The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015
Security News

CVE-2005-4611

SQL injection vulnerability in search.php in Free ClickBank 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the keywords parameter.

12/31/2005

CVE-2005-4610

Format string vulnerability in the server for Dopewars before 1.5.12, when running as an NT service, allows remote attackers to execute arbitrary code via unspecified attack vectors.

12/31/2005

CVE-2005-4609

index.php in BugPort 1.147 and earlier allows remote attackers to obtain sensitive information such as full path and system configuration via an invalid action parameter.

12/31/2005

CVE-2005-4608

SQL injection vulnerability in index.php in BugPort 1.147 allows remote attackers to execute arbitrary SQL commands via the (1) devWherePair[0], (2) orderBy, and (3) where parameters.

12/31/2005

CVE-2005-4607

Cross-site scripting (XSS) vulnerability in index.php in BugPort 1.147 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) ids[0], (2) action, (3) report_id, (4) devWherePair[1][1], and (5) binds[0] parameters.

12/31/2005

CVE-2005-4606

SQL injection vulnerability in check_user.asp in multiple Web Wiz products including (1) Site News 3.06 and earlier, (2) Journal 1.0 and earlier, (3) Polls 3.06 and earlier, and (4) and Database Login 1.71 and earlier allows remote attackers to execute arbitrary SQL commands via the txtUserName parameter.

12/31/2005

CVE-2005-4605

The procfs code (proc_misc.c) in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value.

12/31/2005

CVE-2005-4604

Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable.

12/31/2005

CVE-2005-4603

Cross-site scripting (XSS) vulnerability in printthread.php in MyBB 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a thread message, which is not properly sanitized in the print view of the thread.

12/31/2005

CVE-2005-4602

SQL injection vulnerability in inc/function_upload.php in MyBB before 1.0.1 allows remote attackers to execute arbitrary SQL commands via the file extension of an uploaded file attachment.

12/31/2005

CVE-2005-4601

The delegate code in ImageMagick 6.2.4.5-0.3 allows remote attackers to execute arbitrary commands via shell metacharacters in a filename that is processed by the display command.

12/31/2005

CVE-2005-4600

Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.

12/31/2005

CVE-2005-4599

Cross-site scripting (XSS) vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to inject arbitrary web script or HTML via the index parameter.

12/31/2005

CVE-2005-4598

Cross-site scripting (XSS) vulnerability in home.php in OoApp Guestbook 2.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter.

12/31/2005

CVE-2005-4597

Cross-site scripting (XSS) vulnerability in index.php in iPei Guestbook 1.7 allows remote attackers to inject arbitrary web script or HTML via the email parameter, as used by the email field, when signing a guestbook.

12/31/2005

CVE-2005-4596

Cross-site scripting (XSS) vulnerability in read.php in AdesGuestbook 2.0 allows remote attackers to inject arbitrary web script or HTML via the totalRows_rsRead parameter.

12/31/2005

CVE-2005-4595

Untrusted search path vulnerability (RPATH) in XnView 1.70 and NView 4.51 on Gentoo Linux allows local users to execute arbitrary code via a malicious library in the current working directory.

12/31/2005

CVE-2005-4594

Stack-based buffer overflow in TUGZip 3.4.0.0 allows remote attackers to execute arbitrary code via a long filename in an ARJ archive.

12/31/2005

CVE-2005-4593

PHP remote file inclusion vulnerability in phpDocumentor 1.3.0 rc4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary code via a URL in the (1) FORUM[LIB] parameter in Documentation/tests/bug-559668.php and (2) the root_dir parameter in docbuilder/file_dialog.php.

12/31/2005

CVE-2005-4592

Heap-based buffer overflow in bogofilter and bogolexer 0.96.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via words that are longer than the input buffer used by flex.

12/31/2005

Security News 132441 - 132460 of 147736
First | Prev. | 6621 6622 6623 6624 6625 | Next | Last All
Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015