Vulnerability Index: Year 2010

Integer Underflow in LZW Compression Algorithm Vulnerability: Command Injection via Crafted Filename in Mandriva Bash Package Arbitrary Memory Disclosure and Denial of Service Vulnerability in Linux Kernel Information Disclosure Vulnerability in ViewVC Bypassing Access Restrictions in ViewVC Query Interface Denial of Service Vulnerability in Linux Kernel's ipv6_hop_jumbo Function Arbitrary Network-Traffic Filtering Bypass in Linux Kernel Denial of Service Vulnerability in Linux Kernel SCTP Implementation Timing-based Information Disclosure Vulnerability in Apache CouchDB Integer Overflow in ap_proxy_send_fb Function in Apache HTTP Server Remote Code Execution Vulnerability in Uzbl's eval_js Function Directory Traversal Vulnerability in Transmission 1.22, 1.34, 1.75, and 1.76 Directory Traversal Vulnerability in MSN Protocol Plugin in Pidgin and Adium Authentication Bypass Vulnerability in SSSD Information Leakage: Obtaining Encrypted NIS Account Passwords via getpwnam Function SMB Client Pool Corruption Vulnerability SMB Client Race Condition Vulnerability Microtype Express Compressed Fonts Integer Flaw in LZCOMP Decompressor Vulnerability Microsoft Silverlight Memory Corruption Vulnerability SMB Pathname Overflow Vulnerability SMB Race Condition Denial of Service Vulnerability SMB Null Pointer Vulnerability CSRSS Local Privilege Elevation Vulnerability SMTP Server MX Record Vulnerability SMTP Memory Allocation Vulnerability Hyper-V Instruction Set Validation Vulnerability URL Validation Vulnerability MS Paint JPEG Integer Overflow Vulnerability PowerPoint File Path Handling Buffer Overflow Vulnerability PowerPoint LinkedSlideAtom Heap Overflow Vulnerability PowerPoint OEPlaceholderAtom 'placementId' Invalid Array Indexing Vulnerability OEPlaceholderAtom Use After Free Vulnerability in Microsoft Office PowerPoint 2002 and 2003 Microsoft Office PowerPoint 2003 SP3 TextBytesAtom Record Stack Overflow Vulnerability Microsoft Office PowerPoint 2003 SP3 Stack-based Buffer Overflow Vulnerability Kerberos Null Pointer Dereference Vulnerability Buffer Overflow in CoreAudio: Remote Code Execution and Denial of Service Vulnerability in Apple Mac OS X 10.5.8 and 10.6.2 Buffer Overflow in Image RAW Processing in Apple Mac OS X 10.5.8 and 10.6.2 USB Control Message Vulnerability in Apple iPhone OS 1.0 through 3.1.2 and iPhone OS for iPod touch 1.1 through 3.1.2 ALG Vulnerability: Arbitrary Intranet TCP Traffic Exploitation on Apple Time Capsule, AirPort Extreme, and AirPort Express Base Stations ColorSync Integer Overflow Vulnerability Memory Access Vulnerability in Apple Safari and iTunes on Windows Memory Access Vulnerability in Apple Safari and iTunes on Windows Arbitrary Code Execution and Denial of Service Vulnerability in Apple Safari and iTunes Cookie Tracking Vulnerability in Apple Safari Arbitrary Code Execution via URL Scheme Validation Vulnerability in Apple Safari on Windows Arbitrary Code Execution and Denial of Service Vulnerability in WebKit CSS Implementation Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 WebKit Use-After-Free Vulnerability in Apple Safari 4.0.5 WebKit Use-After-Free Vulnerability in Apple Safari with RTL Text Directionality Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 Cross-Origin Stylesheet Loading Vulnerability in Apple Safari Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5: Remote Code Execution and Denial of Service Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5: Remote code execution and denial of service via run-in CSS display property Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5: Remote code execution and denial of service via HTML IMG elements Insecure Package Signature Validation in Apple Mac OS X 10.5.8 Cocoa Spell Checking Buffer Overflow Vulnerability in Mac OS X 10.5.8 Guest Access Bypass Vulnerability in Apple Mac OS X AFP Server Incorrect launchd.plist ProgramArguments key in freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update 2009-005 Vulnerability Buffer Overflow Vulnerability in CoreAudio on Apple Mac OS X Remote Code Execution and Denial of Service Vulnerability in CoreAudio on Apple Mac OS X Heap-based Buffer Overflow in QuickTime.qts in CoreMedia and QuickTime in Apple Mac OS X Incomplete Blacklist Vulnerability in CoreTypes in Apple Mac OS X File Ownership Bypass Vulnerability in Apple Mac OS X 10.6 Arbitrary Code Execution and Denial of Service Vulnerability in Apple Mac OS X Disk Images Unspecified Remote Integrity Vulnerability in Oracle Access Manager Identity Server Unspecified Confidentiality Vulnerability in Oracle Containers for J2EE Component Unspecified Confidentiality Vulnerability in BEA WebLogic Server Unspecified Remote Integrity Vulnerability in BEA WebLogic Server Unspecified Remote Integrity Vulnerability in Oracle Containers for J2EE Component Unspecified Remote Vulnerability in Oracle Database Listener Component Unspecified vulnerability in Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 Unspecified Remote Code Execution Vulnerability in Oracle WebLogic Server Unspecified Remote Code Execution Vulnerability in WebLogic Server Component Unspecified Confidentiality Vulnerability in Oracle HRMS (Self Service) Component Unspecified vulnerability in Oracle Database Application Express Application Builder component Unspecified vulnerability in Oracle E-Business Suite CRM Technical Foundation (mobile) component Unspecified Remote Code Execution Vulnerability in BEA WebLogic Server Multiple vulnerabilities in JRockit component in BEA Product Suite R27.6.5: Confidentiality, Integrity, and Availability Impact Unspecified vulnerability in PeopleSoft Enterprise HCM - eProfile component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 Bundle, #21 and 9.0 Bundle #11 Unspecified Integrity Vulnerability in Oracle Fusion Middleware Application Server Control Unspecified vulnerability in Oracle Java SE and Java for Business allows remote attackers to affect confidentiality, integrity, and availability Unspecified Remote Vulnerability in Oracle OpenSolaris 8, 9, and 10 Unspecified Remote Confidentiality Vulnerability in Oracle Java SE Unspecified Remote Code Execution Vulnerability in Oracle Java SE Unspecified Remote Integrity Vulnerability in Oracle Fusion Middleware Portal Component Unspecified vulnerability in Java Web Start and Java Plug-in component in Oracle Java SE and Java for Business Unspecified Remote Code Execution Vulnerability in Oracle Java SE Unspecified Remote Code Execution Vulnerability in Java Web Start and Java Plug-in Unspecified Remote Code Execution Vulnerability in Java Web Start and Java Plug-in Unspecified Remote Confidentiality Vulnerability in Oracle Java SE Unspecified Remote Code Execution Vulnerability in Java Runtime Environment Unspecified Remote Code Execution Vulnerability in Java Runtime Environment Unspecified Remote Code Execution Vulnerability in Java Runtime Environment Unspecified Remote Code Execution Vulnerability in Java Runtime Environment DNSSEC Validation Bypass Vulnerability in ISC BIND 9.x Vulnerability: Bypassing Virus Detection in ClamAV with Crafted Archives Denial of Service Vulnerability in Lexmark Printers and MarkNet Devices via Malformed HTTP Authorization Header Backdoor Exploit in Energizer DUO USB Battery Charger Software Remote Code Execution Vulnerability in Broadcom Integrated NIC Management Firmware Denial of Service Vulnerability in Apple Mac OS X 10.5.8 and 10.6.x Denial of Service Vulnerability in Symantec AntiVirus and Client Security Buffer Overflow Vulnerability in Symantec Products (SYMLTCOM.dll) Buffer Overflow in Symantec Client Proxy ActiveX Control Denial of Service Vulnerability in Symantec Altiris Deployment Solution 6.9.x Multiple stack-based buffer overflows in Intel Alert Management System (AMS) in Symantec products allow remote code execution Arbitrary Code Execution via UNC Share Pathname in Intel Alert Handler Service Multiple SQL Injection Vulnerabilities in Symantec IM Manager Administrative Interface Information Leakage in Symantec Norton Mobile Security Application 1.0 Beta for Android Arbitrary Code Execution and Script Overwrite Vulnerability in Symantec Endpoint Protection SQL Injection Vulnerability in Symantec Web Gateway 4.5 Login GUI Heap-based Buffer Overflow in RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows via Crafted QCP File Arbitrary Code Execution via Crafted MP4 Content in RealPlayer 11.0-11.1 and RealPlayer SP 1.0-1.1.4 Arbitrary File Overwrite Vulnerability in Bournal before 1.4.1 Command Line Key Exposure Vulnerability in Bournal before 1.4.1 on FreeBSD 8.0 Heap-based Buffer Overflow in RealPlayer 11.0-11.1 and RealPlayer SP 1.0-1.1.4 on Windows Unspecified Initialization Vulnerability in RealPlayer SQL Injection Vulnerabilities in Employee Timeclock Software 0.99: Remote Code Execution Insecure Storage of Sensitive Data in Employee Timeclock Software 0.99 Insecure Database Password Exposure in Employee Timeclock Software 0.99 Spectral Data Parsing Vulnerability in RealPlayer Heap-based Buffer Overflow in Autonomy KeyView Library Allows Remote Code Execution Memory Corruption Vulnerability in Adobe Shockwave Player Integer Signedness Error in dirapi.dll in Adobe Shockwave Player and Adobe Director Integer Overflow Vulnerability in Adobe Shockwave Player Arbitrary Code Execution via Integer Overflow in Adobe Shockwave Player Arbitrary Code Execution Vulnerability in SpreadSheet Lotus 123 Reader Arbitrary Script Injection in ViewVC 1.1 and 1.0 Stack-based Buffer Overflows in Autonomy KeyView's Lotus 123 Reader (wkssr.dll) Buffer Overflow in Autonomy KeyView Allows Remote Code Execution Heap-based Buffer Overflow in WordPerfect 5.x Reader (wosr.dll) in Autonomy KeyView 10.4 and 10.9 Arbitrary Macro Execution Vulnerability in OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 Denial of Service Vulnerability in Cisco IOS XR SSH Server (CSCsu10574) Buffer Overflow Vulnerability in CiscoWorks IPM 2.6 and Earlier on Windows SQL Injection Vulnerability in Cisco Unified MeetingPlace 7 and 6 Unspecified Remote Account Creation Vulnerabilities in Cisco Unified MeetingPlace User Data Disclosure Vulnerability in Cisco Unified MeetingPlace 6 and possibly 5 Privilege Escalation Vulnerability in Cisco Unified MeetingPlace 6 and Possibly 5 (Bug ID CSCsv66530) Arbitrary File Reading Vulnerability in Cisco IronPort Encryption Appliance Arbitrary File Reading Vulnerability in Cisco IronPort Encryption Appliance Unspecified Remote Code Execution Vulnerability in Cisco IronPort Encryption Appliance Management Center for Cisco Security Agents 6.0 Directory Traversal Vulnerability Arbitrary SQL Command Execution Vulnerability in Cisco Security Agents Management Center Denial of Service Vulnerability in Cisco Security Agent 5.2 on Linux TCP Connection Exhaustion Denial of Service Vulnerability in Cisco ASA and PIX Appliances Denial of Service vulnerability in Cisco ASA and PIX Appliances via Malformed SIP Messages Denial of Service Vulnerability in Cisco Firewall Services Module (FWSM) 4.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Proventia Network Mail Security System (PNMSS) Appliance Cross-Site Request Forgery (CSRF) Vulnerabilities in IBM Proventia Network Mail Security System (PNMSS) Appliance Directory Traversal Vulnerability in IBM Proventia Network Mail Security System (PNMSS) LMI CRLF Injection Vulnerability in IBM Proventia Network Mail Security System (PNMSS) Arbitrary File Overwrite Vulnerability in Puppet Arbitrary File Inclusion Vulnerability in Bible Study Component 6.1 for Joomla! SQL Injection Vulnerability in JoomlaBamboo Simpla Admin Template for Joomla! Memory Corruption and Arbitrary Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Web Worker Array Data Type Handling Vulnerability Remote Code Execution via Crafted Data in SSPI Session Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and SeaMonkey Remote Code Execution via Crafted Email Attachments in Mozilla Thunderbird and SeaMonkey Use-after-free vulnerability in Mozilla Firefox 3.6 allows remote code execution via multipart/x-mixed-replace animation Memory Corruption and Code Execution Vulnerability in Mozilla Firefox 3.6 Memory Corruption and Code Execution Vulnerability in Mozilla Firefox 3.6 on Mac OS X Memory Corruption and Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unrestricted URL Handling in nsDocument::MaybePreLoadImage Function in Mozilla Firefox 3.6 CSSLoaderImpl::DoSheetComplete Function Case Change Vulnerability Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox 3.6 before 3.6.2 Cross-Origin Keystroke Capture and XSS Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Concurrent Authorization Request Vulnerability in Mozilla Firefox 3.6 Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Use-after-free vulnerability in nsTreeSelection implementation in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote code execution or denial of service Dangling Pointer Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Dangling Pointer Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary JavaScript Execution via Mouse Click Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary JavaScript Execution Vulnerability in Firebug Add-on for Mozilla Firefox and SeaMonkey World-readable permissions for localconfig files in Bugzilla 3.5.1 through 3.7 Denial of Service Vulnerability in Mozilla Firefox, SeaMonkey, and Thunderbird XMLDocument::load Function Access Restriction Bypass Vulnerability Use-after-free vulnerability in Mozilla Firefox and SeaMonkey allows remote code execution via crafted HTML document Weak Permissions on Domain Properties Files in TIBCO Domain Utility Unrestricted Access to Solr Collections in Adobe ColdFusion 9.0 Cross-domain vulnerability in Adobe Flash Player, Adobe AIR, Adobe Reader, and Acrobat allows remote attackers to bypass sandbox restrictions and make cross-domain requests. Denial of Service Vulnerability in Adobe Flash Player and Adobe AIR Unspecified vulnerability in Adobe Reader and Acrobat 8.x and 9.x before 9.3.1 Arbitrary Program Download Vulnerability in NOS Microsystems getPlus Download Manager Arbitrary Web Script Injection Vulnerability in Adobe Reader and Acrobat Prefix Protocol Handler Vulnerability in Adobe Reader and Acrobat Unspecified Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Unspecified Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Unspecified Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Unspecified Memory Corruption Vulnerability in Adobe Reader and Acrobat Buffer Overflow Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Buffer Overflow Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Unspecified Memory Corruption Vulnerability in Adobe Reader and Acrobat Buffer Overflow Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Buffer Overflow Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Unspecified Memory Corruption Vulnerability in Adobe Reader and Acrobat Denial of Service Vulnerability in libpng's png_decompress_chunk Function Remote Denial of Service Vulnerability in xpdf Processing of JBIG2 PDF Stream Objects Infinite Loop Denial of Service Vulnerability in xpdf-based PDF Viewers Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Denial of Service and Arbitrary Code Execution Vulnerability in OpenLDAP 2.4.22 Denial of Service Vulnerability in OpenLDAP 2.4.22 Denial of Service Vulnerability in BIND 9.7.1 and 9.7.1-P1 Insecure Transmission of Active Directory Credentials in PolyVision RoomWizard Firmware 3.2.3 Access Restriction Bypass Vulnerability in ActiveCollab before 2.3.2 Information Disclosure: Cleartext Passwords in authenticate_ad_setup_finished.cfm in MediaCAST 8 and Earlier Insecure Session Management in Zeacom Chat Server before 5.1 Incorrect ACL in BIND 9.7.2-P1 Allows Remote Information Disclosure via DNS Query Default Password Vulnerability in Apache Axis2 Denial of Service Vulnerability in nsObserverList::FillObserverArray Function in Mozilla Firefox Vulnerability: Password Validation on Host Computer for Kingston USB Flash Drives Fixed 256-bit Key Vulnerability in Kingston DataTraveler USB Flash Drives Password Replay Vulnerability in Kingston DataTraveler USB Flash Drives Vulnerability: Password Validation on SanDisk Cruzer Enterprise USB Flash Drives Allows Cleartext Access Insecure Key Management in SanDisk Cruzer Enterprise USB Flash Drives Password Replay Vulnerability in SanDisk Cruzer Enterprise USB Flash Drives Password Validation Vulnerability in Verbatim Corporate Secure and Corporate Secure FIPS Edition USB Flash Drives Fixed 256-bit Key Vulnerability in Verbatim Corporate Secure USB Flash Drives Password Replay Vulnerability in Verbatim Corporate Secure and Corporate Secure FIPS Edition USB Flash Drives Postfix Misconfiguration Allows Remote Access Bypass SMB NTLM Authentication Lack of Entropy Vulnerability Windows Kernel Exception Handler Vulnerability Windows Kernel Double Free Vulnerability Windows Kernel Null Pointer Vulnerability Windows Kernel Symbolic Link Value Vulnerability Windows Kernel Memory Allocation Vulnerability Windows Kernel Symbolic Link Creation Vulnerability Windows Kernel Registry Key Denial of Service Vulnerability ICMPv6 Router Advertisement Remote Code Execution Vulnerability Header MDL Fragmentation Vulnerability ICMPv6 Route Information Vulnerability in Windows Vista and Server 2008 TCP/IP Selective Acknowledgement Vulnerability in Microsoft Windows Vista and Server 2008 MSO.DLL Buffer Overflow Vulnerability Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 HTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer 6-8 HTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer DirectShow Heap Overflow Vulnerability Microsoft Data Analyzer ActiveX Control Remote Code Execution Vulnerability Visio Attribute Validation Memory Corruption Vulnerability Arbitrary File Reading Vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 Visio Index Calculation Memory Corruption Vulnerability Microsoft Office Excel Record Memory Corruption Vulnerability Microsoft Office Excel Sheet Object Type Confusion Vulnerability Microsoft Office Excel MDXTUPLE Record Heap Overflow Vulnerability Microsoft Office Excel MDXSET Record Heap Overflow Vulnerability Microsoft Office Excel FNGROUPNAME Record Uninitialized Memory Vulnerability Microsoft Office Excel XLSX File Parsing Code Execution Vulnerability Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability Remote Code Execution Vulnerability in Microsoft Windows Movie Maker and Producer Microsoft Outlook SMB Attachment Vulnerability Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 6 SP1, and 7 Media Player Remote Code Execution Vulnerability SMB Client Memory Allocation Vulnerability SMB Client Transaction Vulnerability Privilege Escalation Vulnerability in Sun OpenSolaris HAL Implementation CVE-2010-0073: Heap-based Buffer Overflow in Sun Java System Web Server 7.0 Update 6 on Linux Unspecified Remote Code Execution Vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux Unspecified vulnerability in Edit Contact scene in IBM Lotus iNotes with unknown impact and attack vectors Script Command Handling Vulnerability in IBM Lotus iNotes Unspecified Impact and Attack Vector Vulnerability in IBM Lotus iNotes Memory Corruption and Application Crash Vulnerability in libpurple and Adium Denial of Service Vulnerability in Windows Live Messenger 2009 Unrestricted File Upload Vulnerability in BTS-GI Read Excel 1.1 Array Index Error in lib3ds 1.x: Remote Code Execution via Crafted 3DS File Denial of Service Vulnerability in MIT Kerberos 5 Key Distribution Center (KDC) Arbitrary File Creation and Code Execution Vulnerability in Novell Access Manager 3.1 Vulnerability: Screen Lock Bypass via External Monitor Attachment Unspecified OpenID Authentication Bypass Vulnerability in TYPO3 4.3.0 Directory Traversal Vulnerability in DokuWiki ACL Manager Plugin Privilege Escalation via Typo in DokuWiki ACL Manager Plugin CSRF Vulnerabilities in DokuWiki ACL Manager Plugin DNS Cache Poisoning Vulnerability in ISC BIND 9.x through 9.7.0 Beta The do_mremap() mess vulnerability in Linux kernel before 2.6.32.4 Denial of Service Vulnerability in Chrony's read_from_cmd_socket Function Denial of Service Vulnerability in chronyd Allows Memory Consumption Denial of Service (Disk Consumption) Vulnerability in Chrony Denial of Service Vulnerability in lighttpd before 1.4.26 and 1.5.x Vulnerability: Newline Character Handling in encode_name Macro in glibc USB Passthrough Buffer Overflow Vulnerability in QEMU KVM 83 Vulnerability: Privilege Escalation and Denial of Service through Memory Access Insecure Permissions in devtmpfs Root Directory in openSUSE 11.2 Denial of Service Vulnerability in ircd-ratbox before 2.2.9 via HELP Command Privilege Escalation via Crafted .mailfilter File in maildrop 2.3.0 and Earlier Use-after-free vulnerability in CUPS scheduler allows remote attackers to cause denial of service Denial of Service Vulnerability in IRCD-Hybrid's MemoServ Service Buffer Overflow Vulnerabilities in LWRES Dissector in Wireshark Denial of Service Vulnerability in ejabberd_c2s.erl Vulnerability: Privilege Escalation and Denial of Service in KVM 83 Denial of Service Vulnerability in Linux Kernel's load_elf_binary Function Denial of Service Vulnerability in Squid DNS Parsing Improper Handling of pit_state Structure in KVM 83 Allows Denial of Service Privilege Escalation Vulnerability in Trusted Extensions of Sun Solaris 10 Unspecified Remote Administrative Access Vulnerability in Sun Java System Identity Manager Denial of Service Vulnerability in IBM Tivoli Directory Server Denial of Service Vulnerability in Sun Java System Directory Server Enterprise Edition 7.0 Remote URL Discovery Vulnerability in Apple Safari Information Disclosure Vulnerability in WebKit Integer Overflow Vulnerability in Google SketchUp Allows Remote Code Execution via Crafted SKP File Denial of Service Vulnerability in Novell Netware 6.5 SP8 Insecure File Permissions during ZFS Intent Log Replay in FreeBSD Arbitrary Script Injection Vulnerability in Docmint 1.0 and 2.1 Arbitrary Web Script Injection Vulnerability in Glitter Central Script's submitlink.php Arbitrary Web Script Injection Vulnerability in Jamit Job Board 3.0 Arbitrary SQL Command Execution in MK-AnydropdownMenu Extension for TYPO3 Unspecified Information Disclosure Vulnerability in TYPO3 Photo Book Extension Arbitrary SQL Command Execution in TYPO3 Customer Reference List Extension Unspecified Information Disclosure Vulnerability in SB Folderdownload Extension for TYPO3 Arbitrary Web Script Injection in TYPO3 Developer Log Extension Arbitrary Code Injection through Cross-Site Scripting (XSS) in KJ: Imagelightbox Extension for TYPO3 Arbitrary Web Script Injection in TYPO3 Unit Converter Extension SQL Injection Vulnerability in Powermail Extension 1.5.1 and Earlier for TYPO3 Arbitrary SQL Command Execution in Googlemaps for tt_news Extension Arbitrary Web Script Injection in TV21 Talkshow Extension for TYPO3 Arbitrary SQL Command Execution in TV21 Talkshow Extension for TYPO3 Arbitrary SQL Command Execution in TYPO3 Helpdesk Extension (mg_help) 1.1.6 and Earlier Arbitrary SQL Command Execution in Vote rank for news Extension Arbitrary Web Script Injection in TYPO3 Vote rank for news Extension Unspecified Information Disclosure Vulnerability in kiddog_mysqldumper Extension for TYPO3 Arbitrary SQL Command Execution in tt_news Mail Alert Extension Arbitrary SQL Command Execution in TT_Products Editor Extension Arbitrary SQL Command Execution in TYPO3 User Links Extension Arbitrary SQL Command Execution in MJS Event Pro Extension for TYPO3 Arbitrary SQL Command Execution in BB Simple Jobs Extension for TYPO3 Arbitrary SQL Command Execution in Reports for Job (job_reports) Extension for TYPO3 Remote Code Execution via SQL Injection in TYPO3 Clan Users List Extension Arbitrary SQL Command Execution in zak_store_management TYPO3 Extension Arbitrary Web Script Injection Vulnerability in Majordomo Extension for TYPO3 Arbitrary Web Script Injection in Tip many friends (mimi_tipfriends) Extension for TYPO3 Arbitrary Web Script Injection in TYPO3 VD / Geomap Extension Directory Traversal Vulnerability in C3 Corp. WebCalendarC3 0.32 and Earlier Cross-Site Scripting (XSS) Vulnerability in C3 Corp. WebCalenderC3 0.32 and Earlier Directory Traversal Vulnerability in TYPO3 Photo Book Extension 1.7.14 and Earlier Stack-based Buffer Overflow in MoviePlayer.ocx ActiveX Control Arbitrary Web Script Injection Vulnerability in IBM Lotus Web Content Management (WCM) Login Page Heap-based Buffer Overflow in IBM Lotus Domino Server Buffer Overflow in SSLv2 Support in Zeus Web Server Allows Remote Code Execution Heap Overflow Vulnerability in Sun Java System Web Server 7.0 Update 7 Stack-based Buffer Overflow in Sun Java System Web Server 7.0 Update 7 Lack of Random Transaction IDs in Zeus Web Server Allows DNS Response Spoofing Arbitrary Web Script Injection in Zeus Web Server with SSL-enabled Admin Server Arbitrary Code Execution Vulnerability in VideoLAN VLC Media Player 0.8.6 Arbitrary Code Injection via order Parameter in BitScripts Bits Video Script 2.04 and 2.05 Gold Beta Arbitrary Code Execution via Unrestricted File Upload in BitScripts Bits Video Script PHP Remote File Inclusion Vulnerabilities in BitScripts Bits Video Script 2.05 Gold Beta Arbitrary Web Script Injection via Block Title in Node Blocks Module for Drupal Multiple Cross-Site Scripting (XSS) Vulnerabilities in Hitmaaan Gallery 1.3 SQL Injection Vulnerability in Joomla! Articlemanager Component SQL Injection Vulnerability in Joomla! Libros Component Arbitrary Script Injection Vulnerability in Joomla! Marketplace Component 1.2 SQL Injection Vulnerability in JCE-Tech PHP Calendars Arbitrary Code Injection via Cross-Site Scripting (XSS) in JCE-Tech PHP Calendars SQL Injection Vulnerability in PHP MySpace Gold Edition 8.0 and 8.10 Flash Player Use-After-Free Vulnerability in Windows XP SP2 and SP3 Unspecified Remote Code Execution Vulnerabilities in Macromedia Flash ActiveX Control Remote Code Execution in JCE-Tech PHP Calendars via install.php SQL Injection Vulnerability in PHP MySpace Gold Edition 8.0 and 8.10 Remote Code Execution Vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta Deprecated Identity Keys in Tor: Anonymity Compromise Vulnerability Logging of Client IP Addresses in Tor Directory Mirrors Information Disclosure Vulnerability in Tor Bridge Directory Authority Cross-Site Tracing (XST) Vulnerability in Sun Java System Application Server 7 and 7 2004Q2 Heap-based Buffer Overflow Vulnerabilities in Sun Java System Web Server 7.0 Update 7 Format String Vulnerability in Sun Java System Web Server 7.0 Update 6 WebDAV Implementation Denial of Service Vulnerability in Sun Java System Web Server 7.0 Update 6 Arbitrary Code Execution via Unrestricted File Upload in PHP F1 Max's Image Uploader 1.0 Stack-based Buffer Overflow Vulnerabilities in Embarcadero InterBase SMP 2009 9.0.3.437 Stack-based Buffer Overflow in TheGreenBow IPSec VPN Client CUPS Local Privilege Escalation via Crafted Localization Data Arbitrary Command Execution in Trac Git Plugin User-assisted Remote Code Execution in OpenOffice.org 2.x and 3.0 Directory Traversal Vulnerability in dpkg-source Component in dpkg XMLRPC Extension Denial of Service Vulnerability Symlink Attack Vulnerability in Autokey Init Script SQL Injection Vulnerability in lib/user.php in Mahara 1.0.4 Authentication Bypass and Denial of Service Vulnerability in OpenTTD Arbitrary Code Execution and Denial of Service Vulnerability in OpenTTD Arbitrary File Inclusion Vulnerability in phpGroupWare (phpgw) before 0.9.16.016 SQL Injection Vulnerabilities in phpGroupWare (phpgw) before 0.9.16.016 Integer Overflow in BZ2_decompress Function Allows Arbitrary Code Execution Denial of Service Vulnerability in OpenTTD before 1.0.1 Buffer Overflow Vulnerabilities in PC/SC Smart Card Daemon (PCSCD) Allow Privilege Escalation Improper Handling of Empty Request Body in mod_proxy_ajp.c Buffer Overflow in GMime UUENCODE_LEN Macro Denial of Service Vulnerability in Linux Kernel's NETLINK_CONNECTOR Messages Handling Buffer overflow vulnerability in SystemTap 1.1 allows denial of service via large number of arguments Unrestricted Value Vulnerability in SystemTap 1.1's stap-server Bypassing Screen Locking by Disconnecting External Monitor Arbitrary Kernel Memory Read Vulnerability in do_pages_move Function Buffer Overflow in Helix Player and RealPlayer Unescape Function Buffer Overflow in Helix Player and RealPlayer Allows Remote Code Execution Arbitrary Command Execution Vulnerability in Chumby Web Interface Vulnerability: Privilege Escalation and Denial of Service in KVM x86 Emulator Denial of Service in libpurple in Finch in Pidgin via Crafted Nickname Array Index Error in hb_ot_layout_build_glyph_classes Function in Pango Inadequate Synchronization of Screen Locking and Unlock Dialog in gnome-screensaver 2.28.x before 2.28.3 Denial of Service Vulnerability in Pidgin's gtkimhtml.c Symlink Attack Vulnerability in crontab.c Arbitrary Code Execution Vulnerability in Apache HTTP Server mod_isapi Privilege Escalation via Sudo Pseudo-Command Matching Vulnerability Privilege Escalation via Improper Group Memberships in sudo 1.6.x before 1.6.9p21 Unvalidated Pointers in libspice of QEMU-KVM Hypervisor Memory-management vulnerability in libspice in QEMU-KVM allows for denial of service and potential privilege escalation Arbitrary Memory Access in libspice of QEMU-KVM QEMU-KVM Guest QXL Driver Pointer Validation Vulnerability Apache OFBiz Multiple Cross-Site Scripting (XSS) Vulnerabilities NULL pointer dereference vulnerability in OpenSSL Apache HTTP Server Memory Disclosure Vulnerability Denial of Service Vulnerability in Red Hat Enterprise Virtualization (RHEV) and KVM with Intel VT-x Extension Race condition vulnerability in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local privilege escalation IPv6 TUN Network Interface Denial of Service Vulnerability Multiple SQL Injection Vulnerabilities in OTRS-Core Ticket.pm Symlink Attack Vulnerability in Chip Salzenberg Deliver Cisco Secure Desktop Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Asterisk Open Source and Business Edition Denial of Service Vulnerability in PostgreSQL's bitsubstr Function Unspecified Privilege Escalation Vulnerability in Record Management Services (RMS) on HP OpenVMS Alpha Platform Blank Password Vulnerability in HP Operations Agent 8.51-8.60 on Solaris 10 Arbitrary Command Execution Vulnerability in HP Network Node Manager (NNM) 8.10-8.13 Unspecified Remote Information Disclosure Vulnerability on HP DreamScreen 100 and 130 Arbitrary Command Execution via JSP Document Upload in HP OpenView Performance Insight (OVPI) Unspecified Remote Data Access Vulnerability in HP SOA Registry Foundation 6.63 and 6.64 Arbitrary Web Script Injection Vulnerability in HP SOA Registry Foundation 6.63 and 6.64 Unspecified Privilege Escalation Vulnerability in HP SOA Registry Foundation 6.63 and 6.64 NFS/ONCplus B.11.31_08 and Earlier Installation Vulnerability Unspecified Cross-Site Scripting (XSS) Vulnerabilities in HP Project and Portfolio Management Center (PPMC) 7.1 through SP10 and 7.5 through SP3 Denial of Service Vulnerability in Solaris and OpenSolaris x86 Architecture SQL Injection Vulnerability in Publique! 2.3 Allows Remote Code Execution via sid Parameter Arbitrary Script Injection Vulnerability in PunBB 1.3 Forum Viewtopic.php SQL Injection Vulnerability in Indianpulse Game Server Component 1.2 for Joomla! SQL Injection Vulnerability in magic-portal 2.1: Remote Code Execution via id Parameter in home.php SQL Injection Vulnerabilities in NetArt Media Blog System 1.5 SQL Injection Vulnerability in Mochigames Component for Joomla! (com_mochigames) 0.51 and Possibly Other Versions Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kayako SupportSuite 3.60.04 and Earlier SQL Injection Vulnerability in Casino Component 1.0 for Joomla! Heap-based Buffer Overflow in IBM DB2 9.1, 9.5, and 9.7 Lack of DNS Prefetching Protection in Horde IMP 4.3.6 and Earlier Lack of DNS Prefetching Protection in Roundcube 0.3.1 and Earlier Arbitrary Script Injection in SugarCRM Documents Functionality Arbitrary File Read Vulnerability in ccNewsletter Component 1.0.5 for Joomla! Arbitrary Web Script Injection Vulnerability in PaperThin CommonSpot Content Server SQL Injection Vulnerability in Files2Links F2L 3000 Appliance 4.0.0 and Other Versions: Remote Code Execution Arbitrary Web Script Injection Vulnerability in Comtrend CT-507IT ADSL Router SQL Injection Vulnerability in Enano CMS Comment Submission Interface Denial of Service Vulnerability in Tivoli Monitoring for DB2 Arbitrary Web Script Injection Vulnerability in Palo Alto Networks Firewall SMB Client Response Parsing Vulnerability SMB Client Message Size Vulnerability Windows Media Unicast Service Stack-based Buffer Overflow Vulnerability Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability Windows Virtual Path Parsing Vulnerability Windows Kernel Image Relocation Validation Vulnerability VBScript Help Keypress Vulnerability in vbscript.dll Win32k Improper Data Validation Vulnerability Win32k Window Creation Vulnerability WinVerifyTrust Signature Validation Vulnerability Cabview Corruption Validation Vulnerability Post Encoding Information Disclosure Vulnerability in Microsoft Internet Explorer Race Condition Memory Corruption Vulnerability in Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 HTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 HTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer 8 HTML Element Cross-Domain Vulnerability in Microsoft Internet Explorer 6-8 Denial of Service Vulnerability in FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2 and iPod touch Lack of Warning for Unsafe File Types in Disk Images in Apple Mac OS X Privilege Escalation Vulnerability in Apple Mac OS X Directory Services Arbitrary Client Blacklisting Vulnerability in Apple Mac OS X Event Monitor Directory Traversal Vulnerability in Apple Mac OS X Server FTP Server Incomplete Logging in iChat Server Allows Message Auditing Bypass iChat Server Use-After-Free Remote Code Execution Vulnerability Multiple stack-based buffer overflows in iChat Server in Apple Mac OS X Server before 10.6.3: Remote Code Execution and Denial of Service Vulnerabilities Heap-based Buffer Overflow in ImageIO in Apple Mac OS X Buffer Overflow in Image RAW Processing in Apple Mac OS X 10.5.8 Buffer Overflow in Image RAW in Apple Mac OS X Unpatched Mail Account Filter Rules Vulnerability in Apple Mac OS X Privilege Escalation via SFLServer in Apple Mac OS X Password Replication Vulnerability in Apple Mac OS X Server Access Restriction Bypass in Apple Mac OS X 10.6 Podcast Producer Bypassing Access Restrictions in Apple Mac OS X 10.6 PS Normalizer Stack-based Buffer Overflow in Apple Mac OS X Heap-based Buffer Overflow in QuickTime Allows Remote Code Execution H.264 Movie File Remote Code Execution Vulnerability in QuickTime Heap-based Buffer Overflow in QuickTime in Apple Mac OS X Heap-based Buffer Overflow in QuickTime Allows Remote Code Execution Sorenson Encoding Vulnerability in QuickTime for Apple Mac OS X QuickTime Integer Overflow Vulnerability Heap-based Buffer Overflow in QuickTimeAuthoring.qtx in QuickTime Unauthenticated Directory Binding Vulnerability in Apple Mac OS X Server Privilege Escalation via Former Admin Group Membership in Apple Mac OS X Server 10.5.8 Unrestricted File Upload Vulnerability in Apple Mac OS X 10.5.8 Wiki Server Arbitrary Client Certificate Vulnerability in FreeRADIUS Server on Apple Mac OS X Server Weak Key Usage Enforcement in Apple Mac OS X Mail Heap-based Buffer Overflow in QuickTimeMPEG.qtx in QuickTime Integer Overflow in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple QuickTime on Windows Heap-based Buffer Overflow in QuickTime.qts Allows Remote Code Execution Weak Permissions in Apple QuickTime Profile Directory Denial of Service Vulnerability in Apple iTunes 9.1 Privilege Escalation via Race Condition in Apple iTunes Installation Package Directory Traversal Vulnerability in AFP Server in Apple Mac OS X Unrestricted Weblog Creation Vulnerability in Apple Mac OS X 10.6 Bypassing Access Restrictions in Dovecot on Apple Mac OS X 10.6 Arbitrary Code Execution and Denial of Service Vulnerability in Apple QuickTime on Windows Unintended Remote File Copying Vulnerability in Apple Mac OS X 10.6 Out-of-bounds Memory Access Vulnerability in Apple Java for Mac OS X Integer Signedness Error in Apple Java for Mac OS X: Remote Code Execution and Denial of Service Vulnerability CSRF Vulnerability in CUPS Web Interface Allows Authentication Hijacking WEBrick HTTP Server XSS Vulnerability in Apple Mac OS X 10.5.8 and 10.6 CUPS Text Filter Subsystem Denial of Service and Arbitrary Code Execution Vulnerability Remote Code Execution and Denial of Service Vulnerability in ImageIO on Apple Mac OS X 10.5.8 and 10.6 Arbitrary Script Injection Vulnerability in Apple Safari WebKit Improper File Ownership Setting Vulnerability in Apple Mac OS X Finder Symlink Attack Vulnerability in Apple Mac OS X Folder Manager Denial of Service via Crafted String in Samba 3.4.5 and Earlier Unspecified Remote Access Vulnerabilities in Xerox WorkCentre Network Controller and Web Server Unauthorized Directory Structure Access Vulnerability in Xerox WorkCentre 6400 System Software Improper Enforcement of HTTP Digest Authentication in Geo++ GNCASTER 1.4.0.7 and Earlier Memory Disclosure Vulnerability in Geo++ GNCASTER 1.4.0.7 and Earlier Remote Code Execution and Denial of Service Vulnerability in Geo++ GNCASTER 1.4.0.7 and Earlier Remote Code Execution and Denial of Service Vulnerability in Geo++ GNCASTER 1.4.0.7 and Earlier Nonce Reuse Vulnerability in Geo++ GNCASTER 1.4.0.7 and Earlier URLMON Sniffing Vulnerability Authentication Dialog Credential Leakage in Google Chrome Unspecified Access and Denial of Service Vulnerability in IBM Cognos Express 9.0 Unspecified Impact Vulnerability in Oracle OpenSolaris Default Configuration Vulnerability in Oracle OpenSolaris: Unspecified Impact via Windows Active Directory Domain Join Unspecified BIOS Vulnerability in Intel Desktop Board DB, DG, DH, DP, and DQ Series Allows Arbitrary Code Execution in System Management Mode (SSM) Integer Signedness Error in NetBSD Audio Drivers Heap-based Buffer Overflow in fetchmail's sdump function Unrecognized Requires SSL Configuration Option in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0.0.8 Allows Information Disclosure Buffer Overflow Vulnerability in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510 Cisco ASA WebVPN DTLS Denial of Service Vulnerability Denial of Service vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance Denial of Service vulnerability in Cisco ASA and PIX Appliances via Malformed IKE Message NTLMv1 Authentication Bypass Vulnerability in Cisco ASA and PIX Appliances Denial of Service vulnerability in Cisco ASA and PIX Appliances via Malformed SIP Messages Default Password Vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x Privilege Escalation Vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x Cisco Digital Media Manager (DMM) Information Disclosure Vulnerability Content Injection Vulnerability in Cisco Digital Media Player Denial of Service vulnerability in Cisco Wireless LAN Controller (WLC) software Cisco Wireless LAN Controller (WLC) ACL Bypass Vulnerability Denial of Service Vulnerability in Cisco IOS, IOS XE, and IOS XR with MPLS and LDP Enabled Denial of Service Vulnerability in Cisco IOS 12.2 through 12.4 (Bug ID CSCsz75186) Denial of Service Vulnerability in Cisco IOS IKE Implementation (Bug ID CSCtb13491) SIP Message Handling Denial of Service Vulnerability in Cisco IOS 12.3 and 12.4 SIP Message Processing Arbitrary Code Execution Vulnerability SIP Packet Parsing Arbitrary Code Execution Vulnerability Denial of Service Vulnerability in Cisco IOS 12.1 through 12.4 and 15.0M before 15.0(1)M1 H.323 Implementation Memory Leak Vulnerability in Cisco IOS Denial of Service Vulnerability in Cisco IOS 12.4 with NAT SCCP Fragmentation Support SCCP Packet Processing Denial of Service Vulnerability SCCP Request Handling Denial of Service Vulnerability Denial of Service Vulnerability in Cisco Unified Communications Manager Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) Arbitrary File Execution Vulnerability in Cisco Secure Desktop Denial of Service Vulnerability in Cisco Unified Communications Manager Denial of Service Vulnerability in Cisco Unified Communications Manager Denial of Service Vulnerability in Cisco Unified Communications Manager Improper Restriction of Read Access Vulnerability in Cisco RVS4000 and Video Cameras Cisco Router and Security Device Manager (SDM) Cross-Site Scripting (XSS) Vulnerability Default Password Vulnerability in Cisco Mediator Framework Unspecified vulnerability in Cisco Mediator Framework allows remote authenticated users to read or modify device configuration and gain privileges Unspecified vulnerability in Cisco Mediator Framework allows remote authenticated users to gain privileges and cause denial of service Unencrypted HTTP Sessions Vulnerability in Cisco Mediator Framework Unencrypted XML RPC Sessions Vulnerability in Cisco Mediator Framework Unrestricted Network Access Vulnerability in Cisco Mediator Framework Denial of Service Vulnerability in Cisco PGW 2200 Softswitch (Bug ID CSCsl39126) Denial of Service Vulnerability in Cisco PGW 2200 Softswitch (Bug ID CSCsk32606) Denial of Service Vulnerability in Cisco PGW 2200 Softswitch (Bug ID CSCsk40030) Unspecified Denial of Service Vulnerability in Cisco PGW 2200 Softswitch SQL Injection Vulnerability in osTicket 1.6.0 Stable: Remote Code Execution via scp/ajax.php Arbitrary Web Script Injection in osTicket 1.6.0 Stable Cross-Site Scripting (XSS) Vulnerability in Sterlite SAM300 AX Router's Forms/status_statistics_1 SQL Injection Vulnerability in NovaBoard 1.1.2: Remote Code Execution via forums[] Parameter SQL Injection Vulnerability in NovaBoard 1.1.2 via nova_name Cookie Parameter in header.php SQL Injection Vulnerabilities in Joomla! Photoblog Component SQL Injection Vulnerabilities in Baal Systems 3.8 and Earlier: Remote Code Execution via adminlogin.php Unspecified File Rights Vulnerability in DocumentManager 4.0 Directory Traversal Vulnerability in ARWScripts Fonts Script's viewfile.php SQL Injection Vulnerability in evalSMSI 2.1.03: Remote Code Execution via ajax.php Cross-Site Scripting (XSS) Vulnerability in evalSMSI 2.1.03's assess.php Cleartext Password Storage Vulnerability in evalSMSI 2.1.03 Cross-Site Scripting (XSS) Vulnerability in evalSMSI 2.1.03 ajax.php Denial of Service Vulnerability in Lexmark Printers and MarkNet Devices Remote Code Execution Vulnerability in Lexmark Printers via PJL INQUIRE Command Arbitrary File Overwrite and Code Execution Vulnerability in EMC HomeBase Server Denial of Service and Privilege Escalation Vulnerability in Linux Kernel's wake_futex_pi Function Reference Count Management Vulnerability in futex_lock_pi Function Heap-based Buffer Overflow in GNU Tar and Cpio RMT Client Functionality Stack-based Buffer Overflow in NWFTPD.nlm FTP Server Denial of Service Vulnerability in SPNEGO GSS-API Functionality in MIT Kerberos 5 Use-after-free vulnerability in kadmind allows remote authenticated users to cause denial of service Arbitrary SQL Command Execution in Evernew Free Joke Script 1.2 via viewjokes.php SQL Injection Vulnerabilities in Eicra Car Rental-Script: Arbitrary SQL Command Execution SQL Injection Vulnerability in Parkview Consultants SimpleFAQ Component for Joomla! Authentication Bypass Vulnerability in Citrix XenServer Unspecified Vulnerability in flex 2.5.35 with Unknown Impact and Attack Vectors SQL Injection Vulnerability in JEvents Search Plugin for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in WebCalendar 1.2.0 and Earlier Versions Cross-Site Request Forgery (CSRF) Vulnerabilities in WebCalendar 1.2.0 and Earlier Versions CSRF Vulnerability in WebCalendar 1.2.0 Allows Remote Password Hijacking NULL Pointer Dereference and Daemon Crash Vulnerability in Squid HTCP Handling Arbitrary Web Script Injection Vulnerability in CA eHealth Performance Manager Arbitrary Web Script Injection Vulnerability in Cisco Collaboration Server (CCS) 5 Remote Code Disclosure Vulnerability in Cisco Collaboration Server (CCS) 5 Proxy Bypass Vulnerability in Google Chrome Information Leakage via DNS Queries in Google Chrome Integer Overflow Vulnerabilities in Google V8 and Chrome Sandbox Arbitrary Code Execution in Google Chrome Sandbox via JavaScript Arrays Arbitrary Code Execution in Chrome Sandbox via Malformed RUBY Element Session-specific URL discovery vulnerability in Mozilla Firefox Integer Overflow in CrossCallParamsEx::CreateFromBuffer Function in Google Chrome Popup Window Bypass Vulnerability in WebKit Cross-Origin Loading of Malformed CSS Stylesheets Vulnerability Cross-Origin Loading of Malformed CSS Stylesheets in Microsoft Internet Explorer Cross-Origin Loading of Malformed CSS Stylesheets in Opera Cross-Origin Loading of Malformed CSS Stylesheets Vulnerability Use-after-free vulnerability in Google Chrome before 4.0.249.78: Remote code execution via blocked popup window during navigation Directory Listing Disclosure in WebKit Improper URL Handling in Google Chrome Desktop Shortcut Vulnerability Integer overflows in Skia leading to remote code execution and denial of service in Google Chrome Arbitrary Code Execution via Malformed GIF File in WebKit HTTPS to HTTP Referer Leakage Vulnerability Bypassing Same Origin Policy via window.open method in WebKit Integer Overflow in ParamTraits::Read Function in Google Chrome Uninitialized Memory Vulnerability in ParamTraits::Read Function in Google Chrome Stack Consumption Vulnerability in ChildProcessSecurityPolicy::CanRequestURL Function in Google Chrome Sensitive Information Exposure in JAG (Just Another Guestbook) 1.14 Denial of Service Vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and Earlier Information Disclosure Vulnerability in MoinMoin 1.9 before 1.9.1 Unspecified vulnerability in MoinMoin: Potential Security Breach Unsanitized User Profiles in MoinMoin before 1.8.7 and 1.9.x before 1.9.2 Unspecified vulnerability in IP-Tech JQuarks Component before 0.2.4 for Joomla! allows installation path disclosure SQL Injection Vulnerability in KR MEDIA Pogodny CMS: Remote Code Execution via id Parameter in niusy Action SQL Injection Vulnerability in WSN Guest 1.02 via orderlinks Parameter in index.php Arbitrary SQL Command Execution in Copperleaf Photolog Plugin for WordPress Insufficient Access Control in StatCounteX 3.1 Allows Remote Database Download Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik BGS CMS 2.2.1 Arbitrary File Read Vulnerability in RWCards Component 3.0.18 for Joomla! Arbitrary SQL Command Execution Vulnerability in Katalog Stron Hurricane 1.3.5 Remote File Inclusion Vulnerability in Katalog Stron Hurricane 1.3.5 Stack-based buffer overflows in HyleosChemView.HLChemView ActiveX Control Arbitrary File Inclusion Vulnerability in ZeusCMS 0.2 Insufficient Access Control in ZeusCMS 0.2 Allows Remote Information Disclosure WordPress 2.9 before 2.9.2 Trash Post Disclosure Vulnerability Arbitrary Code Execution Vulnerability in TIBCO Administrator 5.4.0 through 5.6.0 Apache ActiveMQ 5.3.1 - Cross-Site Scripting (XSS) Vulnerability in createDestination.action Injection of Strings into Dialplan Using ${EXTEN} Channel Variable and Wildcard Pattern Matches URL Forwarding Vulnerability in VMware VirtualCenter, Server, and ESX Orbital Viewer 1.04 Stack-Based Buffer Overflow Vulnerability Arbitrary Command Execution Vulnerability in DVBSExeCall Control ActiveX Control 1.0.0.1 SQL Injection Vulnerability in CommodityRentals Video Games Rentals: Remote Code Execution via pfid Parameter Arbitrary SQL Command Execution in JTL-Shop 2 druckansicht.php SQL Injection Vulnerability in IP-Tech JQuarks Component for Joomla! (com_jquarks) 0.2.3 and Earlier SQL Injection Vulnerability in CommodityRentals Trade Manager Script: Remote Code Execution via cid Parameter SQL Injection Vulnerability in PerchaGallery Component for Joomla! Arbitrary Web Script Injection Vulnerability in BASIC-CMS pages/index.php Arbitrary File Read Vulnerability in JoomlaWorks AllVideos Plugin Arbitrary Web Script Injection Vulnerability in iTweak Upload Module for Drupal SQL Injection Vulnerability in Dynamicsoft WSC CMS 2.2 - Remote Code Execution via Password Parameter Arbitrary Script Injection Vulnerability in VideoSearchScript Pro 3.5 Arbitrary Web Script Injection Vulnerability in WampServer 2.0i index.php SQL Injection Vulnerability in ForceChangePassword.jsp in Newgen Software OmniDocs Arbitrary SQL Command Execution in Fonality Trixbox 2.2.4 Arbitrary Web Script Injection Vulnerability in PortWise SSL VPN 4.6 Arbitrary Script Injection Vulnerability in IBM WebSphere Portal 6.0.1.5 Kernel Address Memory Corruption Vulnerability in avast! Antivirus Subex Nikira Fraud Management System XSS Vulnerability CSRF Vulnerability in Employee Timeclock Software 0.99 Allows Unauthorized Creation of Administrative Users Denial of Service Vulnerabilities in Sun Directory Server Enterprise Edition and Sun Java System Directory Server Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Limny 2.0 Allow Authentication Hijacking and Unauthorized User Creation SQL Injection Vulnerability in ASPCode CMS 1.5.8 and 2.0.0 Build 103 CSRF vulnerability in ASPCode CMS 1.5.8 and 2.0.0 Build 103 allows remote attackers to hijack administrator authentication SQL Injection Vulnerabilities in Zenoss 2.3.3 and Earlier Versions Cross-Site Request Forgery (CSRF) Vulnerabilities in Zenoss 2.3.3 and Earlier Versions Arbitrary web script injection vulnerability in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management versions 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services versions 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal Open Redirect Vulnerability in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management Cross-Site Scripting (XSS) Vulnerability in Microsoft SharePoint Documents Module Unsafe Package Actions Vulnerability in MoinMoin before 1.8.7 Buffer Overflow Vulnerability in Microsoft Windows Media Player 9 and 11.0.5721.5145 Unspecified API Argument Validation Vulnerability in Microsoft Windows SQL Injection Vulnerability in Erotik Auktionshaus news.php Allows Remote Code Execution SQL Injection Vulnerability in news.php in Auktionshaus Gelb 3.0 SQL Injection Vulnerability in news.php in Php Auktion Pro SQL Injection Vulnerability in news.php in Ero Auktion 2.0 and 2010 Arab Cart 1.0.2.0 - Remote SQL Injection Vulnerability in showimg.php Arab Cart 1.0.2.0 showimg.php Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection in tDiary TrackBack Plugin Vulnerability: Denial of Service and System Crash due to Improper Removal of POSIX Locks on Files with setgid Permissions Remote File Permission Bypass in Samba 3.3.11, 3.4.6, and 3.5.0 Privilege Escalation Vulnerability in Red Hat Enterprise Linux 4 Kernel Denial of Service Vulnerability in Xen Hypervisor Instruction Decoder Stack-based Buffer Overflow in gnutls_x509_crt_get_serial Function Bypassing Screen Lock via GDK_WINDOW_FOREIGN Implicit Paint Vulnerability Integer Overflow Vulnerability in PostgreSQL 8.4.1 and Earlier Denial of Service and Potential Remote Code Execution in libcurl's Content Encoding Cross-site scripting (XSS) vulnerability in ViewVC before 1.0.10 and 1.1.x before 1.1.4 in lib/viewvc.py Unauthenticated Privilege Escalation in JBoss Operations Network Access Control Bypass in JBoss EAP JMX-Console Web Application Integer Overflow in dvips Allows Remote Code Execution via Crafted DVI File NULL Pointer Dereference Vulnerability in OpenSSL TLS Connection Handling Denial of Service Vulnerability in virtio-net Driver Vulnerability in OpenSSL CMS Implementation Allows Arbitrary Code Execution Multiple Format String Vulnerabilities in isns.c in Linux SCSI Target Framework and iSCSI Enterprise Target Insecure SSL Certificate Verification in aMSN 0.98.3 and Earlier Denial of Service Vulnerability in Dovecot 1.2.x Directory Traversal Vulnerability in DeviceKit-disks Allows Privilege Escalation Local Privilege Escalation in DRBD8 via Netlink Packets Denial of Service Vulnerability in Transmission before 1.92 Endgame Corruption Vulnerability in Transmission before 1.92 Arbitrary File Existence Disclosure Vulnerability in PolicyKit 0.96 Remote Denial of Service Vulnerability in libnids 1.24 and earlier Improper Node Access Restrictions in Weekly Archive by Node Type Module for Drupal SQL Injection Vulnerability in SQL Reports Component 1.1 for Joomla! Arbitrary Script Injection in WikyBlog 1.7.2 and 1.7.3 rc2 Arbitrary PHP Code Execution via Remote File Inclusion in WikyBlog 1.7.3 rc2 Session Fixation Vulnerability in WikyBlog 1.7.3 rc2 Allows Remote Session Hijacking Arbitrary Code Execution via Unrestricted File Upload in WikyBlog 1.7.3rc2 Arbitrary SQL Command Execution in Softbiz Jobs' news_desc.php Directory Traversal Vulnerability in Core Design Scriptegrator Plugin 1.4.1 for Joomla! Multiple Directory Traversal Vulnerabilities in Core Design Scriptegrator Plugin 1.4.1 for Joomla! SQL Injection Vulnerability in CommodityRentals Books/eBooks Rentals Script SQL Injection Vulnerability in CommodityRentals CD Rental Software: Remote Code Execution via cat_id Parameter Arbitrary SQL Command Execution in CommodityRentals Vacation Rental Software SQL Injection Vulnerability in KuwaitPHP eSmile's index.php Insufficient Access Control in fipsForum 2.6 Allows Remote Database Download Integer Overflow in Swap4 Function in Luxology Modo 401's valet4.dll Allows Arbitrary Code Execution Arbitrary Web Script Injection Vulnerability in IBM WebSphere Application Server Administration Console Cleartext KeyRingPassword Exposure in IBM WebSphere Application Server Denial of Service Vulnerability in IBM WebSphere Application Server Denial of Service Vulnerability in IBM WebSphere MQ 7.0 WebSphere Application Server (WAS) Remote Access Restriction Bypass Vulnerability Denial of Service Vulnerability in IBM WebSphere Application Server (WAS) Denial of Service Vulnerability in IBM WebSphere Application Server File Disclosure Vulnerability in IBM WebSphere Application Server Arbitrary Web Script Injection in IBM WebSphere Application Server Administration Console Arbitrary Web Script Injection Vulnerability in IBM WebSphere Application Server Administration Console Denial of Service Vulnerability in IBM WebSphere MQ 7.x Denial of Service Vulnerability in IBM WebSphere Application Server (WAS) 6.1 X.509 Certificate Spoofing Vulnerability in IBM WebSphere MQ Arbitrary Web Script Injection in IBM WebSphere Application Server Administrative Console Arbitrary Web Script Injection in IBM WebSphere Application Server Administrative Console CSRF Vulnerability in IBM WebSphere Application Server Administrative Console Denial of Service Vulnerability in IBM WebSphere Application Server 7.0 Privilege escalation via symlink attack in Samba's mount.cifs Symlink Attacks in ncpfs 2.2.6: Denial of Service, Information Disclosure, and Privilege Escalation Vulnerability Symlink Attack Vulnerability in fusermount Information Disclosure Vulnerability in ncpumount in ncpfs 2.2.6 Denial of Service Vulnerability in ncpfs 2.2.6 Arbitrary File Read Vulnerability in fcrontab in fcron before 3.0.5 Buffer Overflow Vulnerability in BarnOwl before 1.5.1 via Crafted CC: Header SQL Injection Vulnerability in JE Event Calendars Component 1.0 for Joomla! SQL Injection Vulnerability in JE Quiz Component for Joomla! Arbitrary Web Script Injection Vulnerability in T3BLOG Extension for TYPO3 Arbitrary SQL Command Execution Vulnerability in T3BLOG Extension for TYPO3 Arbitrary File Read Vulnerability in phpunity.newsmanager's tell.php SQL Injection Vulnerability in Ossolution Team Documents Seller (DMS) Component 2.5.1 for Joomla! Directory Traversal Vulnerability in AutartiTarot Component 1.0.3 for Joomla! SQL Injection Vulnerability in Awards 1.1.0 Mod for Invision Power Board SQL Injection Vulnerability in jVideoDirect Component 1.1 RC3b for Joomla! iBoutique 4.0 index.php Cross-Site Scripting (XSS) Vulnerability Memory Corruption Vulnerability in Tabular Data Control (TDC) ActiveX Control Use-after-free vulnerability in Microsoft Internet Explorer's Peer Objects component (iepeers.dll) HTML Rendering Memory Corruption Vulnerability in Microsoft Internet Explorer 7 AutoComplete Information Disclosure Vulnerability Windows Kernel Exception Handler Vulnerability Unspecified Remote Code Execution Vulnerabilities in Microsoft Internet Explorer 8 Developer Tools ActiveX Control ISATAP IPv6 Source Address Spoofing Vulnerability in Microsoft Windows XP, Server 2003, Vista, and Server 2008 Access ActiveX Control Vulnerability VBE6.DLL Stack Memory Corruption Vulnerability Outlook Express and Windows Mail Integer Overflow Vulnerability Arbitrary Web Script Injection Vulnerability in Microsoft SharePoint Server 2007 and SharePoint Services 3.0 MPEG-4 Codec Vulnerability OpenType CFF Font Driver Memory Corruption Vulnerability LSASS Heap Overflow Vulnerability in Active Directory and ADAM Excel Record Parsing Memory Corruption Vulnerability Excel Object Stack Overflow Vulnerability Excel Memory Corruption Vulnerability Excel Record Memory Corruption Vulnerability Symlink Attack Vulnerability in movemail in Emacs 22 and 23 Symlink Attack Vulnerability in FSF Berkeley DB NSS Module (libnss-db) 2.2.3pre1 Integer Overflow Vulnerability in dvips in TeX Live 2009 and Earlier Arbitrary Web Script Injection in MoinMoin Despam.py Action Module Array Index Errors in set.c in dvipng 1.11 and 1.12, and teTeX Integer Signedness Error in ld.so Allows Remote Code Execution Directory Traversal Vulnerability in FastJar 0.98's extract_jar Function Arbitrary File Ownership Change Vulnerability in pam_motd Module Authentication Bypass Vulnerability in Likewise Open and CIFS Libraries Unauthenticated Package Installation Vulnerability Unspecified Remote Integrity Vulnerability in Oracle Fusion Middleware Wireless Component Unspecified Remote Code Execution Vulnerability in Oracle Knowledge Management Component Unspecified vulnerability in Pack200 component in Oracle Java SE and Java for Business allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Java 2D component allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Oracle Java SE Sound Component Unspecified Remote Code Execution Vulnerability in Java Runtime Environment Unspecified vulnerability in ImageIO component in Oracle Java SE and Java for Business Unspecified vulnerability in Oracle Java SE and Java for Business Sound Component Unspecified vulnerability in Oracle Java SE and Java for Business Sound Component Unspecified vulnerability in Oracle Java SE and Java for Business Sound Component Unspecified Remote Code Execution Vulnerability in Oracle Java SE and Java for Business Unspecified Heap-Based Buffer Overflow Vulnerability in Oracle Java SE and Java for Business Unspecified Heap-Based Buffer Overflow Vulnerability in Java 2D Component Unspecified vulnerability in Java 2D component allows for remote attacks on confidentiality, integrity, and availability Unspecified Heap-Based Buffer Overflow Vulnerability in Java 2D Component Unspecified Remote Code Execution Vulnerability in Java 2D Component Unspecified Confidentiality Vulnerability in Oracle Database XML DB Component Unspecified XML DB Component Vulnerability in Oracle Database Unspecified vulnerability in Oracle Internet Directory component in Oracle Database and Fusion Middleware Remote authenticated users can compromise integrity through SELECT, INSERT, or DELETE operations on audited tables in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7. Unspecified Remote Integrity Vulnerability in Oracle Fusion Middleware Portal Component Unspecified Remote Code Execution Vulnerability in Oracle Fusion Middleware Portal Component Unspecified Remote Integrity Vulnerability in Oracle Workflow Cartridge Component Unspecified Remote Integrity Vulnerability in Oracle E-Business Suite Unspecified Remote Code Execution Vulnerability in Oracle E-Business Suite 11.5.10.2 ATG RUP6 Unspecified vulnerability in Oracle Database Core RDBMS component allows remote authenticated users to affect confidentiality, integrity, and availability Unspecified Confidentiality Vulnerability in Oracle HRMS (Self Service) Component Unspecified Remote Code Execution Vulnerability in Oracle Retail Markdown Optimization Component Unspecified Remote Integrity Vulnerability in Oracle Retail Plan In-Season Component Unspecified Remote Integrity Vulnerability in Oracle Retail Place In-Season Component Unspecified Confidentiality Vulnerability in Oracle Agile Engineering Data Management Component Unspecified vulnerability in JavaVM component in Oracle Database 11.1.0.7 and 11.2.0.1 Unspecified Remote Integrity Vulnerability in Oracle Database JavaVM Component Unspecified Remote Code Execution Vulnerability in Oracle iStore Component Unspecified Confidentiality Vulnerability in Oracle Transportation Management Component Unspecified vulnerability in Oracle Database Change Data Capture component allows remote authenticated users to compromise confidentiality and integrity Unspecified Remote Integrity Vulnerability in Oracle E-Business Suite Unspecified Remote Code Execution Vulnerability in Oracle Internet Directory Component Unspecified Remote Vulnerability in Oracle TimesTen In-Memory Database 7.0.6.0 Unspecified Remote Integrity Vulnerability in Oracle Communications Unified Inventory Management Unspecified Remote Code Execution Vulnerability in Oracle Thesaurus Management System Unspecified Remote Data Capture Vulnerability in Oracle Clinical Unspecified Remote Integrity Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne Unspecified Remote Integrity Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne Unspecified Confidentiality Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne Unspecified Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne Unspecified Remote Code Execution Vulnerability in Oracle Collaboration Suite 10.1.2.4 Unspecified vulnerability in Solaris component allows local users to affect confidentiality, integrity, and availability Unspecified Local Confidentiality Vulnerability in Sun Cluster Component Unspecified Local Confidentiality Vulnerability in Sun Cluster Component Unspecified Confidentiality Vulnerability in Sun Java System Communications Express Unspecified vulnerability in Java Deployment Toolkit component allows remote attackers to affect confidentiality, integrity, and availability Unspecified Remote Code Execution Vulnerability in Oracle Java SE and Java for Business JDK and JRE 6 Update 18 and 19 Unspecified vulnerability in Sun Ray Server Software component in Oracle Sun Product Suite 4.0, 4.1, and 4.2 Unspecified Local Confidentiality Vulnerability in Solaris Kernel Unspecified Kernel Vulnerability in Solaris Component of Oracle Sun Product Suite 10 and OpenSolaris Unspecified Remote Code Execution Vulnerability in Sun Management Center Component Unspecified Remote Integrity Vulnerability in Oracle Database Server Application Express Component Unspecified Remote Confidentiality Vulnerability in Sun Convergence Component Unspecified Remote Code Execution Vulnerability in Sun Java System Access Manager Unspecified Local Vulnerability in Solaris Component of Oracle Sun Product Suite Unspecified Remote Confidentiality Vulnerability in Sun Convergence Component Unspecified vulnerability in Sun Java System Directory Server component in Oracle Sun Product Suite Unspecified Remote Vulnerability in Oracle Secure Backup 10.3.0.1 Unspecified Remote Vulnerability in Oracle Secure Backup 10.3.0.1 Unspecified Remote Availability Vulnerability in Oracle Database Server on Windows Unspecified vulnerability in Oracle Database Server Export Component Unspecified vulnerability in Oracle OLAP component in Oracle Database Server Unspecified Remote Code Execution Vulnerability in Oracle Database Server on Windows Unspecified Remote Integrity Vulnerability in Oracle Secure Backup 10.3.0.1 Unspecified Remote Integrity Vulnerability in Oracle Applications Manager Unspecified Remote Vulnerability in Oracle Secure Backup 10.3.0.1 Unspecified Remote Vulnerability in Oracle Secure Backup 10.3.0.1 Unspecified Remote Code Execution Vulnerability in Oracle Applications Framework Unspecified Confidentiality Vulnerability in Oracle Applications Framework Unspecified Remote Code Execution Vulnerability in Oracle TimesTen In-Memory Database Unspecified Remote Availability Vulnerability in Oracle Database Server Unspecified Remote Integrity Vulnerability in Oracle Applications Framework Unspecified Remote Code Execution Vulnerability in Oracle Applications Manager Unspecified Remote Confidentiality Vulnerability in Oracle Sun Convergence 1.0 Unspecified vulnerability in Oracle Advanced Product Catalog component in Oracle E-Business Suite Unspecified vulnerability in Oracle OpenSolaris 10 related to rdist allows local users to compromise confidentiality, integrity, and availability Stack-based Buffer Overflow in VBScript in Microsoft Windows 2000, XP, and Server 2003 Unspecified Vulnerabilities in IBM Lotus iNotes with Unknown Impact and Attack Vectors Lotus Domino Web Access ActiveX Control Stack-based Buffer Overflow Vulnerability IBM Lotus iNotes XSS Vulnerability IBM Lotus iNotes CSRF Vulnerability Unspecified Denial of Service Vulnerability in IBM AIX 5.3 with SP 5300-11-02 Race condition vulnerability in KRunner lock module allows bypassing KScreenSaver screen locking Denial of Service Vulnerability in CFNetwork.dll in Apple Safari 4.0.3 and 4.0.4 Denial of Service Vulnerability in CFNetwork.dll in Apple Safari 4.0.4 Samba Directory Traversal Vulnerability Arbitrary Script Injection in IBM Lotus Domino Help Component Vulnerability: Fault-Based Attack on OpenSSL 0.9.8i Denial of Service Vulnerability in Perforce Server 2008.1 Denial of Service Vulnerability in Perforce Server 2008.1 Denial of Service Vulnerability in Perforce Server 2008.1 FTP Server Denial of Service Vulnerability in Perforce Server 2008.1 Arbitrary File Creation Vulnerability in Perforce Server 2008.1 Remote Code Execution Vulnerability in Perforce Server 2008.1 Perforce Server 2009.2 and Earlier Remote Privilege Escalation Vulnerability Arbitrary Web Script Injection Vulnerability in D-LINK DKVM-IP8 Firmware 2282_dlinkA4_p8_20071213 Unspecified Vulnerabilities in Visualization Library before 2009.08.812 Arbitrary Web Script Injection in Todoo Forum 2.0 Insufficient Access Control in Visialis ABB Forum 1.1 Allows Remote Database Download Arbitrary Web Script Injection in Simple PHP Guestbook 1.0 eTek Systems Hit Counter 2.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities Directory Traversal Vulnerability in jVideoDirect Component for Joomla! Directory Traversal Vulnerability in JA Showcase Component for Joomla! JCollection Component Directory Traversal Vulnerability Arbitrary SQL Command Execution in HotBrackets Tournament Brackets Component for Joomla! SQL Injection Vulnerability in KISS Software Advertiser Component for Joomla! Arbitrary Web Script Injection in Max Network Technology BBSMAX 3.0, 4.1, and 4.2 SQL Injection Vulnerability in Bigforum 4.5: Remote Code Execution via profil.php Natychmiast CMS Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerabilities in Natychmiast CMS SQL Injection Vulnerability in go_target.php in dev4u CMS SQL Injection Vulnerability in OneCMS 2.5 Allows Remote Code Execution via User Parameter Directory Traversal Vulnerability in phpCOIN 1.2.1 mod.php SQL Injection Vulnerability in Pre E-Learning Portal's search_result.asp SQL Injection Vulnerability in Bild Flirt Community 2.0: Remote Code Execution via id Parameter SQL Injection Vulnerability in OpenCart 1.3.2 index.php Allows Remote Code Execution Arbitrary File Inclusion Vulnerability in Saskia's Shopsystem beta1 and Earlier Arbitrary File Inclusion Vulnerability in Tribisur 2.1 and Earlier Arbitrary Script Injection Vulnerability in IBM ENOVIA SmarTeam 5 Buffer Overflow Vulnerability in qosmod in IBM AIX 6.1 and VIOS 2.1 Buffer Overflow Vulnerability in qoslist in IBM AIX 6.1 and VIOS 2.1 FTP Proxy Server Arbitrary TCP Forwarding Vulnerability Arbitrary Script Injection in dl Download Ticket Service (before 0.7) via Invalid Ticket ID SQL Injection Vulnerability in start.php in Eros Webkatalog Insufficient Access Control in Jevci Siparis Formu Script: Remote Database Download Vulnerability Remote File Inclusion Vulnerability in deV!L`z Clanportal (DZCP) 1.5.2 Directory Traversal Vulnerabilities in Geekhelps ADMP 1.01 SQL Injection Vulnerability in bannershow.php in Geekhelps ADMP 1.01 Unbound 64-bit Platform Structure Alignment Vulnerability SQL Injection Vulnerability in PhpMyLogon 2: Remote Code Execution via Username Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in ATutor 1.6.4 Arbitrary File Inclusion Vulnerability in GCalendar Component 2.1.5 for Joomla! SQL Injection Vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal Multiple SQL Injection Vulnerabilities in PHPCityPortal PHP Remote File Inclusion Vulnerability in PHPCityPortal's external.php Allows Arbitrary Code Execution Unrestricted Access to install.asp in Acidcat CMS 3.5.x Insufficient Access Control in PD PORTAL 4.0 Allows Remote Database Download Insufficient Access Control in KMSoft Guestbook (aka GBook) 1.0 Allows Remote Database Download Arbitrary Web Script Injection in Obsession-Design Image-Gallery (ODIG) 1.1 via folder Parameter SQL Injection Vulnerability in Left 4 Dead (L4D) Stats 1.1 Player.php SQL Injection Vulnerability in TPJobs Component for Joomla! Arbitrary File Read Vulnerability in CARTwebERP Component for Joomla! Remote File Inclusion Vulnerability in Rezervi 3.0.2 and Earlier with Enabled Register_Globals Insecure Storage of Sensitive Information in Acidcat CMS 3.5.3 and Earlier Directory Traversal Vulnerability in Abbreviations Manager Component 1.1 for Joomla! Memory Corruption Vulnerability in Adobe Shockwave Player Adobe Shockwave Player Heap-based Buffer Overflow Vulnerability Arbitrary File Write and Code Execution Vulnerabilities in Pulse CMS Arbitrary File Deletion Vulnerability in Pulse CMS before 1.2.3 Stack-based Buffer Overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0 Heap-based Buffer Overflow Vulnerabilities in imlib2 1.4.3 Cross-Site Request Forgery (CSRF) Vulnerabilities in Pulse CMS Basic and Pulse Pro Arbitrary Code Execution via Unrestricted File Upload in Pulse CMS Buffer Overflow Vulnerabilities in Visualization Library 2009.08.812: Remote Code Execution via Crafted DAT File Stack-based Buffer Overflow in Internet Download Manager (IDM) Allows Remote Code Execution Unrestricted File Upload Vulnerability in e107 Before 0.7.20 Arbitrary Web Script Injection in e107 Content Management Plugin Multiple stack-based buffer overflows in Free Download Manager (FDM) before 3.0.852 Arbitrary File Creation Vulnerability in Free Download Manager (FDM) Arbitrary File Creation Vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 Denial of Service Vulnerability in Shemes GrabIt up to 1.7.2 Beta 4 Cross-Site Scripting (XSS) Vulnerability in SimpleSAMLphp simplesamlphp-module-openid Critical SQL Injection Vulnerability in gesellix titlelink Plugin on Joomla Cross-Site Scripting Vulnerability in Information Cards Module on simpleSAMLphp Timing Discrepancy Vulnerability in michaelliao jopenid Critical SQL Injection Vulnerability in lierdakil click-reminder (Unsupported) Cross-Site Scripting (XSS) Vulnerability in simplesamlphp-module-openidprovider up to 0.8.x Critical SQL Injection Vulnerability in frioux ptome (VDB-218519) Cross-Site Scripting (XSS) Vulnerability in Stars Alliance PsychoStats up to 3.2.2a Path Traversal Vulnerability in Acritum Femitter Server 1.04 (VDB-250446) Arbitrary File Inclusion Vulnerability in eFront 3.5.x through 3.5.5 Arbitrary SQL Command Execution in YATSE Extension for TYPO3 Arbitrary Script Injection in Yet another TYPO3 search engine (YATSE) Extension Arbitrary SQL Command Execution Vulnerability in Brainstorming Extension for TYPO3 Unspecified Information Disclosure Vulnerability in TYPO3 Power Extension Manager Arbitrary Code Injection through Sellector.com Widget Integration Extension in TYPO3 Arbitrary SQL Command Execution Vulnerability in Educator Extension 0.1.5 for TYPO3 Arbitrary SQL Command Execution Vulnerability in MK Wastebasket Extension for TYPO3 Arbitrary Web Script Injection in myDashboard Extension for TYPO3 Arbitrary SQL Command Execution in CleanDB Extension for TYPO3 Arbitrary SQL Command Execution Vulnerability in Diocese of Portsmouth Database Extension Arbitrary Code Injection through Cross-Site Scripting (XSS) in TYPO3 Reports Logfile View Extension Arbitrary SQL Command Execution in SAV Filter Alphabetic Extension for TYPO3 Arbitrary SQL Command Execution Vulnerability in SAV Filter Selectors Extension for TYPO3 Arbitrary SQL Command Execution in SAV Filter Months Extension for TYPO3 Arbitrary SQL Command Execution in TYPO3 Book Reviews Extension Arbitrary SQL Command Execution in Simple Gallery Extension for TYPO3 Arbitrary Web Script Injection in Simple Gallery TYPO3 Extension Arbitrary Web Script Injection in Typo3 Quixplorer Extension Authentication Bypass Vulnerability in TYPO3 Security - Salted user password hashes Extension Arbitrary Code Injection through Cross-Site Scripting (XSS) in TYPO3 UserTask Center Extension Arbitrary SQL Command Execution in TGM-Newsletter Extension for TYPO3 Arbitrary Code Injection through Cross-Site Scripting (XSS) in TGM-Newsletter Extension for TYPO3 CleanDB - DBAL Extension SQL Injection Vulnerability Arbitrary SQL Command Execution Vulnerability in Meet Travelmates Extension for TYPO3 Integer Overflow in WOFF Decoder Allows Remote Code Execution Stack Consumption Vulnerability in WebKit's CSSSelector Function Unspecified Denial of Service Vulnerability in HP-UX B.11.31 with AudFilter Rules Enabled Unspecified Privilege Escalation Vulnerability in HP Insight Control for Linux Unspecified Denial of Service Vulnerability in HP-UX B.11.11 Stack-based buffer overflow vulnerabilities in Tetradyne ActiveX Control in HP Operations Manager Unspecified Remote Code Execution Vulnerability in HP System Management Homepage (SMH) Unspecified Remote Code Execution Vulnerabilities in HP Virtual Machine Manager (VMM) Arbitrary Web Script Injection Vulnerability in HP System Insight Manager CSRF Vulnerability in HP System Insight Manager Allows Authentication Hijacking Unspecified Privilege Escalation Vulnerability in HP System Insight Manager Format string vulnerability in _msgout function in rpc.pcnfsd Bypassing Simple Login Functionality in OpenPNE with IP Address Range Limitation Vulnerability Unspecified Remote Attack Vector in IBM DB2 Content Manager Toolkit and DB2 Information Integrator for Content Remote Code Execution Vulnerability in Microsoft Windows Media Player 11 Arbitrary File Inclusion Vulnerability in jaxCMS 1.0 SQL Injection Vulnerability in Login.do in ManageEngine OpUtils 5.0 SQL Injection Vulnerability in Productbook Component 1.0.4 for Joomla! SQL Injection Vulnerabilities in Rostermain 1.1 and Earlier: Remote Code Execution SQL Injection Vulnerability in MASA2EL Music City 1.0 and 1.1 Arbitrary Script Injection in Uiga Business Portal's Blog Comment Box Multiple SQL Injection Vulnerabilities in Uiga Business Portal AudiStat 1.3 index.php SQL Injection Vulnerability SQL Injection Vulnerabilities in AudiStat 1.3: Remote Code Execution via Year and Month Parameters Multiple Cross-Site Scripting (XSS) Vulnerabilities in AudiStat 1.3 SQL Injection Vulnerabilities in Zen Time Tracking 2.2 and Earlier Multiple SQL Injection Vulnerabilities in ParsCMS PHP Remote File Inclusion Vulnerabilities in osDate 2.1.9 and 2.5.4 RokDownloads Component Directory Traversal Vulnerability Directory Traversal Vulnerabilities in Phpkobo AdFreely 1.01 Arbitrary File Inclusion Vulnerability in Phpkobo Address Book Script 1.09 Directory Traversal Vulnerability in Phpkobo Address Book Script 1.09 Arbitrary File Inclusion Vulnerability in Phpkobo Short URL 1.01 Directory Traversal Vulnerabilities in Phpkobo Short URL 1.01 Arbitrary File Inclusion Vulnerability in Phpkobo Free Real Estate Contact Form 1.09 Directory Traversal Vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09 Insecure Storage of Sensitive Information in Erolife AjxGaleri VT Sensitive Information Disclosure in Lebisoft Ziyaretci Defteri 7.4 and 7.5 Insufficient Access Control in AR Web Content Manager (AWCM) 2.1 Allows Remote Database Download Insufficient Access Control in E-membres 1.0 Allows Remote Database Download Multiple Cross-Site Scripting (XSS) Vulnerabilities in NetWin SurgeFTP 2.3a6 ProArcadeScript games/game.php SQL Injection Vulnerability SQL Injection Vulnerability in ImagoScripts Deviant Art Clone SQL Injection Vulnerability in profil.php in phpMDJ 1.0.3 Sniggabo CMS 2.21 search.php Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in jEmbed-Embed Anything Component for Joomla! Arbitrary Script Injection in Drupal Currency Exchange Module SQL Injection Vulnerability in Entry Level CMS (EL CMS) Allows Remote Code Execution via subj Parameter Cross-site scripting (XSS) vulnerability in index.php in Entry Level CMS (EL CMS) Arbitrary File Inclusion Vulnerability in Crawlability vBSEO Plugin 3.1.0 SQL Injection Vulnerability in XlentProjects SphereCMS 1.1 Alpha's archive.php Allows Remote Code Execution Arbitrary Web Script Injection in Sawmill before 7.2.18 Arbitrary Script Injection in Pulse CMS 1.2.2 view.php Arbitrary File Read Vulnerability in Community Polls Component for Joomla Directory Traversal Vulnerabilities in OI.Blogs 1.0.0 USB Command Failure Information Leakage Vulnerability Denial of Service Vulnerability in Linux Kernel Bluetooth Sockets Denial of Service Vulnerability in azx_position_ok Function on AMD780V Chip Set Denial of Service Vulnerability in Linux Kernel 2.6.33 and Earlier Denial of Service Vulnerability in Linux Kernel 2.6.x through 2.6.33-rc5 NFS Automount Symlink Vulnerability in Linux Kernel 2.6.18-2.6.34 Arbitrary SQL Command Execution in PHP Trouble Ticket 2.2 via vedi_faq.php SQL Injection Vulnerability in phpMySite's index.php Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpMySite's contact.php SQL Injection Vulnerabilities in ScriptsFeed Business Directory Software Login Page Arbitrary SQL Command Execution in rss.php of 1024 CMS 2.1.1 SQL Injection Vulnerability in news.php in DZ EROTIK Auktionshaus V4rgo: Remote Code Execution via id Parameter Cross-Site Scripting (XSS) Vulnerability in TRUC 0.11.0 and Earlier Multiple SQL Injection Vulnerabilities in ScriptsFeed Dating Software's searchmatch.php Authentication Bypass Vulnerability in DeDeCMS 5.5 GBK Denial of Service Vulnerability in ANI Parser of Microsoft Windows Integer Overflow in Apple Safari Allows Remote Attackers to Bypass Port Restrictions Arora Integer Overflow Vulnerability Allows Bypass of Port Restrictions Integer Overflow in iCab Allows Remote Bypass of Port Restrictions OmniWeb Integer Overflow Vulnerability Allows Bypass of Port Restrictions Stainless Integer Overflow Vulnerability Allows Bypass of Outbound TCP Port Restrictions Zope Cross-Site Scripting (XSS) Vulnerability in Error Messages Arbitrary Web Script Injection in AdvertisementManager 3.1.0 and 3.6 via usr Parameter Remote File Inclusion Vulnerability in AdvertisementManager 3.1.0 Arbitrary Script Injection in Drupal Recent Comments Module Arbitrary Code Injection through Cross-Site Scripting (XSS) in Drupal Control Panel Module Multiple SQL Injection Vulnerabilities in phpMySport 1.4 Arbitrary Directory Listing Vulnerability in phpMySport 1.4 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Jokes Complete Website Arbitrary Script Injection in cat.php of KloNews 2.0 Arbitrary Code Injection through Cross-Site Scripting (XSS) in Web Server Creator - Web Portal 0.1 PHP Remote File Inclusion Vulnerabilities in Web Server Creator - Web Portal 0.1 Arbitrary File Read Vulnerability in Web Server Creator - Web Portal 0.1 Insufficient Access Control Allows Remote Database Download in LookMer Music Portal Heap-based Buffer Overflow in Internet Explorer 8 on Windows 7 Remote Code Execution Vulnerability in Internet Explorer 8 on Windows 7 Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS Unspecified Remote Code Execution Vulnerability in Safari 4 on Mac OS X 10.6 Use-after-free vulnerability in Mozilla Firefox 3.6.x before 3.6.3 Unspecified Denial of Service Vulnerability in Mozilla Firefox 3.5.x through 3.5.8 Improper Lockfile Association in Chip Salzenberg Deliver Allows Denial of Service Denial of Service Vulnerability in IBM AIX 5.3's bos.rte.libc Library Remote Keystroke Injection Vulnerability in Mozilla Firefox and SeaMonkey Remote Keystroke Injection Vulnerability in WebKit's JavaScript Implementation Denial of Service Vulnerability in Microsoft Internet Explorer 6 and 7 Weak Entropy in Linear Congruential Generator (LCG) in PHP Directory Pathname Traversal Vulnerability in PHP's safe_mode Implementation Bypassing open_basedir and safe_mode restrictions in PHP session_save_path vulnerability Denial of Service Vulnerability in Apple Safari 4.0.5 on Windows XP SP3 Arbitrary Command Execution via RCPT TO Field in SpamAssassin Milter Plugin 0.3.1 SQL Injection Vulnerabilities in TikiWiki CMS/Groupware 4.x before 4.2 SQL Injection Vulnerability in TikiWiki CMS/Groupware 3.x before 3.5 via searchlib.php Cookie Reuse Vulnerability in TikiWiki CMS/Groupware 4.x before 4.2 Predictable Cookies in TikiWiki CMS/Groupware 3.x before 3.5 Arbitrary Web Script Injection Vulnerability in VMware VirtualCenter, ESX, and Server Console Information Disclosure Vulnerability in VMware Virtual Networking Stack Format String Vulnerability in VMware VIX API 1.6.x, VMware Workstation 6.5.x, VMware Player 2.5.x, VMware Server 2.x, and VMware Fusion 2.x Privilege Escalation via USB Service in VMware Workstation and Player Arbitrary Code Execution via VMware Tools Library Access Vulnerability Privilege escalation vulnerability in VMware Tools Arbitrary Web Script Injection Vulnerability in VMware View Privilege Escalation Vulnerability in Linux Kernel 2.6.33.2 and Earlier with ReiserFS Filesystem Stack-based Buffer Overflow in Open Direct Connect Hub: Remote Code Execution NULL pointer dereference vulnerability in cifs_create function in Linux kernel 2.6.33.2 and earlier Information Leakage in udisks-dm-export.c in udisks before 1.0.1 MediaWiki Login CSRF Vulnerability Race condition vulnerability in mod_auth_shadow module allows remote attackers to bypass authentication and potentially modify data via improper interaction with an external helper application. Denial of Service Vulnerability in memcached before 1.4.3 Remote File Inclusion Vulnerability in TYPO3 Autoloader SSL Certificate Spoofing Vulnerability in Irssi IRC Client Denial of Service Vulnerability in Irssi 0.8.15 and Earlier Versions Information Disclosure Vulnerability in Apache Tomcat Integer Overflow in Perl 5.8.x Regular Expression Engine Leading to Denial of Service Heap-based Buffer Overflow Vulnerabilities in Aircrack-ng before 1.1 Symlink Attack Vulnerability in GNU nano before 2.2.4 Privilege Escalation via Race Condition in GNU nano Missing put_pid calls in release_one_tty function in Linux kernel before 2.6.34-rc4 Local Privilege Escalation via Command Matching Vulnerability in Sudo Multiple Cross-Site Scripting (XSS) Vulnerabilities in Atlassian JIRA 3.12 through 4.1 Arbitrary Code Execution Vulnerability in Atlassian JIRA 3.12 through 4.1 Remote Code Execution Vulnerability in X.Org X11R7.1 Denial of Service Vulnerability in fetchmail 4.6.3 through 6.3.16 Arbitrary Code Execution Vulnerability in Safe.pm Module Arbitrary Perl Code Execution Vulnerability in PostgreSQL Arbitrary Tcl Code Execution via PL/Tcl in PostgreSQL XML-RPC API in Red Hat Network (RHN) Satellite 5.3 and 5.4: Arbitrary File Access and Denial of Service Vulnerability Access Control Bypass in DBus-GLib 0.73 Denial of Service Vulnerability in Linux Kernel 2.6.33.3 and Earlier with SCTP Enabled Denial of Service Vulnerability in Cisco TFTP Server 1.1 Unspecified Remote Code Execution Vulnerability in Microsoft Internet Explorer 7.0 Remote Code Execution and Denial of Service Vulnerability in Safari on Apple iPhone OS 3.1.3 for iPod touch Remote Code Execution Vulnerability in Safari on Apple iPhone OS 3.1.3 for iPod touch Denial of Service Vulnerability in Safari on Apple iPhone OS 3.1.3 Denial of Service and Arbitrary Code Execution Vulnerability in Safari on Apple iPhone OS 3.1.3 Remote Code Execution Vulnerability in Safari on Apple iPhone OS 3.1.3 for iPod touch Remote Code Execution Vulnerability in Safari on Apple iPhone OS 3.1.3 for iPod touch Unspecified Vulnerabilities in IBM WebSphere Application Server Administrative Console Vulnerability: Local Privilege Escalation via Oracle Solaris Patch-Installation Script XOR Encryption Vulnerability in Microsoft Wireless Keyboard Remote Code Execution Vulnerability in SAP MaxDB 7.4.3.32 and 7.6.0.37 through 7.6.06 Arbitrary Script Injection in NextGEN Gallery Plugin for WordPress TIPC Kernel OOPS Denial of Service Vulnerability Use-after-free vulnerability in Linux kernel 2.6 allows remote denial of service CSS validation issue in MediaWiki before 1.15.2 allows IP address and user information disclosure through image linking Access Restriction Bypass in MediaWiki's thumb.php Bypassing Administrator Authentication in Sahana Disaster Management System Arbitrary SSL Server Spoofing via libESMTP Vulnerability Arbitrary Script Injection Vulnerability in VMware Server 2.0 WebAccess Certificate Spoofing Vulnerability in libESMTP 1.0.3.r1 and 1.0.4 HTML Injection via data:image/svg+xml URI in ikiwiki Integer Overflow in nsGenericDOMDataNode::SetTextInternal Function in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and SeaMonkey Remote Code Execution Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Code Execution via Integer Overflow in XSLT Node Sorting Implementation Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Denial of Service and Arbitrary Code Execution Vulnerability in Mozilla Firefox 3.6.x Bugzilla Time-Tracking Information Disclosure Vulnerability Buffer Overflow Vulnerability in libpng's pngpread.c Same Origin Policy Bypass in Firefox and SeaMonkey Cross-Origin Information Leakage in Mozilla Firefox and Thunderbird Use-after-free vulnerability in attribute-cloning functionality in Mozilla Firefox and SeaMonkey NodeIterator Use-After-Free Remote Code Execution Vulnerability Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox and Thunderbird Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Memory corruption and code execution vulnerability in Mozilla Firefox and Thunderbird Same Origin Policy Bypass via importScripts Method in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Code Execution via Integer Overflow in Mozilla Firefox and SeaMonkey Arbitrary JavaScript Code Execution with Chrome Privileges in Mozilla Firefox and Thunderbird Remote File Inclusion Vulnerability in notsoPureEdit 1.4.1 and Earlier Directory Traversal Vulnerability in JE Form Creator Component for Joomla! Arbitrary Web Script Injection Vulnerability in TYPO3 mm_forum Extension Directory Traversal Vulnerability in JA News Component 1.0 for Joomla! Authentication Bypass Vulnerability in CA XOsoft r12.0 and r12.5 Authentication Bypass Vulnerability in CA XOsoft r12.5 Remote Code Execution Vulnerabilities in CA XOsoft r12.0 and r12.5 Improper Enforcement of Remote Host Access Controls in Asterisk Open Source 1.6.0.x - 1.6.2.x Memory Management Vulnerability in Microsoft Virtual PC and Virtual Server Denial of Service Vulnerability in Apple iPhone OS 3.1 Cross-Site Scripting (XSS) Vulnerability in Sun Java System Communications Express 6.2 and 6.3 Unspecified Impact and Attack Vectors in Google Chrome Sandbox Infrastructure Pointer Misuse Vulnerability in Google Chrome Sandbox Infrastructure Unspecified Impact and Attack Vectors in Web SQL Database Deletion and STS State Clearing in Google Chrome HTTP Header Processing Vulnerability in Google Chrome Denial of Service and Memory Error Vulnerability in Google Chrome Integer Overflow Vulnerabilities in Google Chrome WebKit JavaScript Objects URL Truncation Vulnerability in Google Chrome Unspecified Remote Download Warning Bypass Vulnerability in Google Chrome Cross-Site Scripting (XSS) Vulnerability in WebKit Denial of Service Vulnerability in Google Chrome 4.1 BETA Bypassing Textcha Protection in MoinMoin 1.7.1 Arbitrary Program Execution Vulnerability in Foxit Reader Arbitrary Local Program Execution Vulnerability in Adobe Reader and Acrobat Heap-based Buffer Overflow in Adobe Reader and Acrobat 9.x and 8.x on Windows and Mac OS X (FG-VD-10-005) Arbitrary Script Injection in IBM Web Interface for Content Management Persistent Cookie Vulnerability in IBM Web Interface for Content Management CSRF Vulnerability in Apache ActiveMQ Allows Authentication Hijacking Excel Record Memory Corruption Vulnerability Excel RTD Memory Corruption Vulnerability Excel RTD Record Heap Corruption Vulnerability Excel HFPicture Memory Corruption Vulnerability Excel ExternName Record Buffer Overflow Vulnerability Excel EDG Memory Corruption Vulnerability Excel Record Stack Corruption Vulnerability Remote Code Execution Vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac Excel ADO Object Vulnerability Mac Office Open XML Permissions Vulnerability Win32k TrueType Font Parsing Vulnerability IIS Authentication Memory Corruption Vulnerability Arbitrary Script Injection Vulnerability in Microsoft Office InfoPath and SharePoint Event Handler Cross-Domain Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer HTML Element Memory Corruption Vulnerability in IE8 Developer Toolbar Uninitialized Memory Corruption Vulnerability in IE8 Developer Toolbar Memory Corruption Vulnerability in Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 COM Validation Vulnerability in Windows Shell and WordPad SharePoint Help Page Denial of Service Vulnerability SQL Injection Vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) Multiple PHP Remote File Inclusion Vulnerabilities in WebMaid CMS 0.2-6 Beta and Earlier Directory Traversal Vulnerabilities in WebMaid CMS 0.2-6 Beta and Earlier Directory Traversal Vulnerability in justVisual CMS 2.0 index.php SQL Injection Vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II SQL Injection Vulnerability in auktion.php in Multi Auktions Komplett System 2 Arbitrary SQL Command Execution in showplugs.php in smartplugs 1.3 Arbitrary PHP Code Execution via Remote File Inclusion in Gnat-TGP 1.2.20 and Earlier Unvalidated UTF-8 Encoding in Emweb Wt before 3.1.1: Remote Attack Vectors Arbitrary Script Injection in Emweb Wt before 3.1.1 Arbitrary Web Script Injection Vulnerability in BBSXP 2008 ShowPost.asp Multiple Cross-Site Scripting (XSS) Vulnerabilities in BBSXP 2008 SP2 SQL Injection Vulnerability in Zabbix API Allows Remote Code Execution Buffer Overflow in Adobe Download Manager ActiveX Control Arbitrary Code Execution Vulnerability in Adobe Photoshop CS4 11.x Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Shockwave Player Memory Corruption Vulnerability in Adobe Shockwave Player Denial of Service Vulnerability in Adobe Shockwave Player Heap Memory Corruption in Adobe Shockwave Player Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2010-1292) Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2010-1292) Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2010-1292) Buffer Overflow Vulnerability in Adobe Shockwave Player Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2010-1285) Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2010-1292) Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2010-1291) Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Web Script Injection Vulnerability in Adobe ColdFusion Administrator Page Unspecified Local Information Disclosure Vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Buffer Overflow Vulnerabilities in Adobe Photoshop CS4 Remote Code Execution Vulnerability in Adobe Flash Player, Adobe AIR, Adobe Reader, and Adobe Acrobat Directory Traversal Vulnerability in Pulse CMS 1.2.2 view.php Multiple PHP Remote File Inclusion Vulnerabilities in DynPG CMS 4.1.0 Arbitrary SQL Command Execution Vulnerability in Yamamah (Dove Photo Album) 1.00 SQL Injection Vulnerability in Centreon 2.1.5: Remote Code Execution via host_id Parameter Arbitrary File Read Vulnerability in DecryptWeb DW Graphs Component for Joomla Multiple Cross-Site Scripting (XSS) Vulnerabilities in Taxonomy Filter Module for Drupal Arbitrary File Read Vulnerability in User Status Component for Joomla! Directory Traversal Vulnerability in JInventory Component for Joomla! (com_jinventory) 1.23.02 and Earlier Versions Picasa Component Directory Traversal Vulnerability Arbitrary File Read Vulnerability in Magic Updater Component for Joomla! Directory Traversal Vulnerability in SVMap Component 1.1.1 for Joomla! Directory Traversal Vulnerability in Irmin CMS 0.6 BETA2 Information Disclosure Vulnerability in Opera 10.50 Memory Corruption and Application Crash Vulnerability in ClamAV's qtm_decompress Function Directory Traversal Vulnerability in iJoomla News Portal Component 1.5.x for Joomla! Seber Cart Component Directory Traversal Vulnerability Highslide JS (com_hsconfig) Component Directory Traversal Vulnerability Directory Traversal Vulnerability in webERPcustomer.php in Joomla! Component Weberpcustomer 1.2.1 and 1.x before 1.06.02 Stack-based Buffer Overflow in Tembria Server Monitor Heap-based Buffer Overflow in RealNetworks Helix Server and Helix Mobile Server: Remote Code Execution via Invalid Base64-encoded Data AgentX::receive_agentx function in AgentX++ 1.4.16 Stack-based Buffer Overflow Vulnerability Arbitrary Code Execution via Integer Overflow in AgentX::receive_agentx Function Double Free Vulnerability in MIT Kerberos 5 Key Distribution Center (KDC) Allows Remote Code Execution NULL pointer dereference vulnerability in kg_accept_krb5 function in MIT Kerberos 5 Uninitialized Pointer Dereference Vulnerability in MIT Kerberos 5 Kerberos 5 Vulnerability: Checksum Acceptability Determination Issue Vulnerability in MIT Kerberos 5 (krb5) 1.7.x-1.8.3: Checksum Acceptability Determination Issue CSRF Vulnerability in SUSE Lifecycle Management Server (SLMS) 1.0 Arbitrary Code Execution and Permission Bypass in March Hare Software CVSNT and CVS Suite SQL Injection Vulnerabilities in TornadoStore 1.4.3 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in TornadoStore 1.4.3 and Earlier Bypassing Intrusion-Prevention Functionality in Imperva SecureSphere Web Application Firewall and Database Firewall Cross-Site Scripting (XSS) Vulnerability in JRuby before 1.4.1 Heartlogic HL-SiteManager SQL Injection Vulnerability Arbitrary Web Script Injection in PrettyBook PrettyFormMail Multiple Cross-Site Scripting (XSS) Vulnerabilities in Almas Inc. Compiere J300_A02 and Earlier Arbitrary Code Execution via Unrestricted File Upload in Pulse CMS Basic 1.2.4 Multiple PHP Remote File Inclusion Vulnerabilities in Insky CMS 006-0111 Multiple SQL Injection Vulnerabilities in INVOhost 3.4 PHP Remote File Inclusion Vulnerabilities in Lussumo Vanilla 1.1.10 and Earlier Versions SQL Injection Vulnerability in Teamsite Hack Plugin 3.0 and Earlier for WoltLab Burning Board Cross-site scripting (XSS) vulnerability in Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board Arbitrary File Read Vulnerability in J!Research Component for Joomla! SQL Injection Vulnerability in Systemsoftware Community Black Forum Multiple PHP Remote File Inclusion Vulnerabilities in Direct News 4.10.2 SQL Injection Vulnerability in photo.php in SiteX 0.7.4 Beta SQL Injection Vulnerability in Cookex Agency CKForms Component 1.3.3 for Joomla! Arbitrary File Read Vulnerability in Cookex Agency CKForms Component 1.3.3 for Joomla! SQL Injection Vulnerability in Mini CMS RibaFS 1.0 Allows Remote Code Execution Privilege Escalation Vulnerability in IBM Systems Director Unspecified Remote Login Vulnerability in IBM WebSphere Portal Opera 10.10-10.50 Integer Overflow Remote Code Execution Vulnerability SQL Injection Vulnerability in JP Jobs Component 1.4.1 and Earlier for Joomla! PHP Remote File Inclusion Vulnerabilities in Nodesforum 1.033 and 1.045 Directory Traversal Vulnerability in JOOFORGE Jutebox Component for Joomla! LoginBox Pro Component for Joomla! Directory Traversal Vulnerability Directory Traversal Vulnerability in VJDEO Component for Joomla! (com_vjdeo) 1.0 and 1.0.1 TANDBERG Video Communication Server (VCS) XSS Vulnerability (Reference ID 66316) Unspecified Remote Code Execution Vulnerability in TANDBERG Video Communication Server (VCS) before X5.0 (Reference ID 69773) Arbitrary Web Script Injection in SBD Directory Software 4.0 Arbitrary Code Injection Vulnerability in Drupal Bibliography (Biblio) Module SQL Injection Vulnerability in Direct URL Module for xt:Commerce Multiple PHP Remote File Inclusion Vulnerabilities in FAQEngine 4.24.00 PHPepperShop 2.5 - Cross-Site Scripting (XSS) Vulnerability in USER_ARTIKEL_HANDLING_AUFRUF.php Arbitrary Code Injection via Term Description Field in Own Term Module for Drupal SQL Injection Vulnerability in JProjects Component for Joomla! SQL Injection Vulnerability in Uiga Personal Portal's index.php Allows Remote Code Execution SQL Injection Vulnerability in Uiga Fan Club index.php Allows Remote Code Execution SQL Injection Vulnerabilities in Uiga Fan Club 1.0 and Earlier: Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Uiga Fan Club Admin Login SQL Injection Vulnerability in GameScript (GS) 3.0 Allows Remote Code Execution via index.php Arbitrary SQL Command Execution in Pre Classified Listings ASP Signup SQL Injection Vulnerability in Pre Classified Listings ASP Arbitrary Web Script Injection in Pre Classified Listings ASP Signup Arbitrary SQL Command Execution Vulnerability in HD FLV Player Component for Joomla! Cross-site scripting (XSS) vulnerability in Apple Mac OS X 10.6 Help Viewer Arbitrary File Creation Vulnerability in iChat for Mac OS X Privilege Escalation Vulnerability in NetAuthSysAgent in Apple Mac OS X 10.5.8 Multiple Format String Vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10.6.4 Unencrypted Connection Vulnerability in Apple Mac OS X 10.6 Arithmetic Vulnerability in OpenSSL Allows Bypass of X.509 Certificate Authentication in Apple Mac OS X 10.6.x Denial of Service Vulnerability in Apple Mac OS X 10.6 Printer Setup Integer Overflow in CUPS Filter Allows Remote Code Execution in Mac OS X 10.6 Arbitrary File Access Vulnerability in Apple Mac OS X SMB File Server Cross-Site Scripting (XSS) Vulnerability in Apple Mac OS X Wiki Server Credential Reflection Vulnerability in Apple Safari Lack of Warning for Username and Password in Safari URLs Vulnerability Crafted PDF Document Exploits Use-After-Free Vulnerability in Apple Safari Unrestricted Access to lastPosition Function in WebCore Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes and iOS allows remote code execution or denial of service Arbitrary File Reading Vulnerability in WebKit User-assisted remote code injection vulnerability in Apple Safari before 5.0 on Mac OS X and Windows Arbitrary Script Injection Vulnerability in Apple Safari Arbitrary Database File Creation Vulnerabilities in Apple Safari WebKit Use-After-Free Vulnerability in Apple Safari Sensitive URL Disclosure Vulnerability in Apple Safari Arbitrary Script Injection Vulnerability in Apple Safari WebKit Webkit Cross-Site Scripting (XSS) Vulnerability in Apple Safari Use-after-free vulnerability in WebKit allows remote code execution or denial of service in Apple Safari WebKit Use-After-Free Vulnerability in Apple Safari Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Uninitialized Memory Access Vulnerability in Apple Safari Caption Element Use-After-Free Vulnerability in Apple Safari Cascading Style Sheets (CSS) Use-After-Free Vulnerability in Apple Safari Double Free Vulnerability in WebKit Allows Remote Code Execution or Denial of Service in Apple Safari Uninitialized Memory Access Vulnerability in WebKit Use-after-free vulnerability in WebKit allows remote code execution or denial of service in Apple Safari WebKit Use-After-Free Vulnerability in Apple Safari Information Leakage via Referer Header in Apple Safari Information Disclosure Vulnerability in WebKit on Apple iOS Devices Integer Truncation Vulnerability in WebKit Incomplete Blacklist Vulnerability in WebKit Allows Disclosure of Data over IRC Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Integer Overflow Vulnerability in LibTIFF FAX3 Decoder Hover Event Use-After-Free Vulnerability in Apple Safari Cleartext Transmission of NTLM Credentials in Apple Safari Use-after-free vulnerability in WebKit allows remote code execution or denial of service in Apple Safari Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Cross-Site Image Capture Vulnerability in Apple Safari WebKit Multiple :after Pseudo-Selectors Remote Code Execution Vulnerability in Apple Safari Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X and Windows Use-after-free vulnerability in WebKit allows remote code execution and denial of service in Apple Safari Arbitrary Script Injection Vulnerability in Apple Safari's CFNetwork Clipboard Remote Execution Vulnerability in Apple Safari Arbitrary Key Press Vulnerability in Apple Safari Java URI Handler Argument Injection Vulnerability Font File Remote Code Execution Vulnerability in JustSystems Ichitaro and Ichitaro Government 2006-2010 Vulnerability: Inadequate Malware Detection in F-Secure Security Products SQL Injection Vulnerability in MODx Evolution 1.0.3 and Earlier Versions Cross-site scripting (XSS) vulnerability in MODx Evolution SearchHighlight Plugin Access Control Bypass in JBoss EAP Web Console Information Disclosure Vulnerability in Red Hat JBoss EAP 4.2 and 4.3 Arbitrary SQL Command Execution in Cacti 0.8.7e and Earlier Joomla! Core Information Disclosure Vulnerability Arbitrary File Upload Vulnerability in Joomla! Core 1.5.x (1.5.0 - 1.5.15) Session Fixation Vulnerability in Joomla! Core 1.5.x (up to 1.5.15) Allows Arbitrary Session Hijacking Joomla! Core Password Reset Token Retrieval Vulnerability Out-of-Bounds Write Vulnerability in GFS2 File System Race condition vulnerability in find_keyring_by_name function in Linux kernel 2.6.34-rc5 and earlier allows denial of service or memory corruption. Vulnerability: Insecure Temporary File Handling in Web Application Finger Printer (WAFP) 0.01-26c3 World-readable permissions for /var/spool/up2date/loginAuth.pkl file in yum-rhn-plugin Integer Overflow Vulnerabilities in dvipsk/dospecial.c in TeX Live 2009 and earlier, and teTeX Heap-based Buffer Overflows in VideoLAN VLC Media Player Before 1.0.6 Remote Code Execution and Denial of Service Vulnerability in VideoLAN VLC Media Player NULL pointer dereference vulnerability in XSPF playlist parser in VLC media player before 1.0.6 Remote Code Execution Vulnerability in VideoLAN VLC Media Player Heap-based Buffer Overflow in VideoLAN VLC Media Player Allows Remote Code Execution via Crafted RTMP Session Kernel Memory Overwrite Vulnerability in KGDB on PowerPC Arbitrary Code Execution Vulnerability in Safe.pm Module for Perl Cross-site scripting (XSS) vulnerability in LXR Cross Referencer before 0.9.8 in lib/LXR/Common.pm Integer Overflow in rgbimgmodule.c in Python 2.5 Allows Remote Code Execution via Large Image Buffer Overflow Vulnerabilities in Python 2.5 RLE Decoder Improper Implementation of Non-Executable Stack in Linux Kernel on SPARC Platform Denial of Service Vulnerability in Apache HTTP Server 2.2.x Piwik Login Form Cross-Site Scripting (XSS) Vulnerability Unencrypted Password Vulnerability in VMware SpringSource tc Server Runtime Denial of Service Vulnerability in Wireshark DOCSIS Dissector Arbitrary File Read Vulnerability in gdomap Stack-based Buffer Overflow in TweakFS Zip Utility 1.0 for FSX Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerability in ASP.NET Mono 2.6.4 and Earlier IBM BladeCenter AMM Firmware Denial of Service Vulnerability Arbitrary File Read Vulnerability in Photo Battle Component 1.0.1 for Joomla! WebAsyst Shop-Script FREE Directory Traversal Vulnerability Multiple SQL Injection Vulnerabilities in WebAsyst Shop-Script FREE Multiple Cross-Site Scripting (XSS) Vulnerabilities in WebAsyst Shop-Script FREE Stack-based Buffer Overflow in Trellian FTP Client 3.01: Remote Code Execution via Long PASV Response Arbitrary File Read Vulnerability in openUrgence Vaccin 1.03 PHP Remote File Inclusion Vulnerabilities in openUrgence Vaccin 1.03 Arbitrary SQL Command Execution in Multi-Venue Restaurant Menu Manager Component for Joomla Ternaria Informatica JProject Manager Component 1.0 for Joomla! Directory Traversal Vulnerability Web TV Component 1.0 for Joomla! Directory Traversal Vulnerability Arbitrary File Read Vulnerability in AddressBook Component 1.5.0 for Joomla! Arbitrary File Read Vulnerability in Daily Horoscope Component 1.5.0 for Joomla! Directory Traversal Vulnerability in Joomla! Advertising Component 0.25 Directory Traversal Vulnerability in Sweety Keeper Component 1.5.x for Joomla! Arbitrary File Read Vulnerability in Preventive & Reservation Component 1.0.5 for Joomla! AlphaUserPoints Component 1.5.5 for Joomla! - Directory Traversal Vulnerability SQL Injection Vulnerability in SermonSpeaker Component for Joomla! (com_sermonspeaker) before 3.2.1 Ternaria Informatica Jfeedback Component 1.2 Directory Traversal Vulnerability RokModule Component 1.1 for Joomla! SQL Injection Vulnerability SQL Injection Vulnerability in RokModule Component 1.1 for Joomla! Arbitrary Script Injection via Width Attribute in PmWiki Table Feature Arbitrary Web Script Injection in CMS Made Simple (CMSMS) Backend Cross-Site Scripting (XSS) Vulnerabilities in CactuShop Invoice.asp Cleartext Storage of Administrative Credentials in IBM Lotus Notes Inappropriate Data Structures in proc_oom_score Function in Linux Kernel Cross-Site Scripting (XSS) Vulnerability in Microsoft Internet Explorer 8 XSS Filter Unspecified Vulnerability in IBM Cognos 8 Business Intelligence Directory Traversal Vulnerability in MMS Blog Component 2.3.0 for Joomla! Directory Traversal Vulnerability in Elastix 1.6.0's help/frameRight.php SQL Injection Vulnerability in AWDwall Component for Joomla! (com_awdwall) Directory Traversal Vulnerability in AWDwall Component 1.5.4 for Joomla! Matamko Component 1.01 for Joomla! Directory Traversal Vulnerability JoltCard Component 1.2.1 for Joomla! SQL Injection Vulnerability Arbitrary Web Script Injection Vulnerability in dl_stats 2.0 SQL Injection Vulnerabilities in dl_stats 2.0: Remote Code Execution SQL Injection Vulnerability in genre_artists.php in MusicBox 3.3 Type Confusion Vulnerability in Google Chrome Remote File Access Vulnerability in Google Chrome Developer Tools Arbitrary Script Injection Vulnerability in Google Chrome Arbitrary Script Injection Vulnerability in Google Chrome Privilege Escalation in Google Chrome's New Tab Page Memory Corruption Vulnerability in Google Chrome's V8 Bindings Fixed Secret Key Vulnerability in WebYaST Appliance Heap-based Buffer Overflow in Apple QuickTime on Windows Heap-based Buffer Overflow in IrfanView PSD Image Processing IrfanView Heap-Based Buffer Overflow Vulnerability in PSD Image Processing Arbitrary File Overwrite Vulnerability in KGet 2.4.2 Arbitrary File Creation Vulnerability in aria2 before 1.9.3 Heap-based buffer overflows in Ziproxy 3.0.1 Arbitrary PHP Code Execution via Unrestricted File Upload in TomatoCMS 2.0.6 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in TomatoCMS 2.0.6 and Earlier Integer Overflow Vulnerabilities in SWFTools 0.9.1 Arbitrary Program Download and Execution Vulnerability in GIGABYTE Dldrv2 ActiveX Control Array Index Error in SetDLInfo Method in GIGABYTE Dldrv2 ActiveX Control 1.4.206.11 Heap-based Buffer Overflow in glpng Library via Crafted PNG Image Arbitrary Web Script Injection in TaskFreak! Original Multi User (before 0.6.4) Logout.php SQL Injection Vulnerability in TaskFreak! Original Multi User before 0.6.4 Multiple SQL Injection Vulnerabilities in BookLibrary Basic Component 1.5.3 for Joomla! Heap-based Buffer Overflow Vulnerabilities in Winamp VP6 Codec Arbitrary Code Execution Vulnerability in Autonomy KeyView's Lotus 123 Reader Integer Underflow Vulnerability in Autonomy KeyView Allows Remote Code Execution Heap-based buffer overflows in libgdiplus 2.6.7 via crafted image files Novell iPrint Client Buffer Overflow Vulnerability Remote File Inclusion Vulnerability in Uiga Proxy's include/template.php Arbitrary SQL Command Execution Vulnerability in Freestyle FAQs Lite (com_fsf) Component for Joomla! Cross-Site Scripting (XSS) Vulnerabilities in Drupal Internationalization Module Arbitrary File Read Vulnerability in redSHOP Component for Joomla! Directory Traversal Vulnerability in givesight PowerMail Pro (com_powermail) Component 1.5.3 for Joomla! TweetLA Component 1.0.1 for Joomla! Directory Traversal Vulnerability Arbitrary File Read Vulnerability in Shoutbox Pro Component for Joomla! TRAVELbook Component 1.0.1 for Joomla! Directory Traversal Vulnerability Arbitrary Code Injection through AddThis Button Module in Drupal Multiple Directory Traversal Vulnerabilities in phpCDB 1.0 and Earlier Arbitrary SQL Command Execution in print_raincheck.php in phpRAINCHECK 1.0.1 and Earlier Arbitrary Script Injection Vulnerability in Workflow Module for Drupal Directory Traversal Vulnerability in MyBlog Component 3.0.329 for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in DFD Cart 1.198 and Earlier Cross-Site Request Forgery (CSRF) Vulnerabilities in DFD Cart 1.198 and Earlier eTracker Module Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in micro_httpd on RCA DCM425 Cable Modem Multiple eval injection vulnerabilities in Chaos Tool Suite (CTools) module 6.x before 6.x-1.4 for Drupal CSRF Vulnerabilities in Chaos Tool Suite Module for Drupal Unrestricted Access to Unpublished Node Titles in Drupal CTools Module Unspecified Remote Code Execution Vulnerability in HP LoadRunner and Performance Center Format String Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Stack-based Buffer Overflow in _OVParseLLA Function in HP OpenView Network Node Manager (OV NNM) Stack-based Buffer Overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 Unspecified Remote Information Disclosure and Data Modification Vulnerability in HP Systems Insight Manager (SIM) HP Insight Control Server Migration before 6.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities Unspecified Local Bypass Vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software SQL Injection Vulnerability in SermonSpeaker Component for Joomla! Buffer Overflow in IBM DB2 9.1 REPEAT Function Allows Remote DoS Denial of Service Vulnerability in Cisco PGW 2200 Softswitch (Bug ID CSCsk44115) Denial of Service Vulnerability in Cisco PGW 2200 Softswitch (CSCsj98521) Denial of Service Vulnerability in Cisco PGW 2200 Softswitch (Bug ID CSCsk04588) Denial of Service Vulnerability in Cisco PGW 2200 Softswitch (Bug ID CSCsk13561) Denial of Service Vulnerability in Cisco PGW 2200 Softswitch Cleartext Content Disclosure Vulnerability in Cisco IronPort Desktop Flag Plug-in for Outlook Denial of Service Vulnerability in Cisco Unified Contact Center Express (UCCX) CTI Server Component Cisco Unified Contact Center Express (UCCX) Directory Traversal Vulnerability Unspecified Local Privilege Escalation Vulnerability in Cisco AXP Diagnostic Shell Hard-coded Username and Password Vulnerability in Linksys WAP54Gv3 Firmware 3.04.03 and Earlier Vulnerability: Insecure SNMP Community Names on Cisco Industrial Ethernet (IE) 3000 Series Switches Authentication Bypass Vulnerability in Cisco Content Services Switch (CSS) 11500 HTTP Request Smuggling Vulnerability in Cisco Content Services Switch (CSS) 11500 and Application Control Engine (ACE) 4710 Cisco Internet Streamer Directory Traversal Vulnerability Denial of Service vulnerability in SunRPC Inspection Feature on Cisco ASA and PIX Appliances (CSCtc77567) Denial of Service vulnerability in SunRPC Inspection Feature on Cisco ASA and PIX Appliances (CSCtc79922) Denial of Service vulnerability in SunRPC Inspection Feature on Cisco ASA and PIX Appliances (CSCtc85753) Unspecified Denial of Service Vulnerability in Cisco ASA and PIX Devices (CSCtd32627) SQL Injection Vulnerability in TznDbConnection Class in Tirzen Framework 1.5 Arbitrary Script Injection via Block Description in Drupal Context Module Arbitrary JavaScript Execution via nsIScriptableUnescapeHTML.parseFragment Method Open Redirect Vulnerability in HP System Management Homepage (SMH) 2.x.x.x: Phishing Attack via red2301.html Remote Code Disclosure in Apache ActiveMQ Jetty ResourceHandler SQL Injection Vulnerability in Rocksalt International VP-ASP Shopping Cart 6.50 and Earlier Directory Traversal Vulnerability in Rocksalt International VP-ASP Shopping Cart 6.50 and Earlier Arbitrary Web Script Injection in Rocksalt International VP-ASP Shopping Cart 6.50 and Earlier Privilege Escalation Vulnerability in Beijing Rising International Rising Antivirus 2008-2010 Privilege Escalation and Denial of Service Vulnerability in SiSoftware Sandra Device Driver Multiple Cross-Site Scripting (XSS) Vulnerabilities in SilverStripe before 2.3.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in OCS Inventory NG 1.02.1 Multiple SQL Injection Vulnerabilities in OCS Inventory NG 1.02.1 LDAP Authentication Bypass in Support Incident Tracker (SIT) Versions Prior to 3.51 Arbitrary Code Execution via Long Filename in ZipGenius 6.3.1.2552 Arbitrary Command Execution in phpThumb.php SQL Injection Vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 Arbitrary SQL Command Execution in Media Mall Factory Component for Joomla! JA Comment Component for Joomla! Directory Traversal Vulnerability Directory Traversal Vulnerability in ZiMB Comment Component 0.8.1 for Joomla! Directory Traversal Vulnerability in ZiMB Core Component for Joomla! SQL Injection Vulnerabilities in NCT Jobs Portal Script's admin_login.php Multiple SQL Injection Vulnerabilities in NCT Jobs Portal Script Multiple Cross-Site Scripting (XSS) Vulnerabilities in NCT Jobs Portal Script Arbitrary File Inclusion Vulnerability in Webmoney Web Merchant Interface (WMI) Component for Joomla! Stack-based Buffer Overflow in IBM Lotus Notes 8.5 and 8.5fp1 Arbitrary Web Script Injection Vulnerability in SAP NetWeaver 2004 and 2004s OpenCart 1.4 Cross-Site Request Forgery (CSRF) Vulnerability in User Account Creation CSRF Vulnerability in AlegroCart 1.1 Allows Remote Password Reset Hijacking Denial of Service Vulnerability in IBM WebSphere DataPower XML Appliances Session Fixation Vulnerability in Moodle 1.8.x and 1.9.x before 1.9.8 Cross-Site Scripting (XSS) Vulnerabilities in Moodle Login-As Feature and Global Search Engine SQL Injection Vulnerabilities in Moodle 1.8.x and 1.9.x Course Restoration Vulnerability in Moodle 1.8.x and 1.9.x Information Disclosure Vulnerability in Moodle 1.8.x and 1.9.x Arbitrary Web Script Injection via phpCAS Client Library in Moodle Arbitrary Web Script Injection via KSES HTML Text Cleaning Library in Moodle Integer Overflow in gdomap's load_iface Function Leading to Heap-Based Buffer Overflow Arbitrary Plugin Uninstallation Vulnerability in MySQL 5.1 Arbitrary Code Execution Vulnerability in Spring Framework Memory Leak in apr_brigade_split_line Function in APR-util Denial of Service Vulnerability in Pidgin MSN Protocol Plugin Arbitrary Script Injection in LXR Cross Referencer before 0.9.7 MySQL Symlink Attack Vulnerability Unrestricted Access Vulnerability in phpBB 3.0.7 Arbitrary Code Execution via Recursive Procedure Invocations in Ghostscript Phorum XSS Vulnerability via Invalid Email Address Unspecified Vulnerability in phpBB's posting.php with Unknown Impact and Attack Vectors Arbitrary File Read and Denial of Service Vulnerability in Apache Axis2 Uninitialized Memory Vulnerability in OpenSSL's EVP_PKEY_verify_recover Function Integer Overflow Vulnerability in Python Audioop Module Denial of Service Vulnerability in Samba's chain_reply Function Vulnerability: Information Disclosure via btrfs_ioctl_clone Function Firewall Bypass Vulnerability in SquirrelMail's Mail Fetch Plugin Remote Proxy Bypass Vulnerability in IMP Plugin of Horde Denial of Service Vulnerability in ClamAV's cli_pdf Function Off-by-one error in parseicon function in ClamAV 0.96 allows remote attackers to cause denial of service via crafted PE icon Bypassing Access Restrictions via SETFLAGS Ioctl Request in Linux Kernel Out-of-Bounds Read Vulnerability in Samba's reply_sesssetup_and_X_spnego Function NULL pointer dereference vulnerability in mm/shmem.c in the Linux kernel before 2.6.28-rc3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cacti before 0.8.7f Arbitrary Command Execution in Cacti 0.8.7f and Earlier Privilege Escalation via Multiple PATH Variables in sudo MediaWiki XSS Vulnerability in CSS Processing by Internet Explorer CSRF vulnerability in MediaWiki login interface allows remote authentication hijacking Cross-Site Scripting (XSS) Vulnerabilities in Joomla! 1.5 through 1.5.17 Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) Sensitive Information Exposure through SIP Tracing in IBM WebSphere Application Server Directory Traversal Vulnerability in HelpCenter Module in Help Center Live (HCL) 2.0.6 and 2.1.7 Directory Traversal Vulnerability in Graphics Component for Joomla! SQL Injection Vulnerabilities in Infocus Real Estate Enterprise Edition Arbitrary Web Script Injection in PowerEasy 2006 and PowerEasy SiteWeaver 6.8 SQL Injection Vulnerability in Airiny ABC Component 1.1.7 for Joomla! Arbitrary File Read Vulnerability in SmartSite Component for Joomla! Code-Garage NoticeBoard (com_noticeboard) Component 1.3 for Joomla! Directory Traversal Vulnerability Arbitrary File Read Vulnerability in Ultimate Portfolio Component for Joomla! SQL Injection Vulnerability in CLScript Classifieds Script's help-details.php SQL Injection Vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0.21 Arbitrary Web Script Injection Vulnerability in PHP-Quick-Arcade (PHPQA) 3.0.21 Bypassing Same Origin Policy in Google Chrome's Google URL Parsing Library HTML5 Media Denial of Service Vulnerability in Google Chrome Memory Corruption Vulnerability in Google Chrome Buffer Overflow in Dan Pascu python-cjson 1.0.5 with UCS-4 Encoding Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mahara Cross-Site Request Forgery (CSRF) Vulnerabilities in Mahara Arbitrary SQL Command Execution Vulnerability in Mahara 1.1.x and 1.2.x Improper Configuration of Authentication Plugins in Mahara Allows Authentication Bypass Privilege Escalation via Shell Metacharacters in hsolinkcontrol in hsolink 1.0.118 Cross-Site Scripting (XSS) Vulnerability in ikiwiki before 3.20101112 Allows Remote Code Injection via Comment Denial of Service Vulnerability in Quagga's BGP Daemon Denial of Service Vulnerability in Quagga bgpd with Malformed AS_PATHLIMIT Path Attribute Heap-based Buffer Overflow in Tor Versions 0.2.1.28 and 0.2.2.x: Remote Code Execution Vulnerability Remote Denial of Service (CPU Consumption) Vulnerability in MHonArc 2.6.16 Improper Validation of Symbol Index Values in Mapserver 5.2, 5.4, and 5.6 Directory Traversal Vulnerability in dpkg-source Allows Arbitrary File Modification Buffer Overflow in VISIODWG.DLL in Microsoft Office Visio CursorArts ZipWrangler 1.20 - User-Assisted Remote Code Execution via Long Filename ZIP File Stack-based Buffer Overflow in Urgent Backup and ABC Backup Pro/ABC Backup Stack-based Buffer Overflow in Mocha W32 LPD 1.9's lpd.exe Allows Remote Code Execution Stack-based Buffer Overflow in 2BrightSparks SyncBack Freeware 3.2.20.0 and Earlier Versions Predictable Transaction IDs in DNS Implementation DNS Response Spoofing Vulnerability Symlink Attack Vulnerability in OpenFabrics Enterprise Distribution (OFED) 1.5.2 SQL Injection Vulnerability in PHP Video Battle Script's browse.html Arbitrary SQL Command Execution Vulnerability in WHMCompleteSolution (WHMCS) 4.2 Cross-Site Scripting (XSS) Vulnerabilities in 2daybiz Polls Script Multiple SQL Injection Vulnerabilities in 2daybiz Polls Script SQL Injection Vulnerability in Modelbook's casting_view.php Allows Remote Code Execution via adnum Parameter Multiple SQL Injection Vulnerabilities in 2daybiz Auction Script Cross-Site Scripting (XSS) Vulnerabilities in Piwigo 2.0.9 and Earlier via register.php SQL Injection Vulnerabilities in Free Realty's agentadmin.php Cross-Site Scripting (XSS) Vulnerabilities in G5-Scripts Auto-Img-Gallery 1.1's upload.cgi Arbitrary File Inclusion Vulnerability in Siestta 2.0 login.php Arbitrary Web Script Injection Vulnerability in Siestta 2.0 Cross-Site Scripting (XSS) Vulnerabilities in Webmobo WB News 2.3.3 SQL Injection Vulnerability in PostNuke 0.764 modules.php Directory Traversal Vulnerability in Arcade Games Component 1.0 for Joomla! Directory Traversal Vulnerability in Online Examination Component 1.5.0 for Joomla! SQL Injection Vulnerability in Agenda Address Book Component 1.0.1 for Joomla! Directory Traversal Vulnerability in iF surfALERT Component 1.2 for Joomla! Arbitrary File Inclusion Vulnerability in Archery Scores Component for Joomla! MT Fire Eagle Component 1.2 for Joomla! - Directory Traversal Vulnerability SQL Injection Vulnerability in Q-Personel Component 1.0.2 and Earlier for Joomla! SQL Injection Vulnerability in IProperty Component 1.5.3 for Joomla! Directory Traversal Vulnerability in Online Market Component 2.x for Joomla! Directory Traversal Vulnerability in iNetLanka Contact Us Draw Root Map Component 1.1 for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in Zikula Application Framework 1.2.2 SQL Injection Vulnerability in offers_buy.php in Alibaba Clone Platinum Arbitrary SQL Command Execution in EC21 Clone 3.0 via offers_buy.php SQL Injection Vulnerability in JobPost 1.0's type.asp Allows Remote Code Execution Opera 10.53 Vulnerability: Asynchronous Document Modification Remote Code Execution Denial of Service Vulnerability in Apple Safari 4.531.9.1 Dolphin Browser 2.5.0 on HTC Hero Denial of Service Vulnerability Denial of Service Vulnerability in Google Chrome on HTC Hero CSRF Vulnerability in Zikula Application Framework Allows Hijacking of Administrator Authentication Multiple SQL Injection Vulnerabilities in OCS Inventory NG before 1.02.3 Denial of Service Vulnerability in SfnINSTRING Function Denial of Service Vulnerability in SfnLOGONNOTIFY Function Insufficient Access Control in KrM Haber 1.0 Allows Remote Database Download Gallo 0.1.0 PHP Remote File Inclusion Vulnerability Arbitrary SQL Command Execution in Joomla! Newsfeeds Component Arbitrary SQL Command Execution in GuppY 4.5.18 Newsletter Module SQL Injection Vulnerability in Billwerx RC 5.2.2 PL2 - Remote Code Execution via primary_number Parameter Arbitrary Web Script Injection in Scratcher's projects.php SQL Injection Vulnerability in projects.php in Scratcher SQL Injection Vulnerability in B2B Gold Script's product.html Allows Remote Code Execution via id Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joomla! Table JX Component Improper Handling of Parameter Values in CUPS Web Interface Allows Information Disclosure WebKit Use-After-Free Vulnerability in Apple Safari Apple Safari Use-After-Free Vulnerability in Windows Photo-Library Access Vulnerability in Apple iOS before 4 on iPhone and iPod touch CFNetwork Stack-based Buffer Overflow in Apple iOS: Remote Code Execution and Application Crash Vulnerability JPEG Image Processing Vulnerability in Apple iOS Passcode Bypass Vulnerability in Apple iOS before 4 on iPhone and iPod touch Improper Implementation of Accept Cookies Preference in Safari on iOS Devices Misleading Wireless Network Reporting Vulnerability in Apple iOS IFRAME Element Boundary Restriction Bypass Vulnerability in Apple iOS Use-after-free vulnerability in WebKit allows remote code execution or denial of service via DOM Range objects Use-after-free vulnerability in WebKit allows remote code execution or denial of service in Apple Safari Improper Handling of Credentials in Cross-Origin Synchronous Request in WebKit WebKit Use-After-Free Vulnerability in Apple Safari Arbitrary Script Injection via TEXTAREA Element in Apple Safari Unspecified WebKit Vulnerability in Apple iTunes on Windows Sensitive Information Disclosure via Multiple Redirections in Apple Safari WebSocketHandshake::readServerHandshake Off-by-One Error Vulnerability CSRF Vulnerability in WebKit Allows Authentication Hijacking Unspecified Local Privilege Escalation Vulnerability in Apple iTunes Out-of-bounds Memory Access Vulnerability in Apple iTunes and iOS Memory Corruption Vulnerability in WebKit Font-related Use-after-free vulnerability in WebKit in Apple Safari Use-after-free vulnerability in WebKit's Geolocation feature allows remote code execution Off-by-one error in toAlphabetic function in WebCore allows remote attackers to execute arbitrary code Out-of-bounds Memory Access Vulnerability in Apple Safari Passcode Lock Race Condition Vulnerability in Apple iOS Devices Remote Wipe Vulnerability in Find My iPhone on iOS 2.0 through 3.1.3 Buffer Overflow Vulnerability in Apple iTunes 9.2.1 and Earlier Versions Arbitrary Web Script Injection via RSS Feed in Apple Safari Use-after-free vulnerability in WebKit allows remote code execution or denial of service via element focus Double Free Vulnerability in WebKit in Apple iOS before 4.1 on iPhone and iPod Touch Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Rendering of Inline Elements Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit CSS Counters Uninitialized Memory Access Vulnerability in WebKit Use-after-free vulnerability in WebKit allows remote code execution or denial of service via foreignObject element in SVG document Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Heap-based Buffer Overflow in WebKit in Apple Safari: Remote Code Execution and Denial of Service Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Integer Signedness Error in WebKit Allows Remote Code Execution or Denial of Service Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Use-after-free vulnerabilities in WebKit: Remote Code Execution and Application Crash Denial of Service Vulnerability in Mac OS X WebDAV Kernel Extension Untrusted Search Path Vulnerability in Apple iTunes: Privilege Escalation via Trojan Horse DLL AutoFill Vulnerability in Apple Safari Multiple stack-based buffer overflows in cff_decoder_parse_charstrings function in FreeType before 2.4.2 Stack-based Buffer Overflow in Apple QuickTime Error-Logging Functionality Anonymous SSL and TLS Connection Vulnerability in CFNetwork Heap-based Buffer Overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.4 via Crafted PDF File Domain Name Spoofing Vulnerability in libsecurity Unverified Remote AFP Volume Identifier Spoofing Vulnerability in Apple Mac OS X 10.6.x Denial of Service Vulnerability in Apple Time Capsule, AirPort Extreme, and AirPort Express Base Stations Untrusted Search Path Vulnerability in Apple Safari on Windows Use-after-free vulnerability in Apple Safari 4.x and 5.x allows remote code execution or denial of service Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Apple Type Services (ATS) Stack-based Buffer Overflow Vulnerability Unannounced Location Services Icon Vulnerability in Apple iOS Invalid X.509 Certificate Handling Vulnerability in FaceTime on Apple iOS Memory Corruption and Application Crash Vulnerability in ImageIO on Apple iOS Devices Use-after-free vulnerability in WebKit allows remote code execution or denial of service via selections Arbitrary Code Execution and Denial of Service Vulnerability in WebKit for iOS Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Use-after-free vulnerability in WebKit allows remote code execution or denial of service via scrollbars Buffer Overflow Vulnerability in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 Buffer Overflow Vulnerability in ImageIO in Apple iOS Arbitrary Code Execution via Untrusted Pointer Unmarshalling in Apple QuickTime Untrusted Search Path Vulnerability in Apple QuickTime Picture Viewer Bypassing Password Requirement in Apple Mac OS X 10.6.x through 10.6.4 AFP Server Privilege Escalation Vulnerability in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Use-after-free vulnerability in WebKit before r65958, allowing remote attackers to cause denial of service or unspecified impact via document APIs during parsing Use-after-free vulnerability in WebKit allows remote code execution and denial of service Use-after-free vulnerability in WebKit allows remote attackers to cause denial of service or other impact via nested SVG elements Denial of Service Vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x Directory Traversal Vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x Vulnerability: Share Enumeration in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 Buffer Overflow in Apple Type Services (ATS) Allows Remote Code Execution Apple Type Services (ATS) Stack-based Buffer Overflow Vulnerability Arbitrary Code Execution and Memory Corruption Vulnerability in Apple Type Services (ATS) Improper Domain Validation in CFNetwork Allows User Tracking via Cookies CoreGraphics Stack-based Buffer Overflow Vulnerability in Mac OS X 10.5.8 and 10.6.x Arbitrary Code Execution and Memory Corruption Vulnerability in CoreText Authentication Bypass Vulnerability in Apple Mac OS X Directory Services Stack-based Buffer Overflow in Apple Mac OS X Directory Services Arbitrary Code Execution and Denial of Service Vulnerability in Apple Mac OS X Disk Images Buffer Overflow in AppKit Allows Remote Code Execution or Denial of Service in Mac OS X 10.6.x Denial of Service Vulnerability in Apple Mac OS X 10.6.2 through 10.6.4 via Crafted PIM Packet Denial of Service Vulnerability in Image Capture in Apple Mac OS X 10.6.x before 10.6.5 Arbitrary Code Execution and Denial of Service Vulnerability in ImageIO on Apple Mac OS X 10.5.8 and 10.6.x Heap-based Buffer Overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x Memory Management Vulnerability in Apple Mac OS X 10.6.x before 10.6.5 MySQL Directory Traversal Vulnerability Denial of Service Vulnerability in MySQL 5.0 and 5.1 Buffer Overflow Vulnerability in MySQL 5.0 and 5.1 Cross-Site Data Leakage Vulnerability in Google Chrome with Invisible Hand Extension Cross-Site Data Leakage Vulnerability in Microsoft Internet Explorer with Invisible Hand Extension Stack-based buffer overflows in tr_magnetParse function in Transmission 1.91 Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System SQL Injection Vulnerability in auktion.php in Pay Per Watch & Bid Auktions System Arbitrary Script Injection in RepairShop2 1.9.023 Trial via XSS Vulnerability SQL Injection Vulnerability in RepairShop2 1.9.023 Trial: Remote Code Execution via prod Parameter Arbitrary File Read Vulnerability in SMEStorage Component for Joomla! Arbitrary SQL Command Execution in DeluxeBB 1.3 and Earlier via newpost.php Memory Corruption Vulnerability in PHP's html_entity_decode Function Arbitrary Memory Write Vulnerability in PHP sysvshm Extension Sensitive Information Disclosure in PHP chunk_split Function SQL Injection Vulnerability in ClanTiger Shoutbox Module Sensitive Information Disclosure in PHP addcslashes Function Multiple SQL Injection Vulnerabilities in ClanSphere 2009.0.3 and Earlier Integer Overflow Vulnerability in PHP Chunked Encoding Stream Decoding Arbitrary SQL Command Execution in Campsite 3.3.5 and Earlier Arbitrary Code Execution Vulnerability in PHP's sqlite_single_query and sqlite_array_query Functions Stack-based Buffer Overflow in GhostScript Parser Function Permissive Whitelist Vulnerability in XWork in Struts 2.0.0 through 2.1.8.1 Arbitrary Code Execution via Crafted URL in JBoss Seam 2 Arbitrary Script Injection in FlashCard cPlayer.php (XSS Vulnerability) SQL Injection Vulnerability in Jvehicles Component for Joomla! (Versions 1.0, 2.0, and 2.1111) SQL Injection Vulnerability in Real Estate Property Component 3.1.22-03 for Joomla! Directory Traversal Vulnerability in Real Estate Property Component 3.1.22-03 for Joomla! AJ Shopping Cart 1.0 - SQL Injection Vulnerability in index.php JTM Reseller (com_jtm) Component 1.9 Beta for Joomla! SQL Injection Vulnerability OrgChart Component 1.0.0 for Joomla! - Directory Traversal Vulnerability Media Decompression Vulnerability in Quartz.dll for DirectShow and Windows Media Format Runtime MJPEG Media Decompression Vulnerability ACCWIZ.dll Uninitialized Variable Vulnerability MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability Embedded OpenType Font Integer Overflow Vulnerability Help Center URL Validation Vulnerability Privilege Escalation via NetworkService Credentials in Windows Operating Systems Win32k Bounds Checking Vulnerability Thread Creation Race Condition Vulnerability in Windows XP SP3 Windows Kernel Double Free Vulnerability Windows Kernel ACL Validation Vulnerability CSRSS Local Elevation of Privilege Vulnerability IPv6 Memory Corruption Vulnerability Privilege Escalation via Integer Overflow in Windows Networking Win32k Exception Handling Vulnerability Win32k Pool Overflow Vulnerability Win32k User Input Validation Vulnerability Win32k Window Creation Vulnerability Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability IIS Stack Consumption Vulnerability Word Record Parsing Vulnerability Word RTF Parsing Engine Memory Corruption Vulnerability Word RTF Parsing Buffer Overflow Vulnerability Microsoft Office Word HTML Linked Objects Memory Corruption Vulnerability SQL Injection Vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x Cross-Site Scripting (XSS) Vulnerabilities in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance Predictable Timestamp Validation Vulnerability in Consona Dynamic Agent Repair Service Information Disclosure Vulnerability in SdcUser.TgConCtl ActiveX Control Arbitrary Program Execution Vulnerability in SdcUser.TgConCtl ActiveX Control Buffer Overflow in SdcUser.TgConCtl ActiveX Control in Consona Live Assistance Blank Hint Questions and Answers Allow Remote Password Reset in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance DNS Hijacking Vulnerability in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance Bypassing ActiveX Execution Restrictions in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance Incorrect DNS Whitelist in Consona Live Assistance Plugin Sensitive Information Disclosure in Zend Engine's Convert_to_long_base Function Memory Disclosure Vulnerability in PHP's preg_quote Function Arbitrary File Upload and Execution in Xinha WYSIWYG Editor Stack Consumption Vulnerability in PHP's fnmatch Function SQL Injection Vulnerability in ask_chat.php in eFront 3.6.2 and Earlier Denial of Service Vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 OpenMairie openAnnuaire 2.00 Directory Traversal Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in OpenMairie openAnnuaire 2.00 PHP Remote File Inclusion Vulnerabilities in 29o3 CMS 0.1 SQL Injection Vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community System SQL Injection Vulnerability in Hi Web Wiesbaden Live Shopping Multi Portal System's index.php SQL Injection Vulnerability in makale.php in tekno.Portal 0.1b: Remote Code Execution via id Parameter Directory Traversal Vulnerability in openMairie openCourrier 2.02 and 2.03 beta Multiple PHP Remote File Inclusion Vulnerabilities in openMairie openCourrier 2.02 and 2.03 beta OpenMairie openPlanning 1.00 Directory Traversal Vulnerability Stack-based Buffer Overflow in Novell iManager Tomcat Web Server Denial of Service Vulnerability in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 SQL Injection Vulnerability in CubeCart PHP Shopping Cart 4.3.4 - 4.3.9 XnView 1.97.4 Heap-Based Buffer Overflow Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in openMairie openPlanning 1.00 OpenMairie Openpresse 1.01 Directory Traversal Vulnerability Arbitrary File Inclusion Vulnerability in openMairie openComInterne 1.01 Heap-based Buffer Overflow in SBLIM SFCB's httpAdapter.c Off-by-one Error in libopie Allows Remote Code Execution Use-after-free vulnerability in Apple Safari 4.0.5 on Windows Cross-Site Request Forgery Vulnerability in Apple Safari 4.0.5 on Windows Denial of Service Vulnerability in NEC WebSAM DeploymentManager Unspecified Vulnerability in Fujitsu Interstage Application Server: Information Disclosure and Invalid Request Processing Denial of Service Vulnerability in NEC CapsSuite Small Edition PatchMeister 2.0 Update2 and Earlier Multiple PHP Remote File Inclusion Vulnerabilities in openMairie openCimetiere 2.01 Multiple PHP Remote File Inclusion Vulnerabilities in openMairie Openfoncier 2.00 Multiple PHP Remote File Inclusion Vulnerabilities in openMairie Openregistrecil 1.02 Directory Traversal Vulnerability in openMairie Openregistrecil 1.02 OpenMairie Openfoncier 2.00 Directory Traversal Vulnerability SQL Injection Vulnerability in Online News Paper Manager Component 1.0 for Joomla! SQL Injection Vulnerability in Online News Paper Manager Component 1.0 for Joomla! Multiple Directory Traversal Vulnerabilities in 60cycleCMS Arbitrary File Read Vulnerability in BeeHeard and BeeHeard Lite Component for Joomla! Arbitrary File Read Vulnerability in iNetLanka Multiple Map Component for Joomla! Directory Traversal Vulnerability in iNetLanka Multiple Root Component for Joomla! Deluxe Blog Factory Component 1.1.2 for Joomla! - Directory Traversal Vulnerability Arbitrary File Read Vulnerability in Gadget Factory Component for Joomla Arbitrary File Read Vulnerability in Love Factory Component 1.3.4 for Joomla! Arbitrary Web Script Injection Vulnerability in FileField Module for Drupal Unspecified Remote Data Modification Vulnerability in HP TestDirector for Quality Center 9.2 before Patch8 Buffer Overflow in HP OpenView Network Node Manager (OV NNM) Allows Remote Code Execution Buffer Overflow in HP OpenView Network Node Manager (OV NNM) Allows Remote Code Execution Unspecified Remote Code Execution Vulnerability in HP StorageWorks Storage Mirroring 5 HP ServiceCenter Cross-Site Scripting (XSS) Vulnerability Buffer Overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Allows Remote Code Execution (ZDI-CAN-683) Unspecified Remote Data Read/Modify Vulnerability in HP Insight Orchestration for Windows Unspecified Local Privilege Escalation Vulnerability in HP Insight Control Power Management for Windows Unspecified Local Data Manipulation Vulnerability in HP Insight Software Installer for Windows HP Insight Software Installer for Windows before 6.1 Cross-Site Request Forgery (CSRF) Vulnerability Arbitrary Code Injection through Cross-Site Scripting (XSS) in HP Virtual Connect Enterprise Manager for Windows Unspecified privilege escalation vulnerability in HP Insight Software Installer for Windows before 6.1 HP Insight Software Installer for Windows before 6.1 Cross-Site Request Forgery (CSRF) Vulnerability Remote Log File Disclosure Vulnerability in HP Client Automation (HPCA) Enterprise Infrastructure (Radia) Unspecified Privilege Escalation Vulnerability in HP OpenVMS Arbitrary Parameter Removal Vulnerability in PostgreSQL Arbitrary Code Injection through Taxonomy Breadcrumb Module in Drupal Arbitrary File Read Vulnerability in J!WHMCS Integrator Component 1.5.0 for Joomla! Remote File Inclusion Vulnerability in FreePHPBlogSoftware 1.0 Arbitrary File Read Vulnerability in Joomla! Affiliate Datafeeds Component Arbitrary File Inclusion Vulnerability in Joomla Flickr Component Fabrik Component 2.0 for Joomla! Directory Traversal Vulnerability Arbitrary File Read Vulnerability in JA Voice Component 2.0 for Joomla! Directory Traversal Vulnerability in redTWITTER Component for Joomla! Arbitrary Code Injection through Taxonomy Breadcrumb Module in Drupal Cross-Site Scripting (XSS) Vulnerabilities in Six Apart Movable Type 5.0 and 5.01 Administrative User Interface Denial of Service Vulnerability in Mozilla Firefox 3.6.3 Denial of Service Vulnerability in Mozilla Firefox 3.6.3 on Windows XP SP3 Remote Code Execution Vulnerability in Mozilla Firefox 3.6.3 on Windows XP SP3 Opera 9.52 Denial of Service Vulnerability via Mailto: URL Redirect Denial of Service Vulnerability in Mozilla Firefox and SeaMonkey Denial of Service Vulnerability in Microsoft Internet Explorer Denial of Service Vulnerability in Google Chrome 1.0.154.48 Denial of Service Vulnerability in Opera 9.52 SQL Injection Vulnerability in TomatoCMS 2.0.5: Remote Code Execution via index.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in TomatoCMS 2.0.5 Multiple Cross-Site Scripting (XSS) Vulnerabilities in TomatoCMS 2.0.5 Arbitrary Web Script Injection in Saurus CMS 4.7.0 via pealkiri Parameter Arbitrary Code Injection through Table Headers in CCK TableField Module for Drupal OpenMairie Opencatalogue 1.024 Directory Traversal Vulnerability Arbitrary Script Injection Vulnerability in Drupal Bibliography (Biblio) Module CiviRegister Module XSS Vulnerability Arbitrary Code Injection through Wordfilter Module in Drupal Arbitrary Web Script Injection in Advanced Poll 2.08 Stack-based Buffer Overflow in BS.Player 2.51 Build 1022 Free and Other Versions via Skin Parameter in Skins File Multiple PHP Remote File Inclusion Vulnerabilities in DataLife Engine (DLE) 8.3 Arbitrary File Inclusion Vulnerability in LetoDMS (formerly MyDMS) 1.7.2 and Earlier Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in LetoDMS (formerly MyDMS) 1.7.2 and Earlier MySQL Denial of Service Vulnerability via ALTER DATABASE Command Stack-based Buffer Overflow in BS.Player Media Library Arbitrary Web Script Injection via Node Title in Chaos Tool Suite (CTools) Module for Drupal Insecure Encryption in Microsoft Dynamics GP Allows Unauthorized Access to Sensitive Information SQL Injection Vulnerability in MigasCMS 1.1 function.php Arbitrary Web Script Injection Vulnerability in LiSK CMS 4.4 Cross-Site Scripting (XSS) Vulnerability in LiSK CMS 4.4 Multiple SQL Injection Vulnerabilities in LiSK CMS 4.4 Iceberg CMS details.php SQL Injection Vulnerability Arbitrary Script Injection in Lokomedia CMS 1.4.1 and 2.0 via hasil-pencarian.html Lokomedia CMS 1.4.1 and 2.0 - Directory Traversal Vulnerability in downlot.php SQL Injection Vulnerability in Lokomedia CMS 1.4.1 (downlot.php) Privilege Escalation via Crafted Mount Request in FreeBSD NFS Client Open Redirect Vulnerability in Global Redirect Module for Drupal Arbitrary File Access Vulnerability in FreeBSD Jail Privilege Escalation via Hard Link Vulnerability in Exim Exim Transport Vulnerability: Arbitrary File Permissions Manipulation and Denial of Service Cisco Scientific Atlanta WebSTAR DPC2100R2 Cable Modem CSRF Vulnerabilities Authentication Bypass and Remote Control Vulnerability in Cisco Scientific Atlanta WebSTAR DPC2100R2 Cable Modem Arbitrary File Overwrite Vulnerability in Mathematica 7 on Linux Buffer Overflow Vulnerability in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 Unrestricted Access to Login Page in Cybozu Office 7 Ktai and Dotsales Arbitrary Script Injection in Drupal External Link Page Module Arbitrary Kernel Memory Overwrite Vulnerability in KAVSafe.sys Cross-Site Scripting (XSS) Vulnerabilities in Resin Professional 3.1.5, 3.1.10, 4.0.6, and Other Versions Percha Multicategory Article Component Directory Traversal Vulnerability Directory Traversal Vulnerability in Percha Image Attach Component 1.1 for Joomla! Percha Gallery Component 1.6 Beta for Joomla! Directory Traversal Vulnerability Directory Traversal Vulnerability in Percha Fields Attach Component for Joomla! Directory Traversal Vulnerability in Percha Downloads Attach Component 1.1 for Joomla! Arbitrary Code Injection via gpcontent Parameter in gpEasy CMS 1.6.2 CSRF vulnerability in gpEasy CMS allows remote attackers to hijack administrator authentication Cross-Site Scripting (XSS) Vulnerability in V-EVA Shopzilla Affiliate Script PHP's search.php Cross-Site Scripting (XSS) Vulnerabilities in PHP-Calendar before 2.0 Beta7 SQL Injection Vulnerability in ECShop 2.7.2 search.php (encode parameter) Arbitrary Script Injection in DataTrack System 3.5 and 3.5.8019.4 via Work_Order_Summary Parameter SQL Injection Vulnerability in Konsultasi Component 1.0.0 for Joomla! Arbitrary File Read Vulnerability in Dione Form Wizard Component for Joomla! Cross-Site Scripting (XSS) Vulnerabilities in ActiveHelper LiveHelp Component 2.0.3 for Joomla! SQL Injection Vulnerability in JE CMS 1.0.0 and 1.1 via categoryid Parameter in index.php Cross-Site Scripting (XSS) Vulnerabilities in Heartbeat Module for Drupal Cross-site scripting (XSS) vulnerability in ManageEngine ADAudit Plus 4.0.0 build 4043 Directory Traversal Vulnerability in Moron Solutions MS Comment Component 0.8.0b for Joomla! SQL Injection Vulnerability in Debliteck DBCart's article.php Allows Remote Code Execution Symlink Attack Vulnerability in emesene ProfileManager.py Integer Overflow in SBLIM SFCB httpAdapter.c Allows Remote Code Execution Arbitrary PostScript Execution Vulnerability in Ghostscript 8.71 and Earlier Local Privilege Escalation via Symlink Attack in GNU gv Padding Oracle Attack on Apache MyFaces ViewState Encryption World-readable permissions on prewikka.conf in Prewikka 0.9.14 allow local users to obtain SQL database password Privilege escalation through hard link vulnerability in RPM package upgrade Arbitrary Command Execution Vulnerability in Beanstalkd 1.4.5 and Earlier Insecure File Validation in rpcbind 0.2.0 Arbitrary Code Execution via Integer Underflow in VLC and MPlayer Buffer Overflow in Samba 3.0.x - Remote Code Execution Vulnerability Local Privilege Escalation via Symlink Attack in rpcbind 0.2.0 Integer Overflow in LibTIFF TIFFroundup Macro Vulnerability: Local Privilege Escalation via MOVE_EXT ioctl Call in Linux Kernel Stack-based Buffer Overflow in LibTIFF TIFFFetchSubjectDistance Function Proxy Response Leakage Vulnerability Denial of Service Vulnerability in Xen on IA-64 Architectures Arbitrary ACL Setting Vulnerability in btrfs_xattr_set_acl Function Predictable Log File Names in Pyftpd 0.8.4: Denial of Service and Sensitive Information Disclosure Vulnerability Hard-coded Usernames and Passwords in auth_db_config.py in Pyftpd 0.8.4 SSL Spoofing Vulnerability in w3m 0.5.2 and possibly other versions UnrealIRCd 3.2.8.1 Remote Command Execution Vulnerability Apache CXF DTD Processing Vulnerability Directory Listing Vulnerability in DataTrack System 3.5 Arbitrary File Read Vulnerability in DataTrack System 3.5 Arbitrary Web Script Injection in Open Ticket Request System (OTRS) Default Administrative Password Vulnerability in Cisco Scientific Atlanta WebSTAR DPC2100R2 Cable Modem Default System Password Vulnerability in Microsoft Dynamics GP Cross-Site Scripting (XSS) Vulnerability in Microsoft ASP.NET 2.0 Cross-Site Scripting (XSS) Vulnerability in ASP.NET EnableViewStateMac Configuration Unencrypted View State Handling Vulnerability in Apache MyFaces 1.1.7 and 1.2.8 Unencrypted View State Handling Vulnerability in Oracle Mojarra Cross-Site Scripting (XSS) Vulnerability in ASP.NET 3.5 Memory Corruption and Application Crash in Python's audioop Module Denial of Service Vulnerability in IBM Communications Server for Windows and AIX Cross-Site Scripting (XSS) and Information Disclosure Vulnerability in Microsoft Outlook Web Access (OWA) 8.2.254.0 SQL Injection Vulnerability in Cacti 0.8.7e and Earlier: graph.php RRA_ID Parameter Remote Code Execution PHP Use-After-Free Vulnerability in Request Shutdown Functionality Multiple Format String Vulnerabilities in PHP Phar Extension SQL Injection Vulnerability in CMSQlite 1.2 and Earlier: Remote Code Execution via 'c' Parameter Arbitrary File Inclusion Vulnerability in CMSQlite 1.2 and Earlier Sensitive Information Disclosure in PHP iconv Functions SQL Injection Vulnerability in e107 0.7.20 and Earlier: Incomplete Blacklist in usersettings.php Arbitrary PHP Code Execution Vulnerability in e107 0.7.20 and Earlier Sensitive Information Disclosure via PHP Function Vulnerabilities PHP Function Vulnerabilities: Information Disclosure via Userspace Interruption Remote Code Execution Vulnerability in Webby Webserver 1.01 via Buffer Overflow Arbitrary Web Script Injection in Apache Axis2/Java Administration Console Arbitrary File Write Vulnerability in Orbit Downloader 3.0.0.4 and 3.0.0.5 URL Canonicalization Vulnerability in Google Chrome URL Bar Spoofing Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome's Safe Browsing Functionality Bypassing Whitelist-Mode Plugin Blocker in Google Chrome Denial of Service and Memory Error Vulnerability in Google Chrome's Drag + Drop Functionality Unspecified Impact and Remote Attack Vector in Google Chrome Extension JavaScript Execution CSRF Vulnerability in Pacific Timesheet 6.74 Build 363 Allows Remote Administrator Hijacking FileCOPA FTP Service Directory Traversal Vulnerability Cross-Site Request Forgery (CSRF) Vulnerabilities in The Uniform Server 5.6.5 CSRF Vulnerability in Brekeke PBX 2.4.4.8 Allows Password Hijacking SolarWinds TFTP Server 10.4.0.10 Denial of Service Vulnerability Privilege Escalation Vulnerability in McAfee Email Gateway 6.7.1 Denial of Service Vulnerability in Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x Denial of Service Vulnerability in Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 Denial of Service Vulnerability in Microsoft Internet Explorer 6.0.2900.2180 Denial of Service Vulnerability in Google Chrome 1.0.154.48 Denial of Service Vulnerability in Opera 9.52 via JavaScript Infinite Loop Arbitrary File Inclusion Vulnerability in SimpleDownload Component for Joomla Multiple Cross-Site Scripting (XSS) Vulnerabilities in Drupal Storm Module SQL Injection Vulnerability in Bartels Schone ConPresso 4.0.7: Remote Code Execution via firma.php Cross-Site Scripting (XSS) Vulnerabilities in Rotor Banner Module for Drupal Multiple PHP Remote File Inclusion Vulnerabilities in Snipe Gallery 3.1.5 JV2 Folder Gallery 3.1 - PHP Remote File Inclusion Vulnerability in gallery.php Directory Traversal Vulnerability in JE Quotation Form Component 1.0b1 for Joomla! Directory Traversal Vulnerability in JE Ajax Event Calendar Component for Joomla! Arbitrary Web Script Injection Vulnerability in Aris Global ARISg 5.0 Remote Code Execution via SQL Injection in TYPO3 Calendar Base Extension Multiple PHP Remote File Inclusion Vulnerabilities in Open Education System (OES) 0.1 Beta SQL Injection Vulnerability in contact.php in My Little Forum SQL Injection Vulnerabilities in Project Man 1.0 and Earlier: Remote Code Execution via login.php SQL Injection Vulnerabilities in HazelPress Lite 0.0.4 and Earlier: Remote Code Execution via Login Credentials Arbitrary File Read Vulnerability in Article Friendly's admin/index.php ProMan 0.1.1 and Earlier: PHP Remote File Inclusion Vulnerability in _center.php Directory Traversal Vulnerabilities in ProMan 0.1.1 and Earlier SQL Injection Vulnerability in Multishop CMS pages.php SQL Injection Vulnerability in Multishop CMS itemdetail.php SQL Injection Vulnerability in NITRO Web Gallery's index.php Allows Remote Code Execution SQL Injection Vulnerability in default.asp in Cyberhost Directory Traversal Vulnerability in Symphony CMS 2.0.7 Allows Remote File Read and Potential Impact Arbitrary Code Injection via msg Parameter in Zeeways eBay Clone Auction Script Multiple PHP Remote File Inclusion Vulnerabilities in ClearSite Beta 4.50 Arbitrary PHP Code Execution via Remote File Inclusion in Visitor Logger's banned.php Arbitrary Web Script Injection Vulnerability in My Car Component 1.0 for Joomla! Arbitrary SQL Command Execution Vulnerability in My Car Component 1.0 for Joomla! Session Fixation Vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 Fujitsu e-Pares V01 L01 Cross-Site Scripting (XSS) Vulnerability Fujitsu e-Pares V01 L01 CSRF Vulnerability Arbitrary Code Execution Vulnerability in JustSystems Ichitaro, Ichitaro Government, and Just School Unrestricted File Upload Vulnerability in TCExam 10.1.006 and 10.1.007 CMScout 2.09 Search Site Cross-Site Scripting (XSS) Vulnerability ZoneCheck 2.1.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities Denial of Service in ISC DHCP 4.1 and 4.0 Unspecified Information Disclosure Vulnerability in CA ARCserve Backup Cross-Site Scripting (XSS) Vulnerabilities in Storm Module for Drupal Remote Code Execution and Denial of Service Vulnerability in Dameng DM Database Server Adobe Flash Player and Adobe AIR ActionScript Virtual Machine 2 Invalid Offset Memory Corruption Vulnerability Arbitrary Code Execution Vulnerability in Adobe Flash Player and Adobe AIR Adobe Flash Player and Adobe AIR Heap Memory Corruption Vulnerability Unspecified Code Execution Vulnerabilities in Adobe Flash Player and Adobe AIR Use-after-free vulnerability in Adobe Flash Player and Adobe AIR allows arbitrary code execution Unspecified Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Heap-based Buffer Overflow Vulnerabilities in Adobe Flash Player and Adobe AIR Arbitrary Code Execution via Crafted Flash Content in Adobe Reader and Acrobat Unspecified Vector Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Integer Overflow Vulnerability in Adobe Flash Player and Adobe AIR Memory Corruption and Arbitrary Code Execution Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Denial of Service Vulnerability in Adobe Flash Player 9 Adobe Flash Player and Adobe AIR Invalid Pointer Vulnerability Adobe Flash Player and Adobe AIR Invalid Pointer Vulnerability Unspecified Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Script Injection Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Integer Overflow Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Integer Overflow Vulnerability in Adobe Flash Player and Adobe AIR Unspecified Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution Vulnerability in Adobe Flash Player and Adobe AIR Unspecified vulnerability in Adobe Flash Player and Adobe AIR allows for denial of service or arbitrary code execution Unspecified Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Multiple Vulnerabilities in Adobe Flash Player and Adobe AIR Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR on VMWare Platform Sensitive Information Disclosure in PHP trim, ltrim, rtrim, and substr_replace Functions Memory Corruption and Information Disclosure Vulnerabilities in PHP Functions and Opcodes Symlink Attack Vulnerability in pmount 0.9.18 Unspecified Remote Code Execution Vulnerabilities in CA PSFormX and WebScan ActiveX Controls Denial of Service Vulnerability in bozotic HTTP Server Remote Code Execution via Malformed Spec File in RPM 4.8.0 and Earlier RPM Package Manager Privilege Escalation Vulnerability RPM Package Manager File Replacement Vulnerability Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat 9.x on UNIX Unspecified vulnerability in Adobe Reader and Acrobat 9.x and 8.x on Windows and Mac OS X Uninitialized Memory Access Vulnerability in Adobe Reader and Acrobat Heap-based buffer overflow in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, via crafted GIF image in PDF file Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Heap Object Dereference Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Buffer Overflow in Adobe Reader and Acrobat 9.x and 8.x on Windows and Mac OS X via Crafted Flash Content in PDF File Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Adobe Flash Player and Adobe AIR Click-Jacking Vulnerability Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution Vulnerability in Adobe Flash Media Server (FMS) Denial of Service Vulnerability in Adobe Flash Media Server (FMS) Denial of Service Vulnerability in Adobe Flash Media Server (FMS) Denial of Service Vulnerability in Adobe Flash Media Server (FMS) Multiple buffer overflows in iSNS implementation in Linux SCSI target framework, iSCSI Enterprise Target, and Generic SCSI Target Subsystem for Linux allow remote attackers to cause denial of service or execute arbitrary code. Denial of Service Vulnerability in _ger_parse_control Function Information Disclosure Vulnerability in Red Hat Enterprise Virtualization Hypervisor Insecure Snapshot Merging in Red Hat Enterprise Virtualization Manager Use-after-free vulnerability in SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 Privilege Escalation via SWAPEXT ioctl in Linux Kernel Invalid Transfer-Encoding Header Vulnerability in Apache Tomcat Arbitrary Web Script Injection via Extended Characters in Moodle MNET Access-Control Interface Multiple Cross-Site Scripting (XSS) Vulnerabilities in Moodle before 1.8.13 and 1.9.x before 1.9.9 Cross-Site Scripting (XSS) Vulnerability in Moodle's KSES Text Cleaning Filter CSRF vulnerability in Moodle Quiz Module allows unauthorized deletion of quiz attempts Apache Derby Export Processing File Overwrite Vulnerability Vertical Flip Vulnerability in LibTIFF 3.9.0 and 3.9.2 CSRF Vulnerability in Apache CouchDB Allows Authentication Hijacking Arbitrary Code Execution via Cheetah Template Engine in Cobbler Arbitrary Code Execution Vulnerability in Spacewalk-Java and RHN Satellite Arbitrary File Read Vulnerability in Red Hat libvirt Arbitrary File Read Vulnerability in Red Hat libvirt Unspecified Vector File Read Vulnerability in Red Hat libvirt Memory Separation Vulnerability in Linux Kernel World-readable permissions in setup scripts for Red Hat Directory Server 8 allow sensitive information disclosure Improper Mapping of Privileged Source Ports in Red Hat libvirt Vulnerability: OOPS when accessing current_clocksource on non-GENERIC_TIME systems in Linux kernel AvahiDnsPacket Function Denial of Service Vulnerability Apache Wink 1.1.1 XXE Vulnerability: Arbitrary File Read and Denial of Service Arbitrary Command Execution via Shell Metacharacters in feh before 1.8 with --wget-timestamp Insecure Password Generation in makepasswd 1.10 Default Settings Denial of Service Vulnerability in Linux Kernel CIFS Implementation Memory Leak in libpng: Remote Denial of Service via Malformed Physical Scale Chunks Cross-Site Scripting (XSS) Vulnerability in Drupal 5.x and 6.x before 6.16 during Site Installation Arbitrary File Creation and Code Execution Vulnerability in LFTP Arbitrary File Creation and Code Execution via GNU Wget 1.12 and Earlier Arbitrary File Creation and Code Execution Vulnerability in libwww-perl SQL Injection Vulnerability in Shape5 Bridge of Hope Template for Joomla! SQL Injection Vulnerability in BF Survey Pro Components for Joomla! Cross-Site Scripting (XSS) Vulnerabilities in Pay Per Minute Video Chat Script 2.0 and 2.1 Arbitrary SQL Command Execution in Pay Per Minute Video Chat Script 2.0 and 2.1 Arbitrary Code Injection through bannerurl Parameter in phpBannerExchange 1.2 Arabic Arbitrary File Inclusion Vulnerability in BF Survey Component for Joomla! Cross-Site Scripting (XSS) Vulnerabilities in Gambit Design Bandwidth Meter Arbitrary Command Execution Vulnerability in Linksys WAP54Gv3 Firmware 3.04.03 and Earlier Denial of Service Vulnerability in Galileo Students Team Weborf before 0.12.1 Arbitrary File Disclosure Vulnerability in Nginx for Windows CSS Implementation Vulnerability in Apple Safari: Information Disclosure via :visited Pseudo-class Arbitrary Code Execution via Cross-Site Scripting (XSS) in Microsoft Windows Help and Support Center Remote Denial of Service Vulnerability in nginx 0.8.36 via Encoded Directory Traversal Sequences Multiple Cross-Site Scripting (XSS) Vulnerabilities in Accoria Web Server 1.4.7 CSRF Vulnerability in Accoria Web Server Allows Authentication Hijacking Accoria Web Server 1.4.7 Directory Traversal Vulnerability Predictable httpmod-sessionid cookie in Accoria Web Server (aka Rock Web Server) 1.4.7 allows session hijacking Format String Vulnerability in Accoria Web Server 1.4.7 Unspecified Remote Attack Vector Vulnerability in Dojo 0.4.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dojo Versions 1.0.x to 1.4.x Multiple Open Redirect Vulnerabilities in Dojo Versions 1.0.x to 1.4.x Cross-site scripting (XSS) vulnerability in Dojo Toolkit SDK before 1.4.2 in dijit/tests/_testCommon.js Default configuration vulnerability in Dojo build process allows for unspecified impact via request to test or demo component Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Lotus Connections 2.5.x Insecure Network Communication Vulnerability in IBM Lotus Connections 2.5.x Insecure Link Handling in IBM Lotus Connections 2.5.x Open Redirect Vulnerability in IBM Lotus Connections Mobile Component Multiple Cross-Site Scripting (XSS) Vulnerabilities in TomatoCMS 2.0.6 CSRF Vulnerability in TomatoCMS 2.0.6 Allows Remote Password Hijacking Remote Denial of Service Vulnerability in Wireshark SMB Dissector Buffer Overflow Vulnerability in Wireshark ASN.1 BER Dissector SMB PIPE Dissector Denial of Service Vulnerability Denial of Service Vulnerability in Wireshark SigComp Universal Decompressor Virtual Machine Dissector Buffer Overflow in Wireshark SigComp Universal Decompressor Virtual Machine Dissector Arbitrary Web Script Injection Vulnerability in Juniper Networks IVE 6.5R1 and 6.5R2 Open Redirect Vulnerability in Juniper Networks IVE 6.5R1 and 6.5R2 Arbitrary Web Script Injection Vulnerability in McAfee UTM Firewall Unspecified Remote Credential Modification Vulnerability in snom VoIP Phone Firmware Ping Tools Web Interface XSS Vulnerability in Dlink Di-604 Router Denial of Service Vulnerability in Dlink Di-604 Router's Ping Tools Web Interface CSRF Vulnerability in Plume CMS 1.2.4 and Earlier Allows Password Hijacking Improper Handling of Focused Frame Change in WebCore in WebKit in Google Chrome Unspecified DOM Method Vulnerability in Google Chrome Arbitrary Code Execution via Large Colspan Attribute in WebKit Bypassing Sandbox Restrictions in Google Chrome on Linux Type Confusion Vulnerability in Google Chrome's Clipboard::DispatchObject Function Use-after-free vulnerability in Element::normalizeAttributes function in WebKit Arbitrary Script Injection via TEXTAREA Element in WebKit Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 Buffer Overflow in Symantec Sygate Personal Firewall 5.6 Build 2808 SSHelper.dll ActiveX Control Static SSL Keys Used in Sourcefire 3D Sensor and Defense Center Installations Allow for SSL Traffic Decryption via MITM Attack Directory Traversal Vulnerabilities in Motorola SURFBoard Cable Modem SBV6120E Firmware SBV6X2X-1.0.0.5-SCM-02-SHPC Privilege Escalation Vulnerability in Sophos Anti-Virus Filter Driver Remote Code Execution Vulnerability in EvoLogical EvoCam Web Server SolarWinds TFTP Server 10.4.0.13 Denial of Service Vulnerability Power Tab Editor 1.7 Build 80 Stack-Based Buffer Overflow Vulnerability SQL Injection Vulnerability in HauntmAx Haunted House Directory Listing CMS Directory Traversal Vulnerability in Anodyne Productions SIMM Management System (SMS) 2.6.10 Remote File Inclusion Vulnerability in NP_Twitter Plugin for Nucleus Remote File Inclusion Vulnerability in SmartISoft phpBazar 2.1.1: Arbitrary PHP Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in WmsCms 2.0 and Earlier via default.asp Parameters Multiple SQL Injection Vulnerabilities in WmsCms 2.0 and Earlier Arbitrary Script Injection in PHPCityPortal 1.3 via cms_data.php Arbitrary SQL Command Execution in IDevSpot TextAds 2.08 via index.php Directory Listing and User Account Enumeration Vulnerability in bozohttpd User-Assisted Remote Code Execution Vulnerability in Adobe InDesign CS3 10.0 Absolute Path Traversal Vulnerability in FastJar 0.98's extract_jar Function Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) 7.0 on z/OS Unspecified Link Injection Vulnerability in IBM WebSphere Application Server (WAS) 7.0 on z/OS Arbitrary Web Script Injection Vulnerability in IBM WebSphere Application Server (WAS) 7.0 on z/OS Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) 7.0 Denial of Service Vulnerability in mod_ibm_ssl in IBM HTTP Server Denial of Service Vulnerability in IBM WebSphere Application Server 7.0 Buffer Overflow in Rosoft Audio Converter 4.4.4: Remote Code Execution via Long Playlist Entry iSharer File Sharing Wizard 1.5.0 - Remote Code Execution via Content-Length Header Overflow Remote Code Execution Vulnerability in iSharer File Sharing Wizard 1.5.0 via Long HEAD Request Denial of Service Vulnerability in Impact PDF Reader for iPhone and iPod touch Source Code Disclosure Vulnerability in LiteSpeed Web Server 4.0.x Yamamah Photo Gallery 1.00 Directory Traversal Vulnerability SQL Injection Vulnerability in Yamamah Photo Gallery 1.00 Allows Remote Code Execution Arbitrary Source Code Disclosure in Yamamah Photo Gallery 1.00 Open Redirect Vulnerability in RSA Federated Identity Manager 4.0 and 4.1 SQL Injection Vulnerabilities in redir.asp in VU Web Visitor Analyst SQL Injection Vulnerability in Subdreamer CMS 3.x.x: Remote Code Execution via admin/pages.php Arab Portal 2.2 members.php SQL Injection Vulnerability Remote File Inclusion Vulnerability in EZPX Photoblog 1.2 Beta SQL Injection Vulnerability in DMXReady Online Notebook Manager 1.0 Remote Code Execution Vulnerability in D.R. Software Audio Converter 8.1, 2007, and 8.05 via Crafted PLS Playlist File Multiple Cross-Site Scripting (XSS) Vulnerabilities in odCMS 1.06 CSRF Vulnerability in odCMS 1.06 Allows Remote Authentication Hijacking SAP J2EE Engine Core and Server Core Telnet Interface Security Bypass Vulnerability Batch Audio Converter Lite Edition 1.0.0.0 Stack-Based Buffer Overflow Vulnerability Denial of Service Vulnerability in H264WebCam 3.7 Heap-based Buffer Overflow in Ziproxy 3.1.0 PNG Decoder Stack-based Buffer Overflow in Netware SMB 1.0 Allows Remote Code Execution Unauthenticated Access to Controlled Nodes in Node Reference Module for Drupal Unauthenticated Access to Node Titles and IDs in Drupal Node Reference Module Arbitrary SQL Command Execution in Pilot Group (PG) eLMS Pro via subscribe.php Cross-site scripting (XSS) vulnerability in error.php in Pilot Group (PG) eLMS Pro Arbitrary Web Script Injection Vulnerability in Pilot Group (PG) eLMS Pro's subscribe.php SQL Injection Vulnerability in Eicra Realestate Script 1.0 and 1.6.0 via p_id Parameter Remote File Inclusion Vulnerability in Nakid CMS 0.5.2 SQL Injection Vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com eWebquiz 8 Multiple Buffer Overflows in Winny 2.0b7.1 and Earlier: Remote Code Execution Vulnerability BBS Information Processing Vulnerability in Winny 2.0b7.1 and Earlier Remote Code Execution Vulnerability in Winny 2.0b7.1 and Earlier IPv6 Unicast Reverse Path Forwarding (RPF) Bypass Vulnerability Arbitrary Code Injection through Cross-Site Scripting (XSS) in Free CGI Moo moobbs before 1.03 Arbitrary Web Script Injection in Free CGI Moo moobbs2 before 1.03 Arbitrary Web Script Injection Vulnerability in futomi CGI Cafe Access Analyzer Unspecified Cross-Site Scripting (XSS) Vulnerability in AD-EDIT2 before 3.0.9 Lhaplus Untrusted Search Path Privilege Escalation Vulnerability Lhasa Untrusted Search Path Privilege Escalation Vulnerability Unspecified Remote Code Execution Vulnerability in Oracle Business Process Management Component Unspecified Local Confidentiality Vulnerability in Oracle Transportation Management Unspecified Remote Integrity Vulnerability in Oracle Transportation Management Unspecified Remote Integrity Vulnerability in Oracle Enterprise Manager Grid Control Unspecified Local Vulnerability in Solaris Studio 12 Update 1 Unspecified Vulnerability in Oracle Fusion Middleware WebLogic Server Component Affecting Apache, Sun, and IIS Web Servers Unspecified Local Vulnerability in Oracle Solaris Management Console Unspecified Integrity Vulnerability in Oracle PeopleSoft and JDEdwards Suite Unspecified Local Vulnerability in PeopleSoft Enterprise CRM Component Unspecified Confidentiality Vulnerability in PeopleSoft Enterprise HCM - Time & Labor Component Unspecified Local Vulnerability in Oracle PeopleSoft Enterprise FSCM Component Unspecified Integrity Vulnerability in Oracle Fusion Middleware Application Server Control Unspecified Local Vulnerability in Oracle Solaris 8, 9, and 10 NFS Vulnerability in Oracle Solaris and OpenSolaris Unspecified Local Vulnerability in Oracle Solaris 9 and 10 via Solaris Management Console Unspecified vulnerability in Oracle Sun Java System Web Proxy Server 4.0.13 affecting confidentiality and integrity via Administration Server. Unspecified Local Vulnerability in Oracle Solaris and OpenSolaris via GigaSwift Ethernet Driver Information Leakage Vulnerability in GNOME Display Manager (gdm) 2.20.x Unspecified Remote Code Execution Vulnerability in Oracle Applications Manager Unspecified Local Logon Vulnerability in Oracle Database Server and Fusion Middleware Unspecified vulnerability in Database Control component in Oracle Database Server and Fusion Middleware Unspecified Remote Code Execution Vulnerability in Oracle Database Server 10.1.0.5 and 10.2.0.3 ZFS Vulnerability in Oracle Solaris 10 and OpenSolaris: Local Users Impacting Integrity and Availability Local Privilege Escalation Vulnerability in Oracle Solaris 10 and OpenSolaris via RPC Local Privilege Escalation Vulnerability in Oracle Solaris 10 TCP/IP Unspecified Remote Integrity Vulnerability in Oracle Fusion Middleware Unspecified Remote Integrity Vulnerability in Oracle Fusion Middleware Forms Component Unspecified Local User Vulnerability in Oracle Sun Java System Application Server and GlassFish Enterprise Server Unspecified Confidentiality Vulnerability in PeopleSoft Enterprise HCM Component Unspecified Local Vulnerability in Oracle Solaris 10 and OpenSolaris Affecting Kernel/VM Availability Unspecified Local Vulnerability Affecting Oracle Solaris and OpenSolaris Kernel/Filesystem Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise HCM - eProfile Mgr Component Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools Unspecified Confidentiality Vulnerability in Oracle PeopleSoft Enterprise Campus Solutions Unspecified Integrity Vulnerability in Oracle iRecruitment Component Unspecified vulnerability in Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 Unspecified Confidentiality Vulnerability in Oracle Siebel Suite Unspecified Remote Integrity Vulnerability in Oracle Database Server XDK Component Unspecified Remote Integrity Vulnerability in Oracle iRecruitment Component Unspecified Remote Integrity Vulnerability in Oracle Fusion Middleware Unspecified Remote Integrity Vulnerability in Oracle Fusion Middleware Unspecified vulnerability in Oracle Database Server Job Queue component Unspecified Remote Code Execution Vulnerability in Oracle Database Server 11.1.0.7 Unspecified Remote Integrity Vulnerability in Oracle BI Publisher Component Unspecified Remote Confidentiality Vulnerability in Oracle Sun Products Suite Unspecified vulnerability in Oracle Database Server Change Data Capture component Unspecified Remote Integrity Vulnerability in Oracle E-Business Intelligence Component Unspecified Remote Integrity Vulnerability in Oracle Agile PLM Component Unspecified Remote Code Execution Vulnerability in Oracle Territory Management Component Unspecified vulnerability in Java Virtual Machine component in Oracle Database Server Unspecified Remote Code Execution Vulnerabilities in Fenrir Inc. ActiveGeckoBrowser Unspecified Vulnerabilities in Opera Before 10.54 with Various Severity Levels Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone 2.1 through 3.3.4 before hotfix 20100612 Directory Traversal Vulnerability in TitanFTPd Allows Remote File Read/Deletion Directory Traversal Vulnerability in TitanFTPd Allows Remote File Read Access Privilege Escalation Vulnerability in VMware Studio 2.0 Arbitrary Web Script Injection Vulnerability in Wing FTP Server for Windows XSS Vulnerability in Splunk 4.0 through 4.1.2 via HTTP Referer in 404 Not Found Response Local Privilege Escalation via Symlink Attack in CUPS Denial of Service Vulnerability in CUPS Authentication Handling Cross-Site Scripting (XSS) Vulnerabilities in IBM WebSphere ILOG JRules 6.7 Buffer Overflow in Arcext.dll: Remote Code Execution in Explzh 5.62 and Earlier Denial of Service Vulnerability in Weborf HTTP Server 0.12.1 and Earlier SQL Injection Vulnerability in AneCMS Blog 1.3 and Earlier Versions AneCMS Blog 1.3 XSS Vulnerability in tools.class.php SQL Injection Vulnerability in G.CMS Generator Allows Remote Code Execution Stack-based Buffer Overflow in MoreAmp Allows Remote Code Execution via Long Line in Song List (.maf File) Stack-based Buffer Overflow in Subtitle Translation Wizard 3.0 Cross-Domain IFRAME Gadget Keystroke Reading Vulnerability in WebKit Cross-Domain IFRAME Gadget Keystroke Reading Vulnerability in Microsoft Internet Explorer NULL Pointer Dereference Vulnerability in LibTIFF's OJPEGReadBufferFill Function NULL pointer dereference vulnerability in MaraDNS 1.3.03 and earlier versions before 1.4.03 Arbitrary File Read and Command Execution Vulnerability in Freeciv Rbot Reaction Plugin Command Execution Vulnerability Path Traversal Vulnerability in Gitolite before 1.4.1 NULL pointer dereference vulnerability in znc.cpp in ZNC before 0.092 allows remote authenticated users to cause denial of service (crash) Symlink Attack Vulnerability in Gource 0.26 Logs World Readable Private Key Vulnerability in Shibboleth SP 2.0 Unspecified Impact and Remote Attack Vectors in KVIrc DCC Functionality Arbitrary File Overwrite Vulnerability in KVIrc DCC Functionality Cross-Site Scripting (XSS) Vulnerabilities in Synology Disk Station 2.x before DSM3.0-1337 Address bar spoofing vulnerability in Apple Safari Address bar spoofing vulnerability in Opera Directory Traversal Vulnerabilities in Linker IMG 1.0 and Earlier Arbitrary Web Script Injection Vulnerability in K-Search index.php Arbitrary Code Injection through videoid Parameter in 2daybiz Video Community Portal Script 1.0 SQL Injection Vulnerability in 2daybiz Video Community Portal Script 1.0 Arbitrary SQL Command Execution in JCE-Tech Shareasale Script (SASS) 1 SQL Injection Vulnerability in storecat.php in JCE-Tech Overstock 1 Arbitrary SQL Command Execution in withdraw_money.php of Toma Cero OroHYIP Arbitrary Web Script Injection in Jamroom Forum (forum.php) Multiple Cross-Site Scripting (XSS) Vulnerabilities in RSComments Component for Joomla! Insufficient Access Control Vulnerability in S2 Security NetBox and Linear/Sonitrol eMerge Systems Insecure Database Backup Download Vulnerability in S2 Security NetBox Unauthenticated Remote Access to Database Backups in S2 Security NetBox Weak Hash Algorithm Used for Storing Administrator Password in S2 Security NetBox 2.x and 3.x Default Password Vulnerability in Linear eMerge 50 and 5000 Video Recorder World-readable permissions in Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1 when use_suexec is enabled Open Redirection Vulnerability in Drupal Versions 5.x and 6.x Cross-Site Scripting (XSS) Vulnerability in Drupal Locale Module Session Persistence Vulnerability in Drupal 6.x and 5.x Insecure Security Domain Handling in JBoss Enterprise Service Bus (ESB) Arbitrary Path Addition Vulnerability in syscp 1.4.2.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Paste HTTPExceptions Implementation Integer Overflow in ethtool_get_rxnfc Function in Linux Kernel HTML Purifier XSS Vulnerability in Internet Explorer Cross-Site Scripting (XSS) Vulnerability in Mako before 0.3.4 Out-of-Bounds Read Vulnerability in LibTIFF TIFFExtractData Macro Denial of Service in LibTIFF 3.9.4 and Earlier Due to Invalid td_stripbytecount Field Handling Denial of Service Vulnerability in LibTIFF 3.9.0 PHP 5.2 strrchr Function Memory Corruption Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in MoinMoin Unauthenticated Traffic Stats Trigger NULL Pointer Dereference in ZNC before 0.092 Buffer Overflow Vulnerability in Ruby 1.9.x on Windows Mumble: Murmur-Server Denial of Service Vulnerability Arbitrary Web Script Injection in Roundup's cgi/client.py Buffer Overflow in eCryptfs Subsystem in Linux Kernel Default configuration of deployment descriptor allows bypassing access restrictions via crafted HTTP request Buffer underflows in base64 decoder leading to heap memory corruption and application crash L2TP Implementation in Linux Kernel Prior to 2.6.34 Null Pointer Dereference Vulnerability Command Injection Vulnerability in stonith-ng in Pacemaker and Cluster-Glue Integer Underflow Vulnerability in FreeType Glyph Handling Heap Memory Corruption and Arbitrary Code Execution Vulnerability in FreeType Buffer Overflow in FreeType Mac_Read_POST_Resource Function Integer Overflow in FreeType's gray_render_span Function Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Splunk 4.x HTTP Header Injection Vulnerability in Splunk 4.0 - 4.1.1 (SPL-31066) Denial of Service Vulnerability in Soft SaschArt SasCAM Webcam Server 2.6.5, 2.7, and Earlier Arbitrary Web Script Injection in Linksys WAP54Gv3 Firmware 3.05.03 and 3.04.03 Directory Traversal Vulnerability in Picasa2Gallery Component for Joomla! SQL Injection Vulnerability in user-profile.php in 2daybiz Video Community Portal Script Cross-Site Scripting (XSS) Vulnerabilities in 2daybiz Web Template Software Arbitrary SQL Command Execution in 2daybiz Web Template Software via customize.php SQL Injection Vulnerability in 2daybiz Multi Level Marketing (MLM) Software's viewnews.php Allows Remote Code Execution Arbitrary SQL Command Execution in 2daybiz Matrimonial Script's customprofile.php SQL Injection Vulnerability in JE Ajax Event Calendar Component 1.0.5 for Joomla! JFaq Component 1.2 for Joomla! Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerabilities in JFaq Component 1.2 for Joomla! SQL Injection Vulnerabilities in 2daybiz Multi Level Marketing (MLM) Software Unspecified Vulnerabilities in IBM Rational ClearQuest Unspecified Privilege Escalation Vulnerability in IBM FileNet P8 Content Manager and Business Process Manager Heap-based Buffer Overflow in FreeType's Mac_Read_POST_Resource Function Heap-based Buffer Overflow in FreeType's Ins_IUP Function Buffer overflows in NFS server XDR implementation in Linux kernel Unauthenticated Local Netlink Socket Spoofing Vulnerability in UMIP 0.4 Multiple Buffer Overflows in UMIP MIPv6 Daemon (ha.c) Allow Remote Code Execution Cache Stuffing Vulnerability in Linux Kernel CIFS Implementation GFS2 File System ACL Handling Vulnerability Allows Unauthorized Access and Execution Unauthenticated Socket Connection Vulnerability in clvmd Buffer Overflow Vulnerabilities in FreeType Demo Programs Denial of Service Vulnerability in Pidgin's Oscar Protocol Plugin Denial of Service Vulnerability in iputils ping.c Integer Signedness Errors in smb_subr.c in Netsmb Module Information Leakage via var_export Function in PHP LXDE lxsession-logout Screen Lock Bypass Vulnerability Denial of Service Vulnerability in OpenTTD NetworkSyncCommandQueue Function Arbitrary Web Script Injection in Joomla! 1.5.x Back End Multiple Cross-Site Scripting (XSS) Vulnerabilities in rekonq 0.5 and Earlier Vulnerability: Local Users Can Overwrite Append-Only Files in Linux Kernel Integer Overflow in BTRFS_IOC_CLONE_RANGE ioctl Call in Linux Kernel Buffer Overflow in msTmpFile Function in MapServer Unrestricted Use of CGI Command-Line Arguments in MapServer Buffer Overflow Vulnerability in FreeType ftmulti.c Stack-based Buffer Overflow in Git's is_git_directory Function Arbitrary Script Injection in Cacti's top_graph_header.php Arbitrary Web Script Injection Vulnerability in Cacti Utilities.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cacti before 0.8.7g Heap-based buffer overflows in libmikmod loaders/load_it.c allow remote code execution Use-after-free vulnerability in GnuPG 2.x through 2.0.16 allows remote code execution via certificate with large number of Subject Alternate Names Arbitrary File Access Vulnerability in IcedTea6 before 1.7.4 Win32k Reference Count Vulnerability SMB Pool Overflow Vulnerability SMB Variable Validation Vulnerability SMB Stack Exhaustion Vulnerability Cinepak Codec Decompression Vulnerability Tracing Registry Key ACL Vulnerability Tracing Memory Corruption Vulnerability in Microsoft Windows Vista, Windows Server 2008, and Windows 7 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6 Race Condition Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 8 HTML Layout Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability Excel Memory Corruption Vulnerability WordPad Word 97 Text Converter Memory Corruption Vulnerability Movie Maker Buffer Overflow Vulnerability SChannel Malformed Certificate Request Remote Code Execution Vulnerability RPC Memory Corruption Vulnerability Arbitrary Code Execution via Crafted Shortcut Files in Windows Shell Size Value Heap Corruption in pubconv.dll Vulnerability Heap Overrun in pubconv.dll Vulnerability Array Index Error in pubconv.dll: Remote Code Execution Vulnerability PowerPoint Parsing Buffer Overflow Vulnerability PowerPoint Integer Underflow Heap Corruption Vulnerability Arbitrary Web Script Injection in MantisBT 1.2.2 via manage_proj_cat_add.php Heap-based Buffer Overflow in Okular's RLE Decompression Functionality Clickjacking Vulnerability in Opera Browser SQL Injection Vulnerabilities in Pligg before 1.1.1: Remote Code Execution via title Parameter Heap-based Buffer Overflow in RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 via Crafted QCP File Unspecified Memory Access Vulnerability in RealPlayer Codecs Denial of Service Vulnerability in MailEnable SMTP Service Memory Corruption Vulnerability in dirapi.dll in Adobe Shockwave Player Heap-based Buffer Overflow in Adobe Shockwave Player Remote Code Execution Vulnerability in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control Arbitrary File Read Vulnerability in RealPage Module Upload ActiveX Control Buffer Overflow Vulnerabilities in RealPage Module Upload ActiveX Control Integer Overflow Vulnerabilities in Winamp's in_nsv.dll Plugin Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2010-xxxx) Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Heap-based Buffer Overflow in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 ActiveX Control Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in InterSect Alliance Snare Agent and Snare Epilog Array Index Error in LibTIFF's TIFFYCbCrtoRGB Function Denial of Service Vulnerability in LibTIFF's OJPEGPostDecode Function Denial of Service Vulnerability in LibTIFF's TIFFVStripSize Function Denial of Service Vulnerability in LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 Platforms Denial of Service Vulnerability in Research In Motion (RIM) BlackBerry Device Software before 6.0.0 Untrusted Search Path Vulnerability in BlackBerry Desktop Software Allows Arbitrary Code Execution Buffer Overflow Vulnerabilities in BlackBerry Enterprise Server (BES) and BlackBerry Professional Software Allow Remote Code Execution via Crafted PDF Document Buffer Overflow Vulnerabilities in BlackBerry Attachment Service PDF Distiller Component Weak Password Encryption Vulnerability in RIM BlackBerry Desktop Software Buffer Overflow Vulnerabilities in BlackBerry Attachment Service PDF Distiller SQL Injection Vulnerability in 2daybiz Job Search Engine Script's show_search_result.php Multiple SQL Injection Vulnerabilities in 2daybiz Job Site Script SQL Injection Vulnerability in Job Search Engine's show_search_result.php Unspecified Information Disclosure Vulnerability in HP OpenVMS Auditing Feature Arbitrary Script Injection in JExtensions JE Awd Song Component for Joomla! SQL Injection Vulnerability in Grafik CMS 1.1.2: Remote Code Execution via admin/admin.php Cross-Site Scripting (XSS) Vulnerabilities in Grafik CMS 1.1.2 SQL Injection Vulnerability in PHP Bible Search: Remote Code Execution via Chapter Parameter Arbitrary Script Injection in PHP Bible Search via chapter Parameter AdaptCMS 2.0.0 Beta and 2.0.1 Remote File Inclusion Vulnerability Denial of Service Vulnerability in Citrix XenServer with pvops kernel Authentication Bypass Vulnerability in Open&Compact FTP Server (Open-FTPD) 1.2 and Earlier Denial of Service Vulnerability in Qt 4.6.3 and Earlier Joomanager Component SQL Injection Vulnerability Arbitrary SQL Command Execution Vulnerability in Internet DM Specialist Bed and Breakfast's pages.php Multiple SQL Injection Vulnerabilities in iScripts EasySnaps 2.0 Unspecified Denial of Service Vulnerability in Hitachi ServerConductor / Deployment Manager Arbitrary Command Execution in Miyabi CGI Tools SEO Links 1.02 via fn Command Directory Traversal Vulnerabilities in Refractor 2 Engine: Remote File Overwrite Buffer overflow vulnerability in strongSwan IKE daemon allows remote code execution HTTP Request Smuggling Vulnerability in Cisco Content Services Switch (CSS) 11500 and Application Control Engine (ACE) 4710 Out-of-Order Position Denial of Service Vulnerability in LibTIFF 3.9.0 Denial of Service Vulnerability in LibTIFF 3.9.0 Unspecified vulnerability in Oracle Solaris FTP Server allows remote attackers to affect availability Denial of Service Vulnerability in EMC Disk Library (EDL) Denial of Service Vulnerability in RSA enVision before 3.7 SP1 SQL Injection Vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 Arbitrary Script Injection in IBM WebSphere Commerce 7.0 Unencrypted Transmission of Credentials in IBM WebSphere MQ Denial of Service Vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 Information Disclosure Vulnerability in IBM WebSphere Commerce Enterprise 7.0 Array Index Error in Evince DVI-Backend Component Allows Remote Code Execution Array Index Error in VF Font Parser in Evince: Remote Code Execution Vulnerability Heap-based Buffer Overflow in AFM Font Parser in Evince and Other Products Arbitrary Code Execution via Integer Overflow in Evince DVI Backend Improper Access Control in IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before FP1 Denial of Service Vulnerability in WebGL Implementation of Google Chrome Inadequate Isolation of Sandboxed IFRAME Elements in Google Chrome Memory Corruption Vulnerability in Google Chrome Memory Corruption Vulnerability in Google Chrome's Unicode Bidirectional Algorithm Implementation Denial of Service Vulnerability in Google Chrome 5.0.375.99 Unspecified Print Dialog Vulnerability in Google Chrome Memory Corruption Vulnerability in Google Chrome's CSS Rendering Denial of Service Vulnerability in Google Chrome Race condition vulnerability in hvc_close function in Linux kernel before 2.6.34 Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM BladeCenter with Advanced Management Module (AMM) Firmware Directory Traversal Vulnerability in IBM BladeCenter AMM Firmware Insufficient Access Control in IBM BladeCenter AMM Firmware Allows Unauthorized Download of Sensitive Information Arbitrary Code Execution Vulnerability in Opera 10.60 and Earlier Arbitrary File Upload Vulnerability in Opera before 10.60 Widget Property Access Vulnerability Homograph Character Spoofing Vulnerability in Opera File Path Disclosure Vulnerability in Opera Browser Bypassing Popup Blocker in Opera 10.60 and Earlier Versions Denial of Service Vulnerability in Opera 10.60 and Earlier Versions Denial of Service Vulnerability in Opera before 10.60 Arbitrary Script Injection via Data URI in Opera Browser Arbitrary Code Execution via Widget File I/O Operations in Opera Unspecified Remote Code Execution Vulnerabilities in VMware Studio 2.0 Authentication Bypass Vulnerability in Adaptive Micro Systems ALPHA Ethernet Adapter II Web-Manager 3.40.2 Arbitrary Web Script Injection Vulnerability in Orbis CMS 1.0.2 SQL Injection Vulnerability in recipedetail.php Arbitrary Web Script Injection Vulnerability in eZ Publish Advanced Search Multiple SQL Injection Vulnerabilities in eZ Publish 3.7.0 through 4.2.0 Arbitrary SQL Command Execution in Devana 1.6.6 and Earlier via profile_view.php SQL Injection Vulnerability in TSOKA:CMS 1.1, 1.9, and 2.0 via index.php Arbitrary Script Injection Vulnerability in TSOKA:CMS 1.1, 1.9, and 2.0 Directory Traversal Vulnerabilities in Open Web Analytics (OWA) 1.2.3 Remote Code Execution in Open Web Analytics (OWA) 1.2.3 via PHP Remote File Inclusion Arbitrary SQL Command Execution Vulnerability in xmap Component for Joomla! SQL Injection Vulnerability in Joomla! Weblinks Component Allows Remote Code Execution Arbitrary File Inclusion Vulnerability in JExtensions JE Section/Property Finder Component for Joomla! Remote File Inclusion Vulnerability in SEF404x Component for Joomla! Allows Arbitrary Code Execution Directory Traversal Vulnerability in Realtyna Translator Component 1.0.15 for Joomla! SQL Injection Vulnerability in Customer Paradigm PageDirector CMS SQL Injection Vulnerability in Customer Paradigm PageDirector CMS Unrestricted Access Vulnerability in Customer Paradigm PageDirector CMS SQL Injection Vulnerabilities in TopManage OLK Module 1.91.30 for SAP SQL Injection Vulnerability in printdetail.asp in Site2Nite Boat Classifieds SQL Injection Vulnerability in Site2Nite Boat Classifieds' detail.asp Allows Remote Code Execution SQL Injection Vulnerability in Internet DM WebDM CMS SQL Injection Vulnerability in JOOFORGE Gamesbox Component for Joomla! Multiple SQL Injection Vulnerabilities in 2daybiz Custom T-Shirt Design Script 2daybiz Custom T-Shirt Design Script XSS Vulnerability Privilege Escalation and File Corruption Vulnerability in FreeBSD 7.1 through 8.1-PRERELEASE SQL Injection Vulnerability in redSHOP Component (com_redshop) 1.0 for Joomla! Allows Remote Code Execution Directory Traversal Vulnerability in Xlight FTP Server 3.5.0 - 3.5.5 SQL Injection Vulnerability in Sijio Community Software's gallery/index.php Arbitrary Script Injection in Sijio Community Software via Blog Title Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sijio Community Software via Title Parameter SQL Injection Vulnerability in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick) Cross-Site Scripting (XSS) Vulnerability in CBQuick's index.php Buffer Overflow Vulnerabilities in FathFTP ActiveX Control 1.7 Buffer Overflow in UGameEngine::UpdateConnectingMessage Function in Unreal Engine 1, 2, and 2.5 Allows Remote Code Execution Stack-based Buffer Overflow in HP OpenView Network Node Manager (OV NNM) Allows Remote Code Execution Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 via nnmrptconfig.exe Unspecified Information Disclosure Vulnerability in HP ProCurve 1800-24G and 1800-8G Switches Unspecified Denial of Service Vulnerability in HP ProCurve 2610 Switch Unspecified Remote Vulnerability on HP ProCurve 2626 and 2650 Switches Unspecified Denial of Service Vulnerability in HP ProCurve 2610 Switch Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Unspecified Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Unspecified Remote Data Manipulation Vulnerability in HP MagCloud App Privilege Escalation Vulnerability in HP-UX Software Distributor (sd) Arbitrary Command Execution and Information Disclosure via Window and Icon Title Sequences in libvte TCW PHP Album 1.0 - SQL Injection Vulnerability in photos/index.php TCW PHP Album 1.0 - Cross-Site Scripting (XSS) Vulnerability in photos/index.php Multiple SQL Injection Vulnerabilities in PsNews 1.3 Arbitrary Web Script Injection in CruxCMS 3.0 via txtusername Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in CruxSoftware CruxPA 2.00 SQL Injection Vulnerability in show.php in phpaaCms 0.3.1 UTF-8 and other versions SQL Injection Vulnerability in phpaaCms 0.3.1 UTF-8 and Other Versions SQL Injection Vulnerability in RightInPoint Lyrics Script 3.0: Remote Command Execution via artist_id Parameter Cross-Site Scripting (XSS) Vulnerability in RightInPoint Lyrics Script 3.0 Arbitrary Script Injection in LISTSERV 15 and 16 via T Parameter Arbitrary Code Injection through Hierarchical Select Module in Drupal Unchecked Return Code Vulnerability in BarnOwl Outlook Heap-Based Buffer Overflow Vulnerability Print Spooler Service Impersonation Vulnerability Request Header Buffer Overflow Vulnerability in Microsoft IIS 7.5 with FastCGI Enabled Directory Authentication Bypass Vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3 UAG Redirection Spoofing Vulnerability UAG Web Monitor Cross-Site Scripting (XSS) Vulnerability Arbitrary Script Injection in Microsoft Forefront Unified Access Gateway (UAG) Mobile Portal Uniscribe Font Parsing Engine Memory Corruption Vulnerability Buffer Overflow Vulnerability in CreateDIBPalette Function in Microsoft Windows OpenType Font Parsing Vulnerability in Microsoft Windows XP and Server 2003 OpenType Font Driver Integer Calculation Vulnerability Netlogon RPC Null Dereference DOS Vulnerability Win32k Keyboard Layout Vulnerability Win32k Window Class Vulnerability Windows Media Player Memory Corruption Vulnerability Comctl32 Heap Overflow Vulnerability Word Uninitialized Pointer Vulnerability Word Boundary Check Vulnerability Memory Corruption Exploit in Microsoft Word 2002 SP3 and Office 2004 for Mac SSL Security Status Spoofing Vulnerability in Mozilla Firefox and SeaMonkey Integer Overflow Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Use-after-free vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote code execution Information Disclosure Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Memory Corruption Vulnerability in Mozilla Firefox 3.6.7 User Group Membership Disclosure Vulnerability in Bugzilla Improper Impersonation Notifications in Bugzilla Product Name Enumeration Vulnerability in Bugzilla Denial of Service Vulnerability in Bugzilla with PostgreSQL Use-after-free vulnerability in nsTreeSelection function in Mozilla Firefox, Thunderbird, and SeaMonkey before 3.5.12, 3.6.x before 3.6.9, 3.0.7, 3.1.x before 3.1.3, and 2.0.7 allows remote attackers to execute arbitrary code via a XUL tree selection, related to a dangling pointer vulnerability. Arbitrary HTTP Header Injection and HTTP Response Splitting in CGI.pm and CGI::Simple Arbitrary Code Execution via XPCSafeJSObjectWrapper in Mozilla Firefox and Thunderbird Cross-Site Scripting (XSS) Vulnerability in XPCSafeJSObjectWrapper Class Cross-Origin Information Disclosure in Mozilla Firefox, Thunderbird, and SeaMonkey Heap-based buffer overflow in Mozilla Firefox, Thunderbird, and SeaMonkey before 3.6.9 allows remote attackers to execute arbitrary code via a large number of values in the cols attribute of the FRAMESET element. Arbitrary Code Execution via Deleted Object in Mozilla Firefox, Thunderbird, and SeaMonkey Dangling Pointer Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Site Scripting (XSS) Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary web script injection vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Memory Corruption and Arbitrary Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey on Mac OS X Arbitrary Code Execution via Long Username Field in IBM solidDB Hard-coded Password Vulnerability in Siemens Simatic WinCC and PCS 7 SCADA System Remote Code Execution Vulnerability in Novell GroupWise IMAP Server Cross-Site Scripting (XSS) Vulnerability in Novell GroupWise WebAccess Novell GroupWise 8.x WebAccess Cross-Site Scripting (XSS) Vulnerability Arbitrary File Access Vulnerability in IcedTea6 before 1.7.4 MMIO Initialization Functionality Vulnerability in QEMU-KVM Arbitrary CTCP Command Execution Vulnerability in KVIrc IRC Protocol Component Arbitrary File Inclusion Vulnerability in Piwik 0.6 through 0.6.3 Caching Vulnerability in MediaWiki API (CVE-XXXX-XXXX) Arbitrary Script Injection in MediaWiki profileinfo.php Arbitrary PHP Code Execution via Remote File Inclusion in MediaWiki 1.16 beta Multiple Cross-Site Scripting (XSS) Vulnerabilities in Zabbix before 1.8.3rc1 Apache HTTP Server mod_proxy Backend Connection Timeout Vulnerability Race condition vulnerability in SPICE plug-in 2.2 for Firefox allows local users to conduct man-in-the-middle attacks and obtain sensitive information Race condition vulnerability in SPICE plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager before 2.2.4 allows local privilege escalation Local File Overwrite Vulnerability in SPICE Plug-in 2.2 for Firefox Session Hijacking Vulnerability in phpCAS before 1.1.2 Arbitrary Web Script Injection in phpCAS Proxy Mode Directory Traversal Vulnerability in CMS Made Simple before 1.8.1 Incorrect Size Calculation in gfs2_dirent_find_space Function in Linux Kernel Arbitrary Code Execution Vulnerability in Socat's nestlex Function Denial of Service Vulnerability in MS-ZIP Decompressor Integer Signedness Error in Quantum Decompressor in cabextract Arbitrary Script Injection via Inline Attachments in MantisBT Information Disclosure Vulnerability in Linux Kernel's DRM Subsystem Denial of Service and Arbitrary Code Execution Vulnerability in FreeType's FT_Stream_EnterFrame Function Heap-based Buffer Overflow in FreeType's t42_parse_sfnts Function Integer Overflow Vulnerability in FreeType Buffer Overflow in FreeType Mac_Read_POST_Resource Function Arbitrary Command Execution via Crafted HREF Attribute in Uzbl Heap-based Buffer Overflow in convert_to_idna function in Lynx 2.8.8dev.1 through 2.8.8dev.4 Denial of Service Vulnerability in Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 Denial of Service Vulnerability in ZNC 0.092 via Missing Argument in PING Command Denial of Service Vulnerability in SquirrelMail 1.4.21 Unspecified Denial of Service Vulnerability in Cisco ASA and PIX Devices (CSCtf37506) Unspecified Denial of Service Vulnerability in Cisco ASA and PIX Devices (CSCtf55259) Denial of Service Vulnerability in Cisco ASA SIP Inspection Feature (CSCtd32106) Unspecified Denial of Service Vulnerability in Cisco ASA and PIX Devices (CSCte46507) Denial of Service vulnerability in SunRPC Inspection Feature on Cisco FWSM (CSCte61710) Denial of Service vulnerability in SunRPC Inspection Feature on Cisco FWSM (CSCte61622) Denial of Service vulnerability in Cisco FWSM SunRPC Inspection Feature (CSCte61662) Denial of Service vulnerability in Cisco Firewall Services Module (FWSM) with multi-mode enabled Denial of Service Vulnerability in Cisco ACE Module and ACE 4710 Appliance Denial of Service Vulnerability in Cisco ACE 4710 Appliance with Deep Packet Inspection Denial of Service Vulnerability in Cisco ACE Module (Bug ID CSCta20756) Denial of Service vulnerability in Cisco ACE Module and ACE 4710 Appliance due to SIP Inspection SQL Injection Vulnerability in Cisco Wireless Control System (WCS) 6.0.x: Remote Code Execution via ORDER BY Clause (CSCtf37019) Denial of Service Vulnerability in Cisco IOS 15.1(2)T (Bug ID CSCti18193) Denial of Service Vulnerability in Cisco IOS and IOS XE H.323 Implementation (CSCtc73759) Denial of Service Vulnerability in Cisco IOS H.323 Implementation (CSCtd33567) Denial of Service Vulnerability in Cisco IOS and IOS XE (Bug ID CSCte14603) Denial of Service Vulnerability in Cisco IOS NAT for SIP Implementation Denial of Service Vulnerability in Cisco IOS NAT for H.323 Implementation Denial of Service Vulnerability in Cisco IOS NAT for H.225.0 Implementation Denial of Service Vulnerability in Cisco IOS and Cisco Unified Communications Manager Denial of Service Vulnerability in Cisco IOS and Cisco Unified Communications Manager Memory Leak in Cisco IOS SSL VPN Feature with HTTP Port Redirection Denial of Service Vulnerability in Cisco Unified Communications Manager Denial of Service Vulnerability in Cisco Unified Communications Manager Denial of Service Vulnerability in Cisco Unified Presence (CSCtd14474) Denial of Service Vulnerability in Cisco Unified Presence Service Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) Software Unspecified Remote Access Restriction Bypass and Configuration Modification Vulnerability in Cisco Wireless LAN Controller (WLC) Software Unspecified Remote Access Restriction Bypass and Configuration Modification Vulnerability in Cisco Wireless LAN Controller (WLC) Software Arbitrary Web Script Injection Vulnerability in Newanz NewsOffice 2.0.18 SQL Injection Vulnerability in QuickFAQ Component 1.0.3 for Joomla! Arbitrary Web Script Injection Vulnerability in InterJoomla ArtForms Component for Joomla! SQL Injection Vulnerabilities in InterJoomla ArtForms Component 2.1b7.2 RC2 for Joomla! Arbitrary File Read Vulnerability in InterJoomla ArtForms Component 2.1b7.2 RC2 for Joomla! Arbitrary Web Script Injection in nuBuilder 10.04.20 Arbitrary Local File Inclusion Vulnerability in nuBuilder 10.04.20 SQL Injection Vulnerability in BookLibrary From Same Author (com_booklibrary) Module 1.5 and Earlier for Joomla! Cross-Site Scripting (XSS) Vulnerability in RunCms 2.1 Headlines Module SQL Injection Vulnerability in iScripts VisualCaster's playVideo.php Allows Remote Code Execution Cross-Site Scripting (XSS) Vulnerabilities in Event Horizon (EVH) 1.1.10 modfile.php Multiple SQL Injection Vulnerabilities in Event Horizon (EVH) 1.1.10 modfile.php Arbitrary Web Script Injection in osCSS 1.2.2 and Earlier Versions Directory Traversal Vulnerability in Joomla! Music Manager Component Arbitrary Web Script Injection in SimpNews 2.47.03 and Earlier Sensitive Information Disclosure in SimpNews 2.47.3 and Earlier via Invalid Lang Parameter Insecure External Network Traffic Access in EMC Celerra NAS Appliance Arbitrary File Read Vulnerabilities in Adobe ColdFusion Administrator Console Arbitrary Code Execution via Integer Overflow in CoolType.dll Memory Corruption Vulnerability in Adobe Shockwave Player Memory Corruption and Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Unspecified Denial of Service Vulnerability in Adobe Shockwave Player Integer Signedness Error in Adobe Shockwave Player: Remote Code Execution Vulnerability Heap Memory Corruption Vulnerability in Adobe Shockwave Player Memory Corruption Vulnerability in Adobe Shockwave Player Memory Corruption and Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Heap Memory Corruption and Arbitrary Code Execution in Adobe Shockwave Player Adobe Shockwave Player Integer Overflow Vulnerability Memory Corruption and Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Heap Memory Corruption and Arbitrary Code Execution in Adobe Shockwave Player Unspecified Memory Corruption Vulnerability in Adobe Shockwave Player Integer Signedness Error in Adobe Shockwave Player: Remote Code Execution Vulnerability Heap Memory Corruption and Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Heap Memory Corruption Vulnerability in Adobe Shockwave Player Buffer Overflow Vulnerability in Adobe Shockwave Player Integer overflows in TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote code execution Memory Corruption and Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Memory Corruption Vulnerability in Adobe Shockwave Player Memory Corruption and Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Stack-based Buffer Overflow in CoolType.dll in Adobe Reader and Acrobat 9.x and 8.x on Windows and Mac OS X Adobe Flash Player and Adobe Reader/Acrobat Multiple Vulnerabilities Arbitrary Web Script Injection Vulnerability in Adobe RoboHelp and RoboHelp Server Arbitrary Web Script Injection in Adobe RoboHelp and RoboHelp Server Unspecified Privilege Escalation Vulnerabilities in Adobe Reader and Acrobat 9.x on Linux Unspecified Arbitrary Code Execution Vulnerabilities in Adobe Reader and Acrobat ActiveX Control Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Buffer Overflow in smiGetNode Function in libsmi.c Allows Arbitrary Code Execution Remote Command Execution via CSRF in LANDesk Management Gateway Insecure InheritParentPermissions Management in IBM FileNet Content Manager Unspecified Windows Kernel Flaw in Google Chrome (CVE-XXXX-XXXX) Unspecified Flaw in GNU C Library in Google Chrome Unspecified Remote Information Disclosure Vulnerability in Google Chrome Unspecified Remote Attack Vector in Google Chrome's Canvas Handling Unspecified Memory Corruption Vulnerability in Google Chrome Memory Corruption Vulnerability in Google Chrome's SVG Implementation Improper Hostname Truncation and Eliding in Google Chrome Cross-Site Scripting (XSS) Vulnerabilities in SAP NetWeaver System Landscape Directory (SLD) Component SQL Injection Vulnerability in info.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory: Remote Code Execution via id Parameter SQL Injection Vulnerability in articlesdetails.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory SQL Injection Vulnerability in Huru Helpdesk Component for Joomla! SQL Injection Vulnerability in Joomdle Component (com_joomdle) for Joomla! Arbitrary SQL Command Execution in TTVideo Component for Joomla! SQL Injection Vulnerability in Ozio Gallery Component for Joomla! SQL Injection Vulnerability in Kayako eSupport 3.70.02: Remote Code Execution via newsid Parameter SQL Injection Vulnerability in Kayako eSupport 3.70.02: Remote Code Execution via index.php Sensitive Account Data Stored in Vulnerable Citibank Citi Mobile App for iOS Arbitrary Web Script Injection Vulnerability in Nessus Web Server Plugin 1.2.4 AJ Square AJ HYIP PRIME welcome.php SQL Injection Vulnerability SQL Injection Vulnerability in AJ Square AJ HYIP MERIDIAN's news.php Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in AJ Square AJ Article 3.0 Remote File Inclusion Vulnerability in Visites Component 1.1 RC2 for Joomla! Arbitrary SQL Command Execution in StaticXT Component for Joomla! Arbitrary File Read Vulnerability in Foobla Suggestions Component for Joomla! SQL Injection Vulnerability in Golf Course Guide Component for Joomla! SQL Injection Vulnerability in AKY Blog's default.asp Allows Remote Code Execution via id Parameter Arbitrary SQL Command Execution Vulnerability in YouTube Component 1.5 for Joomla! SQL Injection Vulnerability in myLDlinker.php in myLinksDump Plugin 1.2 for WordPress SQL Injection Vulnerability in Freeway CMS 1.4.3.210: Remote Code Execution via ecPath Parameter Arbitrary SQL Command Execution in sNews 1.7 via index.php Denial of Service Vulnerability in IBM Tivoli Directory Server Privilege Escalation via Credential Storage in vCenter Tomcat Management Application Privilege Escalation via Untrusted Search Path in hsolinkcontrol Stack-based Buffer Overflow Vulnerabilities in hsolinkcontrol in hsolink 1.0.118 SigPlus Pro 3.74 ActiveX Control Stack-Based Buffer Overflow Vulnerability Buffer Overflow in BarCodeWiz BarCode 3.29 ActiveX Control (BarcodeWiz.dll) via LoadProperties Method Argument SQL Injection Vulnerability in AV Scripts AV Arcade 3: Remote Code Execution via ava_code Cookie Unspecified Denial of Service Vulnerabilities in ZNC 0.092 Heap-based Buffer Overflow in OpenOffice.org's Impress Module Integer Overflow Vulnerability in OpenOffice.org's Impress Module ID3v2 Tag Processing Denial of Service Vulnerability in VideoLAN VLC Media Player VMCS Field Access Vulnerability in Linux Kernel 2.6.18 Double Free Vulnerability in OpenSSL's ssl3_get_key_exchange Function Bypassing Authentication Requirements in SSSD LDAP Authentication Memory Allocation Vulnerability in CUPS 1.4.4 and Earlier Allows Remote Code Execution Uninitialized Structure Members Vulnerability in Linux Kernel Network Queueing Functionality Insecure Inode Buffer Handling in Linux Kernel's XFS Implementation Unverified Password Vulnerability in zope-ldapuserfolder 2.9-1 Default Configuration of SLiM Allows Privilege Escalation via Trojan Horse Program Bypassing Xattr Namespace Restrictions in Linux Kernel Heap-based Buffer Overflow in HX_split Function in libHX Allows Remote Code Execution or Denial of Service Stack-based Buffer Overflow in Quagga BGP Daemon Allows Remote Code Execution AS Path Parsing Vulnerability in Quagga BGP Daemon (bgpd) Format String Vulnerability in PHP Phar Extension Denial of Service in Squid 3.1.6 via Invalid Socket Access in dns_internal.cc DNS Cache Poisoning Vulnerability in Apache Traffic Server Untrusted Search Path Vulnerability in Debian GNU/Linux Patch for CouchDB Script Denial of Service and Potential Impact via Multiple Unsuccessful Calls to bind on AF_IRDA Socket in Linux Kernel Off-by-one Error in cfg80211_wext_giwessid Function Allows Information Disclosure Privilege Escalation via Sudo Runas Group Configuration Vulnerability Arbitrary Web Script Injection in Serendipity 1.5.4 and Earlier Arbitrary Script Injection in phpMyAdmin 3.x Libraries Integer Overflow Vulnerability in Linux Kernel CAN Implementation NULL pointer dereference vulnerability in keyctl_session_to_parent function in Linux kernel 2.6.35.4 and earlier Insecure Permissions in mountall's root.rules File Arbitrary Kernel Memory Write Vulnerability in Intel i915 Driver Arbitrary Kernel Memory Write Vulnerability in Video4Linux (V4L) Implementation Remote Code Execution Vulnerability in WDB Target Agent Debug Service Hardcoded Credentials Vulnerability in Wind River VxWorks Weak Password Encryption Vulnerability in Wind River VxWorks FTP Daemon in Wind River VxWorks Allows Brute-Force Attacks Multiple Cross-Site Scripting (XSS) Vulnerabilities in MoinMoin 1.7.3 and Earlier, and 1.9.x before 1.9.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in MoinMoin 1.9.x before 1.9.3 Buffer over-read vulnerability in libmikmod allows remote attackers to trigger a buffer over-read and possibly have unspecified other impact via a crafted Impulse Tracker file Integer Overflow Privilege Escalation in IOSurface on Apple iOS Devices Stack-based Buffer Overflow in Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX Control Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 SSH Session Password Disclosure Vulnerability Default SNMP Communities and Credentials in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 Unspecified TLS and SSL Implementation Vulnerability in Cisco Unified Wireless Network Solution 7.x Inadequate Message-Digest Algorithm in Cisco Unified Wireless Network Solution 7.x Denial of Service Vulnerability in Cisco Unified Wireless Network Solution 7.x Denial of Service Vulnerability in Cisco Unified Wireless Network Solution 7.x Denial of Service Vulnerability in Cisco Unified Wireless Network Solution 7.x Cisco Unified Wireless Network (UWN) Solution 7.x SNMP Password Disclosure Vulnerability Denial of Service Vulnerability in Cisco Unified Wireless Network Solution 7.x Bypassing Access Restrictions in Cisco Unified Wireless Network Solution 7.x Cross-Site Scripting (XSS) Vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3 Cisco Wireless Control System (WCS) Cross-Site Scripting (XSS) Vulnerability in QuickSearchAction.do Cisco Wireless Control System (WCS) 7.x Multiple Cross-Site Scripting (XSS) Vulnerabilities Arbitrary Web Script Injection Vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x Information Disclosure Vulnerability in Nessus Web Server Plugin 1.2.4 Heap Offset Overflow Vulnerability in Citrix Online Plug-in and Citrix Receiver Arbitrary Code Execution and Memory Corruption in Citrix Online Plug-in for Windows NULL Pointer Dereference Vulnerability in Wireshark GSM A RR Dissector Denial of Service Vulnerability in Wireshark IPMI Dissector Stack-based buffer overflow in Wireshark ASN.1 BER Dissector Buffer Overflow Vulnerability in Wireshark SigComp UDVM RealPlayer Array Index Error Remote Code Execution Vulnerability RealPlayer StreamTitle Tag Use-After-Free Vulnerability Remote Code Execution Vulnerability in RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 via Malformed IVR Pointer Index RealPlayer Integer Overflow Vulnerability in AAC File Parsing Integer Overflow Vulnerabilities in RealPlayer FLV Parsing Unspecified ActiveX Control Vulnerability in RealPlayer Plugin for Internet Explorer Unspecified File Access Bypass Vulnerability in RealPlayer 11.0 - 11.1 HP Insight Diagnostics Online Edition XSS Vulnerability Unspecified Remote Code Execution Vulnerability in HP Operations Agent 7.36 and 8.6 on Windows Unspecified Privilege Escalation Vulnerability in HP Operations Agent 7.36 and 8.6 on Windows Unspecified Denial of Service Vulnerability in HP ProLiant G6 Lights-Out 100 Remote Management Card Unspecified Privilege Escalation and Denial of Service Vulnerability in HP Data Protector Express Unspecified Privilege Escalation Vulnerability in HP Data Protector Express Unspecified Remote Code Execution Vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 Cross-site scripting (XSS) vulnerability in HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100-73 firmware before 1.0.13 CRLF Injection Vulnerability in HP System Management Homepage (SMH) before 6.2 HP System Management Homepage (SMH) before 6.2 XSS Vulnerability SQL Injection Vulnerability in Pligg's groupadmin.php Heap Memory Over-read Vulnerability in Coda Filesystem Kernel Module Integer Overflow in ext4_ext_get_blocks Function in Linux Kernel Authentication Bypass Vulnerability in RSA Access Manager Agent 4.7.1 RSA Access Manager Server Cache Update Vulnerability Opera HTML5 Canvas Heap-based Buffer Overflow Vulnerability Arbitrary Feed Subscription Vulnerability in Opera's News-Feed Preview Feature Denial of Service Vulnerability in Opera 10.61 Cross-site scripting (XSS) vulnerability in Devel module's Performance logging module in Drupal Multiple Cross-Site Scripting (XSS) Vulnerabilities in DiamondList 0.1.6 Cross-Site Request Forgery (CSRF) Vulnerabilities in DiamondList 0.1.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Tomaz Muraus Open Blog 1.2.1 CSRF Vulnerability in Tomaz Muraus Open Blog 1.2.1 Allows Unauthorized Administrative Privileges SQL Injection Vulnerability in Tycoon Baseball Script 1.0.9: Remote Code Execution via game_id Parameter Insecure Permissions in Aardvertiser Component for Joomla! SQL Injection Vulnerability in PHPKick 0.8 statistics.php CSRF Vulnerability in Tomaz Muraus Open Blog 1.2.1 Allows Remote Password Hijacking Buffer Overflow Vulnerability in Wyse ThinOS LPD Service Integer Overflow and Heap-Based Buffer Overflow in OBGIOPServerWorker::extractHeader Function in SAP Crystal Reports 2008 Unspecified Remote Access Restriction Bypass Vulnerability in Cisco Wireless LAN Controller (WLC) Software Cisco Wireless LAN Controller (WLC) ACL Bypass Vulnerability Unrecognized Transitive Attribute Denial of Service Vulnerability in Cisco IOS XR CiscoWorks Common Services Authentication Buffer Overflow Vulnerability Remote Command Execution Vulnerability in Cisco Unified Videoconferencing Systems Default Password Vulnerability in Cisco Unified Videoconferencing (UVC) System 5110 and 5115 Arbitrary Command Execution in Cisco Unified Communications Manager (CUCM) Administrative Interface Multiple stack-based buffer overflows in Cisco Intelligent Contact Manager (ICM) Setup Manager (agent.exe) allow remote code execution Multiple Buffer Overflows in Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB and T27LC Buffer overflow vulnerabilities in Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB and T27LC before SP21 EP3 and SP22 respectively Multiple Buffer Overflows in Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB and T27LC Multiple Buffer Overflows in Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB and T27LC Remote Denial of Service Vulnerability in Cisco Unified Personal Communicator 7.0 (1.13056) Local Denial of Service Vulnerability in Cisco IOS Denial of Service Vulnerability in Cisco IOS before 12.2(33)SXI Denial of Service Vulnerability in FreeType's BDF Font Parsing Denial of Service Vulnerability in FreeType 2.3.9 and Earlier Versions Arbitrary PHP Code Execution via Crafted POST Request in phpMyAdmin 2.11.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin Remote Code Execution Vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Buffer Overflow Vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Server Unspecified Denial of Service Vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Unspecified Denial of Service Vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Remote Memory Read and Heap-based Buffer Overflow in PHP MySQLnd Extension Heap-based Buffer Overflow in php_mysqlnd_read_error_from_line Function Stack-based Buffer Overflow in PHP MySQLnd Extension Arbitrary Session Variable Modification Vulnerability in PHP 5.2 and 5.3 NULL Pointer Dereference Vulnerability in Linux Kernel's io_submit_one Function Integer Overflow in Linux Kernel's do_io_submit Function Stack-based Buffer Overflow in Samba Allows Remote Code Execution via Crafted Windows Security ID (SID) Arbitrary Web Script Injection Vulnerability in NuSOAP 0.9.5 Denial of Service Vulnerability in bip before 0.8.6 via Empty USER Command Denial of Service Vulnerability in Squid String Comparison Functions Integer Data Size Vulnerability in SSL_Cipher.cpp Improper Cipher Combination in EncFS Allows Watermark Attack Vulnerability: Insecure Initialization Vector in EncFS SQL Injection Vulnerability in Simple Management for BIND (smbind) Arbitrary Web Script Injection in Horde Application Framework Uninitialized Structure Member Vulnerability in xfs_ioc_fsgetxattr Function Denial of Service via NULL Pointer Dereference in Linux Kernel's ftrace.c Double Free Vulnerability in Linux Kernel's snd_seq_oss_open Function 64-bit Linux Kernel Vulnerability: Privilege Escalation via compat_alloc_user_space Functions Django 1.2.x Cross-Site Scripting (XSS) Vulnerability via csrfmiddlewaretoken Cookie Denial of Service Vulnerability in Apache Qpid SSL Handshake Buffer Overflow in niu_get_ethtool_tcam_all Function in Linux Kernel Arbitrary Code Execution Vulnerability in Mednafen Network-Play Implementation Denial of Service Vulnerability in Linux Kernel's Futex Exception Fixup Memory Corruption Vulnerability in LibTIFF Arbitrary Command Execution Vulnerability in Pidgin-Knotify Plugin Cross-Site Scripting (XSS) Vulnerabilities in GNU Mailman before 2.1.14rc1 OpenID Module Authentication Bypass Vulnerability Case-insensitive filename handling vulnerability in Drupal upload module Unpublishing Bypass Vulnerability in Drupal Comment Module Cross-Site Scripting (XSS) Vulnerabilities in Drupal 6.x before 6.18 Local File Overwrite Vulnerability in MailScanner SoftX FTP Client 3.3 Directory Traversal Vulnerability Directory Traversal Vulnerability in WinFrigate Frigate 3 FTP Client 3.36 and Earlier Directory Traversal Vulnerability in FTP Rush 1.1.3 and Earlier Versions Directory Traversal Vulnerability in SmartFTP Client 4.0.1124.0 and Earlier Versions Arbitrary File Overwrite Vulnerability in Porta+ FTP Client 4.1 FTP Explorer 10.5.19.1 Directory Traversal Vulnerability Directory Traversal Vulnerability in SiteDesigner Technologies, Inc. 3D-FTP Client 9.0 Build 2 FTPGetter Team FTPGetter 3.51.0.05 Directory Traversal Vulnerability Directory Traversal Vulnerability in DeskShare AutoFTP Manager 4.31 and Earlier Versions Uninitialized Memory Pointer Vulnerability in Novell iPrint Client Arbitrary Code Execution and Denial of Service Vulnerability in Novell iPrint Client Denial of Service Vulnerability in Novell iPrint Client Buffer Overflow in Novell iPrint Client Plugin Allows Remote Code Execution Remote Code Execution Vulnerability in Novell iPrint Client Plugin Buffer Overflow Vulnerabilities in Novell Client novfs Module for Linux Kernel Unspecified Windows Kernel Flaw in Google Chrome (CVE-XXXX-XXXX) File Dialog Memory Corruption Vulnerability in Google Chrome Memory Corruption Vulnerability in Google Chrome and Webkitgtk Unspecified Node Type Cast Vulnerability in Google Chrome and Webkitgtk Address Bar Spoofing Vulnerability in Google Chrome and Webkitgtk Use-after-free vulnerabilities in WebKit: Remote Code Execution and Denial of Service Denial of Service Vulnerability in Google Chrome Notifications Feature Insecure Autosuggest Feature in Google Chrome Allows Password Exposure Denial of Service and Memory Corruption Vulnerability in Google Chrome and Webkitgtk Denial of Service and Memory Corruption Vulnerability in Google Chrome Geolocation Feature Buffer Overflow in tm-console-bin: Remote Code Execution Vulnerability Cleartext Transmission of Shared Secret in DevonIT Thin-Client Management Tool Untrusted Search Path Vulnerability in VLC Media Player 1.1.3 and Earlier Untrusted Search Path Vulnerability in TeamMate Audit Management Software Suite 8.0 Patch 2 Untrusted Search Path Vulnerability in avast! Free Antivirus Allows Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in Adobe PhotoShop CS2 through CS5 Untrusted Search Path Vulnerability in TeamViewer 5.0.8703 and Earlier: Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in uTorrent: Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in TechSmith Snagit Allows Arbitrary Code Execution Untrusted search path vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey on Windows XP Untrusted Search Path Vulnerability in Adobe Dreamweaver CS5 Allows Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in Wireshark Allows Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in Google Earth 5.1.3535.3218 Allows Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in Cisco Packet Tracer 5.2 Allows Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in Skype 4.2.0.169 and Earlier: Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in Nullsoft Winamp 5.581 and Other Versions Indeo Codec Insecure Library Loading Vulnerability Untrusted Search Path Vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) Untrusted Search Path Vulnerability in Windows Internet Communication Settings on Windows XP SP3 Untrusted Search Path Vulnerability in Microsoft PowerPoint 2010 Untrusted Search Path Vulnerability in Microsoft Office PowerPoint 2007 Untrusted Search Path Vulnerability in Microsoft Windows Contacts Internet Connection Signup Wizard Insecure Library Loading Vulnerability BitLocker Drive Encryption API Untrusted Search Path Vulnerability Microsoft Groove Insecure Library Loading Vulnerability Insecure Library Loading Vulnerability in wab.exe 6.00.2900.5512 Microsoft Visio Insecure Library Loading Vulnerability Untrusted Search Path Vulnerability in Adobe Device Central CS5: Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in Adobe Premier Pro CS4 4.0.0 (314 (MC: 160820)) Untrusted Search Path Vulnerability in Adobe On Location CS4 Build 315 Untrusted Search Path Vulnerability in Adobe Illustrator CS4 and CS5 Untrusted Search Path Vulnerability in Adobe InDesign CS4, CS5, InDesign Server CS5, and InCopy CS5 Untrusted Search Path Vulnerability in Adobe Extension Manager CS5 5.0.298 Allows Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in Adobe ExtendScript Toolkit (ESTK) CS5 3.5.0.52 Allows Arbitrary Code Execution and DLL Hijacking Untrusted Search Path Vulnerability in K2 K2Editor before 1.5.9 Allows Privilege Escalation via Trojan Horse Executable Untrusted Search Path Vulnerability in XacRett: Arbitrary Code Execution via Trojan Horse Executable Lhaplus Untrusted Search Path Privilege Escalation Vulnerability Untrusted Search Path Vulnerability in Explzh 5.67 and Earlier: Privilege Escalation via Trojan Horse Executable Untrusted Search Path Vulnerability in Archive Decoder 1.23 and Earlier Untrusted Search Path Vulnerability in TeraPad Allows Privilege Escalation Untrusted Search Path Vulnerability in Apsaly 3.74: Local Privilege Escalation via Trojan Horse Executable Untrusted Search Path Vulnerability in Fenrir Sleipnir and Grani Privilege Escalation via Untrusted Search Path Vulnerability in Fenrir Sleipnir and Grani Local Privilege Escalation via Untrusted Search Path Vulnerability in Yokka NoEditor and Other Editors Heap-based buffer overflow in nsTextFrameUtils::TransformText function in Mozilla Firefox, Thunderbird, and SeaMonkey before 3.5.12, 3.6.9, 3.0.7, 3.1.3, and 2.0.7 allows remote code execution via bidirectional text run. Dangling Pointer Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey XUL Tree Removal Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Wildcard IP Address Spoofing Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Insecure Random Number Generation in JavaScript Implementation in Mozilla Firefox CRLF Injection Vulnerability in Bugzilla Insecure SSL Implementation Allows Brute-Force Attacks Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox and Thunderbird Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Site Scripting (XSS) Vulnerabilities in Gopher Parser in Mozilla Firefox and SeaMonkey Cross-Domain Navigation Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Stack-based Buffer Overflow in Mozilla Firefox, Thunderbird, and SeaMonkey Remote Code Execution via Use-After-Free Vulnerability in nsBarProp Function Untrusted Search Path Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey on Windows Privilege Escalation via Zero-Length Directory Name in LD_LIBRARY_PATH Dangling Pointer Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Attack Vector in IBM WebSphere Application Server (WAS) 7.x and WebSphere Application Server Feature Pack for Web Services 6.1.0.9 through 6.1.0.32 Buffer Overflow Vulnerability in IBM AIX FTPD Allows Remote Code Execution BugTracker.NET 3.4.3 and Earlier: SQL Injection Vulnerability in search.aspx Arbitrary Code Execution Vulnerability in Trend Micro Internet Security Pro 2010 MFC Insecure Library Loading Vulnerability Untrusted Search Path Vulnerability in Adobe Captivate 5.0.0.596 and Other Versions Vulnerability: Information Disclosure via glibc Runtime Memory Protection Mechanisms Unspecified Vulnerability in IBM DB2STST Program File Access Bypass Vulnerability in IBM DB2DART Program Denial of Service Vulnerability in IBM DB2 9.x on Windows Server 2008 Denial of Service Vulnerability in IBM DB2 9.7 Uncontrolled Access to Monitor Administrative Views in IBM DB2 9.7 Denial of Service Vulnerability in ZServer of Zope 2.10.x and 2.11.x Untrusted Search Path Vulnerability in TortoiseSVN Allows Arbitrary Code Execution and DLL Hijacking Remote Denial of Service in Microsoft Word 2003 SP3 11.8326.11.8324 via Crafted Buffer in Word Document NetWin Surgemail before 4.3g Cross-Site Scripting (XSS) Vulnerability Arbitrary Script Injection Vulnerability in Flock Browser 3.0.0.3989 via Crafted Bookmark Directory Traversal Vulnerability in PicSell Component 1.0 for Joomla! PHP Remote File Inclusion Vulnerabilities in Pecio CMS 2.0.5 Remote File Inclusion Vulnerability in Textpattern CMS 4.2.0 index.php Multiple PHP Remote File Inclusion Vulnerabilities in DiY-CMS 1.0 SQL Injection Vulnerability in GaleriaSHQIP 1.0 Allows Remote Code Execution via album_id Parameter Cross-site scripting (XSS) vulnerability in Wiccle Web Builder (WWB) 1.00 and 1.0.1 in ajax.php Multiple PHP Remote File Inclusion Vulnerabilities in Seagull 0.6.7 Multiple PHP Remote File Inclusion Vulnerabilities in Multi-lingual E-Commerce System 0.2 SQL Injection Vulnerabilities in JE FAQ Pro Component 1.5.0 for Joomla! SQL Injection Vulnerability in Seagull 0.6.7 and Earlier: Arbitrary SQL Command Execution CSRF Vulnerability in Microsoft Outlook Web Access Allows Remote Authentication Hijacking Word Stack Overflow Vulnerability Word Return Value Vulnerability Word Bookmarks Remote Code Execution Vulnerability Word Pointer Vulnerability: Remote Code Execution via Double Free in Microsoft Word 2002 SP3 Microsoft Word 2002 SP3 Heap Overflow Vulnerability Word Index Parsing Vulnerability Memory Corruption Vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac Word Parsing Vulnerability LPC Message Buffer Overrun Vulnerability in Microsoft Windows XP and Server 2003 Administrative-Share Permissions Vulnerability in Microsoft Cluster Service (MSCS) RTSP Use After Free Vulnerability in Microsoft Windows Media Player Network Sharing Service Windows MFC Document Title Updating Buffer Overflow Vulnerability .NET Framework x64 JIT Compiler Vulnerability TLSv1 Denial of Service Vulnerability in Microsoft Windows Excel Record Parsing Integer Overflow Vulnerability Excel Record Parsing Memory Corruption Vulnerability Excel File Format Parsing Vulnerability Lotus 1-2-3 Workbook Parsing Vulnerability in Microsoft Excel 2002 and 2003 SP3 Excel 2002 SP3 Formula Substream Memory Corruption Vulnerability Formula Biff Record Vulnerability in Microsoft Excel 2002 SP3 Out Of Bounds Array Vulnerability in Microsoft Excel and Office for Mac Merge Cell Record Pointer Vulnerability Arbitrary Code Execution via Crafted Excel Document: Negative Future Function Vulnerability Extra Out of Boundary Record Parsing Vulnerability in Microsoft Excel 2002 SP3 Real Time Data Array Record Vulnerability in Microsoft Excel Out-of-Bounds Memory Write in Parsing Vulnerability in Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac Ghost Record Type Parsing Vulnerability HTML Sanitization Vulnerability in Microsoft Internet Explorer 8 and SharePoint Services 3.0 SP2 Local Privilege Escalation via Modified Connection.xml File in Blackboard Transact Suite Cleartext Storage of Database Credentials in Blackboard Transact Suite Bypassing Pop-up Blocker in Google Chrome Homographic URL Spoofing Vulnerability in Google Chrome Clipboard Copying Vulnerability in Google Chrome Denial of Service and Unspecified Impact Vulnerability in Google Chrome Unspecified vulnerability in Google Chrome allows remote attackers to enumerate installed extensions Denial of Service Vulnerability in Google Chrome WebSockets Implementation Use-after-free vulnerability in Google Chrome Notifications Presenter Denial of Service and Memory Corruption Vulnerability in Google Chrome Integer Handling Vulnerability in Google Chrome WebSockets Implementation Memory Corruption Vulnerability in Google Chrome and Webkitgtk Unrestricted Autocomplete Entries Vulnerability in Google Chrome Use-after-free vulnerability in WebKit allows remote code execution or denial of service via element focus Deserialization Vulnerability in Google Chrome Sandbox Implementation Same Origin Policy Bypass in WebKit XML Injection Vulnerability in Orbeon Forms XForms Service Directory Traversal Vulnerability in RSA Authentication Agent 7.0 before P2 for Web Arbitrary Script Injection via Crafted RSS Feed in Flock Browser 3.x Arbitrary Web Script Injection Vulnerability in phpMyAdmin Setup Script Sensitive Information Disclosure in Novell Identity Manager (IDM) 3.6.1 Engine Installer Multiple Cross-Site Scripting (XSS) Vulnerabilities in BugTracker.NET before 3.4.5 Multiple SQL Injection Vulnerabilities in BugTracker.NET Denial of Service Vulnerability in Intel Alert Handler Service Remote Code Execution Vulnerability in Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players Stack-based Buffer Overflow in Cisco WebEx Meeting Center T27LB and T27LC IBM WebSphere Application Server (WAS) 7.0.0.13 and earlier - Multiple CSRF Vulnerabilities in Administrative Console Arbitrary User Account Access via Security Questions Vulnerability in ZOHO ManageEngine ADSelfService Plus Arbitrary User Account Access via Password Reset Vulnerability in ZOHO ManageEngine ADSelfService Plus Cross-Site Scripting (XSS) Vulnerabilities in ZOHO ManageEngine ADSelfService Plus Employee Search Engine Arbitrary Code Execution via Crafted Width in AMV Files in VideoLAN VLC Media Player Arbitrary Code Execution Vulnerability in VideoLAN VLC Media Player via Crafted NSV File Width Unintended Interpretation of Web Script or HTML in VMware Workstation and Player Installers Default Configuration of CCAgent Allows Unauthorized Access to Alcatel-Lucent OmniTouch Contact Center Unauthenticated Remote Monitoring and Reconfiguration of Alcatel-Lucent OmniTouch Contact Center Standard Edition Stack-based Buffer Overflow in Alcatel-Lucent OmniVista 4760 Server: Remote Code Execution and Denial of Service Vulnerability Cleartext Logging of Directory Manager Password in 389 Directory Server Open Redirect Vulnerability in HP System Management Homepage (SMH) before 6.2 Allows Remote Attackers to Conduct Phishing Attacks Unspecified Remote Information Disclosure Vulnerability in HP System Management Homepage (SMH) Unspecified Denial of Service Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Arbitrary File Read Vulnerability in HP Systems Insight Manager (SIM) 6.0 and 6.1 Unspecified Remote Code Execution Vulnerability in HP ProCurve Access Points, Access Controllers, and Mobility Controllers CSRF Vulnerability in HP Systems Insight Manager (SIM) Allows Authentication Hijacking Arbitrary Web Script Injection Vulnerability in HP Systems Insight Manager (SIM) Privilege Escalation Vulnerability in HP Systems Insight Manager (SIM) Arbitrary Web Script Injection Vulnerability in HP AssetCenter and AssetManager Insecure File Downloads and Trusting in mailscanner 4.79.11-2 Vulnerability Local Users Can Disable Virus Signature Updates in MailScanner Arbitrary Web Script Injection Vulnerability in APC.php Information Disclosure Vulnerability in cxgb_extension_ioctl Function Kernel Stack Memory Disclosure Vulnerability Information Disclosure Vulnerability in Linux Kernel's hso_get_count Function Padding Oracle Vulnerability in Ruby on Rails 2.3 Encrypt/Decrypt Functions Vulnerability: Padding Oracle Attacks in OWASP ESAPI for Java up to version 2.0 RC2 Privilege Escalation via Out-of-Bounds Access in IA32 System Call Emulation Buffer Overflow in Openswan Client Allows Remote Code Execution or Denial of Service Multiple Cross-Site Scripting (XSS) Vulnerabilities in MantisBT before 1.2.3 Dovecot 1.2.x ACL Propagation Vulnerability CSRF Vulnerability in Pixelpost 1.7.3 Allows Remote Password Change Weborf Directory Traversal Vulnerability Multiple PHP Remote File Inclusion Vulnerabilities in Free Simple CMS 1.0 and Earlier Buffer Overflow in Openswan Client Allows Remote Code Execution or DoS Integer Signedness Errors in Linux Kernel's AF_ROSE Module Integer Overflow in libXft Allows Remote Code Execution Unconditional Display of Closed-Lock Icon in Epiphany 2.28 and 2.29 Allows HTTPS Spoofing Arbitrary Command Execution in EGroupware and EPL Arbitrary Web Script Injection in EGroupware Login Page Bypassing Access Restrictions in mod_dav_svn with SVNPathAuthz Short Circuit Unchecked System Calls in pam_xauth Module Allow Local File Read Vulnerability Arbitrary Web Script Injection Vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 Cleartext Password Transmission Vulnerability in IBM Records Manager (RM) 4.5.x Session Token Exposure in IBM Records Manager (RM) 4.5.x Open Redirect Vulnerability in IBM Records Manager (RM) 4.5.x RSA Authentication Client Local Key Extraction Vulnerability XML External Entity (XXE) Vulnerability in Splunk 4.0.0 - 4.1.4 Session Hijacking Vulnerability in Splunk 4.0.0 - 4.1.4 HTML Sanitization Bypass Vulnerability CSS Special Character Information Disclosure Vulnerability Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6 Anchor Element Information Disclosure Vulnerability Uninitialized Memory Corruption Vulnerability in CAttrArray::PrivateFind function in mshtml.dll Uninitialized Memory Corruption Vulnerability in mshtmled.dll Cross-Domain Information Disclosure Vulnerability in Microsoft Internet Explorer 6-8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6-8 ASP.NET Padding Oracle Vulnerability RTF Stack Buffer Overflow Vulnerability in Microsoft Office and Open XML File Format Converter Office Art Drawing Records Vulnerability Drawing Exception Handling Vulnerability in Microsoft Office MSO Large SPID Read AV Vulnerability Insecure Library Loading Vulnerability in Microsoft Office 2007 SP2 and 2010 Windows Task Scheduler Privilege Escalation Vulnerability HTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer 6 and 7 Cross-Domain Information Disclosure Vulnerability in Microsoft Internet Explorer 6, 7, and 8 HTML Object Memory Corruption Vulnerability in Microsoft Internet Explorer 6 HTML Element Memory Corruption Vulnerability in Microsoft Internet Explorer 8 HTML Element Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Cross-Domain Information Disclosure Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Privilege Escalation via Zero-Length Directory Name in Ardour 2.8.11 Local Privilege Escalation in bareFTP 0.3.4 via Zero-Length Directory Name in LD_LIBRARY_PATH Privilege Escalation via Zero-Length Directory Name in Bristol 0.60.5 Privilege Escalation via Zero-Length Directory Name in Cowbell 0.2.7.1 Privilege Escalation via Zero-Length Directory Name in Dropbox 0.7.110 Local Privilege Escalation Vulnerability in Ember 0.5.7 Local Privilege Escalation Vulnerability in gnome-subtitles 1.0 Privilege Escalation via Zero-Length Directory Name in HenPlus JDBC SQL-Shell 0.9.7 Local Privilege Escalation Vulnerability in gargoyle-free before 2009-08-25 Privilege Escalation via Zero-Length Directory Name in Hipo 0.6.1 Privilege Escalation Vulnerability in Shrew Soft IKE 2.1.5 Local Privilege Escalation Vulnerability in lastfm 1.5.4 Privilege Escalation via Zero-Length Directory Name in Roaraudio 0.3 Privilege Escalation via Trojan Horse Shared Library in VIPS 7.22.2 Zero-Length Directory Name Vulnerability in Mistelix 0.31 Zero-Length Directory Name Vulnerability in Mn_Fit 5.13 Local Privilege Escalation via Zero-Length Directory Name in mono-debugger Untrusted Search Path Vulnerability in NorduGrid Advanced Resource Connector (ARC) Allows Privilege Escalation Insecure Handling of Temporary Files in Paxtest Privilege Escalation via Zero-Length Directory Name in Qt Creator QTParted Insecure Library Loading Vulnerability Privilege Escalation via Trojan Horse Shared Library in ROOT 5.18/00 Privilege Escalation via Zero-Length Directory Name in SALOME 5.1.3 Scripts Privilege Escalation via Zero-Length Directory Name in Scilab 5.2.2 Privilege Escalation via LD_LIBRARY_PATH in SLURM init.d Scripts Privilege Escalation via Zero-Length Directory Name in Tangerine 0.3.2.2 Privilege Escalation via Zero-Length Directory Name in TAU 2.16.4 Local Privilege Escalation Vulnerability in TeamSpeak 2.0.32 Privilege Escalation via Zero-Length Directory Name in TORCS 1.3.1 Scripts Privilege Escalation via Zero-Length Directory Name in TuxGuitar 1.2 Privilege Escalation via Zero-Length Directory Name in LTTng UST 0.7 Privilege Escalation via Zero-Length Directory Name in VDR 1.6.0 Privilege Escalation via Trojan Horse Shared Library in OCF Resource Agents Privilege Escalation via Zero-Length Directory Name in magics-config Privilege Escalation via Zero-Length Directory Name in TeXmacs 1.0.7.4 Buffer Overflow in Kingsoft Antivirus 2010.04.26.648 and Earlier: Local Code Execution Vulnerability Untrusted Search Path Vulnerability in PGP Desktop Unspecified Vulnerability in IBM Lotus Sametime Connect 8.5.1 Webcontainer Implementation Vulnerability: Weak Seed Generation in js_InitRandom Function Insecure Random Number Generation in Mozilla Firefox and SeaMonkey Untrusted Search Path Vulnerability in IDM Computer Solutions UltraEdit Untrusted Search Path Vulnerability in Qualcomm eXtensible Diagnostic Monitor (QXDM) 03.09.19 Allows Arbitrary Code Execution and DLL Hijacking Multiple SQL Injection Vulnerabilities in eshtery CMS Buffer Overflow Vulnerability in sa_snap in IBM AIX and VIOS Unspecified Local Privilege Escalation Vulnerability in IBM AIX 5.3 Stack-based Buffer Overflow in IBM Lotus Domino Server Denial of Service Vulnerability in Google Chrome on Linux Unspecified Race Condition Vulnerability in Google Chrome Console Implementation Unspecified Denial of Service Vulnerability in Google Chrome Pop-up Blocking Denial of Service Vulnerability in Google Chrome on Mac OS X Memory Corruption Vulnerability in Google Chrome Geolocation Implementation Khmer Locale Memory Corruption Vulnerability in Google Chrome on Linux Unprompted Access to Extension History in Google Chrome Cross-Site Scripting (XSS) Vulnerabilities in NetArt Media Car Portal 2.0 and Earlier PHP Remote File Inclusion Vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 2.2.3 Arbitrary Script Injection Vulnerability in PowerStore 3.0 Products_Results.php Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ProductCart 3, 4.1 SP1, and possibly other versions SQL Injection Vulnerability in JGen Component 0.9.33 for Joomla! Yr Weatherdata Module SQL Injection Vulnerability Arbitrary Code Injection through XSS in IP.Board 3.1.2 Arbitrary Web Script Injection in SmarterStats 5.3 UserControls/Popups/frmHelp.aspx Arbitrary File Inclusion Vulnerability in JPhone Component for Joomla Open Classifieds 1.7.0.2 - Multiple Cross-Site Scripting (XSS) Vulnerabilities SQL Injection Vulnerability in Intermesh Group-Office 3.5.9: Remote Code Execution via category_id Parameter Arbitrary Code Execution via Crafted Flic File in libavcodec 0.6 and Earlier Incomplete Privilege-Dropping Implementation in Linux-PAM Modules Incomplete Fix for Privilege-Dropping Vulnerability in Linux-PAM Denial of Service Vulnerability in Linux Kernel SCTP Packet Configuration Insecure Script Execution in PostgreSQL Buffer Overflow in find_stream_bounds function in libclamav in ClamAV Privilege Escalation via Symlink Attack in Linux-PAM Modules Bypassing open_basedir Restrictions via Filename Length in PHP 5.3.x through 5.3.3 Integer Signedness Error in pkt_find_dev_from_minor Function in Linux Kernel Arbitrary IRC Command Execution via Carriage Return and Line Feed Vulnerability Alien-Arena 7.33 Server Crash Vulnerability via Invalid Download Parameters Arbitrary File Overwrite Vulnerability in Babiloo 2.0.9 Multiple Buffer Overflows in abcm2ps before 5.9.12: Remote Code Execution Vulnerabilities Integer overflows in snd_ctl_new function in Linux kernel Denial of Service via Multiple CTCP Requests in Quassel IRC Buffer Overflow in log2vis_utf8 function in GNU FriBidi 0.19.1 and 0.19.2 Stack Consumption Vulnerability in Wireshark BER Dissector Arbitrary Script Injection in Horde Gollem File Viewer Denial of Service Vulnerability in ThinkPad ACPI Driver CSRF Vulnerability in Redback and Apache Archiva/Continuum Arbitrary File Overwrite Vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 Out-of-Bounds Write Vulnerability in OpenOffice.org (OOo) WW8ListManager Function Off-by-one errors in WW8DopTypography::ReadFromMem function in OpenOffice.org AChecker 1.0 index.php Cross-Site Scripting (XSS) Vulnerability EnergyScripts (ES) Simple Download 1.0 - Directory Traversal Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 SQL Injection Vulnerability in Symphony CMS 2.0.7 and 2.1.1 Unspecified Cross-Site Scripting (XSS) Vulnerability in AXIGEN Mail Server before 7.4.2 Directory Traversal Vulnerability in AXIGEN Mail Server 7.4.1 for Windows SQL Injection Vulnerability in eNdonesia Publisher Module Arbitrary Web Script Injection in Mollify Registration Plugin Arbitrary Web Script Injection in SantaFox 2.02 CSRF Vulnerability in SantaFox 2.02 Allows Remote Authentication Hijacking Cross-Site Scripting (XSS) Vulnerabilities in XSE Shopping Cart 1.5.2.1 and 1.5.3.0 Arbitrary Code Injection via tmpl Parameter in NetArt Media iBoutique.MALL 1.2 Arbitrary SQL Command Execution in E-Xoopport Samsara 3.1 and Earlier Arbitrary File Read Vulnerability in Mura CMS and Sava CMS Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM FileNet P8 Application Engine (P8AE) Session Fixation Vulnerability in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.7-P8AE-FP007 Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM FileNet P8 Application Engine (P8AE) 3.5.1 Open Redirect Vulnerability in IBM FileNet P8 Application Engine (P8AE) 3.5.1: Remote Phishing Attack Vector Privilege Escalation in IBM DB2 9.7 before FP3 Privilege Bypass Vulnerability in IBM DB2 9.7 before FP3 Denial of Service Vulnerability in OTRS 2.3.x and 2.4.x Incomplete Fix for CVE-2010-2942 Allows Information Disclosure via tcf_act_police_dump Function SQL Injection Vulnerability in BoutikOne 1.0 list.php Allows Remote Code Execution Directory Traversal Vulnerability in ApPHP PHP MicroCMS 1.0.1 Allows Remote File Inclusion Multiple SQL Injection Vulnerabilities in ApPHP PHP MicroCMS 1.0.1 Login.php Multiple SQL Injection Vulnerabilities in Primitive CMS 1.0.9: Arbitrary SQL Command Execution via title and menutitle Parameters Unrestricted Access and Cross-Site Scripting (XSS) Vulnerability in Primitive CMS 1.0.9 SQL Injection Vulnerability in LightNEasy 3.2.1: Remote Code Execution via handle Parameter in common.php SQL Injection Vulnerability in LightNEasy 3.2.1 Directory Traversal Vulnerability in SmarterMail 7.1.3876 FileStorageUpload.ashx Directory Traversal Vulnerability in YelloSoft Pinky 1.0 for Windows QuickShare 1.0 Directory Traversal Vulnerability Arbitrary Web Script Injection Vulnerability in CMS Digital Workroom 5.5.0 Arbitrary File Creation Vulnerability in FreePBX System Recordings Component Remote Code Execution and Information Disclosure Vulnerability in TIBCO ActiveMatrix Components Denial of Service Vulnerability in Python's asyncore Module Race conditions in smtpd.py leading to denial of service vulnerability FTPHandler Class Race Condition Vulnerability ZEO/StorageServer.py Race Condition Denial of Service Vulnerability Remote Code Execution Vulnerability in McAfee VirusScan Enterprise 8.5i and 8.7i Vulnerability: Remote Code Execution via hcp:// URLs in Symantec Norton AntiVirus 2011 Remote Code Execution Vulnerability in AVG Anti-Virus via hcp:// URLs Remote Code Execution Vulnerability in F-Secure Anti-Virus Unspecified vulnerability in Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 Unspecified Remote Code Execution Vulnerability in Oracle Fusion Middleware OID Component Unspecified Confidentiality Vulnerability in Oracle Siebel Suite Unspecified Local Vulnerability in Oracle Solaris 10 and OpenSolaris Affecting Confidentiality and Integrity via su Unspecified Remote Integrity Vulnerability in Oracle E-Business Suite Unspecified vulnerability in Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 Unspecified Local Vulnerability in Oracle Explorer Component Unspecified Local Vulnerability in Oracle Solaris 8, 9, and 10 Related to Live Upgrade Unspecified vulnerability in Oracle Solaris 10 allows local users to compromise confidentiality and integrity via unknown vectors in Solaris Zones. Unspecified Remote Vulnerability in Oracle Solaris Scheduler Unspecified vulnerability in Oracle WebLogic Server component allows remote attackers to affect confidentiality, integrity, and availability via Node Manager. Unspecified Tooltalk-related vulnerability in Oracle OpenSolaris allows local users to compromise integrity and availability Unspecified vulnerability in Oracle iPlanet Web Server allows remote authenticated users to compromise confidentiality via DAV (WebDAV) Unspecified Device Driver Vulnerability in Oracle Solaris and OpenSolaris Unspecified Remote Integrity Vulnerability in Oracle iPlanet Web Server Unspecified Local Denial of Service Vulnerability in Solaris Component InfiniBand-related Unspecified Vulnerability in Oracle Solaris 10 and OpenSolaris Unspecified Local Vulnerability in Oracle Solaris 10 and OpenSolaris Affecting Availability (Kernel/X86) Unspecified Remote Vulnerability in PeopleSoft Enterprise HCM GP - Japan Component Unspecified Integrity Vulnerability in Oracle PeopleSoft and JDEdwards Suite Unspecified vulnerability in PeopleSoft Enterprise HCM - GP France component in Oracle PeopleSoft and JDEdwards Suite 8.81 SP1 Bundle #12, 8.9 GP Update 2010-E, 9.0 GP Update 2010-E, and 9.1 GP Update 2010-E Unspecified Remote Vulnerability in PeopleSoft Enterprise HCM ePay Component Unspecified Confidentiality Vulnerability in Oracle PeopleSoft and JDEdwards Suite Unspecified Remote Integrity Vulnerability in Oracle PeopleSoft and JDEdwards Suite Unspecified vulnerability in PeopleSoft Enterprise SCM - Strategic Sourcing component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 Unspecified Remote Vulnerability in Oracle PeopleSoft and JDEdwards Suite Components Unspecified vulnerability in PeopleSoft Enterprise SCM - PO component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 Unspecified Remote Vulnerability in PeopleSoft Enterprise FMS - AM Component Unspecified Confidentiality Vulnerability in PeopleSoft Enterprise CRM - Common Components Unspecified vulnerability in PeopleSoft Enterprise FMS - Cash Management component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise HCM - HR Component Unspecified vulnerability in PeopleSoft Enterprise FMS ESA - RM component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 Unspecified vulnerability in PeopleSoft Enterprise CRM - Order Capture component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #28 and 9.1 Bundle #4 Unspecified vulnerability in PeopleSoft Enterprise SCM OM and CRM Order Capture component Unspecified Local Vulnerability in Primavera P6 Enterprise Project Portfolio Management Unspecified vulnerability in Oracle Sun Products Suite Directory Server Enterprise Edition component Unspecified Remote Vulnerability in PeopleSoft Enterprise SCM Component Unspecified vulnerability in PeopleSoft Enterprise FMS - AM component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 Unspecified vulnerability in PeopleSoft Enterprise FMS - GL component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 Unspecified vulnerability in PeopleSoft Enterprise FMS - GL component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 ZFS Vulnerability in Oracle Solaris 10 and OpenSolaris Allows Local Users to Affect Availability Unspecified vulnerability in Oracle Java SE and Java for Business allows remote attackers to bypass security policy USB Vulnerability in Oracle Solaris and OpenSolaris Unspecified Remote Code Execution Vulnerability in Oracle iPlanet Web Server Unspecified Remote Code Execution Vulnerability in Oracle iPlanet Web Server Unspecified Remote Code Execution Vulnerability in Sun Java System Identity Manager Unspecified vulnerability in PeopleSoft FMS ESA - EX component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #38, 9.0 Bundle #31, and 9.1 Bundle #6 Unspecified vulnerability in Java Naming and Directory Interface (JNDI) component allows remote attackers to affect confidentiality Unspecified vulnerability in Oracle Java SE and Java for Business Networking Component Unspecified vulnerability in Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 Unspecified Remote Confidentiality Vulnerability in Oracle Java SE and Java for Business Unspecified Remote Code Execution Vulnerability in Oracle Java SE and Java for Business 6 Update 21 Unspecified vulnerability in Swing component in Oracle Java SE and Java for Business Unspecified vulnerability in CORBA component in Oracle Java SE and Java for Business Unspecified vulnerability in Oracle Java SE and Java for Business 6 Update 21 allows remote code execution Unspecified vulnerability in Oracle Java SE and Java for Business allows remote attackers to affect confidentiality, integrity, and availability Unspecified Remote Code Execution Vulnerability in Oracle Java SE Swing Component Unspecified vulnerability in Java Web Start component allows remote attackers to affect confidentiality, integrity, and availability Buffer overflow vulnerability in Oracle Java SE and Java for Business allows remote attackers to execute arbitrary code via a crafted BANK record in the Sound component. Unspecified Remote Confidentiality Vulnerability in Oracle Java SE and Java for Business 6 Update 21 Unspecified vulnerability in CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 Unspecified vulnerability in Oracle Java SE and Java for Business allows remote attackers to cause denial of service and possibly execute arbitrary code Unspecified vulnerability in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to bypass sandbox restrictions and affect confidentiality, integrity, and availability. Unspecified Remote Code Execution Vulnerability in Oracle Communications Messaging Server Unspecified vulnerability in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 Unspecified vulnerability in Oracle Java SE and Java for Business allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors Unspecified vulnerability in Oracle Java SE and Java for Business 6 and 5.0 allows remote attackers to affect confidentiality, integrity, and availability Unspecified Remote Code Execution Vulnerability in Java Runtime Environment Unspecified Remote Code Execution Vulnerability in Java Runtime Environment Unspecified Remote Code Execution Vulnerability in Oracle Java SE and Java for Business 6 Update 21 Integer overflow vulnerability in the color profile parser in Oracle Java SE and Java for Business allows remote attackers to execute arbitrary code via a crafted Tag structure in a color profile. Unspecified vulnerability in Oracle Java SE Sound Component Unspecified vulnerability in Oracle Java SE and Java for Business allows remote attackers to bypass security policy Unspecified vulnerability in Oracle Java SE and Java for Business allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Unspecified Remote Code Execution Vulnerability in Oracle Communications Messaging Server Local Privilege Escalation Vulnerability in Oracle Solaris and OpenSolaris SCSI Enclosure Services Device Driver Remote Code Execution Vulnerability in Oracle OpenSolaris Kernel/CIFS Unspecified vulnerability in Oracle OpenSolaris Depot Server affects confidentiality, integrity, and availability Unspecified Remote Code Execution Vulnerability in Sun Convergence and Sun Java Communications Suite Unspecified Local Vulnerability in Oracle OpenSolaris Affecting Kernel/File System Availability Unspecified Remote Integrity Vulnerability in Oracle Fusion Middleware BPEL Console Unspecified vulnerability in OracleVM component in Oracle VM 2.2.1 Unspecified vulnerability in OracleVM component in Oracle VM 2.2.1 Unspecified vulnerability in Oracle VM component allows local users to compromise system security Unspecified vulnerability in OracleVM component in Oracle VM 2.2.1 Unspecified Local Vulnerability in Oracle Solaris 9 Related to XScreenSaver Unspecified Remote Integrity Vulnerability in Oracle Common Applications Unspecified vulnerability in Oracle Discoverer component allows remote authenticated users to affect confidentiality and integrity Unspecified vulnerability in Oracle Application Object Library component in Oracle Applications Unspecified vulnerability in Oracle Spatial component allows remote authenticated users to affect confidentiality and integrity Unspecified vulnerability in Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 Unspecified Remote Code Execution Vulnerability in Oracle Document Capture Component Unspecified vulnerability in Oracle Argus Safety component in Oracle Industry Applications 5.0-5.0.3 allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Real User Experience Insight component in Oracle Enterprise Manager Grid Control 6.0 Unspecified vulnerability in Oracle Document Capture component in Oracle Fusion Middleware 10.1.3.4 and 10.1.3.5 Unspecified Remote Vulnerability in Oracle Secure Backup 10.3.0.2 Unspecified Local User Availability Vulnerability in Oracle Outside In Technology Component Unspecified Remote Code Execution Vulnerability in Oracle Document Capture Component Unspecified Remote Code Execution Vulnerability in Oracle Document Capture Component Unspecified vulnerability in Oracle Database Server and Enterprise Manager Grid Control allows remote code execution SQL Injection Vulnerability in ibPhotohost 1.1.2: Remote Code Execution via img Parameter Arbitrary Script Injection in ProfileView.aspx of mojoPortal 2.3.4.3 and 2.3.5.1 CSRF Vulnerability in mojoPortal File Manager Service Allows Remote File Renaming and Authentication Hijacking Arbitrary SQL Command Execution in powermail Extension 1.5.3 and Earlier for TYPO3 Arbitrary Web Script Injection Vulnerability in TYPO3 Powermail Extension Directory Traversal Vulnerabilities in NetArt MEDIA Real Estate Portal 2.0 NetArt MEDIA Real Estate Portal 2.0 - Cross-Site Scripting (XSS) Vulnerability in AGENTS/index.php Multiple SQL Injection Vulnerabilities in wpQuiz 2.7 Denial of Service Vulnerability in OpenSLP Extension Parser Denial of Service Vulnerability in ISC DHCP Server Denial of Service Vulnerability in ISC BIND 9.6.2 and 9.7.x DNSSEC Rollover Vulnerability in ISC BIND 9.x ISC BIND 9.7.2-P2 ACL Bypass Vulnerability Denial of Service Vulnerability in ISC DHCP Server 4.2 Unsigned Data Injection Vulnerability in PGP Desktop 10.0.x and 10.1.0 Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat on Mac OS X Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat on Mac OS X Prefix Protocol Handler Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Unspecified Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Unspecified vulnerability in Adobe Reader and Acrobat 9.x and 8.x on Windows and Mac OS X Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat on Mac OS X Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Memory Leak Vulnerability in Adobe Flash Media Server (FMS) 3.0.x, 3.5.x, and 4.0.x Unspecified Denial of Service Vulnerability in Adobe Flash Media Server (FMS) Arbitrary Code Execution Vulnerability in Adobe Flash Media Server (FMS) Cross-Domain Policy File Parsing Vulnerability in Adobe Flash Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player Unspecified Information Disclosure Vulnerability in Adobe Flash Player on Mac OS X with Safari Unspecified vulnerability in Adobe Flash Player allowing denial of service or arbitrary code execution Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Arbitrary Code Execution Vulnerability in Adobe Flash Player Remote Code Execution Vulnerability in Adobe Shockwave Player Adobe Flash Player and Adobe Reader/Acrobat SWF Content Remote Code Execution Vulnerability Stack-based Buffer Overflow in Adobe Shockwave Player Unspecified Denial of Service Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Unspecified Denial of Service Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat 9.x and 8.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in TYPO3 CMS 4.x.x TYPO3 Backend XSS Vulnerability Open Redirection Vulnerability in TYPO3 Backend SQL Injection Vulnerability in TYPO3 Backend Insecure Default Value of fileDenyPattern in TYPO3 Allows Remote Code Execution Information Disclosure Vulnerability in TYPO3 Backend Cross-Site Scripting (XSS) Vulnerability in TYPO3 Extension Manager Insecure Randomness in TYPO3 Uniqid Function Spam Abuse Vulnerability in TYPO3 Native Form Content Element Header Injection Vulnerability in TYPO3 Secure Download Feature XSS and Open Redirection Vulnerability in TYPO3 Frontend Login Box Insecure Randomness Vulnerability in TYPO3 Forgot Password Function Session Fixation Vulnerability in TYPO3 XSS Vulnerability in TYPO3 Extbase Extension Textarea View Helper Information Disclosure in TYPO3 HTML Mailing API XSS Vulnerability in TYPO3 Frontend Search Box Denial of Service Vulnerability in MySQL 5.1.49 Denial of Service Vulnerability in Oracle MySQL 5.1 and 5.0 Denial of Service Vulnerability in Oracle MySQL 5.1 before 5.1.49 Denial of Service Vulnerability in Oracle MySQL 5.1 before 5.1.49 Denial of Service Vulnerability in Oracle MySQL 5.1 before 5.1.49 Denial of Service Vulnerability in Oracle MySQL 5.1 and 5.5 MySQL Remote Code Execution Vulnerability Denial of Service Vulnerability in Oracle MySQL 5.1 and 5.5 FTP Authentication Module Password Logging Vulnerability OpenID Module Authentication Bypass Vulnerability OpenID Authentication Bypass Vulnerability in Drupal Arbitrary Value Injection Vulnerability in powermail Extension for TYPO3 NetArtMEDIA WebSiteAdmin Directory Traversal Vulnerability in ADMIN/login.php Privilege Escalation via Zero-Length Directory Name in OpenOffice.org (OOo) 3.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpCAS before 1.1.3 with Proxy Mode Enabled Arbitrary File Overwrite Vulnerability in phpCAS Proxy Mode Arbitrary File Creation Vulnerability in phpCAS Proxy Mode Arbitrary Web Script Injection in Horde Dynamic IMP and Horde Groupware Webmail Edition CSRF Vulnerability in Horde Application Framework Allows Authentication Hijacking Arbitrary Script Injection in Horde IMP and Horde Groupware Webmail Edition Denial of Service Vulnerability in FreeRADIUS 2.1.9 Denial of Service Vulnerability in FreeRADIUS 2.1.x Improper Segment Register Reload Vulnerability in Linux Kernel's KVM Implementation Denial of Service Vulnerability in Xen 3.x Backend Driver Bypassing Security Constraints via Path Parameter in VMware SpringSource Spring Security and Acegi Security Denial of Service Vulnerability in Red Hat Enterprise MRG Uninitialized Pointer Dereference Vulnerability in Gfx::getPos Function Uninitialized Pointer Dereference Vulnerability in Poppler PDF Parser Memory Corruption Vulnerability in PDF Parser Memory Corruption and Panic Vulnerability in Linux Kernel SCTP Authentication Dovecot ACL Bypass Vulnerability Dovecot ACL Bypass Vulnerability Arbitrary Code Execution via Crafted Static Initializer in JBoss Drools Denial of Service Vulnerability in PHP ZipArchive::getArchiveComment Function Stack Consumption Vulnerability in PHP's filter_var Function Denial of Service Vulnerability in libpurple in Pidgin before 2.7.4 Arbitrary Script Injection in Joomla! 1.5.x and 1.6.x Bypassing Access Restrictions in UseBB Forum RSS Feeds Arbitrary File Read Vulnerability in TYPO3's jumpUrl Implementation Multiple Cross-Site Scripting (XSS) Vulnerabilities in TYPO3 Versions 4.2.x, 4.3.x, and 4.4.x Privilege Escalation via Crafted POST Request in TYPO3 4.2.x and 4.3.x Denial of Service Vulnerability in TYPO3's t3lib_div::validEmail Function Directory Traversal Vulnerability in Apache Tomcat Eval Injection Vulnerability in Symantec IM Manager Administrative Interface Buffer Management Vulnerability in Google Chrome's SPDY Protocol Implementation Property Pollution Vulnerability in Google Chrome Remote Code Execution via Stack-based Buffer Overflow in IBM DB2 Administration Server (DAS) Denial of Service Vulnerability in IBM DB2 UDB 9.5 World-writable permissions on sqllib/cfg/db2sprf file in IBM DB2 UDB 9.5 before FP6a allow local privilege escalation Unintended Password Length Limit in IBM DB2 UDB 9.5 Allows Brute-Force Attacks Denial of Service Vulnerability in IBM DB2 UDB 9.5 Memory Leak in IBM DB2 UDB 9.5: Denial of Service via Connection Concentrator Memory Leak in IBM DB2 UDB 9.5 Allows Remote Authenticated Users to Cause Denial of Service Insecure Logging of AUDIT Events in IBM DB2 UDB 9.5 Improper Audit Configuration in IBM DB2 UDB 9.5 Allows Remote Connection without Discovery Denial of Service Vulnerability in IBM DB2 UDB 9.5 Weak Encryption in RIM BlackBerry Desktop Software's Offline Backup Mechanism Multiple PHP Remote File Inclusion Vulnerabilities in Free Simple CMS 1.0 Visual Synapse HTTP Server Directory Traversal Vulnerability Uninitialized Pointer Dereference Vulnerability in RealPlayer Unspecified Impact Stack-Based Buffer Overflow in RealPlayer Components Parameter Injection Vulnerability in RealPlayer Browser Plugin Arbitrary Code Execution Vulnerability in RealPlayer 11.0-11.1, RealPlayer SP 1.0-1.1.4, and RealPlayer Enterprise 2.1.2 Heap-based Buffer Overflow Vulnerabilities in RealPlayer ActiveX Control Arbitrary Command Execution in Openswan Client (CVE-2010-3302) Arbitrary Command Execution in Openswan Client via Shell Metacharacters in cisco_banner Field Arbitrary Code Execution Vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Remote Denial of Service Vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Server Unvalidated Length Value Vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Server Format string vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Server allows remote code execution Multiple stack-based buffer overflows in IBM Tivoli Storage Manager (TSM) FastBack Server Arbitrary Code Execution Vulnerability in FastBackMount.exe Denial of Service Vulnerability in FastBackMount.exe in IBM Tivoli Storage Manager (TSM) FastBack Unspecified Remote Code Execution Vulnerability in IBM Tivoli Storage Manager (TSM) FastBack Denial of Service Vulnerability in ISC BIND DNSSEC Validation Arbitrary Script Injection in MantisBT Summary Field (CVE-2010-3303) Predictable Graph File Names Vulnerability in Bugzilla Arbitrary Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Remote Code Execution Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Code Execution via Integer Overflow in NewIdArray Function Arbitrary Code Execution via @font-face CSS Rules in Mozilla Firefox, Thunderbird, and SeaMonkey Buffer Over-read Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Cross-Site Scripting (XSS) Vulnerabilities in Mozilla Firefox and SeaMonkey Arbitrary JavaScript Code Execution via ISINDEX Injection in Mozilla Firefox and SeaMonkey Arbitrary Code Execution via XUL Tree Index Calculation Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary JavaScript Execution via Firebug XMLHttpRequestSpy Module Location Bar Spoofing Vulnerability Improper Handling of Redirections in Mozilla Firefox and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox and Thunderbird Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Dovecot Mailbox ACL Bypass Vulnerability Dovecot 1.2.x Denial of Service Vulnerability Insecure Script Execution in PL/php Add-on for PostgreSQL Unconfirmed Account Login Vulnerability in obs-server before 1.7.7 Password Replication Vulnerability in Apple Mac OS X 10.5.8 and 10.6.x Denial of Service Vulnerability in PMPageFormatCreateWithDataRepresentation API in Apple Mac OS X 10.5.8 and 10.6.x Buffer Overflow Vulnerability in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x Arbitrary Code Execution and Denial of Service Vulnerability in QuickLook on Apple Mac OS X 10.6.x before 10.6.5 Heap-based Buffer Overflow in QuickTime: Remote Code Execution and Denial of Service Vulnerability Uninitialized Memory Access Vulnerability in QuickTime for Mac OS X 10.6.x Memory Corruption Vulnerability in QuickTime for Mac OS X 10.6.x Buffer Overflow Vulnerability in QuickTime for Mac OS X 10.6.x Buffer Overflow Vulnerability in QuickTime for Mac OS X 10.6.x before 10.6.5 Integer Signedness Error in QuickTime: Arbitrary Code Execution and Denial of Service Vulnerability Memory Corruption Vulnerability in QuickTime for Mac OS X 10.6.x Uninitialized Memory Access Vulnerability in QuickTime for Mac OS X 10.6.x Uninitialized Memory Access Vulnerability in QuickTime for Mac OS X 10.6.x Safari RSS Java Applet DOM Modification Vulnerability Cross-Site Scripting (XSS) Vulnerability in Apple Mac OS X Wiki Server Heap-based Buffer Overflow in xar in Apple Mac OS X 10.6.x before 10.6.5 Arbitrary Code Execution and Denial of Service Vulnerability in Apple QuickTime Remote Code Execution and Denial of Service Vulnerability in Apple QuickTime Integer Signedness Error in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability Integer Overflow Vulnerability in Apple Safari WebKit Weak Random Number Generation in Apple Safari Integer Underflow Vulnerability in WebKit Allows Remote Code Execution or Denial of Service Arbitrary Code Execution and Denial of Service Vulnerability in Apple Safari Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Cross-Origin URL Spoofing and History Manipulation Vulnerability in Apple Safari Use-after-free vulnerability in WebKit allows remote code execution in Apple Safari Integer Overflow in Text::wholeText Method in WebKit DNS Prefetching Bypass Vulnerability in WebKit Heap-based Buffer Overflow in FreeType 2.4.3 and Earlier: Remote Code Execution and Denial of Service Vulnerability WebKit Use-After-Free Vulnerability in Apple Safari Allows Remote Code Execution Arbitrary Code Execution and Denial of Service Vulnerability in WebKit WebKit Use-After-Free Vulnerability in Apple Safari Allows Remote Code Execution Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Uninitialized Memory Access Vulnerability in Apple Safari Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Uninitialized Pointer Vulnerability in WebKit Use-after-free vulnerability in WebKit allows remote code execution or denial of service in Apple Safari Use-after-free vulnerability in WebKit allows remote code execution and denial of service in Apple Safari Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Signature Validation Bypass in Apple iOS Configuration Installation Utility iAd Content Display Vulnerability: Remote Call Exploitation via Crafted URL Remote Image Loading Bypass Vulnerability in Apple iOS WebKit Privilege Escalation Vulnerability in Apple iOS Networking Unencrypted Connection Vulnerability in Apple iOS Allows Password Spoofing Heap-based Buffer Overflow in GSM Mobility Management Implementation in Apple iOS Type Error Propagation Vulnerability in MySQL 5.0, 5.1, and 5.5 Denial of Service Vulnerability in MySQL 5.0, 5.1, and 5.5 MySQL Remote Denial of Service Vulnerability Denial of Service Vulnerability in MySQL 5.0, 5.1, and 5.5 Use-after-free vulnerability in MySQL 5.0, 5.1, and 5.5 with GROUP_CONCAT and WITH ROLLUP modifier. Denial of Service Vulnerability in MySQL 5.0, 5.1, and 5.5 Denial of Service Vulnerability in MySQL 5.1 and 5.5 Denial of Service Vulnerability in MySQL 5.1 Cross-Site Scripting (XSS) Vulnerabilities in TWiki before 5.0.1 Absolute Path Traversal Vulnerability in Curl 7.20.0 through 7.21.1 with --remote-header-name or -J Option Stack Buffer Overflow in GTK Version of Ettercap Stack Buffer Overflow in Ettercap's Unchecked sscanf() Call Plaintext Storage of Usernames and Passwords in libapache-authenhook-perl 2.00-04 Heap-based Buffer Overflow in CVS 1.11.23's apply_rcs_change Function Privilege Escalation via LD_AUDIT Environment Variable in glibc Stack-based Buffer Overflow in econet_sendmsg Function in Linux Kernel NULL pointer dereference vulnerability in econet_sendmsg function in Linux kernel before 2.6.36.2 Vulnerability: Lack of CAP_NET_ADMIN requirement in ec_dev_ioctl function Local File Disclosure Vulnerability in libguestfs Insecure Default Configuration in Luci 0.22.4 and Earlier Allows Bypass of Authentication Privilege Escalation via pam_namespace in Linux-PAM Cross-Site Scripting (XSS) Vulnerabilities in Apache CouchDB Web Administration Interface Buffer Overflow in ft_var_readpackedpoints Function in FreeType 2.4.3 and Earlier Privilege Escalation via Unsafe DSO in LD_AUDIT Environment Variable in glibc XSS Vulnerability in JBoss BRMS before 5.1.0 via asset=UUID Parameter Denial of Service Vulnerability in Linux Kernel's setup_arg_pages Function Heap-based Buffer Overflow in TIPC Implementation Allows Privilege Escalation Information Disclosure Vulnerability in IcedTea Heap memory initialization vulnerability in ethtool_get_rxnfc function in Linux kernel before 2.6.36 Denial of Service vulnerability in JBoss Remoting 2.2.x and 2.5.x Improper URI Path Comparison in Apache Shiro and JSecurity Multiple Race Conditions in OpenSSL TLS Server Integer Overflow in rds_rdma_pages Function in Linux Kernel Allows for Denial of Service and Arbitrary Code Execution Directory Traversal Vulnerabilities in ProFTPD Mod_site_misc Module Unauthenticated Decryption Requests in Red Hat and Dogtag Certificate Systems Arbitrary Certificate Generation Vulnerability in Red Hat Certificate System and Dogtag Certificate System Vulnerability: Improper Handling of Non-Shortest Form UTF-8 Encoding in PHP Arbitrary Web Script Injection Vulnerability in Mahara before 1.3.3 Stack-based Buffer Overflow in mod_fcgid module of httpd X.25 Implementation Heap Memory Corruption Vulnerability Heap-based Buffer Overflow in bcm_connect Function in Linux Kernel Uninitialized Structure Vulnerability in ax25_getname Function Information Disclosure Vulnerability in Linux Kernel Uninitialized Structure Vulnerability in get_name Function CSRF Vulnerability in JMX Console of Red Hat JBoss EAP 4.3 before 4.3.0.CP09 Arbitrary Pathname Symlink Attack in FUSE Filesystems Denial of Service Vulnerability in Linux Kernel's INET_DIAG bytecode auditing Uninitialized Structure Members Vulnerability in Linux Kernel Multiple Cross-Site Scripting (XSS) Vulnerabilities in CMS Made Simple 1.7.1 and Earlier CSRF Vulnerability in CMS Made Simple Change Group Permissions Module CSRF Vulnerability in CMS Made Simple 1.8.1 and Earlier Allows Password Reset Hijacking Heap Memory Address Disclosure Vulnerability in Microsoft mshtml.dll Bypassing Parental Controls: Limit Mail Whitelist Vulnerability Stuxnet Worm Exploits Unspecified Privilege Escalation Vulnerability in Microsoft Windows Stuxnet Worm Exploits Unspecified Privilege Escalation Vulnerability in Microsoft Windows Arbitrary Script Injection in IBM OmniFind Enterprise Edition Administration Interface CSRF Vulnerability in IBM OmniFind Enterprise Edition Allows Unauthorized User Addition Session Fixation Vulnerability in IBM OmniFind Enterprise Edition 8.x and 9.x Login Form Session Impersonation Vulnerability in IBM OmniFind Enterprise Edition 8.x and 9.x Stack-based Buffer Overflow in IBM OmniFind Enterprise Edition Login Form Privilege Escalation via Arbitrary Command Execution in IBM OmniFind Enterprise Edition Unauthenticated Remote Modification of Server Configuration in IBM OmniFind Enterprise Edition 8.x and 9.x Sensitive Information Disclosure in ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x and 9.x Improper Restriction of Cookie Path in IBM OmniFind Enterprise Edition 8.x and 9.x Unlimited Recursion Depth Denial of Service Vulnerability in IBM OmniFind Enterprise Edition 8.x and 9.x Unverified X.509 Certificate Vulnerability in Midori X.509 Certificate Validation Vulnerability in OpenConnect Sensitive Information Disclosure in OpenConnect Debugging Output Denial of Service Vulnerability in OpenConnect before 2.23 via 404 HTTP Status Code Privilege Escalation via RDS Protocol Implementation in Linux Kernel Unauthenticated Password Reset Vulnerability in Eucalyptus 2.0.0 and 2.0.1 Arbitrary Web Script Injection in Gitweb 1.7.3.3 and Earlier Real Media File Integer Overflow Vulnerability Remote Code Execution via Malformed WMV File in FFmpeg Arbitrary Code Execution via Incomplete Blacklist Vulnerability in vtiger CRM Directory Traversal Vulnerabilities in vtiger CRM before 5.2.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in vtiger CRM before 5.2.1 Supportconfig Script in SUSE Linux Enterprise: Password Disguise Vulnerability CRLF Injection Vulnerability in TransWARE Active! Mail 6 Build 6.40.010047750 and Earlier Untrusted Search Path Vulnerability in GVim Allows Arbitrary Code Execution and DLL Hijacking Remote Code Execution Vulnerability in JustSystems Ichitaro and Ichitaro Government Remote Code Execution Vulnerability in JustSystems Ichitaro and Ichitaro Government XML Document Information Disclosure Vulnerability in Google Chrome Clipboard Interaction Vulnerability in Fenrir Sleipnir 2.9.6 and Earlier Clipboard Interaction Vulnerability in Fenrir Grani 4.5 and Earlier Weak Permissions in Seiko Epson Printer Driver Installers Allow Arbitrary File Manipulation Arbitrary Web Script Injection Vulnerability in Movable Type 4.x and 5.x Arbitrary SQL Command Execution Vulnerability in Movable Type 4.x and 5.x Untrusted Search Path Vulnerability in AttacheCase 2.70: Privilege Escalation via Trojan Horse Executable SQL Injection Vulnerability in Aimluck Aipo before 5.1.0.1: Remote Code Execution Improper Password Handling in Contents-Mall before Version 15 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Shop.cgi in SGX-SP Final before 11.00 and SGX-SP Final NE before 11.00 Lunascape Untrusted Search Path Privilege Escalation Vulnerability Escape Sequence Injection Vulnerability in Ruby Version Manager (RVM) SQL Injection Vulnerability in MODx Evolution 1.0.4 and Earlier: Remote Code Execution via AjaxSearch Arbitrary File Read Vulnerability in MODx Evolution 1.0.4 and Earlier Multiple Cross-site scripting (XSS) vulnerabilities in Rocomotion products Arbitrary Record Modification via Parameter Name Change in Ruby on Rails 2.3.9 and 3.0.0 Cross-Domain JavaScript Execution Vulnerability in BlackBerry Device Software 5.0.0.593 Arbitrary Web Script Injection in Signurl.asp Vulnerability Exchange Server Infinite Loop Vulnerability Win32k Buffer Overflow Vulnerability Win32k PFE Pointer Double Free Vulnerability Win32k Double Free Privilege Escalation Vulnerability Win32k Memory Allocation Vulnerability Win32k Cursor Linking Vulnerability Win32k Memory Corruption Vulnerability CGM Image Converter Buffer Overrun Vulnerability PICT Image Converter Integer Overflow Vulnerability Microsoft Office TIFF Image Converter Heap Overflow Vulnerability Microsoft Office XP SP3 and Office Converter Pack TIFF Image Converter Buffer Overflow Vulnerability TIFF Image Converter Memory Corruption Vulnerability FlashPix Image Converter Buffer Overflow Vulnerability FlashPix Image Converter Heap Corruption Vulnerability Microsoft Publisher Memory Corruption Vulnerability Array Indexing Memory Corruption Vulnerability in pubconv.dll OpenType Font Index Vulnerability OpenType Font Double Free Vulnerability .NET Framework Stack Corruption Vulnerability OpenType CMAP Table Privilege Escalation Vulnerability Hyper-V VMBus Denial of Service Vulnerability Consent UI Impersonation Vulnerability Invalid Flag Reference Use-After-Free Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Kernel NDProxy Buffer Overflow Vulnerability Document Conversions Launcher Service Unrestricted File Upload Vulnerability Insecure Library Loading Vulnerability in Windows Media Encoder 9 BranchCache Insecure Library Loading Vulnerability Insecure Library Loading Vulnerability in Microsoft Windows Movie Maker (WMM) 2.6 Windows Shell Graphics Processing Overrun Vulnerability CSS Memory Corruption Vulnerability IIS FTP Service Heap Buffer Overrun Vulnerability Microsoft WMITools ActiveX Control Remote Code Execution Vulnerability Fax Cover Page Editor Memory Corruption Vulnerability Adobe Flash Player 9 Untrusted Search Path Vulnerability Untrusted Search Path Vulnerability in Adobe Flash Player Arbitrary Web Script Injection in cforms WordPress Plugin 11.5 JSON Hijacking Vulnerability in Spree eCommerce Platform Username Enumeration Vulnerability in SAP BusinessObjects Enterprise XI 3.2 Denial of Service Vulnerability in SAP BusinessObjects Enterprise XI 3.2 Arbitrary Web Script Injection Vulnerability in SAP BusinessObjects Enterprise XI 3.2 SAP BusinessObjects Enterprise XI 3.2 Internal Port Scanning Vulnerability Privilege Escalation in CmcApp of SAP BusinessObjects Enterprise XI 3.2 Remote Code Execution Vulnerability in CA XOsoft and CA ARCserve HP Operations Orchestration XSS Vulnerability in Internet Explorer 6.0 Arbitrary File Read Vulnerability in HP Virtual Connect Enterprise Manager (VCEM) 6.0 and 6.1 Arbitrary Code Injection through HP Insight Control Virtual Machine Management Unspecified Remote Access Restriction Bypass Vulnerability in HP Insight Control Virtual Machine Management CSRF Vulnerability in HP Insight Control Virtual Machine Management Arbitrary File Read Vulnerability in HP Virtual Server Environment before 6.2 HP Insight Control Server Migration before 6.2 Cross-Site Scripting (XSS) Vulnerability Unspecified Privilege Escalation Vulnerability in HP Insight Control Server Migration Unspecified Remote Information Disclosure and Data Modification Vulnerability in HP Insight Control Server Migration Arbitrary Web Script Injection Vulnerability in HP Version Control Repository Manager (VCRM) Privilege Escalation via Zero-Length Directory Name in Festival Server Privilege Escalation Vulnerability in Banshee 1.8.0 and Earlier Privilege Escalation via Trojan Horse Shared Library in GnuCash 2.3.15 and Earlier Privilege Escalation via LD_LIBRARY_PATH Vulnerability in GNOME Shell 2.31.5 Privilege Escalation via GMXRC.bash in Gromacs 4.5.1 and earlier Privilege Escalation via LD_LIBRARY_PATH Vulnerability in GNOME Tomboy SQL Injection Vulnerabilities in WSN Links 5.0.x, 5.1.x, and 6.0.x via search.php Insecure View State Encryption in Oracle Mojarra Memory Read Vulnerability in libxml2 Integer Overflow in Apple QuickTime Allows Remote Code Execution or Denial of Service Arbitrary Code Execution via Crafted CFF Font in Apple Type Services (ATS) Memory Aliasing Vulnerability in Dovecot on Apple Mac OS X 10.6.5 10H574 Passcode Bypass Vulnerability in Apple iOS 4.0 through 4.1 for iPhone 3G and later Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 Buffer Overflow in PostgreSQL Intarray Array Module Vulnerability: Insecure Key Derivation in MIT Kerberos 5 (krb5) 1.8.x through 1.8.3 KrbFastReq Forgery Issue in MIT Kerberos 5 (krb5) 1.7 Denial of Service Vulnerability in MIT krb5 KDC Database Propagation Daemon Arbitrary Web Script Injection Vulnerability in HP Insight Control Power Management CSRF Vulnerability in HP Insight Control Power Management Arbitrary Code Execution Vulnerability in HP Palm webOS 1.4.1 Doc Viewer Privilege Escalation Vulnerability in HP Palm webOS 1.4.1 Service API Local File Overwrite Vulnerability in HP Palm webOS 1.4.1 Camera Application Unspecified Remote Code Execution Vulnerability in LoadRunner Web Tours 9.10 Unspecified LDAP Authentication Vulnerability in HP Storage Essentials Arbitrary Code Injection through XSS in HP Insight Control Performance Management Unspecified Privilege Escalation Vulnerability in HP Insight Control Performance Management CSRF Vulnerability in HP Insight Control Performance Management Profile Spamming Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Autofill Vulnerability in Google Chrome before 7.0.517.41 URL Spoofing Vulnerability in Google Chrome Bypassing Pop-up Blocker in Google Chrome Web Sockets Denial of Service Vulnerability in Google Chrome Unspecified Impact and Attack Vectors in Google Chrome on Linux Denial of Service and Memory Corruption Vulnerability in Google Chrome Inadequate Confinement of Worker Processes in Google Chrome on Linux Denial of Service and Remote Code Execution Vulnerability in Google Chrome CSS Injection Vulnerability in Opera before 10.63 URL Spoofing Vulnerability in Opera before 10.63 Address Bar Spoofing and Cross-Site Scripting (XSS) Vulnerability in Opera before 10.63 Origin Verification Vulnerability in Opera Browser Cross-Site Scripting (XSS) Vulnerability in Opera before 10.63 User-Assisted Remote Denial of Service Vulnerability in Opera Denial of Service Vulnerability in Opera 10.63 Denial of Service Vulnerability in Opera 10.63 RE_DUP_MAX Overflow Vulnerability Stack Consumption Vulnerability in GNU C Library (glibc) Allows Denial of Service Stack-based Buffer Overflow in IBM Informix Dynamic Server (IDS) Logging Function Denial of Service Vulnerability in Ghostscript's gs_type2_interpret Function (CVE-2021-xxxx) Stack Consumption Vulnerability in IBM solidDB 6.5.0.3 and Earlier Denial of Service Vulnerability in IBM solidDB 6.5.0.3 and Earlier Denial of Service Vulnerability in IBM solidDB 6.5.0.3 and Earlier Arbitrary File Read and Modification Vulnerability in TYPO3 Extension Manager Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) allows remote code execution via long DBINFO keyword arguments in SQL statement Integer Overflow Vulnerability in librpc.dll in ISM Portmapper Service in IBM Informix Dynamic Server (IDS) Arbitrary Web Script Injection via JavaScript in HTML E-mail in OTRS 2.4.x before 2.4.9 Uninitialized Structure Vulnerability in Linux Kernel's copy_shmid_to_user Function Uninitialized Structure Vulnerability in Linux Kernel's IPC Subsystem USB Subsystem Information Disclosure Vulnerability Information Disclosure Vulnerability in Linux Kernel's uart_get_count Function Kernel Stack Memory Disclosure Vulnerability Kernel Stack Memory Disclosure via TIOCGICOUNT ioctl Call Kernel Stack Memory Disclosure via FBIOGET_VBLANK ioctl Kernel Stack Memory Disclosure Vulnerability Kernel Stack Memory Disclosure Vulnerability in Linux Kernel Kernel Stack Memory Disclosure Vulnerability Kernel Stack Memory Disclosure Vulnerability in viafb_ioctl_get_viafb_info Function Kernel Stack Memory Disclosure in Linux Kernel Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2010-4087) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2010-4089) Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Shockwave Player (CVE-2010-4089) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption in Adobe Shockwave Player (CVE-2010-4087) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Reader and Acrobat Adobe Shockwave Player Use-After-Free Vulnerability Unspecified Memory Corruption Vulnerability in Adobe Shockwave Player Default Password Vulnerability in IBM Rational Quality Manager and Rational Test Lab Manager Directory Traversal Vulnerability in Robo-FTP FTP Client Arbitrary Code Execution Vulnerability in Monkeysphere 0.31 and 0.32 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Aardvark Topsites PHP 5.2.0 and 5.2.1 Denial of Service Vulnerability in Monotone before 0.48.1 Arbitrary Command Execution in NitroSecurity NitroView ESM 8.4.0a Arbitrary File Reading Vulnerability in HP Insight Control Performance Management Arbitrary Code Injection through XSS in HP Insight Recovery Arbitrary File Read Vulnerability in HP Insight Recovery before 6.2 Arbitrary File Reading Vulnerability in HP Insight Managed System Setup Wizard Arbitrary File Read Vulnerability in HP Insight Orchestration before 6.2 Unspecified Remote Access Vulnerability in HP Insight Orchestration CSRF Vulnerability in HP Insight Control for Linux before 6.2 Arbitrary File Read Vulnerability in HP LaserJet and Color LaserJet Printers Denial of Service Vulnerability in HP-UX B.11.11, B.11.23, and B.11.31 Arbitrary Code Injection through vCard File in HP Palm webOS Contacts Application Unspecified Privilege Escalation and Denial of Service Vulnerability in HP OpenVMS on Itanium Platform Arbitrary Web Script Injection Vulnerability in HP Insight Diagnostics Online Edition Information Disclosure Vulnerability in HP Insight Management Agents Remote Code Execution Vulnerability in HP Power Manager (HPPM) before 4.3.2 Arbitrary Web Script Injection Vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) Undocumented Admin Account with Default Password in HP StorageWorks Modular Smart Array P2000 G3 Firmware Unspecified Remote Code Execution Vulnerability in HP StorageWorks Storage Mirroring 5.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Tivoli Access Manager for e-business 6.1.0 Unauthenticated SQL Statement Execution in IBM Tivoli Provisioning Manager for OS Deployment 7.1.1.3 Stack-based Buffer Overflow in DATAC RealWin 2.0 Build 6.1.8.10 and Earlier SQL Injection Vulnerability in chart.php in phpCheckZ 1.1.0 Arbitrary SQL Command Execution Vulnerability in Kisisel Radyo Script's radyo.asp Insufficient Access Control in Kisisel Radyo Script Allows Remote Database Download Arbitrary Web Script Injection Vulnerability in Attachmate Reflection for the Web 2008 R2 and Earlier SQL Injection Vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 Build 8356 Free Edition and Earlier Arbitrary File Write Vulnerability in AnyConnect 1.2.3.0 and Earlier FreshWebMaster Fresh FTP 5.36 and 5.37 Directory Traversal Vulnerability Double Free Vulnerability in PHP IMAP Extension SQL Injection Vulnerability in DeluxeBB 1.3 (misc.php) with Disabled Magic Quotes GPC SQL Injection Vulnerability in catalog/index.shtml in 4site CMS 2.6 and Earlier Directory Traversal Vulnerability in CrossFTP Pro 1.65a and Earlier Versions Directory Traversal Vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in eXV2 CMS 2.10 Information Disclosure Vulnerability in Libmbfl 1.1.0 Allows Attackers to Obtain Sensitive Data Integer Overflow in ioc_general Function in Linux Kernel Allows for Denial of Service or Memory Corruption Memory Information Disclosure Vulnerability in Linux Kernel Socket Filter Untrusted Search Path Vulnerability in Mono 2.8 and Earlier Integer overflows in pppol2tp_sendmsg and l2tp_ip_sendmsg functions in Linux kernel Denial of Service Vulnerability in udp_queue_rcv_skb Function in Linux Kernel 2.6.18 Integer overflows in fs/bio.c in Linux kernel before 2.6.36.2 allow local users to crash the system through a crafted device ioctl to a SCSI device Denial of Service Vulnerability in blk_rq_map_user_iov Function Integer underflows in x25_parse_facilities function in Linux kernel before 2.6.36.2 TCP_MAXSEG (MSS) Value Restriction Vulnerability in Linux Kernel SQL Injection Vulnerabilities in Joomla! 1.5.x before 1.5.22 Untrusted Search Path Vulnerability in ImageMagick's configure.c Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 Use-after-free vulnerability in Linux kernel mm/mprotect.c leading to denial of service Privilege Escalation via Environment Variable Manipulation in SystemTap 1.3 Unverified Module Unloading Vulnerability in SystemTap 1.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Apache Tomcat Manager Application Arbitrary File Overwrite Vulnerability in libsdp 1.1.104 and Earlier Integer Overflow in rds_cmsg_rdma_args Function in Linux Kernel 2.6.35 Weak Permissions for /dev/systty Device File in Plymouth-Pretrigger.sh Vulnerability Clear text password exposure in mysql-gui-tools MySQL-GUI-tools (mysql-administrator) exposes passwords in process list when launching mysql text console Insufficient Access Control in Red Hat Enterprise Messaging, Realtime and Grid (MRG) 1.3 Allows Arbitrary User Execution via Condor QMF Plug-ins Session Cache Downgrade Vulnerability Yaws 1.89 Directory Traversal Vulnerability Untrusted search path vulnerability in Microsoft Windows XP, Windows Server 2003, Windows Vista, and Windows 7 allows arbitrary code execution and DLL hijacking Cross-Site Scripting (XSS) Vulnerabilities in HTML Purifier before 4.1.0 with Internet Explorer Cleartext HTTP Headers Disclosure Vulnerability in NetSupport Manager (NSM) SQL Injection Vulnerability in Energine's index.php Allows Remote Code Execution via NRGNSID Cookie SQL Injection Vulnerability in OnlineTechTools OWOS Professional Edition 2.10 Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Heap-based Buffer Overflow in dirapi.dll Module of Adobe Shockwave Player Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Shockwave Player Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-0555) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Use-after-free vulnerability in WebKit allows remote attackers to cause denial of service or unspecified impact via text editing vectors Memory Corruption Vulnerability in WebKit Unspecified Variable Cast Vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome: Remote Denial of Service and Possible Impact via Text Control Selections Integer Overflow Vulnerabilities in Google Chrome on Linux Memory Corruption Vulnerability in WebM libvpx Codec SDK WebKit Frame Object Destruction Vulnerability Type Confusion Vulnerability in Google Chrome before 7.0.517.44 Array Index Error in FEBlend::apply Function in WebKit Arbitrary Script Injection Vulnerability in YUI Flash Component Infrastructure Arbitrary Web Script Injection Vulnerability in YUI Flash Component Infrastructure Arbitrary Script Injection Vulnerability in YUI Flash Component Infrastructure Unlocked Mutex Vulnerability in FreeBSD's pfs_getextattr Function Unverified Server Hostname Vulnerability in PayPal iOS App Mirror Image Storage Vulnerability in USAA Application 3.0 for Android Cleartext Storage of Security Question Answer in Bank of America Android App Cleartext Storage of Sensitive Information in Wells Fargo Mobile App for Android Privilege Escalation via Topic Preferences in Foswiki 1.1.0 and 1.1.1 Denial of Service Vulnerability in IBM Tivoli Directory Server (TDS) 6.0.0.x Proxy Server Use-After-Free Vulnerability in IBM Tivoli Directory Server Unspecified Web Services Vulnerability in IBM ENOVIA 6 with Unknown Impact and Attack Vectors Arbitrary Script Injection Vulnerability in IBM WebSphere Portal 6.1.0.1 Arbitrary Web Script Injection Vulnerability in IBM WebSphere Application Server (WAS) 7.0 Stack-based buffer overflows in pr_netio_telnet_gets function in ProFTPD before 1.3.3c Unspecified vulnerability in mod_mono module for XSP in Mono 2.8.x before 2.8.2 Arbitrary File Overwrite Vulnerability in cpio Stack-based Buffer Overflow in XNFS.NLM in Novell Netware 6.5 before SP8 Stack-based Buffer Overflow in NWFTPD.NLM FTP Server in Novell NetWare 5.10.02 and earlier Directory Traversal Vulnerability in ZENworks Asset Management (ZAM) Stack-based Buffer Overflow in Camtron CMNC-200 and TecVoz CMNC-200 IP Cameras' ActiveX Control Camtron CMNC-200 and TecVoz CMNC-200 IP Cameras Directory Traversal Vulnerability Authentication Bypass Vulnerability in Camtron CMNC-200 and TecVoz CMNC-200 IP Cameras Default Password Vulnerability in Camtron CMNC-200 and TecVoz CMNC-200 IP Cameras Denial of Service Vulnerability in Camtron CMNC-200 and TecVoz CMNC-200 IP Cameras Arbitrary Code Execution via Format String Vulnerability in RealNetworks Helix Server and Helix Mobile Server Untrusted Search Path Vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition SSL Certificate Verification Failure in Mercurial 1.6.4 and Earlier Versions Denial of Service Vulnerability in Xen 3.1.2 with Linux Kernel 2.6.18 on RHEL 5 Local File Inclusion Vulnerability in Tiki Wiki CMS Groupware 5.2 XSS Vulnerability in Tiki Wiki CMS Groupware 5.2 CSRF Vulnerability in Tiki Wiki CMS Groupware 5.2 Denial of Service Vulnerability in Linux Kernel Bluetooth Driver OOM Dodging Issue in Linux Kernel XSS Vulnerability in Pootle 2.0.5 via 'match_names' Parameter Cross-Site Scripting (XSS) Vulnerabilities in pfSense graph.php Denial of Service Vulnerability in Xen Linux Kernel Drivers Race condition vulnerability in Linux kernel before 2.6.37-rc2 allows denial of service through multithreaded exec Denial of Service Vulnerability in Linux Kernel's wait_for_unix_gc Function Memory Leak in inotify_init1 Function in Linux Kernel Denial of Service Vulnerability in Linux Kernel's Socket Implementation J-PAKE Protocol Parameter Validation Vulnerability Heap-based Buffer Overflow in Impress in OpenOffice.org (OOo) Allows Remote Code Execution via Crafted PNG File Remote Code Execution Vulnerability in Moonlight Denial of Service Vulnerability in Xen 4.0.1 and Earlier on 64-bit Platforms Denial of Service Vulnerability in Linux Kernel's pipe_fcntl Function SQL Injection Vulnerability in WordPress do_trackbacks Function Privilege Escalation via KERNEL_DS get_fs Value in Linux Kernel FontForge 20100501: Stack-based Buffer Overflow in CHARSET_REGISTRY Header Unspecified vulnerabilities in libclamav in ClamAV before 0.96.5 Off-by-one Error in libclamav Allows Remote Code Execution Stack-based Buffer Overflow in Xfig 3.2.4 and 3.2.5: Remote Code Execution Vulnerability Vulnerability: Denial of Service and Possible Other Impact in Intel Gigabit Ethernet (igb) Subsystem Arbitrary Code Execution via Cross-Site Scripting in Vanilla Forums (before 2.0.10) Denial of Service Vulnerability in JBoss Remoting 2.2.x and 2.5.x Linkbait Vulnerability Discovered in Vanilla Forums (Pre-2.0.10) Stack-based Buffer Overflow in HPLIP's hpmud_get_pml Function Arbitrary SQL Command Execution in Pulse Infotech Flip Wall Component 1.1 for Joomla! SQL Injection Vulnerability in Collabtive 0.65's managechat.php Allows Remote Code Execution nBill Component Directory Traversal Vulnerability SQL Injection Vulnerability in ImpressCMS 1.2.3 RC2 and Earlier Versions Arbitrary SQL Command Execution Vulnerability in Pulse Infotech Sponsor Wall Component 1.1 for Joomla! SQL Injection Vulnerability in imoveis.php in DescargarVista ACC IMoveis 1.1 Privilege Escalation via reset_diragent_keys in IBM Systems Director 6.2.0 Cross-Site Scripting (XSS) Vulnerabilities in Radius Manager 3.8.0 Arbitrary Web Script Injection in LiveZilla 3.2.0.2 Arbitrary Script Injection in Embedded Video Plugin for WordPress Arbitrary Command Execution in Pandora FMS Network Map Authentication Bypass Vulnerability in Pandora FMS 3.1 and Earlier SQL Injection Vulnerabilities in Pandora FMS Before 3.1.1 Arbitrary PHP Code Execution via Incomplete Blacklist Vulnerability in Pandora FMS Multiple Directory Traversal Vulnerabilities in Pandora FMS before 3.1.1 Arbitrary PHP Code Execution via Remote File Inclusion in Pandora FMS 3.1.1 SQL Injection Vulnerability in Samsung Integrated Management System (SIMS) Authentication Form VMware Movie Decoder Frame Decompression Vulnerability Privilege escalation through race condition in VMware mounting process Privilege Escalation via Insecure Library Loading in VMware Products Command Injection Vulnerability in VMware Tools Update Functionality Arbitrary SQL Command Execution in Free Simple Software 1.0 Download Module Remote Code Execution Vulnerability in Novell Zenworks 7 Handheld Management (ZHM) Heap-based Buffer Overflow in LDSS Dissector in Wireshark Denial of Service Vulnerability in Wireshark ZigBee ZCL Dissector Weak Password Hashing Algorithm in Cisco Unified Videoconferencing (UVC) System 5110 and 5115 World-readable permissions on /etc/shadow file in Cisco Unified Videoconferencing (UVC) System 5110 and 5115 (Linux OS) Predictable Session IDs in Cisco Unified Videoconferencing Systems Improper Use of Cookies in Cisco Unified Videoconferencing Systems (Bug ID CSCti54052) Unspecified Memory Corruption Vulnerability in Adobe Shockwave Player Buffer Overflow Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Cleartext Password Storage Vulnerability in Free Simple Software 1.0 Missing HTTPOnly Flag in Apache Tomcat 6.x Set-Cookie Header Vulnerability Arbitrary Code Execution via Unrestricted File Upload in Orbis CMS 1.0.2 iPrint Client ActiveX Plugin Remote Code Execution Vulnerability Stack-based Buffer Overflow in Novell iPrint Client 5.52 ActiveX Control Arbitrary Script Injection in Novell Vibe OnPrem 3 BETA Heap-based Buffer Overflow in Novell ZENworks Configuration Manager (ZCM) Allows Remote Code Execution XSS Vulnerability in Approval Form of Novell Identity Manager Remote Code Execution Vulnerability in Novell GroupWise Internet Agent (GWIA) Buffer overflow vulnerabilities in gwwww1.dll in Novell GroupWise allow remote code execution Denial of Service Vulnerability in Novell eDirectory NCP Service Stack-based Buffer Overflow in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 Arbitrary Web Script Injection Vulnerability in phpMyAdmin Arbitrary File Inclusion Vulnerability in Pulse CMS Basic before 1.2.9 Cross-Site Scripting (XSS) Vulnerabilities in Seo Panel 2.2.0 Arbitrary Cookie Values Vulnerability in Pointter PHP Content Management System 1.0 Arbitrary Cookie Values Vulnerability in Pointter PHP Micro-Blogging Social Network 1.8 Bypassing Certificate Restrictions in IO::Socket::SSL Module 1.35 Arbitrary Code Execution via Unserialize Vulnerability in CakePHP 1.2.8 and 1.3.x Denial of Service Vulnerability in cu_rrd_create_file Function in Collectd Local File Overwrite Vulnerability in Gnash 0.8.8's Configure Script Local Privilege Escalation via Symlink Attack in ocrodjvu 0.4.6-1 on Debian GNU/Linux Hypermail 2.2.0 Cross-Site Scripting (XSS) Vulnerability SSL Certificate Verification Bypass in libcloud before 0.4.1 Denial of Service Vulnerability in SSSD PAM Responder Denial of Service Vulnerability in Linux Kernel Econet Module Uninitialized Port Data Structure Vulnerability in Linux Kernel Heap-based Buffer Overflow in Exim SMTP Server Privilege Escalation via Arbitrary Command Execution in Exim 4.72 and Earlier Bypassing mmap_min_addr Restrictions in Linux Kernel Privilege Escalation via Debugfs Permissions in Linux Kernel Arbitrary Code Injection via db_type Parameter in MantisBT Information Disclosure Vulnerability in MantisBT 1.2.4 and earlier Arbitrary File Inclusion Vulnerability in MantisBT admin/upgrade_unattended.php Bypassing Security Policy in IcedTea JNLP SecurityManager D-Bus Stack Consumption Vulnerability Arbitrary Code Execution via Unrestricted File Upload in Menalto Gallery Cisco ASA, PIX, and VPN Concentrators Group Name Enumeration Vulnerability DaDaBIK XSS Vulnerability in Insert/Edit Feature SQL Injection Vulnerability in Site2Nite Big Truck Broker's news_default.asp Allows Remote Code Execution SQL Injection Vulnerability in SiteEngine 7.1 comments.php Module Cross-Site Scripting (XSS) Vulnerabilities in MRCGIGUY Guestbook 1.0 SQL Injection Vulnerability in Jurpopage 0.2.0: Remote Code Execution via category Parameter Multiple SQL Injection Vulnerabilities in Jurpopage 0.2.0 Jurpopage 0.2.0 URL Parameter Cross-Site Scripting (XSS) Vulnerability Multiple SQL Injection Vulnerabilities in MicroNetsoft RV Dealer Website SQL Injection Vulnerabilities in MRCGIGUY (MCG) FreeTicket 1.0.0's contact.php Cross-Site Scripting (XSS) Vulnerability in DaDaBIK 4.3 beta3 SQL Injection Vulnerability in JE Ajax Event Calendar Component for Joomla! Chameleon Social Networking Multiple Cross-Site Scripting (XSS) Vulnerabilities in forum_new_topic.php Arbitrary Command Execution via Configdir Parameter in AWStats Arbitrary Command Execution via Configdir Parameter in AWStats AWStats Directory Traversal Vulnerability in LoadPlugin Directory Integer overflows in Winamp in_midi Plugin: Remote Code Execution Vulnerability Buffer Overflow Vulnerability in Winamp's in_mod Plugin Integer Overflow in Winamp's in_nsv Plugin: Remote Code Execution Vulnerability Denial of Service Vulnerability in Winamp's in_mp4 Plugin Denial of Service Vulnerability in Winamp's in_mkv Plugin Heap-based Buffer Overflow in RealPlayer and HelixPlayer Allows Remote Code Execution via Malformed Audio Stream Heap-based Buffer Overflow in RealPlayer Allows Remote Code Execution via GIF87a File Heap-based Buffer Overflow in RealPlayer Versions 11.0 through 11.1, RealPlayer SP Versions 1.0 through 1.1.5, Mac RealPlayer Versions 11.0 through 12.0.0.1444, and Linux RealPlayer Version 11.0.2.1744 RV20 Video Stream Heap Memory Corruption Vulnerability Heap-based Buffer Overflow in RealPlayer and HelixPlayer via Crafted SIPR File Heap-based Buffer Overflow in RealPlayer Allows Remote Code Execution via Crafted SOUND File Heap-based Buffer Overflow in RealPlayer Versions 11.0-12.0.0.1444 via Crafted AAC File Heap-based Buffer Overflow Vulnerabilities in RealPlayer and HelixPlayer Heap-based Buffer Overflow in RealPlayer and HelixPlayer via Crafted RA5 File Remote Code Execution Vulnerability in RealPlayer and HelixPlayer Integer Overflow Vulnerability in RealPlayer and HelixPlayer RealPlayer Remote Code Execution Vulnerability RealPlayer Codec Heap Memory Corruption Vulnerability Arbitrary Code Injection Vulnerability in RealPlayer Components Heap-based Buffer Overflow in RealPlayer Codec Allows Remote Code Execution Heap-based Buffer Overflow Vulnerabilities in RealPlayer and RealPlayer SP Heap-based Buffer Overflow in RealPlayer Allows Remote Code Execution via Crafted RMX File Heap-based Buffer Overflow in RealPlayer and HelixPlayer Allows Remote Code Execution via Crafted ImageMap Data Heap-based Buffer Overflow in RealPlayer Allows Remote Code Execution via Crafted AVI File Heap-based Buffer Overflow in RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.5 via Long Server Header in RealPix File Parsing Heap-based Buffer Overflow in RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 via Crafted AAC Frame Data Cross-zone scripting vulnerability in RealPlayer ActiveX Control Integer Overflow in RealPlayer TIT2 Atom Parsing Stack-based Buffer Overflow in RtlQueryRegistryValues Function in win32k.sys Directory Traversal Vulnerability in DynPG CMS 4.1.1 and 4.2.0 Arbitrary SQL Command Execution in DynPG CMS 4.2.0 via _rights.php SQL Injection Vulnerability Information Disclosure Vulnerability in DynPG CMS 4.2.0 Reveals Installation Path Cross-Site Scripting (XSS) Vulnerabilities in Register Plus Plugin for WordPress Information Disclosure Vulnerability in Register Plus Plugin for WordPress Arbitrary SQL Command Execution Vulnerability in Yannick Gaultier sh404SEF Component for Joomla! Arbitrary Web Script Injection Vulnerability in Yannick Gaultier sh404SEF Component for Joomla! Directory Traversal Vulnerability in Brunetton LittlePhpGallery 1.0.2 AlGuest 1.1c-patched Multiple Cross-Site Scripting (XSS) Vulnerabilities in index.php Apache Archiva User Account Modification Vulnerability Integer Overflow in NumberFormatter::getSymbol Function in PHP 5.3.3 and Earlier CRLF Injection Vulnerability in CGI.pm and CGI::Simple HTTP Response Splitting Vulnerability in CGI.pm 3.50 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in pfSense 2 Beta 4 Unspecified vulnerability in Oracle Database Server Scheduler Agent component Unspecified vulnerability in Oracle VM VirtualBox 4.0 related to Extensions Unspecified vulnerability in Oracle Solaris 8, 9, and 10: Local User Impact on Confidentiality, Integrity, and Availability via libc Unspecified Remote Code Execution Vulnerability in Oracle GoldenGate Veridata Component Unspecified vulnerability in Services for Beehive component in Oracle Fusion Middleware Unspecified vulnerability in PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.50.11 through 8.50.15 and 8.51GA through 8.51.05 Unspecified vulnerability in PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwards Suite 9.0 Bundle #31 and 9.1 Bundle #6 affecting confidentiality and integrity via Order Capture. Unspecified vulnerability in Oracle Database Vault component allows local users to affect confidentiality and integrity Unspecified Remote Vulnerability in Oracle Database Vault Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Cluster Verify Utility component in Oracle Database Server on Windows Unspecified Remote Code Execution Vulnerability in Oracle PeopleSoft and JDEdwards Suite Unspecified Remote Integrity Vulnerability in Oracle BI Publisher Component Unspecified Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools Unspecified Integrity Vulnerability in Oracle BI Publisher Component Unspecified Confidentiality Vulnerability in PeopleSoft Enterprise HRMS Component Unspecified Remote Integrity Vulnerability in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 Unspecified Confidentiality Vulnerability in PeopleSoft Enterprise HRMS Component Unspecified Local Confidentiality Vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 Unspecified Confidentiality Vulnerability in Oracle Transportation Manager Unspecified Remote Confidentiality Vulnerability in Oracle Solaris 10 Ethernet Driver Unspecified Confidentiality Vulnerability in Oracle PeopleSoft and JDEdwards Suite Unspecified Remote Code Execution Vulnerability in Oracle Solaris 8, 9, and 10 Unspecified Remote Confidentiality Vulnerability in Oracle Sun Management Center (SunMC) 4.0 Unspecified vulnerability in Oracle WebLogic Server component allows remote attackers to affect confidentiality and integrity Local Privilege Escalation Vulnerability in Oracle GlassFish and Java System Message Queue Unspecified Confidentiality Vulnerability in PeopleSoft Enterprise HRMS Component Unspecified Local Kernel Vulnerability in Oracle 10 and 11 Express Unspecified vulnerability in PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 9.1 Bundle #4 Unspecified Kernel Vulnerability in Oracle Solaris 10 and 11 Express Local Privilege Escalation Vulnerability in Oracle Solaris 10 and 11 Express via Kernel/NFS Unspecified Remote Vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO Unspecified Confidentiality Vulnerability in PeopleSoft Enterprise HRMS Component Unspecified Local Denial of Service Vulnerability in Oracle Solaris 11 Express Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise confidentiality Unspecified Networking Vulnerability in Java Runtime Environment (JRE) Unspecified vulnerability in Oracle Audit Vault component allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Java Runtime Environment (JRE) allows local applications to impact confidentiality, integrity, and availability Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Java Runtime Environment allows remote attackers to affect confidentiality, integrity, and availability Unspecified Remote Integrity Vulnerability in Oracle WebLogic Server Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 and 11.1.1.3 Unspecified Remote Integrity Vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 Remote Denial of Service Vulnerability in Oracle Solaris 11 Express via SMB and CIFS ZFS-related Local Availability Vulnerability in Oracle Solaris 11 Express Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via SCTP and Kernel/sockfs vectors Unspecified vulnerability in Oracle Solaris 10 allows local users to compromise confidentiality and integrity via unknown vectors related to Fault Manager Daemon. Unspecified vulnerability in PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdwards Suite 8.9 Bundle #23, 9.0 Bundle #14, and 9.1 Bundle #4 affecting ePerformance module Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise confidentiality, integrity, and availability Unspecified Remote Code Execution Vulnerability in Oracle Sun Convergence 1.0 Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise confidentiality Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise confidentiality, integrity, and availability Unspecified JDBC-related vulnerability in Java Runtime Environment (JRE) Unspecified Heap Corruption Vulnerability in Java Runtime Environment (JRE) Unspecified Remote Code Execution Vulnerability in Java Runtime Environment (JRE) Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise confidentiality Unspecified Remote Code Execution Vulnerability in Java Runtime Environment (JRE) Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Java DB component in Oracle Java SE and Java for Business 6 Update 23 and earlier Unspecified Confidentiality Vulnerability in Java Runtime Environment (JRE) Denial of Service Vulnerability in Double.parseDouble Method in Java Runtime Environment J-PAKE Protocol Vulnerability in OpenSSH 5.6 and Earlier Unspecified vulnerability in libclamav in ClamAV before 0.96.5 allows remote code execution via crafted PDF document (CVE-2010-4476) Cross-Site Scripting (XSS) Vulnerability in PhpMyAdmin 3.3.8.1 and Earlier Versions Authentication Bypass and Information Disclosure in phpMyAdmin Bypassing Pop-up Blocker in Google Chrome Video Data Leakage Vulnerability in Google Chrome HTML5 Database Denial of Service Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in History Handling Incomplete Blacklist Vulnerability in Google Chrome HTTP Proxy Authentication Denial of Service Vulnerability in Google Chrome Out-of-bounds read vulnerability in libvpx in Google Chrome Denial of Service Vulnerability in Google Chrome 8.0.552.215 Privileged Extension Denial of Service Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in SVG Animations Denial of Service Vulnerability in Google Chrome's Mouse Dragging Event Handling Double Free Vulnerability in libxml2 2.7.8 and Google Chrome before 8.0.552.215 Arbitrary Code Execution Vulnerability via JMX Connections in TIBCO ActiveMatrix and Silver Products Multiple SQL Injection Vulnerabilities in TIBCO Collaborative Information Manager Server Arbitrary Web Script Injection Vulnerability in TIBCO Collaborative Information Manager Server Remote Code Execution Vulnerability in TIBCO Collaborative Information Manager Server Session Fixation Vulnerability in TIBCO Collaborative Information Manager Server SQL Injection Vulnerabilities in MRCGIGUY (MCG) FreeTicket 1.0.0 Buffer overflow vulnerability in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 SQL Injection Vulnerability in Aigaion 1.3.4 indexlight.php Arbitrary Web Script Injection in eSyndiCat Directory 2.3 SQL Injection Vulnerabilities in Injader 2.4.4 Login.php Arbitrary Program Execution via Invalid SSL Certificate in Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in iSpot and ClearSpot Firmware 1.9.9.4 WebSockets Proxy Upgrade Negotiation Vulnerability in Mozilla Firefox 4 Unspecified Vulnerabilities in Movable Type 4.x and 5.x Unspecified Vulnerability in Movable Type 4.x and 5.x: Dynamic Publishing Error Message Incorrect Umask Value in Cobbler Before 2.0.4 Allows Local Users to Gain Unauthorized Access Multiple Cross-Site Scripting (XSS) Vulnerabilities in Zimplit CMS 3.0 Cross-site scripting (XSS) vulnerability in DotNetNuke InstallWizard.aspx Citrix Web Interface 5.0, 5.1, and 5.3 Cross-Site Scripting (XSS) Vulnerability JXtended Comments Component XSS Vulnerabilities SQL Injection Vulnerability in JExtensions JE Auto Component 1.0 for Joomla! Arbitrary Web Script Injection Vulnerability in Safe Search Plugin for WordPress Cross-Site Request Forgery (CSRF) Vulnerabilities in Drupal Views UI Implementation Cross-Site Scripting (XSS) Vulnerabilities in Drupal Views Module 6.x before 6.x-2.11 Arbitrary Script Injection Vulnerability in Drupal Views Module Cross-Site Scripting (XSS) Vulnerabilities in MyBB 1.4.14 and 1.6.x Stack-based Buffer Overflow in libopensc: Arbitrary Code Execution via Long Serial-Number Field on Smart Card Cross-site scripting (XSS) vulnerability in MHonArc 2.6.16 via malformed SCRIPT element tags Uninitialized Structure Member Vulnerability in Linux Kernel 2.6.33 and 2.6.34.y Race condition vulnerability in sctp_icmp_proto_unreachable function in Linux kernel 2.6.11-rc2 through 2.6.33 Buffer overflow vulnerability in load_mixer_volumes function in Linux kernel before 2.6.37 NULL pointer dereference vulnerability in libpurple's MSN protocol plugin in Pidgin before 2.7.9 Integer Underflow Vulnerability in Linux Kernel's irda_getsockopt Function Buffer Overflow Vulnerability in libccid Allows Arbitrary Code Execution Stack-based Buffer Overflow in ATRDecodeAtr Function in PCSC-Lite Unvalidated SSL Server Certificate Vulnerability in OfflineIMAP OfflineIMAP SSLv2 Protocol Vulnerability Improper Restriction of Query String Vulnerability in Django Administrative Interface Denial of Service Vulnerability in Django Password Reset Functionality Multiple Cross-Site Scripting (XSS) Vulnerabilities in KSES Plugin for WordPress Arbitrary PHP Code Execution Vulnerability in CrawlTrack before 3.2.7 Buffer Overflow in Wireshark 1.4.2: Remote Code Execution via ENTTEC DMX Packet Denial of Service Vulnerability in mod_dav_svn's walk function Stack-based Buffer Overflow in GIMP 2.6.11 Lighting Effects Plugin Stack-based Buffer Overflow in SPHERE DESIGNER Plugin in GIMP 2.6.11 Stack-based Buffer Overflow in GFIG Plugin in GIMP 2.6.11 Heap-based Buffer Overflow in GIMP Paint Shop Pro Plugin Arbitrary Web Script Injection Vulnerability in IBM Lotus Notes Traveler Denial of Service Vulnerability in IBM Lotus Notes Traveler Attachment Download Bypass in IBM Lotus Notes Traveler Cross-Domain Policy Bypass in IBM Lotus Notes Traveler Denial of Service Vulnerability in IBM Lotus Notes Traveler Prohibited Application Bypass Vulnerability in IBM Lotus Notes Traveler on Nokia s60 Devices Denial of Service Vulnerability in IBM Lotus Notes Traveler Denial of Service Vulnerability in IBM Lotus Notes Traveler Memory Leak Vulnerability in IBM Lotus Notes Traveler Denial of Service Vulnerability in IBM Lotus Notes Traveler Clickjacking Vulnerability in SquirrelMail 1.4.21 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in SquirrelMail 1.4.21 and Earlier Arbitrary Code Execution Vulnerability in SAP NetWeaver Business Client ActiveX Control Buffer Overflow Vulnerability in Invensys Wonderware InBatch and Foxboro I/A Series Batch Arbitrary PHP Code Execution Vulnerability in phpMyFAQ 2.6.11 and 2.6.12 IPv6 Multicast ICMPv6 Echo Request Vulnerability Remote Network Sniffing Vulnerability in Linux Kernel with IPv6 Kernel Memory Address Disclosure Vulnerability in Linux CAN Implementation Arbitrary Command Execution via Shell Metacharacters in Citrix Access Gateway Authentication Cross-Site Scripting (XSS) vulnerability in Bugzilla Insufficient Randomness in Bugzilla Cookie and Token Generation Bugzilla 3.7.1-4.0rc1 Cross-Site Scripting (XSS) Vulnerability in User Account Real Name Field Bugzilla Duplicate-Detection XSS Vulnerability CRLF Injection Vulnerability in Bugzilla chart.cgi Authentication Bypass Vulnerability in VMware ESXi 4.1 Update Installer Pointer Arithmetic Vulnerability in Google Chrome and Chrome OS Denial of Service Vulnerability in Google Chrome and Chrome OS NULL pointer dereference and application crash vulnerability in Chrome and Chrome OS Out-of-bounds read vulnerability in CSSParser::parseFontFaceSrc function in WebKit Cursor Handling Vulnerability in Google Chrome and Chrome OS Dialog Spoofing Vulnerability in Opera before 11.00 WAP WML Form Field Data Leakage Vulnerability in Opera before 11.00 Unspecified High Severity Vulnerability in Opera before 11.00 Inadequate Security Policy Handling in Opera Extensions Update Process Missing Security Indication in Opera Turbo Allows for Content Spoofing Inadequate Presentation of X.509 Certificate Information in Opera Turbo Denial of Service Vulnerability in Opera Auto-Update Functionality Unspecified Impact and Remote Attack Vectors in Default Configuration of Opera Insecure Third Party Module Warning Bypass in Opera on Windows Arbitrary Code Execution via Crafted Argument in WBEMSingleView.ocx ActiveX Control Arbitrary Script Injection Vulnerability in IBM ENOVIA 6 Arbitrary Web Script Injection Vulnerability in IBM Lotus Mobile Connect Lack of LTPA Token Deletion in IBM Lotus Mobile Connect Allows Unauthorized Access Denial of Service Vulnerability in IBM Lotus Mobile Connect Denial of Service Vulnerability in IBM Lotus Mobile Connect Denial of Service Vulnerability in IBM Lotus Mobile Connect Bypassing Access Restrictions in IBM Lotus Mobile Connect Remote Code Execution Vulnerability in RealNetworks Helix Server and Helix Mobile Server Stack-based Buffer Overflow in IntegraXor.Project ActiveX Control in Ecava IntegraXor HMI Directory Traversal Vulnerability in Ecava IntegraXor 3.6.4000.0 and Earlier Untrusted Search Path Vulnerability in Ecava IntegraXor 3.6.4000.0 Dojo Toolkit Open Direct Cookie Reading Vulnerability Unspecified Vulnerabilities in IBM Rational ClearQuest Related to Third-Party .ocx Files Arbitrary Record Access Vulnerability in IBM Rational ClearQuest Back-reference Field Modification Vulnerability in IBM Rational ClearQuest Stack-based buffer overflow in GeneratePassword function in dsmtca Unspecified Local File Overwrite Vulnerability in IBM Tivoli Storage Manager (TSM) Script Execution Vulnerability in IBM Tivoli Storage Manager (TSM) Space Management Client Multiple Cross-Site Scripting (XSS) Vulnerabilities in Habari 0.6.5 Information Disclosure Vulnerability in Habari 0.6.5 SQL Injection Vulnerability in Html-edit CMS 3.1.8: Remote Code Execution via nuser Parameter Arbitrary Script Injection via error Parameter in Html-edit CMS 3.1.8 Sensitive Information Disclosure in Html-edit CMS 3.1.8 Multiple SQL Injection Vulnerabilities in Hycus CMS 1.0.3 Arbitrary File Inclusion Vulnerabilities in Hycus CMS 1.0.3 SQL Injection Vulnerability in item.php in Ero Auktion 2010 (id parameter) SQL Injection Vulnerabilities in Oto Galeri Sistemi 1.0: Remote Code Execution ImpressCMS 1.2.3 Final XSS Vulnerability in content.php Arbitrary File Read Vulnerability in JotLoader Component for Joomla! Arbitrary Web Script Injection Vulnerability in Algis Info aiContactSafe Component for Joomla! SQL Injection Vulnerability in profil.php in Mafya Oyun Scripti (Mafia Game Script): Remote Code Execution via id Parameter Directory Traversal Vulnerability in IBM Tivoli Access Manager for e-business 6.1.1 Denial of Service Vulnerability in WebSEAL of IBM Tivoli Access Manager Bypassing Image Code Restrictions in MyBB (MyBulletinBoard) before 1.4.12 Information Disclosure Vulnerability in MyBB (aka MyBulletinBoard) before 1.4.12 Insecure Random Number Generation in MyBB (MyBulletinBoard) Allows for Brute-Force Account Takeover CSRF Vulnerability in MyBB User Control Panel (usercp2.php) Denial of Service Vulnerability in MyBB member.php Improper Restriction of Group Join Requests in MyBB (aka MyBulletinBoard) before 1.4.12 Arbitrary Script Injection in WP Survey And Quiz Tool Plugin 1.2.1 for WordPress ASPilot Pilot Cart 7.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities Multiple SQL Injection Vulnerabilities in ASPilot Pilot Cart 7.3 SQL Injection Vulnerability in cart.php in digiSHOP 2.0.2 (id parameter) Directory Traversal Vulnerability in osTicket 1.6 SQL Injection Vulnerability in Site2Nite Vacation Rental (VRBO) Listings: Remote Code Execution via ID Parameter SQL Injection Vulnerability in Site2Nite Business e-Listings: Remote Code Execution via ID Parameter in detail.asp Arbitrary Script Injection in FeedList Plugin for WordPress Arbitrary SQL Command Execution in JQuarks4s Component 1.0.0 for Joomla! MySource Matrix index.php SQL Injection Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in XWiki Watch 1.0 Arbitrary SQL Command Execution Vulnerability in XWiki Enterprise before 2.5 XWiki Enterprise 2.5 Cross-Site Scripting (XSS) Vulnerability Heap-based Buffer Overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 via Crafted TGA File Memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 leading to denial of service and daemon crash Denial of Service Vulnerability in strtod.c Arbitrary Script Injection via Background Attribute in Hastymail2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Eclipse IDE Help Server Improper TKIP Protection Mechanism in Linux Kernel Allows Remote Wi-Fi Network Access Integer Overflow in ib_uverbs_poll_cq Function in Linux Kernel Buffer Overflow in Linux Kernel's fuse_do_ioctl Function Allows Denial of Service or Other Impact Directory Traversal Vulnerability in GNU Patch 2.6.1 and Earlier Heap-based Buffer Overflow in ProFTPD's sql_prepare_where Function Integer Overflow Vulnerability in Poppler's Font Parsing Stack Corruption Vulnerability in Poppler before 0.16.3 Uninitialized Data Structures Vulnerability in Linux Kernel's ethtool.c Heap-based Buffer Overflow in iowarrior_write Function in Linux Kernel Memory Leak Vulnerability in PHP5 xmlTextWriterWriteAttribute Newline Injection Vulnerability in StatusNet (2010) Allows Syslog Message Spoofing StatusNet XSS Vulnerability in Error Messages SQL Injection Vulnerability in StatusNet through 2010 Local Privilege Escalation: Arbitrary Linux Kernel Module Loading in udisks Cross-Site Scripting (XSS) Vulnerability in PmWiki before 2.2.21 Unspecified Vulnerability in CMS Made Simple News Module Privilege Escalation via Remote VNC Session in ConsoleKit before 0.4.2 Integer Overflow in ReadDirectory Function in LibTIFF Buffer Overflow in libarchive 3.0 Pre-release Code: Remote Denial of Service and Possible Other Impact via Crafted CAB File Arbitrary Script Injection in Coppermine Photo Gallery (CPG) before 1.4.27 Incomplete Fix for Zero-Length I/O Request Denial of Service Vulnerability in Linux Kernel Denial of Service Vulnerability in Microsoft Windows IPv6 Neighbor Discovery Protocol Implementation Denial of Service Vulnerability in Cisco ASA and PIX Devices via Neighbor Discovery Protocol (NDP) Flood Neighbor Discovery Protocol Vulnerability in Cisco IOS Denial of Service Vulnerability in Cisco ASA 5500 Series Devices (Bug ID CSCtf20269) Denial of Service Vulnerability in Cisco ASA 5500 Series Devices (Bug ID CSCtg06316) Denial of Service Vulnerability in Cisco ASA 5500 Series Devices (Bug ID CSCtg63992) Cisco ASA 5500 Series Devices TELNET Access Restriction Bypass Vulnerability Denial of Service Vulnerability on Cisco ASA 5500 Series Devices (Bug ID CSCsx52748) Denial of Service Vulnerability in emWEB on Cisco ASA 5500 Series Devices Bypassing Access Restrictions in Cisco ASA 5500 Series Devices Denial of Service Vulnerability in Cisco ASA 5500 Series Devices CIFS Share Browsing Vulnerability in Cisco ASA 5500 Series Devices Bypassing SMTP Inspection on Cisco ASA 5500 Series Devices (Bug ID CSCte14901) Denial of Service Vulnerability in Cisco ASA 5500 Series Devices (Bug ID CSCtf29867) Memory Leak Vulnerability in Cisco IOS before 15.0(1)XA5 via Crafted SIP REGISTER Message Denial of Service Vulnerability in Cisco IOS TFTP Debugging (Bug ID CSCtb28877) Certificate Bypass Vulnerability in Cisco IOS Denial of Service Vulnerability in Cisco CallManager Express (CME) Denial of Service Vulnerability in STCAPP on Cisco IOS Denial of Service Vulnerability in Cisco ASA 5500 Series Devices with SIP Inspection Feature ACL Behavior Preservation Vulnerability in Cisco ASA 5500 Series Devices Improper Authentication in Cisco ASA 5500 Series Devices (Bug ID CSCte53635) Denial of Service Vulnerability on Cisco ASA 5500 Series Devices with Software Before 8.3(2) Denial of Service Vulnerability on Cisco ASA 5500 Series Devices (Bug ID CSCth36592) Cross-Site Scripting (XSS) Vulnerabilities in Coppermine Photo Gallery 1.5.10 and Earlier Buffer Overflow Vulnerability in gif2png.c in gif2png 2.5.3 and Earlier Path Truncation Vulnerability in gif2png SQL Injection Vulnerabilities in Joomla! 1.5.x before 1.5.22 Zend Engine Use-After-Free Vulnerability in PHP Stack-based Buffer Overflow in PHP GD Extension: Denial of Service via Imagepstext Argument Incomplete Output Array Vulnerability in PHP's iconv_mime_decode_headers Function SQL Injection Vulnerability in set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3 Heap-based Buffer Overflow in Windows Fax Services Cover Page Editor Arbitrary SQL Command Execution Vulnerability in JRadio Component for Joomla! SQL Injection Vulnerability in HotWeb Rentals Default.asp Denial of Service Vulnerability in FFmpeg Vorbis Decoder Integer Overflow in Vorbis Decoder in FFmpeg Local privilege escalation vulnerability in pam_xauth module in Linux-PAM Denial of Service Vulnerability in Linux-PAM's pam_xauth Module Unintended Environment Execution Vulnerability in Linux-PAM Automated Solutions Modbus/TCP Master OPC Server Heap-Based Buffer Overflow Vulnerability YUI Menu Widget addItem Method Cross-Site Scripting (XSS) Vulnerability Double Free Vulnerability in Novell GroupWise IMAP Server Component Allows Remote Code Execution Multiple stack-based buffer overflows in GroupWise Internet Agent (GWIA) allow remote code execution Arbitrary Code Execution via Signed Integer in Content-Type Header Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP Directory Traversal Vulnerabilities in Novell GroupWise Components Arbitrary Web Script Injection Vulnerability in Novell GroupWise WebPublisher Component Remote Code Execution Vulnerability in Novell GroupWise IMAP Server Multiple Cross-Site Scripting (XSS) Vulnerabilities in Lyftenbloggie Component 1.1.0 for Joomla! Arbitrary File Read Vulnerability in JRadio Component for Joomla! SQL Injection Vulnerability in JE Auto Component for Joomla! SQL Injection Vulnerability in news.php in Immo Makler Unspecified Remote Code Execution Vulnerability in Smarty Fetch Plugin Unrestricted Access to Dynamic and Private Object Members in Smarty Unspecified Remote Code Execution Vulnerabilities in Smarty Parser Implementation Unspecified Remote Attack Vector in Smarty before 3.0.0 RC3 Unspecified Remote Code Execution Vulnerability in Smarty Math Plugin Unspecified Remote Attack Vector in Smarty before 3.0.0 beta 7 Predictable Random Number Generation in Zikula before 1.3.1 CSRF Vulnerability in Zikula before 1.2.3 Directory Traversal Vulnerability in IntelliCom NetBiter Platforms Absolute Path Traversal Vulnerability in IntelliCom NetBiter Platforms Arbitrary Code Execution via Logo Page GIF Replacement in IntelliCom NetBiter Platforms Default Username and Password Vulnerability on IntelliCom NetBiter NB100 and NB200 Platforms Cross-Site Scripting (XSS) Vulnerabilities in Skeletonz CMS 1.0 Blog Plugin Arbitrary SQL Command Execution Vulnerability in Ecommercemax Solutions DGS 1.5 SQL Injection Vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and 4.1.2 SQL Injection Vulnerability in HotWeb Rentals' resorts.asp Allows Remote Code Execution SQL Injection Vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3.0 SQL Injection Vulnerability in Maian Media Silver Component for Joomla! Stack-based Buffer Overflow in SCADA Engine BACnet OPC Client Allows Arbitrary Code Execution Remote Code Execution Vulnerability in Moxa Device Manager (MDM Tool) Stack-based Buffer Overflow in MediaDBPlayback.DLL ActiveX Control Heap-based Buffer Overflow in getarena function in abcm2ps.c Unspecified Vulnerabilities in abcm2ps Before 5.9.13 with Unknown Impact and Attack Vectors Arbitrary Web Script Injection Vulnerability in nav.html in PHPXref before 0.7.1 Memory Leak Vulnerabilities in 389 Directory Server before 1.2.7.5 Arbitrary Script Injection in WordPress Processing Embed Plugin Cross-site scripting (XSS) vulnerability in PmWiki 2.2.20 via from parameter in pmwiki.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in BLOG:CMS 4.2.1.e and Earlier Versions CSRF Vulnerability in BLOG:CMS 4.2.1.e Allows Remote Authentication Hijacking SQL Injection Vulnerability in LightNEasy.php in LightNEasy 3.2.1 (CVE-XXXX-XXXX) SQL Injection Vulnerability in LightNEasy.php in LightNEasy 3.2.1 Arbitrary Web Script Injection in LightNEasy 3.2.1 Denial of Service Vulnerability in glob Implementation in Multiple Operating Systems Denial of Service Vulnerability in OpenSSH 5.8 and Earlier Denial of Service Vulnerability in GNU C Library's Glob Implementation Cross-site scripting (XSS) vulnerability in submitnews.php in e107 before 0.7.23 via submitnews_title parameter Insecure Input Field in OTRS Installer.pl Allows Password Disclosure Denial of Service Vulnerability in OTRS Ticket Search Information Disclosure Vulnerability in OTRS before 3.0.0-beta6 Information Disclosure Vulnerability in OTRS Ticket-Print Dialog Arbitrary Code Injection through Rich-Text-Editor in OTRS Bypassing ACL Restrictions in OTRS Ticket Options Lack of Warning for Revoked PGP/GPG Keys in OTRS Race condition vulnerability in OTRS Kernel::System::Main::FileWrite method allows remote authenticated users to corrupt TicketCounter.log data Information Disclosure Vulnerability in OTRS AgentTicketForward Feature Denial of Service Vulnerability in OTRS 2.3.6 and earlier Bypassing Queue Access Restrictions in OTRS before 2.3.5 Arbitrary File Read Vulnerability in Jimtawl Component 1.0.2 for Joomla! SQL Injection Vulnerability in CommodityRentals DVD Rentals Script: Remote Code Execution via cat_id Parameter Arbitrary SQL Command Execution in S-CMS 2.5 via viewforum.php Arbitrary Web Script Injection Vulnerability in S-CMS 2.5 Unspecified Remote Code Execution Vulnerability in Hitachi EUR Form Client and Services SQL Injection Vulnerability in pdf.php in AuraCMS 1.62 Allows Remote Code Execution Node Access Logic Vulnerability in Relevant Content Module for Drupal SQL Injection Vulnerability in PreProjects Pre Online Tests Generator Pro Denial of Service Vulnerability in Perl_reg_numbered_buff_fetch Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in Horde IMP and Horde Groupware Webmail Edition Cross-site scripting (XSS) vulnerability in WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress SQL Injection Vulnerability in Enano CMS 1.1.7pl1 and earlier versions Sensitive Information Disclosure in Enano CMS 1.1.7pl1 and Earlier Versions Multiple SQL Injection Vulnerabilities in Softwebs Nepal's Ananda Real Estate 3.4 (list.asp) Cross-Site Scripting (XSS) Vulnerabilities in PHP Web Scripts Easy Banner Free 2009.05.18 SQL Injection Vulnerabilities in PHP Web Scripts Easy Banner Free 2009.05.18 Denial of Service Vulnerability in IBM Tivoli Directory Server Denial of Service Vulnerability in IBM Tivoli Directory Server (TDS) 6.0 Denial of Service Vulnerability in IBM Tivoli Directory Server (TDS) 6.0 Denial of Service Vulnerability in IBM Tivoli Directory Server (TDS) 6.0 Use-after-free vulnerability in IBM Tivoli Directory Server allows remote authenticated users to cause denial of service Directory Traversal Vulnerability in FilterFTP 2.0.3 and Earlier Versions SQL Injection Vulnerability in MG User-Fotoalbum Module 1.0.1 for PHP-Fusion Arbitrary Web Script Injection in OPEN IT OverLook 5.0 via frame Parameter SQL Injection Vulnerability in Site2Nite Auto e-Manager's detail.asp Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in JoomlaSeller JS Calendar Component SQL Injection Vulnerability in JS Calendar Component for Joomla! Multiple SQL Injection Vulnerabilities in PHPYun 1.1.6 SQL Injection Vulnerabilities in Truworth Flex Timesheet Login Form Arbitrary File Inclusion Vulnerability in OrangeHRM 2.6.0.1 Multiple SQL Injection Vulnerabilities in Chipmunk Pwngame 1.0 SQL Injection Vulnerability in BaconMap 1.0's doadd.php via type Parameter Arbitrary File Inclusion Vulnerability in BaconMap 1.0 Unspecified Impact and Remote Attack Vectors in Mojolicious Commands.pm Insecure Implementation of HMAC-MD5 Checksums in Mojolicious SD Card Content Disclosure Vulnerability in Android Browser Denial of Service Vulnerability in Linux Kernel's Socket Implementation Bypassing Access Restrictions on Draft Creation in IBM Web Content Manager Race condition vulnerability in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 leading to Denial of Service SQL Injection Vulnerability in Webmatic's index.php SQL Injection Vulnerability in DBSite 1.0: Remote Code Execution via ID Parameter in index.php AR Web Content Manager (AWCM) 2.1 Final - Multiple PHP Remote File Inclusion Vulnerabilities Cross-Site Scripting (XSS) Vulnerabilities in ajaxmember.php in 6kbbs 8.0 Build 20100901 SQL Injection Vulnerabilities in 6kbbs 8.0 Build 20100901: Remote Code Execution Arbitrary Script Injection in Category Tokens Module for Drupal SQL Injection Vulnerability in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 Code Execution Vulnerability in Coppermine Gallery (Before 1.4.26) Null Pointer Dereference Vulnerability in FTPD Service Arbitrary File Overwrite Vulnerability in Pithos before 0.3.5 Remote Code Execution and Denial of Service Vulnerability in X.Org xserver 1.7.7 Arbitrary Memory Read and Denial of Service Vulnerability in X.Org xserver Untrusted Search Path Vulnerability in Ghostscript 8.62 Arbitrary Web Script Injection in phpMyFAQ before 2.6.9 Information Disclosure Vulnerability in SilverStripe 2.4.x Arbitrary web script injection vulnerability in SilverStripe 2.3.x and 2.4.x SQL Injection Vulnerability in Translatable.php in SilverStripe 2.3.x and 2.4.x Arbitrary Script Injection Vulnerability in Twitter Feed Plugin for WordPress SQL Injection Vulnerability in Snitz Forums 2000 3.4.07 - Remote Code Execution via M_NAME Parameter Cross-site scripting (XSS) vulnerability in Snitz Forums 2000 3.4.07 via M_NAME parameter in members.asp Multiple Cross-Site Scripting (XSS) Vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) 10.1 SQL Injection Vulnerability in Techno Dreams (T-Dreams) Cars Ads Package 2.0 SQL Injection Vulnerability in Techno Dreams (T-Dreams) Job Career Package 3.0: Resumes/TD_RESUME_Indlist.asp Untrusted Search Path Vulnerability in GTK+ Allows Privilege Escalation SSL Certificate Spoofing Vulnerability in Android OS Untrusted Search Path Vulnerability in GTK+ Allows Privilege Escalation Multiple SQL Injection Vulnerabilities in OneOrZero AIMS 2.6.0 and 2.7.0 Arbitrary File Read Vulnerability in OneOrZero AIMS 2.6.0 Members Edition Arbitrary Web Script Injection Vulnerability in PHPShop 2.1 EE and Earlier Arbitrary Script Injection in JSupport Component 1.5.6 for Joomla! SQL Injection Vulnerability in JSupport Component 1.5.6 for Joomla! Arbitrary SQL Command Execution in Event Registration Plugin for WordPress Buffer Overflow Vulnerabilities in ManageEngine EventLog Analyzer 6.1 Syslog Server Multiple Cross-Site Scripting (XSS) Vulnerabilities in ManageEngine EventLog Analyzer 6.1 SQL Injection Vulnerability in MHP DownloadScript 2.2 SQL Injection Vulnerability in PHP Web Scripts Ad Manager Pro 3.0 SQL Injection Vulnerability in MH Products Easy Online Shop Multiple SQL Injection Vulnerabilities in MH Products Projekt Shop SQL Injection Vulnerability in view_item.php in MH Products Pay Pal Shop Digital SQL Injection Vulnerability in MH Products MHP Downloadshop's view_item.php Allows Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in AXScripts AxsLinks 0.3 SQL Injection Vulnerability in Alibaba Clone B2B 3.4: Remote Code Execution via es_id Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Diferior 8.03 Multiple SQL Injection Vulnerabilities in Eclime 1.1.2b Arbitrary Web Script Injection in Eclime 1.1.2b login.php SQL Injection Vulnerability in ccInvoices Component for Joomla! Arbitrary SQL Command Execution in Zuitu 1.6 via ajax/coupon.php SQL Injection Vulnerability in xWeblog 2.2: Remote Code Execution via makale_id Parameter in oku.asp SQL Injection Vulnerability in arsiv.asp in xWeblog 2.2 SQL Injection Vulnerability in CAG CMS 0.2 Beta's click.php Allows Remote Code Execution Arbitrary File Read Vulnerability in DNET Live-Stats 0.8 SQL Injection Vulnerability in WebAsyst Shop-Script's index.php Allows Remote Code Execution SQL Injection Vulnerability in MyPhpAuction 2010 product_desc.php Allows Remote Code Execution Arbitrary SQL Command Execution in webSPELL 4.2.1 via asearch.php Arbitrary SQL Command Execution in JE Directory Component 1.0 for Joomla! Arbitrary Web Script Injection in GetSimple CMS 2.01 via post-title Parameter Arbitrary SQL Command Execution in Joomla! Club Manager Component SQL Injection Vulnerability in JE Guestbook Component 1.0 for Joomla! SQL Injection Vulnerability in Chipmunk Board 1.3: Remote Code Execution via forumID Parameter Arbitrary File Inclusion Vulnerability in W-Agora search.php3 Arbitrary Web Script Injection Vulnerability in W-Agora search.php3 SQL Injection Vulnerability in DBHcms 1.1.4: Remote Code Execution via editmenu Parameter SQL Injection Vulnerability in BloofoxCMS 0.3.5 via Gender Parameter in index.php Unspecified Vulnerability in SmartFTP Allows for Remote Code Execution via Long Filename SQL Injection Vulnerability in ASPilot Pilot Cart 7.3: Remote Code Execution via newsroom.asp Arbitrary Web Script Injection Vulnerability in WeBid 0.8.5 P1 confirm.php Cross-Site Scripting (XSS) Vulnerabilities in NinkoBB 1.3 RC5 users.php Arbitrary Script Injection in Vodpod Video Gallery Plugin for WordPress Arbitrary SQL Command Execution in mBlogger 1.0.04 via viewpost.php Arbitrary Script Injection Vulnerability in OneCMS 2.6.1 Remote File Inclusion Vulnerability in Kontakt Formular 1.1's formmailer.php Remote File Inclusion Vulnerability in dompdf.php in dompdf 0.6.0 beta1 Cross-Site Scripting (XSS) Vulnerabilities in ApPHP Calendar CSRF Vulnerabilities in ApPHP Calendar Allow Authentication Hijacking Arbitrary Web Script Injection via sitetitle Parameter in Auto CMS 1.6 Arbitrary Script Injection Vulnerability in MODx Revolution 2.0.2-pl Remote File Inclusion Vulnerability in Gaestebuch 1.2 Allows Arbitrary PHP Code Execution XSS Vulnerability in XING Button Extension for TYPO3 Arbitrary Code Injection through Unspecified Vectors in TYPO3 official twitter tweet button for your page Extension Arbitrary SQL Command Execution in TYPO3 Commenting System Backend Module Arbitrary SQL Command Execution in Tiny Market Extension for TYPO3 Arbitrary Code Execution Vulnerability in Tiny Market Extension for TYPO3 Unspecified Cross-Site Scripting (XSS) Vulnerability in Yet Another Calendar Extension for TYPO3 Arbitrary SQL Command Execution in Yet Another Calendar Extension for TYPO3 Arbitrary Web Script Injection in TYPO3 Powermail Extension Arbitrary Web Script Injection in FestOS 2.3b foodvendors.php SQL Injection Vulnerability in chillyCMS 1.1.3 - Remote Code Execution via name parameter in core/showsite.php Arbitrary Script Injection in chillyCMS 1.1.3 via name parameter in core/showsite.php Arbitrary Script Injection in Member Management System 4.0 via REF_URL Parameter SQL Injection Vulnerability in BlueCMS 1.6 comment.php Allows Remote Code Execution Arbitrary SQL Command Execution Vulnerability in Gantry Component 3.0.10 for Joomla! Arbitrary SQL Command Execution Vulnerability in CMS WebManager-Pro before 8.1 Arbitrary URL Redirection Vulnerability in CMS WebManager-Pro 8.1 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in MySource Matrix 3.28.3 via char_map.php SQL Injection Vulnerabilities in Clantools Component 1.2.3 for Joomla! CubeCart 4.3.3 - Remote SQL Injection Vulnerability in index.php SQL Injection Vulnerability in Aardvertiser Component 2.1 and 2.1.1 for Joomla! SQL Injection Vulnerability in Softbiz Article Directory Script SQL Injection Vulnerability in Zenphoto 1.3 and 1.3.1.2 via a Parameter in zp-core/full-image.php Arbitrary Script Injection in Zenphoto 1.3 via XSS Vulnerability in zp-core/admin.php SQL Injection Vulnerability in Virtue Shopping Mall's detail.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in PaysiteReviewCMS 1.1 Arbitrary SQL Command Execution in ColdGen ColdCalendar 2.06 via EventID Parameter SQL Injection Vulnerability in PHP Classifieds Ads Allows Remote Code Execution via sid Parameter SQL Injection Vulnerability in UCenter Home 2.0 shop.php (shopid parameter) Cross-Site Scripting (XSS) Vulnerability in ColdGen ColdUserGroup 1.06 Search Feature PHP Classifieds 7.3 - Remote File Inclusion Vulnerability in class.phpmailer.php Arbitrary SQL Command Execution in ColdGen ColdBookmarks 1.22 via BookmarkID Parameter SQL Injection Vulnerabilities in ColdGen ColdUserGroup 1.06: Remote Code Execution via ArticleID and LibraryID Parameters SQL Injection Vulnerability in A-Blog 2.0: Remote Code Execution via words Parameter Remote File Inclusion Vulnerability in iJoomla Magazine Component 3.0.1 for Joomla! SQL Injection Vulnerability in Micronetsoft RV Dealer Website 1.0: Remote Code Execution via vehicletypeID Parameter SQL Injection Vulnerability in Micronetsoft Rental Property Management Website 1.0: Remote Code Execution via ad_ID Parameter SQL Injection Vulnerability in DMXReady Polling Booth Manager SQL Injection Vulnerabilities in Allinta CMS 22.07.2010 Arbitrary SQL Command Execution Vulnerability in Virtue Book Store's book/detail.php Remote File Inclusion Vulnerability in clearBudget 0.9.8 via actionPath Parameter SQL Injection Vulnerability in Partenaires Module 1.5 for Nuked-Klan SQL Injection Vulnerability in TimeTrack Component 1.2.4 for Joomla! Arbitrary SQL Command Execution in Restaurant Guide Component 1.0.0 for Joomla! Arbitrary Script Injection Vulnerability in Restaurant Guide Component for Joomla! SQL Injection Vulnerability in Joostina Component for Joomla! Arbitrary Web Script Injection in @mail Webmail 6.2.0 Directory Traversal Vulnerability in PHP-Fusion's maincore.php Entrans 0.3.3 search.php Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in Geeklog 1.3.8's filemgmt/singlefile.php SQL Injection Vulnerability in Get Tube 4.51 and Earlier: Remote Code Execution via video.php SQL Injection Vulnerability in poll.php in Entrans 0.3.2 and Earlier SQL Injection Vulnerability in Joomla! Slide Show Component SQL Injection Vulnerabilities in Amblog Component 1.0 for Joomla! SQL Injection Vulnerability in Joomla! Weblinks Component (com_weblinks) Allows Remote Code Execution Remote File Inclusion Vulnerability in MailForm 1.2 Allows Arbitrary PHP Code Execution SQL Injection Vulnerability in WAnewsletter 2.1.2: Remote Code Execution via id Parameter SQL Injection Vulnerability in Teams Component for Joomla! SQL Injection Vulnerability in eCal Module in E-Xoopport Samsara 3.1 and Earlier Arbitrary PHP Code Execution via Remote File Inclusion in Saurus CMS 4.7.0 SQL Injection Vulnerability in Elite Experts Component for Mambo and Joomla! Arbitrary SQL Command Execution Vulnerability in CamelcityDB Component for Joomla! SQL Injection Vulnerability in ALLPC 2.5 product_info.php Allows Remote Code Execution Arbitrary Script Injection in ALLPC 2.5 Advanced Search Result Page PHP Free Photo Gallery Script Remote File Inclusion Vulnerability Arbitrary Script Injection in FreiChat Components for Joomla! Arbitrary SQL Command Execution in TYPO3 Event Extension (event) Arbitrary Script Injection in xaJax Shoutbox Extension for TYPO3 Arbitrary SQL Command Execution in TYPO3 FE User Statistic Extension Arbitrary Code Execution Vulnerability in JW Calendar Extension for TYPO3 SQL Injection Vulnerability in xt:Commerce Gambio 2008 product_reviews_info.php SQL Injection Vulnerability in APBoard Developers APBoard 2.1.0 and Earlier (CVE-2006-3078) Arbitrary Web Script Injection in TYPO3 Questionnaire Extension Arbitrary SQL Command Execution in TYPO3 Questionnaire Extension (ke_questionnaire) SQL Injection Vulnerability in Prado Portal 1.2.0: Remote Code Execution via index.php SQL Injection Vulnerability in Pre Projects Pre Podcast Portal Login Feature Unspecified Cross-Site Scripting (XSS) Vulnerability in Branchenbuch Extension for TYPO3 Arbitrary SQL Command Execution in Webkit PDFs Extension for TYPO3 Arbitrary Command Execution Vulnerability in Webkit PDFs Extension for TYPO3 Arbitrary SQL Command Execution in Hulihan BXR 0.6.8 via order_by Parameter Arbitrary Command Execution via Password Field in D-Link DCS-2121 Camera Firmware 1.04 Hardcoded Root Password Vulnerability in D-Link DCS-2121 Camera Firmware 1.04 ATCOM Netvolution Default.asp Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in ATCOM Netvolution 2.5.6 Default.asp Arbitrary SQL Command Execution in webmaster-tips.net Flash Gallery (com_wmtpic) Component 1.0 for Joomla! SQL Injection Vulnerability in BrotherScripts (BS) Business Directory: Remote Code Execution via id Parameter Arbitrary SQL Command Execution in Wiki Web Help 0.28 via SQL Injection in handlers/getpage.php Arbitrary Script Injection Vulnerability in VideoWhisper PHP 2 Way Video Chat Component for Joomla! SQL Injection Vulnerability in YPNinc JokeScript's index.php Campsite 3.4.0 Search Feature Cross-Site Scripting (XSS) Vulnerability SQL Injection Vulnerability in info.php in BrotherScripts (BS) and ScriptsFeed Auto Dealer Arbitrary SQL Command Execution in Techjoomla SocialAds For JomSocial Component MetInfo 3.0 Search Box Cross-Site Scripting (XSS) Vulnerability Arbitrary SQL Command Execution in Canteen Component 1.0 for Joomla! CANDID image/view.php XSS vulnerability SQL Injection Vulnerability in CANDID's image/view.php Allows Remote Code Execution Arbitrary SQL Command Execution in iScripts ReserveLogic 1.0 via pid Parameter SQL Injection Vulnerability in trackads.php in YourFreeWorld Banner Management SQL Injection Vulnerability in My Kazaam Address & Contact Organizer Arbitrary SQL Command Execution in iScripts CyberMatch 1.0 via profile.php SQL Injection Vulnerability in My Kazaam Notes Management System's notes.php Allows Remote Code Execution XSS Vulnerability in My Kazaam Notes Management System's notes.php Arbitrary SQL Command Execution in Simple Document Management System (SDMS) via detail.php SQL Injection Vulnerability in KMSoft Guestbook (GBook) Default.asp Remote File Inclusion Vulnerability in Family Connections Who is Chatting 2.2.3 SQL Injection Vulnerability in Ziggurat Farsi CMS main.asp Allows Remote Code Execution SQL Injection Vulnerability in Joomla! Front-Edit Address Book Component SQL Injection Vulnerability in NinjaMonials Component for Joomla! SQL Injection Vulnerability in Payments Plus Component 2.1.5 for Joomla! SQL Injection Vulnerability in Eventcal Component 1.6.4 for Joomla! SQL Injection Vulnerability in Jobs Pro Component 1.6.4 for Joomla! SQL Injection Vulnerability in NeoRecruit Component 1.6.4 for Joomla! Arbitrary SQL Command Execution in esoftpro Online Guestbook Pro 5.1 SQL Injection Vulnerability in OlyKit Swoopo Clone 2010: Remote Code Execution via id Parameter ArdeaCore PHP Framework 2.2 PathForArdeaCore Parameter Remote File Inclusion Vulnerability SQL Injection Vulnerability in esoftpro Online Photo Pro 2.0 - Remote Code Execution via section parameter in index.php SQL Injection Vulnerability in MCLogin System 1.1 and 1.2 SQL Injection Vulnerability in esoftpro Online Contact Manager 3.0 - Remote Code Execution via id Parameter in view.php Arbitrary Script Injection in Exponent CMS Slideshow Module SQL Injection Vulnerability in AutarTimonial Component 1.0.8 for Joomla! SQL Injection Vulnerability in searchvote.php in 2daybiz Polls Script Cross-Site Scripting (XSS) Vulnerability in Rayzz Photoz's members/profileCommentsResponse.php Arbitrary SQL Command Execution in EMO Realty Manager via cat1 Parameter Arbitrary Web Script Injection Vulnerability in UTStats Beta 4 and Earlier SQL Injection Vulnerability in BrightSuite Groupware 5.4: Remote Code Execution via ContactID Parameter SQL Injection Vulnerability in UTStats Beta 4 and Earlier: Remote Code Execution via index.php Arbitrary Web Script Injection Vulnerability in SchoolMation 2.3 SQL Injection Vulnerability in SchoolMation 2.3: Remote Code Execution via session parameter SQL Injection Vulnerability in DaLogin 2.2 and 2.2.5 via id Parameter in new.php SQL Injection Vulnerability in Mckenzie Creations VRM 3.5: Remote Code Execution via Lid Parameter SQL Injection Vulnerability in standings.php in Elite Gaming Ladders 3.5 SQL Injection Vulnerability in view_photo.php in 2daybiz Network Community Script Arbitrary SQL Command Execution in Elite Gaming Ladders 3.5 and Earlier SQL Injection Vulnerability in stats.php in Elite Gaming Ladders 3.0 Arbitrary Web Script Injection Vulnerability in 2daybiz Online Classified Script SQL Injection Vulnerability in view_photo.php in 2daybiz Online Classified Script Remote SQL Injection Vulnerability in NetArt Media iBoutique 4.0 Arbitrary SQL Command Execution in Digital Interchange Document Library 5.8.5 via view_group.asp Arbitrary SQL Command Execution Vulnerability in JE Story Submit Component 1.4 for Joomla! Arbitrary SQL Command Execution in Digital Interchange Calendar 5.8.5 SQL Injection Vulnerability in CuteSITE CMS 1.2.3 and 1.5.0 via user_id Parameter in manage/add_user.php Arbitrary Script Injection in CuteSITE CMS 1.2.3 and 1.5.0 via fld_path Parameter SQL Injection Vulnerability in winners.php in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 Arbitrary Web Script Injection in Science Fair In A Box (SFIAB) 2.0.6 and 2.2.0 Arbitrary SQL Command Execution in JE Job Component 1.0 for Joomla! Arbitrary SQL Command Execution in Ecomat CMS 5.0 via index.php Arbitrary Web Script Injection Vulnerability in Ecomat CMS 5.0 Arbitrary Script Injection in fileNice 1.1 via Search Box (XSS Vulnerability) Arbitrary SQL Command Execution in BF Quiz (com_bfquiztrial) Component SQL Injection Vulnerability in ProductList.cfm in Fusebox 5.5.1 SQL Injection Vulnerability in iScripts EasyBiller 1.1 - Remote Code Execution via planid Parameter Arbitrary Script Injection in iScripts eSwap 2.0 search.php SQL Injection Vulnerability in addsale.php in iScripts eSwap 2.0 SQL Injection Vulnerability in SenseSites CommonSense CMS article.php Groone's Simple Contact Form PHP Remote File Inclusion Vulnerability SQL Injection Vulnerability in ScriptsFeed Recipes Listing Portal 1.0 Remote File Inclusion Vulnerability in NP_Gallery Plugin 0.94 for Nucleus SQL Injection Vulnerability in NP_Gallery Plugin 0.94 for Nucleus Arbitrary Script Injection in DJ-ArtGallery Component for Joomla! SQL Injection Vulnerability in DJ-ArtGallery Component 0.9.1 for Joomla! SQL Injection Vulnerability in Search Log Component 3.1.0 for Joomla! Smart ASP Survey - Cross-Site Scripting (XSS) Vulnerability in poll/default.asp Arbitrary Web Script Injection Vulnerability in ecoCMS admin.php SQL Injection Vulnerability in V-EVA Press Release Script's page.php Allows Remote Code Execution via id Parameter Arbitrary Script Injection in JoomlaTune JComments Component 2.1.0.0 SQL Injection Vulnerability in Zabbix 1.8.1 and Earlier: Remote Code Execution via events.php Arbitrary Web Script Injection in ManageEngine ADManager Plus 4.4.0 Arbitrary Script Injection in razorCMS 1.0 Stable via admin_func.php Arbitrary Web Script Injection Vulnerability in GetSimple CMS 2.01 Arbitrary SQL Command Execution Vulnerability in XOBBIX Component 1.0.1 for Joomla! Arbitrary Web Script Injection in JAMWiki Special:Login SQL Injection Vulnerability in Almnzm 2.1 index.php Allows Remote Code Execution GBU Facebook Component 1.0.5 for Joomla! SQL Injection Vulnerability SQL Injection Vulnerability in detResolucion.php in CMS Ariadna 1.1 SQL Injection Vulnerability in detResolucion.php in CMS Ariadna 1.1 SQL Injection Vulnerability in CMScout 2.0.8: Remote Code Execution via album parameter in photos action SQL Injection Vulnerability in NUs Newssystem 1.02 via id Parameter SQL Injection Vulnerability in RSStatic's index.php Allows Remote Code Execution via maxarticles Parameter SQL Injection Vulnerability in search.php in MH Products Kleinanzeigenmarkt SQL Injection Vulnerability in Virtual War (VWar) 1.6.1 R2 - Remote Code Execution via ratearticleselect Parameter Multiple Cross-Site Scripting (XSS) Vulnerabilities in Virtual War (VWar) 1.6.1 R2 Bypassing Member Restrictions and Reading News Posts in Virtual War 1.6.1 R2 Weak Seed Selection in createRandomPassword Function in Virtual War (VWar) 1.6.1 R2 Static Session Cookies in Virtual War (VWar) 1.6.1 R2 Allow Remote Attackers to Bypass Timeout and Logout Actions CSS Implementation Vulnerability in Opera 10.5: Information Disclosure via :visited Pseudo-class CSS Implementation Vulnerability in Google Chrome 4: Information Disclosure via :visited Pseudo-class Information Disclosure Vulnerability in Apple Safari 4's JavaScript Implementation Information Disclosure Vulnerability in Internet Explorer 8.0 and Earlier Information Disclosure Vulnerability in Opera 10.5's JavaScript Implementation Information Disclosure Vulnerability in Google Chrome 4's JavaScript Implementation Timing Attack Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Denial of Service Vulnerability in Avast! Internet Security 5.0 Korean Trial Wildcard IP Address Spoofing Vulnerability in QSslSocket Network Traffic Amplification Denial of Service Vulnerability in Quake3 Arena Sensitive Information Disclosure in SilverStripe Versions 2.3.x and 2.4.x Weak Entropy Vulnerability in SilverStripe 2.3.x and 2.4.x HTTP Referer Leakage in SilverStripe 2.3.x and 2.4.x Remote Code Execution Vulnerability in Mini-Stream RM-MP3 Converter 3.1.2.1 via Long URL in .pls File Color Control Panel Insecure Library Loading Vulnerability SQL Injection Vulnerability in PHP-Nuke 8.0 Web_Links Module Predictable Random Token Vulnerability in e107 CSRF Protection Cross-Site Request Forgery (CSRF) Vulnerabilities in Hulihan Amethyst 0.1.5 Arbitrary File Read Vulnerability in Bitweaver 2.7 and 2.8.1 Authentication Hijacking Vulnerability in SilverStripe 2.3.x and 2.4.x Cross-Site Request Forgery (CSRF) Vulnerabilities in SilverStripe 2.3.x and 2.4.x Unrestricted Access to Draft Pages in SilverStripe before 2.4.2 Remote Password Change Vulnerability in SilverStripe before 2.4.2 Arbitrary PHP Code Execution via File Extension Manipulation in SilverStripe CMS Plaintext Password Storage Vulnerability in SilverStripe 2.4.0 User Account Hijacking via Email Address in SilverStripe 2.3.x before 2.3.7 Unauthenticated Remote File Deletion Vulnerability in SilverStripe 2.3.x Arbitrary Script Injection in SilverStripe 2.3.x SQL Injection Vulnerabilities in MyBB (MyBulletinBoard) before 1.6.1 TYPO3 Cross-Site Scripting (XSS) Vulnerability in Click Enlarge Functionality TYPO3 Cross-Site Scripting (XSS) Vulnerability in FORM Content Object Arbitrary PHP File Access via FileDenyPattern Bypass in TYPO3 Arbitrary Web Script Injection in TYPO3 Install Tool TypoScript Setup Directory Traversal Vulnerability Arbitrary File Write Vulnerability in TYPO3 Unzip Library Arbitrary SQL Command Execution in TYPO3 List Module SQL Injection Vulnerability in TYPO3 4.2.x, 4.3.x, and 4.4.x Symlink Attack Vulnerability in Blender's Undo Save Quit Routine XML-RPC Remote Publishing Interface Vulnerability in WordPress OpenSSH Default Configuration Denial of Service Vulnerability Ticket Modification Vulnerability in Trac 0.11.6 Buffer Overflow Vulnerability in Yerase's TNEF Stream Reader Allows Remote Denial of Service Denial of Service Vulnerability in Poppler's DCTStream.cc Buffer Overflow Vulnerabilities in Echoping 6.0.2 TLS_readline and SSL_readline Functions Denial of Service Vulnerability in wxBitcoin and bitcoind before 0.3.5 Denial of Service Vulnerability in wxBitcoin and bitcoind 0.3.x via Multiple OP_CHECKSIG Script Opcodes Integer Overflow Vulnerability in wxBitcoin and bitcoind Allows Creation of Unauthorized Bitcoins Denial of Service Vulnerability in wxBitcoin and bitcoind Remote Code Execution Vulnerability in wxBitcoin and bitcoind Lack of Administrative Privileges Check in Chef Server API Allows Unauthorized User Account Management Local Privilege Escalation Vulnerability in McAfee VirusScan Enterprise 8.8 Bypassing Web Traffic Filtering and Monitoring via HTTP Via Header Denial of Service Vulnerability in Websense Web Security and Web Filter Bypassing Filtering in Websense Web Security and Web Filter Denial of Service Vulnerability in Websense Web Security and Web Filter Insecure Cookie Transmission in Websense Web Security and Web Filter Denial of Service Vulnerability in Websense Web Security and Web Filter Race condition vulnerability in 3D EQSecure Professional Edition 4.2 on Windows XP Race condition vulnerability in avast! Internet Security 5.0.462 on Windows XP Race condition vulnerability in AVG Internet Security 9.0.791 on Windows XP Race condition vulnerability in Avira Premium Security Suite 10.0.0.536 on Windows XP Race condition vulnerability in BitDefender Total Security 2010 13.0.20.347 on Windows XP Bypassing Kernel-Mode Hook Handlers in Blink Professional 4.6.1 on Windows XP Race condition vulnerability in CA Internet Security Suite Plus 2010 6.0.0.272 on Windows XP Race condition vulnerability in Comodo Internet Security before 4.1.149672.916 on Windows XP Race condition vulnerability in DefenseWall Personal Firewall 3.00 on Windows XP Race condition vulnerability in Dr.Web Security Space Pro 6.0.0.03100 on Windows XP Race condition vulnerability in ESET Smart Security 4.2.35.3 on Windows XP allows local users to bypass kernel-mode hook handlers Race condition vulnerability in F-Secure Internet Security 2010 10.00 build 246 on Windows XP Race condition vulnerability in G DATA TotalCare 2010 on Windows XP allows local users to bypass kernel-mode hook handlers Kaspersky Internet Security 2010 9.0.0.736 Race Condition Vulnerability Race condition vulnerability in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP Race condition vulnerability in Malware Defender 2.6.0 on Windows XP allows local users to bypass kernel-mode hook handlers Race condition vulnerability in McAfee Total Protection 2010 10.0.580 on Windows XP Race condition vulnerability in Norman Security Suite PRO 8.0 on Windows XP Race condition vulnerability in Symantec Norton Internet Security 2010 17.5.0.127 on Windows XP Race condition vulnerability in Online Armor Premium 4.0.0.35 on Windows XP Race condition vulnerability in Online Solutions Security Suite 1.5.14905.0 on Windows XP Kernel-mode hook bypass vulnerability in Outpost Security Suite Pro 6.7.3.3063.452.0726 and 7.0.3330.505.1221 BETA on Windows XP Race condition vulnerability in Panda Internet Security 2010 15.01.00 on Windows XP Race condition vulnerability in PC Tools Firewall Plus 6.0.0.88 on Windows XP Race condition vulnerability in Prevx 3.0.5.143 on Windows XP allows local users to bypass kernel-mode hook handlers Race condition vulnerability in PrivateFirewall 7.0.20.37 on Windows XP allowing local users to bypass kernel-mode hook handlers Race condition vulnerability in Security Shield 2010 13.0.16.313 on Windows XP Race condition vulnerability in Sophos Endpoint Security and Control 9.0.5 on Windows XP allows local users to bypass kernel-mode hook handlers Race condition vulnerability in ThreatFire 4.7.0.17 on Windows XP allows local users to bypass kernel-mode hook handlers Race condition vulnerability in Trend Micro Internet Security Pro 2010 17.50.1647.0000 on Windows XP Race condition vulnerability in VBA32 Personal 3.12.12.4 on Windows XP Race condition vulnerability in VIPRE Antivirus Premium 4.0.3272 on Windows XP allows local users to bypass kernel-mode hook handlers Race condition vulnerability in VirusBuster Internet Security Suite 3.2 on Windows XP Race condition vulnerability in Webroot Internet Security Essentials 6.1.0.145 on Windows XP ZoneAlarm Extreme Security 9.1.507.000 Race Condition Vulnerability Unvalidated X.509 Certificate Revocation in Comodo Internet Security Denial of Service Vulnerability in Comodo Internet Security Information Disclosure Vulnerability in SilverStripe 2.3.x and 2.4.x Information Disclosure Vulnerability in SilverStripe 2.3.x before 2.3.6 Arbitrary Command Execution via HTTPS Session in Blue Coat ProxySG Bypassing JavaScript Detection via HTML Entities in Blue Coat ProxySG Cross-Site Request Forgery (CSRF) Vulnerabilities in Blue Coat ProxyAV Appliance before 3.2.6.1 Arbitrary Web Script Injection in Blue Coat ProxySG Java Management Console Stack-based Buffer Overflow in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 ActiveX Control Stack-based Buffer Overflow in Image2PDF Function in Viscom Image Viewer CP Pro ActiveX Control Untrusted Search Path Vulnerability in Roxio MyDVD 9 Untrusted Search Path Vulnerability in KeePass Password Safe Untrusted Search Path Vulnerability in Pixia 4.70j Allows Privilege Escalation via Trojan Horse wintab32.dll File Untrusted Search Path Vulnerabilities in Intuit QuickBooks 2010 Untrusted Search Path Vulnerability in PhotoImpact X3 13.00.0000.0 Untrusted Search Path Vulnerability in KeePass Password Safe Untrusted Search Path Vulnerability in MAGIX Samplitude Producer 11 Untrusted Search Path Vulnerability in JetAudio 8.0.7.1000 Basic Untrusted Search Path Vulnerabilities in NCP Secure Enterprise Client, Secure Entry Client, and Secure Client - Juniper Edition Untrusted Search Path Vulnerabilities in IBM Lotus Symphony 1.3.0 Untrusted Search Path Vulnerabilities in e-press ONE Office Author Privilege Escalation via Untrusted Search Path Vulnerabilities in e-press ONE Office E-NoteTaker and E-Zip Untrusted Search Path Vulnerabilities in CelFrame Office 2008 Standard Edition Untrusted Search Path Vulnerabilities in Kingsoft Office 2010 Components Privilege Escalation via Untrusted Search Path Vulnerabilities in Nuance PDF Reader 6.0 Untrusted Search Path Vulnerability in Sorax Reader 2.0.3129.70 Untrusted Search Path Vulnerability in ALSee 6.20.0.1 Untrusted Search Path Vulnerability in Adobe LiveCycle Designer ES2 9.0.0.20091029.1.612548 Untrusted Search Path Vulnerability in Adobe LiveCycle Designer 8.2.1.3144.1.471865 Untrusted Search Path Vulnerability in Fotobook Editor 5.0 2.8.0.1 Untrusted Search Path Vulnerabilities in SWiSH Max3 3.0 2009.11.30 Untrusted Search Path Vulnerability in LINGO 11.0.1.6 and 12.0.2.20 Untrusted Search Path Vulnerabilities in TuneUp Utilities 2009 and 2010 Untrusted Search Path Vulnerability in Dupehunter 9.0.0.3911 Untrusted Search Path Vulnerability in SmartFTP 4.0.1140.0 Untrusted Search Path Vulnerability in MEO Encryption Software 2.02 Untrusted Search Path Vulnerability in STDU Explorer 1.0.201 Untrusted Search Path Vulnerability in Ease Jukebox 1.40 Untrusted Search Path Vulnerabilities in Phoenix Project Manager 2.1.0.8 Untrusted Search Path Vulnerability in Cool iPhone Ringtone Maker 2.2.3 Untrusted Search Path Vulnerability in Babylon 8.1.0 r16 Untrusted Search Path Vulnerabilities in Autodesk Design Review 2011 11.0.0.86 Untrusted Search Path Vulnerability in Opera before 10.62 Untrusted Search Path Vulnerability in RealPlayer SP 1.1.5 12.0.0.879 Untrusted Search Path Vulnerability in 010 Editor Untrusted Search Path Vulnerabilities in MicroStation 7.1 Untrusted Search Path Vulnerability in DivX Player 7.2.019 Untrusted Search Path Vulnerability in DivX Plus Player 8.1.0 Untrusted Search Path Vulnerability in Virtual DJ 6.1.2 Trial b301 Untrusted Search Path Vulnerabilities in Camtasia Studio 7.0.1 Build 57 Untrusted Search Path Vulnerability in IZArc Archiver 4.1.2 Untrusted Search Path Vulnerability in Roxio Easy Media Creator Home 9.0.136 Untrusted Search Path Vulnerability in CyberLink PowerDirector 7 Untrusted Search Path Vulnerability in CyberLink PowerDirector 8.00.3022 Untrusted Search Path Vulnerability in DAEMON Tools Lite and Pro Standard Untrusted Search Path Vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 Untrusted Search Path Vulnerabilities in Autodesk AutoCAD 2010 Untrusted Search Path Vulnerability in Sound Forge Pro 10.0b Build 474 Untrusted Search Path Vulnerabilities in Cyberlink Power2Go 7.0.0.0816 Untrusted Search Path Vulnerability in SiSoftware Sandra 2010 Lite 2010.7.16.52 Untrusted Search Path Vulnerability in PDF-XChange Viewer 2.0 Build 54.0 Untrusted Search Path Vulnerabilities in Maxthon Browser Allow Privilege Escalation Untrusted Search Path Vulnerability in QtWeb Browser 3.3 Build 043 Untrusted Search Path Vulnerability in UltraVNC 1.0.8.2 Untrusted Search Path Vulnerability in Sophos Free Encryption and Sophos SafeGuard PrivateCrypto Untrusted Search Path Vulnerability in Pthreads-win32 2.8.0 Untrusted Search Path Vulnerabilities in IBM Lotus Notes 8.5 Untrusted Search Path Vulnerability in HTTrack 3.43-9 Untrusted Search Path Vulnerability in WinImage 8.50 Untrusted Search Path Vulnerability in GFI Backup 3.1 Build 20100730 2009 Home Edition Untrusted Search Path Vulnerability in UltraISO 9.3.6.2750 Untrusted Search Path Vulnerability in CDisplay 1.8.1 ArchiCAD 13 and 14 Local Privilege Escalation Vulnerability Untrusted Search Path Vulnerability in Adobe Audition 3.0 Build 7283.0 Untrusted Search Path Vulnerabilities in IsoBuster 2.8 Untrusted Search Path Vulnerability in Agrin All DVD Ripper 4.0 Untrusted Search Path Vulnerability in SnowFox Total Video Converter 2.5.1 Untrusted Search Path Vulnerabilities in Gromada Multimedia Conversion Library 5.4.0 Untrusted Search Path Vulnerability in Sothink SWF Decompiler 6.0 Build 610 Untrusted Search Path Vulnerability in Prof-UIS Allows Privilege Escalation Untrusted Search Path Vulnerability in SmartSniff 1.71 Untrusted Search Path Vulnerability in VideoCharge Studio 2.9.0.632 Untrusted Search Path Vulnerability in MunSoft Easy Office Recovery 1.1 Untrusted Search Path Vulnerability in Amazon Kindle for PC 1.3.0 30884 Untrusted Search Path Vulnerability in Intel Threading Building Blocks (TBB) 2.2.013 Untrusted Search Path Vulnerabilities in Adobe Device Central CS4 2.0.0 0476 Altova MapForce 2011 Enterprise Edition SP1 Untrusted Search Path Privilege Escalation Vulnerability Untrusted Search Path Vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 Untrusted Search Path Vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 Untrusted Search Path Vulnerability in PKZIP Allows Privilege Escalation Arbitrary Web Script Injection Vulnerability in Memcache Admin Module for Drupal User Role Change Vulnerability in Memcache Module for Drupal Unspecified Access Restriction Bypass Vulnerability in Views Bulk Operations Module for Drupal Directory Traversal Vulnerability in MODx Revolution 2.0.2-pl Denial of Service Vulnerability in Virtual War (VWar) 1.6.1 R2 via article.php Arbitrary File Inclusion and Code Execution Vulnerability in Community Builder Enhanced (CBE) Component for Joomla Directory Traversal Vulnerability in CMScout 2.09 IBrowser TinyMCE Plugin 1.4.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in OpenText ECM 9.7.1 CSRF Vulnerability in OpenText ECM 9.7.1 Allows Remote Authentication Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in Collabtive 0.6.5 CSRF Vulnerability in Collabtive 0.6.5 Allows Unauthorized User Addition Arbitrary File Read Vulnerability in Jstore Component for Joomla! SQL Injection Vulnerability in Cornerstone Technologies webConductor's default.php Buffer Overflow Vulnerability in EDItran Communications Platform 4.1 R7 Buffer Overflow Vulnerability in INCREDISPOOLERLib.Pop ActiveX Control in IncrediMail 2.0 Authentication Bypass Vulnerability in Adobe ColdFusion (CVE-2013-0625) Improper Blacklisting Implementation in Amberdms Billing System (ABS) Allows for Brute-Force Attacks Information Disclosure in Amberdms Billing System (ABS) before 1.4.1 Bypassing Spam Restrictions in WordPress Blogroll via Crafted URL Arbitrary Web Script Injection in WordPress Filesystem Credentials Arbitrary Script Injection in WordPress Plugin Author Field Bypassing Access Restrictions in WordPress Multisite Configuration Persistent Access Restriction Bypass in WordPress Multisite Race condition vulnerability in OpenSSL's ssl3_read_bytes function allows for data injection and denial of service attacks in multithreaded environments Remote Code Execution Vulnerability in MicroP 0.1.1.1600 via Crafted .mppl File Stack-based Buffer Overflow in Jzip Allows Remote Code Execution Remote Code Execution Vulnerability in Kolibri 2.0 via Long URI in HEAD Request TimThumb PHP Script XSS Vulnerability Arbitrary Web Script Injection in TimThumb's displayError Function NULL Pointer Dereference Vulnerability in LibVNCServer Vulnerability: Unauthorized Access and Password Exposure in Rockwell PLC5/SLC5/0x/RSLogix Controllers Default Root Password Vulnerability in GE Healthcare Optima CT Scanners Weak Default Passwords in GE Healthcare Optima MR360 HIPAA Configuration Interface Unauthenticated Emergency Access Vulnerability in GE Healthcare Optima MR360 Default Password Vulnerability in GE Healthcare CADStream Server Unspecified Impact and Attack Vectors in GE Healthcare Revolution XQ/i Acquisition Workstation Arbitrary Script Injection via Title Option in jQuery UI Dialog Widget Race condition in Linux kernel before 2.6.38 allows L2 guest OS users to cause denial of service Arbitrary Web Script Injection in BEdita Controllers CSRF Vulnerabilities in BEdita Before 3.1 Allow Remote Authentication Hijacking Arbitrary Web Script Injection Vulnerability in SweetRice CMS Multiple SQL Injection Vulnerabilities in SweetRice CMS (before 0.6.7.1) Password Reset Vulnerability in SweetRice CMS before 0.6.7.1 Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Kandidat CMS 1.4.2 Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in MemHT Portal 4.0.1 Memory Leak Vulnerability in Linux Kernel's videobuf-core.c Arbitrary Script Injection in ZeusCart 4.0 and Earlier via Search Parameter Arbitrary Code Execution via Directory Traversal in Novell ZENworks Configuration Management (ZCM) 10 Directory Traversal Vulnerability in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 Heap-based Buffer Overflow in foomatic-rip: Remote Code Execution Unauthenticated Remote Code Execution Vulnerability in SAP NetWeaver Application Server Java Arbitrary Command Execution in Liferay Portal through 6.2.10 via Crafted Velocity Template Denial of Service Vulnerability in Linux Kernel's init_task.h Denial of Service Vulnerability in Linux Kernel's video_usercopy Function Command Injection Vulnerability in Ubiquiti Devices via GET Request to stainfo.cgi Buffer overflow vulnerability in Linux kernel before 2.6.34 in drivers/gpu/drm/radeon/atombios.c Out of Bounds Array Access in mlx4_register_vlan() and mlx4_register_mac() Functions Buffer Overflow Vulnerability in Integard Pro and Home Web Server IceWarp Webclient Directory Traversal Vulnerability IceWarp Webclient Directory Traversal Vulnerability Persistent XSS vulnerability in IceWarp Webclient before 10.2.1 via admin/login.html Cross-Site Scripting (XSS) Vulnerability in IceWarp Webclient before 10.2.1 Cross-Site Scripting (XSS) Vulnerability in IceWarp Webclient before 10.2.1 Cross-Site Scripting (XSS) Vulnerability in IceWarp Webclient before 10.2.1 Non-persistent XSS vulnerability in IceWarp Webclient before 10.2.1 via HTTP POST request