The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015
Security News

CVE-2003-1143

Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter 1.05, and Serious Sam: the Second Encounter 1.05 allow remote attackers to cause a denial of service (crash or freeze) via a TCP packet with an invalid first parameter.

10/30/2003

CVE-2003-1191

chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service (pages fail to load) via HTML in the Name field, which prevents the main.php form from being loaded.

10/29/2003

CVE-2003-1189

Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors.

10/29/2003

CVE-2003-1186

Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header.

10/29/2003

CVE-2003-1183

The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access.

10/28/2003

CVE-2003-1151

Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attackers to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page.

10/28/2003

CVE-2003-1150

Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors.

10/27/2003

CVE-2003-1149

Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page.

10/27/2003

CVE-2003-1140

Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file.

10/27/2003

CVE-2003-1139

Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file.

10/27/2003

CVE-2003-1138

The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).

10/27/2003

CVE-2003-1137

Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to read files or execute arbitrary CGI scripts via a GET request that contains an asterisk (*) wildcard character.

10/27/2003

CVE-2003-1060

The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference.

10/27/2003

CVE-2003-1181

Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function.

10/25/2003

CVE-2003-1148

Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter to (1) config.inc.php or (2) new-visitor.inc.php in common/visiteurs/include/.

10/25/2003

CVE-2003-1136

Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook 1.51 allows remote attackers to inject arbitrary web script or HTML via (1) HTML in a posted message or (2) Javascript in an onmouseover attribute in an e-mail address or URL.

10/23/2003

CVE-2003-0757

Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet.

10/20/2003

CVE-2003-0756

Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the selectedpage parameter.

10/20/2003

CVE-2003-0755

Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command.

10/20/2003

CVE-2003-0754

nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication.

10/20/2003

Security News 103741 - 103760 of 111157
First | Prev. | 5186 5187 5188 5189 5190 | Next | Last All
Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015