7018 matches found
CVE-2005-1121
Format string vulnerability in the myxlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwdmysql and passwdpgsql modules, may allow attackers to execute arbitrary code via a URL...
postgresql -- character conversion and tsearch2 vulnerabilities
The postgresql development team reports: The more severe of the two errors is that the functions that support client-to-server character set conversion can be called from SQL commands by unprivileged users, but these functions are not designed to be safe against malicious choices of argument...
WordPress <=1.5 - Multiple Cross-Site Scripting (XSS) vulnerabilities
Because of these vulnerabilities in template-functions-post.php, attackers can execute arbitrary commands via the title of the post or content. Solution Update WordPress to the latest possible version...
Oracle Database PL/SQL Statement Multiple SQL Injection Exploits
Exploit for unknown platform in category local exploits ================================================================ Oracle Database PL/SQL Statement Multiple SQL Injection Exploits ================================================================ / Advanced SQL Injection in Oracle databases...
Linux kernel multiple vulnerabilities
sysfswritefile integer overflow, futex functions DoS, ext3 and jfs race conditions...
[Full-disclosure] Maxthon browser multiple vulnerabilities advisory
Maxthon browser multiple vulnerabilities advisory URL: http://www.raffon.net/advisories/maxthon/multvulns.html Date: April 08, 2005 Author: Aviv Raff Introduction "Maxthon Internet Browser software is a powerful tabbed browser with a highly customizable interface. It is based on the Internet...
RHEL 3 : mysql-server (RHSA-2005:348)
Updated mysql-server packages that fix several vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. This update fixes several security risks in the MySQL...
mysql security update
CentOS Errata and Security Advisory CESA-2005:348 Updated mysql-server packages that fix several vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. This...
CVE-2005-0937
Some futex functions in futex.c for Linux kernel 2.6.x perform getuser calls while holding the mmapsem semaphore, which could allow local users to cause a deadlock condition in dopagefault by triggering getuser faults while another thread is executing mmap or other functions...
Important: Red Hat Security Advisory: mysql security update
Updated mysql packages that fix several vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. This update fixes several security risks in the MySQL server...
CVE-2002-1651
CVE-2002-1651 describes a cross-site scripting (XSS) vulnerability in the Verity Search97 product. The issue arises from certain error messages in template pages that use the (1) vformat and (2) vfilter functions, enabling remote attackers to inject arbitrary web content and potentially access se...
CVE-2005-0701
Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via "\.\.." modified dot dot backslash sequences to UTLFILE functions such as 1 UTLFILE.FOPEN or 2 UTLFILE.frename...
Oracle Database 8i9i - Multiple Directory Traversal Vulnerabilities
Oracle Database 8i9i - Multiple Directory Traversal Vulnerabilities source: https://www.securityfocus.com/bid/12749/info Oracle Database server is reported prone to multiple directory traversal vulnerabilities that may allow a remote attacker to read, write, or rename arbitrary files with the...
CVE-2005-0637
CVE-2005-0637 concerns the copyout functions in locore.s (notably OpenBSD 3.5 and 3.6) which may allow an attacker to exceed certain address boundaries and modify kernel memory. The underlying issue is a boundary/offset handling in these copy routines that can bypass protection checks, leading to...
Microsoft VBScript Engine memory leak
Regular expression functions memory leaks...
Mozilla and Firefox browsers buffer overflow
Heap based buffer overflow in text processing functions...
CVE-2005-0937
Some futex functions in futex.c for Linux kernel 2.6.x perform getuser calls while holding the mmapsem semaphore, which could allow local users to cause a deadlock condition in dopagefault by triggering getuser faults while another thread is executing mmap or other functions...
Brooky CubeCart Multiple Vulnerabilities
Binary data 2617.prm...
CVE-2004-1462
CVE-2004-1462 concerns an unknown vulnerability in MoinMoin
CVE-2004-1462
Unknown vulnerability in MoinMoin 1.2.2 and earlier allows remote attackers to gain unauthorized access to administrator functions such as 1 revert and 2 delete...