SQL injection vulnerability in view_user.php in WowBB 1.6, 1.61, and 1.62 allows remote attackers to execute arbitrary SQL commands via the sort_by parameter. Date published : 2005-05-14 http://www.securityfocus.com/bid/13569 http://marc.info/?l=bugtraq&m=111575905112831&w=2
GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via sniffing. Date published : 2005-05-14 http://marc.info/?l=bugtraq&m=111574131105737&w=2 http://www.esqo.com/research/advisories/2005/100505-1.txt
GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when set to create JPEG images, does not properly protect an image even when a password and username is assigned, which may allow remote attackers...
Sophos Anti-Virus 3.93 does not check downloaded files for viruses when they have only been written, which creates a race condition and may allow remote attackers to bypass virus protection if the file is...
easymsgb.pl in Easy Message Board allows remote attackers to execute arbitrary commands via shell metacharacters in the print parameter. Date published : 2005-05-14 http://www.securityfocus.com/bid/13555 http://marc.info/?l=bugtraq&m=111566691005844&w=2
Directory traversal vulnerability in easymsgb.pl in Easy Message Board allows remote attackers to read arbitrary files via a .. (dot dot) in the print parameter. Date published : 2005-05-14 http://www.securityfocus.com/bid/13551 http://marc.info/?l=bugtraq&m=111566691005844&w=2
SQL injection vulnerability in index.php in Advanced Guestbook 2.3.1 allows remote attackers to execute arbitrary SQL commands via the entry parameter. Date published : 2005-05-14 http://www.securityfocus.com/bid/13548 http://marc.info/?l=bugtraq&m=111566565621193&w=2
Heap-based buffer overflow in the demo version of Bakbone Netvault, and possibly other versions, allows remote attackers to execute arbitrary commands via a large packet to port 20031. Date published : 2005-05-14 http://marc.info/?l=bugtraq&m=111600439331242&w=2
Buffer overflow in the PE parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted PE file. Date published : 2005-05-14 http://www.debian.org/security/2005/dsa-743 http://www.gentoo.org/security/en/glsa/glsa-200505-08.xml
Integer overflow in the ELF parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted ELF file, which leads to a heap-based buffer overflow. Date published : 2005-05-14...
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag. Date published : 2005-05-14 http://www.securityfocus.com/bid/13585 http://www.debian.org/security/2005/dsa-755
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script. Date published : 2005-05-13 http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html http://www.securityfocus.com/bid/13582
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 do not properly limit privileges of Javascript eval and Script objects in the calling context, which allows remote attackers to conduct unauthorized activities via "non-DOM property...
Firefox before 1.0.4 and Mozilla Suite before 1.7.8 does not properly implement certain security checks for script injection, which allows remote attackers to execute script via "Wrapped" javascript: URLs, as demonstrated using (1) a...