BL4s SMTP server versions less than 0.1.5 suffers from a flaw that can allow remote attacker to cause a denial of service or execute arbitrary code due to a buffer overflow in the SMTP service.
99261d09b996c6e2db11f243f986cb42f1fa42ed71d2b262cada4e5389f00d47
Invision Power Board 2.1.4 SQL injection in func_msg.php exploit.
b35e8803e4ad5242d872d623728a37554dd4632c7e35bb4ec895a48a77d65f67
A paper discussing the various vulnerabilities in DNS: "The vulnerabilities described in this advisory affect implementations of the Domain Name System (DNS) protocol. Many vendors include support for this protocol in their products and may be impacted to varying degrees, if at all."
d5c3453b8775ce662de82820c87934d3586b2daf744da4869731b0767a4a765a
RFIDIOt is a python library for exploring RFID devices. It currently drives a specific RFID reader made by ACG, called the HF Dual ISO Reader. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
0abfcd4ef2ced12418a67f696cb697dc8fd1d9d45de528c0681c56ae7119ca91
CoolMenus Event suffers from a remote file inclusion vulnerability. POC included.
c9d67d9b0ea47e1c5f547120ec105f0df4485bb5140b7528685506acadf3fe00
Artmedic Event suffers from a remote file inclusion vulnerability. POC included.
077c4928d96b80ba46e9d5413980945c81c426c4a61a1b4da83bcf6f1311bf80
Description of a Yahoo! Mail XSS vulnerability that has been patched silently by Yahoo.
49be6d3832e58169091bb8bd1a3af60369ca7fd7e23a79e16dee47991ca06fc3
I-RATER Platinum suffers from a remote file inclusion vulnerability. POC included.
66d7dc8c07f4455c9d40751cb297d9e5094805ceccde0090e27fa08be5a80805
Secunia Research 28/04/2006 - Servant Salamander unacev2.dll Buffer Overflow Vulnerability - Secunia Research has discovered a vulnerability in Servant Salamander, which can be exploited by malicious people to compromise a user's system.
f652fcd564524b621f1cee3d74f4f0a21942f1b4b1f93a12381f5d8356ae006a
[ECHO_ADV_31$2006] Sws Web Server 0.1.7 Strcpy() & Syslog() Format String Vulnerability. A format string vulnerability in Sws Web Server allows remote attackers to cause the program to execute arbitrary. The format string vulnerability and buffer overflow can be found in sws_web_server.c ayardosyasi.h file.
f8646aeecd77b8cbcd678f4cf8a66b6822ed939407bb6c8c805b6299c63bd614
Neomail suffers from XSS in Neomail.pl.
f12e48e9d70135ab7131651b0fcc46961410e7e1885d87c88227508cc82d6e0d
Cireos Portal from SirceOS suffers from XSS in buscar.php.
169593e65366f35f19f969828b67320a1a5f9e01937f74356a6ed66526c26adf
There is a vulnerability exists in WinISO and UltraISO, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability has been confirmed in version WinISO 5.3,UltraISO V8.0.0.1392, PowerISO v2.9,Magic ISO 5.0 Build 0166
71af3606163dc754a646b1ae9fe7da5983c7be7d2835bd08dc5f40059c5be068
Microsoft Internet Explorer suffers from a potential user interaction race in its handling of security dialogs. As a result, it may be possible for a malicious web site to install software on a visiting system or take other actions that may compromise the privacy or the security of the visitor.
2e80f78b30be81e611a091caa94ab96e849742fa4ccfafa6ca94c1f6bd9cb89f
eEye Digital Security has discovered a critical vulnerability in Juniper Networks SSL-VPN Client ActiveX Control. JuniperSetup.ocx ActiveX control is automatically loaded through the web interface of Juniper Networks SSL-VPN. There is an exploitable buffer overflow in the handling a parameter of ActiveX control that will allow a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code though the web browser.
ae91c48bc6230bd6f8a1f277d0928e54cb08c88233c50af6a00fc28ae3d57404
Open Bulletin Board suffers from multiple XSS and SQL injection vulnerabilities.
d3fee9252fa517b97f432351ede590dce498caba98f8504309eb92ac4b8e139d
Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack. A malicious user may be able to send crafted packets to a concentrator which may cause the device to halt and/or drop user connections. The power must then be reset on the device to recover.
e03f528adcfde374db304956080fda8b73d48836f3835c1b5011ddf389ebcb4c
MySmartBB v1.1.x suffers from SQL injection and XSS.
c0985406bbf1ec97555373249ec9cabd96f14826fb71a9e07111d44a95170d0c
DevBB versions less than or equal to 1.0.0 suffer from XSS.
acb9af4df47311a50014b69491af9568cff581cb65eb06f627563fa273c91ad3
Secunia Research 26/04/2006 - SpeedProject Products ACE Archive Handling Buffer Overflow: Secunia Research has discovered a vulnerability in various SpeedProject products, which can be exploited by malicious people to compromise a user's system.
eb48fcd8d4efd5cd002dce6a626ef809a2bc31b7ea9d31354d46bee0d36b2213
eVuln ID: EV0125 - warforge.NEWS SQL Injection and Multiple XSS Vulnerabilities.
106d635e3a71f8c60a3e6faf2e38fe7f2866b945027d44c71d8a69dfdd002665
HPSBMA02113 SSRT061148 rev.1 - HP Oracle for OpenView (OfO) Critical Patch Update April 2006: Oracle(R) has issued a Critical Patch Update which contains solutions for a number of potential security vulnerabilities. These vulnerabilities may be exploited locally or remotely to compromise the confidentiality, availability or integrity of Oracle for OpenView (OfO).
863d6b0838da3a62db08d3423a378b026358c3a5b663c0b72c7dd9680e10e223
HPSBUX02075 SSRT051074 rev.4 - HP-UX Running xterm Local Unauthorized Access: A potential security vulnerability has been identified with HP-UX running xterm. The vulnerability could be exploited by a local user to gain unauthorized access.
51e4cde9cd57544ba96cc38922cd56e25abdcaaeb865f2be7c99261f8c148ea9
HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution of Arbitrary Code
8b5495d81f7480de2b5bf6cfb215e510e38b24196e87c3bdc86d72a7e73291b0
ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla/Firefox web browser and Thunderbird e-mail client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious e-mail.
70ec9a4add873515b39c5531866ba5b0da716b3456083b4b73454101b5fb0135