The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015
Security News

CVE-2004-0747

Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.

10/20/2004

CVE-2004-0746

Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user\'s HTTP session.

10/20/2004

CVE-2004-0688

Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.

10/20/2004

CVE-2004-0687

Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.

10/20/2004

CVE-2004-0559

The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.

10/20/2004

CVE-2004-0162

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.

10/20/2004

CVE-2004-0161

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients.

10/20/2004

CVE-2004-0053

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients.

10/20/2004

CVE-2004-0052

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.

10/20/2004

CVE-2004-0051

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.

10/20/2004

CVE-2003-1016

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.

10/20/2004

CVE-2003-1015

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.

10/20/2004

CVE-2003-1014

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients.

10/20/2004

CVE-2004-1618

Vypress Tonecast 1.3 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed mp2 stream.

10/19/2004

CVE-2004-1353

Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges.

10/19/2004

CVE-2004-1621

** DISPUTED **  NOTE: this issue has been disputed by the vendor.  Cross-site scripting (XSS) vulnerability in IBM Lotus Notes R6 and Domino R6, and possibly earlier versions, allows remote attackers to execute arbitrary web script or HTML via square brackets at the beginning and end of (1) computed for display, (2) computed when composed, or (3) computed text element fields.  NOTE: the vendor has disputed this issue, saying that it is not a problem with Notes/Domino itself, but with the applications that do not properly handle this feature.

10/18/2004

CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service (infinite loop) via a web page or HTML email that contains invalid HTML including (1) a TEXTAREA tag with a large COLS value and (2) a large tag name in an element that is not terminated, as demonstrated by mangleme.  NOTE: a followup suggests that the relevant trigger for this issue is the large COLS value.

10/18/2004

CVE-2004-1616

Links allows remote attackers to cause a denial of service (memory consumption) via a web page or HTML email that contains a table with a td element and a large rowspan value,as demonstrated by mangleme.

10/18/2004

CVE-2004-1615

Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme.

10/18/2004

CVE-2004-1614

Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with large height parameters, as demonstrated by mangleme.

10/18/2004

Security News 143921 - 143940 of 152997
First | Prev. | 7195 7196 7197 7198 7199 | Next | Last All
Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015