dotclear version 1.2.2 and below suffer from a remote SQL injection flaw.
420ac553343837f9e66b25995423fc34b88ba28115063849dfae6069552f4f03
Debian Security Advisory DSA 912-1 - Wernfried Haas discovered that centericq, a text-mode multi-protocol instant messenger client, can crash when it receives certain zero length packets and is directly connected to the Internet.
34bde91ed18d0ad5496b08c686733064e1b3adea3ce86a9b8c3c508d0ba33b81
Gallery versions below 2.0.2 are susceptible to cross site scripting, arbitrary file viewing, and more.
2c5393607259ccfb2aa2a700aa8d219403e22be70086c84c95060151911f5edb
Apple Security Advisory - Apple has released a security update which addresses over a dozen vulnerabilities.
e7bb6ec0504327630e33ae50f3e506dd37e28fb70583d43167e478159852984a
Opera 8.50 is susceptible to a denial of service condition via an applet.
935a51472ab3bd6c59b138c3c68c739c9d4623061a00d164c3b0f659f1aea147
The Panda Antivirus Library is vulnerable to a heap overflow during decompression of ZOO files.
ea22e4e269fb66345e42e902825a2d91721aad2de4c5e442047261800048dc5f
Cisco Security Advisory - A vulnerability exists in CSA agents that can allow a privilege escalation through locally executed software, providing a normal user or attacker with local system level privileges on a Windows workstation or server running managed or standalone CSA 4.5.0 or 4.5.1 agents.
febe0c6b9274bd114b3212a125344054bb05edeadfb6cd8c69a40ebc7a6fcf7b
Debian Security Advisory DSA 911-1 - Several vulnerabilities have been found in gtk+2.0, the Gtk+ GdkPixBuf XPM image rendering library.
0d5ed830406babebe25083fcc93d593770fdad8eeeb5fd4497183b0f633f5597
The Webmin miniserv.pl code suffers from a format string vulnerability.
97ebba960f457a58ad0e761322199ad5c6c0a070121c559a0100561ad97b67fc
It is possible to mount a denial of service attack against Windows 2000/2003 hosts where the SYN attack protection has been enabled.
5aff64df96ecc852c2daff2bb5ddea80c392c2a30780ca25b8aab68fefc3bfcb
WebCalendar 1.0.1 is susceptible to SQL injection attacks.
23e27c95c7836fb9ed4b91fc3f6d56dabd8ce00e2c70c418b4563aabab3e4fb9
PHP Web Statistik version 1.4 suffers from injection vulnerabilities.
1254628e2da8b1b1b6f411da297d1ea9e16f19f55e843ac8d21250c14532a6ef
APC PowerChute Network Shutdown's web interface only supports HTTP, forcing credentials to be passed in the clear.
8885c9bf6f4b2c0fa09d301f83d4ae9733e49fd941dbcba894109c631117a434
Google Talk Beta Messenger stores all credentials in clear text in the process memory.
77351e323ebc2b62b46a2bc7cd97d4de54156ea418e6b6aeaadbc17bf1698b51
Gentoo Linux Security Advisory GLSA 200511-23 - Sven Tantau reported about a buffer overflow vulnerability in chmlib. The function _chm_decompress_block() does not properly perform boundary checking, resulting in a stack-based buffer overflow. Versions less than 0.37.4 are affected.
10a6863941e87eadffa30c1303d11e9570df290bbbbeb18eec9fbea63602217c
Gentoo Linux Security Advisory GLSA 200511-22 - Joxean Koret has discovered that Inkscape incorrectly allocates memory when opening an SVG file, creating the possibility of a buffer overflow if the SVG file being opened is specially crafted. Versions less than 0.43 are affected.
a7669a0dd35190be7d3d5b83cb38276e22d7b4013be27e72517c71d8ee9ae345
ktools versions 0.3 and below suffer from a buffer overflow vulnerability.
918ef9d4641780120c240699cc4f252ce1d302824630f5a0f13b19568aefca5d
Gentoo Linux Security Advisory GLSA 200511-21 - When handling a SWF file, the Macromedia Flash Player incorrectly validates the frame type identifier stored in the SWF file which is used as an index to reference an array of function pointers. A specially crafted SWF file can cause this index to reference memory outside of the scope of the Macromedia Flash Player, which in turn can cause the Macromedia Flash Player to use unintended memory address(es) as function pointers. Versions less than 7.0.61 are affected.
7794dc431b1b1bc5fb9a5c00d3bcdf6e49016beb9a07d8735fa3b99fd90c66d4
Secunia Research has discovered two boundary error vulnerabilities in various SpeedProject products, which can be exploited by malicious people to compromise a user's system.
40fcd4925c69b8512716ccb146a61281115a9d0d9c4924ad8db2a33fbfbe07b6
Debian Security Advisory DSA 910-1 - A vulnerability has been discovered in zope 2.7, as Open Source web application server, that allows remote attackers to insert arbitrary files via include directives in reStructuredText functionality.
a625631b09773f257c81b3e4f2c444e8b57051762929bbda759db6e1af9c5268
Mandriva Linux Security Advisory - Integer overflows in various applications in the binutils package may allow attackers to execute arbitrary code via a carefully crafted object file.
540de918934afc0fe9611a3320d8ad6d2edb153fd397148b8e79442f1afb750c
Debian Security Advisory DSA 909-1 - Daniel Schreckling discovered that the MIME viewer in horde3, a web application suite, does not always sanitize its input leaving a possibility to force the return of malicious code that could be executed on the victim's machine.
2d43888a7680004331964aaed90cc0be49571ea724e23dcf3f8b74b8f0647243
Debian Security Advisory DSA 908-1 - Colin Leroy discovered several buffer overflows in a number of importer routines in sylpheed-claws, an extended version of the Sylpheed mail client, that could lead to the execution of arbitrary code.
29d408151eb11090fb050627bb55902fc991f5c7420a64610b896162d6885fe8
Debian Security Advisory DSA 907-1 - Akira Yoshiyama noticed that ipmenu, an cursel iptables/iproute2 GUI, creates a temporary file in an insecure fashion allowing a local attacker to overwrite arbitrary files utilising a symlink attack.
4cc891873340cf15ce5cf14c61cc397de1079521272b8a092b531faa709c0ab9
Gentoo Linux Security Advisory GLSA 200511-20 - The Horde Team reported a potential XSS vulnerability. Horde fails to properly escape error messages which may lead to displaying unsanitized error messages via Notification_Listener::getMessage() Versions less than 2.2.9 are affected.
7ebef673b27c012b971fcbae4070ca3b871054fb16b88431d3559f21f4d41b6f