About site: Software/Operating Systems/Unix/BSD/FreeBSD - FreeBSD VuXML
Return to Computers also Computers
  About site: http://www.vuxml.org/freebsd/

Title: Software/Operating Systems/Unix/BSD/FreeBSD - FreeBSD VuXML Documenting security issues in FreeBSD and the FreeBSD Ports Collection.
The_Association_for_Multimedia_Communications The AMC promotes interactive multimedia on the Internet.

SYSTOR\'s_SAM_Security_Software Security Administration Manager (SAM) is a family of software, much of which supports the mainframe. SYSTOR also provides consulting, system integration and outsourcing.

RFC_2915 The Naming Authority Pointer (NAPTR) DNS Resource Record. M. Mealling, R. Daniel. September 2000.

Screen-Savers_com One of the Net's best free sites for quality screen savers, with new screen savers added weekly.

Duplication_Masters Media silk-screening, CD-ROM replication and CD-R duplication, as well as turnkey assembly, storage and product fulfillment.

DLX_(deLuxe) Instructions: R-, I-, J-Types. WinDLX download. WinDLX opcodes. DLX architecture diagram; Assembly examples: division by subtraction.

  Alexa statistic for http://www.vuxml.org/freebsd/





Get your Google PageRank






Please visit: http://www.vuxml.org/freebsd/
  Related sites for http://www.vuxml.org/freebsd/
    Bris_SourceHelper SourceSafe add-on that extends VSS functionality. It enables you to specify actions and run them at any time, and to search the repository for information.
    PhotoTiled_Pictures Photomosaic composed of many photo pictures with an explanation of the process of creating them. Review of programs phototile photomontage and retriever.
    RFC_1563 The Text/Enriched MIME Content-Type. N. Borenstein. January 1994.
    Dennis_Tester Specializing in the design and development of interactive web-based learning systems.
    Alan\'s_Excel_Page Alan Barasch's guide to Microsoft Excel. A collection of macros, formulas, and links.
    Right_Wing_Smackdown_Game Right Wing Smackdown Game. The game for the whole violent leftist family. For any unix command line, including OS X.
    University_of_Southern_Queensland_-_Department_of_Mathematics_and_Computing Courses, programs, staff, schedules, and research.
    Death_Fall Site providing the latest 3D graphics news, plus features, tutorials, galleries and forums.
    MeetingWorks Electronic meeting products and services for every company. Conduct your meetings any time and from any place.
    Pocket_PC_Techs Offering memory upgrade services for all HP / Compaq iPAQ models. Onboard RAM on some iPAQ units can be increased to a maximum of 256mb.
    Sending_Email_with_ASP+_by_Christoph_Wille Demonstrates how to send email via ASP+: from plain to HTML mail and attachments. (September 18, 2000)
    Free_Wallpaper_Zone Images of lighthouse, bikinis, cities, Christmas, and others.
    DilSoft_Freeware_Solutions Various compilers and other utilities.
    High-Performance_Erlang__HiPE Research project, goal: efficiently implement the concurrent functional language Erlang; now part of Ericsson Erlang/OTP system. Open source. Uppsala University.
    Kyric_Corporation CD replication, CD-R duplication, tape duplication and blank CD-Rs and tapes.
    Netspace_Web_Solutions Offers design and e-business consulting. Located in Manchester, United Kingdom.
    dynet Offers site design and hosting.
    TryBuySoftware_co_uk Large UK based repository of the latest freeware, shareware and try before you buy software. Advanced search tools and category lists. Authors may submit online via PAD file.
    UnionSites_com Offers design and hosting at set package rates.
    IllumiRate_com Editors can rate and review every site in the directory, so a range of opinions may be given on any listing. Carries advertising.
This is websites2007.org cache of m/ as retrieved on 2008.10.08 websites2007.org's cache is the snapshot that we took of the page as we crawled the web. The page may have changed since that time.
FreeBSD VuXML - entry date index

FreeBSD VuXML

Documenting security issues in FreeBSD and the FreeBSD Ports CollectionSecurity issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:in the FreeBSD Ports Collection repository, path ports/security/vuxml/vuln.xmlas a local copyas a local copy, compressed with bzip2Please report security issues to the FreeBSD Security Team at <security-team@FreeBSD.org>. Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.

entry date index

[by package name][by topic][by CVE name][by entry date][by modified date][by VuXML ID]EnteredTopic2008-10-01mplayer -- multiple integer overflowsmysql -- command line client input validation vulnerability2008-09-27lighttpd -- multiple vulnerabilities2008-09-26bitlbee -- account recreation security issues2008-09-24mozilla -- multiple vulnerabilities2008-09-23phpmyadmin -- Cross-Site Scripting Vulnerabilityproftpd -- Long Command Processing Vulnerabilitysquirrelmail -- Session hijacking vulnerability2008-09-19gallery -- multiple vulnerabilities2008-09-17phpmyadmin -- Code execution vulnerability2008-09-14twiki -- Arbitrary code execution in session files2008-09-12clamav -- CHM Processing Denial of Serviceneon -- NULL pointer dereference in Digest domain support2008-09-11horde -- multiple vulnerabilities2008-09-10mysql -- MyISAM table privileges secuity bypass vulnerabilitypython -- multiple vulnerabilitiesrubygem-rails -- SQL injection vulnerabilitywordpress -- remote privilege escalation2008-09-05FreeBSD -- amd64 swapgs local privilege escalationFreeBSD -- nmount(2) local arbitrary code executionFreeBSD -- Remote kernel panics on IPv6 connections2008-08-25opera -- multiple vulnerabilities2008-08-21gnutls -- "gnutls_handshake()" Denial of Service2008-08-20joomla -- flaw in the reset token validation2008-08-19cdf3 -- Buffer overflow vulnerability2008-08-18drupal -- multiple vulnerabilities2008-08-16ruby -- DNS spoofing vulnerabilityruby -- DoS vulnerability in WEBrickruby -- multiple vulnerabilities in safe level2008-08-15Bugzilla -- Directory Traversal in importxml.pl2008-08-07openvpn-devel -- arbitrary code execution2008-07-18phpmyadmin -- cross site request forgery vulnerabilites2008-07-13drupal -- multiple vulnerabilitiesFreeBSD -- DNS cache poisoning2008-07-09poppler -- uninitialized pointer2008-07-04py-pylons -- Path traversal bug2008-07-03FreeType 2 -- Multiple Vulnerabilities2008-07-01fetchmail -- potential crash in -v -v verbose mode (revised patch)2008-06-28phpmyadmin -- Cross Site Scripting Vulnerabilities2008-06-24apache -- multiple vulnerabilities2008-06-22php -- input validation error in safe_mode2008-06-21ruby -- multiple integer and buffer overflow vulnerabilitiesvim -- Vim Shell Command Injection Vulnerabilities2008-06-20fetchmail -- potential crash in -v -v verbose mode2008-06-15xorg -- multiple vulnerabilities2008-06-14moinmoin -- superuser privilege escalation2008-06-13Courier Authentication Library -- SQL Injection2008-06-01ikiwiki -- cleartext passwords2008-05-31ikiwiki -- empty password security hole2008-05-30linux-flashplugin -- unspecified remote code execution vulnerability2008-05-28Nagios -- Cross Site Scripting Vulnerability2008-05-27spamdyke -- open relay2008-05-21peercast -- arbitrary code execution2008-05-17libvorbis -- various security issues2008-05-14django -- XSS vulnerability2008-05-11vorbis-tools -- Speex header processing vulnerability2008-05-08qemu -- "drive_init()" Disk Format Security Bypass2008-05-07swfdec -- exposure of sensitive information2008-05-02mt-daapd -- integer overflowsdl_image -- buffer overflow vulnerabilities2008-04-26gnupg -- memory corruption vulnerability2008-04-25extman -- password bypass vulnerabilityfirefox -- javascript garbage collector vulnerabilitymailman -- script insertion vulnerabilitymksh -- TTY attachment privilege escalationopenfire -- unspecified denial of servicephp -- integer overflow vulnerabilitypng -- unknown chunk processing uninitialized memory accesspython -- Integer Signedness Error in zlib Moduleserendipity -- multiple cross site scripting vulnerabilities2008-04-24libxine -- array index vulnerabilityphpmyadmin -- Shared Host Information Disclosurephpmyadmin -- Username/Password Session File Information Disclosurepostgresql -- multiple vulnerabilities2008-04-15clamav -- Multiple Vulnerabilities2008-04-13ikiwiki -- cross site request forginglighttpd -- OpenSSL Error Queue Denial of Service Vulnerability2008-04-06postfix-policyd-weight -- working directory symlink vulnerability2008-04-05opera -- multiple vulnerabilitiespowerdns-recursor -- DNS cache poisoningsuphp -- multiple local privilege escalation vulnerabilities2008-03-30mozilla -- multiple vulnerabilities2008-03-26silc -- pkcs_decode buffer overflow2008-03-20bzip2 -- crash with certain malformed archive files2008-03-11qemu -- unchecked block read/write vulnerability2008-03-10dovecot -- security hole in blocking passdbs2008-03-06mplayer -- multiple vulnerabilities2008-03-05ghostscript -- zseticcspace() function buffer overflow vulnerability2008-03-04phpmyadmin -- SQL injection vulnerability2008-02-29pcre -- buffer overflow vulnerability2008-02-26libxine -- buffer overflow vulnerability2008-02-25coppermine - multiple vulnerabilitiesmoinmoin - multiple vulnerabilities2008-02-22mozilla -- multiple vulnerabilitiesopenldap -- modrdn Denial of Service vulnerabilityopera -- multiple vulnerabilities2008-02-15clamav -- ClamAV libclamav PE File Integer Overflow Vulnerability2008-02-12cacti -- Multiple security vulnerabilities have been discovered2008-02-11ikiwiki -- javascript insertion via uris2008-02-09zenphoto -- XSS vulnerability2008-02-04jetty -- multiple vulnerability2008-01-29libxine -- buffer overflow vulnerability2008-01-23xorg -- multiple vulnerabilities2008-01-22claws-mail -- insecure temporary file creationxfce -- multiple vulnerabilities2008-01-19IRC Services-- Denial of Service Vulnerabilitylibxine -- buffer overflow vulnerability2008-01-15geeklog xss vulnerability2008-01-11drupal -- cross site request forgerydrupal -- cross site scripting (register_globals)drupal -- cross site scripting (utf8)2008-01-10maradns -- CNAME record resource rotation denial of service2008-01-04linux-realplayer -- multiple vulnerabilities2008-01-03linux-flashplugin -- multiple vulnerabilities2007-12-29dovecot -- Specific LDAP + auth cache configuration may mix up user logins2007-12-25gallery2 -- multiple vulnerabilities2007-12-20e2fsprogs -- heap buffer overflow2007-12-19opera -- multiple vulnerabilitiespeercast -- buffer overflow vulnerabilitywireshark -- multiple vulnerabilities2007-12-17ganglia-webfrontend -- XSS vulnerabilities2007-12-12drupal -- SQL injection vulnerabilityqemu -- Translation Block Local Denial of Service Vulnerabilitysamba -- buffer overflow vulnerabilitysmbftpd -- format string vulnerability2007-12-10jetty -- multiple vulnerabilities2007-12-08liveMedia -- DoS vulnerability2007-12-05GNU finger vulnerability2007-12-04Squid -- Denial of Service Vulnerability2007-11-28rubygem-rails -- JSON XSS vulnerability2007-11-27firefox -- multiple remote unspecified memory corruption vulnerabilitiesikiwiki -- improper symlink verification vulnerabilityrubygem-rails -- session-fixation vulnerability2007-11-21phpmyadmin -- Cross Site Scriptingsamba -- multiple vulnerabilities2007-11-16php -- multiple security vulnerabilities2007-11-13flac -- media file processing integer overflow vulnerabilitiesnet-snmp -- denial of service via GETBULK request2007-11-12mt-daapd -- denial of service vulnerabilityplone -- unsafe data interpreted as picklesxpdf -- multiple remote Stream.CC vulnerabilities2007-11-11phpmyadmin -- cross-site scripting vulnerability2007-11-09cups -- off-by-one buffer overflowgallery2 -- multiple vulnerabilitiestikiwiki -- multiple vulnerabilities2007-11-06pcre -- arbitrary code executionperl -- regular expressions unicode data buffer overflow2007-11-05gftp -- multiple vulnerabilitiesperdition -- str_vwrite format string vulnerability2007-11-04dircproxy -- remote denial of service2007-11-01wordpress -- cross-site scripting2007-10-30openldap -- multiple remote denial of service vulnerabilities2007-10-27py-django -- denial of service vulnerability2007-10-25opera -- multiple vulnerabilities2007-10-24drupal --- multiple vulnerabilities2007-10-23ldapscripts -- Command Line User Credentials Disclosure2007-10-22firefox -- OnUnload Javascript browser entrapment vulnerability2007-10-17phpmyadmin -- cross-site scripting vulnerability2007-10-16phpmyadmin -- cross-site scripting vulnerability2007-10-11nagios-plugins -- Long Location Header Buffer Overflow Vulnerabilitypng -- multiple vulnerabilities2007-10-10ImageMagick -- multiple vulnerabilities2007-10-08jdk/jre -- Applet Caching May Allow Network Access Restrictions to be Circumventedxfs -- multiple vulnerabilites2007-10-05tcl/tk -- buffer overflow in ReadImage function2007-10-04firebird -- multiple remote buffer overflow vulnerabilities2007-10-01id3lib -- insecure temporary file creation2007-09-21bugzilla -- multiple vulnerabilitiesclamav -- multiple remote Denial of Service vulnerabilitiesmediawiki -- cross site scripting vulnerabilitysamba -- nss_info plugin privilege escalation vulnerabilitywordpress -- remote sql injection vulnerability2007-09-20bugzilla -- "createmailregexp" security bypass vulnerabilitycoppermine -- multiple vulnerabilitiesopenoffice -- arbitrary command execution vulnerability2007-09-19flyspray -- authentication bypasskdm -- passwordless login vulnerabilitykonquerer -- address bar spoofingmozilla -- code execution via Quicktime media-link files2007-09-11apache -- multiple vulnerabilitiesphp -- multiple vulnerabilities2007-09-10lighttpd -- FastCGI header overrun in mod_fastcgi2007-09-05lsh -- multiple vulnerabilitiesrkhunter -- insecure temporary file creation2007-09-02fetchmail -- denial of service on reject of local warning message2007-09-01gtar -- Directory traversal vulnerability2007-08-27claws-mail -- POP3 Format String Vulnerability2007-08-21rsync -- off by one stack overflow2007-08-15opera -- Vulnerability in javascript handling2007-08-02FreeBSD -- Buffer overflow in tcpdump(1)FreeBSD -- Predictable query ids in named(8)fsplib -- multiple vulnerabilitiesjoomla -- multiple vulnerabilities2007-07-31xpdf -- stack based buffer overflow2007-07-29mutt -- buffer overflow vulnerability2007-07-28drupal -- Cross site request forgeriesdrupal -- Multiple cross-site scripting vulnerabilitiesp5-Net-DNS -- multiple Vulnerabilitiesphpsysinfo -- url Cross-Site Scripting2007-07-27vim -- Command Format String Vulnerability2007-07-26libvorbis -- Multiple memory corruption flaws2007-07-24dokuwiki -- XSS vulnerability in spellchecker backendtomcat -- multiple vulnerabilitiestomcat -- XSS vulnerability in sample applications2007-07-21lighttpd -- multiple vulnerabilities2007-07-19mozilla -- multiple vulnerabilitiesopera -- multiple vulnerabilities2007-07-18linux-flashplugin -- critical vulnerabilities2007-07-06wireshark -- Multiple problems2007-07-03typespeed -- arbitrary code execution2007-06-29gd -- multiple vulnerabilities2007-06-28flac123 -- stack overflow in comment parsing2007-06-25evolution-data-server -- remote execution of arbitrary code vulnerability2007-06-21xpcd -- buffer overflow2007-06-19clamav -- multiple vulnerabilities2007-06-18p5-Mail-SpamAssassin -- local user symlink-attack DoS vulnerabilityvlc -- format string vulnerability and integer overflow2007-06-12cups -- Incomplete SSL Negotiation Denial of Service2007-06-09c-ares -- DNS Cache Poisoning Vulnerabilitywebmin -- cross site scripting vulnerabilitywordpress -- unmoderated comments disclosurewordpress -- XMLRPC SQL Injection2007-06-07mplayer -- cddb stack overflow2007-06-05mod_jk -- information disclosure2007-06-04phppgadmin -- cross site scripting vulnerabilitytypo3 -- email header injection2007-06-01findutils -- GNU locate heap buffer overrun2007-05-24FreeType 2 -- Heap overflow vulnerability2007-05-23FreeBSD -- heap overflow in file(1)2007-05-21squirrelmail -- Cross site scripting in HTML filter2007-05-16png -- DoS crash vulnerabilitysamba -- multiple vulnerabilities2007-05-07php -- multiple vulnerabilities2007-05-01qemu - several vulnerabilities2007-04-30p5-Imager - possibly exploitable buffer overflow2007-04-28FreeBSD -- IPv6 Routing Header 0 is dangerous2007-04-24mod_perl -- remote DoS in PATH_INFO parsing2007-04-19claws-mail -- APOP vulnerability2007-04-14lighttpd -- DOS when access files with mtime 0lighttpd -- Remote DOS in CRLF parsing2007-04-13freeradius -- EAP-TTLS Tunnel Memory Leak Remote DOS Vulnerability2007-04-09fetchmail -- insecure APOP authentication2007-04-08mcweject -- exploitable buffer overflowwebcalendar -- "noSet" variable overwrite vulnerability2007-04-05zope -- cross-site scripting vulnerability2007-03-21Squid -- TRACE method handling denial of service2007-03-16samba -- format string bug in afsacl.so VFS pluginsamba -- potential Denial of Service bug in smbdsql-ledger -- security bypass vulnerability2007-03-11ktorrent -- multiple vulnerabilities2007-03-09mplayer -- DMO File Parsing Buffer Overflow Vulnerabilitytrac -- cross site scripting vulnerability2007-03-05mod_jk -- long URL stack overflow vulnerability2007-02-27bind -- Multiple Denial of Service vulnerabilitiesFreeBSD -- Jail rc.d script privilege escalationFreeBSD -- Kernel memory disclosure in firewire(4)gtar -- name mangling symlink vulnerability2007-02-26libarchive -- Infinite loop in corrupt archives handling in libarchiveOpenSSL -- Multiple problems in crypto(3)2007-02-24mozilla -- multiple vulnerabilities2007-02-21snort -- DCE/RPC preprocessor vulnerability2007-02-17php -- multiple vulnerabilitiesrar -- password prompt buffer overflow vulnerability2007-01-17joomla -- multiple remote vulnerabilities2007-01-15sircd -- remote operator privilege escalation vulnerabilitysircd -- remote reverse DNS buffer overflow2007-01-12cacti -- Multiple vulnerabilities2007-01-08mplayer -- buffer overflow in the code for RealMedia RTSP streams.2007-01-06fetchmail -- crashes when refusing a message bound for an MDAfetchmail -- TLS enforcement problem/MITM attack/password exposure2007-01-05drupal -- multiple vulnerabilitiesopera -- multiple vulnerabilities2007-01-03w3m -- format string vulnerability2006-12-27plone -- user can masquerade as a group2006-12-21proftpd -- remote code execution vulnerabilities2006-12-19bind9 -- Denial of Service in named(8)gzip -- multiple vulnerabilitiesopenssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3)2006-12-18sql-ledger -- multiple vulnerabilities2006-12-14dbus -- match_rule_equal() Weaknessevince -- Buffer Overflow Vulnerability2006-12-13tdiary -- injection vulnerabilitywv -- Multiple Integer Overflow Vulnerabilitieswv2 -- Integer Overflow Vulnerability2006-12-11tnftpd -- Remote root Exploit2006-12-07gnupg -- remotely controllable function pointerlibxine -- multiple buffer overflow vulnerabilities2006-12-04ruby -- cgi.rb library Denial of Service2006-12-02ImageMagick -- SGI Image File heap overflow vulnerabilitylibmusicbrainz -- multiple buffer overflow vulnerabilitiestdiary -- cross site scripting vulnerability2006-11-30gtar -- GNUTYPE_NAMES directory traversal vulnerabilitykronolith -- arbitrary local file inclusion vulnerability2006-11-27gnupg -- buffer overflow2006-11-14proftpd -- Remote Code Execution Vulnerabilityunzoo -- Directory Traversal Vulnerability2006-11-11bugzilla -- multiple vulnerabilities2006-11-08Imlib2 -- multiple image file processing vulnerabilities2006-11-04ruby -- cgi.rb library Denial of Service2006-10-29mysql -- database "case-sensitive" privilege escalationmysql -- database suid privilege escalationscreen -- combined UTF-8 characters vulnerability2006-10-22kdelibs -- integer overflow in khtml2006-10-21Serendipity -- XSS Vulnerabilities2006-10-20asterisk -- remote heap overwrite vulnerabilityopera -- URL parsing heap overflow vulnerability2006-10-19plone -- unprotected MembershipTool methods2006-10-18drupal -- cross site request forgeriesdrupal -- HTML attribute injectiondrupal -- multiple XSS vulnerabilitiesingo -- local arbitrary shell command execution2006-10-16clamav -- CHM unpacker and PE rebuilding vulnerabilitiesnvidia-driver -- arbitrary root code execution vulnerability2006-10-15tkdiff -- temporary file symlink privilege escalationvtiger -- multiple remote file inclusion vulnerabilities2006-10-14google-earth -- heap overflow in the KML engine2006-10-12clamav -- Multipart Nestings Denial of Service2006-10-07python -- buffer overrun in repr() for unicode stringstorrentflux -- User-Agent XSS Vulnerability2006-10-06php -- _ecalloc Integer Overflow Vulnerability2006-10-05mambo -- multiple SQL injection vulnerabilitiesmono -- "System.CodeDom.Compiler" Insecure Temporary Creationopenldap -- slapd acl selfwrite Security Issuephp -- open_basedir Race Condition Vulnerabilitytin -- buffer overflow vulnerabilities2006-10-04phpbb -- NULL byte injection vulnerability2006-10-03postnuke -- admin section SQL injection2006-10-02cscope -- Buffer Overflow Vulnerabilitiesfreetype -- LWFN Files Buffer Overflow Vulnerabilitygnutls -- RSA Signature Forgery VulnerabilityMT -- Search Unspecified XSSphpmyadmin -- XSRF vulnerabilities2006-09-30dokuwiki -- multiple vulnerabilitiesdokuwiki -- multiple vulnerabilitiesopenssh -- multiple vulnerabilitiespunbb -- NULL byte injection vulnerabilitytikiwiki -- multiple vulnerabilities2006-09-26freeciv -- Denial of Service Vulnerabilitiesfreeciv -- Packet Parsing Denial of Service Vulnerabilityplans -- multiple vulnerabilities2006-09-25eyeOS -- multiple XSS security bugs2006-09-22libmms -- stack-based buffer overflowopera -- RSA Signature Forgeryzope -- restructuredText "csv_table" Information Disclosure2006-09-15mozilla -- multiple vulnerabilities2006-09-14win32-codecs -- multiple vulnerabilities2006-09-13drupal-pubcookie -- authentication may be bypassedphp -- multiple vulnerabilities2006-09-12linux-flashplugin7 -- arbitrary code execution vulnerabilities2006-09-04mailman -- Multiple Vulnerabilities2006-09-02gtetrinet -- remote code executionhlstats -- multiple cross site scripting vulnerabilities2006-08-30joomla -- multiple vulnerabilities2006-08-23sppp -- buffer overflow vulnerability2006-08-17horde -- Phishing and Cross-Site Scripting Vulnerabilities2006-08-15globus -- Multiple tmpfile races2006-08-13alsaplayer -- multiple vulnerabilitiesmysql -- format string vulnerabilitypostgresql -- encoding based SQL injectionpostgresql -- multiple vulnerabilitiesx11vnc -- authentication bypass vulnerability2006-08-12squirrelmail -- random variable overwrite vulnerability2006-08-10rubygem-rails -- evaluation of ruby code2006-08-08clamav -- heap overflow vulnerability2006-08-02drupal -- XSS vulnerabilitygnupg -- 2 more possible memory allocation attacks2006-07-29ruby - multiple vulnerabilities2006-07-28apache -- mod_rewrite buffer overflow vulnerability2006-07-27mozilla -- multiple vulnerabilities2006-07-14zope -- information disclosure vulnerability2006-07-13drupal -- multiple vulnerabilities2006-07-11shoutcast -- cross-site scripting, information exposure2006-07-10samba -- memory exhaustion DoS in smbdtwiki -- multiple file extensions file upload vulnerability2006-07-07trac -- reStructuredText breach of privacy and denial of service vulnerability2006-07-05horde -- various problems in dereferrermambo -- SQL injection vulnerabilities2006-07-03phpmyadmin -- cross site scripting vulnerability2006-07-02webmin, usermin -- arbitrary file disclosure vulnerability2006-06-30Joomla -- multiple vulnerabilitiesmutt -- Remote Buffer Overflow Vulnerability2006-06-27hashcash -- heap overflow vulnerability2006-06-25gnupg -- user id integer overflow vulnerability2006-06-17horde -- multiple parameter cross site scripting vulnerabilities2006-06-16webcalendar -- information disclosure vulnerability2006-06-14sendmail -- Incorrect multipart message handling2006-06-11dokuwiki -- multiple vulnerabilitieslibxine -- buffer overflow vulnerability2006-06-09smbfs -- chroot escapeypserv -- Inoperative access controls in ypserv2006-06-08freeradius -- authentication bypass vulnerabilityfreeradius -- multiple vulnerabilities2006-06-05dokuwiki -- spellchecker remote PHP code executiondrupal -- multiple vulnerabilitiessquirrelmail -- plugin.php local file inclusion vulnerability2006-06-01MySQL -- Information Disclosure and Buffer Overflow VulnerabilitiesMySQL -- SQL-injection security vulnerability2006-05-23cscope -- buffer overflow vulnerabilitiesfrontpage -- cross site scripting vulnerability2006-05-22coppermine -- "file" Local File Inclusion Vulnerabilitycoppermine -- File Inclusion Vulnerabilitiescoppermine -- Multiple File Extensions Vulnerability2006-05-21phpmyadmin -- XSRF vulnerabilities2006-05-18vnc - authentication bypass vulnerability2006-05-14phpldapadmin -- Cross-Site Scripting and Script Insertion vulnerabilities2006-05-06fswiki -- XSS vulnerabilitymysql50-server -- COM_TABLE_DUMP arbitrary code execution2006-05-05awstats -- arbitrary command execution vulnerability2006-05-03clamav -- Freshclam HTTP Header Buffer Overflow Vulnerabilityfirefox -- denial of service vulnerabilityphpwebftp -- "language" Local File Inclusion2006-05-02trac -- Wiki Macro Script Insertion Vulnerability2006-05-01jabberd -- SASL Negotiation Denial of Service Vulnerability2006-04-27amaya -- Attribute Value Buffer Overflow Vulnerabilitiescacti -- ADOdb "server.php" Insecure Test Script Security Issueethereal -- Multiple Protocol Dissector Vulnerabilitieslifetype -- ADOdb "server.php" Insecure Test Script Security Issue2006-04-25asterisk -- denial of service vulnerability, local system access2006-04-23crossfire-server -- denial of service and remote code execution vulnerabilityp5-DBI -- insecure temporary file creation vulnerabilitywordpress -- full path disclosurexine -- multiple remote string vulnerabilitieszgv, xzgv -- heap overflow vulnerability2006-04-22cyrus-sasl -- DIGEST-MD5 Pre-Authentication Denial of Service2006-04-19FreeBSD -- FPU information disclosure2006-04-18plone -- "member_id" Parameter Portrait Manipulation Vulnerability2006-04-16mailman -- Private Archive Script Cross-Site Scriptingmozilla -- multiple vulnerabilities2006-04-10f2c -- insecure temporary files2006-04-07kaffeine -- buffer overflow vulnerabilitymplayer -- Multiple integer overflowsthunderbird -- javascript execution2006-04-06clamav -- Multiple Vulnerabilitiesphpmyadmin -- 'set_theme' Cross-Site Scriptingphpmyadmin -- XSS vulnerabilities2006-04-05dia -- XFig Import Plugin Buffer Overflowmediawiki -- cross site scripting vulnerabilitymediawiki -- hardcoded placeholder string security bypass vulnerabilitymod_pubcookie -- cross site scripting vulnerabilitynetpbm -- buffer overflow in pnmtopngopenvpn -- LD_PRELOAD code execution on client through malicious or compromised serverpubcookie-login-server -- cross site scripting vulnerabilitysamba -- Exposure of machine account credentials in winbind log fileszoo -- stack based buffer overflow2006-03-29freeradius -- EAP-MSCHAPv2 Authentication Bypass2006-03-28horde -- remote code execution vulnerability in the help viewer2006-03-27linux-realplayer -- buffer overrunlinux-realplayer -- heap overflow2006-03-24ipsec -- reply attack vulnerabilityOPIE -- arbitrary password changesendmail -- race condition vulnerability2006-03-21xorg-server -- privilege escalation2006-03-20curl -- TFTP packet buffer overflow vulnerabilityheimdal -- Multiple vulnerabilities2006-03-17drupal -- multiple vulnerabilities2006-03-15horde -- "url" disclosure of sensitive information vulnerabilitylinux-flashplugin -- arbitrary code execution vulnerability2006-03-12nfs -- remote denial of serviceopenssh -- remote denial of service2006-03-10GnuPG does not detect injection of unsigned data2006-03-09mplayer -- heap overflow in the ASF demuxer2006-03-04SSH.COM SFTP server -- format string vulnerability2006-03-03gtar -- invalid headers buffer overflow2006-02-27bugzilla -- multiple vulnerabilities2006-02-24squirrelmail -- multiple vulnerabilities2006-02-20abiword, koffice -- stack based buffer overflow vulnerabilitiesgedit -- format string vulnerabilityWebCalendar -- unauthorized access vulnerability2006-02-18postgresql81-server -- SET ROLE privilege escalation2006-02-17gnupg -- false positive signature verification2006-02-16heartbeat -- insecure temporary file creation vulnerabilitylibtomcrypt -- weak signature scheme with ECC keysmantis -- "view_filters_page.php" cross site scripting vulnerabilityphpbb -- multiple vulnerabilitiespostgresql -- character conversion and tsearch2 vulnerabilitiesrssh -- privilege escalation vulnerabilitysudo -- arbitrary command executiontor -- malicious tor server can locate a hidden service2006-02-15kpdf -- heap based buffer overflowperl, webmin, usermin -- perl format string integer wrap vulnerabilityphpicalendar -- cross site scripting vulnerabilityphpicalendar -- file disclosure vulnerability2006-02-14FreeBSD -- Infinite loop in SACK handlingFreeBSD -- Local kernel memory disclosureIEEE 802.11 -- buffer overflowipfw -- IP fragment denial of servicepf -- IP fragment handling panic2006-02-07kpopup -- local root exploit and local denial of service2006-01-27cpio -- multiple vulnerabilitiescvsbug -- race conditionee -- temporary file privilege escalationtexindex -- temporary file privilege escalation2006-01-23fetchmail -- crash when bouncing a messagesge -- local root exploit in bundled rsh executable2006-01-10clamav -- possible heap overflow in the UPX code2006-01-09milter-bogom -- headerless message crash2006-01-07bogofilter -- heap corruption through excessively long wordsbogofilter -- heap corruption through malformed input2006-01-04rxvt-unicode -- restore permissions on tty devices2006-01-01apache -- mod_imap cross-site scripting flaw2005-12-22nbd-server -- buffer overflow vulnerabilityscponly -- local privilege escalation exploits2005-12-19fetchmail -- null pointer dereference in multidrop mode with headerless email2005-12-14mantis -- "t_core_path" file inclusion vulnerabilitymantis -- "view_filters_page.php" cross-site scripting vulnerability2005-12-11horde -- Cross site scripting vulnerabilities in several of Horde's templateskronolith -- Cross site scripting vulnerabilities in several of the calendar name and event data fieldsmnemo -- Cross site scripting vulnerabilities in several of the notepad name and note data fieldsnag -- Cross site scripting vulnerabilities in several of the tasklist name and task data fieldsturba -- Cross site scripting vulnerabilities in several of the address book name and contact data fields2005-12-09curl -- URL buffer overflow vulnerability2005-12-07ffmpeg -- libavcodec buffer overflow vulnerabilityphpmyadmin -- register_globals emulation "import_blacklist" manipulationphpmyadmin -- XSS vulnerabilitiestrac -- search module SQL injection vulnerability2005-12-01drupal -- multiple vulnerabilities2005-11-30mambo -- "register_globals" emulation layer overwrite vulnerabilityopera -- command line URL shell command injectionopera -- multiple vulnerabilities2005-11-27ghostscript -- insecure temporary file creation vulnerability2005-11-22horde -- Cross site scripting vulnerabilities in MIME viewers2005-11-16phpmyadmin -- HTTP Response Splitting vulnerability2005-11-13Macromedia flash player -- swf file handling arbitrary codephpSysInfo -- "register_globals" emulation layer overwrite vulnerability2005-11-10flyspray -- cross-site scripting vulnerabilitiesp5-Mail-SpamAssassin -- long message header denial of service2005-11-07qpopper -- multiple privilege escalation vulnerabilities2005-11-04pear-PEAR -- PEAR installer arbitrary code execution vulnerability2005-11-01openvpn -- arbitrary code execution on client through malicious or compromised serveropenvpn -- potential denial-of-service on servers in TCP modePHP -- multiple vulnerabilitiesskype -- multiple buffer overflow vulnerabilitiessquid -- FTP server response handling denial of service2005-10-31base -- PHP SQL injection vulnerability2005-10-30fetchmail -- fetchmailconf local password exposurelynx -- remote buffer overflow2005-10-27ruby -- vulnerability in the safe level settings2005-10-20xloadimage -- buffer overflows in NIFF image title handling2005-10-18snort -- Back Orifice preprocessor buffer overflow vulnerability2005-10-15gallery2 -- file disclosure vulnerabilitywebcalendar -- remote file inclusion vulnerability2005-10-12openssl -- potential SSL 2.0 rollback2005-10-11phpmyadmin -- local file inclusion vulnerabilityzope -- expose RestructuredText functionality to untrusted users2005-10-09libxine -- format string vulnerability2005-10-05imap-uw -- mailbox name handling remote buffer vulnerability2005-10-02picasm -- buffer overflow vulnerabilityweex -- remote format string vulnerability2005-10-01cfengine -- arbitrary file overwriting vulnerabilityuim -- privilege escalation vulnerability2005-09-29phpmyfaq -- SQL injection, takeover, path disclosure, remote code execution2005-09-24clamav -- arbitrary code execution and DoS vulnerabilities2005-09-23firefox & mozilla -- multiple vulnerabilities2005-09-22firefox & mozilla -- command line URL shell command injection2005-09-17apache -- Certificate Revocation List (CRL) off-by-one vulnerabilitysquirrelmail -- _$POST variable handling allows for various attacks2005-09-15squid -- possible denial of service condition regarding NTLM authenticationX11 server -- pixmap allocation vulnerability2005-09-13unzip -- permission race vulnerability2005-09-10firefox & mozilla -- buffer overflow vulnerability2005-09-04htdig -- cross site scripting vulnerabilitysquid -- Denial Of Service Vulnerability in sslConnectTimeoutsquid -- Possible Denial Of Service Vulnerability in store.c2005-09-03bind -- buffer overrun vulnerabilitybind9 -- denial of service2005-09-02urban -- stack overflow vulnerabilities2005-08-29fswiki - command injection vulnerability2005-08-27evolution -- remote format string vulnerabilitiespam_ldap -- authentication bypass vulnerability2005-08-26pcre -- regular expression buffer overflow2005-08-23elm -- remote buffer overflow in Expires header2005-08-19openvpn -- denial of service: client certificate validation can disconnect unrelated clientsopenvpn -- denial of service: malicious authenticated "tap" client can deplete server virtual memoryopenvpn -- denial of service: undecryptable packet from authorized client can disconnect unrelated clientsopenvpn -- multiple TCP clients connecting with the same certificate at the same time can crash the server2005-08-17tor -- diffie-hellman handshake flaw2005-08-16acroread -- plug-in buffer overflow vulnerability2005-08-15pear-XML_RPC -- remote PHP code injection vulnerability2005-08-14awstats -- arbitrary code execution vulnerability2005-08-12gaim -- AIM/ICQ away message buffer overflowgaim -- AIM/ICQ non-UTF-8 filename crashlibgadu -- multiple vulnerabilitiesxpdf -- disk fill DoS vulnerability2005-08-09gforge -- XSS and email flood vulnerabilities2005-08-08postnuke -- multiple vulnerabilities2005-08-05devfs -- ruleset bypassipsec -- Incorrect key usage in AES-XCBC-MACmambo -- multiple vulnerabilitieszlib -- buffer overflow vulnerability2005-08-03proftpd -- format string vulnerabilities2005-08-01nbsmtp -- format string vulnerability2005-07-31gnupg -- OpenPGP symmetric encryption vulnerabilityphpmyadmin -- cross site scripting vulnerabilitysylpheed -- MIME-encoded file name buffer overflow vulnerabilityvim -- vulnerabilities in modeline handling: glob, expand2005-07-30ethereal -- multiple protocol dissectors vulnerabilitiesjabberd -- 3 buffer overflowsopera -- download dialog spoofing vulnerabilityopera -- image dragging vulnerabilitytiff -- buffer overflow vulnerability2005-07-26apache -- http request smuggling2005-07-25clamav -- multiple remote buffer overflows2005-07-23egroupware -- multiple cross-site scripting (XSS) and SQL injection vulnerabilitiesisc-dhcpd -- format string vulnerabilities2005-07-22fetchmail -- denial of service/crash from malicious POP3 server2005-07-21dnrd -- remote buffer and stack overflow vulnerabilitiesPowerDNS -- LDAP backend fails to escape all queries2005-07-20fetchmail -- remote root/code injection from malicious POP3 server2005-07-18kdebase -- Kate backup file permission leak2005-07-16drupal -- PHP code execution vulnerabilitiesfirefox & mozilla -- multiple vulnerabilities2005-07-09mysql-server -- insecure temporary file creationnet-snmp -- fixproc insecure temporary file creationphpbb -- multiple vulnerabilitiesphpSysInfo -- cross site scripting vulnerabilityshtool -- insecure temporary file creation2005-07-08bugzilla -- multiple vulnerabilitiesekg -- insecure temporary file creationnwclient -- multiple vulnerabilitiespear-XML_RPC -- information disclosure vulnerabilitiesphppgadmin -- "formLanguage" local file inclusion vulnerability2005-07-06acroread -- buffer overflow vulnerabilityacroread -- insecure temporary file creationclamav -- cabinet file handling DoS vulnerabilityclamav -- MS-Expand file handling DoS vulnerabilityzlib -- buffer overflow vulnerability2005-07-05cacti -- multiple vulnerabilitiesnet-snmp -- remote DoS vulnerabilitywordpress -- multiple vulnerabilitieswordpress -- multiple vulnerabilities2005-07-03pear-XML_RPC -- arbitrary remote code executionphpbb -- remote PHP code execution vulnerability2005-06-29bzip2 -- denial of service and permission race vulnerabilitieskernel -- ipfw packet matching errors with address tableskernel -- TCP connection stall denial of service2005-06-24ethereal -- multiple protocol dissectors vulnerabilitieslinux-realplayer -- RealText parsing heap overflowtor -- information disclosure2005-06-23ruby -- arbitrary command execution on XMLRPC server2005-06-21cacti -- potential SQL injection and cross site scripting attacks2005-06-20opera -- "javascript:" URL cross-site scripting vulnerabilityopera -- redirection cross-site scripting vulnerabilityopera -- XMLHttpRequest security bypassrazor-agents -- denial of service vulnerabilitysudo -- local race condition vulnerabilitytrac -- file upload/download vulnerability2005-06-18acroread -- XML External Entity vulnerabilitygzip -- directory traversal and permission race vulnerabilitiesp5-Mail-SpamAssassin -- denial of service vulnerabilitysquirrelmail -- Several cross site scripting vulnerabilitiestcpdump -- infinite loops in protocol decoding2005-06-17fd_set -- bitmap index overflow in multiple applicationsgaim -- MSN Remote DoS vulnerabilitygaim -- Yahoo! remote crash vulnerabilitygallery -- cross-site scriptinggallery -- remote code injection via HTTP_POST_VARSkstars -- exploitable set-user-ID application fliccd2005-06-09leafnode -- denial of service vulnerability2005-06-03gforge -- directory traversal vulnerabilityimap-uw -- authentication bypass when CRAM-MD5 is enabledracoon -- remote denial-of-servicesquid -- denial-of-service vulnerabilitiesxli -- integer overflows in image size calculationsxloadimage -- arbitrary command execution when handling compressed filesxloadimage -- buffer overflow in FACES image handlingyamt -- buffer overflow and directory traversal issues2005-06-01linux_base -- vulnerabilities in Red Hat 7.1 librariesmailman -- generated passwords are poor qualitymailman -- password disclosuresquirrelmail -- XSS and remote code injection vulnerabilitiessympa -- buffer overflow in "queue"tomcat -- Tomcat Manager cross-site scriptingxtrlock -- X display locking bypassxview -- multiple buffer overflows in xv_parse_one2005-05-29fswiki -- XSS problem in file upload form2005-05-22freeradius -- sql injection and denial of service vulnerabilityoops -- format string vulnerabilityppxp -- local root exploit2005-05-19cdrdao -- unspecified privilege escalation vulnerabilitysquid -- DNS lookup spoofing vulnerabilitysquid -- possible abuse of cachemgr.cgi2005-05-14gaim -- MSN remote DoS vulnerabilitygaim -- remote crash on some protocols2005-05-13kernel -- information disclosure when using HTTleafnode -- fetchnews denial-of-service triggered by transmission abort/timeout2005-05-12mozilla -- "Wrapped" javascript: urls bypass security checksmozilla -- privilege escalation via non-DOM property overrides2005-05-11mozilla -- code execution via javascript: IconURL vulnerability2005-05-09groff -- groffer uses temporary files unsafelygroff -- pic2graph and eqn2graph are vulnerable to symlink attack through temporary files2005-05-01coppermine -- IP spoofing and XSS vulnerabilityrsnapshot -- local privilege escalationsharutils -- unshar insecure temporary file creation2005-04-27ImageMagick -- ReadPNMImage() heap overflow vulnerability2005-04-25gaim -- AIM/ICQ remote denial of service vulnerabilitygaim -- remote DoS on receiving malformed HTMLmplayer & libxine -- MMS and Real RTSP buffer overflow vulnerabilities2005-04-23kdewebdev -- kommander untrusted code execution vulnerability2005-04-22junkbuster -- heap corruption vulnerability and configuration modification vulnerabilitykdelibs -- kimgio input validation errors2005-04-19gld -- format string and buffer overflow vulnerabilities2005-04-17axel -- remote buffer overflow2005-04-16firefox -- arbitrary code execution in sidebar panelfirefox -- PLUGINSPAGE privileged javascript executionjdk -- jar directory traversal vulnerabilitymozilla -- code execution through javascript: faviconsmozilla -- javascript "lambda" replace exposes memory contentsmozilla -- privilege escalation via DOM property overrides2005-04-13openoffice -- DOC document heap overflow vulnerability2005-04-12portupgrade -- insecure temporary file handling vulnerability2005-04-10gaim -- jabber remote crashgaim -- remote DoS on receiving certain messages over IRCgaim -- remote DoS on receiving malformed HTMLphp -- readfile() DoS vulnerabilitysquid -- DoS on failed PUT/POST requests vulnerability2005-04-05horde -- Horde Page Title Cross-Site Scripting Vulnerability2005-04-04wu-ftpd -- remote globbing DoS vulnerability2005-04-02hashcash -- format string vulnerability2005-03-26clamav -- zip handling DoS vulnerability2005-03-24firefox -- arbitrary code execution from sidebar panelmozilla -- heap buffer overflow in GIF image processingwine -- information disclosure due to insecure temporary file handling2005-03-23sylpheed -- buffer overflow in header processing2005-03-21kdelibs -- local DCOP denial of service vulnerabilityxv -- filename handling format string vulnerability2005-03-15phpmyadmin -- increased privilege vulnerability2005-03-14ethereal -- multiple protocol dissectors vulnerabilitiesgrip -- CDDB response multiple matches buffer overflow vulnerabilitymysql-server -- multiple remote vulnerabilities2005-03-13rxvt-unicode -- buffer overflow vulnerability2005-03-08libexif -- buffer overflow vulnerabilityphpmyadmin -- arbitrary file include and XSS vulnerabilitiesphpmyadmin -- information disclosure vulnerability2005-03-05phpbb - Insuffient check against HTML code in usercp_register.php2005-03-04postnuke -- cross-site scripting (XSS) vulnerabilitiespostnuke -- SQL injection vulnerabilitiesrealplayer -- remote heap overflow2005-03-03ImageMagick -- format string vulnerability2005-03-01lighttpd -- script source disclosure vulnerabilityuim -- privilege escalation vulnerability2005-02-28phpbb -- privilege elevation and path disclosure2005-02-27curl -- authentication buffer overflow vulnerabilitycyrus-imapd -- multiple buffer overflow vulnerabilitiessup -- format string vulnerability2005-02-26mozilla -- arbitrary code execution vulnerabilitymozilla -- insecure temporary directory vulnerability2005-02-24mkbold-mkitalic -- format string vulnerability2005-02-23phpbb -- multiple information disclosure vulnerabilities2005-02-22unace -- multiple vulnerabilities2005-02-20putty -- pscp/psftp heap corruption vulnerabilities2005-02-18bidwatcher -- format string vulnerabilitygftp -- directory traversal vulnerabilitykdelibs -- insecure temporary file creationopera -- "data:" URI handler spoofing vulnerabilityopera -- kfmclient exec command execution vulnerability2005-02-17postgresql -- multiple buffer overflows in PL/PgSQL parser2005-02-16awstats -- arbitrary command execution2005-02-14emacs -- movemail format string vulnerabilitypowerdns -- DoS vulnerability2005-02-13mod_python -- information leakage vulnerabilityngircd -- buffer overflow vulnerabilityngircd -- format string vulnerability2005-02-12mailman -- directory traversal vulnerability2005-02-11enscript -- multiple vulnerabilities2005-02-08ethereal -- multiple protocol dissectors vulnerabilitiespostgresql -- privilege escalation vulnerabilitysquid -- correct handling of oversized HTTP reply headers2005-02-03python -- SimpleXMLRPCServer.py allows unrestricted traversal2005-02-02perl -- vulnerabilities in PERLIO_DEBUG handling2005-02-01newsfetch -- server response buffer overflow vulnerabilitynewsgrab -- directory traversal vulnerabilitynewsgrab -- insecure file and directory creationnewspost -- server response buffer overflow vulnerability2005-01-28squid -- buffer overflow in WCCP recvfrom() call2005-01-26xpdf -- makeFileKey2() buffer overflow vulnerability2005-01-25evolution -- arbitrary code execution vulnerabilityzhcon -- unauthorized file access2005-01-24bugzilla -- cross-site scripting vulnerabilitymod_dosevasive -- insecure temporary file creationopera -- multiple vulnerabilities in Java implementationsquid -- possible cache-poisoning via malformed HTTP responsesweb browsers -- window injection vulnerabilities2005-01-23yamt -- arbitrary command execution vulnerability2005-01-22horde -- XSS vulnerabilitiessquid -- HTTP response splitting cache pollution attack2005-01-21egroupware -- arbitrary file download in JiNNfcron -- multiple vulnerabilitiesimlib -- xpm heap buffer overflows and integer overflowsmc -- multiple vulnerabilitiesperl -- File::Path insecure file/directory permissionsquake2 -- multiple critical vulnerabilitiesrealplayer -- arbitrary file deletion and other vulnerabilitiessudo -- environmental variable CDPATH is not cleared2005-01-19konversation -- shell script command injectionsquid -- no sanity check of usernames in squid_ldap_auth2005-01-18awstats -- remote command execution vulnerabilitycups-base -- CUPS server remote DoS vulnerabilityImageMagick -- PSD handler heap overflow vulnerabilitymozilla -- insecure permissions for some downloaded filestiff -- divide-by-zero denial-of-servicezgv -- exploitable heap overflows2005-01-17cups-base -- HPGL buffer overflow vulnerabilitycups-lpr -- lppasswd multiple vulnerabilities2005-01-16mysql-scripts -- mysqlaccess insecure temporary file creationunrtf -- buffer overflow vulnerability2005-01-13mozilla -- heap overflow in NNTP handlermpg123 -- buffer overflow vulnerability2005-01-12libxine -- DVD subpicture decoder heap overflowlibxine -- multiple buffer overflows in RTSPlibxine -- multiple vulnerabilities in VideoCD handlingsquid -- buffer overflow vulnerability in gopherToHTMLsquid -- denial of service with forged WCCP messages2005-01-11hylafax -- unauthorized login vulnerabilityxshisen -- local buffer overflows2005-01-10helvis -- arbitrary file deletion problemhelvis -- information leak vulnerabilities2005-01-08dillo -- format string vulnerability2005-01-07tnftp -- mget does not check for directory escapes2005-01-06pcal -- buffer overflow vulnerabilitiestiff -- directory entry count integer overflow vulnerabilitytiff -- tiffdump integer overflow vulnerabilityvim -- vulnerabilities in modeline handling2005-01-05exim -- two buffer overflow vulnerabilities2005-01-03golddig -- local buffer overflow vulnerabilitiesgreed -- insecure GRX file processingmpg123 -- playlist processing buffer overflow vulnerability2005-01-02up-imapproxy -- multiple vulnerabilities2005-01-01kdelibs3 -- konqueror FTP command injection vulnerability2004-12-30a2ps -- insecure temporary file creation2004-12-29libxine -- buffer-overflow vulnerability in aiff support2004-12-26jabberd -- denial-of-service vulnerability2004-12-23ethereal -- multiple vulnerabilitiessquid -- confusing results on empty acl declarationsxpdf -- buffer overflow vulnerability2004-12-22phpbb -- arbitrary command execution and other vulnerabilities2004-12-21acroread5 -- mailListIsPdf() buffer overflow vulnerabilityecartis -- unauthorised access to admin interfacekrb5 -- heap buffer overflow vulnerability in libkadm5srvmplayer -- multiple vulnerabilitiessamba -- integer overflow vulnerability2004-12-17php -- multiple vulnerabilities2004-12-16mysql -- ALTER MERGE denial of service vulnerabilitymysql -- erroneous access restrictions applied to table renamesmysql -- FTS request denial of service vulnerabilitymysql -- GRANT access restriction problemmysql -- mysql_real_connect buffer overflow vulnerability2004-12-15phpmyadmin -- command execution vulnerabilityphpmyadmin -- file disclosure vulnerability2004-12-14wget -- multiple vulnerabilities2004-12-12konqueror -- Password Disclosure for SMB Shares2004-12-11mod_access_referer -- null pointer dereference vulnerability2004-12-09squid -- possible information disclosure2004-12-08viewcvs -- information leakage2004-12-07cscope -- symlink attack vulnerability2004-12-04bnc -- remotely exploitable buffer overflow in getnickuserhost2004-12-02rockdodger -- buffer overflowsrssh & scponly -- arbitrary command execution2004-12-01sudoscript -- signal delivery vulnerabilityzip -- long path buffer overflow2004-11-30jabberd -- remote buffer overflow vulnerability2004-11-27Open DC Hub -- remote buffer overflow vulnerability2004-11-26unarj -- directory traversal vulnerabilityunarj -- long filename buffer overflow2004-11-25jdk/jre -- Security Vulnerability With Java PluginProZilla -- server response buffer overflow vulnerabilities2004-11-22Cyrus IMAPd -- APPEND command uses undefined programming constructCyrus IMAPd -- FETCH command out of bounds memory corruptionCyrus IMAPd -- IMAPMAGICPLUS preauthentification overflowCyrus IMAPd -- PARTIAL command out of bounds memory corruption2004-11-20phpMyAdmin -- cross-site scripting vulnerabilities2004-11-18Overflow error in fetch2004-11-17smbd -- buffer-overrun vulnerability2004-11-15proxytunnel -- format string vulnerabilitytwiki -- arbitrary shell command execution2004-11-13ruby -- CGI DoSsudo -- privilege escalation with bash scripts2004-11-12gnats -- format string vulnerabilitysamba -- potential remote DoS vulnerabilitysquirrelmail -- cross site scripting vulnerability2004-11-11ez-ipupdate -- format string vulnerabilityhafiye -- lack of terminal escape sequence filteringImageMagick -- EXIF parser buffer overflow2004-11-10apache2 multiple space header denial-of-service vulnerabilitysocat -- format string vulnerability2004-11-09libxml -- remote buffer overflows2004-11-08p5-Archive-Zip -- virus detection evasion2004-11-06apache mod_include buffer overflow vulnerabilitypostgresql-contrib -- insecure temporary file creation2004-11-05gd -- integer overflow2004-11-04putty -- buffer overflow vulnerability in ssh2 support2004-11-03wzdftpd -- remote DoS2004-10-27horde -- cross-site scripting vulnerability in help window2004-10-26bogofilter -- RFC 2047 decoder denial-of-service vulnerability2004-10-25gaim -- buffer overflow in MSN protocol supportgaim -- Content-Length header denial-of-service vulnerabilitygaim -- heap overflow exploitable by malicious GroupWise servergaim -- malicious smiley themesgaim -- MSN denial-of-service vulnerabilitiesgaim -- multiple buffer overflowsrssh -- format string vulnerabilityxpdf -- integer overflow vulnerabilities2004-10-23mod_ssl -- SSLCipherSuite bypassmpg123 -- buffer overflow in URL handling2004-10-21apache2 -- SSL remote DoS2004-10-20a2ps -- insecure command line argument handlingcabextract -- insecure directory handlingphpmyadmin -- remote command execution vulnerability2004-10-19ifmail -- unsafe set-user-ID applicationimwheel -- insecure handling of PID file2004-10-17apache13-modssl -- format string vulnerability in proxy supportcacti -- SQL injection2004-10-15tor -- remote DoS and loss of anonymity2004-10-13CUPS -- local information disclosurefreeradius -- denial-of-service vulnerabilityicecast -- Cross-Site Scripting Vulnerabilityicecast -- HTTP header overflowsharutils -- buffer overflowstiff -- multiple integer overflowstiff -- RLE decoder heap overflowswordpress -- XSS in administration panelxerces-c2 -- Attribute blowup denial-of-service2004-10-12cyrus-sasl -- potential buffer overflow in DIGEST-MD5 pluginmail-notification -- denial-of-service vulnerabilitysquid -- SNMP module denial-of-service vulnerabilityzinf -- potential buffer overflow playlist support2004-10-08cyrus-sasl -- dynamic library loading and set-user-ID applications2004-10-05bmon -- unsafe set-user-ID applicationgnutls -- certificate chain verification DoSimp3 -- XSS hole in the HTML viewerphp -- php_variables memory disclosurexv -- exploitable buffer overflows2004-10-04Boundary checking errors in sysconsgetmail -- symlink vulnerability during maildir delivery2004-10-03distcc -- incorrect parsing of IP access control rulesracoon -- improper certificate handling2004-09-30mozilla -- hostname spoofing bugmozilla -- scripting vulnerabilitiesmozilla -- users may be lured into bypassing security dialogssamba -- remote file disclosure2004-09-28mozilla -- BMP decoder vulnerabilitiesmozilla -- multiple heap buffer overflowsmozilla -- vCard stack buffer overflow2004-09-27php -- memory_limit related vulnerabilityphp -- strip_tags cross-site scripting vulnerability2004-09-26subversion -- WebDAV fails to protect metadata2004-09-23lha -- numerous vulnerabilities when extracting archivesmysql -- heap buffer overflow with prepared statements2004-09-22mozilla -- automated file uploadmozilla -- built-in CA certificates may be overriddenmozilla -- NULL bytes in FTP URLsmozilla -- security icon spoofing2004-09-21rssh -- file name disclosure bug2004-09-20gnu-radius -- SNMP-related denial-of-servicesudo -- sudoedit information disclosure2004-09-19apache -- heap overflow in mod_proxy2004-09-15apache -- ap_resolve_env buffer overflowapache -- apr_uri_parse IPv6 address handling vulnerabilitycups -- print queue browser denial-of-servicegdk-pixbuf -- image decoding vulnerabilitiesmod_dav -- lock related denial-of-servicephp -- vulnerability in RFC 1867 file upload processingxpm -- image decoding vulnerabilities2004-09-14mozilla -- POP client heap overflowmozilla -- SOAPParameter integer overflowmpg123 buffer overflowopenoffice -- document disclosuresamba3 DoS attackwebmin -- insecure temporary file creation at installation time2004-08-31ImageMagick -- BMP decoder buffer overflowimlib -- BMP decoder heap buffer overflowimlib2 -- BMP decoder buffer overflowkrb5 -- ASN.1 decoder denial-of-service vulnerabilitykrb5 -- double-free vulnerabilities2004-08-27nss -- exploitable buffer overflow in SSLv2 protocol handlerripMIME -- decoding bug allowing content filter bypass2004-08-26gnomevfs -- unsafe URI handlingkdelibs -- konqueror cross-domain cookie injectionmoinmoin -- ACL group bypassrsync -- path sanitizing vulnerabilitySoX buffer overflows when handling .WAV files2004-08-23SpamAssassin -- denial-of-service in tokenize_headers2004-08-22courier-imap -- format string vulnerability in debug modefidogate -- write files as `news' usermysql -- mysqlhotcopy insecure temporary file creationqt -- image loader vulnerabilities2004-08-17cvs -- numerous vulnerabilitiestnftpd -- remotely exploitable vulnerability2004-08-16Ruby insecure file permissions in the CGI session managementsquid -- NTLM authentication denial-of-service vulnerability2004-08-13Arbitrary code execution via a format string vulnerability in jftpgw2004-08-12acroread uudecoder input validation errorgaim remotely exploitable vulnerabilities in MSN componentkdelibs insecure temporary file handlingMutiple browser frame injection vulnerabilitypopfile file disclosure2004-08-04ImageMagick png vulnerability fixlibpng stack-based buffer overflow and other code concerns2004-07-30Mozilla / Firefox user interface spoofing vulnerabilityMozilla certificate spoofing2004-07-21Multiple Potential Buffer Overruns in Samba2004-07-11multiple vulnerabilities in etherealmultiple vulnerabilities in ethereal2004-07-05"Content-Type" XSS vulnerability affecting other webmail systemsFormat string vulnerability in SSLtelnetMySQL authentication bypass / buffer overflow2004-07-03Pavuk HTTP Location header overflowSeveral vulnerabilities found in PHPNuke2004-07-02GNATS local privilege elevationRemote code injection in phpMyAdmin2004-06-30Linux binary compatibility mode input validation error2004-06-28MoinMoin administrative group name privilege escalation vulnerabilityXFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 02004-06-25isc-dhcp3-server buffer overflow in logging mechanismRemote Denial of Service of HTTP server and client2004-06-24Gallery 1.4.3 and ealier user authentication bypass2004-06-09Buffer overflow in Squid NTLM authentication helper2004-06-07jailed processes can manipulate host routing tables2004-05-26buffer cache invalidation implementation issues2004-05-21leafnode denial-of-service triggered by article requestleafnode fetchnews denial-of-service triggered by missing headerleafnode fetchnews denial-of-service triggered by truncated transmission2004-05-19cvs pserver remote heap buffer overflowneon date parsing vulnerabilitysubversion date parsing vulnerability2004-05-18URI handler vulnerabilities in several browsers2004-05-12Cyrus IMAP pre-authentication heap overflow vulnerabilityCyrus IMSPd multiple vulnerabilities2004-05-06exim buffer overflow when verify = header_syntax is usedphpBB session table exhaustion2004-05-05heimdal kadmind remote heap buffer overflow2004-05-02lha buffer overflows and path traversal issueslibpng denial-of-serviceMidnight Commander buffer overflows, format string bugs, and insecure temporary file handlingpound remotely exploitable vulnerabilityproftpd IP address access control list breakagersync path traversal issuexine-lib arbitrary file overwrite2004-04-23ident2 double byte buffer overflowphpBB IP address spoofingTCP denial-of-service attacks against long lived connectionsxchat remotely exploitable buffer overflow (Socks5)2004-04-16MySQL insecure temporary file creation (mysqlbug)2004-04-15kdepim exploitable buffer overflow in VCF readerneon format string vulnerabilities2004-04-14CVS path validation errorsracoon remote denial of service vulnerability (ISAKMP header length field)2004-04-07jailed processes can attach to other jailsmany out-of-sequence TCP packets denial-of-servicemksnap_ffs clears file system optionsracoon fails to verify signature during Phase 1racoon remote denial of service vulnerability (IKE Generic Payload Header)shmat reference counting bug2004-04-03Midnight Commander buffer overflow during symlink resolution2004-04-02Incorrect cross-realm trust handling in Heimdal2004-03-31Courier mail services: remotely exploitable buffer overflowsisakmpd payload handling denial-of-service vulnerabilitiesmplayer heap overflow in http requeststcpdump ISAKMP payload handling remote denial-of-service2004-03-29ecartis buffer overflows and input validation bugssetsockopt(2) IPv6 sockets input validation errorzebra/quagga denial of service vulnerability2004-03-28Buffer overflows and format string bugs in EmilCritical SQL injection in phpBBoftpd denial-of-service vulnerability (PORT command)2004-03-26ezbounce remote format string vulnerabilityinsecure temporary file creation in xine-check, xine-bugreportmultiple vulnerabilities in etherealmultiple vulnerabilities in phpBBsquid ACL bypass due to URL decoding bug2004-03-25racoon security association deletion vulnerability2004-03-18uudeview buffer overflows2004-03-17ModSecurity for Apache 2.x remote off-by-one overflowOpenSSL ChangeCipherSpec denial-of-service vulnerability2004-03-08Apache 1.3 IP address access control failure on some 64-bit platformsApache 2 mod_ssl denial-of-servicewu-ftpd ftpaccess `restricted-uid'/`restricted-gid' directive may be bypassed2004-03-07mpg123 vulnerabilities2004-03-06GNU Anubis buffer overflows and format string vulnerabilities2004-03-05multiple buffer overflows in xboing2004-03-03mod_python denial-of-service vulnerability in parse_qs2004-02-25Darwin Streaming Server denial-of-service vulnerabilityfetchmail denial-of-service vulnerabilityhsftp format string vulnerabilitieslbreakout2 vulnerability in environment variable handlinglibxml2 stack buffer overflow in URI parsingmailman denial-of-service vulnerability in MailCommandHandlermailman XSS in admin scriptmailman XSS in create scriptmailman XSS in user options pageSQL injection vulnerability in phpnuke2004-02-22file disclosure in phpMyAdminVulnerabilities in H.323 implementations2004-02-18metamail format string bugs and buffer overflows2004-02-15mnGoSearch buffer overflow in UdmDocToTextBuf()2004-02-13GNU libtool insecure temporary file handling2004-02-12Buffer overflow in Mutt 1.4Buffer overflows in XFree86 serversCCE contains exploitable buffer overflowsChiTeX/ChiLaTeX unsafe set-user-id rootclamav remote denial-of-serviceicecast 1.x multiple vulnerabilitiesnap allows arbitrary file accesspine insecure URL handlingpine remote denial-of-service attackpine remotely exploitable buffer overflow in newmail.cpine remotely exploitable vulnerabilitiesrsync buffer overflow in server modeSamba 3.0.x password initialization bugseti@home remotely exploitable buffer overflowSeveral remotely exploitable buffer overflows in gaim2004-02-10Apache-SSL optional client certificate vulnerability2004-01-19fsp buffer overflow and directory traversal vulnerabilitiesL2TP, ISAKMP, and RADIUS parsing vulnerabilities in tcpdump2004-01-08Buffer overflow in INN control message handling2004-01-05ProFTPD ASCII translation bug resulting in remote root compromise2003-12-12bind8 negative cache poison attackElGamal sign+encrypt keys created by GnuPG can be compromisedlftp HTML parsing vulnerabilityMathopd buffer overflowqpopper format string vulnerability2003-10-25Buffer overflow in pam_smb password handlingBuffer overflows in libmcryptFetchmail address parsing vulnerability Copyright © 2003-2005 Jacques Vidrine and contributors. Please see the source of this document for full copyright information.
 

Documenting

security

issues

in

FreeBSD

and

the

FreeBSD

Ports

Collection.

http://www.vuxml.org/freebsd/

FreeBSD VuXML 2008 October

dvd rental

dvd


Documenting security issues in FreeBSD and the FreeBSD Ports Collection.

Rules

© 2008 Internet Explorer 5+ or Netscape 6+
Recommended Sites: 1. Arts - Business - Computers - Games - Health - Home - Kids and Teens - News - Recreation - Reference - Regional - Science - Shopping - Society - Sports - World Miss Gallery - Top Anime Hentai - DVD rental by mail - Discount Magazine - Payday Loan - Credit Cards - Mortgage Calculator - Advertising
2008-10-08 02:16:14

Copyright 2005, 2006 by Webmaster
Websites is cool :) 163Szkolenia £ód¼ - Albergo Innsbruck - Online Bingo - Usuwanie Cellulitu - Bilety Lotnicze