Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.

srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of ...

Unspecified vulnerability in Apple Safari allows local users to obtain sensitive information (saved keychain passwords) via the document.loginform.password.value JavaScript parameter loaded from an Ap...

CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earli...

The random number feature in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, (1) does not properly seed pools when there is no entropy, or (2) uses an incorrect cast when extracting e...

Multiple cross-site scripting (XSS) vulnerabilities in the (1) Manager and (2) Host Manager web applications in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.36, 5.0.0 through 5.0.30, 5.5.0 thr...

Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obta...

Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic...

Cross-zone scripting vulnerability in the DOM templates (domplates) used by the console.log function in the Firebug extension before 1.04 for Mozilla Firefox allows remote attackers to bypass zone res...

Cross-site scripting (XSS) vulnerability in search.php in SonicBB 1.0 allows remote attackers to inject arbitrary web script or HTML via the part parameter.

The ipv6_getsockopt_sticky function in the kernel in Red Hat Enterprise Linux (RHEL) Beta 5.1.0 allows local users to obtain sensitive information (kernel memory contents) via a negative value of the ...

The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows ...

Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed...

Multiple cross-site scripting (XSS) vulnerabilities in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to inject arbitrary web script or HTML via (1) the QUERY_STRING corresponding ...

Multiple directory traversal vulnerabilities in aBitWhizzy allow remote attackers to list arbitrary directories via a .. (dot dot) in the d parameter to (1) whizzery/whizzypic.php or (2) whizzery/whiz...

suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perform unauthorized oper...

Cross-site scripting (XSS) vulnerability in an mt import in wp-admin/admin.php in WordPress 2.1.2 allows remote authenticated administrators to inject arbitrary web script or HTML via the demo paramet...

pam_console does not properly restore ownership for certain console devices when there are multiple users logged into the console and one user logs out, which might allow local users to gain privilege...

TrueCrypt before 4.3, when set-euid mode is used on Linux, allows local users to cause a denial of service (filesystem unavailability) by dismounting a volume mounted by a different user.

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level is...

\Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using ...

Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption V12.0L10, V12.0L10A, V12.0L10B, V12.0L20 and V13.0.0 allows local users to obtain sensitive information by extracting the decoding p...

The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton...

Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, ...