109 bytes small Win32/XP SP3 MessageBoxA shellcode.
0ed2099b633d110282863fb35b75d8cdca1df127bc151139482e822d62cf56bc
Zero Day Initiative Advisory 10-177 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed e-mail. The process copies the contents of the MAILTO header within a calendar request into a fixed size stack buffer. By providing enough data this buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.
b38e9ed7898f15baadfb1def1048e9914a6679cba783785912c51d470e5427a1
Mandriva Linux Security Advisory 2010-182 - Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service via an SVG animation element, related to SVG set objects, SVG marker elements, the targetElement attribute, and unspecified caches.
1e1905c05b4a90241682a5f0ea5c934a704fe74008aab6e69eac64d99ac3577a
Flock 3 versions prior to 3.0.0.4094 suffer from window.open() javascript same-origin policy violation vulnerability.
b574bdf3d4182b36514a97d68f2629ed85d6dfd05f81a790e169cee639a87e0b
Flock 3 versions prior to 3.0.0.4112 suffer from a javascript NULL byte cross-origin bypass vulnerability.
f2bd06f5631b9733bade200c8526d5ce251563d8b5aa09ae3a518724fe59ac2f
Flock 3 versions prior to 3.0.0.4114 suffer from a malicious RSS feed cross-origin bypass vulnerability.
5fa12abdfe5bd4d2149de7987106352a8c4ddd329c6cf5fcd3ab7e2dc5124872
Flock 3 versions prior to 3.0.0.4094 suffer from a malformed favourite cross-origin bypass vulnerability.
ab2be6f5a08a6b7db3f3bc431ca6f18806622ef35273d95b9e4c111ba5d65fed
Firefox versions 3.6.4 through 3.6.8, 3.5.10 through 3.5.11 and 4.0 Beta1 suffer from a cross-domain information leakage vulnerability.
3f9728ea182855f9cdd648fafeb76095e6c17c0b99f95b7f9e956505654788c8
HP Security Bulletin - A potential security vulnerability has been identified with HP System Management
74ee745970d33edd79ea12ae68bd77fb4e0ff90ebbbcaab2604d7168bebce473
Whitepaper called Forensics - Analyzing an Unknown Image.
36de6ce51a69a816e886c9296c511866e2f97bb7638556bfd17b3df564fb23aa
Month Of Abysssec Undisclosed Bugs - The Novell iPrint client browser plug-in suffers from a parameter stack overflow vulnerability.
cc9add2077fe5b99eb85ddb63789c32ba63040ac35c53aa2e16036e1f00b87cd
Month Of Abysssec Undisclosed Bugs - Free Discussion Forum version 1.0 suffers from administrative access and cross site scripting vulnerabilities.
a9d43a832e2ba1fa8c7348c2fa9c25697d0ad8daa7d3d3e277cb3c69762309b0
The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS.
dc8e32f1fcdf41de7ef3f5866b3a69bddd1bfedc665e1d9775384b47a02f27e9
IBM Lotus Domino iCalendar suffers from an email address stack buffer overflow vulnerability. Versions 8.0 and 8.5 are affected.
16535cd708efaec4cc2eb1ff7547ec73bf0cd92eaab823f875f7a249ef6fe6b8
Mandriva Linux Security Advisory 2010-181 - The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : character in the base64-decoded string. The updated packages have been patched to correct this issue.
c602d8f54fa47e35711d72b52f0cf0b553abf275217bd0dd15d924c27cd7465c
E-Xoopport - Samsara versions 3.1 and below suffer from a remote blind SQL injection vulnerability.
5a161f64103a1904ad4980ffefa02e1b3c638e7dd94c6375785551c87317c3f2
Ubuntu Security Notice 987-1 - Andrew Bartlett discovered that Samba did not correctly validate the length when parsing SIDs. A remote attacker could send a specially crafted request to the server and cause a denial of service, or possibly execute arbitrary code with the privileges of the Samba service (smbd). The default compiler options for Ubuntu 8.04 LTS and newer should reduce the vulnerability to a denial of service.
19db9738598a1b3493ca3c23f4ff085f57eac151d5d3636c6bb47e8d6f6a5c71
Debian Linux Security Advisory 2108-1 - It has been discovered that in cvsnt, a multi-platform version of the original source code versioning system CVS, an error in the authentication code allows a malicious, unprivileged user, through the use of a specially crafted branch name, to gain write access to any module or directory, including CVSROOT itself. The attacker can then execute arbitrary code as root by modifying or adding administrative scripts in that directory.
7623474b1fe54003086c479731f96f4ee473a959445a4829f6ccb20db4409622
A null pointer dereference vulnerability has been noticed in Microsoft Word. The exception results in the MSO.dll library failing to handle the specially crafted buffer in a file. The issue can be potentially triggered by opening a malicious word file which results in a null pointer exception due to invalid memory read.
4c01a6e8fca0e345ca53ec2236511ab85597f7b4fcdd81dc24841e0f52f6773f
Month Of Abysssec Undisclosed Bugs - The Novell iPrint client browser plug-in suffers from a parameter stack overflow vulnerability.
dd737bde8415b87650489f93bc877b5818c8df50c8c4b2c35f369008ca968b8b
Month Of Abysssec Undisclosed Bugs - Free Discussion Forum version 1.0 suffers from administrative access and cross site scripting vulnerabilities.
b1a3225e61c9434202ec35356638d8259b05495467bb2ea1dfb8ec4b1e214663
The Joomla JGen component version 0.9.33 suffers from a remote SQL injection vulnerability.
bbdfaf340e952328a60e41a7c4da7e888c4266e1048235fe82fdc9166b741ec4
The Nokia E72 suffers from a keyboard password bypass vulnerability.
e0d3e77ef2980214ddfbaeb2672917af8f4b395eba4c0311e807ad3d3183a7dc