CVE-2009-4008

CVE-2009-4008 affects Unbound up to version 1.4.3 (pre-1.4.4) and causes a DNSSEC outage DoS. A remote attacker can trigger the issue by sending a crafted query, leading Unbound to stop sending responses for signed zones. Public references in the connected documents confirm the affected product (...

PT-2011-2535 · Microsoft · Windows Xp +6

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 through SP2 Microsoft Windows Server 2008 versions Gold through R2 SP1 Microsoft Windows 7 versions Gold through SP1...

CVE-2010-3735

The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service CPU consumption via a crafted query involving certain UNION ALL views, leading to an indefinitely large amount of compilation time...

Code injection

The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service CPU consumption via a crafted query involving certain UNION ALL views, leading to an indefinitely large amount of compilation time...

Open redirect

IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query...

CVE-2009-1239

IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query...

CVE-2009-1239

CVE-2009-1239 concerns IBM DB2 9.1 prior to Fix Pack 7. The issue arises from the order in which an INNER JOIN predicate and an OUTER JOIN predicate are applied, which could cause a crafted query to disclose sensitive information. Affected product/version: IBM DB2 9.1 before FP7. The primary root...

CVE-2009-1239

IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query...

Directory traversal

cgi-bin/welcome/VPNonly in the web interface in Netgear SSL312 allows remote attackers to cause a denial of service device crash via a crafted query string, as demonstrated using directory traversal sequences...

CVE-2008-5916

gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a craft...

CVE-2007-5036

Multiple buffer overflows in the AirDefense Airsensor M520 with firmware 4.3.1.1 and 4.4.1.4 allow remote authenticated users to cause a denial of service HTTPS service outage via a crafted query string in an HTTPS request to 1 adLog.cgi, 2 post.cgi, or 3 ad.cgi, related to the "files filter."...

Design/Logic Flaw

buscador/buscador.htm in Portal Search allows remote attackers to obtain sensitive information business logic via a query string composed of a search for certain characters...

CVE-2007-0923

buscador/buscador.htm in Portal Search allows remote attackers to obtain sensitive information business logic via a query string composed of a search for certain characters...

mod_python remote DoS

Unknown vulnerability in modpython 2.7.9 allows remote attackers to cause a denial of service httpd crash via a certain query string, a variant of CAN-2003-0973...

Security Update for SQL Server 2014 Service Pack 2 CU (KB4505419)

A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions. An attacker who successfully exploited this vulnerability could execute code in the context of the SQL Server Database Engine service account. To exploit the...