Vulnerability Index: Year 2011

Double Free Vulnerability in tgt daemon (tgtd) in Linux SCSI Target Framework (tgt) before 1.0.14 Cleartext Password Vulnerability in libuser Clickjacking Vulnerability in MediaWiki before 1.16.1 Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Piwik before 1.1 Arbitrary Script Injection Vulnerability in Joomla! 1.0.x through 1.0.15 Opportunistic Bypass of IMA Rules in Linux Kernel Vulnerability: Symlink Attack in pimd 2.1.5 and Earlier Versions Privilege Escalation via Sudoers File Interpretation Vulnerability Insecure Password Hashing in Best Practical Solutions RT 3.x and 4.x Bypassing Authentication Requirement via -g Option in sudo 1.7.x before 1.7.4p5 Vulnerability: Bypassing VNC Authentication in QEMU-KVM Arbitrary File Overwrite Vulnerability in SPICE Firefox Plug-in Cross-Site Scripting (XSS) Vulnerabilities in Apache Tomcat HTML Manager Interface OCSP Stapling Vulnerability in OpenSSL Denial of Service Vulnerability in Tor Memory Leakage Vulnerability in Tor Versions 0.2.1.29 and 0.2.2.x Symlink Attack Vulnerability in Exim 4.72 and Earlier Arbitrary Command Execution via Email Function in OpenVAS Manager Denial of Service Vulnerability in slapd (aka ns-slapd) in 389 Directory Server 1.2.7.5 Heap-based Buffer Overflow in Pango Library's pango_ft2_font_render_box_glyph Function Heap-based Buffer Overflows in CDG Decoder in VLC Media Player Insecure Permissions in 389 Directory Server Setup Scripts Heap-based Buffer Overflow in Wireshark pcapng.c Signature Verification Vulnerability in IcedTea Versions 1.7-1.9.5 DSN Overflow Vulnerability ADO Record Memory Vulnerability WordPad Converter Parsing Vulnerability Remote Desktop Insecure Library Loading Vulnerability CSRSS Elevation of Privilege Vulnerability Scripting Engines Memory Corruption Vulnerability DirectShow Insecure Library Loading Vulnerability OpenType Font Encoded Character Vulnerability OpenType Font Stack Overflow Vulnerability Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Uninitialized Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Privilege Escalation Vulnerability in Microsoft Malware Protection Engine Internet Explorer 8 Insecure Library Loading Vulnerability LSASS Length Validation Vulnerability Active Directory SPN Validation Vulnerability GDI+ Integer Overflow Vulnerability in Microsoft Windows and Office DVR-MS Parsing Vulnerability in Windows Media Player and Windows Media Center Kerberos Unkeyed Checksum Vulnerability Windows Kernel Integer Truncation Vulnerability Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Bugzilla CSS Injection Vulnerability in MediaWiki before 1.16.2 Cross-Site Scripting (XSS) Vulnerability in Bugzilla Directory Traversal Vulnerability in Majordomo 2 before 20110131 Arbitrary Web Script Injection in CGI:IRC NonJS Interface Improper Handling of Recursive eval Calls in Mozilla Firefox and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Remote Code Execution Vulnerability in Mozilla Firefox and SeaMonkey JavaScript Engine Use-after-free vulnerability in JSON.stringify method in Mozilla Firefox and SeaMonkey Remote Code Execution Vulnerability in Mozilla Firefox and SeaMonkey JavaScript Engine Web Workers Use-After-Free Remote Code Execution Vulnerability Buffer Overflow Vulnerability in Mozilla Firefox and SeaMonkey Cross-Site Request Forgery (CSRF) Vulnerability in Mozilla Firefox and SeaMonkey JPEG Image Buffer Overflow Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox and Thunderbird Directory Traversal Vulnerability in Majordomo 2 20110203 and Earlier Memory Reallocation Vulnerability in HarfBuzz Library Remote Code Execution Vulnerability in Mozilla Firefox and SeaMonkey Remote Code Execution Vulnerability in Mozilla Firefox and SeaMonkey Form Autocompletion Vulnerability in Mozilla Firefox and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary File Existence Disclosure Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Code Execution via Dangling Pointer in Mozilla Firefox and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified vulnerability in Java Embedding Plugin (JEP) in Mozilla Firefox and SeaMonkey on Mac OS X Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox 4.x Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox and Thunderbird Improper Implementation of Single-Session Security Exceptions in Mozilla Firefox 4.0.x through 4.0.1 Use-after-free vulnerability in nsSVGPathSegList::ReplaceItem function in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote attackers to cause denial of service or execute arbitrary code via user-supplied callback. Arbitrary Code Execution via Dangling Pointer in SVGTextElement.getCharNumAtPosition Use-after-free vulnerability in nsXULCommandDispatcher function in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote code execution via crafted XUL document Win32k Kernel-Mode Driver Privilege Escalation Vulnerability Win32k Insufficient User Input Validation Vulnerability Win32k Window Class Pointer Confusion Vulnerability Win32k.sys Kernel-Mode Driver Privilege Escalation Vulnerability Win32k Memory Corruption Vulnerability Kerberos Spoofing Vulnerability in Microsoft Windows Server 2008 R2 and Windows 7 Visio Object Memory Corruption Vulnerability Visio Data Type Memory Corruption Vulnerability Remote Code Execution via Use-After-Free Vulnerability in Microsoft Internet Explorer 6 and 7 MHTML Mime-Formatted Request Vulnerability Excel Integer Overrun Vulnerability Excel Heap Overflow Vulnerability Excel RealTimeData Record Parsing WriteAV Vulnerability Excel Memory Corruption Vulnerability Excel Buffer Overwrite Vulnerability Excel Data Initialization Vulnerability Office Component Insecure Library Loading Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Use-after-free vulnerability in setOuterText method in WebKit allows arbitrary code execution or denial of service Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Use-after-free vulnerability in WebKit Runin Box Functionality Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Denial of Service Vulnerability in MobileSafari on Apple iOS Improper Cookie Clearing in Safari Settings Allows Remote Tracking HTTP Basic Authentication Vulnerability in WebKit CSS Injection Vulnerability in WebKit Wi-Fi Frame Bounds Checking Vulnerability in Apple iOS and Apple TV Cache-Poisoning Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit HTML5 Drag and Drop Same Origin Policy Bypass Vulnerability in Apple Safari Arbitrary File Upload Vulnerability in Apple Safari Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Cross-Site Scripting (XSS) Vulnerability in WebKit Web Inspector in Apple Safari Heap-based Buffer Overflow in ImageIO in Apple iTunes on Windows Denial of Service Vulnerability in Apple Mac OS X 10.6 AirPort Format string vulnerabilities in AppleScript in Apple Mac OS X before 10.6.7 Heap-based Buffer Overflow in Apple Type Services (ATS) Allows Remote Code Execution Buffer Overflow Vulnerabilities in Apple Type Services (ATS) in Mac OS X Buffer Overflow Vulnerability in Apple Type Services (ATS) Allows Remote Code Execution Buffer Overflow Vulnerabilities in Apple Type Services (ATS) in Mac OS X World-readable directory vulnerability in FSFindFolder API in Apple Mac OS X before 10.6.7 Arbitrary Code Execution and Denial of Service Vulnerability in CoreText Integer Overflow Vulnerability in HFS File System on Apple Mac OS X Integer Overflow in ImageIO: Remote Code Execution and Denial of Service Vulnerability Privilege Escalation via i386_set_ldt System Call in Apple Mac OS X Integer Truncation Vulnerability in Libinfo of Apple Mac OS X Arbitrary Code Execution and Denial of Service Vulnerability in QuickLook Privilege Escalation via Format String Vulnerability in Application Firewall Debug-Logging Feature JPEG2000 Image Remote Code Execution Vulnerability in QuickTime Cross-Site Redirect Vulnerability in QuickTime Plug-In for Mac OS X Arbitrary Code Execution and Denial of Service Vulnerability in Ruby BigDecimal Class Vulnerability: Insecure SSH Protocol Version in Mac OS X Terminal Unspecified URL Processing Vulnerability in Apple Mac OS X Install Helper Buffer Overflow Vulnerability in LibTIFF 3.9.4 and Apple iTunes 10.2 and Earlier Buffer Overflow in Fax4Decode in LibTIFF 3.9.4 and Apple iTunes: Remote Code Execution and Denial of Service Buffer Overflow Vulnerabilities in Apple Mac OS X Image RAW Processing Integer Overflow in ImageIO in Mac OS X 10.6 before 10.6.7: Remote Code Execution and Denial of Service Vulnerability Information Disclosure Vulnerability in libxslt in Apple iOS 4.3.x before 4.3.2 Denial of Service Vulnerability in AirPort on Apple Mac OS X 10.5.8 Sensitive Information Exposure in App Store Log Files Apple Mac OS X Heap-based Buffer Overflow in Apple Type Services (ATS) Lack of CRL Checking for EV Certificates in Apple Mac OS X ColorSync Integer Overflow Vulnerability in Apple Mac OS X Buffer Overflow Vulnerability in CoreFoundation Framework in Apple Mac OS X Integer Overflow in CoreGraphics: Remote Code Execution and Application Crash via Crafted Type 1 Font in PDF Document Absolute Path Traversal Vulnerability in xftpd FTP Server Component in Apple Mac OS X Heap-based Buffer Overflow in ImageIO in Apple Mac OS X Heap-based Buffer Overflow in ImageIO in Apple Mac OS X Buffer Overflow Vulnerability in ICU Library in Apple Mac OS X Cleartext HTTP Session Vulnerability in MobileMe Mail Application Memory Corruption Vulnerability in QuickLook in Apple Mac OS X 10.6 before 10.6.8 QuickTime Integer Overflow Vulnerability in Mac OS X Memory Corruption and Application Crash Vulnerability in QuickTime for Apple Mac OS X QuickTime Integer Overflow Vulnerability XML External Entity (XXE) Vulnerability in servermgrd in Apple Mac OS X before 10.6.8 Buffer Overflow Vulnerability in QuickTime Allows Remote Code Execution or Denial of Service Untrusted Attribute Handling Vulnerability in CFNetwork of Apple Safari Re-entrancy Issue in Apple Safari Allows Arbitrary Code Execution via Crafted TIFF File Heap-based buffer overflow vulnerability in libxml in Apple Safari before 5.0.6 allows remote code execution or denial of service AutoFill Information Disclosure Vulnerability in Apple Safari Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Same Origin Policy Bypass in Apple Safari via Java Applet Font Loading Apple Bonjour Vulnerability: Crafted Multicast DNS Packet Crash Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Memory Corruption Vulnerability in CoreMedia on Apple Mac OS X 10.6.8 Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Integer Signedness Error in FreeType Library Allows Remote Code Execution Privilege Escalation Vulnerability in IOMobileFrameBuffer in Apple iOS SSL Server Spoofing Vulnerability in Apple iOS Out-of-Bounds Memory Access Vulnerability in Apple Type Services (ATS) Buffer Overflow in ATSFontDeactivate API in Apple Type Services (ATS) in Mac OS X before 10.7.2 Cookie Tracking Vulnerability in CFNetwork on Apple Mac OS X Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Heap-based Buffer Overflow in ImageIO in Apple Safari Arbitrary Script Injection via Username in Apple Safari WebKit Arbitrary File Reading Vulnerability in Apple Safari WebKit Buffer Overflow Vulnerability in Apple QuickTime 7.7: Remote Code Execution and Application Crash via Crafted PICT File Heap-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution via Crafted GIF File Stack-based buffer overflows in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability Stack-based Buffer Overflow in QuickTime ActiveX Control Heap-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution Heap-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution Heap-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution Heap-based Buffer Overflow in Apple QuickTime Allows Remote Code Execution Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit QuickTime Integer Overflow Vulnerability Integer Signedness Error in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability Arbitrary Code Execution and Denial of Service Vulnerability in Apple QuickTime on Windows Arbitrary Code Execution and Denial of Service Vulnerability in CoreFoundation Keystroke Bypass Vulnerability in Apple Mac OS X 10.7 Arbitrary Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Arbitrary Code Execution via Buffer Overflow in HP OpenView Network Node Manager Stack-based buffer overflows in OVAS.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Buffer Overflow Vulnerabilities in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Format String Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 Command Injection Vulnerability in HP OpenView Network Node Manager (OV NNM) CGI Scripts Remote Code Execution Vulnerability in HP LoadRunner 9.52 via HttpTunnel Feature Buffer Overflow in HP OpenView Storage Data Protector Cell Manager 6.11 Arbitrary Web Script Injection Vulnerability in HP Business Availability Center (BAC) and Business Service Management (BSM) Unspecified Denial of Service Vulnerability in HP OpenView Storage Data Protector Hidden Account Vulnerability in HP OpenView Performance Insight Server CSRF Vulnerability in HP Power Manager (HPPM) Allows Unauthorized Account Creation Unspecified Local Access Bypass Vulnerability in HP Web Jetadmin 10.2 Service Release 3 and 4 Authentication Bypass Vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software (DSS) 4.91.00 Multiple Cross-Site Scripting (XSS) Vulnerabilities in HP Power Manager (HPPM) 4.3.2 and Earlier Denial of Service Vulnerability in MIT Kerberos 5 KDC with LDAP Backend Denial of Service Vulnerability in MIT Kerberos 5 Key Distribution Center (KDC) with LDAP Backend Denial of Service Vulnerability in MIT Kerberos 5 Key Distribution Center (KDC) Double Free Vulnerability in MIT Kerberos 5 (krb5) 1.7-1.9 with PKINIT Feature Remote Code Execution and Denial of Service Vulnerability in MIT Kerberos 5 Arbitrary Web Script Injection Vulnerability in BlackBerry Web Desktop Manager Unspecified Remote File Read and Denial of Service Vulnerability in BlackBerry Administration API Arbitrary User Account Access Vulnerability in BlackBerry Collaboration Service Privilege Escalation Vulnerability in BlackBerry PlayBook Tablet Buffer Overflow Vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.4 Buffer Over-read Vulnerability in IBM Java Heap-based Buffer Overflow in IBM WebSphere MQ 6.0 and 7.0 Arbitrary Web Script Injection Vulnerability in IBM WebSphere Application Server Unrestricted Access to Administrative Console Servlets in IBM WebSphere Application Server Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-0321) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-0321) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-0321) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-2123) Spoofed Localhost IP Address Vulnerability in EMC NetWorker Unspecified Remote Resource Access Vulnerability in EMC RSA Access Manager Server Arbitrary Code Execution via Topaz Systems SigPlus Pro ActiveX Control Heap-based Buffer Overflow Vulnerabilities in Topaz Systems SigPlus Pro ActiveX Control Arbitrary File Read Vulnerability in DellSystemLite.Scanner ActiveX Control Arbitrary WMI Query Language (WQL) Execution in DellSystemLite.Scanner ActiveX Control Honeywell ScanServer ActiveX Control Use-After-Free Remote Code Execution Vulnerability Arbitrary Code Execution via Integer Overflow in Foxit Reader and Phantom Heap-based Buffer Overflow in NgwiCalVTimeZoneBody::ParseSelf Function in GroupWise Internet Agent (GWIA) Stack-based Buffer Overflow in GroupWise Internet Agent (GWIA) Allows Remote Code Execution Unspecified Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-0321) Multiple buffer overflows in ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 Remote Code Execution Vulnerability in MuPDF Plug-in for Firefox Buffer overflow vulnerabilities in InduSoft ISSymbol ActiveX Control Insecure Permissions Vulnerability in Balabit syslog-ng Arbitrary Code Execution via Stack-Based Buffer Overflows in Alcatel-Lucent OmniPCX Enterprise Directory Traversal Vulnerability in Alcatel-Lucent OmniVista 4760 R5.1.06.03 and Earlier MSHTML Use-After-Free Vulnerability Remote Code Execution Vulnerability in Microsoft Internet Explorer on Windows XP Bypassing Access and Billing Restrictions in Cisco Content Services Gateway Second Generation (CSG2) Denial of Service Vulnerability in Cisco IOS 12.4(24)MD on Cisco CSG2 Denial of Service Vulnerability in Cisco IOS 12.4(24)MD on Cisco Content Services Gateway Second Generation (CSG2) Buffer Overflow Vulnerability in Cisco Linksys WRT54GC Router Firmware Blank Password Vulnerability in Cisco Tandberg C Series and Personal Video Units Denial of Service Vulnerability in Cisco Nexus 1000V Virtual Ethernet Module Arbitrary File Creation and Code Execution Vulnerability in Cisco Security Agent Management Console Command Injection Vulnerability in Cisco TelePresence Endpoint Devices Command Injection Vulnerability in Cisco TelePresence Endpoint Devices Command Injection Vulnerability in Cisco TelePresence Endpoint Devices Command Injection Vulnerability in Cisco TelePresence Endpoint Devices Cisco TelePresence Endpoint TFTP Information Disclosure Vulnerability Denial of Service Vulnerability in Cisco TelePresence Endpoint Devices (Bug ID CSCth03605) Cisco TelePresence Endpoint Devices XML-RPC Command Injection Vulnerability Cisco Adaptive Security Appliances (ASA) 5500 Series Devices and Cisco TelePresence Devices Buffer Overflow Vulnerability Authentication Bypass Vulnerability in Cisco TelePresence Manager (Bug ID CSCtc59562) Cisco TelePresence Manager Remote Command Injection Vulnerability Command Injection Vulnerability in Cisco TelePresence Recording Server Devices Unauthenticated Remote Code Execution in Cisco TelePresence Recording Server and CTMS Devices Unauthenticated Remote Code Execution in Cisco TelePresence Multipoint Switch (CTMS) Devices (CSCtf01253) Arbitrary File Creation and Code Execution Vulnerability in Cisco TelePresence Recording Server and Cisco TelePresence Multipoint Switch Arbitrary Code Execution via Malformed XML-RPC Request on Cisco TelePresence Recording Server (Bug ID CSCti50739) Denial of Service Vulnerability in Cisco TelePresence Multipoint Switch (CTMS) Administrative Web Interface (Bug ID CSCtf97164) Remote Access Denial of Service Vulnerability in Cisco TelePresence Recording Server and Cisco TelePresence Multipoint Switch Denial of Service Vulnerability in Cisco TelePresence Multipoint Switch (CTMS) Devices (Bug ID CSCth60993) Denial of Service Vulnerability in Cisco TelePresence Multipoint Switch (CTMS) XML-RPC Implementation (CSCtj44534) Denial of Service Vulnerability in Cisco TelePresence Recording Server Devices (Bug ID CSCtf97205) Unauthenticated XML-RPC Interface Access in Cisco TelePresence Recording Server Software 1.6.x Denial of Service Vulnerability in Cisco ASA and PIX Devices with Transparent Firewall Mode Denial of Service vulnerability in Cisco ASA, PIX, and FWSM devices via malformed SCCP message Denial of Service Vulnerability in Cisco ASA 5500 Series Devices with RIP Protocol and Cisco Phone Proxy Configuration (CSCtg66583) Arbitrary File Read Vulnerability in Cisco ASA 5500 Series Devices IP Spoofing Vulnerability in Piwik Clickjacking Vulnerability in Piwik before 1.1 Insecure Session Cookie Transmission in Piwik Piwik before 1.1 Denial of Service Vulnerability Symlink Attack Vulnerability in dpkg-source Untrusted Search Path Vulnerability in ImgBurn.exe Allows Arbitrary Code Execution and DLL Hijacking Stack-based Buffer Overflow in NetSupport Manager Agent for Linux, Solaris, and Mac OS X Arbitrary File Read Vulnerability in PhpGedView 4.2.3 Heap-based Buffer Overflow in WellinTech KingView 6.53 HistorySvr.exe SQL Injection Vulnerability in Phenotype CMS 3.0 Store Function Buffer overflow vulnerability in pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service or execute arbitrary code via a crafted palette-based PNG image. Cleartext Credentials Vulnerability in CollabNet ScrumWorks Basic 1.8.4 STARTTLS Implementation Vulnerability in Postfix SMTP Server Unencrypted Back-out Patch Files in Oracle Solaris Allow Password Hash Theft and Brute Force Attacks Denial of Service Vulnerability in ISC DHCPv6 Server Denial of Service Vulnerability in ISC BIND 9.7.1 through 9.7.2-P3 Denial of Service Vulnerability in Pure-FTPd and NetBSD 5.1 Stack Consumption Vulnerability in APR and libc's fnmatch Implementation Denial of Service Vulnerability in Intl Extension for PHP 5.3.5 PHP Zip Extension Denial of Service Vulnerability Default Password Vulnerability in PolyVision RoomWizard Firmware 3.2.3 Arbitrary File Read Vulnerability in VMware vCenter Server and VirtualCenter Heap-based Buffer Overflow Vulnerability in Tor Insufficient Comment Checking in ikiwiki Allows for Cross Site Scripting (XSS) Vulnerability Double Free Vulnerability in OpenAFS Rx Server Process Denial of Service Vulnerability in OpenAFS Kernel Module SQL Injection Vulnerabilities in PyWebDAV MySQLAuthHandler Heap-based Buffer Overflow in t1lib's linetoken function SQL Injection Vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 Unauthenticated Access to Bandwidth Information in Domain Technologie Control (DTC) Cleartext Password Exposure in Domain Technologie Control (DTC) Arbitrary Account Deletion Vulnerability in Domain Technologie Control (DTC) Authentication Bypass Vulnerability in nss-pam-ldapd 0.8.0 PAM Module Mahara 1.2.x and 1.3.x XSS Vulnerability in Pieforms Select Box CSRF Vulnerability in Mahara Allows Arbitrary User Authentication Hijacking for Blog Deletion Arbitrary File Deletion Vulnerability in Debian GNU/Linux /etc/cron.d/php5 Cron Job Cleartext Transmission Vulnerability in EMC Avamar 5.x SQL Injection Vulnerability in tinyBB 1.2 Allows Remote Code Execution Buffer Overflow Vulnerability in Wireshark MAC-LTE Dissector Denial of Service Vulnerability in Wireshark ASN.1 BER Dissector Cross-Site Scripting (XSS) Vulnerabilities in Ruby on Rails Mail_to Helper Cross-Site Request Forgery (CSRF) Vulnerability in Ruby on Rails SQL Injection Vulnerability in Ruby on Rails 3.0.x before 3.0.4 Case-insensitive Filesystem Vulnerability in Action View Template Resolver Arbitrary Code Execution via Downloads Manager in Opera Multiple Cross-Site Scripting (XSS) Vulnerabilities in EC-CUBE before 2.4.4 Untrusted Search Path Vulnerability in Lunascape Script Function Unauthenticated Access to Sensitive Information in F-Secure Internet Gatekeeper for Linux Remote Code Execution Vulnerability in SEIL/x86, SEIL/B1, SEIL/X1, SEIL/X2, SEIL/Turbo, and SEIL/neu 2FE Plus Routers Arbitrary Web Script Injection Vulnerability in Things BBS and BBS Thread Command Injection Vulnerability in webscript.pl in OTRS 2.3.4 and Earlier Arbitrary Web Script Injection Vulnerability in e107 0.7.22 and Earlier Untrusted Search Path Vulnerability in Google Picasa's Locate on Disk Feature Arbitrary Web Script Injection Vulnerability in Cyber-Ark Password Vault Web Access Local Privilege Escalation via Symlink Attack in kbd init script Arbitrary File Overwrite Vulnerability in boot.localfs Cross-Site Scripting (XSS) Vulnerabilities in SUSE openSUSE Build Service (OBS) Login Page Uninitialized Disk Information Disclosure Vulnerability in OCFS2 Subsystem Unspecified Remote Code Execution Vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 Arbitrary Command Execution in xrdb.c Bypassing Write-Access Restrictions in SUSE openSUSE Build Service (OBS) API SQL Injection Vulnerability in SUSE Studio Onsite and SUSE Studio Onsite 1.1 Appliance Privilege Escalation via Shell Metacharacters in aaa_base Package OpenSUSE open build service 2.1 Source Services Code Injection Vulnerability Denial of Service Vulnerability in Google Chrome and Chrome OS Pointer Mishandling Vulnerability in Google Chrome and Chrome OS Denial of Service Vulnerability in Google Chrome and Chrome OS CSS Token Sequence Vulnerability in Google Chrome and Chrome OS CSS Token Sequence Handling Vulnerability in Google Chrome and Chrome OS Use-after-free vulnerability in Google Chrome and Chrome OS allows remote attackers to cause denial of service or other impact via a malicious PDF document Denial of Service and Memory Corruption Vulnerability in Google Chrome and Chrome OS Video Frame Size Mismatch Vulnerability in Google Chrome and Chrome OS Stale Pointer Vulnerability in Google Chrome and Chrome OS Uninitialized Pointer Denial of Service Vulnerability in Google Chrome and Chrome OS Buffer overflows in Vorbis decoder in FFmpeg leading to memory corruption and application crash Buffer Overflow Vulnerability in Google Chrome and Chrome OS Allows Remote Attackers to Cause Denial of Service or Other Impact via PDF Shading Vectors Unspecified Variable Cast Vulnerability in Google Chrome and Chrome OS Unspecified Variable Cast Vulnerability in Google Chrome and Chrome OS DOM Node Removal Vulnerability in Google Chrome and Chrome OS Remote Code Execution via Stale Pointer in Google Chrome and Chrome OS Arbitrary Web Script Injection Vulnerability in IBM Cognos 8 Business Intelligence (BI) 8.4.1 ICQ 7 Automatic Update Mechanism Arbitrary Code Execution Vulnerability Stack-based Buffer Overflow in InduSoft NTWebServer.exe Unauthenticated Remote Command Execution in Objectivity/DB 10.0 Server Components Denial of Service Vulnerability in Tor Versions 0.2.1.29 and 0.2.2.x Memory Allocation Vulnerability in Tor Denial of Service Vulnerability in Tor Versions 0.2.1.29 and 0.2.2.x Denial of Service Vulnerability in Tor Versions 0.2.1.29 and 0.2.2.x Unspecified Directory Traversal Vulnerability in IBM Tivoli Access Manager for e-business Stack-based Buffer Overflow in ast_uri_encode function in Asterisk Open Source versions before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2 and Business Edition before C.3.6.2 Arbitrary Code Execution Vulnerability in Sybase EAServer Sybase EAServer Directory Traversal Vulnerability Nokia Multimedia Player Buffer Overflow Vulnerability Buffer Overflow in VideoSpirit Pro and VideoSpirit Lite Buffer Overflow in VideoSpirit Pro and VideoSpirit Lite Allows Arbitrary Code Execution Music Animation Machine MIDI Player 2006aug19 Release 035 Stack-based Buffer Overflow Vulnerability Denial of Service Vulnerability in Music Animation Machine MIDI Player 2006aug19 Release 035 CSRF Vulnerability in VaM Shop 1.6 and Earlier Versions Allows Remote Authentication Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in VaM Shop 1.6 and Earlier Versions Arbitrary File Inclusion Vulnerability in Zwii 2.1.1 Directory Traversal Vulnerability in AxDCMS 0.1.1: Remote Code Execution via aXconf[default_language] Parameter Denial of Service Vulnerability in Blackmoon FTP 3.1 Build 1735 and Build 1736 Cross-site scripting (XSS) vulnerability in Contao CMS 2.9.2 and earlier versions Arbitrary Script Injection Vulnerability in Vaadin 6.4.9 and Earlier SQL Injection Vulnerability in AWBS 2.9.2: Remote Code Execution via cart.php Arbitrary SQL Command Execution Vulnerability in allCineVid Component for Joomla! SQL Injection Vulnerability in Teams Structure Module 3.0 for PHP-Fusion Arbitrary Code Execution Vulnerability in SecurStar DriveCrypt DCR.sys Driver Denial of Service Vulnerability in HP Data Protector Manager 6.11 Denial of Service Vulnerability in Kingsoft AntiVirus 2011 SP5.2 SQL Injection Vulnerability in E-PROMPT C BetMore Site Suite 4.0 through 4.2.0 Remote Code Execution Vulnerability in Sielco Sistemi Winlog Pro 2.07.00 and Earlier Arbitrary File Inclusion Vulnerability in LotusCMS Fraise 3.0 SQL Injection Vulnerability in Gallarific PHP Photo Gallery Script 2.1 Heap-based Buffer Overflow in compress_add_dlabel_points function in MaraDNS Memory Corruption Vulnerability in Linux Kernel's dvb_ca_ioctl Function Arbitrary Code Execution Vulnerability in VLC Media Player Subtitle Decoders File Read Vulnerability in Gypsy 0.8 Multiple Buffer Overflows in NMEA Parser of gypsy 0.8 CSRF Vulnerability in Batavi before 1.0 Arbitrary Script Injection in Vanilla Forums' index.php Obfuscated Password Vulnerability in VMware vFabric tc Server Unrestricted Access to Node Resources in Puppet 2.6.0 through 2.6.3 Weborf before 0.12.5 Vulnerability: Denial of Service (DOS) via Malformed HTTP Fields Buffer Overflow in Network Block Device (NBD) Server Allows Remote Code Execution Memory Corruption and Arbitrary Command Execution Vulnerability in VLC Media Player MKV Demuxer Plugin Privilege Escalation via LD_LIBRARY_PATH Vulnerability in 389 Directory Server 1.2.x Cross-site scripting (XSS) vulnerability in Apache Continuum and Archiva allows remote code injection via crafted parameter Apache Tomcat NIO HTTP Connector Denial of Service Vulnerability CSRF Vulnerability in Zikula Users Module Allows Privilege Hijacking Untrusted Search Path Vulnerabilities in Modified GNU C Library (glibc) Arbitrary Local File Inclusion Vulnerabilities in MediaWiki 1.8.0 and Earlier Versions Uninitialized Pointer Vulnerability in Wireshark Uninitialized Nonce Field in OpenSSH Key Certification Function Local Privilege Escalation: Arbitrary Directory Unmount via Symlink Attack in fuse 2.8.5 and earlier Unprivileged Arbitrary Directory Unmount Vulnerability in fusermount Symlink Attack Vulnerability in fusermount XSS Vulnerability in phpBB 3.0.x-3.0.6 via [flash] BB Tag CSRF Vulnerability in Symantec LiveUpdate Administrator (LUA) Allows Unauthorized Account Creation Unvalidated Identity Information in Symantec Backup Exec Allows for Man-in-the-Middle Attacks Multiple Integer Overflows in Veritas Enterprise Administrator Service in Symantec Veritas Storage Foundation and NetBackup PureDisk Buffer Overflow in Lotus Freelance Graphics PRZ File Viewer in Autonomy KeyView SQL Injection Vulnerability in Symantec Web Gateway 4.5.x Management GUI Multiple Cross-Site Scripting (XSS) Vulnerabilities in Symantec Endpoint Protection Manager CSRF Vulnerability in Symantec Endpoint Protection Manager Allows Account Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in Symantec IM Manager SQL Injection Vulnerability in Symantec IM Manager Management Console (Version < 8.4.18) Code Injection Vulnerability in Symantec IM Manager Heap Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Shockwave Player Adobe Shockwave Player Integer Overflow Vulnerability Arbitrary Code Execution via Integer Overflow in Adobe Flash Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player (CVE-2011-0609) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player (CVE-2011-0559) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player (CVE-2011-0609) Untrusted Search Path Privilege Escalation Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Weak Permissions Vulnerability in Adobe Reader and Acrobat Unspecified vulnerability in Adobe Reader and Acrobat versions 8.x, 9.x, and 10.x on Windows and Mac OS X Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption in Adobe Reader and Acrobat Unspecified vulnerability in Adobe Reader and Acrobat on Mac OS X Buffer Overflow Vulnerability in Adobe Shockwave Player's Font Xtra.x32 Module Untrusted Search Path Privilege Escalation Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player (CVE-2011-0609) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player (CVE-2011-0609) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player (CVE-2011-0609) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player (CVE-2011-0609) Untrusted Search Path Vulnerability in Adobe Flash Player Arbitrary Code Execution Vulnerability in Adobe Flash Player via Crafted Font Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player (CVE-2011-0609) Information Disclosure Vulnerability in Adobe Flash Player Cross-Site Scripting (XSS) Vulnerabilities in Adobe ColdFusion Administrator Console CRLF Injection Vulnerabilities in Adobe ColdFusion 8.0 through 9.0.1 Unspecified Information Disclosure Vulnerability in Adobe ColdFusion Administrator Console Arbitrary Web Script Injection via cfform Tag in Adobe ColdFusion 8.0 through 9.0.1 Session Fixation Vulnerability in Adobe ColdFusion 8.0 through 9.0.1 Unspecified vulnerability in Adobe Reader and Acrobat versions 8.x, 9.x, and 10.x on Windows and Mac OS X Unspecified Input Validation Vulnerability in Adobe Reader and Acrobat Arbitrary Web Script Injection Vulnerability in Adobe Reader and Acrobat Untrusted Search Path Privilege Escalation Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Buffer overflow vulnerability in Adobe Reader and Acrobat versions 8.x, 9.x, and 10.x on Windows and Mac OS X via crafted Universal 3D (U3D) file. Buffer overflow vulnerability in Adobe Reader and Acrobat versions 8.x, 9.x, and 10.x on Windows and Mac OS X Buffer overflow vulnerability in Adobe Reader and Acrobat versions 8.x, 9.x, and 10.x on Windows and Mac OS X via crafted Universal 3D (U3D) file. Arbitrary Code Execution Vulnerability in Adobe Reader and Acrobat Buffer overflow vulnerability in Adobe Reader and Acrobat versions 8.x, 9.x, and 10.x on Windows and Mac OS X Heap-based buffer overflow in Adobe Reader and Acrobat allows remote attackers to execute arbitrary code via a crafted bitmap image. Integer Overflow in ACE.dll in Adobe Reader and Acrobat: Remote Code Execution Vulnerability Arbitrary Code Execution via Crafted Image in Adobe Reader and Acrobat Memory corruption vulnerability in U3D component of Adobe Reader and Acrobat Arbitrary Code Execution via Crafted JP2K Record Types in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat versions 8.x, 9.x, and 10.x on Windows and Mac OS X Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat on Mac OS X Stack-based Buffer Overflow in rt3d.dll in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player (CVE-2011-0559) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player (CVE-2011-0608) Unspecified Remote Code Execution Vulnerability in Adobe Flash Player and Adobe Reader Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Flash Player, Adobe AIR, Adobe Reader, and Adobe Acrobat XML Data Corruption Denial of Service Vulnerability in Adobe Flash Media Server (FMS) Cross-Site Scripting (XSS) Vulnerabilities in RoboHelp 7 and 8, and RoboHelp Server 7 and 8 Buffer Overflow Vulnerability in Adobe Audition 3.0.1 and Earlier Buffer Overflow Vulnerabilities in Adobe Audition 3.0.1 and Earlier Arbitrary Code Execution Vulnerability in Adobe Flash Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player Arbitrary Code Execution Vulnerability in Adobe Flash Player Arbitrary Code Execution Vulnerability in Adobe Flash Player Arbitrary Code Execution Vulnerability in Adobe Flash Player Arbitrary Code Execution Vulnerability in Adobe Flash Player Remote Code Execution Vulnerability in Adobe Flash Player Arbitrary Code Execution via Integer Overflow in Adobe Flash Player CSRF Vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 LWP Net::HTTPS Module SSL Certificate Validation Vulnerability Static Code Injection Vulnerability in Simploo CMS 1.7.1 and Earlier Uninitialized Pinned Memory Vulnerability in NVIDIA CUDA Toolkit 3.2 Developer Drivers Denial of Service Vulnerability in IBM AIX 6.1 FC SCSI Protocol Driver Insufficient Warning for USB HID Functionality Enables Arbitrary Program Execution Insufficient Warning for USB HID Functionality Enables Arbitrary Program Execution on Apple Mac OS X Default udev Configuration on Linux Allows Execution of Arbitrary Programs via Crafted USB Data Multiple Cross-Site Scripting (XSS) Vulnerabilities in StatPressCN Plugin 1.9.0 for WordPress CSRF Vulnerability in N-13 News Allows Remote User Creation CSRF Vulnerability in PHP Link Directory (phpLD) 4.1.0 Allows Unauthorized Administrator Addition SQL Injection Vulnerability in PHPCMS 2008 V2: Remote Code Execution via modelid Parameter SQL Injection Vulnerability in PHPCMS 2008 V2 data.php Allows Remote Code Execution SQL Injection Vulnerability in viewfaqs.php in PHP LOW BIDS Arbitrary Command Execution Vulnerability in EMC Replication Manager Client and NetWorker Module for Microsoft Applications Unspecified Privilege Escalation Vulnerability in EMC Avamar Unspecified Local Privilege Escalation Vulnerabilities in TIBCO Rendezvous, EMS, TRA, Silver BPM, Silver CAP, and Silver BusinessWorks Services on Unix Systems CSRF Vulnerability in Greenbone Security Assistant (GSA) Allows Authentication Hijacking Buffer Overflow in Icon Labs Iconfidant SSL Server Allows Remote Code Execution Denial of Service Vulnerability in Look 'n' Stop Firewall 2.06p4 and 2.07 XSS in SharePoint Calendar Vulnerability Browser Pool Corruption Vulnerability in Microsoft Windows Floating Point Techno-color Time Bandit RCE Vulnerability Persist Directory RCE Vulnerability in Microsoft PowerPoint DNS Query Vulnerability in Microsoft Windows XP, Server 2003, Vista, Server 2008, and Windows 7 OLE Automation Underflow Vulnerability SMB Client Response Parsing Vulnerability SMB Transaction Parsing Vulnerability Win32k Use After Free Vulnerability in Microsoft Windows Scripting Memory Reallocation Vulnerability .NET Framework Array Offset Vulnerability Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Null Pointer Dereference Vulnerability Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability Arbitrary Code Execution via Unrestricted File Upload in Lomtec ActiveWeb Professional 3.0 Sensitive Information Disclosure in IBM WebSphere Portal Improper Draft Cache Management in Android Mms Application Allows Unauthorized Access to SMS Messages CSS Extensions for XML Implementation in Opera before 11.01 Allows Bypass of CSS Filtering via Crafted URL Opera DLL Integer Truncation Vulnerability Clickjacking Vulnerability in Opera Browser Remote File Access Vulnerability in Opera Browser Insecure Clearing of Email Account Passwords in Opera Unspecified Denial of Service Vulnerability in Opera 11.01 Denial of Service Vulnerability in Opera's WAP Dropdown Lists Implementation Arbitrary Command Execution in Intel Alert Management System (AMS) Predictable Temporary File Names Vulnerability in RealPlayer Race condition in cm_work_handler function in InfiniBand driver leads to denial of service vulnerability in Linux kernel 2.6.x Cross-Site Request Forgery (CSRF) vulnerability in Django 1.1.x and 1.2.x Arbitrary Web Script Injection Vulnerability in Django File Uploads Directory Traversal Vulnerability in Django 1.1.x and 1.2.x on Windows Integer Signedness Error in btrfs_ioctl_space_info Function in Linux Kernel 2.6.37 Cross-Site Scripting (XSS) Vulnerabilities in WordPress 3.0.5 Unauthorized Access to Draft and Private Posts via Modified Attachment ID in WordPress Media Uploader Symlink Attack Vulnerability in feh_unique_filename Function Arbitrary Command Execution Vulnerability in gksu-polkit before 0.0.3 Denial of Service Vulnerability in 389 Directory Server 1.2.7.5 with Mozldap Privilege Escalation Vulnerability in JNLPClassLoader Class Cross-Site Scripting (XSS) Vulnerabilities in GNU Mailman 2.1.14 and Earlier Buffer Over-read Vulnerability in PHP Exif Extension Denial of Service Vulnerability in Linux Kernel's br_mdb_ip_get Function Information Disclosure Vulnerability in Linux Kernel on s390 Platform Uninitialized Structure Member Vulnerability in xfs_fs_geometry Function Buffer overflow vulnerabilities in caiaq Native Instruments USB audio functionality in Linux kernel Heap-based Buffer Overflow in Wireshark DCT3 Trace File Parsing Remote Denial of Service Vulnerability in Red Hat Patch for RPC Server Sockets Functionality in Linux Kernel 2.6.32 on RHEL 6 Denial of Service Vulnerability in mod_dav_svn Module of Apache Subversion Denial of Service Vulnerability in Linux Kernel's br_multicast_add_group Function Session Fixation Vulnerability in Red Hat Network (RHN) Satellite Server 5.4 Brute Force Password Guessing Vulnerability in Red Hat Network (RHN) Satellite Server 5.4 File Descriptor Range Check Vulnerability in Samba Unspecified Remote Administrative Access Vulnerability in Plone 2.5 through 4.0 CRLF Injection Vulnerabilities in chfn and chsh Allow Unauthorized User Additions to /etc/passwd Heap Memory Corruption and Code Execution Vulnerability in FFmpeg Remote Code Execution via Malformed VC-1 File in FFmpeg 0.5.x Fixed Key Vulnerability in Edubuntu Live DVD Absolute Path Traversal Vulnerability in Aptdaemon 0.40 ASLR Bypass Vulnerability in Linux Kernel's do_task_stat Function Symlink Attack Vulnerability in GNOME Display Manager (gdm) 2.x Arbitrary Script Injection in Loggerhead's templatefunctions.py Local Privilege Escalation via D-Bus Backend in language-selector XML Signature Element Wrapping Vulnerability in Eucalyptus Buffer Overflow Vulnerability in IBM DB2 Administration Server (DAS) Component Unspecified Vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1 with Unknown Impact and Attack Vectors Arbitrary Script Injection via User-Agent Header in Adobe ColdFusion (CVE-2010-2861) Adobe ColdFusion XSS Vulnerability in id Parameter Arbitrary Web Script Injection in Adobe ColdFusion before 9.0.1 CHF1 Information Disclosure Vulnerability in Adobe ColdFusion 9.0.1 CHF1 and Earlier Information Disclosure Vulnerability in Adobe ColdFusion 9.0.1 CHF1 and Earlier Improper Certificate Verification in MyProxy 5.0 through 5.2 Allows for Man-in-the-Middle Attacks Arbitrary Command Execution via Shell Metacharacters in Ruby Mail Gem's Sendmail Delivery Agent Arbitrary Script Injection in RSS Feed Reader WordPress Plugin Cross-Site Scripting (XSS) Vulnerabilities in ModX Evolution 1.0.5 and Earlier Remote Code Execution Vulnerability in Novell ZENworks Handheld Management 7.0 Information Disclosure Vulnerability in SugarCRM before 6.1.3 CSRF Vulnerability in ZyXEL O2 DSL Router Classic Allows Remote Authentication Hijacking CSRF Vulnerabilities in phpList 2.10.13: Remote Authentication Hijacking Directory Traversal Vulnerability in Nostromo Webserver (nhttpd) Allows Remote Code Execution or File Read Vulnerability: Unrestricted Overwriting of GLOBALS and this Variable in PHP's extract Function Race condition vulnerability in PHP PCNTL Extension Vulnerability: Inadequate Detection of Symbolic Links in SplFileInfo::getType Function Integer Overflow in mt_rand Function in PHP Hardcoded Console Credentials Vulnerability in Trustwave WebDefend Enterprise Privilege Escalation Vulnerability in IBM DB2 9.1, 9.5, and 9.7 Remote Code Execution and Denial of Service Vulnerability in CA ETrust Secure Content Manager and CA Gateway Security Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Recaptcha Plugin for WordPress CSRF Vulnerabilities in WP Related Posts Plugin 1.0 Allow XSS Attacks Denial of Service Vulnerability in Perl 5.10.x Denial of Service Vulnerability in vsftpd's vsf_filename_passes_filter Function Arbitrary Code Execution via Crafted Type 1 Font in t1lib Privilege Escalation Vulnerability in lft in pWhois Layer Four Traceroute (LFT) 3.x before 3.3 Predictable Seed Vulnerability in Crypto Application and SSH Library Cross-site scripting (XSS) vulnerability in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x XSS Vulnerability in HP ArcSight Connector Appliance Allows Remote Code Injection Unvalidated File Upload Vulnerability in Janrain Engage Module for Drupal Multiple Cross-Site Scripting (XSS) Vulnerabilities in PivotX 2.2.0 and Earlier Versions Arbitrary Script Injection in PivotX Image Module Information Disclosure Vulnerability in PivotX before 2.2.2 Information Disclosure in PivotX 2.2.2 via Non-Existent Image File Parameter Information Disclosure Vulnerability in Google Chrome Sandbox Implementation on Mac OS X Google Chrome Use-After-Free Vulnerability in Image Loading Unrestricted Drag and Drop Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Extension Handling PDF Event Handler Denial of Service Vulnerability in Google Chrome Autofill Profile Merging Vulnerability in Google Chrome Unspecified Denial of Service Vulnerability in Google Chrome on Mac OS X Denial of Service Vulnerability in Google Chrome Related to Bad Volume Setting Race condition vulnerability in Google Chrome before 9.0.597.84 allows remote code execution via audio vectors. Unspecified integrity vulnerability in Oracle Help component in Oracle Database Server and Oracle Fusion Middleware Unspecified vulnerability in Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier on Windows Unspecified vulnerability in Oracle Database Server and Enterprise Manager Grid Control allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Service Level Agreements Unspecified vulnerability in Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier on Windows Unspecified Remote Integrity Vulnerability in Oracle HTTP Server Component Confidentiality Impact Vulnerability in Oracle Solaris 9 and 10 via Unspecified Vectors in wbem Unspecified Confidentiality Vulnerability in Oracle E-Business Suite Unspecified vulnerability in Oracle Warehouse Builder component in Oracle Database Server 10.2.0.5 and 11.1.0.7 Unspecified vulnerability in Oracle Database Vault component allows remote authenticated users to affect integrity and availability Unspecified vulnerability in Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5.0 Unspecified Integrity Vulnerability in Oracle Fusion Middleware Single Sign On Component Unspecified vulnerability in Oracle E-Business Suite Applications Install component Unspecified Confidentiality Vulnerability in Oracle E-Business Suite Applications Install Component Unspecified Integrity Vulnerability in Oracle Fusion Middleware Portal Component Unspecified vulnerability in Oracle Warehouse Builder User Account Unspecified vulnerability in Solaris Administration Utilities allows local users to compromise system security Unspecified Local Vulnerability in Oracle Solaris 10 and 11 Express Affecting Confidentiality and Integrity via cp Unspecified vulnerability in Java Runtime Environment (JRE) component in Oracle Java SE 6 and earlier versions Unspecified Remote Code Execution Vulnerability in JD Edwards EnterpriseOne Tools Unspecified Remote Vulnerability in Oracle Database Vault Unspecified Remote Integrity Vulnerability in Oracle Database Server Unspecified Remote Availability Vulnerability in Oracle Database Server on Windows Unspecified vulnerability in Oracle Sun GlassFish and Sun Java System Application Server affecting confidentiality, integrity, and availability via Administration vectors Unspecified vulnerability in Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified Remote Integrity Vulnerability in Oracle E-Business Suite Web ADI Component Remote Code Execution Vulnerability in Oracle JD Edwards EnterpriseOne Tools Unspecified vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified Local Denial of Service Vulnerability in Solaris Component Unspecified Local Denial of Service Vulnerability in Oracle Solaris 8, 9, 10, and 11 Express Unspecified Remote Code Execution Vulnerability in Java Runtime Environment (JRE) Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise confidentiality, integrity, and availability Unspecified vulnerability in CMDB Metadata & Instance APIs component in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise confidentiality, integrity, and availability Unspecified Remote Availability Vulnerability in Oracle JD Edwards EnterpriseOne Tools Unspecified Remote Integrity Vulnerability in Oracle JD Edwards EnterpriseOne Tools Unspecified Remote Kernel Vulnerability in Oracle Solaris 10 and 11 Express Unspecified Local Vulnerability in Oracle Solaris 8, 9, and 10 Affecting Confidentiality and Integrity via uucp Unspecified vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified Remote Integrity Vulnerability in Oracle JD Edwards EnterpriseOne Tools Unspecified Remote Code Execution Vulnerability in Oracle JD Edwards EnterpriseOne Tools Unspecified Remote Code Execution Vulnerability in Oracle JD Edwards EnterpriseOne Tools Unspecified Integrity Vulnerability in Oracle PeopleSoft Enterprise Application Portal Unspecified Integrity Vulnerability in Oracle PeopleSoft Products Unspecified Remote Integrity Vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle #13 Unspecified Local User Vulnerability in Oracle Solaris 10 and 11 Express Affecting Availability Unspecified Remote Integrity Vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified Remote Vulnerability in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 Unspecified Remote Code Execution Vulnerability in Oracle Siebel CRM Core Component Unspecified Remote Integrity Vulnerability in Oracle Siebel CRM Core Component Unspecified Remote Vulnerability in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 Remote Code Execution Vulnerability in Oracle JD Edwards EnterpriseOne Tools Unspecified Confidentiality Vulnerability in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 Unspecified vulnerability in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 Local Users Can Disrupt Availability in Oracle Solaris 9, 10, and 11 Express via LOFS Vulnerability Confidentiality vulnerability in Oracle PeopleSoft Enterprise PeopleTools 8.49 GA through 8.49.30 Remote TCP/IP vulnerability in Oracle Solaris 11 Express Unspecified integrity vulnerability in Oracle Siebel CRM Core component Unspecified Authentication Vulnerability in OpenSSO Enterprise and Sun Java System Access Manager Unspecified Remote Code Execution Vulnerability in Oracle Enterprise Manager Grid Control 10.1.0.6 Unspecified Remote Availability Vulnerability in Oracle Sun Java System Access Manager Policy Agent 2.2 Unspecified vulnerability in OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 Unspecified vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified Remote Integrity Vulnerability in Oracle Java Dynamic Management Kit 5.1 Unspecified vulnerability in Oracle PeopleSoft Enterprise CRM 8.9 Bundle #41 affecting Order Capture Unspecified Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise ELS 9.0 and 9.1 Unspecified vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 and 9.1 Unspecified Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise HRMS 9.1 Bundle #5 Unspecified vulnerability in Oracle InForm component allows remote authenticated users to compromise confidentiality and integrity Unspecified Confidentiality Vulnerability in Oracle PeopleSoft Enterprise Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 and 9.1 allows remote authenticated users to compromise confidentiality and integrity via unknown vectors in Pension Administration. Unspecified Remote Vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 and 9.1 Unspecified Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 and 9.1 Unspecified Remote Vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 and 9.1 Unspecified Remote Vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 and 9.1 Unspecified 2D-related vulnerabilities in Oracle Java SE Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise confidentiality, integrity, and availability Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise system security Unspecified Deserialization Vulnerability in Oracle Java SE Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise system security Unspecified Networking Vulnerability in Oracle Java SE Unspecified 2D-related vulnerability in Oracle Java SE 6 Update 25 and earlier Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise confidentiality Unspecified vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified vulnerability in Java Runtime Environment (JRE) allows remote attackers to compromise confidentiality, integrity, and availability via unknown vectors related to Swing. Unspecified Remote Code Execution Vulnerability in Java Runtime Environment (JRE) Unspecified 2D-related vulnerability in Oracle Java SE allows remote attackers to compromise confidentiality, integrity, and availability Unspecified vulnerability in Oracle Database Server and Enterprise Manager Grid Control Unspecified Remote Integrity Vulnerability in Oracle Database Server and Enterprise Manager Console Unspecified Remote Integrity Vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified Remote Integrity Vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified vulnerability in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 Unspecified Remote Integrity Vulnerability in Oracle Database Server and Enterprise Manager Grid Control Unspecified vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scheduler. Unspecified vulnerability in Oracle Containers for J2EE component in Oracle Fusion Middleware Unspecified vulnerability in Oracle BPEL Process Manager component in Oracle Fusion Middleware Default Password Vulnerability in Comcast Business Gateway Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in SMC SMCD3G-CCR Firmware Predictable Session IDs in SMC SMCD3G-CCR Web Management Portal Unspecified Remote Code Execution Vulnerability in HP Client Automation Enterprise Default Configuration of Windows SNMP Service in HP DDMI Allows Information Disclosure or Remote Impact Unspecified Denial of Service Vulnerability in HP-UX OS-Core.CORE2-KRN Fileset Arbitrary Web Script Injection Vulnerability in HP Diagnostics 7.5x and 8.0x HP Operations 9.10 UNIX Cross-Site Scripting (XSS) Vulnerability Unspecified Remote Access Bypass Vulnerability in HP Operations 9.10 on UNIX Platforms Unspecified Information Disclosure Vulnerability in HP Network Node Manager i (NNMi) 9.0x and 8.1x Unspecified Denial of Service Vulnerability in HP NFS/ONCplus B.11.31.10 and Earlier Unspecified Local File Read Vulnerability in HP Network Node Manager i (NNMi) 9.00 Arbitrary Web Script Injection Vulnerability in HP Network Node Manager i (NNMi) 9.00 AES Encryption Module for Drupal 7.x-1.4: Debugging Code Vulnerability Stack-based Buffer Overflow in Terminal Server Client (tsclient) Allows Remote Code Execution Stack-based buffer overflows in tsc_launch_remote function allow remote code execution in Terminal Server Client (tsclient) 0.150 Untrusted Search Path Vulnerabilities in SunScreen Firewall Java Service Directory Traversal Vulnerabilities in AR Web Content Manager (AWCM) 2.2 Out-of-bounds memory access vulnerability in Vino server Out-of-bounds read vulnerability in rfbSendFramebufferUpdate function in Vino server Open Redirect Vulnerability in Vanilla Forums before 2.0.17.6 Allows Remote Attackers to Conduct Phishing Attacks Arbitrary Script Injection Vulnerability in Vanilla Forums before 2.0.17.6 HMAC Timing Attack Vulnerability in Vanilla Forums Unspecified Cross-Site Scripting (XSS) Vulnerability in Zikula Users Module Argument Injection Vulnerability in IBM Lotus Notes 8.0.x and 8.5.x Arbitrary Code Execution via Stack-based Buffer Overflow in IBM Lotus Domino DIIOP Implementation Arbitrary Code Execution via Heap-Based Buffer Overflow in IBM Lotus Domino DIIOP Implementation Stack-based Buffer Overflow in IBM Lotus Domino SMTP Service Stack-based Buffer Overflow in IBM Lotus Domino (SPR KLYH889M8H) Buffer Overflow in IBM Lotus Domino's nLDAP.exe Allows Remote Code Execution (SPR KLYH87LMVX) Stack-based Buffer Overflow in IBM Lotus Domino Router Service Stack-based Buffer Overflow in IBM Lotus Domino POP3 and IMAP Services (SPR KLYH87LLVJ) Remote Code Execution Vulnerability in IBM Lotus Domino Remote Code Execution in HP Data Protector Cell Manager Service Arbitrary Program Execution Vulnerability in HP Data Protector Client Arbitrary Code Execution Vulnerability in HP Data Protector Client Arbitrary Script Execution Vulnerability in HP Data Protector EXEC_CMD Command Unintended Program Execution via CSDWebInstallerCtrl ActiveX Control in Cisco Secure Desktop Unverified Signature Spoofing Vulnerability in Cisco Secure Desktop PKI Functionality in Cisco IOS 15.0 and 15.1 Allows Bypass of Authentication and Revoked Key Exploitation Denial of Service Vulnerability in Cisco IOS and IOS XE (CSCth03022) Memory Leak Vulnerability in Cisco Unified Communications Manager (CUCM) and Cisco IOS Denial of Service Vulnerability in Cisco IOS XR 3.8.3, 3.8.4, and 3.9.1 (Bug ID CSCth44147) Denial of Service Vulnerability in Cisco IOS 12.4, 15.0, and 15.1 (Bug ID CSCtj41194) DLSw Memory Leak Vulnerability in Cisco IOS and IOS XE Denial of Service Vulnerability in Cisco IOS NAT Implementation (Bug ID CSCtd10712) Improper Removal of sshd_lock Files in Cisco IOS XR Arbitrary User Password Change Vulnerability in Cisco Secure Access Control System (ACS) Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 SQL Injection Vulnerabilities in Cisco Unified Operations Manager (CUOM) before 8.6 (Bug ID CSCtn61716) Arbitrary Web Script Injection Vulnerability in CiscoWorks Common Services 3.3 and Earlier Arbitrary Web Script Injection in Cisco Unified Operations Manager (CUOM) Bypassing Access Restrictions in Cisco NAC Guest Server (Bug ID CSCtj66922) Directory Traversal Vulnerability in CiscoWorks Common Services 3.3 and Earlier (CVE-2021-12345) Remote Code Execution Vulnerability in BMC PATROL Agent Service Daemon OfficeArt Atom RCE Vulnerability Microsoft Office Graphic Object Dereferencing Vulnerability Excel Array Indexing Vulnerability Excel Linked List Corruption Vulnerability Excel Dangling Pointer Vulnerability Denial of Service and Stale Pointer Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in SVG Font Faces Denial of Service Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Plug-ins Memory Exhaustion Vulnerability in Google Chrome Information Disclosure Vulnerability in phpMyAdmin Improper Restriction of Bookmark Queries in phpMyAdmin World-writeable directory vulnerability in pure-ftpd 1.0.22 on SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions Vulnerability: RuntimeHelpers.InitializeArray Method Allows Modification of Read-Only Data Structures in Mono Race condition vulnerability in FastCopy optimization in Mono's Array.Copy method in metadata/icall.c, allowing remote attackers to trigger a buffer overflow and modify internal data structures Use-after-free vulnerability in Mono: Remote Denial of Service and Possible Other Impact Use-after-free vulnerability in Mono allows remote attackers to cause denial of service or obtain sensitive information World Readable Postgres Credentials in SUSE Lifecycle Management Server 1.1 Remote Code Execution Vulnerability in Novell File Reporter (NFR) Weak File Permissions in sqlite3-ruby Gem in SUSE Linux Enterprise (SLE) 11 SP1 Arbitrary Command Execution in dhcpcd before 5.2.12 via DHCP Hostname Arbitrary Command Execution via Shell Metacharacters in dhclient Denial of Service Vulnerability in Linux Kernel's Transparent Huge Pages (THP) Creation Remote Sniffing of Audio and Video Calls in Telepathy Gabble Critical SQL Injection Vulnerability in iamdroppy phoenixcf (VDB-218491) Critical SQL Injection Vulnerability in weblabyrinth 0.3.1 (CVE-2021-XXXX) Critical SQL Injection Vulnerability in XpressEngine up to 1.4.4 (VDB-220247) Unrestricted File Upload Vulnerability in reciply Plugin up to 1.1.7 on WordPress Critical Buffer Overflow Vulnerability in EasyFTP 1.7.0.2: Remote Code Execution via MKD Command Handler Denial of Service and Arbitrary Code Execution in dexdump Denial of Service Vulnerability in Avahi-Daemon Double Free Vulnerability in vba_read_project_strings Function in ClamAV Symlink Attack Vulnerability in FileUtils.remove_entry_secure Method Vulnerability: Modification of Strings via Exception#to_s Method in Ruby Heap-based Buffer Overflow in parse_cgroup_spec Function in libcgroup Unattended Workstation Login Form Resubmission Vulnerability in Best Practical Solutions RT Unrestricted Access to TicketObj in Best Practical Solutions RT (CVE-XXXX-XXXX) Cross-Site Scripting (XSS) Vulnerability in Vanilla Forums 2.0.17.1 - 2.0.17.5 Buffer Overflow in Linux Kernel's mac_partition Function Insecure Mounting of /tmp Directory in seunshare Denial of Service Vulnerability in Linux Kernel's ldm_parse_vmdb Function Integer Signedness Error in DRM Modeset Control Function Improper Input Validation in CGIHTTPServer Module Allows Source Code Disclosure Arbitrary Memory Write Vulnerability in Radeon GPU Drivers Heap-based Buffer Overflow in LDM Frag Add Function in Linux Kernel 2.6.37.2 and Earlier Arbitrary Command Execution in Logwatch 7.3.6 via Samba Server Log File Name Bypassing CAP_SYS_MODULE Requirement in Linux Kernel Insecure Access Control in Linux Kernel's proc Filesystem Implementation Incomplete Fix for Arbitrary Kernel Memory Modification via /sys/kernel/debug/acpi/custom_method Bypassing Resource Restrictions via Crafted Netlink Messages in libcgroup Denial of Service Vulnerability in Linux Kernel's Reliable Datagram Sockets (RDS) Subsystem Authentication Bypass Vulnerability in OpenLDAP 2.4.x with Chain Overlay and Ppolicy_forward_updates OpenLDAP 2.4.x Root Distinguished Name Authentication Bypass Vulnerability Apache Archiva Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities Denial of Service Vulnerability in cgit.cgi Arbitrary PHP Code Execution Vulnerability in Smarty3's $smarty.template Variable Arbitrary Script Injection in IBM Rational Team Concert (RTC) 2.0.0.x via Shared Report Name Arbitrary Web Script Injection in IBM Lotus Connections 3.0 Wikis Component Arbitrary File Creation Vulnerability in feh_unique_filename Function Unrestricted Access to Internal Login Module in IBM Lotus Connections 3.0 Remote Code Execution via Stack-based Buffer Overflow in IBM Informix Dynamic Server (IDS) 11.50 Cross-site scripting (XSS) vulnerability in IBM Rational Build Forge 7.0.2 Arbitrary User Password Modification Vulnerability in PivotX before 2.2.4 Arbitrary Program Execution Vulnerability in CA Host-Based Intrusion Prevention System (HIPS) 8.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Lotus Sametime 8.0.1 Denial of Service Vulnerability in flimflamd in Google Chrome OS Incomplete Initialization of Response Buffer in ib_uverbs_poll_cq Function Unspecified Privilege Escalation Vulnerability in IBM FileNet P8 Content Manager Unauthenticated Privileged Property Modification in IBM FileNet P8 Content Engine SQL Injection Vulnerabilities in VastHTML Forum Server Plugin for WordPress Arbitrary SQL Command Execution in MihanTools 1.33 via product.php Buffer Overflow in Mach-O Input File Loader in Hex-Rays IDA Pro 5.7 and 6.0 Unspecified Vulnerability in Hex-Rays IDA Pro 5.7 and 6.0: String Encoding Conversion and UTF8 Handling Inconsistencies Integer Overflow in COFF/EPOC/EXPLOAD Input File Loaders in Hex-Rays IDA Pro: Unknown Impact and Memory Allocation Vulnerability PSX/GEOS Input File Loaders Integer Overflow Vulnerability Denial of Service Vulnerability in Hex-Rays IDA Pro Mach-O Input File Loader Unspecified Vulnerability in PEF Input File Loader in Hex-Rays IDA Pro 5.7 and 6.0 SQL Injection Vulnerability in Lingxia I.C.E CMS 1.0 - Remote Code Execution via api/ice_media.cfc Weak Inherited Permissions in Metasploit Framework Installer on Windows Cross-site scripting (XSS) vulnerability in MoinMoin before 1.9.3 in reStructuredText (rst) parser Use-after-free vulnerability in WebCore in WebKit before r77705 SQL Injection Vulnerability in WSN Guest 1.24: Remote Code Execution via wsnuser Cookie SQL Injection Vulnerability in WSN Guest 1.24: Remote Code Execution via memberlist.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in TaskFreak! 0.6.4 Cross-Site Scripting (XSS) Vulnerabilities in Cherry-Design Photopad 1.2.0 SQL Injection Vulnerability in Qi Bo CMS 7 member/list.php Stack-based buffer overflows in PIPIWebPlayer ActiveX Control: Remote Code Execution Arbitrary Script Injection Vulnerability in Drupal Messaging Module Denial of Service Vulnerability in slapd (aka ns-slapd) in 389 Directory Server Improper Cookie Handling in Microsoft Windows Azure SDK 1.3.x XSS Vulnerability in PHPShop 0.8.1 Unverified Netlink Messages in v86d Before 0.1.10 Vulnerability Stack Extension Attack in GNU C Library (glibc) and Embedded GLIBC (EGLIBC) Local File Overwrite Vulnerability in PEAR Installer Symlink Vulnerabilities in crontab.c in FreeBSD and Apple Mac OS X Directory Existence Disclosure Vulnerability in crontab.c in FreeBSD Race condition vulnerability in FreeBSD's crontab MD5 comparison process Denial of Service Vulnerability in Linux Kernel DNS Resolver Apache Archiva Multiple Cross-Site Scripting (XSS) Vulnerabilities Uninitialized Structure Vulnerability in Linux Kernel's sco_sock_getsockopt_old Function Uninitialized Device Field Vulnerability in Linux Kernel Bluetooth BNEP Module Kernel Stack Memory Disclosure in Linux Kernel Denial of Service Vulnerability in OpenLDAP 2.4.x Denial of Service Vulnerability in Linux Kernel's Eventpoll Implementation Denial of Service Vulnerability in Linux Kernel's Epoll Implementation Smoothwall Express 3 XSS Vulnerability Smoothwall Express 3 CSRF Vulnerability: Exploiting Cross-Site Request Forgery Arbitrary Web Script Injection Vulnerability in Openfiler 2.3 Buffer Overflow Vulnerability in VideoLAN VLC Media Player 1.0.5 Bypassing Access Restrictions in Apache Tomcat 7.x Vulnerability: Inadequate Error Reporting in addmntent Function Memory Leak in nfs4_proc_set_acl Function in Linux Kernel Denial of Service Vulnerability in Pidgin's Yahoo! Protocol Plugin Integer Overflow Vulnerability in PHP's shmop_read Function DCCP Implementation NULL Pointer Dereference and OOPS Vulnerability Improper Hostname Verification in KDE KSSL Unquoted Output Vulnerability in GNU C Library Character Encoding Pattern Attack in W3C XML Encryption Standard Remote Code Execution and Denial of Service Vulnerability in rsync 3.x Race condition vulnerability in createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier Directory Traversal Vulnerabilities in FocalMedia.Net Quick Polls before 1.0.2 SQL Injection Vulnerabilities in Pixelpost 1.7.3 Admin Panel Unspecified Remote Code Execution Vulnerabilities in Citrix Licensing Administration Console 11.6 Arbitrary Web Script Injection Vulnerability in F-Secure Policy Manager Information Disclosure Vulnerability in F-Secure Policy Manager WebReporting Module CSRF Vulnerabilities in Mutare EVM Allow Remote Authentication Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mutare EVM IBM Lotus Sametime Server Cross-Site Scripting (XSS) Vulnerability URL bar spoofing vulnerability in Google Chrome before version 9.0.597.107 Denial of Service Vulnerability in Google Chrome Stale Pointer Vulnerability in Google Chrome Denial of Service and Stale Pointer Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome SVG Rendering Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome on 64-bit Linux Platforms Table Handling Vulnerability in Google Chrome Table Rendering Vulnerability in Google Chrome Denial of Service and Potential Remote Code Execution in Google Chrome's SVG Animation Handling XHTML Document Handling Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Device Orientation Stale Pointer Vulnerability in Google Chrome Out-of-bounds read vulnerability in WebGL implementation in Google Chrome (Issue 71717) Integer Overflow in Google Chrome TEXTAREA Element Out-of-bounds read vulnerability in WebGL implementation in Google Chrome (Issue 71960) Unrestricted Access to Internal Extension Functions in Google Chrome Google Chrome Use-After-Free Vulnerability in Blocked Plug-ins Stale Pointer Vulnerability in Google Chrome Privilege Escalation via Trojan Horse Shared Library in VMware VIX API and Workstation Unrestricted Guest Access Vulnerability in Simple Machines Forum (SMF) Improper Handling of Invalid Login Attempts in Simple Machines Forum (SMF) Arbitrary Code Injection via EditNews Function in Simple Machines Forum SQL Injection Vulnerability in Simple Machines Forum (SMF) Information Disclosure Vulnerability in Simple Machines Forum (SMF) Denial of Service Vulnerability in Apple Mac OS X IPv6 Implementation Arbitrary Code Execution via Cross-Site Scripting (XSS) in Xinha Arbitrary Code Execution via Cross-Site Scripting (XSS) in Xinha Image Manager Arbitrary Code Execution via Cross-Site Scripting (XSS) in Xinha Arbitrary File Rewrite Vulnerability in Tesseract 2.03 and 2.04 Integer Overflow Vulnerability in ProFTPD's mod_sftp Module Denial of Service Vulnerability in Wireshark 6LoWPAN IPv6 Packet Parsing Denial of Service Vulnerability in Wireshark 1.2.0 - 1.2.14 and 1.4.0 - 1.4.3 Stack Consumption Vulnerabilities in Wireshark Dissect Functions Denial of Service Vulnerability in Wireshark LDAP Packet Dissector Denial of Service Vulnerability in Wireshark BER Dissector Denial of Service Vulnerability in Wireshark NTLMSSP Dissector Local File Overwrite Vulnerability in PEAR Installer Buffer Overflow Vulnerability in SQLDriverConnect() Function in unixODBC Denial of Service and Arbitrary Code Execution Vulnerability in Red Hat libvirt 0.8.8 Multiple stack-based and heap-based buffer overflows in Asterisk Open Source versions 1.4.x, 1.6.1.x, 1.6.2.x, and 1.8, Business Edition C.x.x, AsteriskNOW 1.5, and s800i (Asterisk Appliance) allow remote code execution and denial of service Use-after-free vulnerability in PHP substr_replace function allows for memory corruption and denial of service Android System Property Space Access Vulnerability XSS Vulnerability in bbPress 1.0.2 via /bb-login.php URL SQL Injection Vulnerability in Joomla! 1.6.0 via filter_order and filter_order_Dir Parameters Format String Vulnerabilities in PHP Phar Extension Arbitrary Command Execution Vulnerability in logrotate Denial of Service Vulnerability in logrotate 3.7.9 and Earlier Denial of Service via Malformed DOCTYPE Declaration in Universal Feed Parser Arbitrary Web Script Injection via Malformed XML Comments in Universal Feed Parser Arbitrary Web Script Injection Vulnerability in Universal Feed Parser Denial of Service Vulnerability in acpid.c Uninitialized Buffer in tpm_open Function Allows Kernel Memory Information Disclosure Improper Memory Clearing in Linux Kernel 2.6 TPM_Read Function Kernel Heap Memory Information Disclosure Vulnerability Vino before 2.99.4 Vulnerability: Misleading Network Connection Statement Vulnerability: Undocumented Port Opening in Vino UPnP Configuration Denial of Service Vulnerability in Xen (Possibly before 4.0.2) Heap-based Buffer Overflow in LibTIFF Thunder Decoder Arbitrary Script Injection in Konqueror's KHTMLPart::htmlError Function Array Index Error in AudioScience HPI Driver Allows for Memory Corruption and Possible Privilege Escalation Information Disclosure Vulnerability in Linux Kernel's ARP Tables Implementation Information Disclosure Vulnerability in Linux Kernel's IPv4 Implementation Uninitialized String Vulnerability in Linux Kernel's IPv6 Implementation Uninitialized Data Leak in econet_sendmsg Function Denial of Service Vulnerability in Asterisk Open Source 1.6.1.x, 1.6.2.x, and 1.8.x Denial of Service Vulnerability in Asterisk Open Source TCP/TLS Server Privilege Escalation via Configuration Merger in mpm-itk Apache HTTP Server Module Integer Overflow in PCX Image Loading in GIMP 2.6.x and Earlier Uninitialized Pointer Vulnerability in SPICE Firefox Plug-in Stack-based buffer overflows in iriap_getvaluebyclass_indication function in Linux kernel before 2.6.39 Spoofing UID and PID in Linux Kernel Signal Handling Apache Tomcat 7.0.11 Security Bypass Vulnerability Lack of Replay Attack Countermeasures in Apache Tomcat HTTP Digest Access Authentication Implementation Unrestricted Navigation and Close Operations Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome on Linux Same Origin Policy Bypass in Google Chrome 10.0.648.127 Memory Corruption Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Same Origin Policy Bypass in Google Chrome Web Workers Implementation Google Chrome Use-After-Free Vulnerability in DOM URL Handling Out-of-bounds read vulnerability in Google Chrome on Linux Same Origin Policy Bypass in Google V8 Unspecified Remote Code Execution Vulnerabilities in Google Chrome Use-after-free vulnerability in Google Chrome: Remote code execution and denial of service vulnerability Out-of-Bounds Write Vulnerability in Google Chrome OGG Container Implementation Table Painting Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Video Functionality Denial of Service Vulnerability in Google Chrome Unspecified Variable Cast Vulnerability in Google Chrome Denial of Service Vulnerability in WebKit Context Implementation Information Disclosure Vulnerability in libxslt 1.1.26 and earlier Denial of Service and Stale Pointer Vulnerability in Google Chrome Denial of Service and DOM Tree Corruption Vulnerability in Google Chrome Buffer Overflow Vulnerabilities in IBM Rational Common Licensing 7.0 through 7.1.1.4 Stack-based buffer overflow in IBM Tivoli Directory Server (TDS) allows remote code execution via crafted LDAP request Arbitrary Code Execution Vulnerability in Data Dynamics ActiveBar ActiveX Controls NULL pointer dereference and daemon crash vulnerability in IBM solidDB Weak WS-Security XML Encryption Algorithm in IBM WebSphere Application Server (WAS) 6.1 and 7.0 Stack-based buffer overflow in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, via crafted header in .lzh attachment (SPR PRAD88MJ2W) Stack-based Buffer Overflow in Autonomy KeyView Allows Remote Code Execution Stack-based Buffer Overflow in Autonomy KeyView Allows Remote Code Execution Stack-based Buffer Overflow in Autonomy KeyView Allows Remote Code Execution Buffer Overflow in Autonomy KeyView Allows Remote Code Execution via Crafted .prz Attachment Buffer Overflow Vulnerability in Autonomy KeyView DLL (kvarcve.dll) in IBM Lotus Notes Stack-based Buffer Overflow in lcfd.exe in IBM Tivoli Management Framework Cross-zone scripting vulnerability in RealPlayer ActiveX control in versions 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 Privilege escalation vulnerability in IBM Tivoli Storage Manager (TSM) Journal Based Backup (JBB) feature Buffer Overflow Vulnerability in IBM Tivoli Storage Manager (TSM) ADS Functionality Missing CRL Distribution Points Certificate Extension in IBM WebSphere MQ 6.0 and 7.0 Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Windows Messenger ActiveX Control Remote Code Execution Vulnerability Frame Tag Information Disclosure Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Javascript Information Disclosure Vulnerability in Microsoft Internet Explorer 6 and 7 MIME Sniffing Information Disclosure Vulnerability in Microsoft Internet Explorer 8 Active Accessibility Insecure Library Loading Vulnerability WINS Service Failed Response Vulnerability Ancillary Function Driver Elevation of Privilege Vulnerability Link Properties Handling Memory Corruption Vulnerability DOM Manipulation Memory Corruption Vulnerability in Microsoft Internet Explorer 8 Cross-site Scripting (XSS) Vulnerability in Microsoft Internet Explorer and SharePoint Servers .NET Framework Class Inheritance Vulnerability Drag and Drop Memory Corruption Vulnerability in Microsoft Internet Explorer 6-8 Time Element Memory Corruption Vulnerability DOM Modification Memory Corruption Vulnerability in Microsoft Internet Explorer 6-8 Window Open Race Condition Vulnerability in Microsoft Internet Explorer 6-8 Drag and Drop Information Disclosure Vulnerability in Microsoft Internet Explorer 6-8 Layout Memory Corruption Vulnerability in Microsoft Internet Explorer 8 and 9 Selection Object Memory Corruption Vulnerability in Microsoft Internet Explorer 6-9 HTTP Redirect Memory Corruption Vulnerability in Microsoft Internet Explorer 7-9 Remote Desktop Web Access XSS Vulnerability Active Directory Certificate Services Web Enrollment XSS Vulnerability Bluetooth Stack Vulnerability in Microsoft Windows Vista and Windows 7 VML Memory Corruption Vulnerability SMB Request Parsing Vulnerability SMB Response Parsing Vulnerability Presentation Memory Corruption RCE Vulnerability Presentation Buffer Overrun RCE Vulnerability in Microsoft PowerPoint 2002 and 2003 .NET Framework JIT Optimization Vulnerability Excel Insufficient Record Validation Vulnerability Excel Improper Record Parsing Vulnerability Excel Out of Bounds Array Access Vulnerability Excel Memory Heap Overwrite Vulnerability Excel Buffer Overrun Vulnerability Excel Memory Corruption Vulnerability Excel WriteAV Vulnerability Excel Out of Bounds WriteAV Vulnerability XML External Entities Resolution Vulnerability in Microsoft InfoPath, SQL Server, SQL Server Management Studio Express, and Visual Studio CSRSS Local EOP AllocConsole Vulnerability CSRSS Local EOP SrvSetConsoleLocalEUDC Vulnerability CSRSS Local EOP SrvSetConsoleNumberOfCommand Vulnerability CSRSS Local EOP SrvWriteConsoleOutput Vulnerability Regular-Expression Reentrancy Vulnerability in Google Chrome Memory Access Vulnerability in Google V8 Engine Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Integer Overflow in WebKit: Remote Code Execution Vulnerability Buffer Error Vulnerability in Google Chrome Frame-loader Use-after-free Vulnerability in Google Chrome HTMLCollection Use-After-Free Vulnerability in Google Chrome CSS Token Sequence Handling Vulnerability in Google Chrome Node Parentage Vulnerability in WebKit Denial of Service Vulnerability in Google Chrome's SVG Text Handling Integer Overflow in WebKit's fillRect function in Google Chrome Arbitrary Code Execution Vulnerability in ANGLE Library GPU Process Use-After-Free Vulnerability in Google Chrome Heap-based Buffer Overflow in Google Chrome GPU Process Denial of Service Vulnerability in Google Chrome Bypassing Pop-up Blocker in Google Chrome Plug-ins Race condition vulnerability in Google Chrome before 11.0.696.57 on Linux and Mac OS X Unspecified vulnerability in Scratchpad application in Google Chrome OS before R10 0.10.156.46 Beta Insecure Permissions in IBM WebSphere Application Server Installer Arbitrary Web Script Injection Vulnerability in IBM WebSphere Application Server Unspecified Impact and Attack Vectors in IBM WebSphere Application Server Plug-in Component Information Disclosure Vulnerability in IBM WebSphere Application Server Insecure Security Role Mapping in IBM WebSphere Application Server Vulnerability: Unauthorized Modification of Primary Admin ID in IBM WebSphere Application Server Double Free Vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x and 7.x Denial of Service Vulnerability in IBM WebSphere Application Server Memory Leak Vulnerability in IBM WebSphere Application Server (WAS) Messaging Engine Denial of Service Vulnerability in IBM WebSphere Application Server (WAS) SIP Proxy Memory Leak Vulnerability in IBM WebSphere Application Server (WAS) JSP Component Memory Leak in JspWriterImpl.response in IBM WebSphere Application Server Denial of Service Vulnerability in IBM WebSphere Application Server (WAS) 6.1.0.x and 7.x Authentication Cache Deletion Vulnerability in IBM WebSphere Application Server Incomplete Purge of AuthCache in IBM WebSphere Application Server Denial of Service Vulnerability in IBM WebSphere Application Server Denial of Service Vulnerability in Yamaha and NEC Routers Cross-Site Request Forgery (CSRF) Vulnerabilities in Buffalo Routers Allow Remote Authentication Hijacking CSRF Vulnerability in EC-CUBE before 2.11.0 Allows Remote Authentication Hijacking Unspecified Denial of Service Vulnerability in La Fonera+ Router Firmware Incomplete Password Encryption in Trend Micro Internet Security 2009 SQL Injection Vulnerability in RADVISION iVIEW Suite 7.5 and Earlier Arbitrary PHP Code Execution via Unrestricted File Upload in WalRack WeblyGo 5.0 Pro/LE - 5.10 Pro/LE Cross-Site Scripting (XSS) Vulnerability Heap Memory Corruption Vulnerability in JustSystems Ichitaro Software Unspecified Cross-Site Scripting (XSS) Vulnerability in Cybozu Garoon 2.0.0 through 2.1.3 Arbitrary Web Script Injection Vulnerability in Cybozu Office 6 and Cybozu Garoon 2.0.0 through 2.1.3 Arbitrary Web Script Injection Vulnerability in Cybozu Office 6, Cybozu Garoon 2.0.0 through 2.1.3, Cybozu Dezie before 6.1, Cybozu MailWise before 3.1, and Cybozu Collaborex before 1.5 Arbitrary Web Script Injection in Cybozu Office Address Book and User List Functions ALZip 8.21 Buffer Overflow Vulnerability Denial of Service Vulnerability in Opera Browser (Versions before 11.50) Untrusted Search Path Vulnerability in XnView: Privilege Escalation via Trojan Horse Execution Arbitrary Script Injection Vulnerability in Google Search Appliance Arbitrary Web Script Injection in Plone 2.5.3 CSRF Vulnerability in Aimluck Aipo and Aipo for ASP before 4.0.4.0 Arbitrary SQL Command Execution Vulnerability in Aimluck Aipo and Aipo for ASP before 5.1.1 SQL Injection Vulnerability in IBM Tivoli Netcool/OMNIbus Web GUI Webkit Use-After-Free Remote Code Execution Vulnerability Object Management Memory Corruption Vulnerability in Microsoft Internet Explorer 6, 7, and 8 Unspecified Remote Code Execution Vulnerability in Microsoft Internet Explorer 8 on Windows 7 Arbitrary File Creation Vulnerability in Microsoft Internet Explorer 8 on Windows 7 Information Disclosure Vulnerability in PowerVR SGX Driver Kernel Memory Corruption Vulnerability in PowerVR SGX Driver Unspecified Privilege Escalation Vulnerability in Adobe Reader 10.x on Windows Open Redirect Vulnerability in IBM WebSphere Application Server (WAS) 6.1 and 7.0 Information Disclosure Vulnerability in IBM WebSphere Application Server Administration Console Arbitrary web script injection vulnerability in IBM WebSphere Service Registry and Repository (WSRR) Directory Traversal Vulnerability in IBM WebSphere Application Server (WAS) Administration Console Arbitrary Web Script Injection Vulnerabilities in IBM HTTP Server Incomplete fix for Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 6.1 and 7.0 CSRF vulnerability in Google App Engine Python SDK Interactive Console Arbitrary Command Execution Vulnerability in IBM Rational AppScan Enterprise and AppScan Reporting Console Arbitrary Command Execution Vulnerability in IBM Rational AppScan Standard and Express Unspecified File Reading Vulnerability in IBM WebSphere Application Server 8.x Unauthenticated Remote Reading of Sametime Configuration Settings Arbitrary Script Injection in IBM WebSphere ILOG Rule Team Server 7.1.1 Authentication Bypass Vulnerability in IBM TS3100 and TS3200 Tape Libraries Denial of Service Vulnerability in IBM DB2 9.7 on UNIX with Self Tuning Memory Manager (STMM) Buffer Overflow in Apple QuickTime: Remote Code Execution and Application Crash via Crafted PICT File Denial of Service Vulnerability in IBM AIX 6.1 and 7.1 Weak Permissions Vulnerability in IBM WebSphere Application Server (WAS) on IBM i Platform Unspecified Impact and Attack Vectors in Web Services Security Component of IBM WebSphere Application Server 6.1 User Authorization File (UAF) Data Verification Vulnerability in IBM WebSphere MQ 6.0 on OpenVMS Unspecified Access Restriction Bypass Vulnerability in IBM OpenPages GRC Platform 6.1.0.1 before IF4 Symlink Attack Vulnerability in invscout.rte on IBM AIX Denial of Service Vulnerability in IBM AIX and VIOS SAML Signature Validation Bypass Vulnerability in IBM Tivoli Federated Identity Manager Arbitrary Code Execution Vulnerability in Blueberry BB FlashBack Arbitrary Code Execution via Directory Traversal in Rational Common Licensing Arbitrary SQL Command Execution in IBM Rational ClearQuest Maintenance Tool Arbitrary Code Execution Vulnerability in Blueberry BB FlashBack Arbitrary Code Execution Vulnerability in Blueberry FlashBack ActiveX Control Denial of Service Vulnerability in IBM Lotus Domino Server 8.x Denial of Service Vulnerability in IBM Maximo Asset Management and Related Products Arbitrary Web Script Injection Vulnerability in IBM Maximo Asset Management and Asset Management Essentials Arbitrary Web Script Injection Vulnerability in IBM Maximo Asset Management and Asset Management Essentials Cross-Site Request Forgery (CSRF) Vulnerability in IBM Maximo Asset Management and Related Products HTTP Response-Splitting Vulnerability in PHP Arbitrary Code Execution Vulnerability in tex-common Package Cross-Site Scripting (XSS) Vulnerability in ikiwiki Privilege Escalation and Access Control Vulnerabilities in Mahara before 1.3.6 CSRF Vulnerability in Mahara Pieforms Implementation Improper Data Restriction in AJAX Responses in Mahara before 1.3.6 Arbitrary Script Injection via HTML E-mail Messages in Mahara before 1.3.6 Improper Handling of HTTPS URL in Mahara before 1.3.6 Allows Credential Sniffing Remote Code Execution via DKIM Identity Matching in Exim 4.7x Root TTY Hijacking and Symlink Attack Vulnerability in ikiwiki Authentication Bypass Vulnerability in Frams's Fast File EXchange (F*EX) XML Signature Wrapping Vulnerability in Shibboleth OpenSAML Library Arbitrary Command Execution via Shell Metacharacters in ioQuake3 Engine Denial of Service Vulnerability in Google Chrome on Linux Arbitrary Web Script Injection Vulnerability in tibbr Web Server Memory Reading Vulnerability in BlackBerry Torch 9800 Firmware 6.0.0.246 Integer Overflow Vulnerability in QuickLook IPv6 Stateless Address Autoconfiguration Vulnerability Incomplete Fix for CVE-2011-1088 Allows Bypass of Access Restrictions in Apache Tomcat 7.x Weak File Permissions in EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC Platforms Weak Permissions Vulnerability in EMC NetWorker Client Push Feature Unspecified Cross-Site Scripting (XSS) Vulnerability in EMC RSA Adaptive Authentication On-Premise (AAOP) Arbitrary Web Script Injection Vulnerability in RSA Data Loss Prevention (DLP) Enterprise Manager 8.x before 8.5 SP1 Improper Configuration of ExShortcut\Web.config Allows Information Disclosure Arbitrary File Creation and Overwrite Vulnerability in XML Security Library Arbitrary Code Execution via Crafted RNX File in RealPlayer Multiple Cross-Site Scripting (XSS) Vulnerabilities in Kodak InSite 5.5.2 Insecure SSL Certificate Verification in WeeChat 0.3.4 and Earlier SMTPS Server Spoofing Vulnerability STARTTLS Implementation Vulnerability in Ipswitch IMail Server STARTTLS Implementation Vulnerability in qmail-smtpd Plaintext Command Injection Vulnerability in SCO SCOoffice Server's STARTTLS Implementation Cleartext Credential Storage Vulnerability in Open Ticket Request System (OTRS) Thread Safety Vulnerability in Google Chrome Improper Implementation of Tabs Permission in Google Chrome Allows Remote File Read Denial of Service Vulnerability in Google Chrome on Linux Integer Overflow Vulnerabilities in Google Chrome Bypassing Same Origin Policy in Google Chrome via Blob Vectors Unspecified Impact and Remote Attack Vectors in Google Chrome on Linux Google Chrome Use-After-Free Vulnerability in Ruby Element and CSS Token Sequences Unspecified Variable Cast Vulnerability in Google Chrome Denial of Service and Node Tree Corruption Vulnerability in Google Chrome Google Chrome Layering Vulnerability Race condition vulnerability in Google Chrome sandbox launcher implementation Denial of Service Vulnerability in Google Chrome 11.0.696.57 URL Bar Spoofing Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Height Calculation Vulnerability in Google Chrome WebSockets Use-After-Free Vulnerability in Google Chrome File Dialog Presentation Vulnerability in Google Chrome Dangling Pointers Vulnerability in Google Chrome URL Bar Spoofing Vulnerability in Google Chrome Arbitrary Code Execution and Denial of Service Vulnerability in WebKit DOM id handling vulnerability in Google Chrome before version 11.0.696.57 Denial of Service Vulnerability in Google Chrome PDF Handling PDF Form Handling Vulnerability in Google Chrome Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Denial of Service Vulnerability in Google Chrome's WebKit::WebPluginContainerImpl::handleEvent Function Bad Cast Vulnerability in WebKit: Exploiting Anonymous Blocks in Google Chrome Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Buffer Overflow in strval Function in PHP Denial of Service Vulnerability in Google Chrome's SPDY Implementation Integer Overflow in PHP Calendar Extension Unspecified Denial of Service Vulnerability in NumberFormatter::setSymbol Function in PHP Memory leaks in OpenSSL extension in PHP before 5.3.6 leading to denial of service Denial of Service Vulnerability in PHP Streams Component Denial of Service Vulnerability in PHP Zip Extension Denial of Service Vulnerability in PHP Zip Extension Nokia E75 Firmware Vulnerability: Device Lock Bypass via Button Sequence Denial of Service Vulnerability in OpenSSL Infinite Loop DOS Vulnerability in pax-linux Versions 2.6.32.33-test79.patch, 2.6.38-test3.patch, and 2.6.37.4-test14.patch HTTP Pipelining Vulnerability in Apache Tomcat 7.0.x Integer Underflow Vulnerability in Linux Kernel's OSS Subsystem Heap Memory Corruption and Privilege Escalation Vulnerability in Linux Kernel's OPL3 Sound Driver Denial of Service Vulnerability in Linux Kernel's GRO Implementation Double Free Vulnerability in Linux Kernel's Inotify Subsystem Arbitrary SQL Command Execution in Francisco Burzi PHP-Nuke 8.0 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Francisco Burzi PHP-Nuke 8.0 and Earlier Cross-Site Request Forgery (CSRF) Vulnerabilities in Francisco Burzi PHP-Nuke 8.0 and Earlier XML Entity Expansion Denial of Service Vulnerability in JBossWS Native Arbitrary Java Code Execution via Crafted URL in JBoss Seam 2 Framework Privilege Escalation via Race Condition in PolicyKit (polkit) 0.96 Denial of Service Vulnerability in libvirtd: Thread-Safe Error Reporting Issue Taint Protection Bypass in Perl 5.10.x - 5.13.11 Memory Leak Vulnerability in rsyslogd Daemon Service Memory Leak Vulnerability in rsyslogd Daemon Service Memory Leak Vulnerability in rsyslogd Daemon Service Login CSRF Vulnerability in Roundcube Webmail Arbitrary Outbound TCP Connection Vulnerability in Roundcube Webmail Array Index Error in rose_parse_national Function in Linux Kernel Integer Overflow in _ctl_do_mpt_command Function in Linux Kernel 2.6.38 and Earlier Allows Privilege Escalation or Memory Corruption Memory Corruption and Privilege Escalation Vulnerability in Linux Kernel's mpt2sas_ctl.c Privilege Escalation via tmux -S Command-Line Option Cross-Site Scripting Vulnerability in Rails' auto_link Function Proxy-Authorization Header Leakage in Apache HttpClient 4.x Open HTTP Proxy Server Vulnerability Improper Permission Restriction in Pithos 0.3.7 Allows Unauthorized Access to Pandora Credentials Arbitrary File Read Vulnerability in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA Arbitrary File Read Vulnerability in Liferay Portal Community Edition Arbitrary Web Script Injection via Blog Title in Liferay Portal Community Edition (CE) 5.x and 6.x Unspecified Vulnerability in IBM Lotus Quickr 8.1: SPR ESEO8DQME2 STARTTLS Implementation Vulnerability in Kerio Connect and MailServer Unrestricted Session Vulnerability in Asterisk Open Source and Business Edition Publisher Function Pointer Overwrite Vulnerability Weak Encryption of Passwords in ManageEngine ServiceDesk Plus (SDP) Arbitrary Web Script Injection Vulnerability in ManageEngine ServiceDesk Plus (SDP) Unspecified Remote Code Execution Vulnerability in Oracle GlassFish Server Heap-based Buffer Overflow in Autonomy KeyView Allows Remote Code Execution Static Code Injection Vulnerability in e107 CMS 0.7.24 and Earlier: Remote PHP Code Injection via install_.php Denial of Service Vulnerability in HP OpenView Storage Data Protector Denial of Service Vulnerability in HP OpenView Storage Data Protector Incomplete Propagation of Sandbox Restrictions in Apple Mac OS X 10.5.x through 10.7.x SAP NetWeaver 7.0 DiagTraceHex() Function Remote Code Execution and Denial of Service Vulnerability Arbitrary Web Script Injection in Open Ticket Request System (OTRS) 2.4.x and 3.x Authentication Bypass and Remote Code Execution in IBM Lotus Domino Server Controller Default Configuration of IBM Lotus Domino Server Console Allows Unauthorized Access File URL Redirection Vulnerability in urllib and urllib2 Modules SQL Injection Vulnerabilities in Doctrine DBAL Platforms AbstractPlatform::modifyLimitQuery Function Arbitrary Web Script Injection Vulnerability in Nagios Statusmap.cgi Cross-Site Scripting (XSS) Vulnerability in Symantec LiveUpdate Administrator (LUA) Login GUI Heap-based Buffer Overflow in RealPlayer Allows Remote Code Execution via Crafted IVR File Kerberos FTP Daemon Vulnerability: Bypassing Group Access Restrictions Denial of Service Vulnerability in MIT Kerberos 5 LDAP Plugin Kerberos 5 LDAP Back End Denial of Service Vulnerability Denial of Service Vulnerability in MIT Kerberos 5 Denial of Service Vulnerability in MIT Kerberos 5 KDC Remote Document Reading Vulnerability in HP Photosmart and ENVY Printers Unspecified SNMP Vulnerability in HP Photosmart and ENVY Printers Arbitrary Web Script Injection Vulnerability in HP Photosmart and ENVY Printers Unspecified Remote Access Vulnerability in HP Network Node Manager i (NNMi) 9.0x Unspecified Remote Code Execution Vulnerability in HP Insight Control for Linux Unspecified Remote Information Disclosure Vulnerability in HP Performance Insight Arbitrary Web Script Injection Vulnerability in HP Proliant Support Pack (PSP) before 8.7 Open Redirect Vulnerability in HP Proliant Support Pack (PSP) before 8.7 Unspecified Remote Information Disclosure Vulnerability in HP Proliant Support Pack (PSP) Remote Code Execution Vulnerability in HP System Management Homepage (SMH) Remote Code Execution Vulnerability in HP System Management Homepage (SMH) before 6.3 Arbitrary Web Script Injection Vulnerability in HP Systems Insight Manager (SIM) CSRF Vulnerability in HP Systems Insight Manager (SIM) before 6.3 Unspecified Privilege Escalation Vulnerability in HP Insight Control Performance Management CSRF Vulnerability in HP Insight Control Performance Management Multiple SQL Injection Vulnerabilities in Andy's PHP Knowledgebase (Aphpkb) before 0.95.3 Stack Consumption Vulnerabilities in NetBSD Kernel with IPsec Enabled Vulnerability: Privilege Escalation via Logrotate's Default Configuration on Debian GNU/Linux Privilege Escalation Vulnerability in Logrotate on Gentoo Linux Privilege Escalation Vulnerability in logrotate on SUSE openSUSE Factory Privilege Escalation via Ownership Misconfiguration in SUSE openSUSE Factory Memory Read Vulnerability in t1lib 5.1.2 and earlier Use-after-free vulnerability in t1lib 5.1.2 and earlier: Denial of Service via Crafted Type 1 Font Off-by-one error in t1lib 5.1.2 and earlier: Denial of Service via Crafted Type 1 Font SQL Injection Vulnerability in saa.php in Aphpkb 0.95.3 and Earlier SQL Injection Vulnerability in Aphpkb 0.95.4: Remote Code Execution via pdfgen.php SQL Injection Vulnerability in ICloudCenter ICJobSite 1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in IBM Web Interface for Content Management 1.0.4 before FP3 Unspecified Vulnerability in IBM Web Interface for Content Management (WEBi) 1.0.4 before FP3 Authentication Bypass Vulnerability in IBM solidDB LDAP Login Bypass Vulnerability in IBM AIX 6.1 Authentication Bypass and Arbitrary SQL Execution in Ecava IntegraXor HMI Multiple Stack-Based Buffer Overflows in DATAC RealFlex RealWin HMI Application Heap-based Buffer Overflow in DATAC RealFlex RealWin HMI Application IGSSdataServer.exe Directory Traversal Vulnerability Directory Traversal Vulnerability in 7-Technologies IGSS (dc.exe) 9.00.00.11059 and Earlier Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) Format String Vulnerability in IGSSdataServer.exe 9.00.00.11074 and earlier versions Arbitrary File Source Code Disclosure in Douran Portal 3.9.7.8 via download.aspx Arbitrary Web Script Injection in Liferay Portal Community Edition (CE) 6.x before 6.0.6 GA Arbitrary Command Execution Vulnerability in XSL Content Portlet in Liferay Portal Community Edition (CE) 5.x and 6.x Arbitrary Command Execution via Directory Traversal in Gitolite ADC Feature Denial of Service Vulnerability in Linux Kernel's SCTP Chunk Length Calculation Stack-based Buffer Overflow in ReadS3M Method in libmodplug STARTTLS Implementation in Pure-FTPd Allows Plaintext Command Injection Denial of Service Vulnerability in Linux Kernel's Generic Receive Offload (GRO) Implementation Heap-based Buffer Overflow in is_gpt_valid Function in Linux Kernel MediaWiki XSS Vulnerability with Dangerous File Extension and Modified URI Path Cross-Site Scripting (XSS) Vulnerability in MediaWiki's checkCss Function Privilege Escalation via Crafted POST Request in MediaWiki Transwiki Import Functionality Denial of Service Vulnerability in Linux Kernel's bond_select_queue Function Incomplete Fix for Security Constraint Bypass in Apache Tomcat 7.0.12 and 7.0.13 Integer overflows in Xen's xc_dom_bzimageloader.c leading to denial of service and potential code execution Arbitrary PHP Code Execution in Dotclear Media Manager CIFS Share Authentication Bypass Vulnerability Directory Traversal Vulnerability in KGetMetalink::File::isValidNameAttr Function MediaWiki XSS Vulnerability in Internet Explorer 6 and Earlier Thunar File Manager Vulnerability: Crash on Copying File Names with % Format Characters Mojolicious Path.pm Directory Traversal Vulnerability Denial of Service Vulnerability in X.509if Dissector in Wireshark Remote Code Execution Vulnerability in Wireshark DECT Dissector Integer Overflow Vulnerability in Wireshark NFS Dissector Integer overflows in next_pidmap function leading to denial of service in Linux kernel Open Redirect Vulnerability in Spacewalk 1.6 Allows for Phishing Attacks Directory Traversal Vulnerability in rdesktop Disk Redirection OpenVAS Manager v2.0.3 Plugin Remote Code Execution Vulnerability NULL pointer dereference vulnerability in bcm_release function in Linux kernel Arbitrary Command Execution via Originate Action in Asterisk Manager Interface Privilege Escalation Vulnerability in Cisco Unified IP Phones 7900 Devices (TNP Phones) Privilege Escalation Vulnerability in Cisco Unified IP Phones 7900 Devices (TNP Phones) Memory Leak Vulnerability in Cisco Unified Communications Manager (CUCM) Versions 6.x, 7.x, 8.0, and 8.5 Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) Cisco Unified Communications Manager Directory Traversal Vulnerability SQL Injection Vulnerability in Cisco Unified Communications Manager (CUCM) Versions 6.x to 8.5 Multiple SQL Injection Vulnerabilities in xmldirectorylist.jsp in Cisco Unified Communications Manager Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) Software Default Root Password Vulnerability in Cisco Media Processing Software on MXE 5600 Devices Denial of Service Vulnerability in Cisco IOS 12.2(58)SE with Login Banner Configuration Cisco IOS DLSw Denial of Service Vulnerability Improper Signature Verification in Cisco Unified IP Phones 7900 Devices (aka TNP Phones) Denial of Service Vulnerability in Cisco IOS 12.2 (Bug ID CSCtj22354) Remote Database Data Disclosure Vulnerability in Cisco Unified Communications Manager and Cisco Unified Presence Server Arbitrary Code Execution via Backup Configuration File Read Vulnerability in Cisco RVS4000 and WRVS4400N Routers Arbitrary Command Execution Vulnerability in Cisco RVS4000 and WRVS4400N Routers (CSCtn23871) Remote attackers can read private key for admin SSL certificate on Cisco RVS4000 and WRVS4400N Gigabit Security Routers Denial of Service Vulnerability in Cisco Content Delivery System (CDS) Internet Streamer Application Denial of Service Vulnerability in Cisco IOS XR with SPA Interface Processor (Bug ID CSCto45095) SLAAC Attack: Windows 7 Vulnerability Allows Man-in-the-Middle Attacks via IPv6 Router Advertisements Multiple SQL Injection Vulnerabilities in CA Total Defense (TD) r12 UNC Server Directory Traversal Vulnerability in CA Total Defense r12 Management Server Cleartext Response Vulnerability in CA Total Defense (TD) r12 UNC Server Denial of Service Vulnerability in PHP ZipArchive Functions Privilege escalation via $ORIGIN token expansion in glibc's RPATH Integer Overflow in fnmatch.c in glibc 2.13 and earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in GrapeCity Data Dynamics Reports Node Quick Find Module for Drupal Allows Unauthorized Access to Node Titles via Autocomplete Arbitrary Web Script Injection Vulnerability in Drupal Translation Management Module Arbitrary SQL Command Execution in Translation Management Module for Drupal CSRF Vulnerability in Translation Management Module for Drupal Sensitive Information Exposure in PHPBoost 3.0: Unauthorized Access to Backup SQL Files Information Disclosure Vulnerability in Metaways Tine 2.0 SQL Injection Vulnerability in Anzeigenmarkt 2011: Remote Code Execution via q Parameter AR Web Content Manager (AWCM) Search Parameter Cross-Site Scripting (XSS) Vulnerability Arbitrary File Read Vulnerability in WP Custom Pages Module 0.5.0.1 for WordPress Arbitrary Web Script Injection in InTerra Blog Machine 1.84 Cross-site scripting (XSS) vulnerability in Tracks 1.7.2, 2.0RC2, and 2.0devel in todos_controller.rb Sensitive Information Disclosure in Dell KACE K2000 Systems Deployment Appliance Administrator Password Disclosure in NetGear ProSafe WNAP210 Authentication Bypass Vulnerability in NetGear ProSafe WNAP210 Firmware 2.0.12 Local Privilege Escalation via Mount in util-linux Failure to Remove /etc/mtab.tmp File in mount Utility Unspecified Impact and Local Attack Vectors in mount Utility Local Privilege Escalation via SMBFS in Samba 3.5.8 and earlier Resource Limit Bypass Vulnerability in ncpfs 2.2.6 and Earlier Unspecified Impact and Local Attack Vectors in ncpmount Local Privilege Escalation via vmware-hgfsmounter in VMware Open Virtual Machine Tools Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in phpList 2.10.13 and Earlier Unspecified Application Access Vulnerability in IBM WebSphere Application Server (WAS) Heap-based Buffer Overflow in VLC Media Player MP4 Demultiplexer Arbitrary Code Execution via CSRF in Best Practical Solutions RT 3.8.0 through 3.8.9 and 4.0.0rc through 4.0.0rc7 SQL Injection Vulnerabilities in Best Practical Solutions RT Sensitive Information Disclosure in Best Practical Solutions RT Arbitrary File Read Vulnerability in Best Practical Solutions RT Multiple Cross-Site Scripting (XSS) Vulnerabilities in Best Practical Solutions RT Remote Credential Harvesting Vulnerability in Best Practical Solutions RT 3.6.0 - 3.6.10 and 3.8.0 - 3.8.8 NULL pointer dereference vulnerability in counterToCSSValue function in WebKit Novell Identity Manager User Application and Roles Based Provisioning Module Cross-Site Scripting (XSS) Vulnerability Heap-based Buffer Overflow in Novell iPrint Client Allows Remote Code Execution Heap-based Buffer Overflow in Novell iPrint Client Allows Remote Code Execution Remote Code Execution Vulnerability in Novell iPrint Client Heap-based Buffer Overflow in Novell iPrint Client Allows Remote Code Execution Remote Code Execution Vulnerability in Novell iPrint Client Remote Code Execution Vulnerability in Novell iPrint Client Heap-based Buffer Overflow in Novell iPrint Client Allows Remote Code Execution Remote Code Execution Vulnerability in Novell iPrint Client Remote Code Execution Vulnerability in Novell iPrint Client Remote Code Execution Vulnerability in Novell iPrint Client Privilege Escalation via x-scheme-handler/http MIME Type in GNOME Display Manager (gdm) Integer Overflow Vulnerabilities in Novell XTier Framework 3.1.8 HTTP Server Unspecified Remote Account Access Vulnerability in Novell Data Synchronizer Information Disclosure via XSLT generate-id XPath Function Heap Memory Address Disclosure Vulnerability in Microsoft msxml.dll Arbitrary Web Script Injection via Callback Parameter in QooxDoo Framework Directory Traversal Vulnerability in QooxDoo Framework Multiple Cross-Site Scripting (XSS) Vulnerabilities in Xymon Web UI Unencrypted Storage of Sensitive User Data in Skype for Android Multi-line Header Impersonation Vulnerability in CA SiteMinder Stack-based buffer overflows in CA Output Management Web Viewer ActiveX Controls SMTP Server Denial of Service and Remote Code Execution Vulnerability CSRF Vulnerability in WebJaxe 1.02 Allows Remote Authentication Hijacking Arbitrary SQL Command Execution in WEC Discussion Forum Extension for TYPO3 Cross-site scripting (XSS) vulnerability in Redmine 1.0.1 through 1.1.1 in app/views/layouts/base.rhtml Unspecified Privilege Escalation Vulnerability in HP Virtual Server Environment Unspecified Information Disclosure Vulnerability in HP Network Automation Arbitrary Web Script Injection Vulnerability in HP SiteScope HP SiteScope Multiple Versions Cross-Site Scripting (XSS) Vulnerability Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Directory Traversal Vulnerability in HP OpenView Storage Data Protector Unspecified Cross-Site Scripting (XSS) Vulnerabilities in HP Palm webOS Email Application Privilege Escalation Vulnerability in HP Palm webOS 1.4.5 and 1.4.5.1 Improper Handling of CIDR Blocks in mountd Allows Access Bypass Privileged Access Vulnerability in EMC Avamar Remote Code Execution Vulnerability in OpenText Hummingbird Client Connector Cleartext Account Credentials Exposure in EMC Data Protection Advisor Arbitrary Web Script Injection Vulnerability in EMC Captiva eInput 2.1.1 Arbitrary File Read and Denial of Service Vulnerability in EMC Captiva eInput 2.1.1 Integer Overflow in Linux Kernel's agp_generic_insert_memory Function Multiple Integer Overflows in Linux Kernel's agp_allocate_memory and agp_create_user_memory Functions Memory Consumption Vulnerability in Linux Kernel's AGP Subsystem NULL pointer dereference vulnerability in Linux kernel before 2.6.39-rc6 in raw_release function Local Privilege Escalation via nfs_addmntent Function in nfs-utils Heap-based Buffer Overflow Vulnerabilities in virtio-blk Driver in qemu-kvm 0.14.0 Use-after-free vulnerability in qemu-kvm allows for guest crash and potential code execution Apache Subversion mod_dav_svn Denial of Service Vulnerability XML Entity Expansion Denial of Service Vulnerability Denial of Service Vulnerability in jabberd14 1.6.1.1 and Earlier Denial of Service Vulnerability in jabberd2 before 2.2.14 Denial of Service Vulnerability in Citadel XMPP Server Denial of Service Vulnerability in DJabberd 0.84 and Earlier Kerberos Authentication Bypass Vulnerability in SSSD Integer Overflow in sys_oabi_semtimedop Function in Linux Kernel Local Privilege Escalation in OProfile 0.9.6 and Earlier via Shell Metacharacters in -e Argument Stack-based Buffer Overflow in libmodplug before 0.8.8.3 WordPress Vulnerability: Privilege Escalation in 'wp-admin/press-this.php' Script Denial of Service and Privilege Escalation Vulnerability in Xen's get_free_port Function Format String Vulnerability in Exim DKIM Logging MediaWiki XSS Vulnerability in Internet Explorer 6 and Earlier Authentication Bypass Vulnerability in MediaWiki before 1.16.5 Denial of Service Vulnerability in Linux Kernel's ip_gre Module Loading Denial of Service Vulnerability in Linux Kernel Tunnels Implementation Denial of Service Vulnerability in SystemTap 1.4 and Earlier Integer Underflow Vulnerability in Linux Kernel's DCCP Parsing Function Denial of Service Vulnerability in Linux Kernel's cifs_close Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in Apache Struts 2.x and OpenSymphony WebWork Vulnerability: VNC Console Password Bypass in virt-v2v Arbitrary File Creation and Code Execution Vulnerability in Apple Safari WebKit Improper X.509 Certificate Verification in TigerVNC 1.1beta1 Heap-based Buffer Overflow in Linux Kernel's is_gpt_valid Function Buffer overflow vulnerabilities in heap_add_entry and relocate_dir functions in libarchive Buffer Overflow Vulnerability in libarchive through 2.8.5 Use-after-free vulnerabilities in libarchive 2.8.4 and 2.8.5: Remote code execution and denial of service Denial of Service Vulnerability in Xen 3.0.3 Instruction Emulation Denial of Service Vulnerability in SystemTap 1.4 with Unprivileged Mode Heap-based Buffer Overflow in GIMP PSP Plugin Allows Remote Code Execution Denial of Service Vulnerability in mod_dav_svn Module Insecure Permissions in keepalived.pid, checkers.pid, and vrrp.pid Files Allow Process Killing Remote Denial of Service Vulnerability in VMware ESXi and ESX Denial of Service Vulnerability in Likewise Open/Enterprise Privilege Escalation via Race Condition in VMware Host Guest File System (HGFS) Unspecified Vector SOAP Session ID Disclosure in vCenter Server Unsigned Self-Extracting Installer Vulnerability in VMware vSphere Client Installer Denial of Service and Possible Remote Code Execution in WebKit's SVG Rendering Integer Overflow in SVG Filter Implementation in WebKit Integer Underflow in HTMLFormElement::removeFormElement Function in WebKit Use-after-free vulnerability in FrameView::calculateScrollbarModesForLayout function in WebCore in WebKit in Google Chrome before 11.0.696.65 Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Unspecified Variable Cast Vulnerability in WebKit Improper Variable Casting Vulnerability in Google Chrome Integer overflows in SVG Filters implementation in WebKit in Google Chrome Bypassing Pop-up Blocker Vulnerability in Google Chrome Memory Corruption Vulnerability in WebKit Vulnerability: Accessing Removed SMIL Element in WebKit Float Rendering Vulnerability in WebKit CSS Bad Cast Vulnerability in Google Chrome Memory Corruption Vulnerability in Google Chrome Out-of-Bounds Write Vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 12.0.742.91: Float Handling Integer Calculation Denial of Service Vulnerability Google Chrome Use-After-Free Vulnerability in Accessibility Feature CSS Implementation Vulnerability in Google Chrome Allows Unauthorized Access to Visit History Denial of Service Vulnerability in Google Chrome Bypassing Access Restrictions in Google Chrome Extensions Denial of Service and Remote Code Execution Vulnerability in Google Chrome Extensions Framework Uninitialized Pointer Read Vulnerability in Google Chrome Remote Script Injection Vulnerability in Google Chrome Extensions Use-after-free vulnerability in Google Chrome developer tools allows for remote code execution Memory Corruption Vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome image loader Unspecified Injection Vulnerability in Google Chrome Extensions IBM Tivoli Directory Server (TDS) Audit Log Information Disclosure Vulnerability Denial of Service Vulnerability in IBM Tivoli Directory Server (TDS) 5.2 Cleartext SHA Password Storage Vulnerability in IBM Tivoli Directory Server Arbitrary Code Execution and Root Privilege Escalation via vold Volume Manager Daemon on Android 3.0 and 2.x Memory Initialization Vulnerability in Opera's VEGAOpBitmap::AddLine Function Multiple Cross-Site Scripting (XSS) Vulnerabilities in CA Arcot WebFort Versatile Authentication Server (VAS) Administrative Console Open Redirect Vulnerability in CA Arcot WebFort Versatile Authentication Server (VAS) Allows for Phishing Attacks Unspecified Remote Code Execution Vulnerabilities in Check Point SSL Network Extender, SecureWorkSpace, and Endpoint Security On-Demand Arbitrary Unmount Operations Vulnerability in usb-creator-helper Insecure Inline GPG Signature Validation in APT before 0.8.15.2 Insecure Module Loading Vulnerability in Ekiga Versions Before 3.3.0 Privilege Escalation via Insecure Mountpoint Permissions in ecryptfs-utils Improper Permission Check in ecryptfs-utils Allows Local Users to Remove Directories Race condition vulnerability in eCryptfs subsystem allows local users to bypass file permissions via a mismatched uid in mount.ecryptfs_private mount Improper Maintenance of mtab File in ecryptfs-utils Allows for Denial of Service and Unmount Bypass Insecure Passphrase File Creation in ecryptfs-utils Insecure Permissions in ecryptfs-recover-private Vulnerability Arbitrary File Overwrite Vulnerability in ecryptfs-utils Cross-Site Scripting (XSS) Vulnerabilities in TWiki TemplateLogin.pm Session ID Exposure in IBM Rational Build Forge 7.1.0 during Redirection Cleartext Storage of Master Password and Account Information in MartiniCreations PassmanLite Android App Unspecified Cross-Site Scripting (XSS) Vulnerability in Mojolicious link_to Helper Privilege Escalation via Shell Metacharacters in D-Bus Backend Integer Overflow Vulnerability in Tinyproxy's conf.c Memory Leak in Microsoft Silverlight 4: Denial of Service via Popup Control and DependencyProperty Memory leaks in DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 Inherited Role Membership Vulnerability in IBM DB2 Privilege Escalation via Unauthorized Table Access in IBM DB2 Stack-based Buffer Overflow in HP Intelligent Management Center (IMC) 5.0 before E0101L02 Arbitrary Code Execution via Crafted WRQ Request in HP Intelligent Management Center (IMC) 5.0 Remote Code Execution Vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 Stack-based Buffer Overflow in HP Intelligent Management Center (IMC) 5.0 before E0101L02 via Long Mode Field Stack-based Buffer Overflow in HP Intelligent Management Center (IMC) 5.0 before E0101L02 Arbitrary Code Execution Vulnerability in HP Intelligent Management Center (IMC) 5.0 HP Intelligent Management Center (IMC) 5.0 Use-After-Free Remote Code Execution Vulnerability Unspecified Local User Data Manipulation Vulnerability in HP Network Node Manager i (NNMi) 9.0x Arbitrary Web Script Injection Vulnerability in HP Business Availability Center (BAC) 8.06 and Earlier Unspecified Access Restriction Bypass Vulnerability in HP Service Manager and Service Center Unspecified Local Access Bypass Vulnerability in HP Service Manager and Service Center Unspecified Remote Information Disclosure Vulnerability in HP Service Manager and Service Center Unspecified Remote Credential Capture Vulnerability in HP Service Manager and Service Center Unspecified Remote Data Modification and Information Disclosure Vulnerability in HP Service Manager and Service Center Arbitrary Web Script Injection Vulnerability in HP Service Manager and Service Center Unspecified Script Injection Vulnerability in HP Service Manager and Service Center Unspecified Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Stack-based Buffer Overflow Vulnerabilities in HP OpenView Storage Data Protector Remote Code Execution Vulnerability in HP OpenView Storage Data Protector Remote Code Execution Vulnerability in HP Intelligent Management Center DFS Memory Corruption Vulnerability DFS Referral Response Vulnerability CSRSS Local EOP SrvWriteConsoleOutputString Vulnerability ICMP Denial of Service Vulnerability in Windows TCP/IP Stack VMBus Persistent DoS Vulnerability in Hyper-V Win32k OTF Validation Vulnerability Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Use After Free Vulnerability in Microsoft Windows Win32k Null Pointer Dereference Vulnerability Win32k Incorrect Parameter Validation Allows Information Disclosure Vulnerability Win32k Null Pointer Dereference Vulnerability Win32k Null Pointer Dereference Vulnerability TMG Firewall Client Memory Corruption Vulnerability EditForm.aspx Cross-Site Scripting (XSS) Vulnerability in Microsoft Office SharePoint Server 2010 and SharePoint Foundation 2010 Contact Details Reflected XSS Vulnerability in Microsoft SharePoint Services and SharePoint Foundation SharePoint Remote File Disclosure Vulnerability SharePoint XSS Vulnerability MHTML Mime-Formatted Request Vulnerability CRLF Injection Vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010: ExcelTable Response Splitting XSS Vulnerability Microsoft Forefront Unified Access Gateway (UAG) 2010 XSS Vulnerability Default Reflected XSS Vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, Update 1, Update 2, and SP1 Vulnerability: Privilege Escalation via DMA-Generated MSI Interrupts Unspecified Cross-Site Scripting (XSS) Vulnerabilities in CA eHealth 6.0.x - 6.2.2 NTWebServer Directory Traversal Arbitrary Code Execution Vulnerability Authentication Bypass Vulnerability in Proofpoint Messaging Security Gateway and Protection Server Proofpoint Messaging Security Gateway and Protection Server Directory Traversal Vulnerability Unspecified SQL Injection Vulnerability in Proofpoint Messaging Security Gateway and Protection Server Command Injection Vulnerability in Proofpoint Messaging Security Gateway and Protection Server Unspecified Cross-Site Request Forgery (CSRF) Vulnerabilities in Proofpoint Messaging Security Gateway and Protection Server Insecure Storage of User-Account Credentials in Trustwave WebDefend Enterprise Denial of Service Vulnerability in ISC BIND 9.8.x Integer Overflow in FreeType Engine in Foxit Reader Off-by-one error in ISC BIND allows remote DNS servers to cause denial of service Predictable _flowExecutionKey parameter in JasperServer allows for CSRF attacks SQL Injection Vulnerability in Mercator SENTINEL 2.0 Login Form Buffer Overflow Vulnerability in Advantech ADAM OPC Server ActiveX Control Arbitrary SQL Command Execution Vulnerability in eClient 7.3.2.3 Stack-based Buffer Overflow in GE Intelligent Platforms Proficy Historian Stack-based Buffer Overflow Vulnerabilities in GE Intelligent Platforms Proficy Applications Arbitrary File Overwrite Vulnerability in NetBSD Make Include Files Apache Subversion mod_dav_svn Replay REPORT Information Disclosure Vulnerability Denial of Service in Unbound 1.x via Crafted DNS Request Insecure Diffie-Hellman Key Exchange Implementation in PolarSSL Buffer Overflow in Tor's policy_summarize Function Allows Remote Denial of Service Remote Denial of Service in Network Block Device (nbd-server) 2.9.21 via Export Name Negotiation Failure STARTTLS Implementation Vulnerability in Cyrus IMAP Server Denial of Service Vulnerability in Linux Kernel's ip_expire Function Denial of Service Vulnerability in Apache Portable Runtime (APR) Library and Apache HTTP Server Denial of Service and Mailbox Corruption Vulnerability in Dovecot 1.2.x and 2.0.x Arbitrary Code Execution via Unescaped DHCP Options in klibc 1.5.20 and 1.5.21 Memory Corruption Vulnerability in Sunplus SP5X JPEG Decoder Directory Traversal Vulnerability in Widelands Internet Game File Transfer SQL Injection Vulnerability in Jifty::DBI (<=0.68) Lilo 23.1 Vulnerability: World-Readable lilo.conf via lilo-uuid-diskid Packet Truncation Vulnerability in libpcap 1.1.1 Denial of Service Vulnerability in Xen with VMX Virtualization Extension Webmin 1.540 XSS Vulnerability in chfn Command Stack-based Buffer Overflow in socket_connect function in PHP 5.3.3 through 5.3.6 SQL Injection Vulnerability in Zend Framework with Non-ASCII-Compatible Encodings Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin 3.3.x and 3.4.x Open Redirect Vulnerability in phpMyAdmin 3.4.x before 3.4.1 Sensitive Information Disclosure in NetworkManager's destroy_one_secret Function Integer Overflow Vulnerability in libxml2 and libxml Timing Attack Vulnerability in OpenSSL's ECC Subsystem Privilege Escalation Vulnerability in libgnomesu 1.0.0 Denial of Service Vulnerability in fetchmail 5.9.9 through 6.3.19 Plone 4.1 and Earlier XSS Vulnerability Cross-site scripting (XSS) vulnerability in safe_html filter in Plone 2.1 through 4.1 Plone.app.users Remote Account Modification Vulnerability Denial of Service Vulnerability in Balabit syslog-ng Denial of Service Vulnerability in Post Revolution before 0.8.0c-2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Post Revolution before 0.8.0c-2 Cross-Site Request Forgery (CSRF) Vulnerabilities in Post Revolution 0.8.0c-2 and Earlier NULL Pointer Dereference Vulnerability in Wireshark 1.4.5 Denial of Service Vulnerability in Wireshark DICOM Dissector Denial of Service Vulnerability in Wireshark 1.2.x and 1.4.x Stack-based Buffer Over-read Vulnerability in Wireshark's snoop_read Function Event Handlers Information Disclosure Vulnerability in Microsoft Internet Explorer 6-9 Telnet Handler Remote Code Execution Vulnerability Shift JIS Character Encoding Vulnerability in Microsoft Internet Explorer 6-9 XSLT Memory Corruption Vulnerability in Microsoft Internet Explorer 7-9 Style Object Memory Corruption Vulnerability in Microsoft Internet Explorer 6-9 TCP/IP QoS Denial of Service Vulnerability DNS NAPTR Query Vulnerability in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 CSRSS Privilege Escalation Vulnerability Windows Remote Desktop Protocol Denial of Service Vulnerability Poisoned Cup of Code Execution Vulnerability in Microsoft Forefront UAG 2010 DNS Uninitialized Memory Corruption Vulnerability Windows Kernel Metadata Parsing DOS Vulnerability Visio File Parsing Remote Code Execution Vulnerability NDISTAPI Elevation of Privilege Vulnerability Data Access Components Insecure Library Loading Vulnerability Report Viewer Controls XSS Vulnerability Chart Control Information Disclosure Vulnerability Socket Restriction Bypass Vulnerability in Microsoft .NET Framework Move Around the Block RCE Vulnerability in Microsoft Visio 2003 and 2007 Office Component Insecure Library Loading Vulnerability Office Uninitialized Object Pointer Vulnerability Microsoft Office Use-After-Free Vulnerability in Word Documents WINS Local Elevation of Privilege Vulnerability Win32k Null Pointer De-reference Vulnerability Excel Use-after-Free Vulnerability Excel Out of Bounds Array Indexing Vulnerability Excel Heap Corruption Vulnerability Excel Conditional Expression Parsing Vulnerability Excel Out of Bounds Array Indexing Vulnerability Windows Components Insecure Library Loading Vulnerability XSS Filter Information Disclosure Vulnerability in Microsoft Internet Explorer 8 Scroll Event Remote Code Execution Vulnerability OLEAuto32.dll Remote Code Execution Vulnerability Option Element Remote Code Execution Vulnerability OnLoad Event Remote Code Execution Vulnerability in Microsoft Internet Explorer 6 Jscript9.dll Remote Code Execution Vulnerability in Microsoft Internet Explorer 9 Select Element Remote Code Execution Vulnerability in Microsoft Internet Explorer 8 Body Element Remote Code Execution Vulnerability Virtual Function Table Corruption Remote Code Execution Vulnerability Win32k TrueType Font Type Translation Vulnerability Font Library File Buffer Overrun Vulnerability in Windows TrueType Font Parsing Vulnerability in win32k.sys Ancillary Function Driver Elevation of Privilege Vulnerability Endless Loop Denial of Service (DoS) Vulnerability in Microsoft Host Integration Server (HIS) Access of Unallocated Memory DoS Vulnerability in Microsoft Host Integration Server (HIS) 2004 SP1, 2006 SP1, 2009, and 2010 Media Center Insecure Library Loading Vulnerability Pinyin IME Elevation Vulnerability Win32k Use After Free Vulnerability Null Session Cookie Crash Vulnerability in Microsoft Forefront Unified Access Gateway (UAG) 2010 Remote Code Execution via UDP Packet Overflow in Windows TCP/IP Implementation LDAPS Authentication Bypass Vulnerability Windows Mail and Windows Meeting Space Untrusted Search Path Vulnerability Windows Kernel Object Initialization Vulnerability Internet Explorer Insecure Library Loading Vulnerability Arbitrary Web Script Injection in TIBCO iProcess Engine and iProcess Workspace Session Fixation Vulnerability in TIBCO iProcess Engine and iProcess Workspace Unvalidated Start Parameter in agp_generic_remove_memory Function in Linux Kernel Arbitrary Web Script Injection via Crafted STYLE Element in SquirrelMail (CVE-2020-12345) Default Administrative Password Vulnerability in Cisco Network Registrar Arbitrary Code Execution Vulnerability in Cisco AnyConnect Secure Mobility Client Unauthenticated Download of Executable File in Cisco AnyConnect Secure Mobility Client Privilege Escalation Vulnerability in Cisco AnyConnect Secure Mobility Client Information Disclosure Vulnerability in CiscoWorks Common Services 3.x and 4.x Cisco ASA LDAP Authentication Bypass Vulnerability Denial of Service Vulnerability in Cisco IOS 12.2 (Bug ID CSCtq36327) Denial of Service Vulnerability in Cisco IOS 12.2 (Bug ID CSCtq36336) Cisco IOS IPv6 Fingerprinting Vulnerability Denial of Service Vulnerability in Cisco ASA 5500 Series Devices (Bug ID CSCtq50523) Denial of Service Vulnerability in Cisco Content Services Gateway - Second Generation (CSG2) Memory Leak Vulnerability in Cisco IOS and Cisco Unified Communications Manager (CUCM) Remote Code Execution Vulnerability in Skype Client on Mac OS X Unspecified Remote Code Execution Vulnerability in Google Chrome 11.0.696.65 Cleartext Password Storage Vulnerability in MediaCAST 8 and Earlier Default Configuration of New Atlanta BlueDragon Administrative Interface Allows Remote TCP Connections Multiple Cross-Site Scripting (XSS) Vulnerabilities in New Atlanta BlueDragon Administrative Interface in MediaCAST 8 and Earlier XML Injection Vulnerability in MediaCAST 8 and Earlier Multiple SQL Injection Vulnerabilities in MediaCAST 8 and Earlier Information Disclosure Vulnerability in MediaCAST 8 and Earlier Incomplete Fix for Password Hash Algorithm Vulnerability in Best Practical Solutions RT 3.x and 4.x Cross-Site Scripting (XSS) Vulnerabilities in Best Practical Solutions RT 3.x and 4.x Information Disclosure Vulnerability in Best Practical Solutions RT Cross-Site Request Forgery (CSRF) Vulnerabilities in Best Practical Solutions RT before 3.8.12 and 4.x before 4.0.6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Apache Struts 2.x Java Templates Plugin Information Disclosure Vulnerability in XWork 2.2.1 in Apache Struts 2.2.1 and OpenSymphony WebWork Stack-based Buffer Overflow in SetActiveXGUID Method in GenVersion.dll 8.0.138.0 Unspecified Denial of Service Vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 Unrestricted Class Creation Deserialization Vulnerability in Adobe LiveCycle Data Services, LiveCycle, and BlazeDS Complex Object Graph Vulnerability in Adobe LiveCycle Data Services, LiveCycle, and BlazeDS Buffer Overflow Vulnerability in Adobe Reader and Acrobat Buffer Overflow Vulnerability in Adobe Reader and Acrobat Heap-based Buffer Overflow in Adobe Reader and Acrobat Buffer Overflow Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Untrusted Search Path Vulnerability in Adobe Reader and Acrobat Cross Document Script Execution Vulnerability in Adobe Reader and Acrobat Unspecified Access Restriction Bypass Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat 8.x Memory Corruption Vulnerability in Adobe Reader and Acrobat Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat on Mac OS X Universal Cross-Site Scripting (XSS) Vulnerability in Adobe Flash Player Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Integer Overflow Vulnerabilities in Adobe Shockwave Player Remote Code Execution Vulnerability in Adobe Flash Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-2117) Buffer Overflow Vulnerabilities in Adobe Shockwave Player Buffer Overflow Vulnerabilities in Adobe Shockwave Player Unspecified Memory Corruption Vulnerability in Adobe Shockwave Player Heap-based Buffer Overflow in Adobe Shockwave Player (CVE-2011-2117) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-2111 and CVE-2011-2115) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-XXXX-XXXX) Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Arbitrary Code Execution Vulnerability in Adobe Shockwave Player Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-0321) Heap-based Buffer Overflow in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Buffer Overflow Vulnerability in Adobe Shockwave Player Buffer Overflow Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Buffer Overflow Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Photoshop CS5 and CS5.1 Memory Corruption Vulnerability in Adobe Flash Media Server (FMS) Arbitrary Web Script Injection in Adobe RoboHelp 8 and 9 Buffer Overflow Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Integer Overflow Vulnerability in Adobe Flash Player and Adobe AIR Buffer Overflow Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution Vulnerability in Adobe Flash Player and Adobe AIR Same Origin Policy Bypass Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR SQL Injection Vulnerability in IBM Datacap Taskmaster Capture 8.0.1 before FP1 Cleartext Password Vulnerability in IBM Datacap Taskmaster Capture 8.0.1 Authentication Bypass Vulnerability in IBM Datacap Taskmaster Capture 8.0.1 Denial of Service Vulnerability in IBM Datacap Taskmaster Capture 8.0.1 FP1 and Earlier Arbitrary File Modification Vulnerability in VMware Host Guest File System (HGFS) Information Disclosure Vulnerability in VMware Host Guest File System (HGFS) Insecure Permissions Vulnerability in Openswan 2.2.x OS command injection vulnerability in Admin/frmSite.aspx in SmarterTools SmarterStats 6.0 web server Multiple SQL Injection Vulnerabilities in SmarterTools SmarterStats 6.0 Web Server XML Injection Vulnerability in SmarterTools SmarterStats 6.0 Web Server Cleartext Password Vulnerability in SmarterTools SmarterStats 6.0 Web Server Cross-Domain Referer Leakage in SmarterTools SmarterStats 6.0 Web Server Cross-Domain Referer Leakage in SmarterTools SmarterStats 6.0 Login.aspx Missing HTTPOnly Flag in SmarterTools SmarterStats 6.0 Login Cookie Autocomplete-enabled Password Field in SmarterTools SmarterStats 6.0 Login Vulnerability Directory Listing Vulnerability in SmarterTools SmarterStats 6.0 Web Server Information Disclosure Vulnerability in SmarterTools SmarterStats 6.0 Web Server Incorrect Content-Type Headers Vulnerability in SmarterTools SmarterStats 6.0 Web Server Content-Type Header Omission Vulnerability in SmarterTools SmarterStats 6.0 Web Server Unrestricted Read Operations Vulnerability in FFmpeg Denial of Service Vulnerability in libavformat in FFmpeg Unspecified Vulnerabilities in FFmpeg with Unknown Impact and Attack Vectors Unspecified Vulnerability in Virtualization Manager 1.2.2 in IBM Systems Director 1.2.2 Unspecified Vulnerabilities in Adobe Photoshop with Unknown Impact and Attack Vectors STARTTLS Implementation Vulnerability in WatchGuard XCS 9.0 and 9.1: Plaintext Command Injection Dovecot 2.0.x Script-Login Vulnerability Directory Traversal Vulnerability in Dovecot 2.0.x before 2.0.13 Integer overflows in glob implementation in OpenBSD before 4.9 Privilege Escalation via /var/lib/chromeos-aliases.conf File in Google Chrome OS Unrestricted Changes on about:flags Page in Google Chrome OS Unspecified vulnerability in dbugs package in Google Chrome OS before R12 0.12.433.38 Beta Arbitrary Script Injection Vulnerability in IBM WebSphere Portal 7.0.0.1 Denial of Service Vulnerability in IBM WebSphere Portal 6.0.1.7 and 7.0.0.1 Double Free Vulnerability in tvb_uncompress Function in Wireshark Integer Underflow Vulnerability in Wireshark's visual_read Function Bypassing Wireless Network Sharing Restrictions in GNOME NetworkManager Arbitrary Code Execution Vulnerability in OpenOffice.org v3.3 Incorrect Argument in virSecurityManagerGetPrivateData Function Allows Guest OS Users to Read Arbitrary Files Multiple Cross-Site Scripting (XSS) Vulnerabilities in Nagios and Icinga config.cgi ARSC 3.3-rc2 dereferer.php XSS Vulnerability Multiple SQL Injection Vulnerabilities in A Really Simple Chat (ARSC) 3.3-rc2 Buffer overflow vulnerability in ldm_frag_add function in Linux kernel before 2.6.39.1 Race condition in scan_get_next_rmap_item function in mm/ksm.c in Linux kernel before 2.6.39.3 with enabled Kernel SamePage Merging (KSM) allows for denial of service or other unspecified impact via crafted application Uninitialized Structure Member Vulnerability in key_replace_session_keyring Function Local Privilege Escalation via Symlink Attack in Fabric Unauthenticated Access Vulnerability in xscreensaver Denial of Service Vulnerability in LuaExpat before 1.2.0 Denial of Service Vulnerability in Linux Kernel's Network Namespace Handling Weak Password Generation in Cherokee Web Server Cherokee-admin Cross-Site Request Forgery (CSRF) Vulnerability Credential Delegation Vulnerability in libcurl 7.10.6 through 7.21.6 Buffer overflow vulnerabilities in TORQUE Resource Manager versions 2.x before 2.4.14, 2.5.x before 2.5.6, and 3.x before 3.0.2 XSPF Playlist Parser Integer Overflow Vulnerability in VLC Media Player Arbitrary Command Execution Vulnerability in WebSVN 2.3.2 Arbitrary Java Code Execution in JBoss Seam Framework Improper Handling of Safe Buffers in Ruby on Rails Allows for Cross-Site Scripting (XSS) Attacks Denial of Service Vulnerability in gnome-terminal (vte) before 0.28.1 Buffer Overflow Vulnerability in tftp-hpa before 5.1 via utimeout Option D-Bus Byte Order Vulnerability Taint Protection Bypass in Data::FormValidator Module Path Traversal and Arbitrary File Creation Vulnerability in PHP's rfc1867_post_handler Function HFS File System Mount Vulnerability Sensitive Information Exposure in Apache Tomcat XML Entity Expansion Denial of Service Vulnerability in Prosody Arbitrary File Read and Denial of Service Vulnerability in DJabberd XMLParser.pm Denial of Service Vulnerability in dirmngr before 2.1.0 Integer Signedness Error in osf_getdomainname Function in Linux Kernel Integer Signedness Error in osf_sysinfo Function in Linux Kernel Information Disclosure Vulnerability in osf_getsysinfo Function Privilege Escalation Vulnerability in osf_wait4 Function on Alpha Platform Buffer Overflow Vulnerability in QEMU-KVM Virtio Subsystem Denial of Service Vulnerability in Linux Kernel's inet_diag_bc_audit Function Remote Code Execution Vulnerability in IGSS SCADA System Unspecified Vulnerability in WalRack 1.x and 2.x Versions NULL pointer dereference vulnerability in reqresp_parser.c in Asterisk Open Source 1.8.x before 1.8.4.2 Arbitrary Code Execution and Denial of Service Vulnerability in Tom Sawyer GET Extension Factory Unspecified Denial of Service Vulnerability in GroupWise Internet Agent (GWIA) Unspecified Denial of Service Vulnerability in GroupWise Internet Agent (GWIA) Remote Code Execution Vulnerability in Novell File Reporter Engine Authentication Bypass Vulnerability in Novell Data Synchronizer Mobility Pack Session Fixation Vulnerability in Novell Data Synchronizer WebAdmin Cleartext Transmission of Admin LDAP Password in Novell Data Synchronizer Mobility Pack Missing HTTPOnly Flag in Novell Data Synchronizer Mobility Pack Allows for Cross-Site Scripting (XSS) Attacks Unspecified Directory Pathname Vulnerability in Kiwi before 3.74.2 Arbitrary Web Script Injection Vulnerability in Kiwi before 3.74.2 Novell Identity Manager User Application and Roles Based Provisioning Module Cross-Site Scripting (XSS) Vulnerability Unspecified Remote Code Execution Vulnerability in Oracle Database Server Unspecified Remote Code Execution Vulnerability in Oracle XML Developer Kit Unspecified vulnerability in Oracle XML Developer Kit component Unspecified Remote Integrity Vulnerability in Oracle Web Services Manager Unspecified Integrity Vulnerability in Oracle Database Vault Component Unspecified vulnerability in Oracle Database Server allowing remote authenticated users to affect confidentiality, integrity, and availability Unspecified Local Confidentiality Vulnerability in Oracle Universal Installer Unspecified vulnerability in Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware: Remote Availability Impact via Analytics Server Unspecified Local Privilege Escalation Vulnerability in Oracle Database Server 11.2.0.1 and 11.2.0.2 Remote Code Execution Vulnerability in Oracle Database Server 11.1.0.7.3, 11.2.0.1, and 11.2.0.2 Unspecified Authentication Vulnerability in Oracle Database Server and Enterprise Manager Grid Control Unspecified Remote Vulnerability in Solaris SSH Component Unspecified Remote Integrity Vulnerability in Oracle E-Business Suite Business Intelligence Component Unspecified vulnerability in SQL Performance Advisories/UIs component in Oracle Database Server and Oracle Enterprise Manager Grid Control Remote authenticated users can disrupt availability in Oracle Solaris 8, 9, and 10 due to an unspecified vulnerability in TCP/IP. Unspecified vulnerability in PeopleSoft Enterprise FIN component allows remote authenticated users to affect confidentiality and integrity Unspecified Remote Integrity Vulnerability in Oracle Secure Backup 10.3.0.3 Unspecified Remote Vulnerability in Oracle Secure Backup Component Unspecified vulnerability in Oracle Database Server allowing remote authenticated users to affect confidentiality, integrity, and availability Unspecified vulnerability in Oracle WebLogic Portal component in Oracle Fusion Middleware Unspecified vulnerability in Oracle Database Server and Oracle Enterprise Manager Grid Control Unspecified vulnerability in Oracle Solaris: Local User Impact on Confidentiality, Integrity, and Availability via rksh Unspecified Local User Vulnerability in Oracle Solaris UFS Unspecified Remote Code Execution Vulnerability in Oracle GlassFish Server Unspecified Remote Vulnerability in Oracle Secure Backup Component Unspecified Remote Code Execution Vulnerability in MySQL Server Component Unspecified Confidentiality Vulnerability in Sun Integrated Lights Out Manager Unspecified vulnerability in Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified vulnerability in Oracle Outside In Technology component in Oracle Fusion Middleware Unspecified Remote Integrity Vulnerability in Oracle E-Business Suite 11.5.10.2 Unspecified vulnerability in PeopleSoft Enterprise FSCM component in Oracle PeopleSoft Products: Confidentiality and Integrity Impact via eProcurement Unspecified Confidentiality Vulnerability in Oracle Supply Chain Products Suite Unspecified Integrity Vulnerability in Oracle PeopleSoft Products Unspecified Remote Integrity Vulnerability in Oracle PeopleSoft Products Unspecified vulnerability in PeopleSoft Enterprise SCM component allows remote authenticated users to compromise confidentiality and integrity Confidentiality vulnerability in PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products Unspecified vulnerability in PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1, Bundle, and #6: Confidentiality and Integrity Impact via Talent Acquisition Manager Unspecified Integrity Vulnerability in Oracle PeopleSoft Products Unspecified vulnerability in PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 Update 2011-D Unspecified Integrity Vulnerability in Oracle PeopleSoft Products 8.50.20 and 8.51.11 Unspecified vulnerability in PeopleSoft Enterprise FMS component in Oracle PeopleSoft Products 9.0 and 9.1 allows remote authenticated users to compromise confidentiality and integrity via unknown vectors related to Payables. Unspecified Confidentiality Vulnerability in PeopleSoft Enterprise HRMS Component Unspecified vulnerability in Oracle Solaris 10 Installer allows local users to compromise system security. Remote authenticated users can affect availability in Oracle Solaris 10 and 11 Express due to an unspecified vulnerability in ZFS. Unspecified Remote Availability Vulnerability in Oracle Solaris Unspecified vulnerability in Sun Integrated Lights Out Manager (ILOM) in SysFW 8.1.0.a and earlier for Oracle SPARC T3, SPARC Netra T3, Sun Blade, and Sun Fire servers Unspecified Local Vulnerability in Oracle Solaris 10 Related to LiveUpgrade Unspecified Local Denial of Service Vulnerability in Oracle Solaris 10 and 11 Express Unspecified vulnerability in Oracle Solaris 10 allows local users to compromise confidentiality via unknown vectors in Trusted Extensions. Unspecified Local Vulnerability in Oracle Solaris 9 and 11 Express Impacting Confidentiality and Integrity via xscreensaver Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via unknown vectors in Zones. Remote Denial of Service Vulnerability in Oracle Solaris 10 and 11 Express via SSH Local Denial of Service Vulnerability in Oracle Solaris 8, 9, 10, and 11 Express via Driver/USB Local Denial of Service Vulnerability in Oracle Solaris 11 Express Unspecified Local Vulnerability in Oracle Solaris Cluster 3.3 Affecting Data Service for WebLogic Server Remote Denial of Service Vulnerability in Oracle Solaris 10 and 11 Express via KSSL Unspecified Remote Code Execution Vulnerability in Oracle SPARC Enterprise XCP Unspecified vulnerability in Oracle VM VirtualBox Guest Additions for Windows Unspecified vulnerability in Oracle Text component affecting confidentiality, integrity, and availability in Oracle Database Server Unspecified Remote Integrity Vulnerability in Oracle E-Business Suite Unspecified vulnerability in Oracle Application Object Library component in Oracle E-Business Suite: Integrity Impact via Attachments / File Upload Remote Code Execution Vulnerability in Oracle Solaris 10 Unspecified Local Vulnerability in Oracle VM VirtualBox 4.0 Unspecified vulnerability in Oracle Linux 4 and 5 allows remote authenticated users to compromise confidentiality and integrity via unknown vectors related to Oracle validated. Unspecified Remote Vulnerability in Oracle SysFW 8.1.0.a in Oracle SPARC T3, Netra SPARC T3, Sun Fire, and Sun Blade Servers Affecting ILOM Unspecified Remote Code Execution Vulnerability in Oracle E-Business Suite Online Help Unspecified Remote Data Capture Vulnerability in Oracle Clinical Unspecified Remote Vulnerability in Oracle Waveset Component Unspecified Local Vulnerability in Oracle Solaris 10 Affecting Availability via ZFS ZFS Confidentiality Vulnerability in Oracle Solaris 10 Unspecified Local Vulnerability in Oracle Solaris 10 Affecting Availability via ZFS Unspecified Remote Code Execution Vulnerability in Oracle Containers for J2EE Component Unspecified Security Vulnerability in Oracle PeopleSoft Products Unspecified Remote Integrity Vulnerability in Siebel Apps - Marketing Component Unspecified Remote Integrity Vulnerability in Oracle JD Edwards EnterpriseOne Tools Component Unspecified Local User Confidentiality Vulnerability in Oracle WebLogic Server Unspecified JMS-related vulnerability in Oracle WebLogic Server component in Oracle Fusion Middleware Unspecified Web Services Confidentiality Vulnerability in Oracle WebLogic Server Unspecified Confidentiality Vulnerability in Oracle JD Edwards EnterpriseOne Tools Component Unspecified vulnerability in Oracle Database Vault component allows remote authenticated users to affect integrity and availability Unspecified Remote Code Execution Vulnerability in Oracle Thesaurus Management System Unspecified Remote Code Execution Vulnerability in Oracle JD Edwards EnterpriseOne Tools Component Unspecified Confidentiality Vulnerability in Oracle JD Edwards EnterpriseOne Tools Component Unspecified Confidentiality Vulnerability in Oracle JD Edwards EnterpriseOne Tools Component Unspecified Local Confidentiality Vulnerability in Oracle Communications Unified Component Buffer Overflow Vulnerability in HP LoadRunner Allows Remote Code Execution via Long Directives in .usr Files Improper Expiration Calculation in Apache Rampart/C 1.3.0 Allows Bypass of Access Restrictions Unspecified Built-in Account Vulnerability in Tivoli Endpoint Heap-based Buffer Overflow in HP Intelligent Management Center (IMC) via Integer Overflow in img.exe Same Origin Policy Bypass in Google V8 Use After Free Vulnerability in WebKit: Exploiting Reflection Removal in Google Chrome Double-Free Vulnerability in WebKit's CSSSelector Function Vulnerability: AnimationControllerPrivate List Clearing Issue in WebKit Type Mismatch Vulnerability in WebKit in Google Chrome Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Same Origin Policy Bypass in Google Chrome DOM Implementation Bluetooth Contact Information Disclosure Vulnerability Cleartext HTTP Session Vulnerability in Android Picasa Out-of-bounds read vulnerability in NPAPI implementation in Google Chrome before 12.0.742.112 Google Chrome Use-After-Free Vulnerability in SVG Fonts CSS Token Sequence Memory Corruption Vulnerability in Google Chrome Incorrect Bounds Check in Google V8 Allows for Remote Attacks Google Chrome Use-After-Free Vulnerability in Text Selection HTML Parser Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in SVG Use Elements Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Use After Free Vulnerability in DocumentLoader in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Cross-application scripting vulnerability in Android Browser URL loading functionality Unconfirmed Extension Installation Vulnerability in Google Chrome Line Box Tracking Vulnerability in Google Chrome Lack of Prompt for Dangerous File Download in Google Chrome Insecure Handling of Strings in Google Chrome's Basic Authentication Dialog Same Origin Policy Bypass via Trailing Dot in Cookies Use-after-free vulnerability in nsSVGPointList::AppendElement function in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote attackers to cause denial of service or execute arbitrary code via user-supplied callback. Unspecified Remote Code Execution Vulnerability in Mozilla Firefox and Thunderbird Unspecified Remote Code Execution Vulnerability in Mozilla Firefox and Thunderbird Timing Attack Vulnerability in Mozilla Gecko WebGL Texture Handling WebGL Implementation in Mozilla Firefox 4.x through 4.0.1 Allows Information Disclosure and Denial of Service WebGL Write Operations Vulnerability in Mozilla Firefox 4.x through 4.0.1 Arbitrary Script Injection via SVG Element in Mozilla Firefox 4.x through 4.0.1 Whitelist Bypass Vulnerability in Mozilla Firefox Integer Overflow in Array.reduceRight Method in Mozilla Firefox, Thunderbird, and SeaMonkey User-Assisted Remote Download Bypass Vulnerability Arbitrary Code Execution via Crafted XUL Document in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox and Thunderbird Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox and Thunderbird Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox and Thunderbird Arbitrary Code Execution and Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Dangling Pointer Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary web script injection vulnerability in Bugzilla Information Disclosure Vulnerability in Bugzilla CRLF Injection Vulnerability in Bugzilla Versions 2.17.1 through 4.1.3 Cross-Zone Drag-and-Drop Vulnerability in Microsoft Internet Explorer 8 and Earlier, and Internet Explorer 9 Beta Cross-Zone Drag-and-Drop Information Disclosure Vulnerability in Microsoft Internet Explorer 9 and Earlier Privilege Escalation in iPhoneHandle Package in OTRS Untrusted Pointer Dereference Vulnerability in VisiWave Site Survey IPv6 Denial of Service Vulnerability in Apple iOS 6 and Earlier Neighbor Discovery Protocol Vulnerability in BSD-based Operating Systems Neighbor Discovery Protocol Vulnerability: Bypassing Router Advertisement Guarding in Cisco IOS Arbitrary Code Execution Vulnerability in Iron Mountain Connected Backup 8.4 Unspecified privilege escalation vulnerability in HP-UX dynamic loader Unspecified Denial of Service Vulnerability in HP Data Protector Media Management Daemon (mmd) HP SiteScope Cross-Site Scripting (XSS) Vulnerability Session Fixation Vulnerability in HP SiteScope 9.x, 10.x, and 11.x Arbitrary Web Script Injection Vulnerability in HP Network Automation Remote SQL Injection Vulnerability in HP Network Automation Arbitrary Program Download and Execution Vulnerability in HP Easy Printer Care Software HP ProLiant SL Advanced Power Manager (SL-APM) Firmware Validation Vulnerability Arbitrary Web Script Injection Vulnerability in HP OpenView Performance Insight Unspecified Remote Access Vulnerability in HP OpenView Performance Insight Arbitrary Script Injection in HP Palm webOS 3.x Contacts Application Arbitrary Code Injection through Cross-Site Scripting (XSS) in HP Palm webOS 3.x Calendar Application Arbitrary Web Script Injection Vulnerability in HP OpenView Performance Insight Remote Code Execution Vulnerability on HP NonStop Servers with Samba Unspecified Remote Code Execution Vulnerability in HP Business Service Automation (BSA) Essentials 2.01 Buffer Overflow Vulnerability in Adobe Flash Player and Adobe AIR Buffer Overflow Vulnerability in Adobe Flash Player and Adobe AIR Integer Overflow Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Stack-based Buffer Overflow in Adobe Flash Player Stack-based Buffer Overflow in Adobe Flash Player Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Flash Player Adobe Flash Player Security Control Bypass Vulnerability Arbitrary Code Execution Vulnerability in Adobe Flash Player Unspecified Security Bypass Vulnerability in Adobe Reader and Acrobat Buffer Overflow Vulnerability in Adobe Reader and Acrobat TIFF Resource Heap-based Buffer Overflow in Adobe Reader and Acrobat (CVE-2011-2462) Heap-based Buffer Overflow in Adobe Reader and Acrobat (CVE-2011-2462) Buffer Overflow Vulnerability in Adobe Reader and Acrobat Heap-based buffer overflow in Adobe Reader and Acrobat image-parsing library Heap-based Buffer Overflow in Adobe Reader and Acrobat (CVE-2011-2462) Stack-based buffer overflows in Adobe Reader and Acrobat image-parsing library Memory Leakage Condition Vulnerability in Adobe Reader and Acrobat Adobe Reader and Acrobat Use-After-Free Arbitrary Code Execution Vulnerability Stack-based buffer overflows in CoolType.dll in Adobe Reader and Acrobat Logic Error Vulnerability in Adobe Reader and Acrobat Buffer overflow vulnerabilities in Adobe Photoshop Elements 8.0 and earlier: Remote code execution and denial of service Universal Cross-Site Scripting (XSS) Vulnerability in Adobe Flash Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-2448) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player (CVE-2011-2446) Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Shockwave Player Arbitrary Code Execution and Denial of Service Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution Vulnerability in Adobe Flash Player and Adobe AIR Cross-Domain Policy Bypass Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Flash Player and Adobe AIR Adobe Flex SDK 3.x and 4.x Cross-Site Scripting (XSS) Vulnerability U3D Component Remote Code Execution Vulnerability Arbitrary Web Script Injection via Adobe ColdFusion cfform Tag Denial of Service Vulnerability in ISC BIND 9.6.x, 9.7.x, and 9.8.x Denial of Service Vulnerability in ISC BIND 9.8.0-P1, 9.8.0-P2, and 9.8.1b1 Arbitrary SQL Command Execution Vulnerability in Lsassd Arbitrary File Read Vulnerability in AnyMacro Mail System G4X ARSC 3.3-rc2 Chat Application XSS Vulnerability Privilege Escalation via Shell Metacharacters in OProfile 0.9.6 and Earlier Directory Traversal Vulnerability in OProfile 0.9.6 and Earlier Arbitrary File Creation Vulnerability in OProfile's do_dump_data Function Sybase EAServer 6.3.1 Developer Edition Directory Traversal Vulnerability Format String Vulnerability in ECTrace.dll in Sybase OneBridge Mobile Data Suite Arbitrary Script Injection Vulnerability in Coppermine Photo Gallery (CPG) Multiple Cross-Site Scripting (XSS) Vulnerabilities in Icinga config.cgi Arbitrary Code Execution Vulnerability in Google SketchUp before 8 Denial of Service Vulnerability in Linux Kernel's Transparent Huge Pages Creation Information Disclosure Vulnerability in 802.11 Stack: Kernel Memory Disclosure XML Parser Replacement Vulnerability in Apache Tomcat 7.0.x Denial of Service Vulnerability in Linux Kernel SCTP Handling Vulnerability: Weak Handling of 8-bit Characters in crypt_blowfish Multiple Registration of Exit Handlers Vulnerability Denial of Service Vulnerability in gdk-pixbuf GIF Image Loader Vulnerability: Access Restriction Bypass in nspluginwrapper Bleichenbacher Attack Vulnerability in PKCS#1 v1.5 Key Transport Mechanism for XMLEncryption in JBossWS and Apache WSS4J Unvalidated Error Handling in Joomla! before 1.5.23 Privilege Escalation via Off-by-One Errors in OPIE 2.4.1-test1 and Earlier Privilege Escalation via Unchecked setuid System Call in OPIE Login Denial of Service Vulnerability in Linux Kernel's Network Lock Manager (NLM) Protocol Implementation Bluetooth Subsystem Information Disclosure Vulnerability Denial of Service Vulnerability in ext4_fill_super Function Sensitive I/O Statistics Disclosure via Taskstats Netlink Socket Improper Access Restriction in /proc/#####/io Files in Linux Kernel Integer Overflow in vma_to_resize Function in Linux Kernel Integer Underflow in L2CAP Configuration Request Function in Linux Kernel Denial of Service Vulnerability in Linux Kernel (v2.3.36 - v2.6.39) Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mambo CMS through 4.6.5 Improper DNS Verification in NFS-Utils Allows Remote Filesystem Mounting Out-of-bounds read vulnerability in libpng's png_format_buffer function Privilege escalation vulnerability in SystemTap runtime tool (staprun) allows local users to gain elevated privileges Race Condition Privilege Escalation in SystemTap Runtime Tool Untrusted Search Path Vulnerability in X11perfcomp in XFree86 X11perf Remote Variable Manipulation Vulnerability in Swekey Authentication Feature in phpMyAdmin Static Code Injection Vulnerability in phpMyAdmin ConfigGenerator.class.php Arbitrary PHP Code Execution via PCRE Modifier Injection in phpMyAdmin Arbitrary File Inclusion Vulnerability in phpMyAdmin 3.x and 3.4.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joomla! before 1.6.4 Arbitrary Script Injection via RSS Embedding in DokuWiki Integer Overflow Vulnerability in libvirt Allows Remote Code Execution Vulnerability: Denial of Service and Arbitrary Code Execution in virtio_queue_notify in qemu-kvm Information Disclosure in IcedTea6 and IcedTea-Web Java Network Launching Protocol (JNLP) Implementation File Access Vulnerability Unsigned RPM Package Installation Vulnerability in PackageKit 0.6.17 XML Signature Feature Buffer Overflow Vulnerability Buffer Overflow Vulnerability in Linux Kernel Allows Privilege Escalation via Long SSID Value NULL device name vulnerability in tomoyo_mount_acl function in Linux kernel Denial of Service Vulnerability in Xen Hypervisor via SAHF Instruction Privilege Escalation via Unsafe D-Bus Communication in system-config-firewall Denial of Service Vulnerability in Linux Kernel's Performance Events Subsystem CSRF Vulnerabilities in Samba Web Administration Tool (SWAT) Allow Authentication Hijacking Backdoor Shell Vulnerability in vsftpd 2.3.4 Directory Traversal Vulnerability in SoupServer in libsoup before 2.35.4 Denial of Service Vulnerability in Linux Kernel's qdisc_notify Function Apache Tomcat Denial of Service and File Access Bypass Vulnerability Improper Group Privilege Handling in Qemu 0.14.0 and Earlier Unspecified Privilege Escalation Vulnerability in Zope and Plone Denial of Service and Memory Corruption Vulnerability in Asterisk SIP Channel Driver Buffer Overflow Vulnerability in EDS Hardware Installation Tool 1.0.5.1 and Earlier Data truncation vulnerability in Prosody 0.8.x before 0.8.1 when using MySQL Denial of Service Vulnerability in Prosody 0.8.x Symlink Attack Vulnerability in D-Bus 1.2.x Buffer Overflow in clusterip_proc_write function in Linux Kernel Memory Address Access Vulnerability in Asterisk IAX2 Channel Driver SIP Account Enumeration Vulnerability in Asterisk Open Source and Asterisk Business Edition Command Injection Vulnerability in Cisco Video Communications Server (VCS) Allows Remote Code Execution Buffer Overflow in Cisco Telepresence System Integrator C Series 4.x Cisco TelePresence System MXP Series F9.1 and Earlier Cross-Site Scripting (XSS) Vulnerability Arbitrary Web Script Injection in Cisco SPA IP Phones SQL Injection Vulnerability in Cisco SA 500 Series Security Appliances (Bug ID CSCtq65669) Arbitrary Command Execution Vulnerability in Cisco SA 500 Series Security Appliances Denial of Service Vulnerability in Cisco ASR 9000 Series Routers (Bug ID CSCtr26695) Default Password Vulnerability in Cisco TelePresence Recording Server 1.7.2.x Denial of Service Vulnerability in Cisco Unified Communications Manager Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) 7.x and 8.x Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) Denial of Service Vulnerability in Cisco Unified Communications Manager and Cisco Intercompany Media Engine Denial of Service Vulnerability in Cisco Unified Communications Manager and Cisco Intercompany Media Engine (Bug ID CSCth19417) Privilege Escalation Vulnerability in Cisco Nexus OS and Cisco Unified Computing System Denial of Service Vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs Cisco IOS Memory Leak Vulnerability in SIP NAT Interface (Bug ID CSCts12366) Vulnerability: ACL Bypass in Cisco NX-OS Denial of Service Vulnerability in Cisco Unified Contact Center Express (CCX) 8.0 and 8.5 (Bug ID CSCth33834) Remote Access and Information Disclosure Vulnerability in Cisco Show and Share Arbitrary Code Execution Vulnerability in Cisco Show and Share 5.x Denial of Service Vulnerability in Cisco IOS 12.4 and 15.0 (Bug ID CSCts12249) Heap-based Buffer Overflow in RealMedia Demuxer in VLC Media Player Heap-based Buffer Overflow in AVI Demuxer in VLC Media Player Heap-based Buffer Overflow in UUPlayer ActiveX Control 6.0.0.1 Allows Remote Code Execution Arbitrary Program Execution via UNC Share Pathname in UUPlayer ActiveX Control Multiple Buffer Overflow Vulnerabilities in Provideo ActiveX Controls Heap-based Buffer Overflow in Citrix Access Gateway Enterprise Edition Plug-in for Windows Heap-based buffer overflow in Citrix Access Gateway Enterprise Edition Plug-in for Windows allows remote attackers to execute arbitrary code via a crafted Content-Length HTTP header in the nsepacom ActiveX control. Heap-based Buffer Overflow in KMPlayer 3.0.0.1441 via Long Title Field in Playlist File Stack-based buffer overflow in ACDSee FotoSlate 4.0 Build 146 allows remote code execution Denial of Service Vulnerability in Wireshark Lucent/Ascend File Parser Arbitrary Desktop Application Window Screenshot Vulnerability in Mozilla Firefox 4.x Cross-Domain Image Timing Attack in Google Chrome 11 Denial of Service Vulnerability in Windows XP GPU Support Functionality Denial of Service Vulnerability in Mac OS X GPU Support Functionality Denial of Service Vulnerability in NVIDIA Geforce 310 Driver 6.14.12.7061 on Windows XP SP3 Denial of Service Vulnerability in NVIDIA 9400M Driver 6.2.6 on Mac OS X 10.6.7 Denial of Service Vulnerability in Intel G41 Driver 6.14.10.5355 on Windows XP SP3 CRLF Injection Vulnerability in nsCookieService::SetCookieStringInternal Function IBM Rational Team Concert (RTC) 3.0 Cross-Site Scripting (XSS) Vulnerability IBM Rational Team Concert (RTC) 3.0 Cross-Site Scripting (XSS) Vulnerability (Work Item 165513) Arbitrary File Deletion Vulnerability in HP OpenView Performance Agent and Operations Agent Cross-Site Scripting (XSS) Vulnerability in Opera before 11.50 Unspecified Vulnerability in Opera Before 11.50: Moderately Severe Issue Denial of Service Vulnerability in Opera's Printing Functionality Unspecified Denial of Service Vulnerability in Opera 11.50 Denial of Service Vulnerability in Opera's Array.prototype.join Method Denial of Service Vulnerability in Opera's SVG Implementation Unspecified Denial of Service Vulnerability in Opera before 11.50 Denial of Service Vulnerability in Opera 11.50 Denial of Service Vulnerability in Opera 11.50 Denial of Service Vulnerability in Opera Browser (Versions before 11.50) Denial of Service Vulnerability in Opera's Implementation of CANVAS Elements, SVG, and CSS Denial of Service Vulnerability in Opera 11.50 via SVG Animation Denial of Service Vulnerability in Opera before 11.50 Unspecified Denial of Service Vulnerability in Opera Web Workers Implementation Unspecified Denial of Service Vulnerability in Opera's SVG BiDi Implementation Denial of Service Vulnerability in Opera Print Preview Denial of Service Vulnerability in Opera before 11.50 Denial of Service Vulnerability in Opera before 11.50 via Injected Script Unspecified DOM Implementation Vulnerability in Opera 11.50 Opera FRAMESET Element Memory Corruption Vulnerability Unspecified Denial of Service Vulnerability in Opera 11.11 Denial of Service Vulnerability in Opera with Easy Sticky Note Extension Denial of Service Vulnerability in Opera's CSS Implementation Opera before 11.11 Denial of Service Vulnerability Denial of Service Vulnerability in Opera 11.11 Remote Hijacking of Searches and Customizations in Opera CSS Hover Pseudo-Class Denial of Service Vulnerability in Opera Unspecified Denial of Service Vulnerability in Opera 11.10 Unspecified Denial of Service Vulnerability in Opera before 11.10 Unspecified Denial of Service Vulnerability in Opera 11.10 Denial of Service Vulnerability in Opera before 11.10 Denial of Service Vulnerability in Opera 11.10 and Earlier Versions Denial of Service Vulnerability in Opera 11.11 Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin's Table Print View Implementation Arbitrary File Inclusion Vulnerability in phpMyAdmin 3.4.x before 3.4.3.2 Arbitrary Web Script Injection in Kiwi before 3.74.2 Arbitrary Code Execution Vulnerability in Kiwi before 3.74.2 Arbitrary Code Execution Vulnerability in Kiwi before 3.74.2 Arbitrary Code Execution Vulnerability in Kiwi before 3.74.2 Arbitrary Code Execution Vulnerability in Kiwi before 3.74.2 Arbitrary Command Execution Vulnerability in Kiwi Arbitrary Web Script Injection in Kiwi before 3.74.2 Arbitrary Code Execution Vulnerability in Kiwi File Browser Arbitrary Web Script Injection in Kiwi before 3.74.2 Arbitrary Code Execution via Directory Traversal in Novell ZENworks Asset Management (ZAM) 7.5 Remote Code Execution Vulnerability in Novell Cloud Manager 1.1.2 Remote Code Execution Vulnerability in Novell ZENworks Handheld Management (ZHM) 7 Remote Code Execution Vulnerability in Novell ZENworks Handheld Management (ZHM) 7 Directory Traversal Vulnerability in LaunchHelp.HelpLauncher.1 ActiveX Control in AdminStudio in Novell ZENworks Configuration Management (ZCM) Arbitrary Code Execution Vulnerability in ISList.ISAvi ActiveX Control in Novell ZENworks Configuration Management Arbitrary Command Execution Vulnerability in vpnc Package Cross-Site Scripting (XSS) Vulnerabilities in Novell GroupWise 8.0 WebAccess Arbitrary Code Execution via Negative BYWEEKNO Property in GroupWise Internet Agent (GWIA) Remote Code Execution via Crafted RRULE Variable in GroupWise Internet Agent (GWIA) Arbitrary File Overwrite Vulnerability in Check Point Multi-Domain Management / Provider-1 NGX R65, R70, R71, and R75 NULL pointer dereference and daemon crash in SIP channel driver due to missing < character in Contact header SIP Channel Driver Default Configuration Vulnerability Remote Code Execution and Denial of Service Vulnerability in CA Gateway Security for HTTP Content-Length Header Vulnerability in Mozilla Firefox 1.5.0.3 Certificate Validation DoS Vulnerability in Mozilla Firefox (pre-3.6) XSS Vulnerability in Mozilla Firefox 3.6 and Earlier Versions via Cascading Style Sheets Rendering Unspecified Remote Administrative Privilege Vulnerability in Megalith 12th-27th Edition Arbitrary Web Script Injection Vulnerability in SemanticScuttle before 0.98 Arbitrary Web Script Injection in BaserCMS before 1.6.13.2 Unrestricted Privilege Escalation in BaserCMS before 1.6.12 Enkai-kun XSS Vulnerability Unauthenticated Remote Data Modification in A-Form and A-Form PC/Mobile Plug-ins for Movable Type Bypassing Access Restrictions and Unauthorized Access to Sensitive Information in Cybozu Office Privilege Escalation Vulnerability in Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows Platforms Arbitrary Web Script Injection Vulnerability in IBM Rational DOORS Web Access 1.4.x Unspecified Remote Attack Vector in IBM Rational DOORS Web Access 1.4.x Unspecified Impact and Remote Attack Vectors in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 Denial of Service Vulnerability in IBM Rational DOORS Web Access 1.4.x Insecure HTTP Request Vulnerability: Defeating Cryptographic Protection Mechanisms via Man-in-the-Middle Attack Insecure Temporary File Creation in foo2zjs Package Lotus Word Pro Import Filter Stack-Based Buffer Overflow Vulnerability Ruby Random Number Generator Vulnerability Node Access Bypass Vulnerability in Drupal 7.x before 7.3 SQL Injection Vulnerability in mod_authnz_external 3.2.5 and Earlier: Remote Code Execution via User Field Denial of Service Vulnerability in gfs2_fallocate Function Buffer Overflow Vulnerability in libpng Allows Arbitrary Memory Overwrite via Crafted PNG Image NULL pointer dereference vulnerability in libpng Memory Corruption and Application Crash Vulnerability in libpng Denial of Service Vulnerability in perf Subsystem of RHEL 6 Arbitrary Web Script Injection in Samba Web Administration Tool (SWAT) Off-by-one errors in ext4 subsystem leading to denial of service in Linux kernel Integer Overflow in libsndfile: Remote Code Execution via Crafted PAF File Arbitrary Code Execution Vulnerability in HP Linux Imaging and Printing (HPLIP) 3.11.5 Denial of Service Vulnerability in Wireshark ANSI MAP Dissector IPv6 Fragment Identification Vulnerability Buffer overflow vulnerability in si4713_write_econtrol_string function in Linux kernel Bypassing Authentication via Revoked X.509 Client Certificate in FreeRADIUS 2.1.11 Integer Signedness Error in Glibc and Eglibc Allows Arbitrary Code Execution SQL Injection Vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 Arbitrary Code Execution via Stack-based Buffer Overflow in MapServer Predictable Initialization of SecureRandom.random_bytes in Ruby Reorder Administrator Functions XSS Vulnerability in sNews 1.71 Kernel Memory Disclosure Vulnerability in ptrace_setxregs Function Privilege Escalation via Untrusted Configuration File Loading in libgssapi and libgssglue Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joomla! before 1.7.0 Arbitrary Web Script Injection in cgit's print_fileinfo Function Apache Wicket 1.4.x XSS Vulnerability with setAutomaticMultiWindowSupport User-Assisted Remote Denial of Service Vulnerability in OOWriter Insufficient Sanitization of Table Descriptions, Field Names, or Labels in Drupal 6.20 with Data 6.x-1.0-alpha14 SQL Injection Vulnerability in Drupal 6.20 with Data 6.x-1.0-alpha14 Remote Code Execution Vulnerability in BusyBox DHCP Client Arbitrary Command Execution Vulnerability in DHCPv6 Client Arbitrary File Inclusion Vulnerabilities in phpMyAdmin 3.4.x Improper Session Management in Swekey Authentication in phpMyAdmin Autocompletion Vulnerability in GLPI before 0.80.2 Off-by-one error in cli_hm_scan function in libclamav in ClamAV before 0.97.2 allows remote attackers to cause denial of service Arbitrary File Overwrite Vulnerability in HPLIP's send_data_to_stdout Function Denial of Service Vulnerability in skb_gro_header_slow Function Improper Verification of Device and Mountpoint Strings in Samba 3.5.10 and Earlier Ark 4.7.x Directory Traversal Vulnerability Access Bypass Vulnerability in Drupal 7.x Sensitive Information Disclosure in Tribal Tribiq CMS Denial of Service Vulnerability in Perl's File::Glob Module File Read Permissions Bypass in Apache Commons Daemon Component Expression Language Injection in VMware SpringSource Spring Framework Race condition vulnerability in RunAsManager mechanism in VMware SpringSource Spring Security CRLF Injection Vulnerability in VMware SpringSource Spring Security Session Reuse Vulnerability in EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 Buffer Overflow Vulnerabilities in EMC AutoStart 5.3.x and 5.4.x RSA enVision 4.x before 4 SP4 P3 Cleartext Administrative Credentials Disclosure Vulnerability RSA enVision Arbitrary File Retrieval Vulnerability Multiple Remote Code Execution Vulnerabilities in Cisco Unified Service Monitor and EMC Ionix Products Arbitrary Code Execution Vulnerability in EMC Documentum eRoom 7.3.x and 7.4.x Improper Session Termination in EMC RSA Key Manager Appliance 2.7 SP1 Device Recovery and Device Identification Bypass in EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 Inadequate Forensic Evaluation in EMC RSA Adaptive Authentication On-Premise (AAOP) 6.0.2.1 SP1 Patch 2, SP1 Patch 3, SP2, SP2 Patch 1, and SP3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Chyrp 2.1 and Earlier Chyrp 2.1 Directory Traversal Vulnerability Arbitrary PHP Code Execution via File Upload in Chyrp 2.0 and Earlier Arbitrary File Read Vulnerability in OTRS-Core Arbitrary Code Execution Vulnerability in Google Picasa Denial of Service Vulnerability in ISC DHCP Server Denial of Service Vulnerability in ISC DHCP Server Arbitrary File Deletion Vulnerability in Novell File Reporter 1.0.4.2 and Earlier Parodia SQL Injection Vulnerability CRLF Injection Vulnerability in SquirrelMail 1.4.21 and Earlier Cross-Site Request Forgery (CSRF) Vulnerabilities in SquirrelMail 1.4.21 and Earlier Arbitrary Code Injection Vulnerability in IBM WebSphere Portal 7.x Arbitrary File Read Vulnerability in ManageEngine ServiceDesk Plus 8.0 before Build 8012 Unauthenticated File Download Vulnerability in ManageEngine ServiceDesk Plus 8.0 before Build 8012 Directory Traversal Vulnerability in ManageEngine ServiceDesk Plus 8.0.0.12 and Earlier Unauthenticated Access to LDAP Server Log Files in IBM Tivoli Directory Server Unattended Workstation Login Vulnerability in IBM Tivoli Directory Server Vulnerability: ACL Bypass in Brocade BigIron RX Switches via Source Port Manipulation Denial of Service Vulnerability in Google Chrome 14.0.794.0 Authentication Bypass Vulnerability in LifeSize Room Appliance LS_RM1_3.5.3 (11) Remote Command Execution Vulnerability in LifeSize Room Appliance Arbitrary Code Execution via Crafted Addon in ioQuake3 Engine Arbitrary File Overwrite Vulnerability in Pyro Before 3.15 Authentication Bypass Vulnerability in FCGI Module for Perl Arbitrary Code Execution via mod_perl 2.0 through 2.0.10 TLS Certificate Chain Leakage in Tor Client and Bridge Connections Bridge Enumeration Vulnerability in Tor Arbitrary Web Script Injection Vulnerability in man2html.cgi.c Cross-Site Scripting (XSS) Vulnerabilities in Mahara before 1.4.1 Memory Consumption Denial of Service Vulnerability in Mahara CSRF Vulnerability in Mahara Allows Remote Authentication Hijacking Remote User Message Reading Vulnerability in Mahara 1.3.x and 1.4.x Buffer Overflow in Error Function in Super 3.30.0 Allows Arbitrary Code Execution via syslog Logging Privilege Escalation via Incorrect Usage of pidof in acpid (aka acpid2) 2.0.16 and Earlier Heap-based Buffer Overflows in Tor: Remote Code Execution and Denial of Service Vulnerabilities World-writable permissions for exported report files in HP ArcSight Connector Appliance before 6.1 Chyrp 2.0 Directory Traversal Vulnerability in gz.php Drag-and-Drop File Permission Bypass Vulnerability in Google Chrome on Linux Unconfirmed Developer-Mode NPAPI Extension Installation Vulnerability in Google Chrome Sensitive Information Disclosure in Google Chrome Improper URL Validation in Google Chrome Extensions Implementation Speech-input bubble display vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Buffer Overflow in Google Chrome Inspector Serialization Functionality Google Chrome Use-After-Free Vulnerability in Pepper Plug-in Instantiation Google Chrome Use-After-Free Vulnerability in Floating Styles Out-of-Bounds Write Vulnerability in Google Chrome's ICU Functionality Use-after-free vulnerability in Google Chrome before 13.0.782.107: Float Removal Remote Code Execution Vulnerability Google Chrome Use-After-Free Vulnerability in Media Selectors Out-of-bounds read vulnerability in Google Chrome before 13.0.782.107 Cross-Frame Function Leak Vulnerability in Google Chrome Skia Use-After-Free Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in Resource Caching Unrestricted Access to Internal Schemes in Google Chrome Google Chrome Use-After-Free Vulnerability in HTML Range Handling Information Disclosure Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in Frame Loader Denial of Service Vulnerability in Google V8 Out-of-Bounds Read Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome PDF Handling Same Origin Policy Bypass Vulnerability in Google Chrome Memory Corruption Vulnerability in Google Chrome on Windows Timer Information Handling Vulnerability in WebKit Stale Layout Root Vulnerability in Google Chrome's WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Google Chrome Use-After-Free Vulnerability in Display Box Rendering Same Origin Policy Bypass in Google Chrome Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Double Free Vulnerability in libxml2: Remote Denial of Service and Possible Impact via Crafted XPath Expression Command Line URL Parsing Vulnerability in Google Chrome on Windows Use-after-free vulnerability in Google Chrome: Remote DoS and Possible Impact via Line Box Use-after-free vulnerability in Google Chrome: Denial of Service and Remote Code Execution via Counter Nodes Google Chrome Use-After-Free Vulnerability in Custom Fonts Bypassing Same Origin Policy in Google Chrome Google Chrome Use-After-Free Vulnerability in Text Searching Out-of-Bounds Write Vulnerability in Google V8 Integer Overflow in Google Chrome: Denial of Service and Possible Other Impact via Uniform Arrays Denial of Service Vulnerability in Google V8 Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Double Free Vulnerability in libxml2: Remote Denial of Service and Possible Other Impacts via XPath Handling in Google Chrome Race condition vulnerability in Google Chrome before 14.0.835.163 allows for denial of service and potential impact via certificate cache vectors. Unrestricted Windows Media Player Plug-in Access in Google Chrome Lack of Position-Independent Code in Google Chrome on Linux Unspecified Impact and Remote Attack Vector in Google Chrome Plug-in Loading Denial of Service Vulnerability in Google Chrome PDF Implementation on Linux URL Bar Spoofing Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome PDF Processing Unspecified Impact and Attack Vectors in Google Chrome Installer on Mac OS X Out-of-bounds read vulnerability in Google Chrome before 14.0.835.163 Out-of-bounds read vulnerability in Google Chrome before 14.0.835.163 when processing MP3 files URL Bar Spoofing Vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome: Remote Denial of Service and Possible Impact via Unload Event Handling Use-after-free vulnerability in Google Chrome document loader URL Bar Spoofing Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome WebSockets Implementation Out-of-bounds read vulnerability in Google Chrome before 14.0.835.163 Denial of Service Vulnerability in Google Chrome 14.0.835.163 Off-by-one error in Google V8: Remote Code Execution Vulnerability Google Chrome Use-After-Free Vulnerability in Plug-In Handling Use-after-free vulnerability in Google Chrome before 14.0.835.163: Remote Code Execution via Ruby/Table Style Handling CSS Token Sequence Handling Vulnerability in Google Chrome Same Origin Policy Bypass in Google V8 Google Chrome Use-After-Free Vulnerability in Focus Controller Out-of-Bounds Read Vulnerability in Google Chrome Incorrect Permissions in Google Chrome: Unspecified Impact and Attack Vectors Google Chrome Use-After-Free Vulnerability in Table Styles Improper String Handling in Google Chrome PDF Reader Unrestricted Access to Built-in Objects in Google V8 Memory Disclosure Vulnerability in V8 Engine in Google Chrome Denial of Service Vulnerability in Google Chrome 14.0.835.163 Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Unspecified Remote Attack Vector in Google Chrome's Self-Signed Certificate Pinning Type Confusion Vulnerability in Google V8 Engine Google Chrome Use-After-Free Vulnerability in Text Line Box Denial of Service Vulnerability in Google Chrome 14.0.835.202 Bypassing Same Origin Policy in Google Chrome Audio Node Handling Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in V8 Bindings Memory Corruption Vulnerability in Google Chrome Stack-based buffer overflow in NSEPA.NsepaCtrl.1 ActiveX control in Citrix Access Gateway Enterprise Edition 8.1-67.7, 9.0-70.5, and 9.1-96.4 Insecure DLL Validation in Citrix Access Gateway Enterprise Edition Unspecified Critical Security Vulnerabilities in IBM Lotus Symphony 3 before FP3 Denial of Service Vulnerability in IBM Lotus Symphony 3 before FP3 Denial of Service Vulnerability in IBM Lotus Symphony 3 before FP3 Denial of Service Vulnerability in IBM Lotus Symphony 3 on Linux Denial of Service Vulnerability in IBM Lotus Symphony 3 Information Disclosure in Joomla! Templates Information Disclosure in Joomla! MediaViewMedia Class Information Disclosure Vulnerability in Joomla! 1.6.x before 1.6.2 Clickjacking Vulnerability in Joomla! 1.6.x before 1.6.2 Denial of Service Vulnerability in IBM Lotus Symphony 3 DataPilot Feature Arbitrary Code Execution via Deserialization in Spring Framework and Spring Security LZW Decompressor Code Execution Vulnerability LZW Decompressor Code Execution Vulnerability GDK-Pixbuf GIF Loader Buffer Overflow Vulnerability Vulnerability: Improper Restriction of User-Space Access to VLAN Tag Control Information in Linux Kernel Arbitrary Command Execution via SMB Server in pysmb.py Remote Code Execution via Stack-based Buffer Overflow in Mongoose, yaSSL Embedded Web Server, and Simple HTTPD Denial of Service Vulnerability in Xen 3.3 and Earlier via Unspecified Hypercalls Insecure Temporary File Deletion in zxpdf Heap-based Buffer Overflow in tcptrack before 1.4.2 Allows Arbitrary Code Execution via Long Command Line Argument Arbitrary Web Script Injection in Zabbix acknow.php Untrusted Search Path Vulnerability in perf_config Function Integer Signedness Error in pmcraid_ioctl_passthrough Function in Linux Kernel Remote Code Execution via Host-Based Authentication Bypass in TORQUE Resource Manager 3.0.1 and Earlier CSRF Vulnerability in JMX Console Allows Remote Code Execution Information Disclosure Vulnerability in Linux Kernel's do_devinfo_ioctl Function Privilege Escalation in AX.25 Daemon (ax25d) Heap-based Buffer Overflow in libmodplug Allows Remote Code Execution via Crafted WAV File Stack-based Buffer Overflow in libmodplug Allows Remote Code Execution Stack memory corruption vulnerability in libmodplug before 0.8.8.4 via crafted AMS file CSoundFile::ReadDSM Off-by-One Error Vulnerability Memory Corruption and Remote Code Execution Vulnerability in libmodplug Insecure Storage of SSH Keys in qtnx 0.9 SQL Injection Vulnerability in Mambo CMS 4.6.5 and Earlier: Remote Code Execution via zorder Parameter Denial of Service Vulnerability in Linux Kernel's Performance Events Subsystem Arbitrary Web Script Injection Vulnerability in Spacewalk 1.6 Cross-Site Scripting (XSS) Vulnerabilities in Spacewalk 1.6 Privilege Escalation in ktsuss Versions 1.4 and Prior Privilege Escalation and Arbitrary Code Execution in ktsuss Versions 1.4 and Prior Insecure Temporary File Creation in Foomatic-RIP Filter Allows for Symlink Attacks Insecure Temporary File Creation in foomatic-rip Filter v4.0.12 and Prior Authentication Bypass Vulnerability in Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0 Cross-Site Scripting (XSS) Vulnerabilities in Spacewalk 1.6 Denial of Service Vulnerability in Linux Kernel's befs_follow_link Function Arbitrary View Rendering Vulnerability in Ruby on Rails SQL Injection Vulnerabilities in ActiveRecord Adapters Cross-site scripting (XSS) vulnerability in Ruby on Rails strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb Ruby on Rails XSS Vulnerability in String Output Safety Arbitrary File Upload Vulnerability in WebsiteBaker 2.8.1 and Earlier CSRF Vulnerability in WebsiteBaker 2.8.1 and Earlier: Inadequate Confirmation for Sensitive Transactions Cross-Site Scripting (XSS) Vulnerability in Elgg through 1.7.10 Critical SQL Injection Vulnerability in Elgg 1.7.10 Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.5.4 in UI messages functionality Multiple Cross-Site Scripting (XSS) Vulnerabilities in MantisBT filter_api.php Heap-based buffer overflow vulnerability in Perl's Encode module before 2.44 allows for denial of service via crafted Unicode string Heap Memory Corruption Vulnerability in stunnel 4.40 and 4.41 Open Redirect Vulnerability in Red Hat JBoss Enterprise Portal Platform before 5.2.0: Phishing Attack via initialURI Parameter Vulnerability in Red Hat Linux Kernel 2.6.18 Allows Remote Denial of Service Denial of Service Vulnerability in Pidgin IRC Protocol Plugin SQL Injection Vulnerability in MegaLab The Uploader 2.0.5: Remote Code Execution via username parameter in login.php Heap-based Buffer Overflow in RealPlayer Allows Remote Code Execution via Crafted SIPR Stream Unspecified Remote Code Execution Vulnerability in RealPlayer ActiveX Control Cross-zone scripting vulnerability in RealPlayer ActiveX control in RealPlayer versions 11.0-11.1 and 14.0.0-14.0.5 and RealPlayer SP versions 1.0-1.1.5 SWF File DEFINEFONT Field Remote Code Execution Vulnerability Heap-based Buffer Overflow in RealPlayer MP3 ID3v2 Tag Parsing Heap-based Buffer Overflow in qcpfformat.dll in RealPlayer Buffer Overflow Vulnerability in RealPlayer and RealPlayer SP RealPlayer Use-After-Free Remote Code Execution Vulnerability Unspecified Remote Code Execution Vulnerability in RealPlayer Browser Plugin AutoUpdate Use-After-Free Vulnerability in RealPlayer and RealPlayer SP RealPlayer Use-After-Free Remote Code Execution Vulnerability Unauthenticated Signal Denial of Service Vulnerability in AzeoTech DAQFactory Arbitrary Code Execution via Crafted FactoryTalk Diagnostics Viewer Configuration File Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Ecava IntegraXor before 3.60 (Build 4080) Stack-based Buffer Overflow in IGSS ODBC Service (Odbcixv9se.exe) Allows Remote Code Execution Heap-based Buffer Overflow in Sunway ForceControl 6.1 SP1, SP2, and SP3: Remote Code Execution Vulnerability Heap-based Buffer Overflow in AngelServer.exe 6.0.11.3: Remote Code Execution Vulnerability Stack-based buffer overflow vulnerabilities in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1: Remote code execution and denial of service. Unauthenticated Remote Code Execution and Denial of Service in Progea Movicon 11.2 Arbitrary Code Execution via Crafted FoomaticRIPCommandLine Field in Foomatic 4.0.6 Double Free Vulnerability in msAddImageSymbol Function in MapServer Bugzilla Cross-Site Scripting (XSS) Vulnerability via BUGLIST Cookie Bugzilla File Deletion Vulnerability Arbitrary Address Change Vulnerability in Bugzilla Bugzilla 4.1.x before 4.1.3 Information Disclosure Vulnerability Untrusted Search Path Vulnerability in Mozilla Firefox and Thunderbird Same Origin Policy Bypass and Arbitrary JavaScript Execution in Mozilla Firefox, SeaMonkey, and Thunderbird Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Same Origin Policy Bypass Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary JavaScript Code Execution via Tab Dropping Vulnerability Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Same Origin Policy Bypass in Mozilla Firefox, Thunderbird, and SeaMonkey via Direct2D API Heap-based Buffer Overflow in ANGLE WebGL Implementation Buffer Overflow in WebGL Shader Implementation in Mozilla Firefox, Thunderbird, and SeaMonkey WebGL Implementation Vulnerability in Mozilla Firefox, SeaMonkey, and Thunderbird Proxy-Authorization Credentials Leakage in Mozilla Firefox and SeaMonkey Memory Corruption and Arbitrary Code Execution Vulnerability in Mozilla Firefox, SeaMonkey, and Thunderbird Unspecified Vector Remote Code Execution Vulnerability in Mozilla Firefox, SeaMonkey, and Thunderbird Bypassing Same Origin Policy through Unsigned JavaScript Code in Mozilla Firefox and SeaMonkey Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Unspecified Remote Code Execution Vulnerability in Mozilla Firefox Plugin API Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Integer Underflow Vulnerability in Mozilla Firefox 3.6.x Same Origin Policy Bypass in Mozilla Firefox, Thunderbird, and SeaMonkey HTTP Response Splitting Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey User-Assisted Remote Code Execution via Manual Add-On Installation in Mozilla Firefox, Thunderbird, and SeaMonkey ANGLE Engine Buffer Overflow Vulnerability Memory-allocation Error in Mozilla Firefox and SeaMonkey Allows for Remote Code Execution Privilege Escalation via XPCNativeWrappers in Mozilla Firefox and SeaMonkey Use-after-free vulnerability in Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 Remote Code Execution and Cross-Site Scripting Vulnerability in McAfee SaaS Endpoint Protection Arbitrary File Write Vulnerability in McAfee SaaS Endpoint Protection Sensitive Information Disclosure in Avaya Secure Access Link (SAL) Gateway 1.5, 1.8, and 2.0 Ruby Random Number Generator Vulnerability Multiple Cross-Site Scripting (XSS) Vulnerabilities in TWiki before 5.1.0 Improper Session Handling in CA ARCserve D2D r15 Allows Remote Credential Theft and Command Execution Arbitrary Code Execution Vulnerability in ioQuake3 Engine Weak SSL Ciphers in Novell Data Synchronizer 1.x through 1.1.2 Build 428 Insecure HTTPS Response Caching in Novell Data Synchronizer Mobility Pack Integer Overflow Vulnerabilities in Google Chrome PDF Codecs Google Chrome Use-After-Free Vulnerability in Counter Nodes Google Chrome Use-After-Free Vulnerability in Database Handling Heap-based buffer overflow in Google Chrome: Path Rendering Vulnerability Heap-based Buffer Overflow in Google Chrome: Remote Code Execution via Crafted Matroska Video (MKV) File Unspecified Remote Attack Vulnerability in Google Chrome Native Client Validator Implementation Google Chrome Use-After-Free Vulnerability in Subframe Loading Sensitive Information Exposure in Google Chrome Translation Feature Use-after-free vulnerability in Google Chrome: Denial of Service via Drag-and-Drop Operations Denial of Service Vulnerability in Google Chrome Out-of-Bounds Read Vulnerability in Google Chrome Integer Overflow Vulnerability in libpng Unspecified Variable Cast Vulnerability in Google Chrome Use-after-free vulnerability in Google V8 element wrapper in Google Chrome Google Chrome Use-After-Free Vulnerability in SVG Value Handling Buffer Overflow Vulnerability in Skia Library Google Chrome Use-After-Free Vulnerability in SVG Document Handling Google Chrome Use-After-Free Vulnerability in SVG Use Elements Unspecified Variable Cast Vulnerability in Google Chrome Unspecified Variable Casting Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in Multi-Column Handling Use-after-free vulnerability in Google Chrome: Remote Denial of Service and Possible Impact via Quote Handling Out-of-bounds read vulnerability in Google Chrome before 17.0.963.65 Critical Use-After-Free Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in Table Section Handling Use-after-free vulnerability in Google Chrome: Remote DoS and Possible Impact via Flexbox and Floating Elements Google Chrome Use-After-Free Vulnerability in SVG Animation Elements Integer Signedness Error in libpng's png_inflate Function Universal XSS (UXSS) Vulnerability in Google Chrome Extension Subsystem Arbitrary Code Execution and Denial of Service Vulnerability in Google Chrome GPU Process Heap-based Buffer Overflow in libpng's png_set_text_2 Function Denial of Service Vulnerability in Google Chrome Extension Web Request API Cascading Style Sheets (CSS) Use-After-Free Vulnerability in Google Chrome Cascading Style Sheets (CSS) Use-After-Free Vulnerability in Google Chrome WebGL Implementation Memory Corruption Vulnerability Google Chrome Use-After-Free Vulnerability in Block Splitting WebUI Privilege Isolation Bypass in Google Chrome Unconfirmed Extension Installation Vulnerability in Google Chrome Same Origin Policy Bypass in Google Chrome via Magic iframe Denial of Service Vulnerability in Google V8 Cross-Site Scripting (XSS) Vulnerability in Google Chrome before 18.0.1025.142 Out-of-bounds read vulnerability in Google Chrome before 18.0.1025.142 Out-of-bounds read vulnerability in Google Chrome before 18.0.1025.142 X.509 Certificate Validation Vulnerability in Google Chrome OpenType Sanitizer Off-by-One Error Vulnerability in Google Chrome Unvalidated Navigation Requests in Google Chrome (CVE-2012-2825) Google Chrome Use-After-Free Vulnerability in SVG Clipping Skia Memory Corruption Vulnerability in Google Chrome Skia Out-of-Bounds Read Vulnerability in Google Chrome Bypassing Same Origin Policy in Google Chrome before 18.0.1025.151 via IFRAME Replacement Cascading Style Sheets (CSS) Use-After-Free Vulnerability in Google Chrome Cascading Style Sheets (CSS) Use-After-Free Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in V8 Bindings HTMLMediaElement Use-After-Free Vulnerability in Google Chrome Same Origin Policy Bypass in Google Chrome Pop-up Windows Google Chrome SVG Use-After-Free Vulnerability Critical Use-After-Free Vulnerability in Google Chrome: Remote Code Execution and Denial of Service Google Chrome Use-After-Free Vulnerability in Style-Application Commands Google Chrome Use-After-Free Vulnerability in Focus Handling Google Chrome Use-After-Free Vulnerability in Script Bindings Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via floating elements (CVE-2012-1528) Unvalidated Inter-process Communication (IPC) Messages in Google Chrome and Mozilla Firefox Race condition vulnerability in Google Chrome IPC Implementation Use-after-free vulnerability in Google Chrome before 18.0.1025.168: Remote Denial of Service and Possible Impact Denial of Service Vulnerability in Google Chrome before 19.0.1084.46 Link Loading Vulnerability in Google Chrome Autofill Field Value Restriction Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in STYLE Element Unspecified Impact and Remote Attack Vectors in Google Chrome before 19.0.1084.46 Denial of Service Vulnerability in Google Chrome 19.0.1084.46 Google Chrome Use-After-Free Vulnerability in Table Handling Race condition vulnerability in Google Chrome before 19.0.1084.46 Use-after-free vulnerability in Google Chrome IndexedDB Implementation Remote Denial of Service Vulnerability in Google V8 Regex Implementation Out-of-Bounds Read Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome 19.0.1084.46 Out-of-Bounds Write Vulnerability in OGG Container of Google Chrome Google Chrome Use-After-Free Vulnerability in GTK Omnibox Implementation Out-of-Bounds Write Vulnerability in Google Chrome PDF Functionality Privilege Escalation Vulnerability in Google Chrome on Windows Use-after-free vulnerability in PDF functionality in Google Chrome before 19.0.1084.46 Out-of-Bounds Read Vulnerability in Google Chrome Unspecified Flaw in NVIDIA Driver in Google Chrome on Linux Off-by-one error in libxml2: Remote Denial of Service Vulnerability Denial of Service Vulnerability in Google V8 Out-of-Bounds Read Vulnerability in Skia Library Cascading Style Sheets (CSS) Use-After-Free Vulnerability in Google Chrome WebSockets SSL Handling Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Plug-in JavaScript Bindings Google Chrome Use-After-Free Vulnerability in Browser Cache Unspecified Variable Cast Vulnerability in Google Chrome on Linux Out-of-Bounds Write Vulnerability in Google Chrome PDF Functionality Denial of Service Vulnerability in Google V8 Use-after-free vulnerability in Google Chrome PDF functionality allows for denial of service or potential impact via invalid encrypted document PDF Color Space Handling Vulnerability in Google Chrome Buffer Overflow Vulnerabilities in Google Chrome PDF Functionality Type Corruption Vulnerability in Google V8 Engine Unspecified Media Security Vulnerability in WordPress 3.1 and 3.2 Weak File Permissions Vulnerability in IBM InfoSphere Information Server 8.5 and 8.5.0.1 Incorrect Ownership Vulnerability in IBM InfoSphere Information Server 8.5 and 8.5.0.1 Unspecified vulnerability in WordPress 3.1 and 3.2 with unknown impact and attack vectors related to Various security hardening Username Disclosure Vulnerability in WordPress 3.1 and 3.2 Clickjacking Vulnerability in WordPress 3.1 and 3.2 Unattached Attachments Vulnerability in WordPress 3.1 and 3.2 File Upload Vulnerability in WordPress 3.1 and 3.2 Potential SQL Injection Vulnerability in WordPress Taxonomy Query Hardening Denial of Service Vulnerability in Xen 4.1.1 and Earlier with PCI[E] Device Control Arbitrary web script injection vulnerability in TIBCO Spotfire Server and Spotfire Analytics Server Session Fixation Vulnerability in TIBCO Spotfire Server and Spotfire Analytics Server Remote Code Execution Vulnerability in TIBCO Spotfire Server and Spotfire Analytics Server Unspecified Vulnerability in IBM Tivoli Federated Identity Manager and Business Gateway Unspecified Vulnerability in IBM Tivoli Federated Identity Manager and Business Gateway (APAR IV03048) Unspecified Vulnerability in IBM Tivoli Federated Identity Manager and Business Gateway (APAR IV03050) LTPA Token Signature Bypass Vulnerability in IBM Tivoli Federated Identity Manager Multiple Parameter SQL Injection Vulnerability in IBM Web Application Firewall Buffer Overflow Vulnerability in InBatch BatchField ActiveX Control Stack-based Buffer Overflow in KingView ActiveX Control Allows Remote Code Execution ClearSCADA Use-After-Free Remote Code Execution Vulnerability Arbitrary Web Script Injection Vulnerability in Control Microsystems ClearSCADA Insecure Group ID Assignment in mount.ecryptfs_private Vulnerability: Misidentification of SVG Node Type in librsvg Hypervisor Host File Exposure Vulnerability in Pre-2012.1 Versions of Nova Stack-based Buffer Overflow in Linux-PAM's _assemble_line Function Denial of Service Vulnerability in Linux-PAM's _expand_arg Function Insecure Certificate Validation in Ubuntu Software Center World-writable Directory Lockfile Vulnerability in Ubuntu SELinux Initscript Unverified GPG Signature Vulnerability in Ubuntu Update Manager Arbitrary File Read Vulnerability in LightDM Symlink attack vulnerability in DistUpgradeViewKDE.py Unspecified Remote Access Bypass Vulnerability in HP Onboard Administrator (OA) 3.21 through 3.31 Remote Code Execution Vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 (ZDI-CAN-1222) Remote Code Execution Vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 (ZDI-CAN-1225) Remote Code Execution Vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 (ZDI-CAN-1226) Remote Code Execution Vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 (ZDI-CAN-1227) Remote Code Execution Vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 (ZDI-CAN-1228) Remote Code Execution Vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 (ZDI-CAN-1229) Remote Code Execution Vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 (ZDI-CAN-1296) Information Disclosure Vulnerability in HP MFP Digital Sending Software 4.9x through 4.91.21 Unspecified Privilege Escalation Vulnerability in HP-UX Containers Arbitrary Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 (ZDI-CAN-1208) Unspecified Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 (ZDI-CAN-1209) Unspecified Remote Code Execution Vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 (ZDI-CAN-1210) Unspecified Remote Information Disclosure Vulnerability in HP TCP/IP Services for OpenVMS Unspecified Denial of Service Vulnerability in HP TCP/IP Services for OpenVMS Heap-based Buffer Overflow in gif_read_lzw Function in CUPS 1.4.8 and Earlier Directory Traversal Vulnerability in pure-FTPd 1.0.22 and Other Versions PAM Modules Vulnerability in SUSE Linux Enterprise Allows Unauthorized Account Access Remote Code Execution Vulnerability in Novell iPrint Client Buffer Overflow in ISGrid.Grid2.1 ActiveX Control in InstallShield/ISGrid2.dll Remote Code Execution Vulnerability in Novell ZENworks Configuration Management Preboot Service Remote Code Execution Vulnerability in Novell ZENworks Configuration Management Preboot Service World Readable Permissions in YaST2 Network Configuration Files Could Expose Sensitive Information Code Injection Vulnerability in OpenBuildService Web UI (CVE-XXXX-XXXX) Arbitrary Memory Read Vulnerability in Novell Messenger and GroupWise Messenger Arbitrary Command Execution via Path Manipulation in Kiwi Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin Tracking Feature Arbitrary Value Vulnerability in PHP Library Functions Cross-Site Scripting (XSS) Vulnerability in Concrete CMS 5.4.1.1 and Earlier Denial of Service Vulnerability in Pidgin MSN Protocol Plugin Arbitrary Program Execution via File: URL in Pidgin on Windows CRLF Injection Vulnerability in Ruby on Rails 2.3.x X-Forwarded-For Header Injection Vulnerability in Ruby on Rails 3.0.5 Predictable Sequence Numbers and Fragment Identification in Linux Kernel Crypt Function Vulnerability in PHP 5.3.7 Allows Authentication Bypass Apache Tomcat AJP Protocol Connector Vulnerability CIFSFindNext Function Integer Signedness Error Vulnerability Apache HTTP Server Range Header Denial of Service Vulnerability Heap-based Buffer Overflow in HarfBuzz Module Allows Remote Code Execution Buffer Overflow in Qt TIFF Reader Allows Remote Code Execution Arbitrary Command Execution in Domain Technologie Control (DTC) before 0.34.1 World-readable permissions in Domain Technologie Control (DTC) setup script for /etc/apache2/apache2.conf allows local users to obtain dtcdaemons MySQL password SQL Injection Vulnerability in Domain Technologie Control (DTC) before 0.34.1 Insecure Password Handling in Domain Technologie Control (DTC) before 0.34.1 Cross-Site Scripting (XSS) Vulnerabilities in Domain Technologie Control (DTC) before 0.34.1 Stack-based Buffer Overflow in parseLegacySyslogMsg Function in rsyslogd Arbitrary File Read Vulnerability in GNOME Evolution Cross-Site Scripting (XSS) Vulnerability in Jcow CMS 4.2 and Earlier Code Execution Vulnerability in Jcow CMS 4.x to 4.2 and 5.2 to 5.2 via Attachment Parameter in index.php Arbitrary File Write Vulnerability in Hammerhead 2.1.4 Buffer Overflow Vulnerability in Squid Gopher Reply Parser Multiple Cross-Site Scripting (XSS) Vulnerabilities in RHQ 4.2.0 Administration Interface CRL Validation Bypass Vulnerability in OpenSSL 1.0.x Cyrus IMAP Server Stack-based Buffer Overflow in split_wildmats Function Denial of Service Vulnerability in Linux Kernel's div_long_long_rem Implementation Thread Safety Vulnerability in OpenSSL Ephemeral ECDH Ciphersuite Arbitrary Command Execution Vulnerability in Bcfg2 Server Insecure Encryption Implementation in CoreStorage during FileVault Activation in Mac OS X 10.7 Man-in-the-Middle Attack Vulnerability in Apple Mac OS X WebDAV Communication Bypassing Password Requirement in Apple Mac OS X through 10.6.8 via IOGraphics Vulnerability FireWire DMA Vulnerability in Apple Mac OS X Vulnerability: Sticky Bit Bypass in Apple Mac OS X Arbitrary Code Execution and Denial of Service Vulnerability in Apple Mac OS X MediaKit QuickTime Player Save for Web Cross-Site Scripting (XSS) Vulnerability Buffer Overflow Vulnerability in CoreMedia: Remote Code Execution and Denial of Service in Apple iTunes Uninitialized Memory Disclosure Vulnerability in QuickTime for Mac OS X Arbitrary Code Execution and Denial of Service Vulnerability in QuickTime for Mac OS X Buffer Overflow Vulnerability in QuickTime Allows Remote Code Execution or Denial of Service Buffer Overflow Vulnerability in QuickTime Allows Remote Code Execution or Denial of Service Arbitrary Code Execution Vulnerability in Apple Mac OS X User Documentation Component Bypassing Guest-Restricted Folder Access in Apple Mac OS X 10.7 Authentication Bypass Vulnerability in Open Directory on Apple Mac OS X 10.7 Arbitrary Code Execution and Denial of Service Vulnerability in libsecurity in Apple Mac OS X Arbitrary Code Execution and Denial of Service Vulnerability in QuickTime for Apple Mac OS X Arbitrary JavaScript Code Execution via Safari Extension URL in Apple Safari Arbitrary Code Execution Vulnerability in Apple Safari on Mac OS X Uninitialized Memory Access Vulnerability in Apple Safari Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Out-of-Bounds Read Vulnerability in Google Chrome Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Improper Recognition of Block Cookies Setting in Apple Safari Allows Remote Tracking Webkit XSS Vulnerability in Apple iOS and Safari Arbitrary Code Execution and Denial of Service Vulnerability in WebKit Password Leakage Vulnerability in Apple iOS Keyboards URL Parsing Vulnerability in CFNetwork Integer Overflow in Apple QuickTime: Remote Code Execution and Denial of Service Vulnerability Integer Signedness Error in Apple QuickTime: Arbitrary Code Execution and Application Crash Vulnerability Buffer Overflow Vulnerability in Apple QuickTime 7.7.1 and Earlier Versions Integer Overflow in Apple QuickTime JPEG2000 Encoding Arbitrary Code Execution and Denial of Service Vulnerability in Apple QuickTime Buffer Overflow Vulnerability in CoreAudio Allows Remote Code Execution in Apple iTunes Unvalidated X.509 Certificates in Apple iOS CalDAV Allows Man-in-the-Middle Attacks Arbitrary Code Injection through Calendar Invitation Note in Apple iOS Apple iOS CFNetwork AppleID Credential Storage Vulnerability Arbitrary Code Execution and Memory Corruption Vulnerability in FreeType 2 Multiple User Account Cookie Bypass Vulnerability in Apple iOS Memory Exhaustion Vulnerability in Apple iOS and Apple TV Buffer Overflow Vulnerability in OfficeImport in Apple iOS Double Free Vulnerability in OfficeImport in Apple iOS before 5 Allows Remote Code Execution or Application Crash via Crafted Excel Spreadsheet Denial of Service via Lack of Error Checking in Xen's xc_dom_bzimageloader.c Denial of Service Vulnerability in Zabbix Agentd Information Disclosure Vulnerability in Zabbix before 1.8.6 Arbitrary Database Table Read Vulnerability in Zabbix before 1.8.7 Denial of Service Vulnerability in Wireshark IKEv1 Protocol Dissector Denial of Service Vulnerability in PHP 5.3.7 and earlier Buffer Overflow Vulnerability in PHP Crypt Function Hidden Email Address Vulnerability in Lexmark X, W, T, E, C, 6500e, and 25xxN Devices Denial of Service Vulnerability in Cisco IOS 12.2SB and 15.0S on Cisco 10000 Series Routers (CSCtk62453) Smart Install Remote Code Execution Vulnerability Denial of Service Vulnerability in Cisco IOS IP SLA Functionality (CSCtk67073) Cisco IOS Memory Leak Vulnerability in IPS and ZBFW (CSCti79848) Denial of Service Vulnerability in Cisco IOS and IOS XE with MPLS Configuration (CSCto07919) Cisco IOS and IOS XE Memory Leak Vulnerability (Bug ID CSCti48504) Denial of Service Vulnerability in Cisco IOS NAT Implementation (CSCso02147) Denial of Service Vulnerability in Cisco IOS NAT Implementation (Bug ID CSCth11006) Denial of Service Vulnerability in Cisco IOS and IOS XE NAT Implementation (CSCti48483) Denial of Service Vulnerability in Cisco IOS and IOS XE MPLS NAT Implementation Cisco IOS and IOS XE NAT Implementation Memory Leak Vulnerability Denial of Service Vulnerability in Cisco IOS 15.0 through 15.1 (Bug ID CSCto68554) Denial of Service Vulnerability in Cisco IOS and IOS XE with MPLS Configuration (CSCtj30155) Denial of Service Vulnerability in Cisco Carrier Routing System 3.9.1 (Bug ID CSCts14887) CRLF Injection Vulnerability in Cisco ASA 5500 Series Devices (Bug ID CSCth63101) Denial of Service Vulnerability in Cisco Jabber XCP Denial of Service Vulnerability in Cisco Unified Presence Bypassing No Service Password-Recovery Feature in Cisco IOS 12.4 and 15.0-15.2 (Bug ID CSCtr97640) Default Oracle Database Credentials Vulnerability in Cisco Identity Services Engine (ISE) CSRF Vulnerabilities in Cisco Secure Access Control Server (ACS) 5.2 Allow Authentication Hijacking (Bug ID CSCtr78143) Arbitrary Script Injection in Cisco TelePresence Video Communication Servers (VCS) Login Page Denial of Service Vulnerability in Cisco IOS XR 3.8 through 4.1 (Bug ID CSCti59888) Denial of Service Vulnerability in Cisco Firewall Services Module (FWSM) Denial of Service Vulnerability in Cisco Firewall Services Module (FWSM) Authentication Bypass Vulnerability in Cisco ASA and FWSM Devices Denial of Service Vulnerability in Cisco ASA and FWSM Devices via Crafted SunRPC Traffic Denial of Service Vulnerability in Cisco ASA and FWSM Devices via Crafted SunRPC Traffic Denial of Service Vulnerability in Cisco ASA and FWSM Devices via Crafted SunRPC Traffic Denial of Service Vulnerability in Cisco ASA and FWSM Devices via Crafted SunRPC Traffic Denial of Service Vulnerability in Cisco ASA and FWSM Devices Denial of Service vulnerability in Cisco ASA and Catalyst devices via crafted MSN Instant Messenger traffic Cisco Network Admission Control (NAC) Manager 4.8.x Directory Traversal Vulnerability IKE Responder Traffic Disclosure Vulnerability in Cisco ASA 5500 Series Devices Arbitrary Command Execution Vulnerability in CiscoWorks Common Services Directory Traversal Vulnerability in Cisco Unified Communications Manager and Cisco Unified Contact Center Express Cross-Site Scripting (XSS) Vulnerabilities in Cisco Secure Access Control Server (ACS) 5.2 (Bug ID CSCtr78192) Denial of Service Vulnerability in Cisco Video Surveillance Cameras Remote Code Execution Vulnerability in Cisco WebEx Recording Format (WRF) Player Arbitrary Web Script Injection Vulnerability in GE Intelligent Platforms Proficy Historian Siemens WinCC Runtime Advanced Loader Heap-based Buffer Overflow Vulnerability Stack-based Buffer Overflow in Core Server HMI Service (Coreservice.exe) in Scadatec Limited Procyon SCADA 1.06 and earlier versions Denial of Service Vulnerability in OSPFv3 Implementation in Quagga Denial of Service in OSPFv3 Implementation in Quagga Denial of Service Vulnerability in ospfd in Quagga before 0.99.19 Denial of Service Vulnerability in Quagga OSPF Daemon Heap-based Buffer Overflow in Quagga BGP Daemon Allows Remote Code Execution Denial of Service Vulnerability in libpng 1.5.4 with Color-Correction Support Buffer Overflow Vulnerability in Schneider Electric Unity Pro and Related Software Remote Code Execution Vulnerability in Iceni Argus and Infix via Crafted PDF Document Stack Exhaustion Vulnerability in BSD libc's regcomp Function Privilege Escalation Vulnerability in eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris Cross-site scripting (XSS) vulnerability in Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier SQL Injection Vulnerability in ATCOM Netvolution 2.5.8 ASP via Referer HTTP Header Off-by-one errors in order_cmd.cpp leading to remote code execution in OpenTTD Buffer Overflow Vulnerabilities in OpenTTD before 1.1.3 Buffer Overflow Vulnerabilities in OpenTTD before 1.1.3: Denial of Service and Privilege Escalation Cross-site scripting (XSS) vulnerability in Spacewalk 1.6 Lookup Login/Password Form Denial of Service via Stack Memory Corruption in ib_sdp.ko Buffer Overflow in QEMU SCSI Subsystem Allows Denial of Service Denial of Service Vulnerability in Red Hat Enterprise Linux 6 Kernel Package Denial of Service Vulnerability in Apache HTTP Server with mod_proxy_ajp and mod_proxy_balancer Privilege Escalation via Symlink Vulnerability in lightdm Improper Privilege Dropping in masqmail 0.2.21 through 0.2.30 Insecure Temporary File Creation Vulnerability in openvas-scanner Cross-Site Scripting (XSS) Vulnerability in Zikula 1.3.0 Build #3168 and Prior Buffer Overflow in fuse_notify_inval_entry Function in Linux Kernel Denial of Service Vulnerability in Quassel's CtcpParser::packedReply Method Insecure Connection Vulnerability in Evolution-Data-Server3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in MantisBT config_defaults_inc.php Arbitrary File Inclusion Vulnerability in MantisBT before 1.2.8 Multiple Cross-Site Scripting (XSS) Vulnerabilities in MantisBT before 1.2.8 Denial of Service Vulnerability in Linux Kernel's dma_rx Function Untrusted Search Path Vulnerability in Wireshark Allows Privilege Escalation Arbitrary Web Script Injection in BackupPC 3.2.0 (and earlier) via num Parameter in CGI/Browse.pm Integer Signedness Error in decode_residual_block Function in FFmpeg Allows Remote Code Execution Denial of Service Vulnerability in Linux Kernel's CIFS DFS Referral Handling Arbitrary Command Execution Vulnerability in GNOME NetworkManager KDE SC SSL Wrapper API Vulnerability: Certificate Spoofing via Rich Text Font Spoofing Vulnerability in Rekonq 0.7.0 and Earlier Font Spoofing Vulnerability in Arora Web Browser Apache HTTP Server Reverse Proxy Vulnerability Remote Denial of Service Vulnerability in EtherApe 0.9.12 XSS Vulnerability in StatusNet before 0.9.9 Multiple Cross-Site Scripting (XSS) Vulnerabilities in PunBB before 1.3.6 Authentication Bypass Vulnerability in Cyrus IMAPd NNTP Server Cross-Site Scripting (XSS) Vulnerability in Drupal Views Bulk Operations (VBO) Module Vulnerability: Insecure Validation of GPG Keys in apt-key Allows Man-in-the-Middle Attacks Unintended Read Access to IP Address and HTTP Header Information in Apache Tomcat Privilege Escalation via Unrestricted ContainerServlets in Apache Tomcat 7.x Same Origin Policy Bypass in IcedTea-Web Plug-in Remote Code Execution and Denial of Service Vulnerability in RPM Package Manager Remote Code Execution Vulnerability in PHP 5.3.7 and 5.3.8 via is_a Function and __autoload Denial of Service in Openswan 2.6.29-2.6.35 via Invalid KEY_LENGTH Attribute CSRF Vulnerability in Phorum before 5.2.16 Allows Remote Authentication Hijacking Phorum XSS Vulnerability in Version 5.2.16 and Earlier Arbitrary Web Script Injection in KENT-WEB WEB FORUM 5.1 and Earlier Cross-site scripting (XSS) vulnerability in Sage add-on 1.3.10 and earlier for Firefox Arbitrary Web Script Injection Vulnerability in WebsiteBaker Remote Insulin Pump Modification Vulnerability Denial of Service Vulnerability in IBM Java 1.4.2 SR13 FP9 Class File Parser Insecure Site Spoofing Vulnerability in Opera Browser BEAST Attack: Exploiting SSL CBC Mode Vulnerability for Intercepting HTTP Headers Cross-Site Scripting (XSS) Vulnerabilities in IBM OpenAdmin Tool (OAT) for Informix Insecure Enforcement of EditSecurity Permission in IBM Rational Build Forge 7.1.2 Arbitrary Web Script Injection in Phorum Controlcenter's control.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in MYRE Real Estate Software's findagent.php SQL Injection Vulnerability in findagent.php in MYRE Real Estate Software PowerPoint Insecure Library Loading Vulnerability Microsoft Time Remote Code Execution Vulnerability OLE Object Memory Handling Vulnerability Windows Media Player and Media Center Remote Code Execution Vulnerability TrueType Font Parsing Vulnerability in Microsoft Windows Record Memory Corruption Vulnerability in Microsoft Excel 2003 SP3 and Office 2004 for Mac Content-Disposition Information Disclosure Vulnerability in Microsoft Internet Explorer 6-9 Active Directory Buffer Overflow Vulnerability CSRSS Local Privilege Elevation Vulnerability Publisher Out-of-bounds Array Index Vulnerability Publisher Invalid Pointer Vulnerability Publisher Memory Corruption Vulnerability OfficeArt Shape RCE Vulnerability Collisions in HashTable May Cause DoS Vulnerability Insecure Redirect in .NET Forms Authentication Vulnerability ASP.Net Forms Authentication Bypass Vulnerability ASP.NET Forms Authentication Ticket Caching Vulnerability Unspecified Vulnerabilities in Google Chrome on Chromebook Platforms Unspecified Vulnerabilities in Google Chrome on Acer AC700, Samsung Series 5, and Cr-48 Chromebook Platforms Vulnerability: Keychain Implementation in Apple Mac OS X Allows SSL Server Spoofing via Extended Validation Certificate Arbitrary Web Script Injection Vulnerability in TIBCO Managed File Transfer Server and TIBCO Slingshot Server Session Fixation Vulnerability in TIBCO Managed File Transfer Server and TIBCO Slingshot Server Arbitrary Script Injection Vulnerability in Safari on Apple iOS before 5 MD5 Hash Algorithm Vulnerability in Apple iOS and Apple TV QuickTime Buffer Overflow Vulnerability Cleartext Storage of Parental-Restrictions Passcode in Apple iOS Localization Vulnerability in Apple iOS Settings Component Home Screen Component Vulnerability in Apple iOS Denial of Service Vulnerability in iOS UIKit Alerts Component iOS WiFi Credential Storage Vulnerability Password Data Disclosure Vulnerability in Apple Mac OS X 10.7 Password Change Vulnerability in Apple Mac OS X 10.7 Arbitrary Code Execution via Crafted Embedded Type 1 Font in Apple Type Services (ATS) Remote Code Execution Vulnerability in Safari 5.0.6 Arbitrary Code Execution and Memory Corruption Vulnerability in FreeType in CoreGraphics in Apple iOS Smart Cover Vulnerability in Apple iOS on iPad 2 Improper Formulation of Domain-Name Queries in libinfo on Apple iOS before 5.0.1 Arbitrary Code Execution Vulnerability in Apple iOS Kernel WebKit Use-After-Free Vulnerability in Apple Safari Unencrypted Session Switching Vulnerability in Apple Mac OS X Address Book Memory Management Vulnerability in Apple Type Services (ATS) Allows Remote Code Execution or Denial of Service Improper Construction of Request Headers in CFNetwork in Apple Mac OS X 10.7.x before 10.7.3 Heap-based Buffer Overflow in CoreMedia in Apple Mac OS X CoreText Use-After-Free Vulnerability in Apple Mac OS X Stack Memory Allocation Vulnerability in CoreUI in Apple Mac OS X 10.7.x before 10.7.3 Wi-Fi Configuration Persistence Vulnerability in Apple Mac OS X Integer Overflow Vulnerability in libresolv in Apple Mac OS X Memory Corruption and Code Execution Vulnerability in Apple Mac OS X's OpenGL Implementation Uninitialized Memory Access Vulnerability in QuickTime for Apple Mac OS X Buffer overflow vulnerability in QuickTime in Apple Mac OS X before 10.7.3 allows remote code execution or denial of service Buffer Overflow Vulnerability in QuickTime Allows Remote Code Execution or Denial of Service Unauthenticated Remote Access to Time Machine Backups in Apple Mac OS X Privilege Escalation via WebDAV Sharing in Apple Mac OS X 10.7.x Stack-based buffer overflow in png_formatted_warning in pngerror.c in libpng 1.5.4 through 1.5.7 allows remote attackers to cause a denial of service and potentially execute arbitrary code. Denial of Service Vulnerability in GEAR Software CD DVD Filter Driver Remote Code Execution Vulnerability in Symantec pcAnywhere World-writable permissions in Symantec pcAnywhere and IT Management Suite allow local privilege escalation NULL pointer dereference vulnerability in Cyrus IMAP Server before 2.4.11 with server-side threading CSN.1 Dissector Denial of Service Vulnerability Denial of Service Vulnerability in Wireshark 1.6.x Denial of Service Vulnerability in OpenSafety Dissector in Wireshark 1.6.x Denial of Service Vulnerability in Beckhoff TwinCAT 2.11.0.2004 and Earlier Carel PlantVisor Directory Traversal Vulnerability Remote Code Execution Vulnerability in Equis MetaStock 11 and Earlier Denial of Service Vulnerability in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and Earlier Stack-based Buffer Overflow Vulnerabilities in Measuresoft ScadaPro 4.0.0 and Earlier Heap-based Buffer Overflow in Progea Movicon / PowerHMI 11.2.1085 and Earlier: Remote Code Execution Vulnerability Azeotech DAQFactory 5.85 Stack-Based Buffer Overflow Vulnerability Stack-based buffer overflows in DH_OneSecondTick function in Cogent DataHub 7.1.1.63 and earlier Buffer Overflow Vulnerabilities in WinSig.exe in eSignal 10.6.2425 and Earlier Directory Traversal Vulnerabilities in Measuresoft ScadaPro 4.0.0 and Earlier Arbitrary Command Execution in Measuresoft ScadaPro 4.0.0 and Earlier Arbitrary DLL Function Execution Vulnerability in Measuresoft ScadaPro 4.0.0 and Earlier Heap-based Buffer Overflow in Progea Movicon / PowerHMI 11.2.1085 and Earlier Remote Code Execution and Denial of Service Vulnerability in Progea Movicon / PowerHMI 11.2.1085 and Earlier Directory Traversal Vulnerability in Cogent DataHub 7.1.1.63 and Earlier Denial of Service Vulnerability in Cogent DataHub 7.1.1.63 and Earlier Information Disclosure Vulnerability in Cogent DataHub Web Server Untrusted Search Path Vulnerability in eSignal 10.6.2425.1208 and Other Versions Memory Allocation Vulnerability in Matroska Format Decoder in FFmpeg Unspecified Authentication Vulnerability in Oracle OpenSSO Component Unspecified Remote Integrity Vulnerability in Oracle Communications Unified Component LDAP Library Vulnerability in Oracle Solaris 8, 9, 10, and 11 Express Unspecified vulnerability in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to compromise confidentiality Unspecified vulnerability in Oracle Business Intelligence Enterprise Edition allows remote authenticated users to compromise confidentiality and integrity Unspecified Privileged Account Vulnerability in Oracle Database Vault Unspecified vulnerability in Oracle Database Server Core RDBMS component Unspecified Remote Code Execution Vulnerability in Oracle E-Business Suite Unspecified Remote Integrity Vulnerability in Oracle JD Edwards EnterpriseOne Tools Component Unspecified Local Vulnerability in Oracle Solaris 10 and 11 Express Affecting Integrity and Availability via Process File System (procfs) Unspecified vulnerability in Java Runtime Environment allows remote attackers to compromise confidentiality, integrity, and availability Unspecified Authentication Vulnerability in Oracle OpenSSO Component Unspecified vulnerability in Oracle Siebel CRM 8.0.0 allows remote authenticated users to compromise confidentiality and integrity via Siebel Core - UIF Client component. Unspecified vulnerability in Oracle Applications Framework component in Oracle E-Business Suite 12.1.2 and 12.1.3 Unspecified Integrity Vulnerability in Oracle PeopleSoft Products Unspecified Deserialization Vulnerability in Oracle Java SE JDK and JRE Unspecified vulnerability in SysFW 8.0 on certain SPARC T3, Netra SPARC T3, Sun Fire, and Sun Blade based servers allows local users to compromise confidentiality via Integrated Lights Out Manager CLI. Unspecified Remote Integrity Vulnerability in Oracle Web Services Manager Unspecified vulnerability in Oracle JD Edwards 8.98 SP 24 allows remote authenticated users to compromise confidentiality Unspecified vulnerability in Oracle Database Server's Application Express component allows remote authenticated users to compromise confidentiality, integrity, and availability Unspecified Confidentiality Vulnerability in Oracle Siebel CRM 8.0.0 and 8.1.1 Unspecified vulnerability in PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 affecting confidentiality and integrity via Candidate Gateway. Unspecified vulnerability in PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to compromise confidentiality and integrity via eProfile-related vectors. Confidentiality vulnerability in PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.0 and 9.1 related to Talent Acquisition Manager Unspecified Confidentiality Vulnerability in PeopleSoft Enterprise HRMS Component Unspecified vulnerability in Oracle Web Services Manager component in Oracle Fusion Middleware Unspecified Confidentiality Vulnerability in Oracle Agile Product Supplier Collaboration for Process Component Unspecified vulnerability in PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 8.9 allows remote authenticated users to compromise confidentiality and integrity via Job Profile Manager (JPM). Unspecified Remote Availability Vulnerability in Oracle Solaris Network Status Monitor (statd) Unspecified Remote Quota Server (rquotad) Vulnerability in Solaris Component Local Privilege Escalation Vulnerability in Oracle Solaris 10 via DTrace Software Library (libdtrace) Unspecified Local Denial of Service Vulnerability in Oracle Solaris Unspecified Authentication Vulnerability in Oracle Virtualization 4.0 Sun Ray Component Unspecified Vulnerability in Oracle Solaris Zones Affects Availability Unspecified Local Denial of Service Vulnerability in Oracle Outside In Technology Component Unspecified Local Denial of Service Vulnerability in Oracle Solaris 10 and 11 Express Remote Code Execution Vulnerability in Oracle Solaris 11 Express iSCSI DataMover (IDM) Unspecified vulnerability in Java Runtime Environment allows remote attackers to compromise confidentiality, integrity, and availability Unspecified Sound-related Vulnerability in Oracle Java SE JDK and JRE Unspecified vulnerability in Java Runtime Environment allows remote attackers to compromise confidentiality and integrity Unspecified Networking Vulnerability in Oracle Java SE JDK and JRE Unspecified vulnerability in Java Runtime Environment allows remote attackers to compromise confidentiality, integrity, and availability Unspecified vulnerability in Java Runtime Environment allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing Unspecified vulnerability in Java Runtime Environment allows remote attackers to compromise confidentiality, integrity, and availability Unspecified 2D-related vulnerability in Oracle Java SE JDK and JRE Unspecified Networking Vulnerability in Oracle Java SE JDK and JRE Unspecified vulnerability in Java Runtime Environment component allows remote authenticated users to affect confidentiality Unspecified Remote Code Execution Vulnerability in Oracle Java SE JDK and JRE Unspecified Remote Vulnerability in Oracle Java SE JDK and JRE Unspecified vulnerability in Java Runtime Environment allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Java Runtime Environment allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Java Runtime Environment allows remote attackers to compromise confidentiality Unspecified vulnerability in Oracle Communications Server, GlassFish Enterprise Server, and Sun Java System App Server allows remote attackers to affect availability via unknown vectors related to Web Container. Unspecified vulnerability in Java Runtime Environment allows remote attackers to compromise confidentiality and integrity Unspecified Confidentiality Vulnerability in Oracle Java SE JDK and JRE Unspecified Remote Integrity Vulnerability in Oracle Fusion Middleware Portal Component Unspecified Sound-related Vulnerability in Oracle Java SE Unspecified Local Confidentiality Vulnerability in Oracle GlassFish Enterprise Server 2.1.1 Unspecified Local Vulnerability in Oracle Communications Unified 7.0 Affecting Calendar Server Unspecified Remote Code Execution Vulnerability in Oracle WebLogic Server Unspecified vulnerability in Oracle Web Services Manager component in Oracle Fusion Middleware Unspecified Confidentiality Vulnerability in Oracle Web Services Manager Unspecified Local Confidentiality Vulnerability in Oracle Communications Unified 7.0 Unspecified vulnerability in Oracle Virtualization 3.2 VDI component allows remote authenticated users to compromise confidentiality and integrity via unknown vectors related to Session Unspecified Remote Availability Vulnerability in Oracle Communications Unified 7.0 Unspecified Local Vulnerability in Oracle Communications Unified 7.0 Affecting Confidentiality and Integrity via Calendar Server Stack-based Buffer Overflow in IBM Lotus Domino 8.5.2 Allows Remote Code Execution Arbitrary Web Script Injection Vulnerability in IBM Lotus Domino 8.5.2 Unspecified Impact and Attack Vectors in IBM WebSphere Commerce Arbitrary Code Injection via action Parameter in MantisBT Arbitrary File Read and Denial of Service Vulnerability in IceWarp WebMail Information Disclosure in IceWarp WebMail Allows Remote Attackers to Obtain Configuration Information Heap-based Buffer Overflow in ldns_rr_new_frm_str_internal Function Inadequate Confirmation in Advanced Electron Forums (AEF) Allows CSRF Attacks SQL Injection Vulnerability in Typo3 Core 4.5.0 - 4.5.5 SQL Injection Vulnerability in TYPO3 Core wec_discussion Extension Race Conditions in mount.cifs and umount.cifs Programs in Samba 3.6 Arbitrary Command Execution Vulnerability in Zope 2.12.x and 2.13.x Insecure SSH Configuration in Red Hat mkdumprd Script Allows Man-in-the-Middle Attacks World-readable permissions on vmcore files in Red Hat mkdumprd script Insecure Storage of SSH Private Keys in Red Hat mkdumprd Script Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin 3.4.x before 3.4.5 Denial of Service Vulnerability in Red Hat Enterprise Linux 6 Denial of Service Vulnerability in libpurple's g_markup_escape_text Function Joomla! 1.7.0 Multiple Cross-site Scripting (XSS) Vulnerabilities in index.php DoS Vulnerability in Polipo before 1.0.4.1 via Specially-Crafted HTTP POST / PUT Request Eval Injection Vulnerability in Digest Module: Arbitrary Command Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpPgAdmin before 5.0.3 Crypt::DSA Module Vulnerability: Brute-Force Attack on Signature Spoofing and Key Determination OFBiz XML-RPC Endpoint External Entity Injection Vulnerability Buffer Overflow in radvd's process_ra Function Allows Remote Code Execution or Denial of Service Directory Traversal Vulnerability in Radvd Allows Arbitrary File Overwrite Privilege Escalation Vulnerability in Radvd Daemon Denial of Service Vulnerability in radvd's process_ra Function Denial of Service Vulnerability in radvd's process_rs Function DOM-based Cross-Site Scripting Vulnerability in JBoss Application Server 7 Administration Console Apache HTTP Server Integer Overflow Vulnerability CSRF Vulnerability in JBoss Application Server 7 before 7.1.0 Serendipity freetag Plugin XSS Vulnerability File Inclusion Vulnerability in UseBB before 1.0.12 CSRF Vulnerability in panel.php in UseBB before 1.0.12 Cookie Handling Vulnerability in Vanilla Forums Access Control Vulnerability in Vanilla Forums Plugins: Facebook, Twitter, and Embedded SQL Injection Vulnerabilities in Simple Machines Forum (SMF) Versions 1.1.15 and 2.x Arbitrary File Overwrite Vulnerability in Conky 1.8.1 and Earlier Unauthorized Deletion of Immutable Files in Tahoe-LAFS v1.3.0 through v1.8.2 Vulnerability: Insecure Tempfile Handling Allows Symlink Attack NULL pointer dereference vulnerability in apparmor_setprocattr function in Linux kernel before 3.0 Apache Qpid 0.12 Cluster Joining Vulnerability Reverse Proxy Vulnerability in FluxBB before 1.4.7 with FORUM_BEHIND_REVERSE_PROXY Enabled Phorum Admin Login Screen XSS Vulnerability Stack-based Buffer Overflow Vulnerabilities in VideoLAN VLC Media Player WEBrick::HTTPRequest Header Injection Vulnerability Stack-based Buffer Overflow in MPlayer's sub_read_line_sami Function Double Free Vulnerability in Logsurfer Allows Remote Command Execution Denial of Service Vulnerability in ClamAV Bytecode Engine Untrusted search path vulnerability in pam_motd module allows privilege escalation Weak Encryption Vulnerability in Joomla! Core 1.7.1 Leads to Information Disclosure Multiple Stack-Based Buffer Overflow Vulnerabilities in Hardlink Heap-based Buffer Overflow in Hardlink Symlink Attack Vulnerability in Hardlink before 0.1.2 Insecure Certificate Validation in apt before 0.8.11 Cross-site scripting (XSS) vulnerability in Empathy theme_adium_append_message function CSRF Vulnerability in FreeIPA Management Interface Allows Authentication Hijacking Denial of Service Vulnerability in Linux Kernel's m_stop Function Unmarked Dirty Extent Vulnerability in Linux Kernel Apache HTTP Server mod_proxy Reverse Proxy Vulnerability Untrusted Search Path Vulnerability in Mozilla Network Security Services (NSS) Allows Privilege Escalation Arbitrary Script Injection in Flowplayer Flash Plugin Configuration Arbitrary Access Restriction Bypass in Newgen OmniDocs Information Disclosure Vulnerability in phpMyAdmin 3.4.x before 3.4.6 XPCNativeWrappers Privilege Escalation Vulnerability Shift JIS Encoding XSS Vulnerability in Mozilla Firefox and Thunderbird Same Origin Policy Bypass in Mozilla Firefox and Thunderbird with Direct2D and Azure Graphics Denial of Service and Memory Corruption Vulnerability in Mozilla Firefox and Thunderbird Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox and Thunderbird Memory Corruption Vulnerability in Mozilla Firefox and Thunderbird Same Origin Policy Bypass in Mozilla Firefox and Thunderbird on Mac OS X with Intel Integrated GPUs SVG mpath Element Remote Code Execution Vulnerability Access Control Bypass Vulnerability in Mozilla Firefox and Thunderbird Arbitrary Web Script Injection Vulnerability in Mozilla Firefox Cross-Site Scripting (XSS) Vulnerabilities in Bugzilla Out-of-bounds Memory Access Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Use-after-free vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey allows remote code execution Unspecified Remote Code Execution Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Remote Code Execution Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Keystroke Capture Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey DOM Frame Deletion Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey on Mac OS X Ogg VIDEO Element Denial of Service Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey Improper Access Restriction in Mozilla Firefox and Thunderbird on Mac OS X User Account Creation Vulnerability in Bugzilla WebService Bugzilla Cross-Site Request Forgery (CSRF) Vulnerability in post_bug.cgi CSRF Vulnerability in Bugzilla Attachment Upload IPv6 Literal Address Syntax Enforcement Bypass Vulnerability Use-after-free vulnerability in nsHTMLSelectElement allows remote code execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in Tembria Server Monitor Insecure Credential Encryption in Tembria Server Monitor Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sonexis ConferenceManager 9.2.11.0 and 9.3.14.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sonexis ConferenceManager 9.2.11.0 SQL Injection Vulnerabilities in Sonexis ConferenceManager 9.3.14.0 Arbitrary Web Script Injection in Licenses.html in Wibu-Systems CodeMeter WebAdmin Untrusted Search Path Vulnerability in PlotSoft PDFill PDF Editor 8.0 Privilege Escalation Vulnerability in Foxit Reader Cleartext Console Credentials Storage Vulnerability in NetSaro Enterprise Messenger Server 2.0 Cleartext Server Credentials Disclosure in NetSaro Enterprise Messenger Server 2.0 Remote Code Disclosure Vulnerability in NetSaro Enterprise Messenger Server 2.0 Information Disclosure Vulnerability in 111WebCalendar 1.2.3 Information Disclosure Vulnerability in 60cycleCMS 2.5.2 Sensitive Information Disclosure in Achievo 1.4.5 via Direct Request to .php File Information Disclosure Vulnerability in AdaptCMS 2.0.2 Beta Sensitive Information Disclosure in John Lim ADOdb Library for PHP 5.11 Sensitive Information Disclosure in Advanced Electron Forum (AEF) 1.0.8 Information Disclosure Vulnerability in AlegroCart 1.2.3 Information Disclosure Vulnerability in Ananta Gazelle 1.0 Sensitive Information Disclosure in AneCMS 1.0 Sensitive Information Disclosure in appRain 0.1.0 via Direct Request to .php File Arctic Fox CMS 0.9.4 Information Disclosure Vulnerability Sensitive Information Disclosure in ATutor 2.0 via Direct Request to .php File Information Disclosure in JanRain PHP OpenID Library Information Disclosure Vulnerability in Automne 4.0.2 Information Disclosure Vulnerability in b2evolution 3.3.3 Information Disclosure Vulnerability in bbPress 1.0.2 Information Disclosure Vulnerability in BIGACE 2.7.5 Revealing Installation Path Sensitive Information Disclosure in CakePHP 1.3.7 via Direct Request to .php File Information Disclosure Vulnerability in cFTP r80 Information Disclosure Vulnerability in ClanSphere 2010.0 Sensitive Information Disclosure in ClanTiger 1.1.3 via Direct Request to .php File Information Disclosure Vulnerability in Claroline 1.9.7 Information Disclosure Vulnerability in ClipBucket 2.0.9 Information Disclosure Vulnerability in CMS Made Simple (CMSMS) 1.9.2 Information Disclosure Vulnerability in CodeIgniter 1.7.2 Information Disclosure Vulnerability in ConceptCMS Sensitive Information Disclosure in Concrete 5.4.0.5, 5.4.1, and 5.4.1.1 Information Disclosure Vulnerability in Coppermine Photo Gallery (CPG) 1.5.12 Information Disclosure Vulnerability in Crafty Syntax 3.0.2 Information Disclosure Vulnerability in CubeCart 4.4.3 Information Disclosure Vulnerability in DeluxeBB 1.3 Information Disclosure Vulnerability in DoceboLMS 4.0.4 Information Disclosure Vulnerability in DokuWiki 2009-12-25c Information Disclosure Vulnerability in Dolphin 7.0.4 Information Disclosure Vulnerability in dotProject 2.1.4 Information Disclosure Vulnerability in Drupal 7.0 Information Disclosure Vulnerability in e107 0.7.24 Sensitive Information Disclosure in eggBlog 4.1.2 via Direct Request to .php File Information Disclosure Vulnerability in Elgg 1.7.6 Information Disclosure Vulnerability in Energine 2.3.8 Information Disclosure Vulnerability in Escort Agency CMS Sensitive Information Disclosure in ExoPHPDesk 1.2.1 Information Disclosure Vulnerability in eyeOS 2.2.0.0 Information Disclosure Vulnerability in Feng Office 1.7.2 Information Disclosure Vulnerability in Freeway 1.5 Alpha Information Disclosure Vulnerability in FrontAccounting 2.3.1 Information Disclosure Vulnerability in Ganglia 3.1.7 Sensitive Information Disclosure in HelpCenter Live 2.1.7 Information Disclosure Vulnerability in Hesk 2.2 Sensitive Information Disclosure in HTML Purifier 4.2.0 Information Disclosure Vulnerability in HycusCMS 1.0.3 Information Disclosure Vulnerability in Jcow 4.2.1 Information Disclosure Vulnerability in Joomla! 1.6.0 Sensitive Information Disclosure in Kamads Classifieds 2_B3 Information Disclosure Vulnerability in ka-Map 1.0-20070205 Information Disclosure in kPlaylist 1.8.502 via Direct Request to .php File Sensitive Information Disclosure in LifeType 1.2.10 via Direct Request to .php File Information Disclosure Vulnerability in LimeSurvey 1.90+ build9642-20101214 Information Disclosure Vulnerability in LinPHA 1.3.4 Information Disclosure Vulnerability in Mambo 4.6.5 Information Disclosure Vulnerability in MantisBT 1.2.4 Information Disclosure Vulnerability in MicroBlog 0.9.5 Information Disclosure Vulnerability in Moodle 2.0.1 Information Disclosure Vulnerability in ::mound:: 2.1.6 Information Disclosure Vulnerability in MyBB 1.6 Information Disclosure Vulnerability in Nucleus 3.61 Information Disclosure Vulnerability in NuSOAP 0.9.5 Sensitive Information Disclosure in OpenBlog 1.2.1 via Direct Request to .php File Information Disclosure Vulnerability in OpenCart 1.4.9.3 Information Disclosure Vulnerability in OpenDocMan 1.2.6-svn-2011-01-21 Information Disclosure Vulnerability in Open-Realty 2.5.8 Information Disclosure Vulnerability in OrangeHRM 2.6.0.2 Sensitive Information Disclosure in osCommerce 3.0a5 via Direct Request to .php File Information Disclosure Vulnerability in Phorum 5.2.15a Sensitive Information Disclosure in PHPads 2.0 via Direct Request to .php File Information Disclosure in phpAlbum 0.4.1.14 via Direct Request to .php File Sensitive Information Disclosure in phpBook 2.1.0 via Direct Request to .php File Sensitive Information Disclosure in phpCollab 2.5 via Direct Request Information Disclosure Vulnerability in PHPDevShell 3.0.0-Beta-4b Sensitive Information Disclosure in phpESP 2.1.1 via Direct Request to .php Files Sensitive Information Disclosure in PHPfileNavigator 2.3.3 Sensitive Information Disclosure in phpFormGenerator 2.09 Information Disclosure in phpFreeChat 1.3 via Direct Request to .php File Information Disclosure Vulnerability in PhpGedView 4.2.3 Sensitive Information Disclosure in PhpHostBot 2.0 via Direct Request to .php Files Sensitive Information Disclosure in PHP iCalendar 2.4 Sensitive Information Disclosure in PHPIDS 0.6.5 via Direct Request to .php File Information Disclosure Vulnerability in phpLD 2-151.2.0 Information Disclosure Vulnerability in phpMyFAQ 2.6.13 Information Disclosure Vulnerability in Francisco Burzi PHP-Nuke 8.0 Sensitive Information Disclosure in PHP Point Of Sale (POS) 10.7 Sensitive Information Disclosure in PHProjekt 6.0.5 via Direct Request to .php File Information Disclosure in phpScheduleIt 1.2.12 via Direct Request to .php File Sensitive Information Disclosure in PhpSecInfo 0.2.1 Information Disclosure Vulnerability in phpwcms 1.4.7 r412 Information Disclosure Vulnerability in Piwigo 2.1.5 Information Disclosure Vulnerability in Piwik 1.1 Information Disclosure Vulnerability in Pixelpost 1.7.3 Sensitive Information Disclosure in Pixie 1.04 via Direct Request to .php File Information Disclosure Vulnerability in Pligg CMS 1.1.3 Information Disclosure Vulnerability in Podcast Generator 1.3 Information Disclosure Vulnerability in PrestaShop 1.4.0.6 Information Disclosure Vulnerability in ProjectPier 0.8.0.3 Information Disclosure Vulnerability in Rapid Leech 2.3-v42-svn322 Information Disclosure Vulnerability in ReOS 2.0.5 Information Disclosure Vulnerability in Serendipity 1.5.5 Information Disclosure Vulnerability in SimpleTest 1.0.1 Information Disclosure Vulnerability in StatusNet 0.9.6 Information Disclosure Vulnerability in SugarCRM 6.1.0 Information Disclosure Vulnerability in SweetRice 0.7.1 Information Disclosure Vulnerability in TaskFreak! multi-mysql-0.6 Information Disclosure Vulnerability in TCExam 11.1.015 Information Disclosure Vulnerability in Textpattern 4.2.0 Information Disclosure Vulnerability in The Bug Genie 2.1.2 Sensitive Information Disclosure in TheHostingTool (THT) 1.2.3 Information Disclosure Vulnerability in TinyWebGallery (TWG) 1.8.3 Information Disclosure Vulnerability in TomatoCart 1.1.3 Information Disclosure Vulnerability in Vanilla 2.0.16 Information Disclosure Vulnerability in Virtual War (VWar) 1.5.0r15 Information Disclosure Vulnerability in WebCalendar 1.2.3 and Earlier Versions Sensitive Information Disclosure in WeBid 1.0.0 via Direct Request to .php File Sensitive Information Disclosure in WEBinsta Mailing List Manager 1.3e Information Disclosure Vulnerability in Website Baker 2.8.1 Information Disclosure Vulnerability in WordPress 2.9.2 and 3.0.4 Information Disclosure in WoW Server Status 4.1 Information Disclosure Vulnerability in WSN Software 6.0.6 Information Disclosure Vulnerability in xajax 0.6 beta1 Information Disclosure Vulnerability in XOOPS 2.5.0 Information Disclosure Vulnerability in Yamamah 1.0 Information Disclosure in YOURLS 1.5 via Direct Request to .php File Information Disclosure Vulnerability in Zend Framework 1.11.3 Information Disclosure Vulnerability in Zikula 1.2.4 Denial of Service Vulnerability in Novell GroupWise 8.0 Arbitrary Code Execution Vulnerability in DVRemoteAx.ax 2.1.0.39 Sensitive Information Disclosure in Support Incident Tracker (SiT!) 3.65 via FTP Upload File Vulnerability Arbitrary Web Script Injection in Support Incident Tracker (SiT!) 3.65 search.php Arbitrary SQL Command Execution via Crafted File Name in Support Incident Tracker (SiT!) 3.65 Eval Injection Vulnerability in Support Incident Tracker (SiT!) 3.65: Remote Code Execution via application_name Parameter Arbitrary PHP Code Execution via Unrestricted File Upload in Support Incident Tracker (SiT!) 3.65 Integer overflows in in_avi.dll plugin in Winamp before 5.623 leading to heap-based buffer overflow Multiple Cross-Site Scripting (XSS) Vulnerabilities in Wuzly 2.0 Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities in Wuzly 2.0 Arbitrary File Read Vulnerability in Wuzly 2.0 Multiple SQL Injection Vulnerabilities in Wuzly 2.0 Authentication Bypass Vulnerability in Wuzly 2.0 Administration Functionality Arbitrary Web Script Injection Vulnerability in WP Symposium Plugin Address Bar Spoofing Vulnerability in Apple Safari 5.0.5 Use-after-free vulnerability in Apple Safari 5.1.2 with plug-ins leading to arbitrary code execution CSRF Vulnerability in HP System Management Homepage (SMH) 6.2.2.7 Allows Account Hijacking Directory Traversal Vulnerability in Puppet Allows Remote Write of X.509 CSR Denial of Service Vulnerability in CA Directory 8.1 and CA Directory r12 Arbitrary Script Injection in Atahualpa WordPress Theme (before 3.6.8) Arbitrary Script Injection in News Theme for WordPress (CVE-XXXX-XXXX) Arbitrary Script Injection in EvoLve WordPress Theme (Version < 1.2.6) Arbitrary Web Script Injection in Hybrid Theme for WordPress Arbitrary Script Injection in ZenLite WordPress Theme (before 4.4) via s Parameter Arbitrary Script Injection in F8 Lite Theme for WordPress (CVE-2021-XXXX) Arbitrary Script Injection in Elegant Grunge WordPress Theme Antisnews WordPress Theme XSS Vulnerability Arbitrary Script Injection in Pixiv Custom Theme for WordPress Arbitrary Script Injection in Trending WordPress Theme (Version < 0.2) Arbitrary Script Injection in Cover WP Theme for WordPress (<=1.6.6) via s Parameter Web Minimalist 200901 WordPress Theme XSS Vulnerability Morning Coffee WordPress Theme 3.6 XSS Vulnerability RedLine WordPress Theme XSS Vulnerability Arbitrary Script Injection in The Erudite WordPress Theme (CVE-2021-XXXX) Arbitrary Web Script Injection in Black-LetterHead WordPress Theme Keystroke Reading Vulnerability in Mozilla Firefox and SeaMonkey Arbitrary Code Execution via Crafted UDF Filesystem in VMware Products Symlink Attack Vulnerability in Puppet 2.7.x, 2.6.x, and 0.25.x Symlink Attack on SSH Authorized_Keys File in Puppet 2.7.x and 2.6.x Arbitrary Code Execution and File Manipulation Vulnerability in Puppet AltNames Vulnerability Arbitrary Code Execution and Memory Corruption Vulnerability in Google Chrome Stack-based Buffer Overflow in libsysutils in Android 2.2.x through 2.2.2 and 2.3.x through 2.3.6 URL Spoofing Vulnerability in Google Chrome Whitespace Filename Vulnerability in Google Chrome Arbitrary Script Injection Vulnerability in Google Chrome Appcache Internals Page Race condition vulnerability in Google Chrome before 15.0.874.102 Unrestricted Redirect Vulnerability in Google Chrome Unspecified Special Character Delimiter Vulnerability in Google Chrome Universal XSS (UXSS) vulnerability in WebKit allows bypassing Same Origin Policy Google Chrome Use-After-Free Vulnerability in Media Buffers Google Chrome Use-After-Free Vulnerability in Counters Timing Issues in DOM Traversal Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in CSS Token-Sequence Data Handling Out-of-Bounds Write Vulnerability in Google V8 Improper Handling of javascript: URLs in Google Chrome Allows Cookie Reading Google Chrome Use-After-Free Vulnerability in Editing Operations with Unknown Plug-In Heap-based buffer overflow in Web Audio implementation in Google Chrome Google Chrome Use-After-Free Vulnerability in Video Source Handling Improper Access Restriction in Google Chrome before 15.0.874.102 Double Free Vulnerability in Theora Decoder in Google Chrome Out-of-Bounds Read Vulnerability in Google Chrome MKV and Vorbis Media Handlers Memory Corruption Vulnerability in Google Chrome VP8 Decoding Heap-based buffer overflow in Vorbis decoder in Google Chrome: Remote DoS and Possible Impact Buffer Overflow Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in Editing Feature Unauthenticated Execution of Crafted Applets in Google Chrome Out-of-Bounds Write Vulnerability in Google V8 Android SQLite Journal Information Disclosure Vulnerability Out-of-Bounds Read Vulnerability in Google Chrome Bidirectional Text Handling Use-After-Free Vulnerability in Google Chrome Denial of Service Vulnerability in libxml2 Out-of-Bounds Read Vulnerability in Google Chrome PDF Parser URL Bar Spoofing Vulnerability in Google Chrome Out-of-bounds read vulnerability in Google Chrome before 16.0.912.63 Memory Corruption Vulnerability in Google Chrome's CSS Implementation on 64-bit Platforms Out-of-Bounds Read Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome PDF Handling Google Chrome Use-After-Free Vulnerability in SVG Filters Google Chrome Use-After-Free Vulnerability in Range Handling Out-of-Bounds Write Vulnerability in Google V8 Internationalization Functionality Buffer Overflow in Google Chrome: Remote DoS and Possible Other Impact via PDF Fonts PDF Cross Reference Denial of Service Vulnerability in Google Chrome Stack-based Buffer Overflow in FileWatcher in Google Chrome Arbitrary UID Fork Request Vulnerability in Android Zygote Process Heap-based Buffer Overflow in libxml2: Remote Code Execution Vulnerability Google Chrome Use-After-Free Vulnerability in Animation Frames Stack-based Buffer Overflow in Google Chrome: Remote DoS and Possible Impact via Glyph Handling Remote Code Execution Vulnerability in Apache Struts before 2.3.1.2 Google Chrome Use-After-Free Vulnerability in DOM Selections Safe Browsing Feature Use-After-Free Vulnerability in Google Chrome Heap-based Buffer Overflow in Google Chrome Tree Builder Uninitialized Value Vulnerability in Skia Library Google Chrome Use-After-Free Vulnerability in DOM Handling NULL pointer dereference and application crash vulnerability in avpriv_dv_produce_packet function in FFmpeg and Libav Double Free Vulnerability in FFmpeg's vp3_update_thread_context Function Unspecified Impact Vulnerability in FFmpeg's codec_get_buffer Function Out-of-bounds read vulnerability in dv_extract_audio function in FFmpeg and Libav Unspecified Impact and Attack Vectors in H.263 Codec Out-of-bounds read and write vulnerability in nsvdec.c in FFmpeg and Libav Uninitialized Block Index Out-of-Bounds Write Vulnerability in FFmpeg Unspecified Impact Vulnerability in FFmpeg's smacker_decode_header_tree Function Remote Code Execution Vulnerability in KVG1 Decoder in FFmpeg and Libav Infinite Loop Vulnerability in FFmpeg's ff_h264_decode_sei Function Buffer overflow vulnerability in libavcodec in FFmpeg and Libav allows remote code execution via crafted MJPEG-B file Unspecified Impact Vulnerability in FFmpeg's dirac_unpack_idwt_params Function Unspecified Impact Vulnerability in FFmpeg's dirac_decode_data_unit Function Denial of Service and Arbitrary Code Execution Vulnerability in FFmpeg and Libav KMVC Decoding Vulnerability Clipboard Monitoring Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome IndexedDB Transaction Handling Sandbox Bypass Vulnerability in Google Chrome Extension Implementation Google Chrome Use-After-Free Vulnerability in Garbage Collection Functionality Improper Variable Casting in Google Chrome Allows for Denial of Service or Other Impact Buffer Overflow Vulnerability in Google Chrome Locale Implementation Out-of-Bounds Read Vulnerability in Google Chrome Race condition vulnerability in Google Chrome before 17.0.963.46 allows remote code execution Path Clipping Vulnerability in Google Chrome Denial of Service Vulnerability in Google Chrome 17.0.963.46 URL bar spoofing vulnerability in Google Chrome before version 17.0.963.46 Signature Verification Bypass Vulnerability in Google Chrome Google Chrome Use-After-Free Vulnerability in CSS Error Handling Denial of Service Vulnerability in Google Chrome 17.0.963.46 Google Chrome Use-After-Free Vulnerability in CSS Token Sequences Google Chrome Use-After-Free Vulnerability in SVG Document Layout Denial of Service Vulnerability in libxslt in Google Chrome Use-after-free vulnerability in Google Chrome: Remote Denial of Service via Mousemove Events Out-of-Bounds Read Vulnerability in Google Chrome Shader Translator Implementation Denial of Service Vulnerability in FFmpeg's cavsdec.c Integer Signedness Error in decode_residual_inter Function in libavcodec in FFmpeg HTC Sense Interface Vulnerability: Unauthorized Access to Sensitive Information AmmSoft ScriptFTP 3.3 Remote Code Execution Vulnerability Arbitrary File Read Vulnerability in NoMachine NX Node and Server Cross-Site Scripting (XSS) Vulnerabilities in LightNEasy 3.2.4: Remote Script Injection via Comment Fields Arbitrary Code Injection via themename Parameter in Zikula Application Framework Arbitrary File Upload Vulnerability in TYPO3 Drag Drop Mass Upload Extension Allwebmenus Plugin 1.1.3 for WordPress - PHP Remote File Inclusion Vulnerability in actions.php Denial of Service Vulnerability in QLogic Fibre Channel Driver for IBM AIX Arbitrary Web Script Injection via Cookies in KENT-WEB WEB FORUM 5.1 and Earlier Arbitrary Web Script Injection Vulnerability in KENT-WEB WEB FORUM 5.1 and Earlier Unspecified Cross-Site Scripting (XSS) Vulnerability in Plume before 1.2.3 Pligg before 1.2.0 XSS Vulnerability Denial of Service Vulnerability in DAEMON Tools Lite SQL Injection Vulnerability in EC-CUBE 2.11.0 through 2.11.2 Arbitrary SQL Command Execution Vulnerability in DBD::mysqlPP 0.04 and Earlier Arbitrary Web Script Injection Vulnerability in PukiWiki Plus! 1.4.7plus-u2-i18n and Earlier Untrusted Search Path Vulnerability in FFFTP 1.98a and Earlier Buffer Overflow Vulnerability in D-Link DES-3800, DWL-2100AP, and DWL-3200AP SSH Server Functionality Weak Permissions Vulnerability in SKYARC MTCMS and Movable Type Plugins CSRF Vulnerability in SKYARC MTCMS and Movable Type Plugins Unspecified Remote Denial of Service Vulnerability in Twilight Frontier Touhou Hisouten 1.06 and Earlier Denial of Service Vulnerability in CSWorks LiveData Service Authentication Bypass Vulnerability in Opengear Console Servers Arbitrary Web Script Injection Vulnerability in Apple WebObjects 5.2 and Earlier Iwate Portal Bar RSS/Atom Feed Reader Cross-Site Scripting (XSS) Vulnerability Remote Code Execution Vulnerability in ChaSen 2.4.x via Crafted String HP no Mawashimono Nikki 6.6 Directory Traversal Vulnerability Command Injection Vulnerability in HP no Mawashimono Nikki 6.6 and Earlier Remote Code Execution Vulnerability in Cisco WebEx Recording Format (WRF) Player T26 and T27 Cisco Small Business SRP Series Cross-Site Request Forgery (CSRF) Vulnerability Denial of Service Vulnerability in Cisco ASA 5500 Series Devices (Bug ID CSCtt32565) Denial of Service Vulnerability in Cisco IOS and IOS XE (Bug ID CSCtr56576) Fragment Entry Creation Vulnerability in Cisco IOS 12.0, 15.0, and 15.1 with PFC3C Arbitrary File Read Vulnerability in Cisco Wireless Control System (WCS) 7.0 Denial of Service Vulnerability in Cisco IOS 15.2S (Bug ID CSCts48300) Denial of Service Vulnerability in Cisco IOS PPP Implementation (Bug ID CSCtf71673) Memory Leak Vulnerability in Cisco IOS and Cisco Unified Communications Manager (CUCM) Denial of Service Vulnerability in Cisco IPS Sensor (Bug ID CSCto51204) Memory Leak Vulnerability in Cisco NX-OS 5.0 on Nexus Switches via SNMP Requests (CSCtr65682) Arbitrary Web Script Injection Vulnerability in OCS Inventory NG 2.0.1 and Earlier Arbitrary SQL Command Execution in NexusPHP 1.5 via thanks.php File Existence Disclosure Vulnerability in X.Org xserver Symlink Attack Vulnerability in X.Org xserver Unrestricted Access to Sub-Objects in CMFEditions Component Arbitrary Code Execution via Crafted ASF Packet in FFmpeg Buffer Overflow Vulnerability in Steema TeeChart ActiveX Control Buffer Overflow Vulnerability in Steema TeeChart ActiveX Control Arbitrary Web Script Injection Vulnerability in Schneider Electric Vijeo Historian, CitectHistorian, and CitectSCADAReports Arbitrary File Read Vulnerability in Schneider Electric Vijeo Historian, CitectHistorian, and CitectSCADAReports Buffer Overflow Vulnerability in Sielco Sistemi Winlog PRO and Winlog Lite before 2.07.09 Arbitrary Web Script Injection in Invensys Wonderware HMI Reports and Ocean Data Systems Dream Report Remote Code Execution Vulnerability in Invensys Wonderware HMI Reports Remote Code Execution Vulnerability in MiniSmtp 3.0.11818 in NJStar Communicator Remote Code Execution Vulnerability in Advantech/BroadWin WebAccess Arbitrary Code Execution via Crafted HTML Document in ARC Informatique PcVue, FrontVue, and PlantVue Integer Overflow Vulnerability in ARC Informatique PcVue, FrontVue, and PlantVue ActiveX Control (SVUIGrd.ocx) Unspecified Remote File Modification Vulnerability in ARC Informatique PcVue Buffer Overflow in ARC Informatique PcVue ActiveX Control (aipgctl.ocx) Allows Remote DoS Cleartext Storage of Recovery Account Password in Dell KACE K2000 System Deployment Appliance Arbitrary Command Execution Vulnerability in Dell KACE K2000 System Deployment Appliance Default Credentials Vulnerability in Dell KACE K2000 System Deployment Appliance Buffer Overflow Vulnerability in 7T IGSS 9.0.0.11200: Remote Denial of Service via Crafted Packet Unauthenticated Remote Code Execution in InduSoft Web Studio's CEServer Component Remote Code Execution Vulnerability in InduSoft Web Studio Remote Agent Untrusted Search Path Vulnerability in 7T IGSS Allows Privilege Escalation CA SiteMinder R6 SP6 and R12 SP3 XSS Vulnerability in login.fcc Buffer Overflow Vulnerability in Siemens Tecnomatix FactoryLink ActiveX Control Arbitrary File Creation and Overwrite Vulnerability in Siemens Tecnomatix FactoryLink Denial of Service Vulnerability in Wibu-Systems AG CodeMeter Runtime Symlink Attack Vulnerability in QNX Neutrino RTOS 6.5.0 Untrusted Search Path Vulnerabilities in IBM DB2 Express Edition 9.7 Kernel Buffer Overflow in FreeBSD UNIX Socket Bind System Call Improper Variable Initialization in SIP Channel Driver Allows Remote DoS in Asterisk Open Source Arbitrary Script Injection in phpMyAdmin Setup Interface SQL Injection Vulnerability in Gnuboard 4.33.02 and Earlier: Remote Code Execution via PATH_INFO Authentication Bypass Vulnerability in PacketFence LDAP Injection Vulnerability in PacketFence before 3.0.2 Use-after-free vulnerability in Openswan allows remote authenticated users to cause denial of service Arbitrary Web Script Injection Vulnerability in phpLDAPadmin 1.2.x Remote Code Execution Vulnerability in phpLDAPadmin 1.2.x OpenStack Nova EC2_ACCESS_KEY Exposure Vulnerability Buffer Overflow in XFS_readlink Function in Linux Kernel 2.6 Arbitrary URL GET Request Denial of Service Vulnerability in Roundcube Webmail 0.5.4 and Earlier Heap-based buffer overflow in OpenLDAP's UTF8StringNormalize function allows for denial of service (slapd crash) via zero-length string input Unrestricted Access to Kernel Ring Buffer in Linux Kernel NULL pointer dereference vulnerability in crypto/ghash-generic.c in the Linux kernel before 3.1 phpLDAPadmin before 0.9.8 - Local File Inclusion Vulnerability Sensitive Information Exposure in sosreport Utility Access Control Bypass in Servlets Invoked by httpha-invoker Denial of Service Vulnerability in Linux Kernel's journal_unmap_buffer Function Denial of Service Vulnerability in Linux Kernel's br_parse_ip_options Function ABRT Vulnerability: Potential Information Disclosure via Crash Reports Arbitrary Code Execution via bzexe Command in bzip2 XSS Vulnerability in Serendipity Karma Plugin Allows Privilege Escalation Authentication Bypass Vulnerability in libnet6 Server SSL Server Certificate Spoofing Vulnerability in Obby (aka libobby) Integer Overflow Vulnerability in libnet6 (net6) Allows Remote Connection Hijacking and Privilege Escalation Jara 1.6 SQL Injection Vulnerability Jara 1.6 XSS Vulnerability: Cross-Site Scripting Exploit Discovered Memory Leak in idnsGrokReply Function in Squid Integer Overflow in oom_badness Function in Linux Kernel Denial of Service Vulnerability in GFS2 Filesystem Preallocation Bypassing Chroot Restrictions in libcap Uninitialized Variable Vulnerability in Wireshark CSN.1 Dissector Denial of Service Vulnerability in Wireshark Infiniband Dissector ERF File Parser Heap-Based Buffer Overflow Vulnerability Arbitrary Code Execution via YAML Deserialization in Django Piston Arbitrary Code Execution via YAML Deserialization in Django Tastypie Symlink Attack Vulnerability in LightDM Allows Arbitrary File Ownership Change Remote Code Execution in TimThumb (timthumb.php) before 2.0 via Unvalidated Domain Whitelist XML External Entity (XXE) Injection Vulnerability in phpMyAdmin Padding Oracle Attack in OpenSSL DTLS Implementation Double Free Vulnerability in OpenSSL 0.9.8s and earlier with X509_V_FLAG_POLICY_CHECK Denial of Service Vulnerability in Linux Kernel 2.6 User Update Function Buffer Overflow in ccid_card_vscard_handle_message Function in QEMU Denial of Service Vulnerability in Linux Kernel's Net Subsystem Arbitrary SQL Command Execution in Views Module for Drupal Insecure Temporary File Creation in PAR::Packer Module Insecure Temporary File Handling in Parallel::ForkManager Perl Module Symlink Vulnerability in File::Temp Module for Perl Improper Handling of Temporary Files in Batch::BatchRun Module 1.03 for Perl Remote Privilege Escalation via XMLRPC in Mahara before 1.4.1 Insecure Usage of mktemp() and Unsafe Actions in /tmp in Caml-Light <= 0.75 Yubico PAM Module Authentication Bypass Vulnerability OpenSSL Ruby Extension Vulnerability: Weak RSA Key Generation Directory Traversal Vulnerability in OpenPAM Allows Arbitrary DSO Loading and Privilege Escalation Calibre: Input Validation Issues in devices/linux_mount_helper.c Leading to Argument Injection and Privilege Escalation Untrusted Search Path Vulnerability in Calibre Allows Privilege Escalation Race Condition Vulnerability in Calibre Allows Unprivileged Users to Mount Any Device SG_IO ioctl vulnerability in Linux kernel before 3.2.2 Buffer Overflow in gnutls_session_get_data Function in GnuTLS Automatic Connection to Twitter Without Account Set Vulnerability ProFTPD Response API Use-After-Free Remote Code Execution Vulnerability Denial of Service Vulnerability in Linux Kernel NFSv4 Implementation Denial of Service Vulnerability in Linux Kernel's Journaling Block Device (JBD) Functionality CSRF Vulnerability in Moodle 1.9.x Allows Authentication Hijacking for RSS Feed Modification Remote Code Execution Vulnerability in Flexera FlexNet Publisher 11.10 Arbitrary Code Execution via Directory Traversal in Flexera FlexNet Publisher 11.10 Session Data Modification Vulnerability in Django Denial of Service Vulnerability in Django URLField Implementation Arbitrary GET Request Vulnerability in Django URLField Implementation Cache Poisoning Vulnerability in Django Django CSRF Protection Bypass via Arbitrary HTTP Host Headers Untrusted Search Path Vulnerability in EMC RSA SecurID Software Token 4.1: Privilege Escalation via Trojan Horse DLL Cleartext Credential Exposure in EMC SourceOne Email Management Information Disclosure Vulnerability in EMC RSA enVision 4.0 and 4.1 Privilege Escalation Vulnerability in EMC Documentum Content Server Denial of Service Vulnerability in krb5_db2_lockout_audit Function Unchecked Return Value Vulnerability in zend_strndup Function Unspecified Cross-Site Scripting (XSS) Vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x Unspecified Cross-Site Scripting (XSS) Vulnerability in HP Network Node Manager i (NNMi) 9.0x and 9.1x Remote Code Execution Vulnerability in HP SAN/iQ Unspecified Information Disclosure Vulnerability in HP Directories Support for ProLiant Management Processors Unspecified Privilege Escalation Vulnerability in System Administration Manager (SAM) on HP-UX Unspecified Local Directory Access Bypass Vulnerability in HP Operations Agent and Performance Agent Remote Firmware Update (RFU) Vulnerability in HP Printers Remote Code Execution and Denial of Service Vulnerability in HP Protect Tools Device Access Manager Remote Code Execution Vulnerability in HP Database Archiving Software 6.31 (ZDI-CAN-1213) Remote Code Execution Vulnerability in HP Database Archiving Software 6.31 (ZDI-CAN-1214) Remote Code Execution Vulnerability in HP Database Archiving Software 6.31 (ZDI-CAN-1263) Arbitrary File Creation Vulnerability in HP Managed Printing Administration Stack-based Buffer Overflow in HP Managed Printing Administration Allows Remote Code Execution Arbitrary File Creation Vulnerability in HP Managed Printing Administration Unspecified Remote Vulnerability in HP Managed Printing Administration Cross-site scripting (XSS) vulnerability in Empathy theme_adium_append_message function Arbitrary Web Script Injection in IBM WebSphere ILOG Rule Team Server 7.1.1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in KENT-WEB WEB FORUM before 5.1 CSRF Vulnerability in Simple Machines Forum (SMF) 2.x before 2.0.1 Open Build Service Vulnerability: Unauthorized Access to Source Files Arbitrary Code Execution Vulnerability in SUSE Linux Enterprise's sysconfig Arbitrary RPM File Upload Vulnerability in SUSE Open Build Service Arbitrary Code Execution and Denial of Service Vulnerability in Novell iPrint Client Heap-based Buffer Overflow in Novell iPrint Client Allows Remote Code Execution Buffer Overflow in GetDriverSettings Function in Novell iPrint Client Buffer Overflow in Create Attribute Function in Novell iManager 2.7.4 Remote Code Execution and Denial of Service Vulnerability in Novell GroupWise 8.0x through 8.02HP3 Missing Host Key Verification in kdump and mkdumprd OpenSSH Integration Stack-based Buffer Overflow in XNFS.NLM in Novell NetWare 6.5 SP8 Arbitrary Command Execution Vulnerability in Kiwi Before 4.85.1 Arbitrary Script Injection in SUSE Studio Onsite and SUSE Studio Extension for System z Buffer Overflow in Novell iPrint Server Allows Remote Code Execution Arbitrary Command Execution via Shell Metacharacters in Kiwi Image Name Arbitrary Subject Sub-Certificates Vulnerability in pfSense PKI Implementation Arbitrary Command Execution in Tadasoft Restorepoint 3.2 Evaluation Image Weak Permissions in Tadasoft Restorepoint 3.2 Evaluation Image Allows Privilege Escalation CRLF Injection Vulnerability in Moodle Calendar Component Arbitrary File Creation Vulnerability in Google App Engine Python SDK Insecure Sandbox Environment in Google App Engine Python SDK Insecure Sandbox Environment in Google App Engine Python SDK Authentication Bypass Vulnerability in OneOrZero AIMS 2.7.0 SQL Injection Vulnerability in OneOrZero AIMS 2.7.0 via cookieName Parameter Remote Code Execution Vulnerability in Investintech.com SlimPDF Reader Denial of Service and Remote Code Execution Vulnerability in Investintech.com SlimPDF Reader Remote Code Execution Vulnerability in Investintech.com SlimPDF Reader Denial of Service and Arbitrary Code Execution Vulnerability in Investintech.com SlimPDF Reader Unspecified Function Call Vulnerability in Investintech.com SlimPDF Reader Remote Code Execution Vulnerability in Investintech.com Able2Doc and Able2Doc Professional Remote Code Execution Vulnerability in Investintech.com Able2Extract and Able2Extract Server Remote Code Execution Vulnerability in Investintech.com Absolute PDF Server Denial of Service Vulnerability in Cisco IOS and IOS XE (Bug ID CSCtq61128) Directory Enumeration Vulnerability in Cisco Unified MeetingPlace 6.1 and 8.5 CRLF Injection Vulnerability in autologin.jsp in CiscoWorks Common Services 4.0 RealPlayer RealVideo Renderer Heap-Based Buffer Overflow Vulnerability RealPlayer RealVideo Renderer Remote Code Execution Vulnerability Arbitrary Code Execution and Memory Corruption Vulnerability in RealPlayer AAC Codec Arbitrary Code Execution Vulnerability in RealPlayer 14.0.0 and earlier Arbitrary Code Execution Vulnerability in RealPlayer 14.0.0 and earlier RV30 Codec Array Index Error Vulnerability Unspecified Arbitrary Code Execution Vulnerability in RealPlayer Arbitrary Code Execution Vulnerability in RealPlayer 14.0.0 and Earlier Arbitrary Code Execution Vulnerability in RealPlayer's RV10 Codec Unspecified Remote Code Execution Vulnerability in RealPlayer Arbitrary Code Execution Vulnerability in RealNetworks RealPlayer (CVE-XXXX-XXXX) Arbitrary Code Execution Vulnerability in RealPlayer Unspecified Index Value Initialization Vulnerability in RealPlayer Arbitrary Code Execution Vulnerability in RealPlayer's Cook Codec Arbitrary Code Execution Vulnerability in RealPlayer 14.0.0 and earlier Arbitrary Code Execution via Integer Underflow in RealPlayer MPG File Parsing Arbitrary Code Execution Vulnerability in RealPlayer 14.0.0 and earlier Heap Memory Corruption Vulnerability in RealPlayer Arbitrary Code Execution Vulnerability in RealPlayer 15.0.0 and Earlier Schneider Electric PowerChute Business Edition XSS Vulnerability Etomite 1.1 Cross-Site Scripting (XSS) Vulnerability Unspecified Cross-Site Scripting (XSS) Vulnerability in phpWebSite before 1.0.0 Untrusted Search Path Vulnerability in FFFTP before 1.98d Allows Privilege Escalation Multiple Cross-Site Scripting (XSS) Vulnerabilities in GoAhead Webserver 2.18 Unspecified Cross-Site Scripting (XSS) Vulnerability in A-Form PC and PC/Mobile before 3.1 Plug-ins for Movable Type Multiple Cross-Site Scripting (XSS) Vulnerabilities in iTop (aka IT Operations Portal) 1.1.181 and 1.2.0-RC-282 Bluetooth Contact Data Exposure Vulnerability Arbitrary Script Injection in CourseForum ProjectForum 7.0.1.3038 Arbitrary Code Injection through Tag Autocomplete in Moodle 1.9.x and 2.0.x Unauthenticated Access to Sensitive Information in Moodle 2.0.x Arbitrary Web Script Injection in Spike PHPCoverage Library Cross-Site Request Forgery (CSRF) Vulnerabilities in Moodle 2.0.x before 2.0.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Moodle 2.0.x before 2.0.2 Information Disclosure Vulnerability in Moodle 1.9.x and 2.0.x Information Disclosure Vulnerability in Moodle 2.0.x Arbitrary Course Deletion Vulnerability in Moodle 2.0.x Cross-Site Scripting (XSS) Vulnerabilities in Moodle Media-Filter Implementation Lack of Password Change Enforcement in Moodle 2.0.x Inadequate Association Implementation in Moodle Allows Unauthorized Access to Quiz Reports Information Disclosure Vulnerability in Moodle 2.0.x Arbitrary Web Script Injection in Moodle 1.9.x (CVE-XXXX-XXXX) Denial of Service Vulnerability in Moodle 2.0.x Denial of Service Vulnerability in Moodle 2.0.x Caching Vulnerability in Moodle Allows Unauthorized Write Access to Temporary Directory Arbitrary URL Redirection Vulnerability in Moodle Unauthenticated Privilege Escalation in Moodle 2.x Incorrect assignment of capabilities to the course-creator role in Moodle 2.0.x and 2.1.x allows remote authenticated users to modify course filters Improper Restriction of Comment Capabilities in Moodle 2.0.x and 2.1.x Cross-Site Request Forgery (CSRF) Vulnerabilities in Moodle Mod/Wiki Components Arbitrary Web Script Injection in Moodle's Wiki Comment Feature Improper Access Restriction in Moodle File Browser Component Unrecognized Forms API setConstant Operations Vulnerability in Moodle Bypassing Validation in MNET XMLRPC Client in Moodle 1.9.x, 2.0.x, and 2.1.x Improper Access Restrictions in Moodle 2.0.x and 2.1.x User Discovery Vulnerability in Moodle Chat Functionality Denial of Service Vulnerability in Moodle 1.9.x Arbitrary Script Injection in Moodle 1.9.x before 1.9.14 Arbitrary Web Script Injection in Moodle's mod/wiki/lang/en/wiki.php User Information Disclosure Vulnerability in Moodle Bypassing Access Restrictions in Moodle 2.0.x and 2.1.x Remote Code Execution in CMSMS News Module Access Key Validation Bypass in ResourceSpace before 4.2.2833 Cross-Site Scripting (XSS) Vulnerabilities in Review Board Commenting System Denial of Service Vulnerability in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 Unverified Attribute Exchange Information Modification Vulnerability Heap-based Buffer Overflow in Compression-Pointer Processing in nginx's ngx_resolver.c Unlocked Desktop Screen Vulnerability in Red Hat Enterprise Virtualization Manager (RHEV-M) Apache HTTP Server mod_proxy Reverse Proxy Vulnerability Dovecot SSL/TLS Proxy Spoofing Vulnerability Cross-site scripting (XSS) vulnerability in Ruby on Rails i18n translations helper method Denial of Service Vulnerability in mod_pubsub Module of ejabberd Weak Random Number Generation in Joomla! 1.5.x through 1.5.24 Password Reset Functionality Authentication Bypass Vulnerability in WebsiteBaker Backup Module (Versions up to 2.8.1) Denial of Service Vulnerability in Linux Kernel's encode_share_access Function NFS Implementation in Linux Kernel Prior to 2.6.31-rc6 Denial of Service Vulnerability Denial of Service Vulnerability in Linux Kernel's udp6_ufo_fragment Function OpenSSH Vulnerability: Information Disclosure via ssh-rand-helper Weak Permissions and Predictable Names for Cookie Files in Gnash Plugin Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dolibarr 3.1.0 Stack-based Buffer Overflow in hfs_mac2asc Function in Linux Kernel 2.6 Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Joomla! 1.6.3 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in LabWiki 1.1 and Earlier Arbitrary PHP File Upload Vulnerability in LabWiki 1.1 and Earlier Contao Multiple Cross-Site Scripting (XSS) Vulnerabilities in teachers.html and teachers/ Action XSS Vulnerability in Tiki Wiki CMS Groupware 7.0 via ajax Parameter in snarf_ajax.php Static Code Injection Vulnerability in translate.php in Support Incident Tracker (SiT!) 3.45-3.65 Unauthenticated Root Privilege Escalation in Shaman 1.0.9 Insecure Permissions for ipmievd.pid File in OpenIPMI Multiple Cross-Site Scripting (XSS) Vulnerabilities in Symphony CMS 2.2.3 and Earlier Versions SQL Injection Vulnerabilities in Symphony CMS 2.2.3 and Earlier Versions BackWPup Plugin for WordPress: Remote File Inclusion Vulnerability Remote Code Injection Vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2.1.4 Arbitrary Web Script Injection Vulnerability in Jenkins Core Namazu 2.0.21 XSS Vulnerability in Internet Explorer 6 and 7 Arbitrary Script Injection in Red Hat Network (RHN) Satellite 5.4.1 Custom Info Page Unauthenticated Access to PCI Configuration Space and BAR Resources in Linux Kernel Race condition in sctp_rcv function allows remote attackers to cause denial of service Multiple SQL Injection Vulnerabilities in colord Yaws 1.91 Directory Traversal Vulnerability Buffer Overflow Vulnerability in FFmpeg Versions 0.5.6 to 0.8.8 Integer Overflow Vulnerability in VP3 Decoder Out-of-bounds read vulnerability in FFmpeg and Libav VP5/VP6 stream parsing functions Incorrect Modular Reduction Algorithm in OpenSSL's Implementation of NIST Elliptic Curves Allows Remote Private Key Retrieval Privilege Escalation via Crafted Python Scripts in GNU Project Debugger (GDB) Privilege Escalation in Celery Versions 2.1-2.4.4 Format String Vulnerability in Python CGI Kit (neo_cgi.c) Allows Remote Code Execution Unspecified JSF Vulnerability in Oracle GlassFish Enterprise Server 3.0.1 and 3.1.1 Information Disclosure Vulnerability in MediaWiki Unauthenticated Information Disclosure in MediaWiki before 1.17.1 Integer Signedness Error in base64_decode Function in lighttpd HTTP Authentication Functionality Arbitrary File Overwrite Vulnerability in Proc::ProcessTable Module 0.45 Sierra VMD Decoder Buffer Overflow Vulnerability Directory Traversal Vulnerabilities in MyFaces JavaServer Faces (JSF) Arbitrary Web Script Injection Vulnerability in Adobe ColdFusion RDS Unspecified Remote Code Execution Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Heap Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution and Memory Corruption Vulnerability in Adobe Reader and Acrobat Arbitrary Code Execution via Integer Overflow in Adobe Reader 9.x on Linux CSRF Vulnerabilities in Zen Cart 1.3.9h Allow Remote Authentication Hijacking Directory Traversal Vulnerability in Jetty HTTP Server in vSphere Update Manager Insecure Connection Vulnerability in cupshelpers Scripts Privilege Escalation via Language Settings in Ubuntu AccountsService Package Insecure Certificate Validation in PPA.py Allows MITM Attackers to Spoof GPG Keys SSL Certificate Validation Vulnerability in Ubuntu Single Sign On Client SSL Certificate Validation Vulnerability in Ubuntu One Client Unrestricted Environment Variable Size Vulnerability in Apache HTTP Server Arbitrary Command Execution via Directory Traversal in Merethis Centreon Lack of Salt in Password Hashing in Merethis Centreon before 2.3.2 Bypassing AppLocker Rules in Microsoft Windows Server 2008 R2 and Windows 7 Directory Browsing Vulnerability in IBM DB2 Tools 2.3.0 for z/OS Arbitrary Web Script Injection in Dell KACE K2000 System Deployment Appliance Vulnerability: Unencrypted Private Key Extraction in wxBitcoin and bitcoind Arbitrary SQL Command Execution in WikkaWiki 1.3.1 and 1.3.2 Arbitrary PHP Code Execution via File Upload in WikkaWiki 1.3.1 and 1.3.2 Directory Traversal Vulnerability in WikkaWiki 1.3.1 and 1.3.2 Arbitrary PHP Code Injection via User-Agent Header in WikkaWiki 1.3.1 and 1.3.2 CSRF vulnerability in WikkaWiki AdminUsers Component Allows Arbitrary User Account Deletion Arbitrary Code Execution via Crafted Order Parameter in PmWiki PageListSort Function Multiple Cross-Site Scripting Vulnerabilities in Tiki 8.0 RC1 and Earlier Multiple Cross-Site Scripting Vulnerabilities in Tiki 7.2 and Earlier User-Assisted Remote Information Disclosure in OWASP HTML Sanitizer Arbitrary Code Execution in Best Practical Solutions RT 3.6.x, 3.7.x, and 3.8.x before 3.8.12 and 4.x before 4.0.6 Vulnerability: Group Membership Bypass in Best Practical Solutions RT Arbitrary SQL Command Execution in Best Practical Solutions RT Denial of Service Vulnerability in Jetty 8.1.0.RC2 and Earlier Denial of Service Vulnerability in Plone 4.1.3 and Earlier Arbitrary Web Script Injection Vulnerability in IBM Lotus Mobile Connect (LMC) 6.1.4 Denial of Service Vulnerability in Cisco Unified Communications Manager (CUCM) and Cisco Business Edition SQL Injection Vulnerability in Cisco Unified Communications Manager (CUCM) and Cisco Business Edition Remote Code Execution Vulnerability in Aviosoft DTV Player 1.0.1.2 via Crafted .plf File Remote Password Disclosure Vulnerability in ASUS RT-N56U Router CSRF Vulnerability in Zenprise Device Manager Allows Unauthorized Device Wiping Arbitrary Port Mapping Vulnerability in Cisco Linksys WRT54G and WRT54GS Routers Remote Firewall Administration Vulnerability in Cisco Linksys WRT54GX Arbitrary Port Mapping Vulnerability in Edimax, Canyon-Tech, Sitecom, and Sweex Routers Remote Command Execution Vulnerability in Edimax EdiLinux UPnP IGD Implementation Arbitrary Port Mapping Vulnerability in Broadcom Linux on Sitecom WL-111 Arbitrary Port Mapping Vulnerability in ZyXEL P-330W UPnP IGD Implementation Arbitrary Port Mapping Vulnerability in SpeedTouch 5x6 Devices Arbitrary Port Mapping Vulnerability in Thomson TG585 (Technicolor) with Firmware 7.x before 7.4.3.2 Unencrypted Wireless Network Vulnerability in D-Link DIR-685 Router Predictable Authentication Tokens in Siemens WinCC HMI Web Server Default Password Vulnerability in Siemens WinCC HMI Web Server Arbitrary Web Script Injection Vulnerability in Siemens WinCC Flexible and TIA Portal Arbitrary Web Script Injection Vulnerability in Siemens WinCC Flexible and TIA Portal CRLF Injection Vulnerability in Siemens WinCC Flexible and TIA Portal HMI Web Server Arbitrary Code Execution Vulnerability in Siemens WinCC Flexible and TIA Portal Unauthenticated Access Vulnerability in Siemens WinCC Flexible and SIMATIC HMI Panels Reversible Password Storage Vulnerability in Siemens WinCC (TIA Portal) 11 Heap-based Buffer Overflow in jpc_cox_getcompparms function in JasPer 1.900.1 Heap-based Buffer Overflow in JasPer JPEG2000 Library Arbitrary File Read Vulnerability in MICROSYS PROMOTIC Web Server Stack-based Buffer Overflow in MICROSYS PROMOTIC ActiveX Component Heap-based Buffer Overflow in MICROSYS PROMOTIC ActiveX Component Remote SQL Injection Vulnerability in Advantech/BroadWin WebAccess Arbitrary Web Script Injection Vulnerability in Advantech/BroadWin WebAccess before 7.0 Arbitrary Web Script Injection Vulnerability in Advantech/BroadWin WebAccess before 7.0 Remote Code Execution Vulnerability in Advantech/BroadWin WebAccess Arbitrary Web Content Extraction and Execution in Advantech/BroadWin WebAccess Buffer Overflow Vulnerability in Advantech/BroadWin WebAccess ActiveX Control Unbound DNS Server Denial of Service Vulnerability Buffer Overflow Vulnerabilities in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 Denial of Service Vulnerability in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 Denial of Service Vulnerability in Siemens Automation License Manager (ALM) 4.0 through 5.1+SP1+Upd1 Arbitrary File Overwrite Vulnerability in Siemens Automation License Manager (ALM) Remote Code Execution Vulnerability in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 (CVE-2021-25240) Remote Code Execution and Denial of Service Vulnerability in Ing. Punzenberger COPA-DATA zenon 6.51 SP0 (CVE-2021-25212) Buffer Overflow Vulnerability in TurboPower Abbrevia: Remote Code Execution via Crafted ZIP File Heap-based Buffer Overflow in WellinTech KingView HistoryServer.exe Multiple Buffer Overflows in 7T IGSS SCADA System 9.0.0.11355 and Earlier Information Disclosure Vulnerability in Lexmark X, W, T, E, and C Devices (CVE-2012-02-09) Denial of Service Vulnerability in ISC DHCP 4.x and 4.1-ESV Cross-Site Scripting (XSS) Vulnerabilities in AtMail Open 1.04 Arbitrary Web Script Injection in Hastymail2 2.1.1 before RC2 Arbitrary Command Execution in Hastymail2 2.1.1 Multiple Directory Traversal Vulnerabilities in osCommerce 3.0.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Prestashop CRLF Injection Vulnerability in Prestashop 1.4.4.1's admin/displayImage.php Cross-Site Scripting (XSS) Vulnerabilities in Zen Cart 1.3.9h with Debugging Enabled Unspecified Vulnerabilities in Google Chrome on Acer AC700, Samsung Series 5, and Cr-48 Chromebook Platforms Arbitrary Web Script Injection in TikiWiki CMS/Groupware Cross-Site Scripting (XSS) Vulnerabilities in One Click Orgs before 1.2.3 Open Redirect Vulnerabilities in One Click Orgs: Remote Attackers Can Conduct Phishing Attacks One Click Orgs 1.2.3 and Earlier: Remote Authenticated SMTP Traffic Triggering Vulnerability Email Address Spoofing Vulnerability in One Click Orgs Arbitrary PHP Code Execution in Tiki 8.2 and Earlier SQL Injection Vulnerability in vTiger CRM Calendar Module Arbitrary Script Injection in Petition Node Module for Drupal Phorum 5.2.18 admin.php Cross-Site Scripting (XSS) Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Redirection Plugin 2.2.9 for WordPress Cross-site scripting (XSS) vulnerability in JAKCMS 2.0.4.1 and earlier versions allows remote attackers to inject arbitrary web script or HTML via userpost parameter in PM request Arbitrary Web Script Injection in Active CMS 1.2 Admin Script Multiple Cross-Site Scripting (XSS) Vulnerabilities in XOOPS 2.5.1.a and Earlier Versions Integer Overflow in exif_process_IFD_TAG Function in PHP 5.4.0beta2 Allows Remote Memory Read or Denial of Service Arbitrary Script Injection in Zen Cart's tpl_gv_send_default.php Template Flowplayer Plugin for WordPress Cross-Site Scripting (XSS) Vulnerability in view/frontend-head.php SQL Injection Vulnerability in Userbar Plugin 2.2 for MyBB Forum SQL Injection Vulnerability in Time Returns Component for Joomla! Arbitrary SQL Command Execution in Estate Agent Component for Joomla! Cross-site scripting (XSS) vulnerability in CF Image Hosting Script 1.3.82 and 1.4.1 Inadequate Permission Enforcement in Red Hat JBoss Operations Network (JON) Allows Unauthorized Deletion of Plug-in Configuration Updates Virtual Machine Hosts Disabling RDTSC Instruction Vulnerability Arbitrary Web Script Injection Vulnerability in JBoss Enterprise Application Platform (EAP) and Related Platforms Padding Oracle Attack in OpenSSL Denial of Service Vulnerability in OpenSSL with RFC 3779 Support Insecure Umask Setting in acpid Event Handler Scripts Memory corruption vulnerability in svq1_decode_frame function in FFmpeg and Libav Unspecified Cross-Site Scripting (XSS) Vulnerabilities in Red Hat JBoss Enterprise Portal Platform before 5.2.0 Username Disclosure Vulnerability in Moodle Wiki Open Redirect Vulnerability in Moodle Calendar Set Page Information Disclosure Vulnerability in Moodle 2.0.x and 2.1.x Moodle MNET Authentication Impersonation Vulnerability Insecure Password Change Form in Moodle 1.9.x CRLF Injection Vulnerability in Moodle Calendar Subsystem Password Policy Bypass Vulnerability in Moodle 1.9.x, 2.0.x, and 2.1.x Incorrect Data Type in ip_in_range Function Allows Bypass of IP Address Restrictions in Moodle 1.9.x Course ID Number Overwrite Vulnerability in Moodle 2.0.x and 2.1.x Bypassing Access Restrictions in Moodle Web Services Implementation Arbitrary web script injection vulnerability in Moodle print_object function Bypassing IP Address Restrictions in Moodle Cron Implementation User E-mail Address Disclosure in Moodle Messaging Interface Denial of Service Vulnerability in Linux Kernel's __sys_sendmsg Function XSS Vulnerability in Pretty-Link WordPress Plugin 1.5.2 Arbitrary File Overwrite Vulnerabilities in OpenStack Nova Username Enumeration Vulnerability in Asterisk SIP over UDP Implementation NULL pointer dereference and daemon crash vulnerability in Asterisk Open Source 1.6.2.x and 1.8.x Arbitrary Code Execution via Stack-based Buffer Overflow in ICU's _canonicalize Function Inadequate Firewall Rule Handling in libvirt Network Bridge Driver Denial of Service Vulnerability in Pidgin's Oscar Protocol Plugin Denial of Service Vulnerability in Pidgin XMPP Protocol Plugin Denial of Service Vulnerability in SILC Protocol Plugin in Pidgin Memory Corruption Vulnerability in bat_socket_read Function Unrestricted Write Access Vulnerability in JBoss Enterprise Application Platform and Related Platforms Local File Overwrite Vulnerability in Rocks'n'Diamonds 3.3.0.1 Sensitive Process Memory Leakage in PuTTY 0.59 through 0.61 Arbitrary Virtual Host Registration Vulnerability in mod_cluster Denial of Service Vulnerability in glibc's svc_run Function Denial of Service Vulnerability in JBoss Web with Crafted UTF-8 and Surrogate Pair Character Integer Overflow in perf_event_interrupt Function in Linux Kernel Remote Code Injection in Icecast Server Local Privilege Escalation Vulnerability in X.Org X Wrapper Remote File Inclusion Vulnerability in TYPO3 Workspaces Extension Multiple Cross-Site Scripting (XSS) Vulnerabilities in Zabbix HTML-Template-Pro Module XSS Vulnerability Arbitrary File Overwrite Vulnerability in virtualenv.py Arbitrary Script Injection in Advanced Text Widget Plugin for WordPress Denial of Service Vulnerability in OpenSSL's Server Gated Cryptography (SGC) Implementation Buffer Overflow in ulSetError Function in PLIB 1.8.5 Allows Remote Code Execution Clock-Update Optimization Vulnerability in Linux Kernel NULL pointer dereference vulnerability in KVM's create_pit_timer function Heap-based Buffer Overflow in rsCStrExtendBuf Function in rsyslog Arbitrary Script Injection Vulnerability in GRAND FlAGallery Plugin for WordPress XML Encryption Vulnerability in simplesamlphp Arbitrary Web Script Injection in TYPO3 typolink Function Information Disclosure Vulnerability in TYPO3 Backend Authentication Bypass Vulnerability in TYPO3 Arbitrary Web Script Injection in TYPO3 Admin Panel Arbitrary Web Script Injection in TYPO3 browse_links Wizard Arbitrary Web Script Injection in TYPO3 System Extension Recycler Arbitrary Web Script Injection in TYPO3 Flash Message Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin 3.4.x before 3.4.8 Multiple SQL Injection Vulnerabilities in SpamTitan WebTitan Arbitrary Command Execution in SpamTitan WebTitan Tools.php Directory Traversal Vulnerability in SpamTitan WebTitan Allows Remote File Read Arbitrary Code Execution via mappy.py in Splunk Web (SPL-45172) Directory Traversal Vulnerabilities in Splunk 4.x before 4.2.5 (SPL-45243) Unauthenticated Remote File Read and Command Execution in Splunk 4.2.5 and Earlier SQL Injection Vulnerability in WP-PostRatings Plugin for WordPress Geeklog 1.8.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Story Creation Feature Excessive Logging Vulnerability in Cisco Data Center Network Manager Default Root Password Vulnerability in Cisco TelePresence Software Memory Leak Vulnerability in Cisco IOS with Cisco ISR Web Security and User Authentication NTLM Unencrypted Packet Leakage Vulnerability in Cisco IOS and Cisco NX-OS Arbitrary Code Execution Vulnerability in IBM Tivoli Netcool/Reporter 2.2 Arbitrary SQL Command Execution in WordPress Users Plugin 1.3 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in vTiger CRM 5.2.1 and Earlier SQL Injection Vulnerability in AdRotate Plugin for WordPress Multiple SQL Injection Vulnerabilities in Valid tiny-erp 1.6 and Earlier Arbitrary SQL Command Execution in Jetpack Plugin for WordPress Arbitrary SQL Command Execution in Zabbix 1.8.3 and 1.8.4 via popup.php Path Traversal Vulnerability in Widelands Filesystem Pathname Canonicalization Unattended Workstation Access Vulnerability in One Click Orgs User Account Enumeration Vulnerability in One Click Orgs Bypassing Access Restrictions in vtiger CRM Leads Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in Vtiger CRM Customer Portal Same Origin Policy Bypass in Opera before 11.60 Same Origin Policy Bypass in Opera JavaScript Engine Unspecified Vulnerability in Opera Before 11.60 with Unknown Impact and Attack Vectors Opera before 11.60 Vulnerability: Improper Certificate Revocation Handling Dragonfly Denial of Service Vulnerability in Opera Unspecified Denial of Service Vulnerability in Opera Web Workers Implementation Denial of Service Vulnerability in Opera Browser (pre-11.60) Same Origin Policy Violation Timing Disclosure in Mozilla Firefox Same Origin Policy Violation Timing Vulnerability in Microsoft Internet Explorer 6-9 Same Origin Policy Violation Timing Disclosure in Opera 11.60 and Earlier Same Origin Policy Violation Timing Vulnerability in Google Chrome Image Loading Time Information Disclosure Vulnerability Unspecified Remote Code Execution Vulnerability in Adobe Flash Player 11.1.102.55 Unspecified Remote Code Execution Vulnerability in Adobe Flash Player 11.1.102.55 Unspecified privilege escalation vulnerability in Microsoft Windows 7 SP1 with Java installed Arbitrary File Creation Vulnerability in Eye-Fi Helper Insecure Data Protection in Xiaomi MiTalk Messenger Application Insecure Data Protection in AndroidAppTools Easy Filter Application Allows Unauthorized Access Twidroyd Legacy Android App Vulnerability: Unauthorized Access and Modification of Twitter Data Insecure Data Protection in UberMedia UberSocial Android App Insecure Data Protection in CallConfirm (jp.gr.java_conf.ofnhwx.callconfirm) Application 2.0.0 for Android Insecure Data Protection in Nimbuzz Android App Allows Contact List Manipulation Insecure Data Protection in Limit My Call (com.limited.call.view) Application 2.11 for Android Insecure Data Protection in Voxofon Android App Allows SMS Manipulation Data Leakage and Manipulation Vulnerability in Ming Blacklist Free (vc.software.blacklist) Application for Android Cross-Site Scripting (XSS) Vulnerabilities in SAP Netweaver Virus Scan Interface Arbitrary Web Script Injection Vulnerability in IBM Rational Asset Manager Multiple Cross-Site Scripting (XSS) Vulnerabilities in Hotaru CMS Search Plugin 1.3 SQL Injection Vulnerabilities in Pixie CMS 1.01 through 1.04 Directory Traversal Vulnerabilities in Namazu.cgi: Arbitrary File Read Oxide WebServer Directory Traversal Vulnerability Directory Traversal Vulnerability in osCSS2 2.1.0 and Earlier Virtual Vertex Muster Directory Traversal Vulnerability Directory Traversal Vulnerability in Koha and LibLime Koha DreamBox DM800 Directory Traversal Vulnerability Arbitrary Directory Deletion Vulnerability in zFTPServer Suite 6.0.0.52 Session Fixation Vulnerability in PHP Sessions Subsystem Unspecified Vulnerabilities in Google Chrome on Acer AC700, Samsung Series 5, and Cr-48 Chromebook Platforms Hillstone HS TFTP Server 1.3.2 Denial of Service Vulnerability Arbitrary File Read Vulnerability in Ipswitch WhatsUp Gold TFTP Server 1.0.0.24 Cleartext Password Storage Vulnerability in D-Link DIR-300 Router SQL Injection Vulnerabilities in Parallels Plesk Panel 10.2.0_build1011110331.18 Cross-Site Scripting (XSS) Vulnerabilities in Parallels Plesk Panel 10.2.0_build1011110331.18 Server Administration Panel XML Parsing Vulnerability in Parallels Plesk Panel 10.2.0_build1011110331.18 Insecure Cookie Handling in Parallels Plesk Panel 10.2.0_build1011110331.18 Missing HTTPOnly Flag in Parallels Plesk Panel 10.2.0_build1011110331.18 Insecure Autocomplete Feature in Parallels Plesk Panel 10.2.0_build1011110331.18 Insecure Display of Sensitive Information in Parallels Plesk Panel 10.2.0_build1011110331.18 Missing Content-Type Charset Parameter Vulnerability in Parallels Plesk Panel 10.2.0_build1011110331.18 Incorrect Content-Type Headers in Parallels Plesk Panel 10.2.0_build1011110331.18 Multiple SQL Injection Vulnerabilities in Parallels Plesk Panel 10.2.0 Build 20110407.20 Control Panel Cross-Site Scripting (XSS) Vulnerabilities in Parallels Plesk Panel 10.2.0 Cleartext Password Input Vulnerability in Parallels Plesk Panel 10.2.0 Sensitive Information Exposure in Parallels Plesk Panel 10.2.0 Missing HTTPOnly Flag in Parallels Plesk Panel 10.2.0 Build 20110407.20 Insecure Autocomplete Feature in Parallels Plesk Panel 10.2.0 Cross-Domain Referer Leakage Vulnerability in Parallels Plesk Panel 10.2.0 Sensitive Information Disclosure in Parallels Plesk Panel 10.2.0 Information Disclosure Vulnerability in Parallels Plesk Panel 10.2.0 Missing Content-Type Charset Parameter Vulnerability in Parallels Plesk Panel 10.2.0 Incorrect Content-Type Headers in Parallels Plesk Panel 10.2.0 Build 20110407.20 Cross-Site Scripting (XSS) Vulnerabilities in Parallels Plesk Panel 10.3.1_build1013110726.09 Billing System SSL 2.0 Protocol Weakness in Parallels Plesk Panel 10.3.1_build1013110726.09 Weak CipherSuite List Vulnerability in Parallels Plesk Panel 10.3.1_build1013110726.09 Sensitive Information Disclosure in Parallels Plesk Panel 10.3.1_build1013110726.09 Insecure Autocomplete in Parallels Plesk Panel 10.3.1_build1013110726.09 Billing System Multiple Cross-Site Scripting (XSS) Vulnerabilities in SmarterTools SmarterStats 6.2.4100 Cross-Domain Referer Leakage in SmarterTools SmarterStats 6.2.4100 Incorrect Content-Type Headers in SmarterTools SmarterStats 6.2.4100 SQL Injection Vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 Cross-Site Scripting (XSS) Vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 XML Parsing Denial of Service Vulnerability in Parallels Plesk Small Business Panel 10.2.0 Missing HTTPOnly Flag in Parallels Plesk Small Business Panel 10.2.0 Set-Cookie Header Insecure Autocomplete Feature in Parallels Plesk Small Business Panel 10.2.0 Cleartext Password Input Vulnerability in Parallels Plesk Small Business Panel 10.2.0 Cross-Domain Referer Leakage in Parallels Plesk Small Business Panel 10.2.0 Information Disclosure Vulnerability in Parallels Plesk Small Business Panel 10.2.0 Missing Content-Type Charset Parameter Vulnerability in Parallels Plesk Small Business Panel 10.2.0 Incorrect Content-Type Headers in Parallels Plesk Small Business Panel 10.2.0 SQL Injection Vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 Site Editor Multiple Cross-Site Scripting (XSS) Vulnerabilities in Parallels Plesk Small Business Panel 10.2.0 Site Editor Missing HTTPOnly Flag in Parallels Plesk Small Business Panel 10.2.0 Site Editor Cookie Remote Code Disclosure in Parallels Plesk Small Business Panel 10.2.0 Information Disclosure Vulnerability in Parallels Plesk Small Business Panel 10.2.0 Unspecified Impact Vulnerability in Parallels Plesk Small Business Panel 10.2.0 Site Editor Insecure Data Protection in 360 MobileSafe Application for Android Insecure Data Protection in QIWI Wallet Android App Allows Financial Information Manipulation Data Leakage and Account Compromise in Scan to PDF Free (com.scan.to.pdf.trial) App 2.0.4 for Android Insecure Data Protection in 360 KouXin (com.qihoo360.kouxin) Android App 1.5.3 Insecure Data Protection in AnGuanJia (com.anguanjia.safe) Application 2.10.343 for Android Multiple Cross-Site Scripting (XSS) Vulnerabilities in Parallels Plesk Panel 10.4.4_build20111103.18 Control Panel Cross-site scripting (XSS) vulnerability in Parallels Plesk Panel 10.4.4_build20111103.18 Site Editor Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x before 4.2.5 (SPL-44614) Cross-Site Scripting (XSS) Vulnerabilities in phpMyAdmin 3.4.x Arbitrary Web Script Injection Vulnerability in phpMyAdmin 3.4.x Remote Code Execution Vulnerability in IDAPython Plugin Privilege Escalation Vulnerability in NVIDIA Stereoscopic 3D Driver HP LaserJet Printer Directory Traversal Vulnerability Arbitrary Program Download and Execution Vulnerability in HP Easy Printer Care Software Arbitrary Program Download and Execution Vulnerability in HP Easy Printer Care Software HP StorageWorks P2000 G3 MSA Array Systems Absolute Path Traversal Vulnerability Stack-based Buffer Overflow in HP LoadRunner Server (magentservice.exe) Allows Remote Code Execution Unspecified Remote Code Execution Vulnerability in HP Network Automation Arbitrary Code Execution Vulnerability in HP Data Protector Media Operations 6.11 and Earlier Directory Traversal Vulnerability in Serv-U FTP Server before 11.1.0.5 Allows Remote Authenticated Users to Access and Manipulate Arbitrary Files and Directories SQL Injection Vulnerability in Authenex Strong Authentication System (ASAS) Server 3.1.0.2 and 3.1.0.3 Multiple SQL Injection Vulnerabilities in Dolibarr 3.1.0 RC and Earlier Versions Arbitrary SQL Command Execution in WPTouch Plugin for WordPress Directory Traversal Vulnerability in obSuggest Component for Joomla! Arbitrary Web Script Injection Vulnerability in SAP Crystal Report Server 2008 Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpAlbum 0.4.1.16 and Earlier via main.php Arbitrary File Read Vulnerability in phpAlbum 0.4.1.16 and Earlier SQL Injection Vulnerability in HM Community Component for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in HM Community Component for Joomla! Directory Traversal Vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x SQL Injection Vulnerability in pokaz_podkat.php in BestShopPro Arbitrary Web Script Injection Vulnerability in BestShopPro's nowosci.php Directory Traversal Vulnerability in WHMCompleteSolution (WHMCS) 3.x.x Multiple Cross-Site Scripting (XSS) Vulnerabilities in Dolibarr 3.1.0 RC and Earlier Versions Denial of Service Vulnerability in Ruby (CRuby) 1.8.7-p357 Arbitrary SQL Command Execution Vulnerability in IBM Maximo Asset Management and Related Products Username Disclosure Vulnerability in IBM Maximo Asset Management and Related Products Open Redirect Vulnerability in IBM Maximo Asset Management and Asset Management Essentials Cross-Site Scripting (XSS) Vulnerabilities in IBM Maximo Asset Management and Asset Management Essentials Remote Code Execution Vulnerability in IBM Rational Asset Manager 7.5 Directory Traversal Vulnerability in D-Link DIR-601 Wireless N150 Home Router Firmware 1.02NA Cross-Site Scripting (XSS) Vulnerabilities in Atlassian FishEye User Profile Feature SQL Injection Vulnerabilities in Vik Real Estate Component for Joomla! SQL Injection Vulnerability in Cacti auth_login.php Allows Remote Code Execution Static Code Injection Vulnerability in Ajax File and Image Manager SQL Injection Vulnerability in AutoSec Tools V-CMS 1.0 Cross-Site Scripting (XSS) Vulnerabilities in AutoSec Tools V-CMS 1.0 Arbitrary Code Execution via Unrestricted File Upload in AutoSec Tools V-CMS 1.0 SQL Injection Vulnerability in Barter Sites Component 1.3 for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in Barter Sites Component 1.3 for Joomla! Web File Browser 0.4b14 - Directory Traversal Vulnerability CaupoShop Pro and Classic Directory Traversal Vulnerability SQL Injection Vulnerabilities in SugarCRM Leads Module Privilege Escalation Vulnerability in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris Arbitrary File Access Vulnerability in HomeSeer HS2 2.5.0.20 Web Interface Arbitrary Code Injection through Cross-Site Scripting (XSS) in HomeSeer HS2 2.5.0.20 HomeSeer HS2 2.5.0.20 Cross-Site Request Forgery (CSRF) Vulnerability JRuby Hash Collision Denial of Service Vulnerability SQL Injection Vulnerability in Parallels Plesk Panel 10.4.4_build20111103.18 Control Panel Sensitive Information Exposure in Parallels Plesk Panel 10.4.4_build20111103.18 Insecure Cookie Handling in Parallels Plesk Panel 10.4.4_build20111103.18 Missing HTTPOnly Flag in Parallels Plesk Panel 10.4.4_build20111103.18 Control Panel Cookie Insecure Autocomplete Feature in Parallels Plesk Panel 10.4.4_build20111103.18 Control Panel Cross-Domain Referer Leakage Vulnerability in Parallels Plesk Panel 10.4.4_build20111103.18 Information Disclosure Vulnerability in Parallels Plesk Panel 10.4.4_build20111103.18 Unspecified Impact Vulnerability in Parallels Plesk Panel 10.4.4_build20111103.18 Missing Content-Type Charset Parameter Vulnerability in Parallels Plesk Panel 10.4.4_build20111103.18 Incorrect Content-Type Headers in Parallels Plesk Panel 10.4.4_build20111103.18 Control Panel Winamp in_mod.dll Plugin Heap-Based Buffer Overflow Vulnerability Apache Tomcat Denial of Service Vulnerability Hardcoded Password Vulnerability in Schneider Electric Quantum Ethernet Module Vulnerability: Weak Password Generation in Schneider Electric Quantum Ethernet Module Arbitrary Firmware Update Vulnerability in Schneider Electric Quantum Ethernet Module Buffer Overflow Vulnerability in libtelnet/encrypt.c in Telnetd Insecure Data Protection in Tencent QQPimSecure (com.tencent.qqpimsecure) Android App 3.0.2 Insecure Data Protection in Tencent MobileQQ (com.tencent.mobileqq) Android App 2.2 Insecure Data Protection in Tencent WBlog and MicroBlogPad Android Applications Insecure Data Protection in Kaixin001 Android App (Versions 1.3.1 and 1.3.3) Insecure Data Protection in Tencent QQPhoto Android App (CVE-2021-XXXX) Denial of Service Vulnerability in ISC DHCP with Dynamic DNS and IPv6 Lease Handling Denial of Service Vulnerability in Unbound DNS Resolver (CVE-2012-1191) Multiple Buffer Overflows in Invensys Wonderware InBatch ActiveX Controls Denial of Service Vulnerability in Open Automation Software OPC Systems.NET Vulnerability: Remote Retrieval of 802.1X Wi-Fi Credentials and SSID on Multiple HTC Android Devices Denial of Service Vulnerability in Certec EDV atvise Server MICROSYS PROMOTIC Use-After-Free Vulnerability in Project File Parsing Stack-based Buffer Overflow in Siemens WinCC Flexible and TIA Portal HMI Panels Directory Traversal Vulnerability in Siemens WinCC Flexible and SIMATIC HMI Panels Denial of Service Vulnerability in Siemens WinCC Flexible and TIA Portal HMI Panels Directory Traversal Vulnerability in Siemens WinCC Flexible and TIA Portal HMI Web Server Denial of Service and Arbitrary Memory Read Vulnerability in Siemens WinCC Flexible and TIA Portal Directory Traversal Vulnerability in Certec atvise webMI2ADS (webMI) Allows Remote File Read Null Pointer Dereference Vulnerability in Certec atvise webMI2ADS Denial of Service Vulnerability in Certec atvise webMI2ADS Denial of Service Vulnerability in Certec atvise webMI2ADS Denial of Service Vulnerability in PHP Hash Computation Arbitrary Web Script Injection Vulnerability in Imperva SecureSphere WAF 9.0 Weak Password Update Vulnerability in IBM WebSphere Application Server Denial of Service Vulnerability in IBM solidDB Server Tor Bridge Directory Enumeration Vulnerability Bridge Enumeration Vulnerability in Tor Bridge Misconfiguration Vulnerability in Tor Information Disclosure Vulnerability in Tor Relay Configuration Vulnerability: Brute-Force Attack via Inconsistent Error Messages in WordPress Installation Arbitrary Database Configuration and Remote Code Execution in WordPress 3.3.1 and Earlier Information Disclosure Vulnerability in TYPO3 Backend Arbitrary Information Extraction Vulnerability in TYPO3 Arbitrary File Deletion Vulnerability in TYPO3 Arbitrary Web Script Injection in TYPO3 RemoveXSS Function Improper Access Control in TYPO3 ExtDirect Endpoint Services Denial of Service Vulnerability in Apache ActiveMQ 5.6.0 Arbitrary PHP Code Execution via TinyMCE 3.0 Editor in Joomla! Joomla! 1.5x through 1.5.12: JEXEC Check Vulnerability Arbitrary File Upload Vulnerability in TinyBrowser Plugin for Joomla! Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joomla! before 1.5.12 Arbitrary Web Script Injection Vulnerability in Joomla! before 1.5.12 Unspecified File Vulnerability in Joomla! before 1.5.12 Automated Mail Timeout Bypass in Joomla! com_mailto 1.5.x through 1.5.13 Integer Underflow and Buffer Overflow Vulnerability in Linux Kernel's rose_parse_ccitt Function ROSE Protocol Implementation Vulnerability in Linux Kernel Sensitive Keystroke Information Disclosure in Linux Kernel through /proc/interrupts Sensitive Keystroke Information Disclosure Vulnerability in Linux Kernel Information Disclosure Vulnerability in Linux Kernel through 3.1 via /proc/stat Multiple Cross-Site Scripting (XSS) Vulnerabilities in Elxis CMS 2009.2, 2009.3, and 2009.3 Aphrodite Information Disclosure Vulnerability in mpack 1.6: Eavesdropping on Sent Emails Multiple Cross-Site Scripting (XSS) Vulnerabilities in e107 0.7.26 and Earlier Versions Arbitrary SQL Command Execution in usersettings.php in e107 0.7.26 and Earlier Versions Sensitive Information Exposure in Cipher API of Pidgin Arbitrary Web Script Injection in BackupPC View.pm Incomplete fix for Cross-site scripting (XSS) vulnerability in Zope versions 2.8.x to 2.12.x and 3.1.1 to 3.4.1 Remote User Impersonation Vulnerability in TORQUE Resource Manager Arbitrary Web Script Injection in Adminimize Plugin for WordPress Unspecified Information Disclosure Vulnerability in Redmine Bazaar Repository Adapter Redmine Textile Formatter XSS Vulnerability Arbitrary Command Execution Vulnerability in Redmine Bazaar Repository Adapter Multiple Format String Vulnerabilities in Condor 7.2.0 through 7.6.4 and possibly certain 7.7.x versions Insufficient Password Length Generation Vulnerability Eval Injection Vulnerability in ImpressPages CMS 1.0.12 and Earlier Versions Inadequate Error Checking in Joomla! 1.7.1 Leads to Core Information Disclosure Multiple Cross-Site Scripting (XSS) Vulnerabilities in Ariadne 2.7.6 NULL Pointer Dereference and Application Crash Vulnerability in Pidgin's Chat Room Nickname Change Function Cross-Site Scripting (XSS) Vulnerability in SimpleHTTPServer in Python Unspecified Remote Code Execution Vulnerability in Piwik 1.2 through 1.4 Geeklog 1.7.1sr1 Multiple Cross-Site Scripting (XSS) Vulnerabilities in admin/configuration.php Unspecified Remote Code Execution Vulnerability in ImpressPages CMS v1.0.12 Race condition vulnerability in Python 2.6 through 3.2 allows local users to obtain credentials by reading world-readable ~/.pypirc file. Default AdminIdentities in PolicyKit 0.103 Allows Local Users to Gain Root Privileges Without Authentication SQL Injection Vulnerability in e107 User Extended Module CSRF Vulnerability in e107 Admin Panel Allows XSS Injection Arbitrary File Read Vulnerability in EGroupware Enterprise Line (EPL) and Community Edition SQL Injection Vulnerability in EGroupware Enterprise Line (EPL) and Community Edition Arbitrary Web Script Injection in EGroupware Enterprise Line and Community Edition Open Redirect Vulnerability in EGroupware Enterprise Line (EPL) and Community Edition Cobbler: Django Web Interface Vulnerable to CSRF Attacks Arbitrary Code Execution Vulnerability in Cobbler's set_mgmt_parameters Function Cobbler Local Privilege Escalation via Insecure PYTHON_EGG_CACHE Location Cross-Site Scripting (XSS) Vulnerabilities in bSuite Plugin for WordPress Arbitrary Web Script Injection Vulnerability in WordPress before 3.1.1 Denial of Service Vulnerability in WordPress make_clickable Function Cross-site scripting (XSS) vulnerability in SSViewer.php in SilverStripe before 2.3.13 and 2.4.x before 2.4.6 SQL Injection Vulnerability in SilverStripe 2.3.x and 2.4.x Arbitrary SQL Command Execution in SilverStripe Folder::findOrMake Method Privilege Escalation via TreeMultiselectField in SilverStripe Arbitrary Code Execution via Crafted Cookie in SilverStripe 2.4.x Access Restriction Bypass Vulnerability in nginx/Windows Password Expiration Bypass Vulnerability in FreeRADIUS Package Hash Collision DoS Vulnerability in tog-Pegasus Unverified Peer Identity in Nginx HTTP Proxy Module: Facilitating Man-in-the-Middle Attacks Arbitrary Script Injection Vulnerability in jQuery 1.6.3 and Earlier Multiple SQL Injection Vulnerabilities in LCG Disk Pool Manager (DPM) before 1.8.6 Denial of Service Vulnerability in Memcached 1.4.5 and Earlier Improper Access Control in CKEditor Module for Drupal Allows Remote File Read Authentication Bypass Vulnerability in mod_nss 1.0.8: Remote Identity Assumption via Certificate and Default Password Denial of Service Vulnerability in OpenSSH 5.8 and Earlier with gssapi-with-mic Authentication Remote Code Execution Vulnerability in Trend Micro Control Manager 5.5 Multiple stack-based buffer overflows in Final Draft 8 before 8.02: Remote code execution via .fdx or .fdxt files Stack-based Buffer Overflow in Avid Media Composer Phonetic Indexer Arbitrary Code Execution via Unrestricted File Upload in Fabrik Component for Joomla Unrestricted File Upload Vulnerability in QuiXplorer 2.3 and Earlier Remote Code Execution Vulnerability in QQPlayer 3.2.845 via Crafted PnSize Value in MOV File Remote Code Execution Vulnerability in 3S CoDeSys 3.4 SP4 Patch 2 and Earlier Heap-based Buffer Overflow in 3S CoDeSys 3.4 SP4 Patch 2 GatewayService Component Denial of Service Vulnerability in 3S CoDeSys 3.4 SP4 Patch 2 Control Service Arbitrary Command Execution in Ctek SkyRouter 4200 and 4300 via cfg_ethping.cgi Cross-Site Request Forgery (CSRF) Vulnerabilities in xt:Commerce 3.0.4 SP2.1 and Earlier Heap-based Buffer Overflow in Reflection FTP Client XSS Vulnerability in Koala Framework (before 2011-11-21) via request_uri Parameter Arbitrary Web Script Injection Vulnerability in Textpattern CMS 4.4.1 SQL Injection Vulnerability in Online TV Database 2011: Exploiting the ID Parameter PHPIDS before 0.7 Vulnerability: Bypassing Rulesets and Adding PHP Sequences SQL Injection Vulnerability in Pligg CMS 1.1.2 search.php Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 via PATH_INFO in search program Arbitrary Web Script Injection Vulnerability in Mailman/htdig Integration Patch Multiple Cross-Site Scripting (XSS) Vulnerabilities in Yaws 1.88 Wiki Application Arbitrary Script Injection in Winn GuestBook 2.4.8d Unspecified Cross-Site Scripting (XSS) Vulnerability in ZABBIX before 1.8.10 Directory Traversal Vulnerability in Novell Sentinel Log Manager 1.2.0.1_938 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in Simple PHP Blog 0.7.0 and Earlier Versions Arbitrary Web Script Injection in Meta Tags Quick Module for Drupal SQL Injection Vulnerabilities in cApexWEB 1.1 Servlet Denial of Service Vulnerability in WinMount 3.5.1018 Stack-based Buffer Overflow in CSF.c in ConfigServer Security & Firewall (CSF) Allows Denial of Service Apache Geronimo Denial of Service Vulnerability Denial of Service Vulnerability in Oracle Glassfish and Sun Java System Application Server Denial of Service Vulnerability in Rack Denial of Service Vulnerability in Google V8 Hash Computation SQL Injection Vulnerability in hitCode hitAppoint 4.5.17 and Earlier Versions Multiple SQL Injection Vulnerabilities in Infoproject Biznis Heroj Cross-Site Scripting (XSS) Vulnerabilities in Infoproject Biznis Heroj Cross-Site Scripting (XSS) Vulnerabilities in Pulse Pro CMS 1.7.2 Cross-site scripting (XSS) vulnerability in SASHA 0.2.0 via instructors parameter Denial of Service Vulnerability in TomatoSoft Free Mp3 Player 1.0 Weak Permissions in SopCast 3.4.7.45585 Diagnose.exe Allows Arbitrary Code Execution Arbitrary Script Injection in PHP Booking Calendar 10e's details_view.php GDI Access Violation Vulnerability Arbitrary Web Script Injection Vulnerability in pfSense status_rrd_graph.php Cross-Site Scripting (XSS) Vulnerabilities in IBM Web Experience Factory 7.0 and 7.0.1 MySQL 5.5.8 Windows Remote Denial of Service Vulnerability SQL Injection Vulnerability in Elitecore Technologies Cyberoam UTM Corporate/Controller Arbitrary Code Execution via Unrestricted File Upload in WP Symposium Plugin CoCSoft Stream Down 6.8.0 Remote Code Execution Vulnerability WPS PIN Authentication Vulnerability Arbitrary PAM Service Invocation Vulnerability in kcheckpass Denial of Service Vulnerability in MaraDNS 1.3.07.12 and 1.4.08 Denial of Service Vulnerability in MaraDNS through 2.0.04 Insecure Access Control in Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23 Arbitrary Directory Creation Vulnerability in CmbWebserver.dll Module of 3S CoDeSys 3.4 SP4 Patch 2 Stack-based Buffer Overflow in Final Draft 8 Allows Remote Code Execution via Crafted SmartType Element Insecure Temporary File Creation in PAR Module Arbitrary Code Execution in WHMCompleteSolution (WHMCS) via Crafted Ticket Subject Field HTTP Digest Access Authentication Bypass Vulnerability HTTP Digest Access Authentication Bypass Vulnerability in Apache Tomcat Hard-coded server secret in Apache Tomcat DigestAuthenticator Arbitrary Web Script Injection Vulnerability in IBM WebSphere Application Server (WAS) 6.1 Information Disclosure Vulnerability in IBM WebSphere Application Server (WAS) 6.1 Sensitive Information Disclosure in Support Incident Tracker (SiT!) 3.65 via move_uploaded_file.php CSRF Vulnerabilities in SiT! 3.65 Allow Remote User Hijacking Unrestricted File Upload Vulnerability in Support Incident Tracker (SiT!) 3.65 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Support Incident Tracker (SiT!) 3.65 Multiple SQL Injection Vulnerabilities in Support Incident Tracker (SiT!) before 3.64 Multiple SQL Injection Vulnerabilities in Support Incident Tracker (SiT!) before version 3.65 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Support Incident Tracker (SiT!) before 3.65 CSRF Vulnerabilities in Support Incident Tracker (SiT!) Allow Remote Authentication Hijacking Information Disclosure Vulnerability in Support Incident Tracker (aka SiT!) 3.45 through 3.65 via translate.php SQL Injection Vulnerability in HDWiki 5.0 and 5.1 Arbitrary Code Execution via Unrestricted File Upload in HDWiki 5.0 Unauthenticated Remote Account Manipulation in Sybase M-Business Anywhere Open Redirect Vulnerability in Modern FAQ Extension for TYPO3 Arbitrary Web Script Injection Vulnerability in TYPO3 Additional TCA Forms Extension Arbitrary Web Script Injection in BackupPC 3.1.0 and 3.2.1 Arbitrary Script Injection in s2Member Pro Plugin for WordPress Arbitrary Code Execution via Unrestricted File Upload in Dotclear 2.3.1 and 2.4.2 Arbitrary Web Script Injection Vulnerability in Movable Type 4.x and 5.x Unspecified Remote Data Read/Modify Vulnerability in Movable Type 4.x and 5.x Unspecified Function Vulnerability in Unitronics UniOPC Server Unspecified Remote File Read Vulnerability in AdAstrA TRACE MODE Data Center Workbench32/WebHMI Component SetTrustedZone Policy Vulnerability in GENESIS32 9.21 and BizViz 9.21 Buffer Overflow Vulnerability in ICONICS GENESIS32 and BizViz ActiveX Controls Unauthenticated Remote Data Modification and Deletion in GR Board 1.8.6.5 Community Edition Multiple SQL Injection Vulnerabilities in GR Board 1.8.6.5 Community Edition Arbitrary Code Execution and Privilege Escalation Vulnerability in Best Practical Solutions RT 3.8.x and 4.x Improper Implementation of DisallowExecuteCode Option in Best Practical Solutions RT 4.x before 4.0.6 Denial of Service Vulnerability in Mozilla Network Security Services (NSS) 3.x Insecure Diffie-Hellman Key Exchange Implementation in OpenSSL 0.9.8 with FIPS Mode Enabled Remote Code Execution Vulnerability in Avaya Aura Application Server 5300 Unauthenticated Remote Users Can Upload and Delete Cookbooks in Chef Server Improper Access Control in Chef Server API Allows Creation of Admin Clients Arbitrary SQL Command Execution in ccNewsletter (mod_ccnewsletter) Component for Joomla! Cookie Authentication Bypass Vulnerability in McAfee Firewall Reporter Rumor Technology in McAfee SaaS Endpoint Protection before 5.2.4 allows for remote email message relaying Remote Code Execution Vulnerability in TRITON Management Console Alurian Prismotube PHP Video Script SQL Injection Vulnerability Arbitrary Script Injection in WP e-Commerce Plugin (CVE-2021-12345) Cross-Site Scripting (XSS) Vulnerabilities in ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 EmployeeSearch.cc Arbitrary Script Injection in Flexible Custom Post Type Plugin for WordPress Arbitrary Web Script Injection in Alert Before Your Post Plugin for WordPress Arbitrary Web Script Injection Vulnerability in AdaptCMS 2.0.0 and 2.0.1 Multiple SQL Injection Vulnerabilities in Freelancer Calendar 1.01 and Earlier Multiple SQL Injection Vulnerabilities in Blogs Manager 1.101 and Earlier SQL Injection Vulnerabilities in Kajian Website CMS Balitbang 3.x SQL Injection Vulnerability in Alameda Component for Joomla! (com_alameda) before 1.0.1 Arbitrary SQL Command Execution in Techfolio Component 1.0 for Joomla! Cross-Site Scripting (XSS) Vulnerabilities in Barracuda Link Balancer 330 Firmware 1.3.2.005 and Earlier Arbitrary Web Script Injection Vulnerability in DLGuard Arbitrary SQL Command Execution via loggedInUser Cookie in SetSeed CMS Delay in Removal of Outdated and Invalid Credentials in Sophos Encryption Software Allows Full-Disk Encryption Bypass Race conditions in Comodo Internet Security before 5.8.213334.2131 allow local users to bypass Defense+ feature Race conditions in Comodo Internet Security before 5.8.211697.2124 allow local users to bypass Defense+ feature Denial of Service Vulnerability in Comodo Internet Security Unspecified X.509 Certificate Revocation Vulnerability in Comodo Internet Security Denial of Service Vulnerability in Comodo Internet Security Unvalidated Certificate Revocation in Comodo Internet Security Remote Code Execution Vulnerability in BCAAA Component of Blue Coat ProxySG Blue Coat Director XSS Vulnerability via HTTP TRACE Method Information Disclosure Vulnerability in Blue Coat ProxySG Arbitrary Code Execution via Directory Traversal in Blue Coat Reporter 9.x Cross-Site Scripting (XSS) Vulnerabilities in Adminimize Plugin for WordPress XChat 2.8.9 Heap-Based Buffer Overflow Vulnerability Arbitrary Command Execution in Family Connections CMS (FCMS) 2.5.0 - 2.7.1 CSRF Vulnerability in MyBB global.php Allows Language Hijacking MyBB before 1.6.5 Cross-Site Scripting (XSS) Vulnerability in Usernames via AJAX Unspecified Vulnerability in MyBB before 1.6.5: Unparsed User Avatar in Buddy List Unrestricted File Upload Vulnerability in JCE Component for Joomla! SQL Injection Vulnerabilities in DoceboLMS 4.0.4 and Earlier Arbitrary File Overwrite Vulnerability in EPractize Labs Subscription Manager Multiple SQL Injection Vulnerabilities in tForum b0.915 Arbitrary Web Script Injection in tForum b0.915 via XSS Vulnerability SQL Injection Vulnerability in Pre Studio Business Cards Designer Multiple SQL Injection Vulnerabilities in DiY-CMS Blog Module 1.0 Arbitrary File Inclusion Vulnerability in OBM 2.4.0-rc13 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in Open Business Management (OBM) 2.3.20 and Earlier Information Disclosure Vulnerability in Open Business Management (OBM) 2.4.0-rc13 and Earlier Multiple SQL Injection Vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and Earlier Local Privilege Escalation via Symlink Attack on /tmp/graph.dot in Bokken Static Code Injection Vulnerability in Ajax File Manager Module in FreeWebshop 2.2.9 R2 and Earlier Arbitrary Code Execution via Incomplete Blacklist Vulnerabilities in Simple File Upload Module for Joomla! Cross-Site Scripting (XSS) Vulnerabilities in SpamTitan 5.08 and Earlier Cross-Site Scripting (XSS) Vulnerabilities in SpamTitan 5.07 and Earlier Untrusted Search Path Vulnerability in ACDSee Picture Frame Manager 1.0 Build 81 Untrusted Search Path Vulnerabilities in ACDSee Photo Editor 2008 5.x Build 291 Untrusted Search Path Vulnerability in FotoSlate 4.0 Build 146 Untrusted Search Path Vulnerabilities in SAP GUI 6.4 through 7.2 Untrusted Search Path Vulnerability in Help & Manual 5.5.1 Build 1296 Untrusted Search Path Vulnerability in Effective File Search 6.7 Untrusted Search Path Vulnerability in Attachmate Reflection Privilege Escalation via Untrusted Search Path Vulnerabilities in DATEV Grundpaket Basis CD23.20 Geeklog admin/configuration.php XSS Vulnerability Arbitrary Web Script Injection Vulnerability in OpenEMR 4 setup.php Arbitrary PHP Code Execution via Unrestricted File Upload in OpenEMR 4 GOM Player 2.1.33.5071 Stack-based Buffer Overflow Vulnerability Buffer Overflow Vulnerability in Schneider Electric CitectSCADA and Mitsubishi MX4 SCADA Allows Arbitrary Code Execution Remote Code Execution Vulnerability in VanDyke Software AbsoluteFTP Arbitrary Code Execution via Crafted .wav File in Free MP3 CD Ripper Multiple Stack-Based Buffer Overflows in KnFTP 1.0.0 Heap-based Buffer Overflow in Tidestone Formula One ActiveX Control in Oracle Hyperion Strategic Finance SQL Injection Vulnerability in user.php in Banana Dance Arbitrary SQL Command Execution in SonicWall ViewPoint 6.0 SP2 CCMPlayer 1.5 Stack-Based Buffer Overflow Vulnerability Stack-based buffer overflow vulnerabilities in CyberLink Power2Go 7 and 8 Stack-based Buffer Overflow in StoryBoard Quick 6 Build 3786: Remote Code Execution Vulnerability Buffer Overflow in Bugbear Entertainment FlatOut 2005: Remote Code Execution via Long String in Title Field Buffer Overflow Vulnerability in Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) SQL Injection Vulnerability in Banana Dance's search.php Cross-Site Scripting (XSS) Vulnerabilities in Banana Dance's search.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in eSyndiCat Pro 2.3.05 Cross-Site Scripting (XSS) Vulnerabilities in Infoblox NetMRI Arbitrary Web Script Injection Vulnerability in Skysa App Bar Integration Plugin for WordPress Arbitrary Script Injection in ZooEffect WordPress Plugin (Version 1.01) Arbitrary Script Injection in ClickDesk Live Support - Live Chat Plugin 2.0 for WordPress Lanoba Social Plugin 1.0 for WordPress XSS Vulnerability SQL Injection Vulnerabilities in OrderSys 1.6.4 and Earlier: Remote Code Execution Multiple Cross-Site Scripting (XSS) Vulnerabilities in HP Network Node Manager i 9.10 Arbitrary Script Injection in Online Subtitles Workshop (version 2.0 rev 131) Arbitrary Code Injection through jbShop Plugin in e107 7 Arbitrary Code Injection in Support Ticketing System Module for Drupal Arbitrary Script Injection Vulnerability in Support Timer Module for Drupal Arbitrary Code Injection through Cross-Site Scripting (XSS) in Webform Validation Module for Drupal Multiple Cross-Site Scripting (XSS) Vulnerabilities in Social Book Facebook Clone 2010 Arbitrary Script Injection in Pretty Link Lite Plugin for WordPress Arbitrary Script Injection in Pretty Link Lite Plugin for WordPress Arbitrary Code Injection via WHOIS Widget in WordPress Whois Search Plugin Cross-Site Scripting (XSS) Vulnerability in WordPress Whois Search Plugin CSRF Vulnerability in Public Knowledge Project Open Conference Systems Allows PHP File Upload CSRF Vulnerability in Open Journal Systems Allows PHP File Upload CSRF Vulnerability in Open Harvester Systems Allows Remote PHP File Upload SQL Injection Vulnerability in Neturf eCommerce Shopping Cart's search.php Arbitrary Web Script Injection Vulnerability in tinyguestbook's sign.php Multiple SQL Injection Vulnerabilities in DeDeCMS 5.6 Multiple SQL Injection Vulnerabilities in sign.php in TinyGuestbook Denial of Service Vulnerability in WinCDEmu 3.6 SQL Injection Vulnerability in Akiva WebBoard before 8 SR 1 via name parameter in WB/Default.asp Plaintext Password Storage Vulnerability in Akiva WebBoard 8.x Cross-Site Scripting (XSS) Vulnerability in Rapidleech 2.3 rev42 and Earlier Arbitrary Web Script Injection Vulnerability in Rapidleech notes.php Arbitrary Web Script Injection in TheCartPress Plugin for WordPress Directory Traversal Vulnerabilities in BackWPup Plugin for WordPress Arbitrary Web Script Injection Vulnerability in GraphicsClone Script Limny 3.0.0 Directory Traversal Vulnerability in admin/preview.php Cross-site scripting (XSS) vulnerability in Subrion CMS 2.0.4 poll module SQL Injection Vulnerability in Subrion CMS 2.0.4: Remote Code Execution via User Credentials Multiple SQL Injection Vulnerabilities in BrowserCRM 5.100.01 and Earlier Multiple Cross-Site Scripting (XSS) Vulnerabilities in BrowserCRM 5.100.01 and Earlier Arbitrary SQL Command Execution Vulnerability in Video Community Portal SQL Injection Vulnerability in SCORM Cloud For WordPress Plugin Directory Traversal Vulnerability in Hitachi JP1/ServerConductor/DeploymentManager Arbitrary SQL Command Execution in DotA OpenStats 1.3.9 and Earlier Arbitrary File Read Vulnerability in mPDF 5.3 and Earlier Arbitrary Web Script Injection in PHP-SCMS 1.6.8 and Earlier Arbitrary Script Injection in WebSVN getLog Function SQL Injection Vulnerability in PHP Flirt-Projekt 4.8: Remote Command Execution via rub Parameter CSRF Vulnerability in Cacti Logout Function Arbitrary SQL Command Execution Vulnerability in Sentinel Plugin 1.0.0 for WordPress Arbitrary Web Script Injection Vulnerability in WordPress Sentinel Plugin WordPress Sentinel Plugin 1.0.0 CSRF Vulnerability Allows Administrator Authentication Hijacking Stack-based Buffer Overflow in Enterasys Network Management Suite (NMS) Syslog Service Arbitrary Script Injection in appRain CMF 0.1.5 Search Module SQL Injection Vulnerability in appRain CMF 0.1.5 Forum Module SQL Injection Vulnerabilities in Seotoaster 1.9 and Earlier: Remote Code Execution IrfanView Heap-Based Buffer Overflow in TIFF Image Processing Arbitrary SQL Command Execution Vulnerability in Social Network Community 2 SQL Injection Vulnerability in mnoGoSearch before 3.3.12 via Hostname Parameter Insecure SSL Server Verification in Moneris eSelectPlus 2.03 PHP API PayPal WPS ToolKit SSL Server Spoofing Vulnerability Insecure SSL Certificate Verification in google-checkout-php-sample-code before 1.3.2 CiviCRM 4.0.5 and 4.1.1 SSL Server Spoofing Vulnerability SSL Server Spoofing Vulnerability in Magento 1.5 and 1.6.2 Insecure SSL Certificate Verification in Services_Twitter 0.6.3 Insecure SSL Certificate Verification in tmhOAuth Insecure SSL Certificate Verification in TwitterOAuth Off-by-one errors in t1lib's token and linetoken functions allow remote code execution XML External Entity (XXE) Injection in RESTEasy's readFrom Function Password Disclosure Vulnerability in Snare for Linux before 1.7.0 Arbitrary Web Script Injection Vulnerability in SNARE for Linux Agent Events Page CSRF Vulnerability in Snare for Linux Web Interface Open Redirect Vulnerability in vBulletin Forum Login Page Open Redirect Vulnerability in Orchard CMS LogOff Endpoint Arbitrary User Login Vulnerability in Dl Download Ticket Service 0.3-0.9 Unspecified Vulnerability in WordPress Connections Plugin (Version < 0.7.1.6) with Unknown Impact and Attack Vectors X3 CMS 0.4.3.1 and Earlier: Multiple Cross-Site Scripting (XSS) Vulnerabilities in admin/login Cross-site scripting (XSS) vulnerability in LimeSurvey allows remote attackers to inject arbitrary web script or HTML via tooltips in survey results. Cross-Site Scripting (XSS) Vulnerabilities in Classipress Theme for WordPress Multiple Cross-Site Scripting (XSS) Vulnerabilities in OrangeHRM before 2.6.11.2 Arbitrary SQL Command Execution in OrangeHRM CentralController.php Arbitrary Web Script Injection Vulnerability in SAP NetWeaver's SAP/BW/DOC/METADATA Arbitrary Web Script Injection in Axis M10 Series Network Cameras M1054 Firmware 5.21 and Earlier SQL Injection Vulnerability in SonicWALL Aventail prodpage.cfm Allows Remote Code Execution Arbitrary Web Script Injection in RetrieveMailExamples in SAP NetWeaver 7.30 and Earlier Arbitrary Web Script Injection in Lazyest Backup Plugin for WordPress Featurific For WordPress Plugin 1.6.2 XSS Vulnerability in cached_image.php SQL Injection Filter Bypass in Imperva SecureSphere Web Application Firewall (WAF) Cross-Site Scripting (XSS) Vulnerabilities in Xinha SpellChecker Module Denial of Service via Failed SSL Handshakes in Bip before 0.8.9 Arbitrary Code Injection through Validation Message in ProjectForge before 3.5.3 Unrestricted Publishing Vulnerability in WordPress before 3.0.6 Insecure Temporary File Creation in Pacemaker Configure Script SQL Injection Vulnerability in Domain Technologie Control (DTC) before 0.34.1 via vps_note parameter in logPushlet.php Arbitrary PHP Code Execution Vulnerability in Domain Technologie Control (DTC) Arbitrary Command Execution in Domain Technologie Control (DTC) Packager Privilege Escalation Vulnerability in Domain Technologie Control (DTC) Install Script Arbitrary SQL Command Execution in Domain Technologie Control (DTC) Multiple SQL Injection Vulnerabilities in Advanced Forum Signatures Plugin 2.0.4 for MyBB SQL Injection Vulnerability in Advanced Forum Signatures Plugin (afsignatures) 2.0.4 for MyBB CRLF Injection Vulnerability in Microsoft IIS CGI Implementation Stack-based Buffer Overflow Vulnerabilities in BOINC 6.13.x Message Leak Vulnerability in mIRC Prior to 7.22 Arbitrary Web Script Injection in Smoothwall Express Web Management Interface CSRF Vulnerability in Smoothwall Express Web Management Interface Allows Remote Authentication Hijacking Multiple Cross-Site Scripting (XSS) Vulnerabilities in BugFree 2.1.3 Arbitrary SQL Command Execution in Social Slider Plugin for WordPress Multiple Cross-Site Scripting (XSS) Vulnerabilities in HESK before 2.4.1 Buffer Overflow Vulnerabilities in ThreeDify Designer ActiveX Control Arbitrary File Write Vulnerability in ChilkatCrypt2 ActiveX Control Arbitrary File Write Vulnerability in IDrive Online Backup 3.4.0 Arbitrary File Write Vulnerability in Cygnicon.ViewControl.1 ActiveX Control Arbitrary File Execution and Manipulation Vulnerability in EaseWeFtp.FtpLibrary ActiveX Control Arbitrary File Write Vulnerability in ThreeDify Designer 5.0.2 Arbitrary File Write Vulnerability in LEADeMail.LEADSmtp.20 ActiveX Control Buffer Overflow Vulnerability in Gogago YouTube Video Converter 1.1.6 ActiveX Control Arbitrary Script Injection in Happy Chat 1.0 via profilo.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in TTChat 1.0.4 CSRF Vulnerabilities in Argyle Social 2011-04-26 Multiple Cross-Site Scripting (XSS) Vulnerabilities in poMMo Aardvark PR16.1 CSRF Vulnerability in poMMo Aardvark PR16.1 Allows Unauthorized Credential Modification Multiple Cross-Site Scripting (XSS) Vulnerabilities in PHPDug 2.0.0 CSRF Vulnerability in PHPDug 2.0.0 Allows Authentication Hijacking Arbitrary Web Script Injection via cms_username Cookie in Spitfire CMS 1.0.436 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sodahead Polls Plugin for WordPress Multiple Cross-Site Scripting (XSS) Vulnerabilities in CosmoShop ePRO 10.05.00 CSRF Vulnerability in CosmoShop ePRO 10.05.00 Allows Remote Authentication Hijacking Arbitrary Web Script Injection Vulnerability in PhotoSmash Plugin for WordPress SQL Injection Vulnerabilities in cdnvote-post.php Plugin for WordPress Arbitrary Script Injection Vulnerability in Wikipad 1.6.0 Arbitrary File Read Vulnerability in Wikipad 1.6.0 Wikipad 1.6.0 Cross-Site Request Forgery (CSRF) Vulnerability in pages.php Multiple Cross-Site Scripting (XSS) Vulnerabilities in Gollos 2.8 SQL Injection Vulnerabilities in Redaxscript 0.3.2: Remote Code Execution via password.php Sensitive Information Disclosure in Redaxscript 0.3.2 via templates/default/index.php CSRF Vulnerability in whCMS 0.115 alpha Allows Authentication Hijacking CSRF Vulnerability in Cambio 0.5a Nightly r37 Allows Authentication Hijacking Arbitrary Script Injection in editText.php in WonderCMS before 0.4 CSRF Vulnerabilities in diafan.CMS before 5.1 Improper Access Restriction to High-Rate Accelerometer Data in Google Chrome Denial of Service Vulnerability in scanf and Related Functions in glibc NULL pointer dereference vulnerability in Linux kernel's tty_open function Default Password Vulnerability in GE Healthcare Centricity Analytics Server 1.1 Weak Default Password for GE Healthcare Centricity PACS-IW SQL Server User Default and Insecure Passwords in TeraRecon Server for GE Healthcare Centricity PACS-IW Directory Traversal Vulnerability in BusyBox Tar Implementation Denial of Service Vulnerability in imlib2 1.4.9 and earlier Off-by-one vulnerability in Linux kernel before 3.1 leads to memory corruption in tcm_loop_make_naa_tpg() function CSRF Vulnerability in User-Access-Manager Plugin for WordPress XSS Vulnerability in Redirection Plugin for WordPress Admin Menu DRuby 1.8 Vulnerability: Mishandling of Syscall Sending Instance_eval vulnerability in Distributed Ruby (DRuby) 1.8