PostNuke version 0.726, and possibly earlier releases, are open to SQL injection and cross site scripting attacks due to a lack of proper parameter sanitizing.
307fc789ac7baf754c526ec507e9ec95ce669371ebffc34964b0347615a87b33
GoodTech Telnet Server 4.x for Microsoft Windows NT/2000/XP is susceptible to a denial of service attack when attempting to handle an overly long input string.
5c871cf563cc5cef0a8599c21076c25db7e87a2d6615675ca13014051d04ff28
Multiple cross site scripting and SQL injection vulnerabilities lie in Phorum versions 3.4.5 and below.
ce4d046825486555efd93f2110f9b7992cef09964eb5fe0fa25ef24f3a1b770b
Lotus Notes version 6.0.2 on Linux installs with faulty permissions on its notes.ini file which would allow local attackers to compromise the system.
99641299508cfd2408eb78d99c4ead40d71cad304a5188181956419b494672ec
ZyXEL10 OF ZyWALL Series Router is susceptible to a cross site scripting attack.
ee9f4824af384a671547c486d07eb46e1a295e1ffe39decf1e30901262c30b3b
EDIMAX AR-6004 Full Rate ADSL Router is susceptible to a cross site scripting attack.
e60dc46a7028812c72768187eebecb1750f580ea6cb9cc644981336ebebec558
SnapStream PVS LITE is susceptible to a cross site scripting attack.
97b08742f17b79738d2135f6e42fb6c4e09cbea0c66cd9aa29021fe5c822f5ba
RealNetworks fails to address a Cross-Site Scripting vulnerability in RealOne Player.
e5d41b80670285aa34a485a8ca9bb79cf4d12c03325caa345bc3bd8b0fd6ad3c
AQTRONIX Security Advisory AQ-2003-02 - When an HTTP request with the verb TRACK under Microsoft IIS 5.0 is performed, the transaction is not logged. This can lead to the server being utilized for XST attacks along with other tactics for information gathering. Microsoft silently fixed this bug in IIS 6.0.
1cc8f2eec00f14d310835e89c0e3a53b9d47467a9845df76a8e8d4c71dfffb75
Secunia Security Advisory SA10533 - A vulnerability has been reported in the Linux 2.4.x kernel series, which potentially can be exploited by malicious, local users to gain knowledge of sensitive information. The vulnerability is caused due to an unspecified error in /dev/rtc real time clock routines, which may disclose parts of kernel memory to unprivileged users.
62bea4925406d236faf5da1e33e91c97328a34267747c2fc75408a4b47fa8ece
Webcam Watchdog version 3.63 and below is vulnerable to a remotely exploitable stack based buffer overflow which can be triggered via an overly long HTTP GET request. Full detailed analysis of the vulnerability is given.
34ec3b6aeb6958e021532b1ec31ba27920f2b0f383ccc1a21f79f4b6fae76fad
Switch Off versions 2.3 and below suffer from a denial of service vulnerability and a stack-based buffer overflow in the message parameter of the application that may allow a remote attacker the ability to gain SYSTEM privileges.
59fe50b91ad162027a185b970c6995d4fd92e10ea3fac2df0d668fc177adbe9d
The mremap system call in the Linux kernel memory management code has a critical security vulnerability due to incorrect bounds checking. Proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access.
1f3565207e96102d6a63c660b43ba3e8e06061f744c34c3ff6a6df7a1d02e5ef