The default POP3 server installed on iSeries boxes allows for username enumeration. This PDF contains a table converting POP3 login errorcodes to their actual meanings.
4d267c5719f82f3364c7ebc3a98ea3abbcbf5823e3324094c48771565765e12e
The InternetCreateUrlW function of wininet.dll, a core component of Internet Explorer, is vulnerable to a buffer overflow attack when the source buffer is copied into the destination buffer using WideCharToMultiByte. In practice this is probably only useful for Denial of Service attacks (if that) and still requires some social-engineering to actually exploit this.
ff53458ff1c02389c39168172c59ac6ab1cbb62bfdb0fc78469a4dc9190da6ca
Older versions of MusicMatch (like a large number of other software packages, including core components of Windows) make an insecure call to CreateProcess. This is a local attack which requires that an attack can write files to the root of the C:\ drive, something that actually is possible with versions of Winows prior to XP.
9faba944c8b50a3f791d05142beaf4ad28418d0d8414df595ed593e83feed2ee
Ubuntu Security Notice USN-111-1 - A remote Denial of Service vulnerability has been discovered in Squid. Versions of ubunto up to 2.5.5-6ubuntu0.7 may contain vulnerable versions of squid.
5410ff64f8687a5559684c5a08918347a5be9390c3b89ed0c767095b795a22d2
Sumus, a Internet-based cardgame program, is vulnerable to a stack-based buffer-overflow in the server component.
04b607c7c82dcc14b5382394ef565748a6ad092ebe29a4a4a2e157d6d8c1ab8d
All4WWW-
c3d17514e1fa26e0970b8916a28ed513073ce3377b213d0794119ac7f3ef0ee3
Example of malformed MIDI ringtone which can be used to cause a Denial of Service condition in LG-U8120 mobile phones.
d88d8912a07b8432a22f5b3279b4ba54f57f6883f9b4a6dbd3af5acca52d6b49
LG u8120 mobile phones are vulnerable to a Denial of Service condition when malformed MIDI ringtones are sent to them.
43d00dc0128c5866e3796a05f31f1e9218064ce1216fa3f9f1e729bed32d07ae
cpio is vulnerable to a time-of-check/time-of-use attack, where a user MIGHT be able to change the permissions of arbitrary files on the system, when cpio is being used to unpack an archive. The likelyhood of this attack working is EXTREMELY low.
adfbd806dec0f7b16d8cdda758c2e49fb3927d4e11c4c2152a78aea6d416202a
IBM WebSphere Application 6 and prior are vulnerable to a JSP sourcecode disclosure issue when the Application Server and Webserver roots are configured to be the same.
f528fdb3fac42ff14cc7162becf5513975c73b196deb7b13bbcfff0c72f0f3d1
Gentoo Linux Security Advisory GLSA 200504-12 - The copy_symlink() subroutine in rsnapshot follows symlinks when changing file ownership, instead of changing the ownership of the symlink itself. Versions less than 1.2.1 are affected.
a1a6ff3a18efb1b5a7fc789b905df40270bf6e2d26b9f4b368572cb426b4d8f4
WIDCOMM Bluetooth Connectivity Software is vulnerable to a directory traversal exploit.
26922982be2e110326b1f4ab84e34eb26baddab981f457133c2df971e2f2f145
Example predebug code execution exploit, demonstrating how programmers being loaded into debuggers can attack the machine running the debugger. Example showing simple command execution.
76d7d2479d8d488badcb0576ec9f7d6ca96d0d10a0e52cd27298f200805cd49e
Example predebug code execution exploit, demonstrating how programmers being loaded into debuggers can attack the machine running the debugger.
33ca07cc4db8f94578af6e6aae40cf6f4c90465438674f0c1438b9825c9a1273