The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015

CVE Database

CVE-2003-0970

The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled.

12/15/2003

CVE-2003-0968

Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute.

12/15/2003

CVE-2003-0967

rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute.

12/15/2003

CVE-2003-0962

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

12/15/2003

CVE-2003-0961

Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.

12/15/2003

CVE-2003-0960

OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates.

12/15/2003

CVE-2003-0955

OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow.

12/15/2003

CVE-2003-0951

Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.

12/15/2003

CVE-2003-0950

PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file.

12/15/2003

CVE-2003-0948

Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.

12/15/2003

CVE-2003-0947

Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.

12/15/2003

CVE-2003-0946

Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command.

12/15/2003

CVE-2003-0945

The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities.

12/15/2003

CVE-2003-0944

Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.

12/15/2003

CVE-2003-0943

web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm).

12/15/2003

CVE-2003-0942

Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa.

12/15/2003

CVE-2003-0941

web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa.

12/15/2003

CVE-2003-0940

Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.

12/15/2003

CVE-2003-0939

eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which prevents the server from NULL terminating the string and leads to a buffer overflow.

12/15/2003

CVE-2003-0938

vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure.

12/15/2003

CVE Database 103581 - 103600 of 111157
First | Prev. | 5178 5179 5180 5181 5182 | Next | Last

Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015