Samba Encrypted Password String Conversion Decryption Overflow

The remote Samba server, according to its version number, is vulnerable to a bug in the length checking for encrypted password change requests from clients. A client could potentially send an encrypted password, which, when decrypted with the old hashed password could be used as a buffer overrun...

Security Bulletin MS02-055: Unchecked Buffer in Windows Help Facility Could Enable Code Execution (Q323255)

---------------------------------------------------------------------- Title: Unchecked Buffer in Windows Help Facility Could Enable Code Execution Q323255 Date: 02 October 2002 Software: Microsoft Windows 98 Microsoft Windows 98 Second Edition Microsoft Windows Millennium Edition Microsoft...

Security Bulletin MS02-052: Flaw in Java VM JDBC Classes Could Allow Code Execution (Q329077)

---------------------------------------------------------------------- Title: Flaw in Microsoft VM JDBC Classes Could Allow Code Execution Q329077 Released: 18 September 2002 Software: Versions of the Microsoft virtual machine Microsoft VM Impact: Three vulnerabilities, the most serious of which...

Мета-символы в Webcart (code execution)

No description provided...

ml2 - local users can crash processes

Exploit for linux platform in category dos / poc ===================================== ml2 - local users can crash processes ===================================== include include include include error int mainint argc, char argv char foo1000; char bigmsg10000; char s, holds; int i = 0;...

Microsoft IIS 4.05.0 and PWS - Extended Unicode Directory Traversal (3)

Microsoft IIS 4.05.0 and PWS - Extended Unicode Directory Traversal 3 // source: https://www.securityfocus.com/bid/1806/info Microsoft IIS 4.0 and 5.0 are both vulnerable to double dot "../" directory traversal exploitation if extended UNICODE character representations are used in substitution fo...

XChat URL handler vulnerabilty

Email was sent to [email protected] the author of xchat and after over a week, I have received no reply. So here it is... the advisory. zen-parse - blinking since 1992 or mebe earlier X X CC H H AA TTTTT X X C C H H A A T X C HHHH AAAA T X X C C H H A A T X X CC H H A A T Hole: backticked commands...

Cobalt RaQ 2.0/3.0 / qpopper 2.52/2.53 - 'EUIDL' Format String Input

// source: https://www.securityfocus.com/bid/1242/info A vulnerability exists in version 2.53 and prior of qpopper, a popular POP server, from Qualcomm. By placing machine executable code in the X-UIDL header field, supplying formatting strings in the "From:" field in a mail header, and then...

CVE-2026-3370

...

CVE-2026-25984

...

CVE-2025-61632

The CVE-2025-61632 entry is rejected/not used.

CVE-2025-14268

CVE-2025-14268 is linked in multiple sources with an asserted Apache Struts Remote Code Execution vector, but the Initial Description states the CVE ID has been rejected by the CNA. The PT-2025-52511 record references CVE-2025-14268 as Apache Struts RCE; other records (EUVD, NVD, NVD mirror) stat...

PHP Code Injection

phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...

PHP Code Injection

phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...

PHP Code Injection

phpWhois PHP Code Injection\nVulnerability Overview\nphpWhois and some of its forks in versions before 5.1.0 are prone to a\ncode injection vulnerability due to insufficient sanitization of returned\nWHOIS data. This allows attackers controlling the WHOIS information of a\nrequested domain to...

Security Update for Microsoft Outlook 2010 (KB4032222) 32-Bit Edition

A security vulnerability exists in Microsoft Outlook 2010 32-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Security Update for Microsoft Office 2013 (KB3203392) 32-Bit Edition

A security vulnerability exists in Microsoft Office 2013 32-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

PHP Code Injection

phpWhois PHP Code Injection Vulnerability Overview phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute...

PHP Code Injection

phpWhois PHP Code Injection Vulnerability Overview phpWhois and some of its forks in versions before 5.1.0 are prone to a code injection vulnerability due to insufficient sanitization of returned WHOIS data. This allows attackers controlling the WHOIS information of a requested domain to execute...

Security Update for Microsoft Excel 2010 (KB4493186) 64-Bit Edition

A security vulnerability exists in Microsoft Excel 2010 64-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...