vsftpd: vsftpd: Denial of service via integer overflow in ls command parameter parsing

A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence...

Authentication flaw

IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service disk consumption via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1956 and CVE-2015-1987...

Authentication flaw

IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service disk consumption via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1958 and CVE-2015-1987...

Cross site scripting

The htmlspecialchars function in PHP before 5.2.12 does not properly handle 1 overlong UTF-8 sequences, 2 invalid ShiftJIS sequences, and 3 invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting XSS attacks by placing a crafted byte sequence before a special...