SugarCRM Community Edition versions 6.5.26 and below suffer from multiple remote SQL injection vulnerabilities.
bc4cc7bf63d53a27a1eb576d08fe29628ea8da32f5518c5c866e31065558a8a7
IBM Informix DB-Access utility is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. The vulnerability is triggered by providing an overly long file parameter value inside a LOAD statement, which is used to insert data from an operating-system file into an existing table or view. Version 12.10 is affected.
7242df27de9624e0c0b57ed3ef055069c110005a841ad63815fe50406c581c74
IBM DB2 versions 9.7, 10.1, 10.5, and 11.1 suffer from a command line process buffer overflow vulnerability.
9fcbc5360bbab3d3d0d5f91e96ba944fd77fa77b62d50735a37991cb02aa1f1f
google-api-php-client versions 2.1.3 and below suffer from multiple cross site scripting vulnerabilities.
8eaec32d7fdf5c15debcbc897ef52db1a3048d72036b4d43408cd00a1a64ebbf
Whitepaper called From Zero to ZeroDay Journey: Router Hacking (WRT54GL Linksys Case).
66c928dae742c5b1f66c19385575361b4ebbbe5aef56979b8945aa3f1562cf31
A few weeks ago, DefenseCode announced the remote pre-auth root access exploit for Cisco Linksys. During further research, they have discovered that other router manufacturers are also vulnerable to the same vulnerability, since the vulnerable Broadcom UPnP stack is used across multiple router vendors. Rapid7 has produced some scary numbers surrounding how many routers are affected on the Internet.
973bb983a4d13f077857f0d5faee4a6aaf7969bdaa84af71296a5aabd7a67568
A critical security vulnerability that allows a remote unauthenticated attacker to remotely execute arbitrary code under root privileges has been discovered in Broadcom's UPnP software.
a9af7d158bb390ad756245dc9d569c020c94e28b5576407cf6cf4b7fe4378cd8
Safari 4.0.2 suffers from a local buffer overflow vulnerability related to the webkit parsing of floating point numbers.
d9f549ccc385b7d7b909f34d0c726cf7b9734986d0f5f78d922e54dec9773f79
Memory corruption vulnerabilities have been discovered in NASA's Common Data Format. Versions 3.2.4 and below are affected.
d3bfdae0226b04f7084476e78657351396b5f9598a25fc61dc3d13c191fa4f96
INFIGO IS's security team has identified a critical remote buffer overflow vulnerability in the latest ICQ version (ICQ 6.0).
f15fcb7c39b1de855c85925767b7a551daaddf85fabc42a30d0971f234fc959e
A remote vanilla stack overflow vulnerability exists in the Surgemail IMAP server. The vulnerability is caused due to a boundary error in the IMAP server, when processing overly long arguments of the 'LSUB' command. The vulnerability results in a simple stack overflow condition that can be trivially exploited.
6caf1134a18b78d821475643125ddbaac4ab936cf127a25b6b9b7c01c6c4eaf2
The SOPHOS ES1000 and ES4000 Email Security Appliances suffer from a cross site scripting vulnerability.
123b619e25aff04e8e4059347592ab523fc7b2fc5ae0e69d4e85093667da700d
McAfee E-Business Server versions 8.5.2 and below pre-authentication denial of service exploit.
9fdbf08d12eca23e24b5da2766dfaa3afb090a14d10501e4f61f1a490950b23d
INFIGO IS Security Advisory #ADV-2008-01-06 - The McAfee E-Business Server versions 8.5.2 and below suffer from a pre-authentication code execution and denial of service vulnerability.
7129afa195fe0c40d1247cd6d401cf701a55ca378c31f5c79339a620eade8866
During an audit of Enterprise Security Analyzer, multiple remote buffer overflows have been discovered in the ESA server (TCP port 10616). There are various stack and heap overflows in multiple ESA requests. The vulnerability has been identified in the latest available Enterprise Security Analyzer v2.5. Previous versions are believed to be vulnerable as well.
7cfad04c205329f1f36fe4c6cad33a97921cb4da56226e103ba111b14bd847cd
Proof of concept remote exploit for the MDaemon POP3 preauth buffer overflow. MDaemon versions 8 and 9 are susceptible to this.
e36d9a6cd5875ac91dfbfc8be90a0ef092197e21924979c6115982c649be0d8b
During an audit, a critical vulnerability has been discovered in the MDaemon POP3 server. There is a buffer overflow vulnerability in 'USER' and 'APOP' command processing part of the Altn MDaemon POP3 server. The vulnerability can be triggered with providing a long string to USER or APOP commands with '@' characters included in the string. In this case, MDaemon will incorectly process the string and a heap overflow will happen as a result. To trigger the vulnerability, a few USER commands have to be sent to the POP3 Server. Sometimes (depending on the heap state and string length), it is even possible to redirect code execution directly to the supplied input buffer on the heap. MDaemon versions 8 and 9 are confirmed vulnerable.
d5c9043c3a5da6e06fbb9448e0ee6aac59f636527f57112ed1d576f7218e753d
INFIGO IS Security Advisory #ADV-2006-05-03 - New vulnerabilities have been discovered in ArgoSoft FTP server version 1.4.3.6, Golden FTP server version 2.70, FileZilla version 2.2.22, and WarFTP Daemon / Guild FTP server version 0.999.13.
f7e189f0655ec928de2b27d398b63004754ae6497a019f787feea012621c36f3
Winamp is vulnerable to a buffer overflow vulnerability when processing ID3v2 tags of mp3 files. To exploit this vulnerability, a user has to add malformed mp3 file to the Winamp playlist, and play it. The vulnerability was tested on Winamp versions 5.03a, 5.09 and 5.091.
883ada7f9612a1df12849639513fc5cefa2acdd94f5c6810f9f84e4a64a6a23c
LSS Security Advisory #LSS-2005-06-06 - Crob FTP server versions 3.6.1 and below suffer from various remote buffer overflows.
c87f455adf3a1de29ab1bbd59e257815a8b6261cf9e1c2be3b87a1d648f5b816
LSS Security Advisory #LSS-2005-06-07 - Popper webmail is susceptible to a remote code inclusion bug in childwindow.inc.php that allows for remote command execution.
df5832afc053b6a437f0df4c9905733d31fb35594d529c89550ba0a5fb3cc1c2
Exploit for the Ethereal IAPP dissector remote buffer overflow vulnerability. All versions that have support for the IAPP dissector are affected up to version 0.10.9.
526f33ba2f77710943103bc1d05b2c8a140887ea702b11aa53b942fa083849f1
LSS Security Advisory #LSS-2005-03-05 - There is a buffer overflow vulnerability in the Ethereal IAPP dissector. All versions that have support for the IAPP dissector are affected up to version 0.10.9.
63b1cc3f3155d1879b4735aff3a5831a2bec847f7be9ce147c4a43a685e19f09
Exploit for the Ethereal 3G-A11 dissector remote buffer overflow vulnerability. All versions that have support for the 3G-A11 dissector are affected up to version 0.10.9.
5630433d3aa4230867dbe25c72e8a8b0ce98dc61d46e9b0142eb5e80726e7c18
There is remote buffer overflow vulnerability in the Ethereal dissector for CDMA2000 A11 packets. All versions that have support for the 3G-A11 dissector are affected up to version 0.10.9.
d279201e64f7d7ea4798aa76b9407af0207f59dbc661865a44c9f8a85e63ef5c