Cross-site scripting (XSS) vulnerability in search.php in PHP Classifieds 6.18, 6.20, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchword par...

Linux kernel before 2.6.13 allows local users to cause a denial of service (crash) via a dio transfer from the sg driver to memory mapped (mmap) IO space.

The SCTP-netfilter code in Linux kernel before 2.6.16.13 allows remote attackers to trigger a denial of service (infinite loop) via unknown vectors that cause an invalid SCTP chunk size to be processe...

ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference.

The sys_add_key function in the keyring code in Linux kernel 2.6.16.1 and 2.6.17-rc1, and possibly earlier versions, allows local users to cause a denial of service (OOPS) via keyctl requests that add...

Format string vulnerability in ANSI C Sender Policy Framework library (libspf) before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifier...

Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length valu...

sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet lengt...

The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a traili...

Multiple buffer overflows in abc2ps before 1.3.3 allow user-assisted attackers to execute arbitrary code via crafted ABC music files.

Buffer overflow in the ILASM assembler in the Microsoft .NET 1.0 and 1.1 Framework might allow user-assisted attackers to execute arbitrary code via a .il file that calls a function with a long name.

Buffer overflow in calloc.c in the Microsoft Windows XP SP2 ntdll.dll system library, when used by the ILDASM disassembler in the Microsoft .NET 1.0 and 1.1 SDK, might allow user-assisted attackers to...

/sbin/passwd in HP-UX B.11.00, B.11.11, and B.11.23 before 20060326 "does not recover gracefully from some error conditions," which allows local users to cause a denial of service.

Multiple cross-site scripting (XSS) vulnerabilities in MH Software Connect Daily Web Calendar Software 3.2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) calen...

Cross-site scripting (XSS) vulnerability in PHPKIT 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the error parameter to include.php, possibly due to a problem in login/logi...

base_maintenance.php in Basic Analysis and Security Engine (BASE) before 1.2.4 (melissa), when running in standalone mode, allows remote attackers to bypass authentication, possibly by setting the sta...

Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or ADP) stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in ...

PHP remote file inclusion vulnerability in includes/functions_install.php in Virtual War (VWar) 1.5.0 R11 and earlier allows remote attackers to include and execute arbitrary PHP code via a URL in the...

Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that cau...

Cross-site scripting (XSS) vulnerability in MediaWiki before 1.5.8 and 1.4.15 allows remote attackers to inject arbitrary web script or HTML via crafted encoded links.

Directory traversal vulnerability in index.php in ViHor Design allows remote attackers to read arbitrary files via the page parameter.

Multiple cross-site scripting (XSS) vulnerabilities in index.php in ViHor Design allow remote attackers to inject arbitrary web script or HTML via (1) a remote URL in the page parameter, which is proc...

Cross-site scripting (XSS) vulnerability in dir.php in Explorer XP allows remote attackers to inject arbitrary web script or HTML via the chemin parameter. NOTE: it is possible that this issue is resu...

Directory traversal vulnerability in dir.php in Explorer XP allows remote attackers to read arbitrary files via the chemin parameter.