| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| SQL injection vulnerability in index.php in News2Net 3.0.0.0 allows remote attackers to execute arbitrary SQL commands via the category parameter. |
| SQL injection vulnerability in in the authenticate function in MailWatch for MailScanner 1.0.2 allows remote attackers to execute arbitrary SQL commands. |
| Cross-site scripting (XSS) vulnerability in login.asp in Ringtail CaseBook 6.1.0 allows remote attackers to inject arbitrary web script or HTML via the users parameter. |
| Unspecified vulnerability in HP OpenVMS Integrity 8.2-1 and 8.2, and OpenVMS Alpha 7.3-2 and 8.2, allows local users to cause a denial of service. |
| SQL injection vulnerability in index.php in PHPCafe.net Tutorials Manager 1.0 Beta 2 allows remote attackers to execute arbitrary SQL commands via the id parameter. |
| Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string. |
| Frisk F-Prot Antivirus allows remote attackers to bypass protection via a ZIP file with a version header greater than 15, which prevents F-Prot from decompressing and analyzing the file. |
| Cross-site scripting (XSS) vulnerability in Ar-blog 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via a blog comment. |
| Buffer overflow in swcons in IBM AIX 5.2, when debug malloc is enabled, allows remote attackers to cause a core dump and possibly execute arbitrary code. |
| attachment_send.php in Cerberus Helpdesk allows remote attackers to view attachments and tickets of other users via a modified file_id parameter. |
| Buffer overflow in the IMAP daemon in Ipswitch Collaboration Suite 2006.02 and earlier allows remote authenticated users to execute arbitrary code via a long FETCH command. |
| Race condition in do_coredump in signal.c in Linux kernel 2.6 allows local users to cause a denial of service by triggering a core dump in one thread while another thread has a pending SIGSTOP. |
| Buffer overflow in KETM 0.0.6 allows local users to execute arbitrary code via unknown vectors. |
| SQL injection vulnerability in phpBB 2 before 2.0.18 allows remote attackers to execute arbitrary SQL commands via the topic type. |
| A "missing request validation" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs. |
| Cross-site scripting (XSS) vulnerability in forum.php in PhpWebThings 1.4.4 allows remote attackers to inject arbitrary web script or HTML via the forum parameter. |
| content.php in Mambo 4.5.2 through 4.5.2.3 allows remote attackers to obtain the installation path of the application via a URL that causes the application to return an error. |
| Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors. |
| (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.2_08, 1.4.2_09, and 1.5.0_05 and possibly other versions allow remote attackers to cause a denial of service (JVM unresponsive) via a crafted serialized object, such as a font object as demonstrated on JBoss. |
| SQL injection vulnerability in memberlist.php in WSN Forum 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter in a profile action. |
