PyString_FromStringAndSize() incorrectly validates input in Python version 2.5.2. Earlier versions may also be vulnerable.
acdffd19a5b36cf9a44eb0ee3ce3dda152701c5d20c417990d3d9dd1d9b1ff11
Trillian version 3.1.9.0 suffers from a buffer overflow vulnerability while parsing xml .dtd file types. Earlier versions may already be affected.
fcafe4643044474b29db9e7f7c0acf7a3ba00aa2bc7e6ecf5ae67940bc247807
WiKID wClient-PHP versions 3.0-2 and below suffer from multiple cross site scripting vulnerabilities.
67d10cd0b31c2647b3ef2d33f5dd1920c1101c3453e62e3516e332f15ae75f08
Exploit for HP OpenView Network Node Manager versions 7.53 and below that demonstrates null pointer, process termination, and denial of service vulnerabilities.
062e9d945b9df97d9120162f8199ce03b02e5ca30110f3b2b605d9e90f2ba9b9
HP OpenView Network Node Manager versions 7.53 and below suffer from directory traversal, denial of service, null pointer, and process termination vulnerabilities. Traversal details included.
b678c64f1a63e714fbcbef0b8342dac2ddf40114c6dcf9e9ee0b39b9b5e0daef
Gentoo Linux Security Advisory GLSA 200804-12 - gnome-screensaver incorrectly handles the results of the getpwuid() function in the file src/setuid.c when using directory servers (like NIS) during a network outage, a similar issue to GLSA 200705-14. Versions less than 2.20.0-r3 are affected.
1c166bbb47281153c9a39e490981d486f4ed1c6a8735bf3de4ea53c10bcbc55a
Gentoo Linux Security Advisory GLSA 200804-11 - Chris Howells reported that policyd-weight creates and uses the /tmp/.policyd-weight/ directory in an insecure manner. Versions less than 0.1.14.17 are affected.
766f699d0c2d9306218b4336e8c6654f935d83d203878f66b9da42a9d22ca10d
PHPKB Knowledge Base version 1.5 suffers from a SQL injection vulnerability in comment.php.
29363879659492f90d2d8f268a7f38271aaba4f7f13f2e2a6056779be2a93c2a
Borland Interbase 2007 Service Pack 2 using ibserver.exe version 8.0.0.123 is susceptible to a buffer overflow vulnerability. Denial of service code included.
f8d13cf0ecdd3ed188f41a0ed89fb1542f73bef455232beaaa6e0d99a05ce05a
Ubuntu Security Notice 600-1 - Sebastian Krahmer discovered that rsync could overflow when handling ACLs. An attacker could construct a malicious set of files that when processed by rsync could lead to arbitrary code execution or a crash.
ccedb1680eb4979f38c133f22c115db7fe4b6eaad17094bfc012870b390b068d
NewsOffice version 1.1 suffers from a remote file inclusion vulnerability.
daf43b89ef8b69375021ba7bf3ff43c606dc57b4d6347b2c3bfd03b5b6cb276c
iDefense Security Advisory 04.09.08 - Remote exploitation of a format string vulnerability in EMC Corp.'s DiskXtender could allow an attacker to execute arbitrary code with the privileges of the affected service. When handling requests on the RPC interface with UUID b157b800-aef5-11d3-ae49-00600834c15f, the service does not properly validate the content of a string in requests. Since this string is passed directly to a formatting function, a format string vulnerability occurs. iDefense confirmed the existence of this vulnerability in DiskXtender version 6.20.060 for Windows. Previous versions may also be affected.
5b88804d6ae7468d490bc8ef3fe7c0ea5e0670d6692d6006ad9bcc470224792c
iDefense Security Advisory 04.09.08 - Remote exploitation of a buffer overflow vulnerability in EMC Corp.'s DiskXtender could allow an attacker to execute arbitrary code with the privileges of the affected service. The File System Manager is prone to a stack-based buffer overflow vulnerability. When handling requests on the RPC interface with UUID b157b800-aef5-11d3-ae49-00600834c15f, the service does not properly validate the length of a string in the request. By making a specially crafted request, a stack based buffer overflow occurs. iDefense confirmed the existence of this vulnerability in DiskXtender version 6.20.060 for Windows. Previous versions may also be affected.
cc3f3fbc0041112ee44d533bc22ba56a70fd751510708f2c713a709b97e17abf
iDefense Security Advisory 04.09.08 - Remote exploitation of an authentication bypass vulnerability in EMC Corp.'s DiskXtender could allow an attacker to execute arbitrary code. Each of the main components of the DiskXtender suite is vulnerable to an authentication bypass vulnerability. Specifically, the authentication code contains a hard-coded login and password. By connecting to the RPC interface, and logging on with these credentials, it is possible to bypass the normal authentication process. iDefense confirmed the existence of this vulnerability in DiskXtender version 6.20.060 for Windows. Previous versions may also be affected.
e7ab9fbbb99710e5ebe00c8010b6d349ef5bccd241e9f3a13af867571d08d281
RX Maxsoft suffers from a remote SQL injection vulnerability in popup_img.php.
aa951ec6c70fbe826dea83bbf12dbedd3ae257524c1bb1d66c9a9e89fc348c88
LightNEasy version 1.2 remote administrative hash retrieval exploit.
c627d5d53c261bee0b83393471c59ae5cf170b1364a582da53455c3fd7b817c1
Debian Security Advisory 1546-1 - Thilo Pfennig and Morten Welinder discovered several integer overflow weaknesses in Gnumeric, a GNOME spreadsheet application. These vulnerabilities could result in the execution of arbitrary code through the opening of a maliciously crafted Excel spreadsheet.
137ce427cb51f3a2a9023931ca0ec415e7edf60ee595db65106dd886d1da1c6a
The w2b Dating Club script is susceptible to SQL injection attacks. Various other scripts by the same vendor may also be vulnerable.
eae71d8e4052206b043a4fca8eeec62b90307b330b3bfcd1ef3c7953baeaab46
Blind SQL injection tool for MySQL servers using a true-false method. You can obtain MySQL information and extract data from tables without the use of quotes.
6b79a23433909018cede551c9ed5088439fea762c64d36abaf2a90dab8f7a976
Secunia Security Advisory - Some vulnerabilities have been reported in Drupal, which can be exploited by malicious users to bypass certain security restrictions.
a9a8e8be28c7d1dac14f880eb35d28b2dda9bb65a29579e49c2adabcbfeaf655
Secunia Security Advisory - Debian has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
41a9e13587ca0d45a375da4b8136ab19240c690cc553689da6689f8503496024
Secunia Security Advisory - Ubuntu has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
1b0e33954044393c50bf69a42d8c93b9ffbbaa36ab0340945928a5dc27621cfe
Secunia Security Advisory - Some vulnerabilities have been reported in TIBCO products, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
21854be4bde75ce7c6b38a5edd7ea9a8e8d48a6e7f1ce0bd355818a6c512fbff