The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015
Security News

CVE-2005-1241

Directory traversal vulnerability in the third party tool from Powertech, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via \"..\" sequences in a GET request.

04/20/2005

CVE-2005-1240

Directory traversal vulnerability in the third party tool from Castlehill, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via \"..\" sequences in a GET request.

04/20/2005

CVE-2005-1233

Cross-site scripting (XSS) vulnerability in index.php in PHP Labs proFile allows remote attackers to inject arbitrary web script or HTML via the (1) dir or (2) file parameters.

04/20/2005

CVE-2005-1227

Cross-site scripting (XSS) vulnerability in PHProjekt 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the chatroom text submission form.

04/20/2005

CVE-2005-0755

Heap-based buffer overflow in RealPlayer 10 and earlier, Helix Player before 10.0.4, and RealOne Player v1 and v2 allows remote attackers to execute arbitrary code via a long hostname in a RAM file.

04/19/2005

CVE-2004-1341

Cross-site scripting (XSS) vulnerability in info2www before 1.2.2.9 allows remote attackers to inject arbitrary web script or HTML via the arguments to info2www.

04/19/2005

CVE-2005-1138

Unknown vulnerability in WebMail in Kerio MailServer before 6.0.9 allows remote attackers to cause a denial of service (CPU consumption) via certain e-mail messages.

04/18/2005

CVE-2005-1107

McAfee Internet Security Suite 2005 uses insecure default ACLs for installed files, which allows local users to gain privileges or disable protection by modifying certain files.

04/18/2005

CVE-2005-0753

Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.

04/18/2005

CVE-2005-0752

The Plugin Finder Service (PFS) in Firefox before 1.0.3 allows remote attackers to execute arbitrary code via a javascript: URL in the PLUGINSPAGE attribute of an EMBED tag.

04/18/2005

CVE-2005-1308

SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML.

04/15/2005

CVE-2005-1142

Heap-based buffer overflow in the readpgm function in pnm.c for GOCR 0.40, when it is not using netpbm, allows remote attackers to execute arbitrary code via a P3 format PNM file with more data than implied by its width and height values.

04/15/2005

CVE-2005-1141

Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, which leads to a heap-based buffer overflow.

04/15/2005

CVE-2005-1140

Cross-site scripting (XSS) vulnerability in myBloggie 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the comments.

04/15/2005

CVE-2005-1126

The SIOCGIFCONF ioctl (ifconf function) in FreeBSD 4.x through 4.11 and 5.x through 5.4 does not properly clear a buffer before using it, which allows local users to obtain portions of sensitive kernel memory.

04/15/2005

CVE-2005-1139

Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational information of an SSL certificate, which is easily spoofed and can facilitate phishing attacks.

04/14/2005

CVE-2005-1136

Simple PHP Blog (sphpBlog) 0.4.0 stores the (1) password.txt and (2) config.txt files under the web document root, which allows remote attackers to obtain sensitive information and crack passwords via a direct request to these files.

04/14/2005

CVE-2005-1122

Format string vulnerability in cgi.c for Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP GET request containing double-encoded format string specifiers (aka "double expansion error").

04/14/2005

CVE-2005-1118

Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter.

04/14/2005

CVE-2005-1043

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

04/14/2005

Security News 93041 - 93060 of 104227
First | Prev. | 4651 4652 4653 4654 4655 | Next | Last All
Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015