Many XML/RPC servers based on Python / Ruby seem to be vulnerable to a simple Denial of Service where transmitting a large amount of data (circa 4 MB) results in them utilizing 100% of the CPU and apparently never recovering.
01fddb7df596dbb647f71a14bc8ddf89eda494b127062d87e148e1adfd6216ba
AppleWebKit XMLHttpRequest arbitrary file disclosure - Apple Safari 1.2+, Apple RSS 2.0 pre-release, OmniGroup OmniWeb 5.1+, as well as other software based on a common engine, are vulnerable to malicious webservers attacking them and retrieving information (arbitrary files on disk).
0ea575297839fdac0e3654c2488db5abe193e71540f91deb28ffc4cd0bd4c886
Gentoo Linux Security Advisory GLSA 200504-14 - Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discovered a Denial of Service vulnerability, a syntax error caused monkeyd to zero out unallocated memory should a zero byte file be requested. Versions less than 0.9.1 are affected.
7f4936472c31f89580293bf38a7962c48bf48a076c611dbcb39c244449785e17
Musicmatch installs an ActiveX control which can then be called by other sites (totally unrelated to musicmatch). The ActiveX control allows for arbitrary files on the user's disk to be overwritten.
11fd920c5376d04b6b942e8d782b5ab5c9062b6024be9018a38a7f67cccad923
Ophcrack version 2.0. Ophcrack is a cracker aimed at NT-style (LANMAN) password-hashes. It uses a large precomputed hash database to crack the majority of all passwords within a matter of seconds, rather than hours or days as would be the case if you search the entire likely keyspace each time you are looking for a specific password. This type of cracking is based on a technique referred to as "rainbow tables".
c04353d4e957dedbbe3f6682b4898c728601bba5dae0264812a71b51b2ca0824
System's protected with libsafe my not be fully protected when multithreaded applications are running on them: a brief attack window may exist where an attack can execute malicious code without libsafe being called to verify things as safe.
36be85c239bf7eb36e43805fdd22ff28338c953972e31ec9cf067a21f1e92011
GOCR (Gnu Optical Character Recognition) contains a heap overflow.
afb2abf973047003b3fcb5711eb81087f9f2a9e0c844a1fa64a790403e982cd1
Debian Security Advisory DSA 709-1 - libexif remote buffer overflow. Sylvain Defresne discovered a buffer overflow in libexif, a library that parses EXIF files (such as JPEG files with extra tags).
c2a7812fbb6ff327e408302fc15ef6561ebdad0ebf7c737530c364cb58f717a9
Dameware stores the username / password of the currently connected user in cleartext somewhere on its heap. (Note: a great number of other remote-access products probably do this as well).
2ba2eb9f10af09f46038b23b0d6cb684ed80a7a6a73113df3a867e99be5817fd
The log function in Perl's Net::Server module (used by postgrey, among other tools) is vulnerable to format string attacks. However, it is not clear what the exact impact of this is in a Perl environment.
778555738d428bd2a4087fa2b5c8d98b4df893c1bcdcc2f5c4e68e53bd7634fa
The SIOCGIFCONF ioctl, used to request the kernel to produce a list of interfaces, can be exploited to reveal 12 bytes of memory. It is not at all guaranteed that this memory will contain anything interesting.
046e16080325dae021493dffedc9e3fe620cdd65df9f6250a4fd4ff3ce4aaef7
Yager, an online air-combat simulation game, is vulnerable to several overflows as well as several Denial of Service attacks. This advisory details issues in versions up to 5.24.
3e9e1377c6d538e2c6ab12326ddfb1a9889cb7aee4dbb8d4f3c1fecd7afb77aa