remote Code Execution via page_id Parameter Cross-Site Scripting (XSS) Vulnerabilities in Rentventory 1.0.1 Login Cross-site scripting (XSS) vulnerability in ClanSphere 2009.0 and 2009.0.2 search module SQL Injection Vulnerabilities in Alibaba Clone: Remote Code Execution Arbitrary Web Script Injection Vulnerability in JNM Guestbook 3.0 Arbitrary Web Script Injection in Online Guestbook Pro 5.1 Cross-Site Scripting (XSS) Vulnerability in Linea21 1.2.1 via search parameter in resultats-recherche action Information Disclosure Vulnerability in Siteframe 3.2.x Arbitrary File Inclusion Vulnerability in ADbNewsSender Arbitrary JSP File Read Vulnerability in Oracle iPlanet Web Server Format string vulnerabilities in dispatch_command function in MySQL Arbitrary Web Script Injection in Online Guestbook Pro 5.1 Arbitrary Script Injection in Online Guestbook Pro 5.1 via ogp_show.php Arbitrary File Inclusion Vulnerability in ADbNewsSender 1.5.6 Privilege Escalation Vulnerability in Tall Emu Online Armor Personal Firewall AV+ and Personal Firewall Multiple SQL Injection Vulnerabilities in MIM:InfiniX 1.2.003 and Earlier Versions Unspecified Vulnerabilities in Citrix Licensing 11.5 with Unknown Impact and Attack Vectors Access Policy Bypass Vulnerability in Citrix XenApp 4.5 Hotfix Rollup Pack 3 Citrix Web Interface XSS Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in @mail 5.6.1 Denial of Service Vulnerability in Novell eDirectory 8.8 Denial of Service Vulnerability in Novell eDirectory 8.8 Unspecified Denial of Service Vulnerability in Sun Fire V215 Server with XVR-100 Graphic Cards Unspecified Vulnerabilities in mimeTeX Related to \environ, \input, and \counter TeX Directives Multiple Stack-Based Buffer Overflows in mathTeX.cgi: Unspecified Impact and Remote Attack Vectors Insecure Temporary File Creation in mathtex.cgi in mathTeX (pre-20090713) Memory Corruption and Code Execution Vulnerability in Mozilla Firefox and Thunderbird Integer Overflow Vulnerabilities in Base64 Encoding/Decoding Functions Memory Corruption and Application Crash Vulnerability in Mozilla Firefox, SeaMonkey, and Thunderbird Double Frame Construction Vulnerability in Mozilla Firefox and Thunderbird Memory Corruption and Arbitrary Code Execution Vulnerability in Mozilla Firefox and Thunderbird Arbitrary Code Execution and Denial of Service Vulnerability in Mozilla Firefox Integer Overflow in Apple CoreGraphics: Remote Code Execution Vulnerability Memory Corruption and Remote Code Execution Vulnerability in Mozilla Firefox Denial of Service Vulnerability in Mozilla Firefox Arbitrary JavaScript Execution Vulnerability in Mozilla Firefox Cross-Origin Wrapper Bypass Vulnerability in Mozilla Firefox Denial of Service Vulnerability in Neon (CVE-2021-1234) Neon SSL Server Spoofing Vulnerability Vulnerability: Information Disclosure via Static Variables in Sun Java SE and OpenJDK Privilege Escalation through OpenType Checks Bypass in Java SE 6 and OpenJDK Uninitialized Memory Access Vulnerability in Mozilla Firefox 3.5 Denial of Service Vulnerability in Mozilla Firefox 3.5 Denial of Service Vulnerability in Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows Uninitialized Global Templates Cross-Site Scripting (XSS) Vulnerability in Six Apart Movable Type 4.24 and 4.25 Arbitrary Email Sending and Information Disclosure Vulnerability in Six Apart Movable Type Privilege Escalation Vulnerability in OpenPAM's pam_unix Module Denial of Service via Malformed Externalized Plist in NetBSD 4.0 and 4.0.1 Stack-based Buffer Overflow in Win32AddConnection Function in VLC Media Player 0.9.9 Stack-based Buffer Overflow in HT-MP3Player 1.0 via Long String in .ht3 File SCTP Implementation Denial of Service Vulnerability in Sun Solaris 10 and OpenSolaris Use-after-free vulnerability in frpr_icmp function in Solaris and OpenSolaris allows remote attackers to cause denial of service NFSv4 Module Denial of Service Vulnerability in Sun Solaris 10 and OpenSolaris Unspecified Local User Session Access Vulnerability in Sun Ray Server Software (SRSS) 4.0 Unspecified vulnerability in utaudiod daemon in Sun Ray Server Software (SRSS) 4.0 with Solaris Trusted Extensions enabled Session Hijacking Vulnerability in Sun Ray Server Software 4.0 with Solaris Trusted Extensions Arbitrary Web Script Injection Vulnerability in Six Apart Movable Type ATL COM Initialization Vulnerability ATL Object Type Mismatch Vulnerability ATL Null String Vulnerability Office Web Components Heap Corruption Vulnerability CLR Interface Handling Vulnerability Windows Media Header Parsing Invalid Free Vulnerability Windows Media Playback Memory Corruption Vulnerability GDI+ WMF Integer Overflow Vulnerability GDI+ PNG Heap Overflow Vulnerability GDI+ TIFF Buffer Overflow Vulnerability GDI+ TIFF Memory Corruption Vulnerability GDI+ .NET API Vulnerability: Multiple Integer Overflows Internet Authentication Service Memory Corruption Vulnerability Heap-based Buffer Overflow in Microsoft Office Word and WordPad Memory Corruption in Indexing Service Vulnerability Single Sign-On Credential Leakage Vulnerability in ADFS HTTP Header Validation Bypass in ADFS: Remote Code Execution Vulnerability Null Truncation in X.509 Common Name Vulnerability X.509 Object Identifier Integer Overflow Vulnerability Web Services on Devices API Memory Corruption Vulnerability Win32k Insufficient Data Validation Vulnerability Win32k EOT Parsing Vulnerability Windows Kernel Integer Underflow Vulnerability Windows Kernel NULL Pointer Dereference Vulnerability Windows Kernel Exception Handler Vulnerability Office BMP Integer Overflow Vulnerability DHTML Editing Component ActiveX Control Vulnerability IIS FTP Service Stack Consumption Vulnerability License Logging Server Heap Overflow Vulnerability NTLM Authentication Integer Underflow Vulnerability Windows Media Runtime Heap Corruption Vulnerability SMBv2 Infinite Loop Vulnerability in Microsoft Windows Vista and Server 2008 WMP Heap Overflow Vulnerability Memory Corruption Vulnerability in GDI+ of Microsoft Office XP SP3 HTML Component Handling Vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 SMBv2 Command Value Vulnerability Denial of Service in RealNetworks Helix Server and Helix Mobile Server Denial of Service Vulnerability in RealNetworks Helix Server and Helix Mobile Server Denial of Service Vulnerability in Mozilla Firefox, SeaMonkey, and Thunderbird Denial of Service Vulnerability in Microsoft Internet Explorer 5-8 Denial of Service Vulnerability in KDE Konqueror via Large Integer Value for Select Object Length Property Denial of Service Vulnerability in Nokia N95, N82, and N810 Internet Tablet Denial of Service Vulnerability in Aigo P8860 Denial of Service Vulnerability in Opera 9.64 and Earlier Denial of Service Vulnerability in Sony PLAYSTATION 3 (PS3) Web Browser Denial of Service Vulnerability in Netscape 6 and 8 Unspecified Vulnerabilities in IBM Proventia Engine 4.9.0.0.44 20081231 Directory Traversal Vulnerability in Marcelo Costa FileServer Component 1.0 for Windows Live Messenger and Messenger Plus! Live SQL Injection Vulnerability in Advanced Electron Forum (AEF) 1.x with Disabled Magic Quotes GPC Directory Traversal Vulnerability in Advanced Electron Forum (AEF) 1.x Armed Assault Integer Underflow Denial of Service Vulnerability Armed Assault Format String Vulnerability Armed Assault Remote Denial of Service Vulnerability Remote Code Execution Vulnerability in Hamster Audio Player 0.3a via Long String in Playlist Files Cross-Site Scripting (XSS) Vulnerabilities in ScriptsEz Easy Image Downloader Arbitrary File Inclusion and Execution Vulnerabilities in Super Simple Blog Script 2.5.4 SQL Injection Vulnerabilities in Super Simple Blog Script 2.5.4: Remote Code Execution via comments.php SQL Injection Vulnerability in Jobline (com_jobline) 1.1.2.2, 1.3.1, and earlier versions Heap-based Buffer Overflow in Google V8 JavaScript Engine Memory Corruption and Arbitrary Code Execution Vulnerability in Google Chrome Arbitrary File Read Vulnerability in Admin News Tools 2.5 Unrestricted Access Vulnerability in Admin News Tools 2.5 Buffer Overflow in IPMI Dissector in Wireshark 1.2.0 Denial of Service Vulnerabilities in Wireshark 1.2.0 Unspecified Denial of Service Vulnerability in Wireshark sFlow Dissector Unspecified Denial of Service Vulnerability in Wireshark AFS Dissector Unspecified Denial of Service Vulnerability in Infiniband Dissector in Wireshark Insecure Permissions in NOS Microsystems getPlus Download Manager Allows Privilege Escalation Unspecified Cross-Site Scripting (XSS) Vulnerability in Perl CGI's By Mrs. Shiromuku shiromuku(fs6)DIARY 2.40 Stack-based Buffer Overflow in TFM MMPlayer 2.0 and 2.0.0.30 via Long String in Playlist File SQL Injection Vulnerability in Almond Classifieds Component 5.6.2 for Joomla! Stack-based Buffer Overflow in Sorinara Streaming Audio Player (SAP) 0.9 via Long String in Playlist File Cross-Site Scripting (XSS) Vulnerabilities in Verlihub Control Panel (VHCP) 1.7e Stack-based Buffer Overflow in Symantec WinFax Pro 10.03 ActiveX Control Multiple Cross-Site Scripting (XSS) Vulnerabilities in VerliAdmin 0.3.7 and 0.3.8 Fivestar Module CSRF Vulnerability Allows Unauthorized Vote Casting SQL Injection Vulnerabilities in MiniTwitter 0.2 Beta with Disabled Magic Quotes GPC Arbitrary Account Modification Vulnerability in MiniTwitter 0.2 Beta Denial of Service Vulnerability in Research In Motion (RIM) BlackBerry 8800 Denial of Service Vulnerability in Microsoft Internet Explorer 6.0.2900.2180 and Earlier Denial of Service Vulnerability in Opera 9.52 and Earlier Denial of Service Vulnerability in Google Chrome 2.x through 2.0.172 CS-Cart Reward Points Addon SQL Injection Vulnerability Arbitrary Web Script Injection in EditeurScripts EsNews 1.2 via modifier.php Stack-based Buffer Overflow in Akamai Download Manager (DLM) Allows Remote Code Execution Session Fixation Vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 Stack-based buffer overflow vulnerability in SGI GRU driver in Linux kernel 2.6.30.2 and earlier SQL Injection Vulnerability in Mlffat 2.2 index.php Allows Remote Code Execution Arbitrary Web Script Injection in EDGEPHP EZArticles Title Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in DragDropCart Multiple Cross-Site Scripting (XSS) Vulnerabilities in Hotscripts Type PHP Clone Script Multiple Cross-Site Scripting (XSS) Vulnerabilities in Hutscripts PHP Website Script Arbitrary SQL Command Execution in Hutscripts PHP Website Script via showcategory.php SQL Injection Vulnerability in MyAnnonces Module for E-Xoopport 3.1 Arbitrary SQL Command Execution in PHPJunkYard GBook 1.6 via mes_id Parameter Arbitrary SQL Command Execution in Censura 1.16.04 via itemid Parameter Arbitrary Web Script Injection in Censura 1.16.04 via itemid Parameter Arbitrary Script Injection in Censura 2.0.4 and 2.1.0 ProductSearch.html Solaris Auditing Subsystem Denial of Service Vulnerability Denial of Service Vulnerability in Sun Java System Access Manager Policy Agent Module 2.2 Multiple SQL Injection Vulnerabilities in Online Grades & Attendance 3.2.6 and Earlier SQL Injection Vulnerability in RadCLASSIFIEDS Gold 2.0: Remote Code Execution via Seller Parameter Arbitrary File Read Vulnerability in Webboard 2.90 beta and Earlier Arbitrary SQL Command Execution in Joomlaequipment Component 2.0.4 Insecure Storage of Sensitive Information in R2 Newsletter Lite, Pro, and Stats SQL Injection Vulnerabilities in Escon SupportPortal Pro 3.0: Remote Code Execution SQL Injection Vulnerabilities in Zen Help Desk 2.1 Adminlogin.asp SQL Injection Vulnerabilities in Traidnt Up 2.0's adminquery.php Insufficient Access Control in ASP Football Pool 2.3 Allows Remote Database Download SQL Injection Vulnerability in Joomla! com_pinboard Component SQL Injection Vulnerabilities in PHP Address Book 4.0.x SQL Injection Vulnerability in Joomla! amoCourse Component Arbitrary Web Script Injection via Title Field in Links Related Module Arbitrary File Inclusion Vulnerability in MyFusion 6 Beta SQL Injection Vulnerability in login.aspx in ProSMDR Multiple Cross-Site Scripting (XSS) Vulnerabilities in DataCheck Solutions LinkPal 1.x SQL Injection Vulnerability in z_admin_login.asp in DataCheck Solutions LinkPal 1.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in DataCheck Solutions SitePal 1.x SQL Injection Vulnerability in z_admin_login.asp in DataCheck Solutions SitePal 1.x Stack-based Buffer Overflow in BaoFeng Storm 3.9.62 via .smpl Playlist File SQL Injection Vulnerability in MDPro Surveys Module Allows Remote Code Execution SQL Injection Vulnerability in DataCheck Solutions V-SpacePal Login Page Denial of Service Vulnerability in Firebird SQL Server Buffer Overflow Vulnerability in Squid Proxy Server Denial of Service Vulnerability in Squid 3.0 and 3.1 Denial of Service and Arbitrary Code Execution Vulnerability in gzip Denial of Service Vulnerability in Apache Xerces2 Java Memory Disclosure and PHP Crash Vulnerability in zend_restore_ini_entry_cb Function Arbitrary Command Execution Vulnerability in Acer LunchApp ActiveX Control Heap Memory Corruption Vulnerability in VMware Movie Decoder Buffer underflow vulnerability in nginx allows remote code execution via crafted HTTP requests Cross-Site Scripting (XSS) and Same Origin Policy Violation in Clientless SSL VPNs Buffer Overflow in SIEVE Script Component of Cyrus IMAP Server and Dovecot Remote Code Execution in VehicleManager Component for Joomla! Arbitrary PHP Code Execution via Remote File Inclusion in MediaLibrary Component 1.5.3 Basic for Joomla! Arbitrary PHP Code Execution via RealEstateManager Component 1.0 Basic for Joomla! Arbitrary Web Script Injection Vulnerability in Kerio MailServer's Integration Page Remote File Inclusion Vulnerability in BookLibrary Component 1.5.2.4 Basic for Joomla! SQL Injection Vulnerability in AkoBook Component 2.3 for Joomla! SQL Injection Vulnerability in MRCGIGUY The Ticket System 2.0 - Remote Code Execution via id Parameter SQL Injection Vulnerabilities in Interlogy Profile Manager Basic's cgi/admin.cgi PHP Remote File Inclusion Vulnerability in School Data Navigator's index.php Allows Arbitrary Code Execution Authentication Bypass in Desi Short URL Script 1.0 Unspecified vulnerabilities in PDF distiller in BlackBerry Enterprise Server (BES) and BlackBerry Professional Software Solaris Auditing Subsystem Race Condition Denial of Service Vulnerability Unspecified vulnerabilities in PDF distiller in BlackBerry Enterprise Server (BES) software and BlackBerry Professional Software Unspecified vulnerability in Kaspersky Anti-Virus and Internet Security 2010 allows remote attackers to disable the application Information Disclosure Vulnerability in FlashDen Guestbook Denial of Service Vulnerability in IATA Driver in FreeBSD 6.0 and 8.0 Heap-based Buffer Overflow in Sorcerer Software MultiMedia Jukebox 4.0 Build 020124 NULL pointer dereference vulnerability in main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 Denial of Service Vulnerability in Solaris Trusted Extensions Privilege Escalation via NtUserConsoleControl Function in Microsoft Windows Address bar spoofing vulnerability in Mozilla Firefox before 3.0.13 and 3.5.x before 3.5.2 Denial of Service Vulnerability in Microsoft Internet Explorer 7 and 8 Denial of Service Vulnerability in Android Phone Process Privilege Escalation in nilfs-utils: Arbitrary Command Execution via mkfs.nilfs2 Arbitrary File Overwrite Vulnerability in ZNC before 0.072 Directory Traversal Vulnerability in Django Admin Media Handler Heap-based Buffer Overflow in CamlImages 2.2 via Crafted GIF and JPEG Files Denial of Service Vulnerability in strongSwan's asn1_length Function Memory Corruption and Arbitrary Code Execution Vulnerability in Mozilla Firefox 3.5.x Memory Corruption and Arbitrary Code Execution Vulnerability in libvorbis Memory Safety Bug in js_watch_set Function in Mozilla Firefox Arbitrary JavaScript Execution via Link HTTP Header in Mozilla Firefox 3.5.x Improper Handling of Null Character in X.509 Certificate Common Name Field in fetchmail Unspecified Password Security Vulnerability in IBM Tivoli Key Lifecycle Manager (TKLM) 1.0 Denial of Service Vulnerability in Microsoft Internet Explorer 6 and 7 Privilege Escalation via Debugging Component in IBM AIX 5.3 and 6.1 Vulnerability: Unauthorized Access to System Properties in Sun Java Runtime Environment Username Disclosure Vulnerability in Sun Java Runtime Environment Vulnerability: Proxy Mechanism Allows Hijacking of Web Sessions Bypassing Access Restrictions in Sun Java Runtime Environment Arbitrary Code Execution via Integer Overflow in Sun Java Web Start Heap-based Buffer Overflow in Sun Java Runtime Environment (JRE) Unpack200 Utility Arbitrary File Modification Vulnerability in Sun Java SE JNLPAppletlauncher CSRF Vulnerability in HP Insight Control Suite For Linux (ICE-LX) before 2.11 Unspecified Remote Information Disclosure Vulnerability in HP NonStop OSS Name Server Unspecified Denial of Service Vulnerability in HP-UX bootpd Unspecified Denial of Service Vulnerability in HP StorageWorks Tape Libraries and Autoloaders Privilege Escalation Vulnerability in HP ProCurve Identity Driven Manager (IDM) Unspecified Local Access Bypass Vulnerability in HP-UX Role-Based Access Control (RBAC) Arbitrary Code Execution Vulnerability in HP Remote Graphics Software (RGS) Sender Module Cross-Site Scripting (XSS) Vulnerabilities in HP LaserJet and Color LaserJet Printers and Digital Senders HP Power Manager Login Form Stack-based Buffer Overflow Vulnerability Unspecified Local Privilege Escalation Vulnerability in HP NonStop G06.12.00 through G06.32.00, H06.08.00 through H06.18.01, and J06.04.00 through J06.07.01 Denial of Service Vulnerability in PHP Exif Module Multiple Integer Overflows in XEmacs 21.4.22 on Windows Allow Remote Code Execution Privilege Escalation in JDK13Services.getProviders Privilege Escalation Vulnerability in Sun Java SE 6 and OpenJDK Race condition vulnerability allows local users to read maps and smaps files under proc/ in Linux kernel 2.6.30.4 and earlier Uninitialized Function Pointers in Linux Kernel Socket Operations Vulnerability Apache Tomcat Directory Traversal Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in libpurple/protocols/msn/slplink.c Linux Kernel NULL Pointer Dereference Vulnerability Cross-site scripting (XSS) vulnerability in Apache Tomcat calendar application in Red Hat Enterprise Linux 5 Missing TCP Wrapper Support in Red Hat GDM Build Script on RHEL 5 NULL pointer dereference vulnerability in udp_sendmsg function in Linux kernel Denial of Service Vulnerability in Solaris pollset Feature in Apache Portable Runtime (APR) Library Arbitrary SSL Server Spoofing Vulnerability in Nokia Trolltech Qt 4.x Arbitrary File Read/Delete Vulnerability in Zope Enterprise Objects (ZEO) Storage-Server Functionality Arbitrary SSL Server Spoofing Vulnerability in KDE KSSL NULL pointer dereference and application crash in libpurple IRC protocol plugin in Pidgin before 2.6.2 Bypassing Cross-Site Scripting (XSS) Protections in CA SiteMinder via Encoded Null Byte Bypassing Cross-Site Scripting (XSS) Protections in CA SiteMinder via Overlong Unicode Denial of Service Vulnerability in ia32el on SUSE Linux Enterprise 10 SP2 XScreenSaver Popup Window Information Disclosure Vulnerability Cleartext Password Disclosure in Sun Java System Access Manager and OpenSSO Enterprise Cross Domain Single Sign On Vulnerability in Sun Java System Access Manager 7.0 and 7.1 Denial of Service Vulnerability in Sun VirtualBox 3.0.0 and 3.0.2 Denial of Service Vulnerability in Sun VirtualBox 2.2 through 3.0.2 r49928 Vulnerability: Inadequate Version Selection in Sun Java SE 6 Plugin Missing Security Warning Icon in AWT Implementation in Sun Java SE 6 Security Warning Icon Distance Constraint Bypass in Sun Java SE 6 AWT Implementation Denial of Service Vulnerability in Java Web Start Implementation Denial of Service Vulnerability in javax.swing.plaf.synth.SynthContext.isSubregion Method Unspecified Vulnerabilities in Sun Java SE 5.0 Provider Class (BugId 6406003) Unspecified Vulnerabilities in Sun Java SE 5.0 Provider Class (BugId 6429594) Unspecified Deserialization Vulnerability in Sun Java SE 5.0 Unspecified Race Condition in Sun Java SE 5.0: Reflection Checks Vulnerability Denial of Service vulnerability in Asterisk SIP Channel Driver Stack-based Buffer Overflow in IBM AIX ToolTalk Library Allows Remote Code Execution Arbitrary SSL Server Spoofing Vulnerability in libgnutls NULL pointer dereference and daemon crash vulnerability in ntop 3.3.10 and earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Achievo before 1.4.0 SQL Injection Vulnerability in Achievo 1.4.0: Remote Code Execution via get_employee Function SQL Injection Vulnerability in OpenNews 1.0 Allows Remote Code Execution Static Code Injection Vulnerability in sun-jester OpenNews 1.0: Remote Code Execution via admin.php Arbitrary Item Modification Vulnerability in Roundup CSRF Vulnerability in FreeNAS WebGUI Allows Remote Authentication Hijacking Arbitrary Web Script Injection Vulnerability in FreeNAS before 0.69.2 Denial of Service Vulnerability in CA Host-Based Intrusion Prevention System (HIPS) 8.1 Arbitrary Code Execution Vulnerability in IBM WebSphere Business Events Arbitrary Script Injection Vulnerability in Eclipse Help in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27 Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) Denial of Service Vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.27 CSRF Vulnerability in IBM WebSphere Application Server Administrative Console Improper Access Restriction in IBM WebSphere Application Server (WAS) JNDI Implementation Arbitrary Web Script Injection Vulnerability in IBM WebSphere Application Server Administration Console Predictable Session Values Vulnerability in IBM WebSphere Application Server 7.0.0.7 Unintended Configuration Properties Vulnerability in IBM WebSphere Service Registry and Repository (WSRR) 6.3.0 Cryptographic Key Reuse Vulnerability in IBM WebSphere Commerce 7.0 Insecure Data Encryption in IBM WebSphere Commerce 7.0 Buffer Overflow Vulnerabilities in Informix Storage Manager Portmapper Service Stack-based Buffer Overflow in Informix Storage Manager Portmapper Service Unquoted Windows Search Path Vulnerability in Avira AntiVir Scheduler WordPress 2.8.3 and Earlier Password Reset Vulnerability Denial of Service Vulnerability in Microsoft Internet Explorer 8.0.7100.0 on Windows 7 RC Arbitrary Command Execution in DD-WRT Management GUI Unauthenticated Remote Settings Modification in DD-WRT 24 sp1 NULL pointer dereference vulnerability in init_posix_timers function in Linux kernel before 2.6.31-rc6 Denial of Service and System Crash Vulnerability in Linux Kernel's flat subsystem Arbitrary PHP Code Execution via Remote File Inclusion in Ultrize TimeSheet 1.2.2 Authentication Bypass Vulnerability in PowerUpload 2.4 Arbitrary Script Injection in Free Arcade Script 1.3 via Keyword Parameter Cross-Site Scripting (XSS) Vulnerabilities in PG Roommate Finder Solution Arbitrary PHP Code Execution via Remote File Inclusion in PHP Paid 4 Mail Script Arbitrary SQL Command Execution in PHP Paid 4 Mail Script via paidbanner.php SQL Injection Vulnerability in PHPArcadeScript 4.0's linkout.php Allows Remote Code Execution Arbitrary SQL Command Execution in Smart ASP Survey's showresult.asp SQL Injection Vulnerability in GarageSales Script's visitor/view.php Cross-Site Scripting (XSS) Vulnerability in GarageSales Script's visitor/view.php AJ Matrix DNA index.php SQL Injection Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in 68 Classifieds 4.1 Arab Portal 2.x Forum.php SQL Injection Vulnerability JFusion Component for Joomla! SQL Injection Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in XOOPS 2.3.3 Multiple Directory Traversal Vulnerabilities in dit.cms 1.3 Cross-Site Scripting (XSS) Vulnerabilities in PHP Open Classifieds Script SQL Injection Vulnerability in Reputation Plugin for PunBB Arbitrary File Inclusion Vulnerability in Reputation Plugin for PunBB Multiple SQL Injection Vulnerabilities in Mobilelib GOLD 3 SQL Injection Vulnerability in Permis (com_groups) Component 1.0 for Joomla! SQL Injection Vulnerability in SoftBiz Dating Script (cat_products.php) Allows Remote Code Execution Remote File Inclusion Vulnerability in WebDynamite ProjectButler 1.5.0 Arbitrary File Inclusion Vulnerability in Really Simple CMS (RSCMS) 0.3a Kernel Privilege Escalation via IRET Instruction Pre-Commit Failure in NetBSD Bypassing Microsoft Exchange Restrictions in Apple iPhone OS Heap-based Buffer Overflow in Recovery Mode Component Allows Bypass of Passcode Requirement on Apple iPhone OS Password Discovery Vulnerability in Apple iPhone OS 3.0 and iPod touch OS 3.0.1 Sensitive Information Disclosure via Referer Logs in Safari WebKit Heap-based Buffer Overflow in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability Heap-based Buffer Overflow in Apple QuickTime 7.6.4 and Earlier Versions Alias Manager Buffer Overflow Vulnerability in Apple Mac OS X 10.4.11 and 10.5.8 Timing Issue in Apple Mac OS X 10.5.8 Application Firewall Allows Remote Access Bypass Arbitrary Inline Attachment Rendering Vulnerability in MantisBT 1.2.x before 1.2.2 Memory Corruption and Application Crash Vulnerability in CarbonCore on Apple Mac OS X 10.4.11 and 10.5.8 ColorSync Integer Overflow Vulnerability CoreGraphics Integer Overflow Vulnerability in Mac OS X 10.4.11 and 10.5.8 Heap-based Buffer Overflow in CUPS USB Backend in Mac OS X 10.5.8 Insecure Connection in Apple Mac OS X Help Viewer Allows Code Execution Arbitrary Code Execution and Denial of Service Vulnerability in ImageIO on Apple Mac OS X 10.4.11 and 10.5.8 Quarantine Information Clearing Vulnerability in Launch Services Launch Services Incomplete Blacklist Vulnerability in Mac OS X 10.5.8: Arbitrary Code Execution via .fileloc File Remote Code Execution via Unsafe Uniform Type Identifier (UTI) in Apple Mac OS X 10.5.8 Launch Services Samba Pathname Resolution Vulnerability Cross-site scripting (XSS) vulnerability in Apple Mac OS X 10.5.8 Wiki Server Denial of Service Vulnerability in Apple iPhone OS Telephony Component Cross-Origin Resource Sharing (CORS) Vulnerability in WebKit-based Browsers Buffer Overflow Vulnerability in Apple iTunes 9.0.1 and Earlier Versions Insecure Handling of Invalid Usernames in SSH Login Attempts in Apple Mac OS X Arbitrary Code Execution and Denial of Service Vulnerability in AFP Client on Mac OS X 10.5.8 Cross-Site Scripting (XSS) and HTTP Response Splitting Vulnerabilities in CUPS Web Interface AirPort Utility MAC Address ACL Bypass Vulnerability Cross-Site Scripting (XSS) Vulnerability in Apache HTTP Server on Apple Mac OS X Buffer Overflow Vulnerabilities in Apple Type Services (ATS) in Mac OS X 10.5.8 Certificate Assistant in Apple Mac OS X before 10.6.2 allows SSL server spoofing via crafted X.509 certificates Heap-based Buffer Overflow in CoreGraphics in Apple Mac OS X 10.5.8 Heap-based Buffer Overflow in Disk Images in Apple Mac OS X 10.5.8 Remote Code Execution and Denial of Service Vulnerability in Apple Mac OS X 10.5.8 DirectoryService Denial of Service Vulnerability in Apple Mac OS X 10.5.8 Event Monitor Buffer overflow vulnerability in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 via crafted CDF file Arbitrary File Creation and Code Execution Vulnerability in Apple Mac OS X 10.5.8 Dictionary Buffer Overflow Vulnerability in Apple Mac OS X FTP Server Buffer Overflow in UCCompareTextDefault API in Apple Mac OS X 10.5.8 Firmware Modification Vulnerability in IOKit on Apple Mac OS X Privilege Escalation and Denial of Service Vulnerability in Apple Mac OS X Bypassing Password Authentication in Apple Mac OS X 10.6.x Login Window Heap-based Buffer Overflow in QuickDraw Manager in Apple Mac OS X QuickLook Integer Overflow Vulnerability in Mac OS X 10.5.8 Remote Code Execution and Denial of Service Vulnerability in Apple Mac OS X 10.5.8 Screen Sharing Privilege Escalation via Temporary Files in Apple Mac OS X 10.5.8 Spotlight HTMLMediaElement::loadResource function does not perform expected callbacks for HTML 5 media elements with external URLs, allowing remote attackers to trigger sub-resource requests to arbitrary websites. Local File Disclosure Vulnerability in Apple Safari Expired Certificate Acceptance Vulnerability in Java for Mac OS X 10.5 and 10.6 Denial of Service Vulnerability in cfg80211 in Linux Kernel Out-of-bounds read vulnerability in eisa_eeprom_read function in Linux kernel Information Leakage Vulnerability in Linux Kernel's do_sigaltstack Function Privilege Escalation and Denial of Service Vulnerability in Linux Kernel's execve Function Denial of Service Vulnerability in Linux Kernel's md Driver Multiple Buffer Overflows in NASA Common Data Format (CDF) Leading to Arbitrary Code Execution Arbitrary Web Script Injection via Comment Author URL in WordPress Administrator Interface Arbitrary PHP Code Execution in WP-Syntax Plugin for WordPress Privilege Escalation Vulnerability in WordPress 2.8.3 Unauthenticated Remote Code Execution in WordPress 2.8.3 Denial of Service Vulnerability in Squid 2.7 via Crafted Auth Header LDAP Session Sniffing Vulnerability in Sun Virtual Desktop Infrastructure (VDI) 3.0 Denial of Service Vulnerability in Sun Solaris and OpenSolaris Memory Leak Vulnerability in IBM DB2 8.1 on Unix Platforms Unspecified Access Vulnerability in IBM DB2 8.1 before FP18 via DAS Command Denial of Service Vulnerability in IBM DB2 8.1 Denial of Service Vulnerability in Cisco Aironet Lightweight Access Point 1100 and 1200 Devices Bypassing Access Restrictions in Cisco IOS ACL Object Groups (CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, CSCsu50252) Cisco IOS Firewall Authentication Proxy Bypass Vulnerability Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) Buffer Overflow Vulnerability in Cisco IOS Unified Communications Manager Express Extension Mobility Feature (CSCsq58779) Denial of Service Vulnerability in Cisco IOS 12.2 through 12.4 via Crafted H.323 Packet (CSCsz38104) Denial of Service Vulnerability in Cisco IOS Zone-Based Policy Firewall SIP Inspection (CSCsr18691) Denial of Service Vulnerability in Cisco IOS 12.2 through 12.4 with Certificate-based Authentication for IKE Denial of Service Vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA via Crafted NTPv4 Packet Denial of Service Vulnerability in Cisco IOS with Unified Border Element (CSCsx25880) Denial of Service Vulnerability in Cisco IOS 12.2 and 12.4 (Bug ID CSCsq24002) Denial of Service Vulnerability in Cisco IOS 12.0-12.4 with IP-based Tunnels and Cisco Express Forwarding Denial of Service Vulnerability in Cisco IOS 12.0-12.4 with IP-based Tunnels and Cisco Express Forwarding (Bug ID CSCsx70889) Denial of Service Vulnerability in Cisco Unified Presence Buffer Overflow Vulnerability in Cisco WebEx WRF Player Heap-based Buffer Overflow in Cisco WebEx WRF Player Stack-based Buffer Overflow in Cisco WebEx WRF Player Allows Remote Code Execution Heap-based Buffer Overflow in Cisco WebEx WRF Player Heap-based Buffer Overflow in Cisco WebEx WRF Player Buffer Overflow Vulnerability in Cisco WebEx WRF Player Allows Remote Code Execution SQL Injection Vulnerabilities in Basilic 1.5.13: Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in PG MatchMaking SQL Injection Vulnerability in SaphpLesson 4.0 Admin Login XSS Vulnerability in bios.php Allows Arbitrary Script Injection SQL Injection Vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings: Remote Code Execution via Rank Parameter SQL Injection Vulnerability in PHP Scripts Now President Bios Arbitrary Web Script Injection Vulnerability in PHP Scripts Now President Bios SQL Injection Vulnerability in PHP Scripts Now Hangman Arbitrary Web Script Injection Vulnerability in PHP Scripts Now Hangman Arbitrary Web Script Injection Vulnerability in PHP Scripts Now Riddles SQL Injection Vulnerability in list.php in PHP Scripts Now Riddles: Remote Code Execution via catid Parameter SQL Injection Vulnerabilities in Scripteen Free Image Hosting Script 2.3 via cookid and cookgid Cookies Multiple Cross-Site Scripting (XSS) Vulnerabilities in XZero Community Classifieds 4.97.8 Multiple SQL Injection Vulnerabilities in Ebay Clone 2009 SQL Injection Vulnerability in rss.php in Ultimate Regnow Affiliate (URA) 3.0 Buffer Overflow Vulnerability in KMPlayer 2.9.4.1433 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in SpringSource Hyperic HQ, Application Management Suite (AMS), and tc Server Cross-site scripting (XSS) vulnerability in Alerts list feature in SpringSource Hyperic HQ and related products Exposure of Database Password in SpringSource Hyperic HQ Monitor Perl Script Autodeployment Bypass Vulnerability in Apache Tomcat Apache Tomcat Directory Traversal Vulnerability Appletalk Subsystem Memory Leak Vulnerability Privilege Escalation via Hard Links in OpenSSH ChrootDirectory Feature Heap-based Buffer Overflow in newt Library Allows Arbitrary Code Execution Denial of Service Vulnerability in Samba 3.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in SpringSource tc Server and Hyperic HQ eCryptfs Kernel Vulnerability: Denial of Service and Arbitrary Code Execution via Negative Dentry Integer Signedness Error in ax25_setsockopt Function in Linux Kernel Kernel Register Leakage Vulnerability Vulnerability in SystemTap 1.0 with --unprivileged Option Denial of Service Vulnerability in Sun Solaris and OpenSolaris XZero Community Classifieds 4.97.8 index.php Cross-Site Scripting (XSS) Vulnerability Arbitrary Script Injection via File Name in XZero Community Classifieds 4.97.8 and Earlier Arbitrary SQL Command Execution in 2FLY Gift Delivery System 6.0 Format String Vulnerability in CNS_AddTxt Function in logs.dll in Vietcong 2 1.10 and Earlier Stack-based Buffer Overflow in ImTOO MPEG Encoder 3.1.53 via Crafted Playlist Files Denial of Service Vulnerability in TheGreenBow IPSec VPN Client 4.61.003 Arbitrary Web Script Injection in Boonex Orca 2.0 and 2.0.2 via Topic Title Field Multiple Cross-Site Scripting (XSS) Vulnerabilities in Elvin 1.2.2 SQL Injection Vulnerabilities in MOC Designs PHP News 1.1 Login Page Absolute Path Traversal Vulnerability in Pixaria Gallery 2.0.0 through 2.3.5 Directory Traversal Vulnerabilities in BitmixSoft PHP-Lance 1.52 Multiple SQL Injection Vulnerabilities in Videos Broadcast Yourself 2 Arbitrary File Read Vulnerability in DJCalendar.cgi SQL Injection Vulnerabilities in PHP Competition System BETA 0.84 and Earlier SQL Injection Vulnerability in DigitalSpinners DS CMS 1.0 - DetailFile.php Arbitrary Web Script Injection in TGS Content Management 0.x Login Page Multiple SQL Injection Vulnerabilities in TGS Content Management 0.x Elka CMS Search Feature XSS Vulnerability Arbitrary File Read Vulnerability in SlideShowPro Director 1.1 through 1.3.8 Arbitrary Web Script Injection Vulnerability in SAP NetWeaver Application Server (Java) 7.0 SQL Injection Vulnerability in Piwigo comments.php Stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D: Remote Code Execution Vulnerability Memory Reading Vulnerability in Google V8 JavaScript Engine Unauthenticated Remote Code Execution and Privilege Escalation in Varnish Reverse Proxy Server Arbitrary Script Injection via IMG SRC Attribute in Planet 2.0 and Planet Venus Postfix Package Vulnerability: Local Symlink Attack in postfix.postinst Script Vulnerability: Inadequate Support for PQescapeStringConn Function in pygresql Module Vulnerability: Inadequate Support for mysql_real_escape_string Function in mysql-ocaml Bindings 1.0.4 Inadequate Support for PQescapeStringConn Function in PostgreSQL-OCaml Bindings Incomplete Blacklist Vulnerability in Teximg Plugin in Ikiwiki Password Exposure in Stanford University WebAuth WebLogin Script Eval Injection Vulnerability in uscan.pl Allows Remote Code Execution Xapian Omega 1.0.16 Cross-Site Scripting (XSS) Vulnerability Local Privilege Escalation in mount.cifs Arbitrary Code Execution via Crafted XPM File in OpenOffice.org Heap-based Buffer Overflow in OpenOffice.org GIFLZWDecompressor::GIFLZWDecompressor Function Insecure Password Encryption in Phenotype CMS before 2.9 Unspecified Denial of Service Vulnerability in Solaris 10 and OpenSolaris Denial of Service Vulnerability in Mozilla Firefox 3.0.6 through 3.0.13 and 3.5.x Denial of Service Vulnerability in Microsoft Internet Explorer 6.0.2900.2180 and Earlier Denial of Service Vulnerability in Google Chrome 1.0.154.48 and Earlier Insufficient Access Control in IBM WebSphere Commerce Suite Allows Remote Information Disclosure Heap-based Buffer Overflow in dnsmasq TFTP Request Function Denial of Service Vulnerability in dnsmasq TFTP Request Function Arbitrary Web Script Injection Vulnerability in Buildbot's Waterfall Web Status View Unrestricted Access to User Modification in CuteFlow 2.10.3 and 2.11.0_c Stack-based Buffer Overflow in Thaddy de Konng KOL Player 1.0 via Long URL in .MP3 Playlist File Arbitrary File Execution Vulnerability in Toolbar Uninstaller 1.0.2 Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in SquirrelMail and NaSMail Arbitrary Web Script Injection Vulnerability in Radvision Scopia 5.7 Denial of Service Vulnerability in Kaspersky Internet Security and Anti-Virus Multiple Cross-Site Scripting (XSS) Vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 Arbitrary File Upload Vulnerability in VMware Studio 2.0 Public Beta Stack-based Buffer Overflow in GetUiDllVersion Function in UiCheck.dll Denial of Service Vulnerability in Sun Solaris 8 and 9 Print Service Vulnerability: Insecure SSL Certificate Validation in Google Chrome Denial of Service Vulnerability in Google Chrome 1.0.154.65 and Earlier Denial of Service Vulnerability in Mozilla Firefox 3.5.2 Cleartext Multicast Data Frame Vulnerability in Cisco Aironet Lightweight Access Point Devices Cleartext Password Storage Vulnerability in Cisco CS-MARS Arbitrary SQL Command Execution Vulnerability in SugarCRM XML Entity Expansion Denial of Service Vulnerability in Adobe Reader and Acrobat Integer Overflow Vulnerability in Adobe Reader and Acrobat Input Validation Bypass Vulnerability in Adobe Reader and Acrobat Unspecified Certificate Vulnerability in Adobe Reader and Acrobat Unspecified Vector Memory Corruption Vulnerability in Adobe Reader and Acrobat Unspecified Image Decoder Vulnerability in Adobe Acrobat 9.x and Earlier Unspecified Memory Corruption Vulnerability in Adobe Reader and Acrobat Heap-based Buffer Overflow Vulnerabilities in Adobe Reader and Acrobat Unspecified Denial of Service Vulnerability in Adobe Reader and Acrobat Unspecified Input Validation Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability in Adobe Acrobat 9.x, 8.x, and 7.x Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat 9.x, 8.x, and possibly 7.x Unspecified Remote Code Execution Vulnerability in Adobe Reader and Acrobat Plug-in Unspecified Input Validation Vulnerability in Adobe Reader and Acrobat Arbitrary File Creation and Code Execution Vulnerability in Adobe Reader and Acrobat Buffer Overflow Vulnerability in Adobe Reader and Acrobat Adobe Acrobat Integer Overflow Denial of Service Vulnerability Unspecified Memory Corruption Vulnerability in Adobe Reader and Acrobat Heap-based Buffer Overflow in Adobe Reader and Acrobat Versions 7.x, 8.x, and 9.x Unspecified Input Validation Vulnerability in Adobe Reader and Acrobat Denial of Service Vulnerability in com.android.phone Process in Android 1.5 CRBxx Denial of Service Vulnerability in Solaris Sockfs Module Kernel Memory Leak Vulnerability in llc_ui_getname Function Uninitialized Data Structures Vulnerability in Linux Kernel Address Bar Spoofing Vulnerability in Microsoft Internet Explorer 6-8 Address Bar Spoofing Vulnerability in Avant Browser 11.7 Builds 35 and 36 Address Bar Spoofing Vulnerability in Lunascape 5.1.3 and 5.1.4 Address Bar Spoofing Vulnerability in Maxthon Browser 2.5.3.80 UNICODE Address Bar Spoofing Vulnerability in Mozilla Firefox, SeaMonkey, and Flock Address Bar Spoofing Vulnerability in K-Meleon 1.5.3 Ruby on Rails Cross-Site Scripting (XSS) Vulnerability in Form Helper Cross-Site Scripting (XSS) vulnerability in Mozilla Firefox, SeaMonkey, and Mozilla Cross-Site Scripting (XSS) Vulnerability in Google Chrome 1.0.154.48 and earlier, 2.0.172.28, 2.0.172.37, and 3.0.193.2 Beta Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox 3.0.13 and earlier, 3.5, 3.6 a1 pre, and 3.7 a1 pre Cross-Site Scripting (XSS) Vulnerability in Opera 9.52 and Earlier, and 10.00 Beta 3 Build 1699 Cross-Site Scripting (XSS) vulnerability in Mozilla Firefox, SeaMonkey, and Mozilla Cross-Site Scripting (XSS) Vulnerability in QtWeb 3.0 Builds 001 and 003 Cross-Site Scripting (XSS) Vulnerability in Apple Safari 4.0.3 Cross-Site Scripting (XSS) Vulnerabilities in Orca Browser 1.2 build 5 Cross-Site Scripting (XSS) Vulnerabilities in Maxthon Browser 3.0.0.145 Alpha with Ultramode Denial of Service Vulnerability in Microsoft Internet Explorer 6 and 7 Denial of Service Vulnerability in Microsoft Windows Server 2003 SP2 Arbitrary Web Script Injection in Site Calendar 'mycaljp' Plugin CSRF Vulnerability in bingo!CMS 1.2 and Earlier Allows Remote Authentication Hijacking IIS FTP Service Buffer Overflow Vulnerability Bypassing hostname check in IO-Socket-SSL certificate verification Denial of Service Vulnerability in Pidgin 2.6.0 via Yahoo IM Link Insecure Connection Handling in libpurple Allows Session Sniffing Remote Code Execution in VRTSweb.exe in Multiple Symantec and Veritas Products Arbitrary File Download and Code Execution Vulnerability in Altiris eXpress NS SC Download ActiveX Control Symantec SecurityExpressions Audit and Compliance Server XSS Vulnerability HTML Injection Vulnerability in Symantec SecurityExpressions Audit and Compliance Server 4.1.1 and earlier Stack-based buffer overflow in Altiris eXpress NS ConsoleUtilities ActiveX control in Symantec Altiris Notification Server (NS) 6.0 before R12, Deployment Server 6.8 and 6.9 in Symantec Altiris Deployment Solution 6.9 SP3, and Symantec Management Platform (SMP) 7.0 before SP3 Integer Overflow Vulnerability in Autonomy KeyView Filter SDK Buffer Overflow in Altiris eXpress NS Console Utilities ActiveX Control Hardcoded Key Vulnerability in Symantec Altiris Notification Server 6.0.x Unspecified Cross-Site Scripting (XSS) Vulnerability in Symantec IM Manager Console Buffer Overflow Vulnerability in Autonomy KeyView XLS Viewer Allows Remote Code Execution Denial of Service Vulnerability in RIM Lotus Notes Connector for BlackBerry Desktop Manager Multiple SQL Injection Vulnerabilities in Open Computer and Software (OCS) Inventory NG 1.02 for Unix Improper Access Control in SPIP Versions 1.9 and 2.0 SQL Injection Vulnerability in OCS Inventory NG 1.02.1: Remote Code Execution via systemid Parameter Denial of Service and Privilege Escalation Vulnerability in Linux Kernel 2.6.31-rc SSL Spoofing Vulnerability in Opera before 10.00 Vulnerability: Opera's Trust in MD2-signed Root Certificates Revocation Check Bypass Vulnerability in Opera before 10.00 URL Spoofing Vulnerability in Opera Browser Unintended File Upload Vulnerability in Opera before 10.00 on Linux, Solaris, and FreeBSD IDN Spoofing Vulnerability in Opera before 10.00 Buffer Overflow in set_page_size function in HTMLDOC 1.8.27 and earlier Arbitrary Code Execution via Format String Vulnerabilities in SILC Toolkit and SILC Client SQL Injection Vulnerability in Prime Quick Style Addon for phpBB 3 Agora Component 3.0.0b for Joomla! Directory Traversal Vulnerability Artecitcs.com Art Portal (com_artportal) Component 1.0 SQL Injection Vulnerability DataLife Engine (DLE) 8.2 - PHP Remote File Inclusion Vulnerability in api.class.php Arbitrary PHP Code Execution via Remote File Inclusion in KingCMS 0.6.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in AOM Software Beex 3 Remote Code Execution Vulnerability in akPlayer 1.9.0 via Long String in .plt Playlist File SQL Injection Vulnerabilities in Joker Board (aka JBoard) 2.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joker Board (JBoard) 2.0 and Earlier SQL Injection Vulnerability in Alqatari Q R Script 1.0: Remote Code Execution via id Parameter in lesson.php SQL Injection Vulnerability in message_box.php in OSI Codes PHP Live! 3.3 SQL Injection Vulnerability in Game Server Component 1.0 for Joomla! Ve-EDIT 0.1.4 Directory Traversal Vulnerability Ve-EDIT 0.1.4 - PHP Remote File Inclusion Vulnerability in edit_htmlarea.php Cross-Site Scripting (XSS) Vulnerabilities in PropertyWatchScript.com Property Watch 2.0 Arbitrary Web Script Injection Vulnerability in Reservation Manager Unrestricted File Upload Vulnerability in Adobe RoboHelp Server 8 Unspecified Remote Code Execution Vulnerability in Mozilla Firefox 3.5.x Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox Unspecified vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox 3.5.x Unspecified Remote Code Execution Vulnerability in Mozilla Firefox JavaScript Engine Unspecified Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey JavaScript Engine Arbitrary PKCS11 Module Installation and Removal Vulnerability in Mozilla Firefox Dangling Pointer Vulnerability in Mozilla Firefox Vertical Scroll and URL Spoofing Vulnerability in Mozilla Firefox Arbitrary JavaScript Execution with Chrome Privileges in Mozilla Firefox Array Index Error in gdth_read_event Function in Linux Kernel SQL Injection Vulnerability in Uiga Church Portal's index.php Allows Remote Code Execution SQL Injection Vulnerability in Snow Hall Silurus System 1.0 wcategory.php Denial of Service Vulnerability in libpurple MSN Protocol Plugin Denial of Service Vulnerability in MSN Protocol Plugin in Pidgin Denial of Service Vulnerability in Pidgin XMPP Protocol Plugin Information Leakage in Ruby on Rails Cookie Store Signature Verification Unspecified Denial of Service Vulnerability in IBM Lotus Domino 8.0 Heap-based Buffer Overflow in ibmdiradm in IBM Tivoli Directory Server (TDS) 6.0 on Linux Denial of Service Vulnerability in IBM Tivoli Directory Server (TDS) 6.0 Unspecified Denial of Service Vulnerability in IBM Tivoli Directory Server (TDS) 6.0 on Linux CVE-2009-XXXX: Unspecified Remote Vulnerability in ASUS WL-330gE CVE-2009-XXXX: Buffer Overflow Vulnerability in ASUS WL-500W Wireless Router Unspecified Remote Vulnerability in ASUS WL-500W Wireless Router Denial of Service Vulnerability in Apache HTTP Server 2.0.63 and 2.2.13 Arbitrary Command Injection in mod_proxy_ftp Module of Apache HTTP Server Unspecified Remote Exploits in HP Performance Insight 5.3 Unspecified Information Disclosure Vulnerabilities in HP Performance Insight 5.3 on Windows Unspecified Remote Exploit Vulnerability in HP Operations Dashboard 2.1 Unspecified Remote Exploit Vulnerability in HP OpenView Operations Manager 8.1 Denial of Service Vulnerability in xscreensaver on Solaris and OpenSolaris Denial of Service Vulnerability in xscreensaver on Solaris and OpenSolaris Arbitrary Command Execution in Zmanda Recovery Manager (ZRM) for MySQL 2.x SMBv2 Negotiation Vulnerability Denial of Service vulnerability in Symantec Norton and Client Security products IBM Lotus iNotes (Domino Web Access) Cross-Site Scripting (XSS) Vulnerability Bypassing Security Constraints in IBM WebSphere Application Server (WAS) 6.0.2 Unauthenticated Remote Access and Database Modification Vulnerability in Symantec Altiris Deployment Solution Insecure Permissions in Symantec Altiris Deployment Solution Allows Privilege Escalation Authentication bypass vulnerability in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 Race condition vulnerability in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates Denial of Service Vulnerability in FreeRADIUS 1.1.8 Remote Code Execution Vulnerability in OXID eShop Professional, Enterprise, and Community Edition before 4.1.0 Remote Code Execution via Crafted Parameter in OXID eShop Arbitrary Script Execution Vulnerability in IBM Lotus Notes RSS Reader Widget (SPR RGAU7RDJ9K) SolarWinds TFTP Server Denial of Service Vulnerability SQL Injection Vulnerability in Uiga Church Portal: Remote Code Execution via Calendar Action SQL Injection Vulnerability in Snow Hall Silurus System 1.0: Remote Code Execution via category.php SQL Injection Vulnerability in Danneo CMS 0.5.2 and Earlier Arbitrary SQL Command Execution in Download System mSF Module Arbitrary Script Injection in BIGACE Web CMS 2.6 via id Parameter Unspecified Cross-Site Scripting (XSS) Vulnerability in Ajax Table Module for Drupal 5.x Unrestricted Access Control in Ajax Table Module for Drupal 5.x Directory Traversal Vulnerability in Wap-Motor Gallery (gallery.php) Allows Arbitrary File Read QuarkMail get_message.cgi Directory Traversal Vulnerability Bugzilla SQL Injection Vulnerability GDI+ PNG Integer Overflow Vulnerability Excel Cache Memory Corruption Vulnerability Excel SxView Memory Corruption Vulnerability Excel Featheader Record Memory Corruption Vulnerability Excel Document Parsing Heap Overflow Vulnerability Excel Formula Parsing Memory Corruption Vulnerability Excel Index Parsing Vulnerability Excel Document Parsing Memory Corruption Vulnerability Excel Field Sanitization Vulnerability Microsoft Office Word File Information Memory Corruption Vulnerability Cross-Site Scripting (XSS) Vulnerability in ArticleFriend Script's search_advance.php Arbitrary Script Injection Vulnerability in ReviewPost Pro vB3's showproduct.php Multiple SQL Injection Vulnerabilities in PortalXP Teacher Edition 1.2 Directory Traversal Vulnerability in Elgg 1.5 _css/js.php SQL Injection Vulnerability in Multi Website 1.5: Remote Code Execution via Vote Action Arbitrary File Read Vulnerability in Ultrize TimeSheet 1.2.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in NTSOFT BBS E-Market Professional Multiple Cross-Site Scripting (XSS) Vulnerabilities in x10 MP3 Search Engine 1.6.5 SQL Injection Vulnerability in Almond Classifieds Component 7.5 for Joomla! Arbitrary Web Script Injection Vulnerability in Almond Classifieds Component for Joomla! Arbitrary Script Injection in Date Tools Sub-module of Drupal Arbitrary Script Injection in Drupal Calendar Module Unauthenticated Remote Administrative Actions in simplePHPWeb 0.2 Unspecified Denial of Service Vulnerability in IBM WebSphere MQ 7.0.0.0, 7.0.0.1, and 7.0.0.2 Unspecified Memory Overwrite Vulnerability in IBM WebSphere MQ Denial of Service Vulnerability in IBM WebSphere MQ 7.0.0.1, 7.0.0.2, and 7.0.1.0 Arbitrary Script Injection via Search Parameter in Multi Website 1.5 Multiple format string vulnerabilities in SILC Toolkit and SILC Client Denial of Service Vulnerability in Solaris IPv6 Networking Stack with Cassini GigaSwift Ethernet Adapter Bugzilla SQL Injection Vulnerability Password Exposure in Bugzilla 3.4rc1 through 3.4.1 Arbitrary File Read Vulnerability in Anantasoft Gazelle CMS 1.0 Unrestricted Access to Admin Functions in Mevin Productions Basic PHP Events Lister 2.0 Unspecified Remote Code Execution Vulnerabilities in Hitachi JP1/File Transmission Server/FTP AIMP2 Audio Converter 2.53 (build 330) Stack-based Buffer Overflow Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Anantasoft Gazelle CMS 1.0 and Earlier Unspecified Vulnerability in Hitachi Groupmax Groupware Server with Unknown Impact and Attack Vectors Unrestricted File Upload Vulnerability in The Rat CMS Alpha 2 Arbitrary PHP Code Execution via Remote File Inclusion in OBOphiX 2.7.0 and Earlier Multiple SQL Injection Vulnerabilities in Model Agency Manager PRO Buffer Overflow Vulnerability in Novell iPrint Client 4.38 ActiveX Control Unspecified vulnerability in Kaspersky Online Scanner 7.0 Unspecified Denial of Service Vulnerability in Symantec Altiris Deployment Solution 6.9 Unspecified Remote Code Execution Vulnerabilities in Symantec Altiris Deployment Solution 6.9 Remote Password Reset Vulnerability in Anantasoft Gazelle CMS 1.0 Arbitrary File Overwrite Vulnerability in Anantasoft Gazelle CMS 1.0 Arbitrary Code Execution via Unrestricted File Upload in Anantasoft Gazelle CMS 1.0 Heap-based Buffer Overflow in w on Sun Solaris 8 through 10 and OpenSolaris before snv_124 SQL Injection Vulnerabilities in Pirates of The Caribbean E-Gold Game Series Arbitrary SQL Command Execution Vulnerability in Crazy Star Plugin 2.0 for Discuz! Multiple Cross-Site Scripting (XSS) Vulnerabilities in VideoGirls BiZ Arbitrary Web Script Injection Vulnerability in Stand Alone Arcade 1.1 Remote Code Execution in phpSANE 0.5.0 via save.php File Inclusion Vulnerability Arbitrary Script Injection in DigiOz Guestbook 1.7.2 search.php SQL Injection Vulnerabilities in PAD Site Scripts 3.6: Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in PAD Site Scripts 3.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in LinkorCMS 1.2 and Earlier Arbitrary SQL Command Execution Vulnerability in DigiFolio Component 1.52 for Joomla! Arbitrary Script Injection Vulnerability in JCE-Tech SearchFeed Script Cross-Site Scripting (XSS) Vulnerabilities in JCE-Tech Auction RSS Content Script 3.0 Arbitrary Script Injection Vulnerability in JCE-Tech PHP Video Script Arbitrary Web Script Injection in JCE-Tech PHP Calendars Script's search.php Arbitrary Web Script Injection Vulnerability in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 Sensitive Information Exposure in Uebimiau Webmail 3.2.0-2.0 Undocumented Recovery Key Vulnerability in QNAP TS-239 Pro and TS-639 Pro Integer Overflow Vulnerability in Media Player Classic 6.4.9 Arbitrary Web Script Injection Vulnerability in ULoKI PHP Forum 2.1 AJ Auction Pro OOPD 2.x - SQL Injection Vulnerability in store.php Stiva Forum 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerability in CBAuthority's main.php Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in ImageCache Module for Drupal Arbitrary Image Viewing Vulnerability in ImageCache Module for Drupal SQL Injection Vulnerabilities in phpfreeBB 1.0: Remote Code Execution Arbitrary SQL Command Execution in PHP eMail Manager 3.3.0 via remove.php Cross-Site Scripting (XSS) Vulnerabilities in Drupal Print Module Arbitrary File Read Vulnerability in VivaPrograms Infinity Script 2.x.x SQL Injection Vulnerability in VivaPrograms Infinity Script 2.x.x: Remote Code Execution via Username Field Stack-based Buffer Overflow in Broid 1.0 Beta 3a via Long String in .mp3 File Stack-based buffer overflows in Photodex ProShow Gold 4.0.2549: Remote Code Execution via Crafted Slideshow Project File Arbitrary SQL Command Execution in IXXO Cart Standalone and Joomla! Component Directory Traversal Vulnerabilities in iWiccle 1.01 SQL Injection Vulnerability in iWiccle 1.01 Admin Module AR Web Content Manager (AWCM) 2.1 SQL Injection Vulnerability in control/login.php AR Web Content Manager (AWCM) 2.1 Directory Traversal Vulnerability Remote File Inclusion Vulnerability in All In One Control Panel (AIOCP) 1.4.001 ALP Audio Lib Player Remote Code Execution Vulnerability Arbitrary Web Script Injection Vulnerability in FreeWebScriptz Honest Traffic (FWSHT) 1.x SQL Injection Vulnerability in Inout Adserver's ppc-add-keywords.php Allows Arbitrary SQL Command Execution SQL Injection Vulnerability in Super Mod System Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in AlmondSoft Almond Classifieds Wap and Pro SQL Injection Vulnerability in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds Cross-Site Scripting (XSS) Vulnerability in AlmondSoft Almond Classifieds Ads Enterprise and Almond Affiliate Network Classifieds Uninitialized Structure Members Vulnerability in tc_fill_tclass Function Denial of Service Vulnerability in PostgreSQL Server Component Incomplete Fix for Privilege Escalation in PostgreSQL Server Components LDAP Authentication Bypass Vulnerability in PostgreSQL Authentication Bypass Vulnerability in pam-auth-update Arbitrary Command Execution Vulnerability in changetrack 4.3 Buffer Overflow in Linux Kernel's perf_copy_attr Function Stack-based buffer overflows in Sieve plugin in Dovecot 1.0 and 1.1 Arbitrary File Overwrite and Remote Code Execution in Horde Application Framework and Groupware Multiple Cross-Site Scripting (XSS) Vulnerabilities in Horde Application Framework and Groupware Insufficient Randomness in get_random_int Function in Linux Kernel Arbitrary Web Script Injection Vulnerability in Happy Linux XF-Section Module 1.12a for XOOPS Denial of Service Vulnerability in OpcUa Dissector in Wireshark Unspecified Denial of Service Vulnerability in Wireshark GSM A RR Dissector Unspecified Denial of Service Vulnerability in Wireshark TLS Dissector Heap-based Buffer Overflow in Adobe Shockwave Player ActiveX Control NULL return value vulnerability in OpenSSL before 0.9.8m SQL Injection Vulnerability in spnews.php in MyBuxScript PTC-BUX Arbitrary Code Injection via Action Parameter in vtiger CRM 5.0.4 Activities Module CSRF Vulnerability in vtiger CRM 5.0.4 RSS Module Allows Authentication Hijacking Multiple Directory Traversal Vulnerabilities in vtiger CRM 5.0.4 Arbitrary Code Execution via Attachment Filename in vtiger CRM 5.0.4 Bypassing Access Restrictions and Reading Calendar Fields in vtiger CRM SQL Injection Vulnerabilities in Rock Band CMS 0.10's news.php Stack-based Buffer Overflow in TriceraSoft Swift Ultralite 1.032 via Long String in .M3U Playlist File Stack-based buffer overflow vulnerabilities in Ultimate Player 1.56 beta: Remote code execution via playlist files RASH Quote Management System (RQMS) 1.2.2 and Earlier SQL Injection Vulnerability Cross-Site Scripting (XSS) Vulnerability in LiveStreet 0.2's include/ajax/blogInfo.php Bypassing Permissions on Account Billing and Shipping Address Fields in vtiger CRM Multiple Privilege Escalation Vulnerabilities in vtiger CRM Multiple SQL Injection Vulnerabilities in RASH Quote Management System (RQMS) 1.2.2 XSS Vulnerability in LiveStreet 0.2 Allows Remote Code Injection via Comment Header Unauthenticated Remote DROP TABLE Vulnerability in LiveStreet 0.2 Arbitrary Script Injection in IBM Tivoli Identity Manager Self Service UI Cross-site scripting (XSS) vulnerability in Google Chrome 2.x and 3.x before 3.0.195.21 via RSS and Atom feeds Cross-Site Scripting (XSS) Vulnerability in getSVGDocument Method of Google Chrome Cross-Site Scripting (XSS) Vulnerability in Opera 9 and 10 via RSS and Atom Feeds Cross-Site Scripting (XSS) and Cross-Zone Scripting Vulnerability in Opera before 10.01 Denial of Service Vulnerability in Microsoft Internet Explorer 6 and 7 Denial of Service Vulnerability in Google Chrome 1.0.154.48 and Earlier Denial of Service Vulnerability in Opera 9.52 and Earlier Denial of Service Vulnerability in Microsoft Internet Explorer 7 through 7.0.6000.16711 Denial of Service Vulnerability in Apple Safari on iPhone OS 3.0.1 Stack Consumption Vulnerability in WebKit.dll in Apple Safari 3.2.3 and Earlier Versions Arbitrary SSL E-mail Server Spoofing Vulnerability in iPhone Mail Arbitrary File Replacement Vulnerability in Mozilla Firefox Denial of Service (CPU Consumption) Vulnerability in Microsoft Enterprise Library Denial of Service Vulnerability in Zoran/WinFormsAdvansed/RegeularDataToXML/Form1.cs in WinFormsAdvansed in NASD CORE.NET Terelik (aka corenet1) ReDoS Vulnerability in DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs Weak Recovery Key Generation in QNAP TS-239 Pro and TS-639 Pro Firmware Weak Encryption in QNAP TS-239 Pro and TS-639 Pro Firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 Denial of Service Vulnerability in Linux Kernel's cfg80211 Subsystem Privilege Escalation Vulnerability in VMware Fusion Integer Overflow in VMware Fusion Kernel Extension Arbitrary Web Script Injection Vulnerability in phpspot PHP BBS and Related Applications Arbitrary File Read Vulnerability in Multiple PHP BBS Systems Insecure Inode Cleanup in NFSv4 Implementation in Linux Kernel 2.6.18 IP Spoofing Vulnerability in Thin Web Server Incorrect Variable Access in sg_build_indirect Function Allows for Kernel Denial of Service Vulnerability: g_file_copy function in glib 2.0 allows unauthorized modification of user files Unrestricted MMU Hypercall Access Vulnerability in KVM Insecure Certificate Validation in PHP's php_openssl_apply_verification_policy Function Unspecified Vulnerability in PHP Exif Processing Unspecified vulnerability in PHP imagecolortransparent function prior to 5.2.11 Denial of Service Vulnerability in PHP popen API Function on Windows Denial of Service Vulnerability in MIT Kerberos 5 (krb5) 1.7 before 1.7.1 Heap-based Buffer Overflow in CamlImages 2.2 TIFF Image Processing Remote Password Reset Vulnerability in Mahara Arbitrary web script injection vulnerability in Mahara resume blocktype Cross-Site Scripting (XSS) Vulnerabilities in Shibboleth Identity Provider and Service Provider Integer Underflow Vulnerability in OpenOffice.org (OOo) Allows Remote Code Execution Boundary Error Flaw in OpenOffice.org (OOo) Allows Remote Code Execution Arbitrary web script injection vulnerability in GForge 4.5.14, 4.7 rc2, and 4.8.1 Arbitrary File Overwrite Vulnerability in GForge 4.5.14, 4.7 rc2, and 4.8.2 Denial of Service Vulnerability in Polipo 1.0.4 and Possibly Other Versions ClearSite 4.50 PHP Remote File Inclusion Vulnerability in include/header.php Multiple PHP Remote File Inclusion Vulnerabilities in FSphp 0.2.1 Arbitrary SQL Command Execution in FanUpdate 2.2.1 via show-cat.php SQL Injection Vulnerability in CF ShopKart 5.4 Beta via itemid Parameter in ViewDetails Action Zainu 1.0 index.php SQL Injection Vulnerability XSS Vulnerability in RSSMediaScript's index.php Allows Remote Code Injection PHP Remote File Inclusion Vulnerability in phpPollScript 1.3 and Earlier Multiple SQL Injection Vulnerabilities in FMyClone 2.3 Arbitrary SQL Command Execution in Elite Gaming Ladders 3.2 SQL Injection Vulnerability in NeLogic Nephp Publisher Enterprise 3.5.9 and 4.5 SQL Injection Vulnerability in JReservation Component for Joomla! OpenSiteAdmin 0.9.7 BETA - PHP Remote File Inclusion Vulnerability in pageHeader.php Directory Traversal Vulnerability in Roland Breedveld Album Component 1.14 for Joomla! SQL Injection Vulnerability in poems.php in DCI-Designs Dawaween 1.03 Arbitrary Web Script Injection Vulnerability in Zenas PaoLink 1.0 SQL Injection Vulnerability in SaphpLesson 4.3 with Disabled Magic Quotes GPC Denial of Service Vulnerability in Siemens Gigaset SE361 WLAN Router Multiple PHP Remote File Inclusion Vulnerabilities in BAnner ROtation System mini (BAROSmini) 0.32.595 Remote File Inclusion Vulnerability in ProdLer 2.0 and Earlier Arbitrary SQL Command Execution in Focusplus Developments Survey Manager Component 1.5.0 for Joomla! SQL Injection Vulnerability in CMScontrol Content Management System 7.x SQL Injection Vulnerabilities in WX-Guestbook 1.1.208 Arbitrary Script Injection in WX-Guestbook 1.1.208 via sName Parameter Winplot 1.25.0.1: User-Assisted Remote Code Execution via Crafted Plot2D File Arbitrary SQL Command Execution in cP Creator 2.7.1 via Support Ticket Action Multiple PHP Remote File Inclusion Vulnerabilities in DDL CMS 1.0 Arbitrary SQL Command Execution Vulnerability in JBudgetsMagic Component for Joomla! Remote File Inclusion Vulnerability in koeSubmit Component 1.0 for Mambo Arbitrary SQL Command Execution Vulnerability in Lhacky! Extensions Cave Joomla! Integrated Newsletters Component TurtuShout Component 0.11 for Joomla! SQL Injection Vulnerability SQL Injection Vulnerability in auction_details.php in PHP Pro Bid SQL Injection Vulnerability in Freetag Plugin for Serendipity (S9Y) Stack-based Buffer Overflow in E.M. Magic Morph 1.95b via Long String in .mor File Unspecified File Reading Vulnerability in McAfee Email and Web Security Appliance 5.1 VMtrial Unspecified Denial of Service Vulnerability in FreeSSHD 1.2.4 CVE-2009-XXXX: Remote Code Execution Vulnerability in Linksys WRT54GL Wireless Router SQL Injection Vulnerability in AlphaUserPoints Component 1.5.2 for Joomla! SQL Injection Vulnerability in HotWeb Rentals' details.asp Allows Remote Code Execution Unspecified Denial of Service Vulnerability in SAP Crystal Reports Server 2008 on Windows XP CVE-2009-XXXX: Heap-based Buffer Overflow in SAP Crystal Reports Server 2008 Unspecified Remote Code Execution Vulnerability in SAP Crystal Reports Server 2008 CVE-2009-XXXX: Remote Code Execution Vulnerability in D-Link DIR-400 Wireless Router Arbitrary Web Script Injection in Datavore Gyro 5.0 via cid Parameter SQL Injection Vulnerability in Datavore Gyro 5.0: Remote Code Execution via cid Parameter Unspecified Vulnerabilities in Drupal Subdomain Manager Module Unspecified Vulnerabilities in Node Browser Module for Drupal Unspecified Vulnerabilities in Drupal Quota by Role Module Unspecified Vulnerabilities in Node2Node Module for Drupal Unspecified Vulnerabilities in Drupal Rest API Module Arbitrary Script Injection in Datetopia Buy Dating Site 1.0 via profile.php SQL Injection Vulnerability in Image Voting 1.0: Remote Code Execution via show Parameter Multiple SQL Injection Vulnerabilities in Hotel Booking Reservation System SQL Injection Vulnerability in Tourism Scripts Adult Portal Escort Listing Multiple Cross-Site Scripting (XSS) Vulnerabilities in Match Agency BiZ 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Datemill 1.0 Arbitrary SQL Command Execution in PHP-IPNMonitor via maincat_id Parameter Remote File Inclusion Vulnerability in SZNews 2.7 printnews.php3 Allows Arbitrary PHP Code Execution Arbitrary Web Script Injection Vulnerability in BUEditor Module for Drupal FTPShell Client 4.1 RC2 Stack-Based Buffer Overflow Vulnerability Aurora CMS 1.0.2 Remote File Inclusion Vulnerability in install.plugin.php Arbitrary Directory Listing Vulnerability in Image Gallery 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in An Image Gallery 1.0 Arbitrary Script Injection Vulnerability in Hotel Booking Reservation System for Joomla Remote File Access Vulnerability in BackupPC 3.1.0 Form History Disclosure Vulnerability in Mozilla Firefox Mozilla Firefox 3.5.x Use-After-Free Vulnerability Arbitrary Code Execution via Crafted Regular Expression in PAC File Arbitrary Code Execution via Heap-Based Buffer Overflow in Mozilla Firefox and SeaMonkey Arbitrary JavaScript Execution via Doubly-Wrapped Objects in Mozilla Firefox Same Origin Policy Bypass in Mozilla Firefox 3.0.x and 3.5.x Remote File Extension Spoofing Vulnerability in Mozilla Firefox and SeaMonkey Unspecified Vulnerabilities in liboggz Leading to Denial of Service or Arbitrary Code Execution NULL Pointer Dereference and Arbitrary Code Execution in liboggplay Unspecified Remote Code Execution Vulnerabilities in libvorbis Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox 3.5.x Memory Corruption and Arbitrary Code Execution Vulnerability in Mozilla Firefox 3.0.x Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox 3.5.x Arbitrary Code Execution and Denial of Service Vulnerabilities in Apple Safari Remote Code Execution via Scriptable Plugin Content in Mozilla SeaMonkey Information Disclosure Vulnerability in Bugzilla Template.pm Bugzilla Vulnerability: Group Restrictions Not Preserved During Bug Movement Memory Safety Issues in liboggplay Integer Overflow Vulnerability in libtheora in Xiph.Org Theora Unspecified Privilege Escalation Vulnerabilities in Sun Solaris 10 and OpenSolaris Unspecified Remote Code Execution Vulnerability in Oracle E-Business Suite 6.1.0.0 Unspecified Remote Integrity Vulnerability in Oracle E-Business Suite 11.5.10.2 Unspecified Remote Code Execution Vulnerability in Oracle E-Business Suite AutoVue Component Unspecified Remote Code Execution Vulnerability in WebLogic Server Component Unspecified Remote Confidentiality Vulnerability in Oracle E-Business Suite Unspecified Remote Code Execution Vulnerability in WebLogic Server Component Unspecified Remote Code Execution Vulnerability in Oracle Advanced Benefits Component Unspecified Local Confidentiality Vulnerability in Oracle E-Business Suite Unspecified Confidentiality Vulnerability in Oracle Applications Framework Unspecified vulnerability in JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and 6 Unspecified Integrity Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.49.23 Unspecified Remote Code Execution Vulnerability in JD Edwards Tools Component Unspecified Confidentiality Vulnerability in JD Edwards Tools Component Unspecified Remote Integrity Vulnerability in Oracle Application Server Portal Component Unspecified Remote Code Execution Vulnerability in Oracle E-Business Suite 11.5.10 Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise HCM (TAM) Component Unspecified Remote Code Execution Vulnerability in Oracle Database Unspecified Remote Code Execution Vulnerability in Oracle Data Pump Component Unspecified Local Confidentiality Vulnerability in Oracle Database and Application Server Unspecified vulnerability in Oracle Spatial component in Oracle Database versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 Unspecified vulnerability in Oracle Spatial component in Oracle Database versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 Unspecified vulnerability in Oracle OLAP component in Oracle Database Unspecified Remote Integrity Vulnerability in Oracle E-Business Suite SQL Injection Vulnerability in IDoBlog Component 1.1 Build 30 for Joomla! Multiple SQL Injection Vulnerabilities in Plume CMS 1.2.3 SQL Injection Vulnerability in Publisher Module 2.0 for Miniweb via historymonth Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Miniweb Publisher Module 2.0 Authentication Bypass Vulnerability in Zenas PaoBacheca Guestbook 2.1 Authentication Bypass Vulnerability in Zenas PaoLiber 1.1 with register_globals enabled Authentication Bypass Vulnerability in Zenas PaoLink 1.0 Multiple PHP Remote File Inclusion Vulnerabilities in MaxCMS 3.11.20b MaxCMS 3.11.20b Directory Traversal Vulnerability MaxCMS 3.11.20b Remote File Inclusion Vulnerability in special.php Arbitrary Script Injection in Kayako SupportSuite 3.50.06 Ticket Subject Field Arbitrary Code Execution via Crafted .wav File in Easy Music Player 1.0.0.2 Remote Code Execution Vulnerability in Pirate Radio Destiny Media Player 1.61 SQL Injection Vulnerability in Allomani Mobile 2.5 Login.php Stack Consumption Vulnerability in Adobe Reader and Acrobat Unspecified vulnerability in xscreensaver in Sun Solaris 10 and OpenSolaris before snv_112 Privilege Escalation Vulnerability in Sun Solaris Cluster 3.2 Configuration Utility Arbitrary SQL Command Execution Vulnerability in Tupinambis Component 1.0 for Mambo and Joomla! Arbitrary Web Script Injection Vulnerability in Devel Module for Drupal SQL Injection Vulnerabilities in MaxWebPortal Forum.asp Arbitrary Script Injection in Drupal Markdown Preview Module's Live Preview Feature Arbitrary SQL Command Execution in JoomlaFacebook Component Multiple SQL Injection Vulnerabilities in OSSIM 2.1.2 Arbitrary Script Injection in OSSIM 2.1.2 Authentication Bypass Vulnerability in OSSIM before 2.1.2 Improper Permissions Assignment in Meta Tags Module for Drupal Arbitrary SQL Command Execution Vulnerability in Fastball Component for Joomla! Arbitrary Web Script Injection via HTTP Referer Header in e107 0.7.16 and Earlier Denial of Service Vulnerability in Code-Crafters Ability Mail Server before 2.70 SQL Injection Vulnerability in MyRemote Video Gallery Component for Joomla! Unrestricted File Upload Vulnerability in RADactive I-Load before 2008.2.5.0 Denial of Service Vulnerability in BakBone NetVault Backup 8.22 Build 29 Denial of Service Vulnerability in MP3 Collector 2.3 via Long URL in .m3u Playlist File Cross-Site Scripting (XSS) Vulnerabilities in RADactive I-Load before 2008.2.5.0 Arbitrary File Read Vulnerability in RADactive I-Load before 2008.2.5.0 Sensitive Information Disclosure in RADactive I-Load before 2008.2.5.0 via WebCoreModule.ashx Cross-Site Scripting (XSS) Vulnerabilities in IBM Lotus Quickr 8.1.0 Services for WebSphere Portal Arbitrary SSL Server Spoofing Vulnerability in Apple Safari Arbitrary SSL Server Spoofing Vulnerability in Google Chrome Information Disclosure Vulnerability in Cisco ACE XML Gateway and ACE Web Application Firewall Unspecified Input Validation Vulnerability in Adobe Reader and Acrobat Heap-based Buffer Overflow in Adobe Reader and Acrobat Versions 7.x, 8.x, and 9.x Unspecified Vector Vulnerability in Adobe Acrobat 9.x, 8.x, and 7.x Bypassing File-Extension Restrictions in Adobe Acrobat 9.x Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat on Unix Remote Code Execution Vulnerability in Adobe Shockwave Player Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Invalid String Length Vulnerability in Adobe Shockwave Player Unspecified Cross-Site Scripting (XSS) Vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 Unspecified Vulnerabilities in Common Desktop Environment (CDE) in Sun Solaris 10 with Trusted Extensions Arbitrary Script Injection in IBM Lotus Connections 2.0.1 Denial of Service Vulnerability in IBM Informix Dynamic Server (IDS) Unspecified Impact and Remote Attack Vectors in IBM DB2 Remote Code Execution Vulnerability in IBM DB2 Versions 8, 9.1, and 9.5 Unauthenticated Remote Attack Vector in IBM DB2 9.1 before FP8 Misuse of KeyDescriptor Use Attribute in OpenSAML and XMLTooling Certificate Spoofing Vulnerability in Internet2 Shibboleth Service Provider Software Buffer Overflow Vulnerability in OpenSAML and XMLTooling Allows Remote Code Execution Blackberry Browser SSL Spoofing Vulnerability Argument Injection Vulnerability in FireFTP Extension 1.0.5 for Firefox Arbitrary Script Injection Vulnerability in Bibliography Module for Drupal SQL Injection Vulnerability in iCRM Basic Component 1.4.2.31 for Joomla! Unauthenticated Remote Access Vulnerability in iCRM Basic Component for Joomla Weak Permissions in TrustPort Antivirus and PC Security Allows Privilege Escalation Heap-based Buffer Overflow in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 Core FTP 2.1 build 1612 Stack-based Buffer Overflow Vulnerability Arbitrary Web Script Injection in Juniper J-Web Interface Multiple Cross-Site Scripting (XSS) Vulnerabilities in Juniper J-Web Interface Multiple Cross-Site Scripting (XSS) Vulnerabilities in Juniper J-Web Interface in JUNOS 8.5R1.14 Arbitrary Script Injection in Drupal Bibliography Module Title Field Insecure Security Descriptor in Adobe Photoshop Elements 8.0 Allows Local Privilege Escalation Arbitrary SSL Server Spoofing Vulnerability in GNU Wget SQL Injection Vulnerability in Kinfusion SportFusion Component for Joomla! Multiple PHP Remote File Inclusion Vulnerabilities in Loggix Project 9.4.5 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Zenas PaoBacheca Guestbook 2.1 Multiple SQL Injection Vulnerabilities in T-HTB Manager 0.5 SQL Injection Vulnerability in Vastal I-Tech DVD Zone's view_mag.php Allows Remote Code Execution Arbitrary Web Script Injection Vulnerability in Vastal I-Tech DVD Zone's view_mag.php SQL Injection Vulnerability in Vastal I-Tech Agent Zone: Remote Code Execution via id Parameter in view_listing.php Arbitrary SQL Command Execution in HBcms 1.7 via SQL Injection in php/update_article_hits.php Arbitrary SQL Command Execution in BPowerHouse BPLawyerCaseDocuments 1.0 via employee.aspx SQL Injection Vulnerabilities in BPowerHouse BPGames 1.0 SQL Injection Vulnerability in BPStudents 1.0: Remote Code Execution via students.php SQL Injection Vulnerability in BPowerHouse BPMusic 1.0: Remote Code Execution via music_id Parameter SQL Injection Vulnerabilities in BPowerHouse BPHolidayLettings 1.0's search.aspx SQL Injection Vulnerability in Alibaba Clone 3.0: Remote Code Execution via offers_buy.php SQL Injection Vulnerability in view_news.php in Vastal I-Tech MMORPG Zone Multiple Cross-Site Scripting (XSS) Vulnerabilities in CMSphp 0.21 Directory Traversal Vulnerability in CMSphp 0.21 modules.php Multiple Directory Traversal Vulnerabilities in MUJE CMS 1.0.4.34 CJ Dynamic Poll PRO 2.0 Cross-Site Scripting (XSS) Vulnerability in admin/admin_index.php SQL Injection Vulnerability in viewListing.php in linkSpheric 0.74 Beta 6 Multiple PHP Remote File Inclusion Vulnerabilities in justVisual 1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in MyWeight 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Pilot Group (PG) eTraining Multiple SQL Injection Vulnerabilities in d.net CMS Directory Traversal Vulnerability in d.net CMS Allows Remote File Inclusion NFSv4 Kerberos Credential Cache Bypass Vulnerability in IBM AIX NFSv4 Access Restriction Bypass Vulnerability in IBM AIX Argument Injection Vulnerability in IBM Installation Manager (IBMIM.exe) Allows Remote Code Execution Memory Leak Vulnerabilities in Solaris IP Module CSRF Vulnerability in Your_account Module of CMSphp 0.21 Allows Password Hijacking Arbitrary Web Script Injection Vulnerabilities in IBM Tivoli Composite Application Manager for WebSphere (ITCAM) 6.1.0 Stack-based Buffer Overflow in aswMon2.sys in avast! Home and Professional for Windows Memory Corruption Vulnerability in avast! Home and Professional for Windows Unspecified Local Vulnerability in avast! Home and Professional for Windows Insecure Password Protection in pyGrub Boot Loader for Xen Race condition vulnerability in Pipe (IPC) close function in FreeBSD 6.3 and 6.4 SQL Injection Vulnerability in MyMsg 1.0.3 Profile.php Allows Remote Code Execution SQL Injection Vulnerability in RadBids Gold 4 index.php Arbitrary Web Script Injection Vulnerability in RadBids Gold 4 Storefront.php Arbitrary SQL Command Execution in Universe CMS 1.0.6 via vnews.php SQL Injection Vulnerability Multiple SQL Injection Vulnerabilities in LogRover Login Screen SQL Injection Vulnerability in MRBS (Meeting Room Booking System) Allows Remote Code Execution LionWiki 3.0.3 Directory Traversal Vulnerability Clear Content 1.1 Image.php Directory Traversal Vulnerability Stack-based buffer overflows in EpicDJSoftware EpicVJ 1.2.8.0 and 1.3.1.2: Remote Code Execution Vulnerability Stack-based buffer overflows in EpicDJSoftware EpicDJ 1.3.9.1: Remote Code Execution Vulnerability Clear Content 1.1 Directory Traversal Vulnerability in thumb.php Cross-Site Scripting (XSS) Vulnerabilities in YourFreeWorld Ultra Classifieds Pro Arbitrary Script Injection in YourFreeWorld Ultra Classifieds Pro via listads.php Arbitrary PHP Code Execution via Remote File Inclusion in PHPGenealogy 2.0 Directory Traversal Vulnerability in LittleSite (LS) 0.1 Allows Remote File Inclusion SQL Injection Vulnerability in Phenotype CMS Login Page Information Disclosure Vulnerability in Xerver HTTP Server 4.32 Denial of Service Vulnerability in DataWizard Technologies FtpXQ FTP Server 3.0 Buffer Overflow Vulnerability in _gdGetColors Function Race conditions in fs/pipe.c in Linux kernel before 2.6.32-rc6 allow for privilege escalation and denial of service Blank Default Password Vulnerability in Apache Tomcat Installer Denial of Service Vulnerability in Paltalk Dissector in Wireshark Denial of Service Vulnerability in Wireshark DCERPC/NT Dissector Denial of Service Vulnerability in Wireshark SMB Dissector Unverified SSL Certificate Vulnerability in RHEV-M VDC 2.2.0 Use-after-free vulnerability in CUPS scheduler allows remote attackers to cause denial of service Sensitive Information Disclosure in Twiddle.log File in Red Hat JBoss EAP Plaintext Injection Vulnerability in TLS and SSL Protocols World-writable permissions for vport_create and vport_delete files in qla2xxx driver on RHEL 5 Vulnerability: Bypassing safe_mode restrictions in PHP's tempnam function Bypassing open_basedir Restrictions via posix_mkfifo Function in PHP Failure to Recognize safe_mode_include_dir Directive in PHP 5.3.x before 5.3.1 Buffer over-read vulnerability in Expat XML parser in libexpat in XML-Twig module for Perl allows denial of service Xerver HTTP Server 4.32 Directory Traversal Vulnerability Arbitrary Script Injection in Xerver HTTP Server 4.32 via currentPath Parameter Denial of Service via Continuous MODE_PRIVATE Error Response Exchange in NTPd Insecure Supplementary Group Handling in Puppet 0.24.6 Cross-Site Scripting (XSS) Vulnerabilities in McAfee IntruShield Network Security Manager (NSM) Missing HTTPOnly Flag in McAfee IntruShield NSM Set-Cookie Header Allows Session Hijacking via XSS Unspecified Cross-Site Scripting (XSS) Vulnerability in Kayako SupportSuite and eSupport 3.60.04 and Earlier Improper Permission Enforcement in Comment RSS Module for Drupal Stack-based Buffer Overflow in OpenOffice.org (OOo) Allows Remote Code Execution CVE-2009-XXXX: Unspecified Remote Vulnerability in OpenOffice.org Unspecified Client-side Vulnerability in OpenOffice.org (OOo) XMM Exception Handling Vulnerability in OpenBSD 4.4, 4.5, and 4.6 Arbitrary File Creation and Overwrite Vulnerabilities in EMC Captiva PixTools Distributed Imaging 2.2 ActiveX Control Buffer Overflow Vulnerability in Tuniac 090517c Buffer Overflow Vulnerability in aria2 0.15.3 and 1.2.0 Remote Code Execution in Autodesk Softimage 7.x and Softimage XSI 6.x via Scene Package Arbitrary Code Execution via MAXScript DOSCommand Method in Autodesk 3D Studio Max Arbitrary Code Execution Vulnerability in Autodesk Maya and Alias Wavefront Maya Arbitrary Script Injection in Mort Bay Jetty CookieDump.java Sample Application CSRF Vulnerability in SQL-Ledger 2.8.24 Allows Password Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in SQL-Ledger 2.8.24 SQL Injection Vulnerabilities in SQL-Ledger 2.8.24 Delete Subroutine Arbitrary File Inclusion Vulnerability in SQL-Ledger 2.8.24 Preferences Menu Insecure Session Cookie Handling in SQL-Ledger 2.8.24 Session Fixation Vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 Buffer overflow vulnerability in CoreHTTP 0.5.3.1 and earlier allows remote attackers to cause denial of service or execute arbitrary code via a long first line in an HTTP request. Arclib Component Remote Code Execution Vulnerability Arclib Component Denial of Service Vulnerability Privilege Escalation via incrontab in incron 0.5.5 SQL Injection Vulnerability in showcat.php in VS PANEL 7.3.6 Remote Denial of Service Vulnerability in Dopewars 1.5.12 via Invalid Location in REQUESTJET Message Cross-Site Scripting (XSS) Vulnerability in Qualiteam X-Cart's customer/home.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Freelancers 1.0 Arbitrary Web Script Injection Vulnerability in BLOB Blog System before 1.2 SQL Injection Vulnerability in results.php in VS PANEL 7.5.5: Remote Code Execution via Cat_ID Parameter Improper Access Control in JoxTechnology Ajox Poll Allows Remote Administrative Access Insufficient Access Control in Digitaldesign CMS 0.1 Allows Remote Database Download Arbitrary Web Script Injection Vulnerability in eCardMAX FormXP 2007 Arbitrary Web Script Injection Vulnerability in HUBScript 1.0 Information Disclosure Vulnerability in HUBScript 1.0 via manage/phpinfo.php Scriptsez Ultimate Poll - Remote Cross-Site Scripting (XSS) Vulnerability in demo_page.php Insecure Signature Verification in Unbound 1.3.4 and Earlier Integer Overflow and Heap-Based Buffer Overflow in Xpdf and Poppler Memory Allocation Vulnerability in Xpdf and Poppler Multiple Integer Overflows in Poppler 0.10.5 and Earlier Heap-based Buffer Overflow in Xpdf and Poppler PDF Libraries Integer Overflow in Poppler's create_surface_from_thumbnail_data Function Integer Overflow in Xpdf and Poppler ObjectStream Function Integer Overflow in ImageStream::ImageStream Function in Xpdf and Poppler Insecure Permissions in Back In Time Snapshot Deletion Incomplete Fix for CVE-2005-4881 Allows Local Users to Access Kernel Memory Denial of Service Vulnerability in Linux Kernel's r8169 Driver Arbitrary File Reading Vulnerability in liboping 1.3.2 Denial of Service Vulnerability in OSCAR Protocol Plugin in Pidgin and Adium Use-after-free vulnerabilities in QEMU VNC server allowing arbitrary code execution Format String Vulnerability in aria2's AbstractCommand::onAbort Function ViewVC 1.0 and 1.1 Cross-Site Scripting (XSS) Vulnerability in viewvc.py Unspecified Remote Code Execution Vulnerability in ViewVC ATI Rage 128 Driver Privilege Escalation Vulnerability Denial of Service Vulnerability in Linux Kernel 2.6.31.4 and Earlier Denial of Service Vulnerability in WordPress wp-trackback.php NULL pointer dereference vulnerability in nfsd4 subsystem allows for denial of service Improper Reference Counting in get_instantiation_keyring Function in Linux Kernel Directory Traversal Vulnerability in Sahana 0.6.2.2 Allows Remote File Inclusion Denial of Service Vulnerability in Perl 5.10.1 via Invalid UTF-8 Codepoint Handling Denial of Service Vulnerability in HTML-Parser's decode_entities Function Information Disclosure Vulnerability in TYPO3 Backend Multiple Cross-Site Scripting (XSS) Vulnerabilities in TYPO3 Backend Subcomponent Frame Hijacking Vulnerability in TYPO3 Backend Arbitrary Command Execution in TYPO3 Backend with DAM Extension or FTP Upload SQL Injection Vulnerability in TYPO3 Frontend Editing Subcomponent Arbitrary Web Script Injection Vulnerability in TYPO3 4.x Arbitrary Web Script Injection in TYPO3 Frontend Login Box (felogin) Subcomponent Remote Access Vulnerability in TYPO3 Install Tool Unspecified Cross-Site Scripting (XSS) Vulnerability in TYPO3 Install Tool Stack-based Buffer Overflow in Red Planet Arena Alien Arena 7.30 Integer Overflow in KVM Subsystem Allows Local Users to Have Unspecified Impact Bypassing Client-Hostname Restrictions in ProFTPD Mod_TLS NULL pointer dereference vulnerability in KVM subsystem allows for denial of service or privilege escalation Denial of Service Vulnerability in Snort before 2.8.5.1 with Enabled -v Option SQL Injection Vulnerabilities in FrontRange HEAT 8.01 Call Logging Feature Denial of Service Vulnerability in Dxmsoft XM Easy Personal FTP Server 5.8.0 Arbitrary SQL Command Execution in Soundset Component 1.0 for Joomla! Arbitrary SQL Command Execution in JoomlaCache CB Resume Builder Component Information Disclosure Vulnerability in InterVations NaviCOPA Web Server 3.01 Arbitrary Web Script Injection in YABSoft Mega File Hosting Script (MFHS) 1.2 via emaullinks.php Arbitrary Script Injection in Service Links Drupal Module Arbitrary Web Script Injection Vulnerability in Power Bulletin Board (PBBoard) 2.0.2 and Earlier Arbitrary Web Script Injection Vulnerability in Dex Drupal Module Arbitrary Web Script Injection via User-Agent Header in Browscap Drupal Module Cross-site scripting (XSS) vulnerability in Organic Groups (OG) module for Drupal Arbitrary Script Injection in XML Sitemap Drupal Module Unspecified Remote Directory Creation Vulnerability in Boost for Drupal Denial of Service Vulnerability in Rhino Software Serv-U FTP Server CSRF Vulnerability in Shared Sign-On Module for Drupal Session Fixation Vulnerability in Shared Sign-On Module for Drupal Use-after-free vulnerability in AOL 9.5.0.1 ActiveX control (sb.dll) allows remote code execution SQL Injection Vulnerability in BS Counter 2.5.3: Remote Code Execution via stats.php Remote File Inclusion Vulnerability in Efront 3.5.4 and Earlier with Enabled Register_Globals SQL Injection Vulnerabilities in DJ-Catalog Component for Joomla! Denial of Service Vulnerability in FileCopa FTP Server 5.01 Format String Vulnerability in h_readrequest function in httpdx Web Server 1.4 Nullam Blog 0.1.2 - Multiple Directory Traversal Vulnerabilities in index.php Multiple SQL Injection Vulnerabilities in Nullam Blog 0.1.2 Arbitrary Web Script Injection in Nullam Blog 0.1.2 via XSS Vulnerability SQL Injection Vulnerability in AdsDX 3.05: Remote Code Execution via Username Ardguest 1.8 - Cross-Site Scripting (XSS) Vulnerability in ardguest.php Arbitrary SQL Command Execution in Foobla Suggestions Component 1.5.11 for Joomla! Stack-based Buffer Overflow in KSP Sound Player 2009 R2 and R2.1 via Long String in .m3u Playlist File Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 8 HTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer 6 and 7 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 7 and 8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 8 LSASS.exe Resource Exhaustion Vulnerability SMB Client Incomplete Response Vulnerability MS-CHAP Authentication Bypass Vulnerability Canonical Display Driver Integer Overflow Vulnerability Integer Overflow and Stack-based Buffer Overflow in setnet32.exe Privilege Escalation Vulnerability in VBoxNetAdpCtl Configuration Tool Directory Traversal Vulnerability in Persits.XUpload.2 ActiveX Control (XUpload.ocx) in HP LoadRunner 9.5 Arbitrary File Inclusion Vulnerability in ezRecipe-Zee 91 Algorithmic Complexity Denial of Service Vulnerability in Django Forms Library Arbitrary Web Script Injection Vulnerability in phpMyAdmin Arbitrary SQL Command Execution in phpMyAdmin PDF Schema Generator Denial of Service Vulnerability in Dalvik API in Android 1.5 and Earlier Stack-based Buffer Overflow in IBM AIX and VIOS Calendar Daemon Library Buffer Overflow Vulnerability in squidGuard 1.3 and 1.4 Allows Remote DoS Multiple Cross-Site Scripting (XSS) Vulnerabilities in Horde Application Framework and Groupware Multiple Absolute Path Traversal Vulnerabilities in PHP-Calendar 1.1 Multiple SQL Injection Vulnerabilities in WP-Forum Plugin for WordPress (Versions before 2.4) Denial of Service Vulnerability in ZoIPer 2.22 and Earlier Versions Remote File Inclusion Vulnerability in Achievo Debugger.php Privilege Bypass Vulnerability in ZFS Filesystem on Solaris VMware Authentication Daemon 1.0 Denial of Service Vulnerability Stack-based Buffer Overflow in Konae Technologies Alleycode HTML Editor 2.21 Title: User-Assisted Remote Code Execution via Stack-Based Buffer Overflow in Alleycode HTML Editor 2.21 Undocumented Hard-Coded SSH Tunnel Credentials in RioRey RIOS 4.6.6 and 4.7.0 Stack-based Buffer Overflow in h_handlepeer function in httpdx 1.4 and possibly 1.4.3 Multiple SQL Injection Vulnerabilities in Ebay Clone 2009 Arbitrary SQL Command Execution in MorcegoCMS 1.7.6 and Earlier Arbitrary Web Script Injection in MCshoutbox 1.1 admin_login.php SQL Injection Vulnerabilities in MCshoutbox 1.1: Remote Code Execution via Username and Password Parameters Unrestricted File Upload Vulnerability in MCshoutbox 1.1 Allows Remote Code Execution LucVil PatPlayer 3.9 Heap-Based Buffer Overflow Vulnerability SQL Injection Vulnerability in Battle Blog 1.25 and 1.30 Build 2: Remote Code Execution via UserName Parameter Arbitrary Web Script Injection Vulnerability in Battle Blog 1.25 and 1.30 build 2 Buffer Over-read Vulnerability in Expat XML Parsing Library Multiple Directory Traversal and Buffer Overflow Vulnerabilities in yTNEF and Evolution's TNEF Parser Improper Verification of Current Privilege Level in KVM Subsystem Allows Denial of Service Asterisk Vulnerability: Unauthorized Calls on Prohibited Networks Multiple Cross-Site Scripting (XSS) Vulnerabilities in python-markdown2 Privilege Escalation Vulnerability in Linux Kernel Subsystems NFSv4 Client NULL Pointer Dereference and Panic Vulnerability Username Enumeration Vulnerability in Asterisk Open Source, Business Edition, AsteriskNOW, and s800i Directory Traversal Vulnerability in ICC_Profile.getInstance Method in Java Runtime Environment (JRE) Denial of Service Vulnerability in Sun Java SE 5.0 and 6.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Rational RequisitePro 7.1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in VMware Products Arbitrary Code Execution Vulnerability in VMware Remote Console (VMrc) VMware Server and ESXi Directory Traversal Vulnerability Denial of Service Vulnerability in S2 Security Linear eMerge Access Control System 2.5.x Arbitrary Code Execution via Unverified Archive in PandaActiveScan Installer 2.0 Local Privilege Escalation via Trojan Horse .la File Memory Initialization Vulnerability in Oracle Siebel Option Pack for IE ActiveX Control Unspecified Remote Access and Denial of Service Vulnerabilities in Rockwell Automation AB Micrologix 1100 and 1400 Controllers Arbitrary Script Injection in Liferay Portal (CVE-2009-2445) Heap-based buffer overflow vulnerability in Ghostscript's TrueType bytecode interpreter Denial of Service Vulnerability in rep_serv.exe 6.3.1.3 Arbitrary Web Script Injection in IBM Rational AppScan Enterprise Edition 5.5.0.2 Help Pages XScreenSaver Vulnerability: Information Disclosure via Popup Windows Arbitrary Script Injection in TBmnetCMS 1.0 via index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Websense Personal Email Manager and Email Security Denial of Service Vulnerability in Websense Personal Email Manager and Email Security SQL Injection Vulnerability in ToyLog 0.1 read.php Allows Remote Code Execution Opial 1.0 home.php Cross-Site Scripting (XSS) Vulnerability Opial 1.0 home.php SQL Injection Vulnerability Opial 1.0 Unrestricted File Upload Vulnerability Multiple SQL Injection Vulnerabilities in phpBMS 0.96 Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpBMS 0.96 Information Disclosure in phpBMS 0.96 via Direct Requests Multiple Cross-Site Scripting (XSS) Vulnerabilities in Citrix XenCenterWeb SQL Injection Vulnerability in login.php in XenServer Resource Kit Cross-Site Request Forgery (CSRF) Vulnerabilities in Citrix XenCenterWeb Static Code Injection Vulnerability in XenServer Resource Kit's XenCenterWeb Unspecified Remote Integrity Vulnerability in Oracle OpenSSO Enterprise 8.0 Unspecified Remote Integrity Vulnerability in Oracle OpenSSO Enterprise Unspecified Remote Integrity Vulnerability in Oracle OpenSSO Enterprise 8.0 Arbitrary SSL Server Spoofing via Crafted Certificate in Mutt 1.5.19 and 1.5.20 SSL Server Spoofing Vulnerability in Mutt 1.5.16 and Earlier Versions OpenLDAP TLS Certificate Spoofing Vulnerability Arbitrary SQL Command Execution in Moodle Course List 6.x before 6.x-1.2 Arbitrary Web Script Injection in vCard Drupal Module Unspecified Cross-Site Scripting (XSS) Vulnerability in Abuse Module for Drupal FileField Module in Drupal Allows Unauthorized File Access Unspecified Userpoints Vulnerability Allows Unauthorized Userpoint Data Access Unspecified Cross-Site Scripting (XSS) Vulnerability in Simplenews Statistics Drupal Module Open Redirect Vulnerability in Simplenews Statistics Module for Drupal Cross-Site Request Forgery (CSRF) Vulnerabilities in Simplenews Statistics Drupal Module Arbitrary Web Script Injection in Organic Groups (OG) Vocabulary Module for Drupal Directory Traversal Vulnerability in Vivvo CMS 4.1.5.1 SQL Injection Vulnerability in OpenDocMan 1.2.5: Remote Code Execution via frmuser Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in OpenDocMan 1.2.5 Heap-based Buffer Overflow in FormMax Evaluation 3.5 via Crafted FormMax Import File Unspecified Denial of Service Vulnerability in Adobe Flash Media Server (FMS) Arbitrary DLL File Loading Vulnerability in Adobe Flash Media Server (FMS) Unspecified vulnerability in Adobe Flash Player and Adobe AIR allows for denial of service or arbitrary code execution Adobe Flash Player and Adobe AIR Heap-based Buffer Overflow Vulnerability Data Injection Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution Vulnerability in Adobe Flash Player and Adobe AIR Integer Overflow in Adobe Flash Player and Adobe AIR Allows Remote Code Execution Unspecified Vulnerabilities in Adobe Flash Player and Adobe AIR SQL Injection Vulnerability in OpenDocMan 1.2.5: Remote Code Execution via frmpass Parameter Information Disclosure Vulnerability in Amiro.CMS 5.4.0.0 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Amiro.CMS 5.4.0.0 and Earlier SQL Injection Vulnerabilities in RunCMS 2M1 Modules/Forum/Post.php Denial of Service Vulnerability in Gpg4win 2.0.1 SQL Injection Vulnerability in feedback_js.php in DedeCMS 5.1 MixVibes 7.043 Pro Stack-Based Buffer Overflow Vulnerability Denial of Service and Arbitrary Code Execution Vulnerability in MixSense DJ Studio 1.0.0.1 Denial of Service Vulnerability in Acoustica MP3 Audio Mixer 1.0 and 2.471 Acoustica MP3 Audio Mixer 2.471 Heap-Based Buffer Overflow Vulnerability Music Tag Editor 1.61 build 212 Stack-based Buffer Overflow Vulnerability Heap-based Buffer Overflow in OtsAV DJ, Radio, TV, and Free Versions Allows Remote Code Execution via Long Playlist SQL Injection Vulnerabilities in RunCMS 2M1: Remote Code Execution Static Code Injection Vulnerability in RunCMS 2M1: Remote Execution of Arbitrary PHP Code Sensitive Information Disclosure in RunCMS 2M1 via Error Messages IBM Lotus Connections 2.5.0.0 Mobile Subsystem Activities Pages Cross-Site Scripting (XSS) Vulnerabilities PHP Remote File Inclusion Vulnerability in BookLibrary Component 1.0 for Joomla! Unspecified Vulnerability in freeCap CAPTCHA Extension for TYPO3 Arbitrary Command Execution Vulnerability in Random Images Extension for TYPO3 Arbitrary SQL Command Execution in Flagbit Filebase Extension for TYPO3 Arbitrary Code Injection through Apache Solr Search Extension in TYPO3 Remote File Inclusion Vulnerability in Fiji Web Design Ajax Chat Component for Joomla! Directory Traversal Vulnerability in Mobilelib GOLD 3.0 Allows Remote File Read Arbitrary File Inclusion Vulnerability in Greenwood PHP Content Manager 0.3.2 Directory Traversal Vulnerabilities in GenCMS 2006: Remote File Inclusion and Execution Buffer Overflow Vulnerabilities in squidGuard 1.4 Allow URL Bypass Remote Authentication Bypass Vulnerability in Everfocus EDR1600 DVR Unsigned Integer Wrap Vulnerability in Wireshark's wiretap/erf.c ASP.NET Source Code Disclosure in Team Services in Microsoft Office SharePoint Server 2007 Arbitrary Code Execution and Denial of Service Vulnerability in Opera before 10.01 Address Field Spoofing Vulnerability in Opera on Windows Arbitrary Web Script Injection Vulnerability in TFTgallery 0.13 SQL Injection Vulnerability in Photoblog Component for Joomla! JShop Component for Joomla! SQL Injection Vulnerability Denial of Service Vulnerability in Aruba Mobility Controller Eureka Email 2.2q Remote Code Execution Vulnerability Stack-based Buffer Overflow in Pegasus Mail (PMail) 4.41 and 4.51 via Long Error Message Solaris Trusted Extensions Policy Configuration Remote Code Execution Vulnerability Denial of Service Vulnerability in HP OpenView Network Node Manager (OV NNM) Unspecified Remote Code Execution Vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) Unspecified Remote Access and Denial of Service Vulnerability in HP Color LaserJet Printers Unrestricted File Upload Vulnerability in HP Operations Manager 8.10 on Windows Remote Code Execution Vulnerability in HP OpenView Data Protector Application Recovery Manager Arbitrary Command Execution in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Heap-based Buffer Overflow Vulnerabilities in HP OpenView Network Node Manager (OV NNM) Unspecified Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Stack-based Buffer Overflow Vulnerabilities in HP OpenView Network Node Manager (OV NNM) Arbitrary Code Execution Vulnerability in Blender 2.34, 2.35a, 2.40, and 2.49b Vulnerability in Trusted Extensions of Sun Solaris 10 Allows Unauthorized Access to Unattended Workstations Unspecified XML Vulnerability in IBM Runtimes for Java Technology 5.0.0 before SR10 Stack-based buffer overflow vulnerability in IBM Tivoli Storage Manager (TSM) Client Acceptor Daemon (CAD) Scheduler Buffer Overflow Vulnerability in IBM Tivoli Storage Manager Client Scheduler Unspecified File Manipulation Vulnerabilities in IBM Tivoli Storage Manager Cross-site scripting (XSS) vulnerability in Twilight CMS before 4.1 via calendar parameter in news/ URI Softonic International SciTE 1.72 Buffer Overflow Vulnerability GejoSoft Cross-Site Scripting (XSS) Vulnerability in photos/tags Buffer Overflow Vulnerability in eEye Retina WiFi Scanner 1.0.8.68 Arbitrary File Creation and Overwrite Vulnerabilities in Idefense Labs COMRaider Stack-based Buffer Overflow in SafeNet SoftRemote: Arbitrary Code Execution Denial of Service Vulnerability in Novell eDirectory Buffer Overflow in Novell Groupwise Client 7.0.3.1294 ActiveX Control (gxmim1.dll) via SetFontFace Method Argument Java Update Functionality in Sun Java SE: Vulnerability in Non-English Windows Versions Arbitrary Command Execution Vulnerability in Java Deployment Toolkit Plugin Arbitrary Code Execution via Java Web Start Installer in Sun Java SE (Bug Id 6872824) Stack-based buffer overflow in HsbParser.getSoundBank function in Sun Java SE allows remote code execution via long file: URL in argument Privilege escalation vulnerability in Sun Java SE Stack-based Buffer Overflow in setDiffICM Function in Java Runtime Environment (JRE) Heap-based Buffer Overflow in setBytePixels Function in Java AWT (Bug Id 6872358) JPEG JFIF Decoder Privilege Escalation Vulnerability JPEG Image Writer Privilege Escalation Vulnerability JPEGImageReader Integer Overflow Vulnerability Timing Attack Vulnerability in MessageDigest.isEqual Function in Java Runtime Environment Denial of Service Vulnerability in Sun Java SE (CVE-2009-3867) Denial of Service Vulnerability in Sun Java SE via Crafted HTTP Headers (Bug Id 6864911) CVE-2009-XXXX: Buffer Overflow Vulnerability in Sun Java System Web Server 7.0 Update 6 Unspecified Vulnerabilities in X11 and Win32GraphicsDevice Subsystems in Sun Java SE and OpenJDK Improper Object Restriction in AWT Allows Information Disclosure (Bug Id 6664512) Privilege Escalation via Resurrected ClassLoader in Sun Java SE and OpenJDK Unspecified Vulnerabilities in Swing Implementation in Java SE 5.0 and 6.0 Unspecified Vulnerabilities in Windows Pluggable Look and Feel (PL&F) Feature in Java SE Information Disclosure Vulnerability in TimeZone.getTimeZone Method Denial of Service Vulnerability in Sun Java SE 5.0 and 6.0 on Windows Unspecified Impact and Attack Vectors in Java Web Start Implementation (Bug Id 6870531) Directory Traversal Vulnerability in ytnef Denial of Service Vulnerability in Linux Kernel's do_mmap_pgoff Function World-writable permissions on dbg_lvl file in megaraid_sas driver in Linux kernel before 2.6.27 allows unauthorized modification of driver behavior and logging level Unrestricted File Upload Vulnerability in WordPress 2.8.6 Arbitrary Script Injection in WordPress Press This Plugin Arbitrary Web Script Injection in Best Practical Solutions RT Untrusted Search Path Vulnerabilities in dstat before 0.7.0 Heap-based Buffer Overflow in libexif's exif_entry_fix Function NULL pointer dereference and worker process crash vulnerability in nginx (aka Engine X) Insecure Directory Permissions in Dovecot 1.2.x Directory Traversal Vulnerability in Nginx WebDAV Module Memory Leak Vulnerability in Sockets Direct Protocol (SDP) Driver in Sun Solaris 10 and OpenSolaris Remote Code Execution Vulnerability in IBM PowerHA Cluster Management Component Multiple Cross-Site Scripting (XSS) Vulnerabilities in e-Courier CMS Cherokee Web Server 0.5.4 Directory Traversal Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in ManageEngine Netflow Analyzer 7.5 Build 7500 Improper Access Control in CubeCart 4.3.4 Allows Remote Administrative Access Multiple Cross-Site Scripting (XSS) Vulnerabilities in e-Courier CMS Arbitrary Code Execution via Crafted PSD File in GIMP 2.6.7 Arbitrary Web Script Injection in TFTgallery 0.13 via settings.php Arbitrary File Read Vulnerability in TFTgallery 0.13 Xerox Fiery Webtools summary.php SQL Injection Vulnerability Arbitrary Script Injection in Temporary Invitation Module for Drupal Arbitrary Web Script Injection in Link Module's Separate title and URL Formatter Arbitrary Web Script Injection Vulnerability in Node Hierarchy Module for Drupal Arbitrary Script Injection in S5 Presentation Player Module for Drupal Arbitrary Web Script Injection Vulnerability in Zoomify Drupal Module Arbitrary Web Script Injection Vulnerability in NGP COO/CWP Integration Module for Drupal Uncontrolled Access to Log Information in NGP COO/CWP Integration Module for Drupal Information Disclosure Vulnerability in Smartqueue_og Module for Drupal Cross-Site Request Forgery (CSRF) Vulnerabilities in User Protect Module for Drupal Unauthenticated Access Vulnerability in Sun Virtual Desktop Infrastructure (VDI) 3.0 Buffer Overflow Vulnerability in pbsv.dll Allows Remote Code Execution Integer overflows in Christos Zoulas file before 5.02 leading to buffer overflow via malformed compound document (CDF) file Incomplete Blacklist Vulnerability in Google Chrome Allows Remote File Execution Gears Plugin in Google Chrome Remote Code Execution Vulnerability Denial of Service Vulnerability in WebKit's setInterval Method Denial of Service Vulnerability in WebFrameLoaderClient::dispatchDidChangeLocationWithinPage Function in Google Chrome Unspecified Vulnerabilities in IBM BladeCenter T Advanced Management Module Firmware SSL/TLS Server Impersonation Vulnerability in Citrix Online Plug-in and Receiver Memory Leak in Solaris TCP Sockets Allows Local Denial of Service Buffer Overflow in ABWOutputDev::endWord Function in Poppler World-writable permissions on poll_mode_io file in megaraid_sas driver in Linux kernel 2.6.31.6 and earlier allows unauthorized I/O mode changes Denial of Service Vulnerability in Sun xVM VirtualBox and Sun VirtualBox Arbitrary SSL Server Spoofing Vulnerability in mpop before 1.0.19 Arbitrary SSL Server Spoofing Vulnerability in msmtp Denial of Service Vulnerability in Microsoft Internet Explorer 6 and 7 Denial of Service Vulnerability in RIM BlackBerry Browser on BlackBerry 8800 Arbitrary Article Replacement Vulnerability in Joomla! Front-End Editor Information Disclosure Vulnerability in Joomla! Extension XML File Buffer Overflow Vulnerability in Tandberg MXP F7.0 FTP Service Denial of Service Vulnerability in JetAudio 7.5.3 COWON Media Center Unauthenticated Account Creation Vulnerability in VivaPrograms Infinity 2.0.5 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Bractus SunTrack Unspecified File Disclosure Vulnerability in Adobe Flash Player ActiveX Control Arbitrary Code Execution Vulnerability in Adobe Illustrator CS3 and CS4 Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat U3D Implementation Adobe Reader and Acrobat 3D DLL-Loading Vulnerability Integer Sign Extension Vulnerability in Adobe Reader and Acrobat Unsecured Default Configuration of Adobe Reader and Acrobat Allows Cross-Site Scripting (XSS) Vulnerability NULL Pointer Dereference Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Stack-based buffer overflows in Adobe Reader and Acrobat Download Manager ActiveX Control Integer Overflow Vulnerability in Adobe Reader and Acrobat XML External Entity (XXE) Injection Vulnerability in BlazeDS and Related Adobe Products SQL Injection Vulnerability in Super Serious Stats (superseriousstats) User.php Denial of Service Vulnerability in 2wire Gateway Devices Unspecified Vulnerabilities in XOOPS before 2.4.0 Final Arbitrary SQL Command Execution in NinjaMonials Component 1.1.0 for Joomla! SQL Injection Vulnerability in rating.php in New 5 Star Rating 1.0 Authentication Bypass Vulnerability in Arcade Trade Script 1.0 SQL Injection Vulnerability in browse.php in Ed Charkow SuperCharged Linking Multiple SQL Injection Vulnerabilities in ITechBids 8.0 Stack-based Buffer Overflow in Faslo Player 7.0 via Long String in .m3u Playlist File SQL Injection Vulnerability in PHP Dir Submit's index.php SQL Injection Vulnerability in jTips Component for Joomla! SQL Injection Vulnerability in Q-Proje Siirler Bileseni (com_siirler) Component 1.2 RC for Joomla! SQL Injection Vulnerability in Turnkey Arcade Script's index.php SQL Injection Vulnerabilities in Invision Power Board (IPB or IP.Board) 3.0.0, 3.0.1, and 3.0.2 SQL Injection Vulnerability in Moa Gallery 1.1.0 and 1.2.0: Remote Code Execution via gallery_id Parameter Buffer Overflow in Labtam ProFTP 2.9: Remote Code Execution and Denial of Service Vulnerability Buffer Overflow Vulnerabilities in HP OpenView Network Node Manager (OV NNM) 7.53 ActiveX Control Denial of Service Vulnerability in nsGIFDecoder2::GifWrite Function in Mozilla Firefox Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, SeaMonkey, and Thunderbird Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, SeaMonkey, and Thunderbird Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, SeaMonkey, and Thunderbird Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, SeaMonkey, and Thunderbird NTLM Credential Replay Vulnerability in Mozilla Firefox and SeaMonkey SSL Indicator Spoofing Vulnerability Remote Content Spoofing Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary JavaScript Execution with Chrome Privileges in Mozilla Firefox and SeaMonkey Information Disclosure Vulnerability in GeckoActiveXObject Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and SeaMonkey Unrestricted Access to Files and Directories in Bugzilla Stack-based Buffer Overflow in GetUID Function in DevIL 1.7.8 Allows Remote Code Execution via Crafted DICOM File Heap-based Buffer Overflow Vulnerabilities in Winamp and libmikmod Heap-based Buffer Overflow in IN_MOD.DLL and libmikmod 3.1.12 Allows Remote Code Execution Heap-based Buffer Overflow in Winamp IN_MOD.DLL Plug-in HP Power Manager goform/formExportDataLogs Stack-based Buffer Overflow Vulnerability Arbitrary File Overwrite and Code Execution Vulnerability in HP Power Manager Arbitrary Code Execution via Integer Overflow in XnView Adobe Shockwave Player Heap-Based Buffer Overflow Vulnerability Multiple Integer Overflows in Adobe Shockwave Player: Remote Code Execution Vulnerabilities Buffer Overflow in KVM Subsystem Allows Privilege Escalation via KVM_X86_SETUP_MCE IOCTL Request Buffer Under-read Vulnerability in Linux Kernel's collect_rx_frame Function Stack-based Buffer Overflow in RhinoSoft Serv-U FTP Server 7.0.0.1 and 9.0.0.5 Denial of Service Vulnerability in OpenTTD's NormaliseTrainConsist Function Denial of Service Vulnerability in Unbound DNS Server Buffer Overflow Vulnerability in PowerDNS Recursor DNS Spoofing Vulnerability in PowerDNS Recursor Race Condition Vulnerability in dtc-xen 0.5.x before 0.5.4 Allows Unauthorized Bash Access and VPS Console Reuse Heap-based Buffer Overflow Vulnerabilities in LibThai Directory Traversal Vulnerabilities in Lintian: Arbitrary File Overwrite and Information Disclosure Multiple Format String Vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 Remote Code Execution via Shell Metacharacters in Lintian Filename Arguments Integer Underflow Vulnerability in IRC Daemons Unrestricted Temporary File Creation in PHP Multipart/Form-Data Handling Arbitrary Environment Execution Vulnerability in PHP's proc_open Function Denial of Service Vulnerability in MySQL 5.0.x and 5.1.x Stack-based Buffer Overflow in Linux Kernel 2.6.32 HFS Subsystem Denial of Service Vulnerability in Linux Kernel's fuse_direct_io Function DNS Cache Poisoning Vulnerability in ISC BIND 9.x through 9.7.0b3 with DNSSEC Validation Enabled and Checking Disabled (CD) Argument Injection Vulnerability in Mail::Send Method of PEAR Mail Package Ping.php Argument Injection Vulnerability Argument Injection Vulnerability in Net_Traceroute Package Denial of Service Vulnerability in Linux Kernel's mac80211 Subsystem Race condition vulnerability in mac80211 subsystem in Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause denial of service Arbitrary SSL-based MySQL Server Spoofing Vulnerability Insecure Permissions Vulnerability in GNU Automake Incomplete Fix for Symlink Vulnerability in MySQL 5.1.x Denial of Service Vulnerability in KVM Subsystem of Linux Kernel Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cacti 0.8.7e Insufficient Arguments in Red Hat Patch for acpid 1.0.4: Local Privilege Escalation and Denial of Service Vulnerability X.509 Certificate Spoofing Vulnerability in PostgreSQL Buffer Overflow Vulnerability in FoFiType1::parse Function Multiple SQL Injection Vulnerabilities in FrontAccounting (FA) Versions Before 2.1.7 and 2.2.x Cross-Site Scripting (XSS) Vulnerabilities in NCH Software Axon Virtual PBX 2.10 and 2.11 Piwigo XSS Vulnerability in Version 2.0.5 and Earlier Arbitrary Web Script Injection Vulnerability in phpMyFAQ Denial of Service Vulnerability in UseBB 1.0.9 RootCandy theme 6.x-1.5 for Drupal Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection Vulnerability in AddToAny Module for Drupal Uncontrolled Access to Web Services API in Drupal 6.x Multiple SQL Injection Vulnerabilities in FrontAccounting (FA) Before 2.1.7 Multiple SQL Injection Vulnerabilities in FrontAccounting (FA) 2.2.x before 2.2 RC Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHD Help Desk 1.43 Denial of Service Vulnerability in Dxmsoft XM Easy Personal FTP Server 5.8.0 Heap-based Buffer Overflow in aswRdr.sys: Local Denial of Service and Possible Privilege Escalation Directory Traversal Vulnerability in phpMyBackupPro 2.1's get_file.php Denial of Service Vulnerability in Home FTP Server 1.10.1.139 Cross-Site Scripting (XSS) Vulnerabilities in IBM Rational Application Developer and Rational Software Architect Directory Traversal Vulnerabilities in Home FTP Server 1.10.1.139 Denial of Service vulnerability in Asterisk Open Source and s800i Arbitrary File Inclusion Vulnerability in Betsy CMS 3.5 Arbitrary SQL Command Execution Vulnerability in inertialFATE iF Portfolio Nexus Component 1.1 for Joomla! SQL Injection Vulnerability in allauctions.php in Telebid Auction Script SQL Injection Vulnerability in JoomClip Component for Joomla! Arbitrary SQL Command Execution in CubeCart before 4.3.7 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Drupal Agreement Module 6.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in Printfriendly Module for Drupal Arbitrary Web Script Injection Vulnerability in Subgroups for Organic Groups (OG) Module for Drupal Arbitrary Web Script Injection Vulnerability in Gallery Assist Module for Drupal Cross-site scripting (XSS) vulnerability in Strongarm module for Drupal allows remote code injection via overridden variables. Cross-Site Request Forgery (CSRF) Vulnerabilities in PHPList Integration Module for Drupal Buffer Overflow Vulnerability in Auerswald Linux USB Driver Multiple Cross-Site Scripting (XSS) Vulnerabilities in GForge 4.5.14 and 4.7.3 GForge SQL Injection Vulnerability Cross-Site Scripting (XSS) Vulnerability in Opera before 10.10 Unspecified Vulnerability in Opera Before 10.10 with Unknown Impact and Attack Vectors Information Disclosure Vulnerability in Microsoft Internet Explorer 8 Printing Functionality XSS Filter Script Handling Vulnerability in Microsoft Internet Explorer 8 Denial of Service Vulnerability in SSHD Timeout Mechanism in Solaris 10 and OpenSolaris Cross-Site Request Forgery (CSRF) Vulnerability in Roundcube Webmail 0.2.2 and Earlier Cross-Site Request Forgery (CSRF) Vulnerability in Roundcube Webmail 0.2.2 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Redmine 0.8.5 and Earlier CSRF Vulnerability in Redmine 0.8.5 and Earlier Allows Remote Ticket Deletion Unspecified Denial of Service Vulnerabilities in ldap_cachemgr Untrusted Search Path Vulnerability in dstat before r3199 Remote File Inclusion Vulnerability in Outreach Project Tool (OPT) 1.2.7 and Earlier: Arbitrary PHP Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in e107 0.7.16 and Earlier SQL Injection Vulnerability in e107 0.7.16 and Earlier: Remote Code Execution via Search Feature PHP Remote File Inclusion Vulnerability in PHP Traverser 0.8.0 CRLF Injection Vulnerability in Xerver HTTP Server 4.31 and 4.32 Arbitrary Web Script Injection Vulnerability in telepark.wiki 2.4.23 and Earlier Multiple Directory Traversal and Local File Inclusion Vulnerabilities in telepark.wiki 2.4.23 and Earlier Arbitrary Page and Comment Deletion Vulnerability in telepark.wiki 2.4.23 and Earlier Arbitrary Code Execution via Unrestricted File Upload in telepark.wiki 2.4.23 and Earlier Improper Access Restrictions in Simplog 0.9.3.2 Allows Remote Comment Manipulation CSRF Vulnerability in Simplog 0.9.3.2 Allows Password Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in Simplog 0.9.3.2 comments.php Arbitrary PHP Code Execution via Remote File Inclusion in D4J eZine Component 2.1 for Joomla! Authentication Bypass Vulnerability in myPhile 1.2.1 Insufficient Access Control in RADIO istek script 2.5 Allows Unauthorized Access to User Credentials Stack-based Buffer Overflow in MplayInputFile Function in Serenity Audio Player 3.2.3 and Earlier Arbitrary Code Execution via Unrestricted File Upload in OpenX Adserver SQL Injection Vulnerability in Google Calendar GCalendar Component for Joomla! Yoono Extension for Firefox before 6.1.1 - Remote Code Execution and Cross-Domain Scripting Vulnerability Arbitrary Command Execution and Cross-Domain Scripting Vulnerability in infoRSS Firefox Extension Arbitrary Command Execution and Cross-Domain Scripting Vulnerability in Sage Firefox Extension Buffer Overflow Vulnerability in Robo-FTP 3.6.17 and Possibly Other Versions Arbitrary SQL Command Execution Vulnerability in LyftenBloggie Component 1.0.4 for Joomla! Denial of Service Vulnerability in TYPSoft FTP Server 1.10 Arbitrary PHP Code Execution via Unrestricted File Upload in Agoko CMS 0.4 and Earlier Buffer Overflow Vulnerability in Invisible Browsing 5.0.52 via Crafted .ibkey File Denial of Service Vulnerability in XM Easy Personal FTP Server 5.8.0 Unauthenticated Access to Version Information in DotNetNuke Install Wizard Arbitrary Script Injection in DotNetNuke Search Functionality Argument Injection Vulnerability in Mail Package for PEAR Arbitrary Command Execution Vulnerability in Cacti 0.8.7e and Earlier Arbitrary PHP Code Injection in CuteNews Categories Module Memory Corruption Vulnerability in Kaspersky Anti-Virus 2010 9.0.0.463 Arbitrary PHP Code Injection Vulnerabilities in CutePHP CuteNews 1.4.6 Categories Module Arbitrary File Read and Code Execution Vulnerabilities in CutePHP CuteNews 1.4.6 Stack-based buffer overflows in pdf_shade4.c in MuPDF before commit 20091125231942 allow remote attackers to execute arbitrary code and cause a denial of service. Denial of Service Vulnerability in Cisco VPN Client for Windows Arbitrary Web Script Injection Vulnerability in Feed Element Mapper Module for Drupal Cross-Site Request Forgery (CSRF) Vulnerabilities in Quick.Cart 3.4 Cross-Site Request Forgery (CSRF) Vulnerabilities in Quick.CMS 2.4 and Quick.CMS.Lite 2.4 SSL Certificate Validation Vulnerability in jruby-openssl gem Heap-based Buffer Overflow in Ruby String Justification Functions Unspecified User-Assisted Remote Code Execution Vulnerability in Wikipedia Toolbar Extension Vulnerability: Weak Password Comparison in GRUB 2 1.97 Race condition in Mozilla Firefox allows remote attackers to spoof domain association in JavaScript messages MakeScriptDialogTitle function in Mozilla Firefox allows remote attackers to spoof origin domain name via long name Arbitrary File Overwrite Vulnerability in Linux Kernel's EXT4 Filesystem Arbitrary User Privilege Escalation in Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0 Buffer Underflow Vulnerability in Python 2.5 RGB Image Processing Module Privilege Escalation via Symlink Attack in GNU Coreutils Privilege Escalation via Crafted Index Functions in PostgreSQL Arbitrary Code Execution via Unvalidated Cookie Strings in Piwik Denial of Service Vulnerability in Linux Kernel Firewire Driver CSRF Vulnerability in Spacewalk Java Site Packages Allows Unauthorized Account Manipulation Unrestricted File Upload Vulnerability in Open Flash Chart v2 Beta 1 through v2 Lug Wyrm Charmer Linux Kernel Use-After-Free Vulnerability in fasync_helper Function Cross-Site Scripting (XSS) Vulnerability in PHP htmlspecialchars Function Unspecified Impact and Attack Vectors in PHP Session Handling Vulnerability: NetworkManager 0.7.2 CA Certificate File Spoofing Sensitive Information Disclosure via D-Bus Signals in nm-connection-editor Privilege Escalation via LD_PRELOAD Environment Variable in FreeBSD Unprivileged Local Users Privilege Escalation Vulnerability in FreeBSD 7.1 and 8.0 DAZ Studio Multiple File Extension Script Injection Vulnerability CA Service Desk 12.1 Cross-Site Scripting (XSS) Vulnerability Privilege Escalation Vulnerability in IBM DB2 Versions 8, 9.1, 9.5, and 9.7 Session Fixation Vulnerability in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 Arbitrary Script Injection Vulnerability in IBM WebSphere Portal Collaboration Component Unspecified vulnerability in IBM WebSphere Portal XMLAccess Component Elxis CMS Directory Traversal Vulnerability in feedcreator.class.php Multiple SQL Injection Vulnerabilities in Eshopbuilde CMS Remote File Inclusion Vulnerability in Ciamos CMS 0.9.5 and Earlier: Arbitrary PHP Code Execution Cross-Site Scripting (XSS) Vulnerabilities in ProofReader Component for Joomla! Arbitrary SQL Command Execution in TYPO3 Calendar Base Extension Arbitrary Code Injection through Newsletter Configuration in Direct Mail Extension for TYPO3 Unspecified Information Disclosure Vulnerability in kk_downloader Extension for TYPO3 Arbitrary Code Injection through Cross-Site Scripting (XSS) in AN Search it! Extension for TYPO3 Arbitrary Command Execution Vulnerability in TYPO3 DB Integration Extension Arbitrary SQL Command Execution in TW Productfinder Extension for TYPO3 Arbitrary Web Script Injection in TYPO3 Simple Glossar Extension Arbitrary SQL Command Execution in Simple Glossar Extension for TYPO3 Arbitrary SQL Command Execution Vulnerability in Trips (mchtrips) Extension 2.0.0 for TYPO3 Cache Spoofing Vulnerability in Automatic Base Tags for RealUrl Extension 1.0.0 for TYPO3 Arbitrary Script Injection in Roy Tanck tagcloud.swf Plugin Arbitrary Web Script Injection Vulnerability in WP-Cumulus Plug-in Information Disclosure Vulnerability in WP-Cumulus Plug-in 1.20 for WordPress Denial of Service Vulnerability in Yahoo! Messenger 9.0.0.2162 Arbitrary Web Script Injection in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews 8 and 8b CSRF Vulnerability in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b Bypassing Administrative Moderation in CutePHP CuteNews Information Disclosure Vulnerability in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b Heap-based Buffer Overflow Vulnerabilities in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Buffer Overflow in HP OpenView Network Node Manager (OV NNM) Webappmon.exe Heap-based Buffer Overflow in HP OpenView Network Node Manager (OV NNM) OvWebHelp.exe Stack-based Buffer Overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Unspecified Vulnerabilities in HP Web Jetadmin 10.2 with Remote SQL Server Access Unspecified Local Access Vulnerability in HP OpenView Storage Data Protector 6.00 and 6.10 Unspecified Local Access Vulnerability in HP Enterprise Cluster Master Toolkit (ECMT) on HP-UX Arbitrary Web Script Injection in HP System Management Homepage (SMH) before 6.0 Stack Consumption Vulnerability in Apple Safari 4.0.3 on Windows Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sun Java System Portal Server Default Password Vulnerability in HP Operations Dashboard Allows Remote Code Execution Default Password Vulnerability in HP Operations Manager Allows Remote Code Execution Unspecified Denial of Service Vulnerability in Sun OpenSolaris 2009.06 Unspecified Privilege Escalation Vulnerability in Sun Solaris and OpenSolaris Directory Traversal Vulnerability in Interspire Knowledge Manager 5 Local Privilege Escalation via Symlink Attack in Merkaartor 0.14 Golden FTP Server 4.30 and 4.50 Directory Traversal Vulnerability Buffer Overflow Vulnerability in Adobe Illustrator CS4 and Earlier Versions Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Huawei MT882 V100R002B020 ARG-T Firmware 3.7.9.98 Autocomplete Vulnerability in Huawei MT882 V100R002B020 ARG-T Firmware 3.7.9.98 Arbitrary SQL Command Execution in MyMiniBill's my_orders.php Multiple SQL Injection Vulnerabilities in Mambo Resident Component 1.0f for Mambo and Joomla! SQL Injection Vulnerability in Seminar Component 1.28 for Joomla! Stack-based buffer overflows in Mp3 Tag Assistant Professional 2.92 build 300 Arbitrary File Inclusion Vulnerability in Omilen Photo Gallery Component for Joomla! Arab Portal 2.2 Multiple SQL Injection Vulnerabilities in admin/aclass/admin_func.php SQL Injection Vulnerability in Flashlight Free Edition's read.php Arbitrary File Inclusion Vulnerability in Flashlight Free Edition's admin.php Arbitrary SQL Command Execution in Million Dollar Text Links 1.0 and Earlier Arbitrary Script Injection Vulnerability in Drupal Webform Module SQL Injection Vulnerability in Open-school (OS) 1.0 os_news Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in moziloCMS 1.11.1 Indeo Codec Memory Corruption Vulnerability Privilege Escalation Vulnerability in Solaris x86 Platform Integer underflows in AES and RC4 decryption in MIT Kerberos 5: Denial of Service and Arbitrary Code Execution Vulnerability Cross-site scripting (XSS) vulnerability in Ruby on Rails strip_tags function Weak Permissions in Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010: Privilege Escalation Vulnerability Arbitrary Local File Inclusion Vulnerability in Klinza Professional CMS 5.0.1 and Earlier SQL Injection Vulnerability in Itamar Elharar MusicGallery Component for Joomla! Multiple SQL Injection Vulnerabilities in JiRo's Banner System eXperience (JBSX) Login Page Stack-based Buffer Overflow in MYACTIVEX.MyActiveXCtrl.1 ActiveX Control in MyActiveX.ocx 1.4.8.0 Remote File Inclusion Vulnerability in PointComma 3.8b2 and Earlier: Arbitrary PHP Code Execution SQL Injection Vulnerability in classified.php in phpBazar 2.1.1fix and earlier (catid parameter) Unauthenticated Access to Admin Control Panel in phpBazar 2.1.1fix and Earlier KR-Web 1.1b2 and Earlier: PHP Remote File Inclusion Vulnerability in adm/krgourl.php PHP Remote File Inclusion Vulnerabilities in SweetRice 0.5.4 and Earlier PestPatrol ActiveX Control Stack-based Buffer Overflow Vulnerability Race condition vulnerability in IP module in Sun OpenSolaris allows remote attackers to cause denial of service Stack-based Buffer Overflow in Xfig and Transfig Allows Remote Code Execution Stack Consumption Vulnerability in Xfig 3.2.5b and Earlier: Denial of Service via Malformed .fig File Multiple SQL Injection Vulnerabilities in Active Bids Stack-based buffer overflows in IIPImage Server before 0.9.8 Arbitrary File Inclusion Vulnerability in SweetRice 0.5.3 and Earlier Arbitrary Account Name Posting Vulnerability in Kide Shoutbox Component for Joomla! Arbitrary Script Injection in YJ Whois Component for Joomla! Arbitrary Web Script Injection Vulnerability in Micronet Network Access Controller SP1910 Unrestrictive Umask Vulnerability in acpid 1.0.4 Sensitive Information Disclosure in EC-CUBE Ver2 2.4.0 RC1 through 2.4.1 and Community Edition r18068 through r18428 Multiple Cross-Site Scripting (XSS) Vulnerabilities in TestLink before 1.8.5 SQL Injection Vulnerabilities in TestLink before 1.8.5 Arbitrary Web Script Injection Vulnerability in IBM InfoSphere Information Server 8.1 Web Console Unspecified Buffer Overflow Vulnerabilities in IBM InfoSphere Information Server 8.1 Heap-based Buffer Overflow in RealPlayer and Helix Player Heap-based Buffer Overflow in RealPlayer and Helix Player GIF Codec HTTP Chunked Transfer Coding Overflow Vulnerability Heap-based Buffer Overflow in RealPlayer and Helix Player Heap-based Buffer Overflow in RealPlayer and Helix Player Stack-based Buffer Overflow in RealPlayer and Helix Player Stack-based buffer overflow in RealPlayer and Helix Player allows remote attackers to cause a denial of service or execute arbitrary code via a large number of rules in an ASM RuleBook. Buffer Overflow in RealPlayer RTSPProtocol::HandleSetParameterRequest Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in CutePHP CuteNews 1.4.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in CutePHP CuteNews 1.4.6 and UTF-8 CuteNews before 8b Stack-based Buffer Overflow in Jasc Paint Shop Pro 8.10 via Crafted PNG File Arbitrary Script Injection in Image Hosting Script DPI 1.1F via date parameter PowerPhlogger 2.2.5 - Remote Code Injection via dspStats.php Information Disclosure Vulnerability in PowerPhlogger 2.2.5 Arbitrary Script Injection in You!Hostit! Template 1.0.1 for Joomla! Multiple SQL Injection Vulnerabilities in cource.php in AlefMentor 2.0 and 2.2 Heap-based buffer overflow in smlpkt.cpp in RealPlayer and Helix Player allows remote code execution Directory Traversal Vulnerabilities in Ganeti's iallocator Framework Remote Access to Admin Control Panel in Harold Bakker's NewsScript (HB-NS) 1.3 SQL Injection Vulnerability in PTCPay GeN3 Forum 1.3: Remote Code Execution via cat Parameter Remote File Inclusion Vulnerability in AROUNDMe 1.1 and Earlier Stack-based Buffer Overflow in Ideal Administration 2009 9.7.1 Allows Remote Code Execution Arbitrary Web Script Injection in YABSoft Advanced Image Hosting (AIH) Script 2.2 and 2.3 Improper Line Feed Escaping in Apache jUDDI 3.0.0 Console Weak Password Hash Generation Algorithm in Apache Derby Stack-based Buffer Overflow in Ghostscript Allows Remote Code Execution via Crafted PDF File Vulnerability: Denial of Service via VDSO Page Segmentation Fault Denial of Service Vulnerability in Red Hat Enterprise Linux 5 Kernel Remote Command Execution in SystemTap (stap-server) Stack-based Buffer Overflow in netpbm's xpmtoppm.c Arbitrary Code Execution Vulnerability in Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 Firmware Denial of Service Vulnerability in SEIL/X1, SEIL/X2, and SEIL/B1 Firmware 2.30-2.51 with NAT Enabled Unspecified Remote Code Execution Vulnerability in Sun Ray Server Software 4.0 and 4.1 Insecure DSA Key Generation in Sun Ray Server Software 4.0 and 4.1 Arbitrary SQL Command Execution Vulnerability in Taxonomy Timer Module for Drupal Cross-Site Request Forgery (CSRF) Vulnerabilities in Moodle 1.8 and 1.9 User Account Information Disclosure in LAMS Module for Moodle Unauthenticated Access to Glossary Entries in Moodle 1.8 and 1.9 Insecure Storage of Password Hashes in Moodle Authentication Plugins Arbitrary MNET Function Execution in Moodle 1.8 and 1.9 Insecure Login Form in Moodle 1.8 and 1.9 Sensitive Information Exposure in Moodle Backup Files Weak Password Salting in Moodle 1.8 and 1.9 SQL Injection Vulnerability in Moodle SCORM Module Allows Arbitrary SQL Command Execution EXT4_IOC_MOVE_EXT Denial of Service Vulnerability Denial of Service Vulnerability in ext4_fill_flex_info Function NULL pointer dereference vulnerability in ext4_decode_error function in Linux kernel before 2.6.32 Heap-based Buffer Overflow in Intel Indeo41 Codec for Windows Media Player Stack-based Buffer Overflow in Intel Indeo41 Codec for Windows Media Player Indeo Codec Remote Code Execution Vulnerability Indeo Codec Remote Code Execution Vulnerability Heap Corruption and Arbitrary Code Execution Vulnerability in Indeo32 Codec Automatic Multi-Group Hotdesking (AMGH) Vulnerability in Sun Ray Server Software 4.1 on Solaris 10 Arbitrary File Creation and Execution Vulnerability in Nuggetz CMS 1.0 ZeeLyrics 3x searchresults_main.php XSS Vulnerability Arbitrary Code Injection via sid Parameter in ScriptsEz Ez Cart Arbitrary Script Injection via lang Parameter in Real Estate Manager 1.0.1 Remote File Inclusion Vulnerability in eoCMS 0.9.03 and Earlier Arbitrary Web Script Injection in TNG 7.1.2 searchform.php Arbitrary File Read Vulnerability in Zen Cart 1.3.8 and 1.3.8a Information Disclosure in Zen Cart's extras/ipn_test_return.php Zen Cart Installation Vulnerability Adobe Reader and Acrobat Use-After-Free Vulnerability in Doc.media.newPlayer Method Unvalidated Pointer Vulnerability in IBM DB2 Client Interfaces Predictable Return Values in RAND Scalar Function in IBM DB2 Memory Consumption Denial of Service Vulnerability in IBM DB2 9.5 and 9.7 Denial of Service Vulnerability in IBM DB2 9.5 DRDA Services Component Denial of Service Vulnerability in IBM DB2 9.5 Engine Utilities Component Unspecified Local Attack Vector Vulnerability in IBM DB2 9.5 Engine Utilities Incorrect File-Permission and Authorization Settings in IBM DB2 Install Component Denial of Service Vulnerability in IBM DB2 9.1 and 9.5 Information Disclosure Vulnerability in IBM DB2 9.5 Relational Data Services Component Insecure Permissions in IBM DB2 STMM Log File Unspecified Remote Vulnerabilities in IBM DB2 Spatial Extender Component Arbitrary Web Script Injection in Diocese of Portsmouth Calendar Extension SQL Injection Vulnerability in Diocese of Portsmouth Calendar Extension 0.4.1 and Earlier for TYPO3 Arbitrary SQL Command Execution in Flash SlideShow Extension for TYPO3 Arbitrary SQL Command Execution in TYPO3 Subscription Extension (mf_subscription) 0.2.2 Arbitrary Web Script Injection in TYPO3 No Indexed Search Extension Arbitrary SQL Command Execution Vulnerability in No Indexed Search Extension 0.2.0 for TYPO3 Arbitrary SQL Command Execution Vulnerability in Job Exchange Extension 0.0.3 for TYPO3 Arbitrary Web Script Injection in TYPO3 Training Company Database Extension Arbitrary Web Script Injection in TYPO3 ZID Linkliste Extension 1.0.0 Arbitrary Code Injection through vShoutbox Extension in TYPO3 Arbitrary Web Script Injection in TYPO3 Frontend News Submitter with RTE Extension Arbitrary Web Script Injection in daloRADIUS 0.9-8 and Earlier Arbitrary Web Script Injection in Harold Bakker's NewsScript (HB-NS) 1.3 via topic parameter CSRF Vulnerability in Link Up Gold 5.0 Allows Unauthorized Creation of Administrative Accounts Arctic Issue Tracker 2.1.1 SQL Injection Vulnerability Arbitrary SQL Command Execution in WSCreator 1.1 ADMIN/loginaction.php Cross-Site Scripting (XSS) Vulnerabilities in TransWARE Active! mail 2003 Build 2003.0139.0871 and Earlier Session Hijacking Vulnerability in TransWARE Active! mail 2003 Mobile Edition Session Hijacking Vulnerability in TransWARE Active! mail 2003 Build 2003.0139.0871 and Earlier Memory Leak in OpenSSL's zlib_stateful_finish Function Integer overflows in Winamp filters allow remote code execution via malformed JPEG and PNG data in MP3 files Legacy URL Handling Vulnerability in IBM Rational ClearQuest Insecure Permissions in FreeBSD-Update Working Directory Arbitrary Code Injection through categoryid Parameter in SmartMedia 0.85 Beta Module for XOOPS Arbitrary Web Script Injection Vulnerability in XOOPS Content Module 0.5 Buffer Overflow Vulnerabilities in qoslist in IBM AIX 6.1 Buffer Overflow Vulnerabilities in qosmod in IBM AIX 6.1 Cross-Site Scripting (XSS) vulnerability in Horde Application Framework, Horde Groupware, and Horde Groupware Webmail Edition Cross-Site Scripting (XSS) Vulnerability in ScriptsEz Ez Blog CSRF Vulnerabilities in ScriptsEz Ez Blog 1.0 Allow Remote Authentication Hijacking ScriptsEz Ez Blog 1.0 - Cross-Site Scripting (XSS) Vulnerability in index.php Authentication Bypass and Unauthorized File Operations in Sitecore Staging Module Unspecified Vulnerabilities in Centreon Before 2.1.4 with Unknown Impact and Attack Vectors Arbitrary Script Injection in Drupal Core Contact Module Arbitrary Script Injection in Drupal Core 6.x Menu Module Cross-site scripting (XSS) vulnerability in Drupal Core 6.14 and 6.15 in Locale module Remote Code Execution in AlienVault OSSIM 2.1.5 and Earlier Versions Unrestricted File Upload Vulnerability in AlienVault OSSIM 2.1.5 and Earlier Versions Directory Traversal Vulnerability in AlienVault OSSIM 2.1.5 and Earlier SQL Injection Vulnerability in AlienVault OSSIM 2.1.5: Remote Code Execution via id_document Parameter Buffer Overflow in Daintree SNA File Parser in Wireshark 1.2.0 through 1.2.4 Remote Denial of Service Vulnerability in Wireshark SMB and SMB2 Dissectors Denial of Service Vulnerability in Wireshark IPMI Dissector Multiple Cross-Site Scripting (XSS) Vulnerabilities in Valarsoft Webmatic before 3.0.3 Multiple SQL Injection Vulnerabilities in Valarsoft Webmatic before 3.0.3 Arbitrary Web Script Injection in texmedia Million Pixel Script 3 via pa Parameter Arbitrary Web Script Injection Vulnerability in PHPFABER CMS module.php Directory Traversal Vulnerability in Rocomotion P Forum (Pforum.php) Allows Remote File Read Multiple Cross-Site Scripting (XSS) Vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH) Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH) SQL Injection Vulnerability in Venalsur Booking Centre Booking System for Hotels Group Cross-Site Scripting (XSS) Vulnerability in ManageEngine Password Manager Pro (PMP) before 6.1 Build 6104 Arbitrary Web Script Injection in TYPO3 ListMan Extension 1.2.1 Unspecified Information Disclosure Vulnerability in Watchdog Extension for TYPO3 Arbitrary SQL Command Execution in Car Extension 0.1.1 for TYPO3 Arbitrary Web Script Injection in TYPO3 File List Extension 2.1.1 Arbitrary SQL Command Execution in XDS Staff List Extension for TYPO3 Arbitrary SQL Command Execution in TYPO3 Document Directorys Extension Arbitrary SQL Command Execution in Random Prayer 2 (ste_prayer2) Extension for TYPO3 Arbitrary Web Script Injection in Random Prayer 2 TYPO3 Extension Arbitrary SQL Command Execution in Diocese of Portsmouth Resources Database Extension Arbitrary Web Script Injection in Diocese of Portsmouth Resources Database Extension Arbitrary Web Script Injection in TYPO3 Parish of the Holy Spirit Religious Art Gallery Extension Arbitrary SQL Command Execution in TYPO3 Parish of the Holy Spirit Religious Art Gallery Extension Arbitrary Web Script Injection in TYPO3 Parish Administration Database Extension SQL Injection Vulnerability in TYPO3 Parish Administration Database Extension Arbitrary Password Vulnerability in SQL-Ledger 2.8.24 Rumba XML 1.8 index.php PATH_INFO Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in t-prot (TOFU Protection) before 2.8 Unspecified Vulnerabilities in Trac before 0.11.6 with Unknown Impact and Attack Vectors Cross-site scripting (XSS) vulnerability in APC Switched Rack PDU AP7932 B2 Cross-Site Request Forgery (CSRF) Vulnerabilities in PyForum and zForum Cross-Site Scripting (XSS) Vulnerabilities in PyForum and zForum Replay Attack Vulnerability in Internet Initiative Japan SEIL/B1 Firmware Denial of Service Vulnerability in Linux Kernel's fuse_ioctl_copy_user Function Vulnerability: Symlink Attack in XFS acl 2.2.47 Recursive Mode Arbitrary Code Execution via Unrestricted File Upload in Serendipity Integer Overflow and Segmentation Fault Vulnerability in Polipo HTTP Proxy SQL Injection Vulnerability in phpGroupWare 0.9.16.12 and earlier versions Multiple Directory Traversal Vulnerabilities in phpGroupWare 0.9.16.12 and Earlier Versions Arbitrary Web Script Injection in phpGroupWare 0.9.16.12 Login Page Arbitrary E-mail Message Injection Vulnerability in Zend Framework's Zend_Log_Writer_Mail Denial of Service Vulnerability in PHP Unserialize Function Vulnerability: Privilege Escalation via SINIT ACM Bypass in Intel Chipsets Buffer Overflow Vulnerability in F5 Networks BIG-IP Application Security Manager and Protocol Security Manager Arbitrary File Inclusion Vulnerability in Simple PHP Blog 0.5.1 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Aditus Consulting JpGraph 3.0.6 SQL Injection Vulnerability in weenCompany 4.0.0 - Remote Code Execution via moduleid Parameter SQL Injection Vulnerability in Pyrmont Plugin 2 for WordPress: Remote Code Execution via id Parameter in results.php iDevCart 1.09 index.php Cross-Site Scripting (XSS) Vulnerability Ignition 1.2 Multiple Directory Traversal Vulnerabilities Arbitrary File Inclusion Vulnerability in phpLDAPadmin 1.1.0.5 JoomPortfolio (com_joomportfolio) Component 1.0.0 for Joomla! SQL Injection Vulnerability Arbitrary Script Injection in Drupal Sections Module SQL Injection Vulnerability in VirtueMart 1.0 index.php Arbitrary PHP Code Execution via Remote File Inclusion in JCal Pro Component for Joomla CodeMight VideoCMS 3.1 - SQL Injection Vulnerability in index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in IDevSpot iSupport 1.8 and Earlier Arbitrary File Read Vulnerability in IDevSpot iSupport 1.8 and Earlier Arbitrary File Inclusion Vulnerabilities in F3Site 2009 Multiple SQL Injection Vulnerabilities in Active Web Softwares eWebquiz 8 Multiple SQL Injection Vulnerabilities in Active Auction House 3.6 Privilege Escalation in IBM DB2 Query Compiler and Optimizer Denial of Service Vulnerability in IBM DB2 9.5 Query Compiler, Rewrite, and Optimizer Component Opportunistic Connection Hijacking Vulnerability in Sun Java System Directory Server Enterprise Edition Denial of Service Vulnerability in Sun Java System Directory Server Enterprise Edition Denial of Service Vulnerability in Sun Java System Directory Server Enterprise Edition Denial of Service Vulnerability in Sun Java System Directory Server Enterprise Edition File Extension Bypass Vulnerability in Microsoft IIS 5.x and 6.x Arbitrary File Creation Vulnerability in Microsoft IIS with Third-Party Upload Applications Arbitrary Web Script Injection in phpInstantGallery 1.1 via admin.php PATH_INFO Authentication Bypass and Administrator Settings Modification in Jax Guestbook 3.5.0 Denial of Service (CPU Consumption) Vulnerability in MyBB 1.4.10 and Earlier Versions Directory Traversal Vulnerability in MyBB 1.4.10 and Earlier: User Avatar Gallery File Existence Disclosure Cross-Site Scripting (XSS) Vulnerabilities in LiveZilla 3.1.8.3 map.php Arbitrary Code Execution via Unrestricted File Upload in Kandalf Upper 0.1 Weak Permissions in Kaspersky Anti-Virus and Internet Security Software Allows Local Privilege Escalation Arbitrary File Creation/Overwrite Vulnerability in SoftCab Sound Converter ActiveX Control Arbitrary File Overwrite Vulnerability in vccleaner.log Arbitrary Backend Server Access Vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance Arbitrary SQL Command Execution in Green Desktiny 2.3.1 Unspecified Security Vulnerabilities in Vsftpd Webmin Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in FreePBX 2.5.2 and 2.6.0rc2 Cross-Site Scripting (XSS) Vulnerability in Redmine 0.8.7 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Auto-Surf Traffic Exchange Script 1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in FlatPress 0.909 Remote Code Execution Vulnerability in NetBiterConfig Utility Default Password Vulnerability in Intellicom NetBiter WebSCADA Devices Active Business Directory 2 - Cross-Site Scripting (XSS) Vulnerability in searchadvance.asp Insufficient Access Control in DeluxeBB 1.3 Allows Remote Attackers to Obtain Sensitive Information and Gain Administrative Access Information Disclosure and Denial of Service Vulnerability in DeluxeBB 1.3 Account Registration Bypass Vulnerability in DeluxeBB 1.3 Arbitrary Web Script Injection Vulnerability in DeluxeBB 1.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpPowerCards 2.0 SQL Injection Vulnerability in DVBBS 2.0 boardrule.php Multiple PHP Remote File Inclusion Vulnerabilities in FreeSchool 1.1.0 and Earlier PHP Remote File Inclusion Vulnerabilities in PHPope 1.0.0 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Ektron CMS400.NET Arbitrary SQL Command Execution Vulnerability in Mike de Boer Zoom Component 2.0 for Mambo Joomlub Component SQL Injection Vulnerability Stack-based Buffer Overflow in HAURI ViRobot Desktop 5.5 before 2009-09-28.00 SQL Injection Vulnerability in Xstate Real Estate 1.0: Remote Code Execution via pid Parameter in page.html XSS Vulnerabilities in Xstate Real Estate 1.0 Denial of Service Vulnerability in MailSite 8.0.4 Buffer Overflow Vulnerability in AzeoTech DAQFactory 5.77 Web Service Buffer Overflow Vulnerability in TVersity Media Server 1.6 Unspecified Denial of Service Vulnerability in MailSite 8.0.4 Multiple stack-based buffer overflows in CertDecoder::GetName function in yaSSL before 1.9.9 allow remote attackers to execute arbitrary code or cause denial of service Stack-based Buffer Overflow in Novell iManager Plugin: Remote Code Execution Vulnerability Remote Code Execution via Log File Vulnerability in nginx 0.7.64 Vulnerability: Log File Manipulation in Varnish 2.0.6 Unsanitized Input in Cherokee HTTP Request Handling Arbitrary Command Execution and File Overwrite Vulnerability in mini_httpd 1.19 Unsanitized Input in thttpd 2.25b0 Log File Allows Remote Command Execution WEBrick Log File Vulnerability Unsanitized Log File Input Vulnerability in Orion Application Server 2.0.7 AOLserver 4.5.1 Log File Injection Vulnerability Unsanitized Input in Yaws 1.85 Log File Allows Remote Command Execution Remote Code Execution via Log File Manipulation Arbitrary Web Script Injection in LXR Cross Referencer 0.9.5 and 0.9.6 Arbitrary Command Execution Vulnerability in Zabbix Server SQL Injection Vulnerability in Zabbix Server's get_history_lastid Function NULL pointer dereference vulnerability in Zabbix Server before 1.6.6 NULL pointer dereference vulnerability in zbx_get_next_field function in Zabbix Server before 1.6.8 Arbitrary Command Execution in Zabbix Agent via NET_TCP_LISTEN Function OpenCMS OAMP Comments Module 1.0.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities Predictable Session Cookie Vulnerability in TANDBERG Video Communication Server (VCS) Fixed DSA Key Vulnerability in TANDBERG Video Communication Server (VCS) Directory Traversal Vulnerabilities in TANDBERG Video Communication Server (VCS) Web Administration Interface Arbitrary Local File Inclusion Vulnerability in Oscailt 3.3 Cross-Site Scripting (XSS) Vulnerabilities in Drupal Workflow Module Arbitrary Code Injection via OpenSocial Shindig-Integrator Module in Drupal Unenforced Privilege Requirements in Storm Module for Drupal Allow Unauthorized Access to Node Titles Unspecified Cross-Site Scripting (XSS) Vulnerability in Drupal FAQ Ask Module CSRF Vulnerability in Drupal FAQ Ask Module Allows Unauthorized Access to Unpublished Content Arbitrary Web Script Injection Vulnerability in Insert Node Module for Drupal Unspecified Vulnerabilities in Ortro before 1.3.4 with Unknown Impact and Attack Vectors CCK Comment Reference Module Access Restriction Bypass Vulnerability Arbitrary Web Script Injection in BIRT Viewer (Eclipse Business Intelligence and Reporting Tools) Arbitrary Script Injection in BloofoxCMS 0.3.5 Search Functionality Zainu 1.0 index.php XSS Vulnerability in SearchSong Action Arbitrary Web Script Injection Vulnerability in RealName Module for Drupal Arbitrary Script Injection in Drupal Print Module Privilege Escalation Vulnerability in Send by E-mail Sub-module Privilege Escalation via Unattended Web Browser in Shibboleth Authentication Module Remote Authenticated Group Members Bypass Access Restrictions in Organic Groups (OG) Vocabulary Module for Drupal Source Code Disclosure Vulnerability in InterVations NaviCOPA Web Server 3.0.1.2 and Earlier Information Disclosure Vulnerability in Mongoose 2.8.0 and Earlier Information Disclosure Vulnerability in httpdx 1.4.4 and Earlier Arbitrary Script Injection Vulnerability in Drupal Webform Module Caching Vulnerability in Webform Module for Drupal Open Redirect Vulnerability in FAQ Ask Module for Drupal Remote Code Disclosure Vulnerability in Mongoose 2.8.0 and Earlier Remote bypass of packet filters via crafted payload in e1000 driver Denial of Service Vulnerability in r8169 Driver in Linux Kernel 2.6.32.3 and Earlier Unbounded Ethernet Frame Size Vulnerability in e1000e Driver SQLiteManager 1.2.0 main.php Redirect Parameter Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Mini CMS 1.0.1: Remote Code Execution via id Parameter in page.php PHP Remote File Inclusion Vulnerabilities in IsolSoft Support Center 2.5 IsolSoft Support Center 2.5 lang Parameter Cross-Site Scripting (XSS) Vulnerability PHP Remote File Inclusion Vulnerability in Cromosoft Technologies Facil Helpdesk 2.3 Lite Arbitrary Web Script Injection in Cromosoft Technologies Facil Helpdesk 2.3 Lite Insufficient Access Control in Logoshows BBS 2.0 Allows Remote Database Download Authentication Bypass Vulnerability in Logoshows BBS 2.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ViArt CMS 3.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in ViArt Helpdesk 3.x Stack-based Buffer Overflow in A2 Media Player Pro 2.51 via Long String in Playlist File Arbitrary SQL Command Execution Vulnerability in Kunena Forum Component for Joomla! SQL Injection Vulnerability in Survey Pro Module for Miniweb 2.0 Arbitrary Web Script Injection Vulnerability in Miniweb 2.0 Survey Pro Module iRehearse Stack-Based Buffer Overflow Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Snitz Forums 2000 3.4.07 CSRF Vulnerabilities in AgoraCart Allow Remote Authentication Hijacking Weak Permissions in Quick Heal AntiVirus Plus and Quick Heal Total Security Allow Privilege Escalation Cross-site scripting (XSS) vulnerability in Image Assist module for Drupal Privilege Escalation in Image Assist Drupal Module Cross-Site Scripting (XSS) Vulnerability in Drupal Submitted By Module SQL Injection Vulnerability in WebLeague 2.2.0 profile.php SQL Injection Vulnerabilities in WebLeague 2.2.0 Admin/index.php Arbitrary Web Script Injection Vulnerability in Zenphoto 1.2.5 CSRF Vulnerability in Zenphoto 1.2.5 Allows Unauthorized Password Change SQL Injection Vulnerability in Zenphoto 1.2.5 with ZenPage Plugin Null character vulnerability in sendmail before 8.14.4 allows for SSL-based SMTP server spoofing and access restriction bypass SQL Injection Vulnerability in Zenphoto 1.2.5 index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Viscacha 0.8 Gold's editprofile.php Arbitrary Web Script Injection Vulnerability in Webmin and Usermin SQL Injection Vulnerability in elkagroup Image Gallery PhpShop 0.8.1 Order Print Cross-Site Scripting (XSS) Vulnerability Multiple SQL Injection Vulnerabilities in PhpShop 0.8.1 CSRF Vulnerability in PhpShop 0.8.1 Allows Remote User Authentication Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joomulus Module 2.0 for Joomla! SQL Injection Vulnerability in country_escorts.php in I-Escorts Directory Script Q-Personel Component 1.0.2 RC2 for Joomla! Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in BeeHeard Component 1.x for Joomla! SQL Injection Vulnerability in MDForum Module 2.x through 2.07 for MAXdev MDPro Arbitrary Web Script Injection Vulnerability in Facileforms Component for Joomla! and Mambo Arbitrary Web Script Injection Vulnerability in Artist Avenue Component for Joomla! and Mambo Cross-Site Scripting (XSS) Vulnerabilities in Hasta Blog 2.3 Arbitrary File Inclusion Vulnerability in RoseOnlineCMS 3 B1 and Earlier Arbitrary SQL Command Execution in XOOPS Dictionary Module (CVE-XXXX-XXXX) SQL Injection Vulnerability in DhForum Component for Joomla! Authentication Bypass Vulnerability in dB Masters Multimedia Links Directory 3.1.3 Insufficient Access Control in UranyumSoft Listing Service Allows Remote Database Download Wowd Client 1.3.1 - Multiple Cross-Site Scripting (XSS) Vulnerabilities in index.html Denial of Service Vulnerability in Cherokee Web Server 0.5.4 Heap-based Buffer Overflow in WindsPlayerIE.View.1 ActiveX Control in WindsPly.ocx Arbitrary Script Injection in MediaWiki Special:Block Implementation Arbitrary Web Script Injection Vulnerability in BASE 1.4.4 and Earlier Arbitrary SQL Command Execution Vulnerability in BASE before 1.4.4 Arbitrary Local File Inclusion Vulnerability in BASE Missing Null Termination in bftpdutmp_log Function Allows Remote DoS Unspecified Vulnerability in IBM Lotus iNotes with Unknown Impact and Attack Vectors SQL Injection Vulnerability in PHP Inventory 1.2 - Remote Code Execution via sup_id Parameter Arbitrary Web Script Injection Vulnerability in PHP Inventory 1.2 Multiple SQL Injection Vulnerabilities in PHP Inventory 1.2 Arbitrary SQL Command Execution Vulnerability in JPhoto Component 1.0 for Joomla! SQL Injection Vulnerabilities in JS Jobs Component 1.0.5.6 for Joomla! SQL Injection Vulnerability in NetArt Media Real Estate Portal 2.0 Arbitrary Web Script Injection Vulnerability in Zeeways ZeeJobsite 3x Arbitrary Web Script Injection Vulnerability in Drupal Randomizer Module Denial of Service Vulnerability in SAP Kernel 6.40-7.20 Remote File Inclusion Vulnerability in Fernando Soares Mamboleto Component 2.0 RC3 for Joomla! Cross-Site Request Forgery (CSRF) Vulnerability in phpMyAdmin 2.11.x before 2.11.10 Insecure Installation of WebDrive Service in South River Technologies WebDrive 9.02 build 2232 Privilege Escalation via less Utility in Overland Storage Snap Server 410 Arbitrary Web Script Injection Vulnerability in Canon IT Solutions Inc. ACCESSGUARDIAN Information Disclosure Vulnerability in Mort Bay Jetty 6.x and 7.0.0 Cross-Site Scripting (XSS) Vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 Unsanitized Backtrace Data in Mort Bay Jetty 6.x and 7.0.0 Cross-Site Scripting (XSS) Vulnerabilities in Mort Bay Jetty 6.1.x through 6.1.21 SQL Injection Vulnerability in NetArt Media Real Estate Portal 2.0 Multiple PHP Remote File Inclusion Vulnerabilities in Moa Gallery 1.2.0 and Earlier SQL Injection Vulnerability in MYRE Holiday Rental Manager's review.php Arbitrary Web Script Injection Vulnerability in MYRE Holiday Rental Manager's search.php Multiple SQL Injection Vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script SQL Injection Vulnerabilities in Tourism Script Bus Script Arbitrary SQL Command Execution in Lucy Games Component 1.5.4 for Joomla! Joomloc Component 1.0 for Joomla SQL Injection Vulnerability SQL Injection Vulnerability in JiangHu Inn Plugin 1.1 and Earlier for Discuz! Remote File Inclusion Vulnerability in Drunken:Golem Gaming Portal 0.5.1 alpha 2 PHP Remote File Inclusion Vulnerabilities in Advanced Comment System 1.0 SQL Injection Vulnerability in Nicecoder iDesk's download.php SQL Injection Vulnerability in BF Survey Pro Free (com_bfsurvey_profree) 1.2.4 Arbitrary File Inclusion Vulnerability in phpNagios 1.2.0 Moa Gallery 1.2.0 Directory Traversal Vulnerability SQL Injection Vulnerability in TemplatePlaza.com TPDugg Component 1.1 for Joomla! DNS Prefetching Vulnerability in Mozilla Necko DNS Prefetching in Mozilla Necko: A Potential Privacy Concern Off-by-one Error in VP3 Decoder Allows Remote Code Execution Out-of-Bounds Read Vulnerability in FFmpeg 0.5's oggparsevorbis.c Heap-based Buffer Overflow in FFmpeg 0.5 due to Assignment Operator Vulnerability Integer Underflows in FFmpeg 0.5 Allowing Remote Code Execution and Denial of Service Stack-based Buffer Overflow in FFmpeg 0.5 MOV Container Processing Denial of Service Vulnerability in FFmpeg 0.5 Stack-based Buffer Overflow in FFmpeg 0.5 Allows Remote Code Execution Integer Overflow Vulnerability in FFmpeg 0.5 AVI Demuxer Denial of Service Vulnerability Vulnerability: Array Index Error in FFmpeg 0.5 Allows Remote Code Execution via Crafted Vorbis File Gnome-Screensaver 2.28.0 Inhibition Bypass Vulnerability Vulnerability: Inadequate Session Idle Time Detection in gnome-screensaver 2.26.1 Stack-based Buffer Overflow in Juniper Installer Service Remote Code Execution in Accellion Secure File Transfer Appliance Accellion Secure File Transfer Appliance Directory Traversal Vulnerability Arbitrary Shell Command Injection in Accellion Secure File Transfer Appliance via SNMP Public Community String Update Arbitrary Script Injection in Accellion Secure File Transfer Appliance Privilege Escalation in Accellion Secure File Transfer Appliance geccBBlite 0.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerability in Webee Comments Component for Joomla! (com_webeecomment) 1.1.1, 1.2, and 2.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Webee Comments Component for Joomla! Denial of Service Vulnerability in ngIRCd 13 and 14 with SSL/TLS Support Stack-based Buffer Overflow in Novell eDirectory 8.8 SP5 for Windows Allows Remote Code Execution Stack-based Buffer Overflow in Novell eDirectory 8.8 SP5 for Windows Predictable Session Cookie Vulnerability in Novell eDirectory 8.8.5 Stack-based Buffer Overflow in E-Soft DJ Studio Pro 4.2 and 5.x Unauthenticated Remote Access Vulnerability in Xerver 4.32 Administrator Package Denial of Service Vulnerability in Xerver 4.32 via Non-Numeric Web Port Assignment Denial of Service Vulnerability in MP3-Cutter Ease Audio Cutter 1.20 Stack-based Buffer Overflow in BigAnt IM Server 2.50 AntServer Module Buffer Overflow Vulnerabilities in BigAnt Server 2.50 SP6 and Earlier Arbitrary Web Script Injection Vulnerability in Novell GroupWise WebAccess Component Quiksoft EasyMail Objects 6 ActiveX Control Heap-Based Buffer Overflow Vulnerability Privilege Escalation via Symlink Attack in Firewall Builder 3.0.4-3.0.6 Arbitrary File Read Vulnerability in CuteSoft Components Cute Editor for ASP.NET PHP Remote File Inclusion Vulnerabilities in Webradev Download Protect 1.0 SQL Injection Vulnerability in WebMember 1.0: Remote Code Execution via formID Parameter Remote Code Execution Vulnerability in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 Multiple SQL Injection Vulnerabilities in RoomPHPlanning 1.6 Unauthenticated Arbitrary User and Room Deletion in RoomPHPlanning 1.6 Authentication Bypass Vulnerability in RoomPHPlanning 1.6 Arbitrary File Inclusion Vulnerability in WP-Lytebox Plugin 1.3 for WordPress SQL Injection Vulnerability in Mole Group Adult Portal Script's profile.php Allows Remote Code Execution Arbitrary Password Change Vulnerability in Mole Group Sky Hunter Airline Ticket Sale Script and Bus Ticket Script Unauthenticated Remote Password Change Vulnerability in Mole Group Gastro Portal Script Stack-based Buffer Overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 via Long Title in FLAC File Cross-site scripting (XSS) vulnerability in phpFK PHP Forum ohne 7.0.4 search.php Arbitrary Web Script Injection Vulnerability in Winn Guestbook 2.4 Arbitrary File Inclusion Vulnerability in inertialFATE iF Portfolio Nexus Component for Joomla! Arbitrary SQL Command Execution in phpDirectorySource 1.x via search.php Arbitrary Web Script Injection in phpDirectorySource 1.x search.php (XSS Vulnerability) Arbitrary Web Script Injection Vulnerability in Good/Bad Vote's vote.php Arbitrary File Inclusion Vulnerability in Good/Bad Vote's vote.php Arbitrary Web Script Injection Vulnerability in EZodiak's index.php Arbitrary Web Script Injection Vulnerability in celebrities.php XSS Vulnerability in phplemon AdQuick 2.2.1's account.php Allows Remote Script Injection SQL Injection Vulnerability in Silentum Guestbook 2.0.2: Remote Code Execution via messageid Parameter Cross-Site Scripting (XSS) Vulnerabilities in PHP Shopping Cart Selling Website Script Arbitrary SQL Command Execution Vulnerability in PHP Shopping Cart Selling Website Script Cross-Site Scripting (XSS) Vulnerabilities in YourFreeWorld Programs Rating Script SQL Injection Vulnerability in addlink.php in Classified Linktrader Script RadScripts RadLance Gold 7.5 index.php pr Parameter Cross-Site Scripting (XSS) Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in GraFX MiniCWB 2.3.0 Cross-Site Scripting (XSS) Vulnerability in RadScripts RadLance Gold 7.5 SQL Injection Vulnerability in RadScripts RadLance Gold 7.5: Remote Code Execution via fid Parameter SQL Injection Vulnerability in RadNICS Gold 5 index.php Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in RadNICS Gold 5 index.php Multiple SQL Injection Vulnerabilities in Qas Module for XOOPS Celepar Multiple Cross-Site Scripting (XSS) Vulnerabilities in SkaDate Dating Software Directory Traversal Vulnerability in SkaDate Dating's index.php Allows Arbitrary File Reading SQL Injection Vulnerability in Myth Download Extension 0.1.0 for TYPO3 Arbitrary SQL Command Execution in Tour Extension (pm_tour) for TYPO3 Arbitrary SQL Command Execution in Webesse Image Gallery Extension for TYPO3 Unspecified Information Disclosure Vulnerability in Webesse E-Card Extension for TYPO3 Arbitrary Script Injection in Twitter Search Extension for TYPO3 Arbitrary Code Injection through Cross-Site Scripting (XSS) in TYPO3 Mailform Extension Arbitrary Web Script Injection in Gobernalia Front End News Submitter Extension for TYPO3 Arbitrary SQL Command Execution in Gobernalia Front End News Submitter Extension Arbitrary SQL Command Execution in datamints Newsticker Extension for TYPO3 Arbitrary SQL Command Execution in TYPO3 Reset Backend Password Extension SQL Injection Vulnerability in CoolURI Extension for TYPO3 SQL Injection Vulnerability in Tukanas Classifieds Script 1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Qas Module for XOOPS Celepar XSS Vulnerability in XOOPS Celepar Quiz Module Arbitrary Web Script Injection Vulnerability in Real Time Currency Exchange's rates.php Arbitrary Code Injection through Language Parameter in EDGEPHP EZWebSearch Multiple Cross-Site Scripting (XSS) Vulnerabilities in Gonafish WebStatCaffe SQL Injection Vulnerability in visitorduration.php in Gonafish WebStatCaffe SQL Injection Vulnerability in Discloser 0.0.4 rc2: Remote Code Execution via index.php Arbitrary SQL Command Execution in GnuDIP 2.1.1 via Username Parameter SQL Injection Vulnerabilities in Andrews-Web (A-W) BannerAd 1.0 SQL Injection Vulnerability in Limny 1.01 CheckLogin Function Arbitrary File Inclusion Vulnerability in Netpet CMS 1.9 SQL Injection Vulnerability in PaymentProcessorScript.net PPScript's shop.htm Allows Remote Code Execution via cid Parameter Arab Portal 2.2 Directory Traversal Vulnerability Quickdev 4 PHP download.php Directory Traversal Vulnerability SQL Injection Vulnerability in JungleScripts Ajax Short Url Script SQL Injection Vulnerability in Questions Answered 1.3 Administrative Interface Multiple Cross-Site Scripting (XSS) Vulnerabilities in x10 Adult Media Script 1.7 SQL Injection Vulnerability in x10 Adult Media Script 1.7's report.php Allows Remote Code Execution SQL Injection Vulnerability in Model Agency Manager PRO SQL Injection Vulnerability in TT Web Site Manager 0.5 SQL Injection Vulnerability in SimpleLoginSys 0.5 Allows Remote Code Execution SQL Injection Vulnerability in Allomani Movies Library (Movies & Clips) 2.7.0 Login.php SQL Injection Vulnerability in Allomani Audio & Video Library (Songs & Clips version) 2.7.0 Arbitrary Script Injection Vulnerability in CommonSense CMS 5.0 search.php Stack-based Buffer Overflow in JustSystems Corporation Ichitaro: Arbitrary Code Execution via Crafted RTF (pvpara ffooter) Unspecified Screen Lock Bypass Vulnerability in JustSystems Corporation ATOK and Just Smile PHP Remote File Inclusion Vulnerability in SkaDate Dating's index.php Allows Arbitrary Code Execution Webesse E-Card Extension 1.0.2 and Earlier for TYPO3 - Directory Traversal Vulnerability Unspecified Vulnerability in Skype Extras Manager Multiple SQL Injection Vulnerabilities in Docebo 3.6.0.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in AfterLogic WebMail Pro 4.7.10 and Earlier Cross-site scripting (XSS) vulnerability in Exponent CMS Contact Module SQL Injection Vulnerabilities in Dreamlevels DreamPoll 3.1 Login Action Dreamlevels DreamPoll 3.1 index.php Cross-Site Scripting (XSS) Vulnerability PHP Remote File Inclusion Vulnerability in All In One Control Panel (AIOCP) 1.4.001 Arbitrary SQL Command Execution in My Category Order Plugin for WordPress SQL Injection Vulnerabilities in PHP Live! 3.2.1 and 3.2.2 Arbitrary PHP Code Execution via Remote File Inclusion in Top Paidmailer's home.php SQL Injection Vulnerability in Swinger Club Portal's anzeiger/start.php Arbitrary PHP Code Execution via Remote File Inclusion in Swinger Club Portal Buffer Overflow Vulnerabilities in Addonics NAS Adapter NASU2FW41 FTP Server Remote Code Execution Vulnerability in Mercury Audio Player 1.21 via Malformed Playlist File Stack-based buffer overflows in Mercury Audio Player 1.21 via malformed playlist files Remote Code Execution Vulnerability in Beatport Player 1.0.0.0 Buffer Overflow Vulnerability in BrotherSoft EW-MusicPlayer 0.8 Stack-based Buffer Overflow in dicas Mpegable Player 2.12 via Long String in .YUV File Buffer Overflow Vulnerability in BrotherSoft BMXPlay 0.4.4b Sensitive Information Exposure in Winn ASP Guestbook 1.01 Beta Stack-based Buffer Overflow in Mini-stream RM Downloader Allows Remote Code Execution via Long String in .smi File Inappropriate Parent ACL Check Vulnerability in MoinMoin Unspecified vulnerability in ClickHeat plugin in phpMyVisites before 2.4 Arbitrary Code Execution Vulnerability in Adobe Reader 8.x and 9.x on Windows Insufficient Access Control in CNR Hikaye Portal 2.0 Allows Remote Database Download Sensitive Information Disclosure in YP Portal MS-Pro Surumu (aka MS-Pro Portal Scripti) 1.0 and 1.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Plohni Shoutbox 1.0 Arbitrary Code Execution Vulnerability in Warcraft III: The Frozen Throne Multiple format string vulnerabilities in tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 Default Password Vulnerability in httpdx FTP Server Component Unvalidated Orders Vulnerability in PayPal Website Payments Standard Functionality in Ubercart Module for Drupal Unspecified vulnerability in PayPal Website Payments Standard functionality in Ubercart module for Drupal CSRF Vulnerability in Ubercart Module for Drupal Unspecified Denial of Service Vulnerability in Sun Solaris 10 and OpenSolaris Format String Vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 Buffer Overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java: Remote Code Execution via GIF Image Processing APIs Denial of Service Vulnerability in Hitachi JP1/Automatic Job Management System 2, JP1/Integrated Management, and JP1/Cm2/SNMP System Observer Unspecified vulnerabilities in PDF distiller in BlackBerry Enterprise Server (BES) software and BlackBerry Professional Software PHP Remote File Inclusion Vulnerabilities in NukeHall 0.3 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpMyFAQ before 2.5.5 Hard-coded Password Vulnerability in TUKEVA Password Reminder Multiple Cross-Site Scripting (XSS) Vulnerabilities in Theeta CMS Multiple SQL Injection Vulnerabilities in Theeta CMS Arbitrary SQL Command Execution Vulnerability in Joaktree Component 1.0 for Joomla! SQL Injection Vulnerability in Quick News Component for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in Pligg before 1.0.3 CSRF Vulnerabilities in Pligg before 1.0.3 Allow Remote Authentication Hijacking Open Redirect Vulnerabilities in Pligg 1.0.2 and Earlier: Phishing Attacks and Arbitrary Website Redirection PHP Remote File Inclusion Vulnerabilities in MojoBlog Component RC 0.15 for Joomla! Directory Traversal Vulnerabilities in Sysax Multi Server 4.5 Multiple SQL Injection Vulnerabilities in Family Connections (FCMS) Before 1.8.2 SQL Injection Vulnerability in BandSite CMS 1.1.4: Remote Code Execution via memid Parameter Arbitrary PHP Code Execution via Unrestricted File Upload in BandSite CMS 1.1.4 Multiple SQL Injection Vulnerabilities in Community CMS 0.5 SQL Injection Vulnerabilities in Xlight FTP Server before 3.2.1 with ODBC Authentication SQL Injection Vulnerabilities in glFusion 1.1.2 and Earlier: ExecuteQueries Function in listfactory.class.php SQL Injection Vulnerability in browse.php in JobHut 1.2 and Earlier: Remote Code Execution via pk Parameter Multiple SQL Injection Vulnerabilities in Diskos CMS 6.x Insufficient Access Control in Diskos CMS 6.x Allows Remote Database Download Sysax Multi Server 4.3 and 4.5 Directory Traversal Vulnerability Unauthenticated Remote Post Creation and Deletion in EZ-Blog Beta 1 Arbitrary SQL Command Execution in TYPO3 Flat Manager Extension (flatmgr) 1.9.16 and Earlier Arbitrary SQL Command Execution in TYPO3 Accessibility Glossary Extension Arbitrary Script Injection in TYPO3 Calendar Base Extension Multiple SQL Injection Vulnerabilities in EZ-Blog Beta 1 Unauthenticated Access to Administrator Credentials in Digital Interchange Document Library 1.0.1 SQL Injection Vulnerabilities in Graugon PHP Article Publisher 1.0 Authentication Bypass Vulnerability in Graugon PHP Article Publisher 1.0 Arbitrary File Read Vulnerability in Easy File Sharing (EFS) Web Server 4.8 Authentication Bypass Vulnerability in Samhain's SRP Implementation Denial of Service Vulnerability in VMware Authentication Daemon Information Disclosure Vulnerability in Wolfram Research webMathematica Arbitrary Web Script Injection in MyBB 1.4.10 via myps.php WebMathematica Cross-Site Scripting (XSS) Vulnerability Directory Traversal Vulnerability in Serv-U: Unauthorized File Access Arbitrary File Read Vulnerability in MegaLab The Uploader 2.0 Arbitrary Code Execution via Unrestricted File Upload in Element-IT Ultimate Uploader 1.3 Arbitrary PHP Code Execution via Unrestricted File Upload in PHPSimplicity Simplicity oF Upload 1.3.2 Arbitrary Code Execution via Unrestricted File Upload in PHPhotoalbum Insufficient Access Control in Angelo-Emlak 1.0 Allows Remote Database Download Unauthenticated Remote Access and Control Vulnerability in D-Link DIR-615 Firmware 3.10NA Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kasseler CMS 1.3.4 Arbitrary Web Script Injection Vulnerability in cPanel 11.0 through 11.24.7 Unspecified Image Upload Vulnerability in Kolab Webclient Insufficient Access Control Allows Remote Download of Sensitive Database CSRF Vulnerability in ScriptsEz Mini Hosting Panel Allows Remote Authentication Hijacking CSRF Vulnerability in Mail Manager Pro Allows Remote Password Hijacking CSRF Vulnerability in Ad Manager Pro 3.0 Allows Unauthorized Creation of Administrative Users Arbitrary Script Injection Vulnerability in Automated Logout Module for Drupal Authentication Bypass Vulnerability in OpenX 2.8.1 and 2.8.2 Trillian 3.1 Basic SSL Certificate Validation Vulnerability Privilege Escalation Vulnerability in DESlock+ 4.0.2's dlpcrypt.sys Kernel Driver Unverified SSL Certificate Vulnerability in MySQL Connector/NET Arbitrary PHP Code Execution Vulnerability in Zeroboard 4.1 pl7 Denial of Service Vulnerability in libsndfile 1.0.20 Eval Injection Vulnerability in Movie PHP Script 2.0: Remote Code Execution via anticode Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in BASE 1.4.3.1 and Earlier SQL Injection Vulnerability in BASE (Basic Analysis and Security Engine) before 1.4.3.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in BASE Heap-based Buffer Overflow in Roxio CinePlayer 3.2 IAManager ActiveX Control Heap-based buffer overflow in SonicMediaPlayer ActiveX control in Roxio CinePlayer 3.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ToutVirtual VirtualIQ Pro 3.5 Build 8691 Unauthenticated Remote Command Execution in ToutVirtual VirtualIQ Pro Unrestricted Access to /status URI in ToutVirtual VirtualIQ Pro 3.2 build 7882 Cleartext SSH Credentials Vulnerability in ToutVirtual VirtualIQ Pro 3.2 build 7882 Buffer Overflow Vulnerabilities in Deliantra Server before 2.82 Denial of Service Vulnerability in Deliantra Server 2.82 Multiple Cross-Site Scripting (XSS) Vulnerabilities in ToutVirtual VirtualIQ Pro Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in ToutVirtual VirtualIQ Pro Remote Code Execution in Awingsoft Awakening Winds3D Viewer Plugin 3.5.0.9 Arbitrary Activation Bypass in XOOPS Profiles Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in SemanticScuttle before 0.94.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in JumpBox for Foswiki Wiki System (Version 1.1.2 and earlier) Arbitrary Command Execution in TalkBack 2.3.14 via addons/import.php SQL Injection Vulnerability in TYPO3 4.0 index.php via showUid Parameter Arbitrary Script Injection in PHP Easy Shopping Cart 3.1R subitems.php Arbitrary Web Script Injection in PHP Photo Vote 1.3F Login Page Arbitrary Web Script Injection Vulnerability in Yahoo Answers Clone Multiple Cross-Site Scripting (XSS) Vulnerabilities in Online Work Order Suite (OWOS) Lite Edition 3.10 SQL Injection Vulnerability in Typing Pal 1.0 and Earlier: Remote Code Execution via idTableProduit Parameter in demo.php Arbitrary Web Script Injection in SupportPRO SupportDesk 3.0 via PATH_INFO Multiple SQL Injection Vulnerabilities in Alwasel 1.5: Remote Code Execution via id Parameter in show.php and xml.php UltraPlayer Media Player 2.112 Stack-based Buffer Overflow Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in I-Escorts Directory Script and Agency Script Multiple SQL Injection Vulnerabilities in I-Escorts Directory Script and Agency Script Cross-Site Scripting (XSS) Vulnerability in MSA Simple Search 1.0 Buffer Overflow Vulnerability in Tuniac 090517c via Long URL in .m3u Playlist File Cross-site scripting (XSS) vulnerability in Hitron Soft Answer Me 1.0 Arbitrary Script Injection in Nasim Guest Book 1.2 via index.php SQL Injection Vulnerabilities in PHPCityPortal Login Page SQL Injection Vulnerability in Logoshows BBS 2.0: Remote Code Execution via globepersonnel_forum.asp SQL Injection Vulnerabilities in Logoshows BBS 2.0: Remote Code Execution via globepersonnel_login.asp Stack-based Buffer Overflow in Rhino Software Serv-U Web Client 9.0.0.5: Remote Code Execution and Denial of Service Vulnerability Remote Code Execution in TalkBack 2.3.14 via Unrestricted Access to Edit Comment Feature Denial of Service Vulnerability in FCKeditor.Java 2.4 Arbitrary Page Modification Vulnerability in Netrix CMS 1.0 Cross-Site Request Forgery (CSRF) Vulnerabilities in WebGUI before 7.7.14 Unspecified File Access Vulnerability in Novell Access Manager Administration Console Bypassing Access Restrictions through X.509 Authentication in Novell Access Manager Integer overflows in strfmon implementation in glibc 2.10.1 and earlier leading to denial of service Integer Overflow in strfmon_l.c in GNU C Library (glibc) Allows Denial of Service Arbitrary Web Script Injection in ZoneCheck 2.0.4-13 and 2.1.0 SQL Injection Vulnerability in PHPRecipeBook 2.24 and 2.39: Remote Code Execution via index.php Multiple SQL Injection Vulnerabilities in phpCommunity 2 2.1.8 Arbitrary Code Injection through XSS Vulnerability in phpCommunity 2 2.1.8 Login Template Directory Traversal Vulnerabilities in phpCommunity 2 2.1.8 Remote File Inclusion Vulnerability in CMS S.Builder 3.7 and Earlier Arbitrary Web Script Injection in PHortail 1.2.1 poster.php SQL Injection Vulnerability in Book Panel Module of PHP-Fusion: Remote Code Execution via bookid Parameter Cross-Site Scripting (XSS) Vulnerabilities in vBook 4.2.17 Login Application CS-Cart 2.0.0 Beta 3 SQL Injection Vulnerability in index.php SQL Injection Vulnerability in WEBjump! Content Management System Buffer Overflow Vulnerability in UnrealIRCd 3.2beta11 through 3.2.8 Cross-Site Scripting (XSS) Vulnerabilities in PunBB Profile.php Race condition vulnerability in tty_fasync function in Linux kernel before 2.6.32.6 Directory Traversal Vulnerabilities in mlmmj-php-admin Buffer Overflow in Ghostscript 8.64 and Earlier: Remote Code Execution and Denial of Service Vulnerability CSRF Vulnerability in TWiki before 4.3.2 Allows Remote Authentication Hijacking Critical SQL Injection Vulnerability in Pixelpost 1.7.1 XSS Vulnerability in Pixelpost 1.7.1 Buffer Over-read Vulnerability in PC/SC Smart Card Daemon (PCSCD) Buffer Overflow in MSGFunctionDemarshall Function in PC/SC Smart Card Daemon (PCSCD) in MUSCLE PCSC-Lite 1.5.4 and Earlier Cross-Site Scripting (XSS) Vulnerability in oBlog's index.php Denial of Service Vulnerability in oBlog's article.php Allows Blog Spam Acc Statistics 1.1 - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities CSRF Vulnerability in Acc PHP eMail 1.1 Allows Password Hijacking oBlog Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities Multiple Cross-Site Scripting (XSS) Vulnerabilities in oBlog Brute-Force Password Guessing Vulnerability in oBlog's admin/index.php Cisco ASA 5580 Series WebVPN Portal Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Cisco ASA 5580 Series Devices (Bug ID CSCsm77958) Unauthorized SSL Handshake Bypass Vulnerability in Cisco ASA 5580 Series Devices IPv6 Bypass Vulnerability in Cisco ASA 5580 Series Devices Denial of Service Vulnerability in Cisco ASA 5580 Series Devices (Bug ID CSCsq17879) Denial of Service Vulnerability on Cisco ASA 5580 Series Devices (Bug ID CSCsq68451) Denial of Service Vulnerability in Cisco ASA 5580 Series Devices (Bug ID CSCsq80095) Denial of Service Vulnerability on Cisco ASA 5580 Series Devices (Bug ID CSCsr65901) Denial of Service Vulnerability in Cisco ASA 5580 Series Devices (Bug ID CSCsr74439) Buffer Overflow Vulnerability in Cisco ASA 5580 Series Devices (Bug ID CSCsu43121) Denial of Service Vulnerability in CTM on Cisco ASA 5580 Series Devices Denial of Service Vulnerability in Cisco ASA 5580 Series Devices (Bug ID CSCsm84110) Denial of Service Vulnerability on Cisco ASA 5580 Series Devices (Bug ID CSCso15583) Denial of Service Vulnerability in Cisco ASA 5580 Series Devices Cross-Site Scripting (XSS) Vulnerability in python-cjson 1.0.5 SQL Injection Vulnerabilities in Creasito E-commerce Content Manager 1.3.16 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Online Contact Manager 3.0 Remote Authentication Bypass Vulnerability in WB News 2.1.2 TotalCalendar 2.4 PHP Remote File Inclusion Vulnerability Unauthenticated Password Change Vulnerability in TotalCalendar 2.4 Arbitrary Web Script Injection in SunGard Banner Student System 7.4 Stack-based Buffer Overflow in Groovy Media Player 1.1.0 via Long String in .m3u Playlist File 1by1 1.67 Stack-Based Buffer Overflow Vulnerability SQL Injection Vulnerabilities in EZ Webitor Login Page Arbitrary Script Injection in Online Photo Pro 2.0 via section Parameter SQL Injection Vulnerability in OGP_Show.php in Online Guestbook Pro Multiple SQL Injection Vulnerabilities in Small Pirate (SPirate) 2.1 Arbitrary Script Injection via onmouseover Action in SPirate 2.1 SQL Injection Vulnerability in JVideo! Component for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in AdPeeps 8.5d1 SQL Injection Vulnerability in Zeus Cart 2.3 and Earlier: Remote Code Execution via maincatid Parameter ATRC ACollab 1.2 Sign_in.php Cross-Site Scripting (XSS) Vulnerability ACollab 1.2 Cross-Site Request Forgery (CSRF) Vulnerability Allows Unauthorized Agenda Item Addition Information Disclosure in AdPeeps 8.5d1 via Invalid uid Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in ATRC ACollab 1.2 Default Password Vulnerability in AdPeeps 8.5d1 Directory Traversal Vulnerability in Joomla! Messaging Component (com_messaging) before 1.5.1 SQL Injection Vulnerability in frmLoginPwdReminderPopup.aspx in Q2 Solutions ConnX 4.0.20080606 Unspecified Cross-Site Scripting (XSS) Vulnerability in TYPO3 Store Locator Extension Arbitrary SQL Command Execution in TYPO3 Store Locator Extension Arbitrary SQL Command Execution in A21glossary Advanced Output Extension for TYPO3 Unspecified Information Disclosure Vulnerability in ClickStream Analyzer Extension Unspecified impact directory traversal vulnerability in TYPO3 Directory Listing (dir_listing) extension 1.1.0 and earlier Arbitrary Web Script Injection in TYPO3 Userdata Create/Edit Extension Arbitrary SQL Command Execution in Versatile Calendar Extension [VCE] (sk_calendar) Extension Arbitrary SQL Command Execution in ultraCards Extension for TYPO3 Arbitrary Code Injection through Cross-Site Scripting (XSS) in TYPO3 Visitor Tracking Extension Interspire ActiveKB loadpanel.php Directory Traversal Vulnerability SQL Injection Vulnerability in EMO Breeder Manager's video.php Allows Remote Code Execution Arbitrary SQL Command Execution Vulnerability in T3M E-Mail Marketing Tool Lanai Core 0.6 Directory Traversal Vulnerability in modules/backup/download.php Information Disclosure Vulnerability in Lanai Core 0.6 via info.php Fat Player 0.6b Stack-Based Buffer Overflow Vulnerability Arbitrary Code Injection through Cross-Site Scripting (XSS) in TYPO3 Commerce Extension Remote Code Execution Vulnerability in KSP 2006 FINAL via Long String in .M3U Playlist File Remote Code Execution via SQL Injection in AIRware Lexicon Extension for TYPO3 Arbitrary SQL Command Execution in AST ZipCodeSearch Extension 0.5.4 for TYPO3 Arbitrary SQL Command Execution in Car Extension for TYPO3 Arbitrary SQL Command Execution in TYPO3 Event Registration Extension Arbitrary SQL Command Execution Vulnerability in Solidbase Bannermanagement Extension 1.0.1 for TYPO3 Arbitrary SQL Command Execution Vulnerability in t3m_affiliate Extension 0.5.0 for TYPO3 Remote Code Execution via SQL Injection in AJAX Chat (vjchat) Extension for TYPO3 Arbitrary Script Injection in SimpleID Login Page (index.php) TotalCalendar 2.4 - SQL Injection Vulnerability in rss.php TotalCalendar 2.4 - Directory Traversal Vulnerability in box_display.php Universal Cross-Site Scripting (XSS) Vulnerability in QtDemoBrowser Universal Cross-Site Scripting (XSS) Vulnerability in KWebKitPart MyBackup 1.4.0 - PHP Remote File Inclusion Vulnerability in index.php MyBackup 1.4.0 - Directory Traversal Vulnerability in down.php SQL Injection Vulnerabilities in Photokorn Gallery 1.81 and Earlier Versions Cross-Site Scripting (XSS) Vulnerabilities in Photokorn Gallery 1.81 and Earlier CSRF Vulnerabilities in Photokorn Gallery 1.81 Allow Remote Authentication Hijacking SQL Injection Vulnerability in Irokez CMS 0.7.1: Remote Code Execution via PATH_INFO Multiple Cross-Site Scripting (XSS) Vulnerabilities in Silurus Classifieds 1.0 Cross-Site Scripting (XSS) Vulnerabilities in Accessories Me PHP Affiliate Script 1.4 SQL Injection Vulnerability in Accessories Me PHP Affiliate Script 1.4: Remote Code Execution via Go Parameter Arbitrary File Read Vulnerability in In-Portal 4.3.1 Authentication Bypass Vulnerability in Scripteen Free Image Hosting Script 2.3 Remote Code Execution Vulnerability in SAP Business One 2005 A 6.80.123 and 6.80.320 AJ Auction Pro OOPD 3.0 - Cross-Site Scripting (XSS) Vulnerability in index.php Arbitrary Script Injection Vulnerability in Drupal Webform Report Module Arbitrary Web Script Injection Vulnerability in Omnistar Recruiting's users/resume_register.php SQL Injection Vulnerability in LM Starmail Paidmail 2.0's paidbanner.php Allows Remote Code Execution Remote File Inclusion Vulnerability in LM Starmail Paidmail 2.0 home.php XSS Vulnerability in SmarterTools SmarterTrack Allows Injection of Arbitrary Web Script or HTML XSS Vulnerability in SmarterTrack's frmTickets.aspx Allows Arbitrary Script Injection Lack of Screen Locking in Xfce4-session 4.5.91 Insecure Screen Locking in gnome-power-manager 2.27.92 Bypassing Access Restrictions in IBM FileNet P8 Application Engine Arbitrary Web Script Injection Vulnerability in IBM FileNet P8 Application Engine Cross-Site Scripting (XSS) Vulnerabilities in IBM FileNet P8 Application Engine (P8AE) Workplace Component Privilege Escalation in IBM FileNet P8 Application Engine Unrecorded Get Content Failure Audit Events in IBM FileNet P8 Application Engine SQL Injection Vulnerability in e-soft24 Banner Exchange Script 1.0: Remote Code Execution via click.php Vulnerability: qpid-cpp 1.0 Crashes with Large Message and Digest-MD5 Security Layer Denial of Service Vulnerability in Apache Qpid's Cluster::deliveredEvent Function Denial of Service Vulnerability in Apache Qpid's SessionAdapter::ExchangeHandlerImpl::checkAlternate Function Arbitrary File Overwrite Vulnerability in Cisco AnyConnect SSL VPN Client for Linux Bypassing Policy Restrictions in Cisco Secure Desktop (CSD) and AnyConnect SSL VPN Server Double Free Vulnerability in OpenConnect: Remote Denial of Service and Possible Other Impacts FTPHandler Class Race Condition Vulnerability FTPHandler Class Denial of Service Vulnerability in pyftpdlib FTP Server Directory Listing Bypass Vulnerability Memory Leak in pyftpdlib's on_dtp_close Function Allows Remote DoS Weak Cookie Salt Vulnerability in TurboGears2 (tg2) 2.0.2 and Earlier Unprotected Controller Method Exposure in TurboGears2 Integer Overflow in xml_utf8_decode Function in PHP Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox before 3.6 Beta 3 Stack-based Buffer Overflow in gif2png.c in gif2png 2.5.3 and Earlier Insufficient Access Control in Web Wiz NewsPad Allows Remote Database Download Open Redirect Vulnerability in AWStats Cobbler before 1.6.1 Default Password Vulnerability Heap-based Buffer Overflow in LibTIFF OJPEG Decoder Arbitrary File Write Vulnerability in Fail2ban Action Configuration Files Bypassing row_limit Configuration in ViewVC Allows Resource-Consumption Attacks PyForum v1.0.3 Backdoor Vulnerability: Unauthorized Password Reset Arbitrary SQL Command Execution via Custom Comments in MySQL Slave Configuration Stack-based Buffer Overflow in Namazu: Remote Code Execution Vulnerability Integer Overflow in glibc's __tzfile_read Function Allows Denial of Service and Possible Code Execution Memory Corruption and Arbitrary Code Execution Vulnerability in OpenJPEG ModSecurity before 2.5.11 Vulnerability: Bypassing Filtering Rules and XSS Attacks via Single Quote in Content-Disposition Field Unencrypted E-mail Vulnerability in IBM Lotus Notes Traveler Improper Handling of * * Argument Sequence in IBM Lotus Notes Traveler Allows Unauthorized Data Access Denial of Service Vulnerability in IBM Lotus Notes Traveler Improper Handling of Outgoing E-mail Messages in Nokia Client for IBM Lotus Notes Traveler Denial of Service Vulnerability in IBM Lotus Notes Traveler Denial of Service Vulnerability in Cisco ASA 5500 Series Devices Denial of Service Vulnerability in Cisco IOS before 15.0(1)XA Memory Leak in Cisco IOS H.323 Implementation Allows Remote DoS Denial of Service Vulnerability in CallManager Express (CME) on Cisco IOS Overkill: Buffer Overflow Exploit through Long Player Names Causing Server Data Corruption Insecure Usage of Temporary Files in python-docutils Quotation Mark Vulnerability in Burn: Escaping File Names Local File Overwrite Vulnerability in GNU troff (groff) via pdfmark/pdfroff.sh Jetty Servlet Information Leak Vulnerability (CVE-XXXX-XXXX) JSP Dump and Session Dump Servlet XSS Vulnerability in Jetty 6.1.22 and Earlier Jetty Cookie Dump Servlet Stored XSS Vulnerability Jetty WebApp JSP Snoop Page XSS Vulnerability Denial of Service Vulnerability in Konversation before 1.2.3 Insecure Session Cookie Handling in Hastymail2 before RC 8 Unspecified Vulnerabilities in Smarty before 3.0.0 beta 6 Arbitrary PHP Code Execution Vulnerability in Smarty Inadequate Permission Handling in Smarty before 3.0.0 beta 4 Vulnerability in OTRS Ticket Access Control Bypassing Access Restrictions in OTRS Ticket System Inadequate Entropy Configuration in S/MIME Feature of OTRS Denial of Service Vulnerability in IBM Lotus Quickr 8.1 Denial of Service Vulnerability in IBM Lotus Quickr 8.1 Denial of Service Vulnerability in IBM Lotus Quickr 8.1 Denial of Service Vulnerability in IBM Lotus Quickr 8.1 Denial of Service Vulnerability in IBM Lotus Quickr 8.1 (SPR JRIE7VKMP9) Memory Leak in libpng's embedded_profile_len Function Privilege Escalation via Modified Loader in GNU C Library (glibc) 2.13 and Earlier Arbitrary Script Injection via Nested CDATA in Universal Feed Parser Command-line argument vulnerability in twiddle.sh in JBoss AS 5.0 and EAP 5.0 and earlier allows local users to read credentials Directory Traversal Vulnerability in html2ps Allows Remote File Read File Disclosure Vulnerability in SMF (Simple Machines Forum) Allows Unauthorized Access to Database Passwords Unspecified Vulnerability in Palm Pre WebOS: Contact Template File Exploit Memory Leak Vulnerability in IBM Tivoli Directory Server (TDS) 6.0 Denial of Service Vulnerability in IBM Tivoli Directory Server (TDS) 6.0 Unspecified vulnerability in MojoX::Dispatcher::Static implementation in Mojolicious before 0.991250 Denial of Service Vulnerability in Monkey's Audio 4.02 and earlier Authentication Bypass Vulnerability in CRE Loaded eCommerce Platform Authentication Bypass and Privilege Escalation in CRE Loaded before 6.2.14 Arbitrary File Manipulation Vulnerability in GNU troff (groff) before 1.21 Arbitrary File Overwrite Vulnerability in GNU troff (groff) 1.21 and Earlier Arbitrary File Overwrite Vulnerability in GNU troff (groff) 1.21 and Earlier Insufficient X Characters in GNU troff's tempfile Function Insecure Temporary File Creation in GNU troff (groff) 1.20.1 on Openwall GNU/*/Linux (Owl) OpenID Authentication Bypass in IBM Tivoli Federated Identity Manager Cleartext Password Logging Vulnerability in IBM Tivoli Federated Identity Manager (TFIM) Cookie Retention Vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 Arbitrary Web Script Injection Vulnerability in Juniper IDP's Appliance Configuration Manager (ACM) Directory Traversal Vulnerability in Geovision Digital Video Surveillance System 8.2 SQL Injection Vulnerability in IdeaCart 0.02: Remote Code Execution via cID Parameter Arbitrary File Read Vulnerability in IdeaCart 0.02 and 0.02a SQL Injection Vulnerability in editcomments.php in Bloggeruniverse Beta 2 SQL Injection Vulnerability in Vlinks 1.0.3 and 1.1.6: Remote Code Execution via id Parameter in page.php Arbitrary Code Injection through Microsoft FAST ESP Management Interface Arbitrary File Read Vulnerability in Gästebuch 1.6 SQL Injection Vulnerability in CMS Faethon 2.2.0 Ultimate: Remote Code Execution via info.php Remote File Inclusion Vulnerability in ea gBook 0.1 and 0.1.4 Arbitrary Script Injection in Flag Content Module for Drupal Arbitrary JavaScript Execution in Palm Pre WebOS 1.1 and Earlier Denial of Service Vulnerability in LunaSysMgr Process in Palm Pre WebOS Arbitrary Web Script Injection Vulnerability in Pentaho BI Server Pentaho BI Server Vulnerability: Password Exposure through Autocomplete Session ID Exposure in Pentaho BI Server 1.7.0.1062 and Earlier SQL Injection Vulnerability in ATCOM Netvolution 1.0 ASP: Remote Code Execution via bpe_nid Parameter ATCOM Netvolution 1.0 ASP Email Variable Cross-Site Scripting (XSS) Vulnerability Remote Code Execution Vulnerability in Mini-Stream Ripper 3.0.1.1 via Long Entry in .pls File Denial of Service Vulnerability in dhttpd via Partial HTTP Requests Denial of Service Vulnerability in GoAhead WebServer via Partial HTTP Requests Information Disclosure Vulnerability in WebGlimpse 2.18.7 and Earlier Arbitrary Web Script Injection Vulnerability in WebGlimpse 2.18.7 and Earlier WebGlimpse Directory Traversal Vulnerability Arbitrary File Overwrite Vulnerability in McAfee Common Management Agent (CMA) and McAfee Agent Authentication Bypass Vulnerability in McAfee LinuxShield 1.5.1 and Earlier Information Disclosure Vulnerability in McAfee Host Data Loss Prevention (DLP) Untrusted Search Path Vulnerability in McAfee VirusScan Enterprise Weak SSL Ciphers Enabled in Apache Tomcat in Websense Manager: A Network Sniffing Vulnerability Arbitrary Source IP Address Vulnerability in Apache Tomcat in Websense Manager Bypassing Sender-Based Blacklist in Websense Email Security 7.1 Information Disclosure Vulnerability in Websense Email Security's Personal Email Manager Component Denial of Service Vulnerability in Comodo Internet Security Denial of Service Vulnerability in Comodo Internet Security Bypassing Malware Detection in Comodo Internet Security via RAR Archive Manipulation Denial of Service Vulnerability in Comodo Internet Security Denial of Service Vulnerability in Comodo Internet Security Denial of Service Vulnerability in Websense V10000 Appliance Denial of Service Vulnerability in Websense V10000 Appliance Denial of Service Vulnerability in Websense Email Security Rules Service Bypassing Access Restrictions in Websense Email Security Denial of Service Vulnerability in Websense Web Security and Web Filter Buffer Overflow in uTorrent Create Torrent Dialog Functionality XML External Entity (XXE) Vulnerability in Java XML Parser of Echo Denial of Service Vulnerability in Condor Policy Definition Evaluator Remote Code Execution Vulnerability in Mini-stream CastRipper 2.50.70 via Long URL in .pls File Vulnerability: GnuTLS X.509 V1 Certificate Bypass SIP Digest Leak Vulnerability in Gizmo5 Software Phone SIP Digest Leak Vulnerability in Linksys SPA2102 Phone Adapter Format String Vulnerability in War FTP Daemon (warftpd) 1.82 RC 12: Remote Crash via LIST Command Arbitrary Web Script Injection Vulnerability in TimThumb.php Unsecured Default Password Vulnerability in GE Healthcare Discovery 530C Xeleris System Client Certificate Spoofing Vulnerability in mod-gnutls ZMI Pages Cross-Site Scripting (XSS) Vulnerability in Zope Tainted Library Name Vulnerability in Ruby Predictable Technician Passwords in Arris DG860A, TG862A, and TG862G Devices Vulnerability: Unauthorized Communication and Arbitrary Code Execution in Absolute Computrace Agent Vulnerability: Unauthenticated Code Execution on BIOS via Absolute Computrace Agent V70.785 Race Condition Vulnerability in Absolute Computrace Agent on Dell Inspiron Systems Stack Buffer Overflow in Novell NetWare NFS Portmapper Daemon Default Password Vulnerability on MOBOTIX S14 MX-V4.2.1.61 Devices Vulnerability: Misparse of Alternatives in GNU C Library (glibc) before 2.28 Command Injection Vulnerability in ASMAX AR-804gu 66.34.1 Devices Authenticated Command Injection Vulnerability in Linksys WAG54G2 1.00.10 Devices via setup.cgi c4_ping_ipaddr Variable Insufficient HTML Sanitization in Google-Analyticator Plugin for WordPress Cross-Site Scripting (XSS) Vulnerability in Invision Power Board (IPB) 2.x through 3.0.4 via .txt Attachment in Internet Explorer 5