|
Security Bulletins
Latest Malware Updates
Downloader.Busadom!g102/27/2015Infostealer.Posteal02/26/2015Downloader.Busadom02/26/2015Trojan.Ladocosm02/26/2015SONAR.SuspDocRun02/25/2015SONAR.SuspHelpRun02/25/2015W32.Tempedreve.D!inf02/25/2015SONAR.PUA!AlnadInsta02/25/2015SONAR.Infostealer!g502/25/2015SONAR.Infostealer!g402/25/2015 |
Security News
CVE-2005-0135The unw_unwind_to_user function in unwind.c on Itanium (ia64) architectures in Linux kernel 2.6 allows local users to cause a denial of service (system crash). 05/02/2005CVE-2005-0133ClamAV 0.80 and earlier allows remote attackers to cause a denial of service (clamd daemon crash) via a ZIP file with malformed headers. 05/02/2005CVE-2005-0127Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine. 05/02/2005CVE-2005-0126ColorSync on Mac OS X 10.3.7 and 10.3.8 allows attackers to execute arbitrary code via malformed ICC color profiles that modify the heap. 05/02/2005CVE-2005-0125The "at" commands on Mac OS X 10.3.7 and earlier do not properly drop privileges, which allows local users to (1) delete arbitrary files via atrm, (2) execute arbitrary programs via the -f argument to batch, or (3) read arbitrary files via the -f argument to batch, which generates a job file that is readable by the local user. 05/02/2005CVE-2005-0121Multiple buffer overflows in golddig 2.0 and earlier allow local users to execute arbitrary code via (1) a long map name command line argument or (2) a long username as recorded in the USER environment variable. 05/02/2005CVE-2005-0120helvis 1.8h2_1 and earlier allows local users to delete arbitrary files via the elvprsv setuid program. 05/02/2005CVE-2005-0119helvis 1.8h2_1 and earlier allows local users to recover and read the files of other users via the elvrec setuid program. 05/02/2005CVE-2005-0118helvis 1.8h2_1 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users. 05/02/2005CVE-2005-0093** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. 05/02/2005CVE-2005-0091Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls. 05/02/2005CVE-2005-0090A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash). 05/02/2005CVE-2005-0089The SimpleXMLRPCServer library module in Python 2.2, 2.3 before 2.3.5, and 2.4, when used by XML-RPC servers that use the register_instance method to register an object without a _dispatch method, allows remote attackers to read or modify globals of the associated module, and possibly execute arbitrary code, via dotted attributes. 05/02/2005CVE-2005-0088The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL. 05/02/2005CVE-2005-0086Heap-based buffer overflow in less in Red Hat Enterprise Linux 3 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file, as demonstrated using the UTF-8 locale. 05/02/2005CVE-2005-0084Buffer overflow in the X11 dissector in Ethereal 0.8.10 through 0.10.8 allows remote attackers to execute arbitrary code via a crafted packet. 05/02/2005CVE-2005-0083MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference. 05/02/2005CVE-2005-0080The 55_options_traceback.dpatch patch for mailman 2.1.5 in Ubuntu 4.10 displays a different error message depending on whether the e-mail address is subscribed to a private list, which allows remote attackers to determine the list membership for a given e-mail address. 05/02/2005CVE-2005-0079Buffer overflow in xtrlock 2.0 allows local users to cause a denial of service (application crash) and hijack the desktop session. 05/02/2005CVE-2005-0078The KDE screen saver in KDE before 3.0.5 does not properly check the return value from a certain function call, which allows attackers with physical access to cause a crash and access the desktop session. 05/02/2005Security News 145461 - 145480 of 156797 First | Prev. | 7272 7273 7274 7275 7276 | Next | Last |
Security Advisories Database
Remote Code Execution Vulnerability in Microsoft OpenType Font DriverA remote attacker can execute arbitrary code on the target system. 07/21/2015Multiple Vulnerabilities in Linux kernel03/04/2015SQL Injection Vulnerability in PiwigoSQL inection vulnerability has been discovered in Piwigo. 02/05/2015Cross-site Scripting Vulnerability in DotNetNukeA cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke. 02/05/2015Cross-site Scripting Vulnerability in Hitachi Command SuiteA cross-site scripting vulnerability was found in Hitachi Command Suite. 02/02/2015Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk HandlingAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-ForwardsAn attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"An attacker can perform a denial of service attack. 01/30/2015Denial of service vulnerability in Linux Kernel spliceAn attacker can perform a denial of service attack. 01/29/2015Denial of service vulnerability in Python Pillow Module PNG Text Chunks DecompressionAn attacker can perform a denial of service attack. 01/20/2015 |
The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
