CVE-2007-3962

Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 might allow remote attackers to execute arbitrary code via 1 a long filename that is not properly handled by the fspreaddirnative function when MAXNAMLEN is greater than 255, or 2 a long dname directory dirent field in the...

CVE-2007-3713

Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this might overlap CVE-2007-0160...

CVE-2007-2837

The 1 getRule and 2 getChains functions in server/rules.cpp in fireflierd fireflier-server in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file...

CVE-2007-3112

graphimage.php in Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service CPU consumption via a large value of the 1 graphstart or 2 graphend parameter, different vectors than CVE-2007-3113...

CVE-2007-3113

Cacti 0.8.6i, and possibly other versions, allows remote authenticated users to cause a denial of service CPU consumption via a large value of the 1 graphheight or 2 graphwidth parameter, different vectors than CVE-2007-3112...

CVE-2007-2894

The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service virtual machine crash via unspecified vectors, resulting in a divide-by-zero error...

CVE-2007-2808

Cross-site scripting XSS vulnerability in gnatsweb.pl in Gnatsweb 4.00 and Gnats 4.1.99 allows remote attackers to inject arbitrary web script or HTML via the database parameter...

CVE-2007-0237

The ndeb-binary feature in Lookup lookup-el allows local users to overwrite arbitrary files via a symlink attack on temporary files...

CVE-2007-0802

Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the "." and "/" characters, which is not caught by the Phishing List blacklist filter...

CVE-2006-6600

Cross-site scripting XSS vulnerability in dir.php in TorrentFlux 2.2, when allows remote attackers to inject arbitrary web script or HTML via double URL-encoded strings in the dir parameter, a related issue to CVE-2006-5609...

CVE-2006-6330

index.php for TorrentFlux 2.2 allows remote registered users to execute arbitrary commands via shell metacharacters in the kill parameter...

CVE-2005-3648

Multiple SQL injection vulnerabilities in the getrecord function in datalib.php in Moodle 1.5.2 allow remote attackers to execute arbitrary SQL commands via the id parameter in 1 category.php and 2 info.php...