FreeBSD VuXML

Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.

topic index


Topic Entered
"Content-Type" XSS vulnerability affecting other webmail systems 2004-07-05
a2ps -- insecure command line argument handling 2004-10-20
a2ps -- insecure temporary file creation 2004-12-30
abiword, koffice -- stack based buffer overflow vulnerabilities 2006-02-20
acroread -- buffer overflow vulnerability 2005-07-06
acroread -- insecure temporary file creation 2005-07-06
acroread -- plug-in buffer overflow vulnerability 2005-08-16
acroread -- XML External Entity vulnerability 2005-06-18
acroread uudecoder input validation error 2004-08-12
acroread5 -- mailListIsPdf() buffer overflow vulnerability 2004-12-21
acroread9 -- Multiple Vulnerabilities 2012-01-26
alsaplayer -- multiple vulnerabilities 2006-08-13
amarok -- multiple vulnerabilities 2009-03-23
amaya -- Attribute Value Buffer Overflow Vulnerabilities 2006-04-27
amaya -- multiple buffer overflow vulnerabilities 2009-02-09
ampache -- insecure temporary file usage 2008-12-26
apache -- ap_resolve_env buffer overflow 2004-09-15
apache -- apr_uri_parse IPv6 address handling vulnerability 2004-09-15
apache -- Certificate Revocation List (CRL) off-by-one vulnerability 2005-09-17
apache -- Cross-site scripting vulnerability 2009-03-11
apache -- heap overflow in mod_proxy 2004-09-19
apache -- http request smuggling 2005-07-26
Apache -- Insecure LD_LIBRARY_PATH handling 2012-08-01
apache -- mod_imap cross-site scripting flaw 2006-01-01
apache -- mod_rewrite buffer overflow vulnerability 2006-07-28
apache -- multiple vulnerabilities 2007-09-11
apache -- multiple vulnerabilities 2008-06-24
apache -- multiple vulnerabilities 2012-01-31
apache -- Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long) 2010-02-03
apache -- Range header DoS vulnerability 2011-08-30
apache -- Remote DoS bug in mod_cache and mod_dav 2010-07-26
apache -- several vulnerabilities 2014-03-22
Apache 1.3 -- mod_proxy reverse proxy exposure 2011-11-14
Apache 1.3 IP address access control failure on some 64-bit platforms 2004-03-08
Apache 2 mod_ssl denial-of-service 2004-03-08
Apache APR -- DoS vulnerabilities 2011-05-23
Apache APR -- DoS vulnerabilities 2011-05-12
Apache APR -- DoS vulnerabilities 2011-11-13
apache mod_include buffer overflow vulnerability 2004-11-06
Apache Traffic Server -- heap overflow vulnerability 2012-03-24
Apache-SSL optional client certificate vulnerability 2004-02-10
apache-xml-security-c -- heap overflow 2013-06-18
apache-xml-security-c -- heap overflow during XPointer evaluation 2013-06-28
apache13-modssl -- format string vulnerability in proxy support 2004-10-17
apache2 -- SSL remote DoS 2004-10-21
apache2 multiple space header denial-of-service vulnerability 2004-11-10
apache22 -- several vulnerabilities 2012-11-02
apache22 -- several vulnerabilities 2009-08-25
apache22 -- several vulnerabilities 2013-03-02
apache22 -- several vulnerabilities 2014-07-24
apache22 -- several vulnerabilities 2013-07-05
apache24 -- several vulnerabilities 2014-07-19
apache24 -- several vulnerabilities 2013-07-20
apr -- multiple vulnerabilities 2009-06-08
apr -- multiple vunerabilities 2010-10-06
Arbitrary code execution via a format string vulnerability in jftpgw 2004-08-13
asterisk -- denial of service vulnerability, local system access 2006-04-25
asterisk -- Exploitable Stack and Heap Array Overflows 2011-02-22
asterisk -- Exploitable Stack Buffer Overflow 2011-01-19
asterisk -- multiple vulnerabilities 2013-01-03
asterisk -- multiple vulnerabilities 2014-03-10
asterisk -- Multiple Vulnerabilities 2011-12-09
asterisk -- multiple vulnerabilities 2013-03-29
asterisk -- multiple vulnerabilities 2014-06-17
Asterisk -- multiple vulnerabilities 2011-06-25
asterisk -- multiple vulnerabilities 2012-03-15
asterisk -- Multiple Vulnerabilities 2011-03-16
asterisk -- multiple vulnerabilities 2012-08-30
asterisk -- multiple vulnerabilities 2012-04-23
asterisk -- multiple vulnerabilities 2013-12-17
asterisk -- multiple vulnerabilities 2013-08-28
asterisk -- multiple vulnerabilities 2012-05-29
asterisk -- multiple vulnerabilities 2012-07-06
Asterisk -- multiple vulnerabilities 2011-04-21
asterisk -- Remote crash vulnerability 2011-06-02
asterisk -- remote crash vulnerability 2012-06-14
asterisk -- remote crash vulnerability in SIP channel driver 2011-10-17
asterisk -- remote heap overwrite vulnerability 2006-10-20
asterisk -- SRTP Video Remote Crash Vulnerability 2012-01-20
automake -- Insecure 'distcheck' recipe granted world-writable distdir 2012-08-06
avahi -- denial of service 2011-03-13
awstats -- arbitrary code execution vulnerability 2005-08-14
awstats -- arbitrary command execution 2005-02-16
awstats -- arbitrary command execution vulnerability 2006-05-05
awstats -- arbitrary commands execution vulnerability 2011-02-10
awstats -- multiple XSS vulnerabilities 2009-01-04
awstats -- remote command execution vulnerability 2005-01-18
axel -- remote buffer overflow 2005-04-17
bacula -- Console ACL Bypass 2012-09-15
base -- PHP SQL injection vulnerability 2005-10-31
bidwatcher -- format string vulnerability 2005-02-18
bind -- buffer overrun vulnerability 2005-09-03
bind -- denial of service vulnerability 2013-07-26
bind -- denial of service vulnerability 2014-01-13
BIND -- Dynamic update message remote DoS 2009-08-01
BIND -- Large RRSIG RRsets and Negative Caching DoS 2011-06-04
bind -- Multiple Denial of Service vulnerabilities 2007-02-27
BIND -- Remote DOS 2011-11-16
BIND -- Remote DoS against authoritative and recursive servers 2011-07-05
BIND -- Remote DoS with certain RPZ configurations 2011-07-05
bind8 negative cache poison attack 2003-12-12
bind9 -- denial of service 2005-09-03
bind9 -- Denial of Service in named(8) 2006-12-19
bip -- buffer overflow 2012-02-11
bitcoin -- denial of service 2012-09-02
bitlbee -- account recreation security issues 2008-09-26
bmon -- unsafe set-user-ID application 2004-10-05
bnc -- remotely exploitable buffer overflow in getnickuserhost 2004-12-04
bogofilter -- heap corruption by invalid base64 input 2012-12-03
bogofilter -- heap corruption through excessively long words 2006-01-07
bogofilter -- heap corruption through malformed input 2006-01-07
bogofilter -- heap underrun on malformed base64 input 2010-07-06
bogofilter -- RFC 2047 decoder denial-of-service vulnerability 2004-10-26
Boundary checking errors in syscons 2004-10-04
buffer cache invalidation implementation issues 2004-05-26
Buffer overflow in INN control message handling 2004-01-08
Buffer overflow in Mutt 1.4 2004-02-12
Buffer overflow in pam_smb password handling 2003-10-25
Buffer overflow in Squid NTLM authentication helper 2004-06-09
Buffer overflows and format string bugs in Emil 2004-03-28
Buffer overflows in libmcrypt 2003-10-25
Buffer overflows in XFree86 servers 2004-02-12
bugzilla -- "createmailregexp" security bypass vulnerability 2007-09-20
bugzilla -- Cross Site Request Forgery 2014-07-25
bugzilla -- Cross-Site Request Forgery 2014-04-18
bugzilla -- cross-site scripting vulnerability 2005-01-24
Bugzilla -- Directory Traversal in importxml.pl 2008-08-15
bugzilla -- information disclosure 2010-07-05
bugzilla -- information disclosure, denial of service 2010-08-24
bugzilla -- information leak 2010-02-01
bugzilla -- information leak 2009-11-23
bugzilla -- multiple serious vulnerabilities 2011-01-25
bugzilla -- multiple vulnerabilities 2012-09-01
bugzilla -- multiple vulnerabilities 2013-10-17
bugzilla -- multiple vulnerabilities 2012-04-21
bugzilla -- multiple vulnerabilities 2011-08-13
bugzilla -- multiple vulnerabilities 2006-11-11
bugzilla -- multiple vulnerabilities 2007-09-21
bugzilla -- multiple vulnerabilities 2012-01-05
bugzilla -- multiple vulnerabilities 2012-11-14
bugzilla -- multiple vulnerabilities 2012-07-27
bugzilla -- multiple vulnerabilities 2005-07-08
bugzilla -- multiple vulnerabilities 2013-02-20
bugzilla -- multiple vulnerabilities 2012-02-06
bugzilla -- multiple vulnerabilities 2006-02-27
bugzilla -- product name information leak 2009-08-05
bugzilla -- Social Engineering 2014-04-18
bugzilla -- two SQL injections, sensitive data exposure 2009-09-17
bugzilla Cross-Site Request Forgery 2012-04-10
bzip2 -- crash with certain malformed archive files 2008-03-20
bzip2 -- denial of service and permission race vulnerabilities 2005-06-29
bzip2 -- integer overflow vulnerability 2010-10-25
c-ares -- DNS Cache Poisoning Vulnerability 2007-06-09
ca_root_nss -- extraction of explicitly-untrusted certificates into trust bundle 2011-09-04
cabextract -- insecure directory handling 2004-10-20
cacti -- ADOdb "server.php" Insecure Test Script Security Issue 2006-04-27
cacti -- allow remote attackers to execute arbitrary SQL commands 2013-08-29
cacti -- cross-site scripting issues 2009-11-23
cacti -- Multiple security vulnerabilities have been discovered 2008-02-12
cacti -- Multiple vulnabilites 2011-10-26
cacti -- multiple vulnerabilities 2005-07-05
cacti -- multiple vulnerabilities 2010-06-24
cacti -- Multiple vulnerabilities 2007-01-12
cacti -- potential SQL injection and cross site scripting attacks 2005-06-21
cacti -- SQL injection 2004-10-17
cacti -- SQL injection and command execution vulnerabilities 2010-04-24
Calligra, KOffice -- input validation failure 2012-08-26
caml-light -- insecure use of temporary files 2011-11-06
CCE contains exploitable buffer overflows 2004-02-12
cdf3 -- Buffer overflow vulnerability 2008-08-19
cdrdao -- unspecified privilege escalation vulnerability 2005-05-19
cfengine -- arbitrary file overwriting vulnerability 2005-10-01
cgiwrap -- XSS Vulnerability 2009-01-13
ChaSen -- buffer overflow 2014-04-13
ChiTeX/ChiLaTeX unsafe set-user-id root 2004-02-12
chromium -- cross-site scripting vulnerability 2012-03-09
chromium -- Errant plug-in load and GPU process memory corruption 2012-03-11
chromium -- multiple memory corruption issues 2013-11-15
chromium -- multiple vulnerabilities 2013-12-05
chromium -- multiple vulnerabilities 2014-05-20
chromium -- multiple vulnerabilities 2012-12-12
chromium -- multiple vulnerabilities 2012-01-06
chromium -- multiple vulnerabilities 2012-03-05
chromium -- multiple vulnerabilities 2013-06-04
chromium -- multiple vulnerabilities 2014-03-05
chromium -- multiple vulnerabilities 2014-04-08
chromium -- multiple vulnerabilities 2013-03-26
chromium -- multiple vulnerabilities 2013-01-11
chromium -- multiple vulnerabilities 2014-05-14
chromium -- multiple vulnerabilities 2011-12-13
chromium -- multiple vulnerabilities 2012-02-15
chromium -- multiple vulnerabilities 2014-02-24
chromium -- multiple vulnerabilities 2013-01-23
chromium -- multiple vulnerabilities 2014-01-27
chromium -- multiple vulnerabilities 2012-06-27
chromium -- multiple vulnerabilities 2013-03-06
chromium -- multiple vulnerabilities 2014-04-30
chromium -- multiple vulnerabilities 2012-02-09
chromium -- multiple vulnerabilities 2012-01-24
chromium -- multiple vulnerabilities 2013-05-22
chromium -- multiple vulnerabilities 2012-08-10
chromium -- multiple vulnerabilities 2013-02-22
chromium -- multiple vulnerabilities 2012-08-10
chromium -- multiple vulnerabilities 2012-10-10
chromium -- multiple vulnerabilities 2013-08-03
chromium -- multiple vulnerabilities 2012-10-08
chromium -- multiple vulnerabilities 2012-04-05
chromium -- multiple vulnerabilities 2012-11-07
chromium -- multiple vulnerabilities 2010-12-07
chromium -- multiple vulnerabilities 2012-09-26
chromium -- multiple vulnerabilities 2013-08-21
chromium -- multiple vulnerabilities 2014-07-16
chromium -- multiple vulnerabilities 2012-05-01
chromium -- multiple vulnerabilities 2013-10-15
chromium -- multiple vulnerabilities 2012-03-28
chromium -- multiple vulnerabilities 2012-05-15
chromium -- multiple vulnerabilities 2014-06-10
chromium -- multiple vulnerabilities 2013-11-12
chromium -- multiple vulnerabilities 2013-07-10
chromium -- multiple vulnerabilities 2012-03-22
chromium -- multiple vulnerabilities 2012-11-27
chromium -- multiple vulnerabilities 2012-11-30
chromium -- multiple vulnerabilities 2014-01-15
chromium -- multiple vulnerabilities 2013-10-01
chromium -- multiple vulnerabilities 2012-08-30
chromium -- multiple vulnerabilities 2012-05-28
chromium -- WebKit vulnerability 2013-03-08
clamav -- arbitrary code execution and DoS vulnerabilities 2005-09-24
clamav -- cabinet file handling DoS vulnerability 2005-07-06
clamav -- CHM Processing Denial of Service 2008-09-12
clamav -- CHM unpacker and PE rebuilding vulnerabilities 2006-10-16
clamav -- ClamAV libclamav PE File Integer Overflow Vulnerability 2008-02-15
clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability 2006-05-03
clamav -- heap overflow vulnerability 2006-08-08
clamav -- MS-Expand file handling DoS vulnerability 2005-07-06
clamav -- Multipart Nestings Denial of Service 2006-12-12
clamav -- multiple remote buffer overflows 2005-07-25
clamav -- multiple remote Denial of Service vulnerabilities 2007-09-21
clamav -- Multiple Vulnerabilities 2006-04-06
clamav -- multiple vulnerabilities 2012-06-16
clamav -- multiple vulnerabilities 2007-06-19
clamav -- Multiple Vulnerabilities 2008-04-15
clamav -- off-by-one heap overflow in VBA project parser 2008-11-10
clamav -- possible heap overflow in the UPX code 2006-01-10
clamav -- zip handling DoS vulnerability 2005-03-26
clamav remote denial-of-service 2004-02-12
claws-mail -- APOP vulnerability 2007-04-19
claws-mail -- insecure temporary file creation 2008-01-22
claws-mail -- POP3 Format String Vulnerability 2007-08-27
codeigniter -- arbitrary script execution in the new Form Validation class 2009-02-11
codeigniter -- file upload class vulnerability 2010-07-21
coppermine -- "file" Local File Inclusion Vulnerability 2006-05-22
coppermine -- File Inclusion Vulnerabilities 2006-05-22
coppermine -- IP spoofing and XSS vulnerability 2005-05-01
coppermine -- Multiple File Extensions Vulnerability 2006-05-22
coppermine -- Multiple vulnerabilites 2012-08-30
coppermine -- multiple vulnerabilities 2008-02-25
coppermine -- multiple vulnerabilities 2007-09-20
corkscrew -- buffer overflow vulnerability 2010-08-21
couchdb -- DOM based Cross-Site Scripting via Futon UI 2013-05-26
Courier Authentication Library -- SQL Injection 2008-06-13
Courier mail services: remotely exploitable buffer overflows 2004-03-31
courier-imap -- format string vulnerability in debug mode 2004-08-22
cpio -- multiple vulnerabilities 2006-01-27
Critical SQL injection in phpBB 2004-03-28
crossfire-server -- denial of service and remote code execution vulnerability 2006-04-23
cscope -- buffer overflow 2009-06-16
cscope -- buffer overflow vulnerabilities 2006-05-23
cscope -- Buffer Overflow Vulnerabilities 2006-10-02
cscope -- multiple buffer overflows 2009-06-16
cscope -- symlink attack vulnerability 2004-12-07
cups -- Incomplete SSL Negotiation Denial of Service 2007-06-12
CUPS -- local information disclosure 2004-10-13
cups -- multiple vulnerabilities 2008-10-10
cups -- off-by-one buffer overflow 2007-11-09
cups -- potential buffer overflow in PNG reading code 2008-11-29
cups -- print queue browser denial-of-service 2004-09-15
cups -- remote code execution and DNS rebinding 2009-05-07
cups-base -- CUPS server remote DoS vulnerability 2005-01-18
cups-base -- HPGL buffer overflow vulnerability 2005-01-17
cups-lpr -- lppasswd multiple vulnerabilities 2005-01-17
curl -- authentication buffer overflow vulnerability 2005-02-27
curl -- cURL/libcURL Location: Redirect URLs Security Bypass 2009-03-04
cURL -- inappropriate GSSAPI delegation 2014-04-11
curl -- libcurl buffer overflow vulnerability 2010-04-19
curl -- TFTP packet buffer overflow vulnerability 2006-03-20
curl -- URL buffer overflow vulnerability 2005-12-09
cURL library -- cert name check ignore with GnuTLS 2013-12-18
cURL library -- heap corruption in curl_easy_unescape 2013-06-23
cvs -- numerous vulnerabilities 2004-08-17
CVS path validation errors 2004-04-14
cvs pserver remote heap buffer overflow 2004-05-19
cvsbug -- race condition 2006-01-27
Cyrus IMAP pre-authentication heap overflow vulnerability 2004-05-12
Cyrus IMAPd -- APPEND command uses undefined programming construct 2004-11-22
Cyrus IMAPd -- FETCH command out of bounds memory corruption 2004-11-22
Cyrus IMAPd -- IMAPMAGICPLUS preauthentification overflow 2004-11-22
Cyrus IMAPd -- PARTIAL command out of bounds memory corruption 2004-11-22
Cyrus IMSPd multiple vulnerabilities 2004-09-20
cyrus-imapd -- multiple buffer overflow vulnerabilities 2005-02-27
cyrus-imapd -- Potential buffer overflow in Sieve 2009-09-09
cyrus-sasl -- buffer overflow vulnerability 2009-05-15
cyrus-sasl -- DIGEST-MD5 Pre-Authentication Denial of Service 2006-04-22
cyrus-sasl -- dynamic library loading and set-user-ID applications 2004-10-08
cyrus-sasl -- potential buffer overflow in DIGEST-MD5 plugin 2004-10-12
Darwin Streaming Server denial-of-service vulnerability 2004-02-25
databases/postgresql*-client -- multiple vulnerabilities 2012-02-28
databases/postgresql*-server -- crypt vulnerabilities 2012-05-30
databases/postgresql*-server -- multiple vulnerabilities 2012-08-17
dbus -- local dos 2013-06-13
dbus -- local DoS 2014-06-14
dbus -- match_rule_equal() Weakness 2006-12-14
dbus -- multiple vulnabilities 2014-07-03
dbus-glib -- privledge escalation 2014-04-11
devel/subversion -- contrib hook-scripts can allow arbitrary code execution 2013-05-31
devel/subversion -- fsfs repositories can be corrupted by newline characters in filenames 2013-05-31
devel/subversion -- svnserve remotely triggerable DoS 2013-05-31
devfs -- ruleset bypass 2005-08-05
dia -- remote command execution vulnerability 2009-02-17
dia -- XFig Import Plugin Buffer Overflow 2006-04-05
dillo -- format string vulnerability 2005-01-08
dircproxy -- remote denial of service 2007-11-04
distcc -- incorrect parsing of IP access control rules 2004-10-03
django -- cross-site scripting vulnerability 2010-09-17
django -- denial-of-service attack 2009-10-16
django -- denial-of-service via large passwords 2013-09-22
django -- multiple vulnerabilities 2010-12-29
django -- multiple vulnerabilities 2012-07-31
django -- multiple vulnerabilities 2013-01-06
django -- multiple vulnerabilities 2011-02-09
django -- multiple vulnerabilities 2012-10-24
django -- multiple vulnerabilities 2013-09-12
django -- multiple vulnerabilities 2014-04-23
django -- multiple vulnerabilities 2013-02-24
django -- multiple vulnerabilities 2011-09-13
django -- XSS vulnerability 2008-05-14
django-cms -- XSS Vulnerability 2013-01-25
dnrd -- remote buffer and stack overflow vulnerabilities 2005-07-21
dns/bind9* -- A recursive resolver can be crashed by a query for a malformed zone 2013-06-06
dns/bind9* -- crash on deliberately constructed combination of records 2012-10-10
dns/bind9* -- Heavy DNSSEC Validation Load Can Cause a 'Bad Cache' Assertion Failure 2012-07-24
dns/bind9* -- Malicious Regex Can Cause Memory Exhaustion 2013-03-27
dns/bind9* -- servers using DNS64 can be crashed by a crafted query 2012-12-04
dns/bind9* -- Several vulnerabilities 2012-09-18
dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory 2012-06-04
dns/nsd -- DoS vulnerability from non-standard DNS packet 2012-07-20
dnsmasq -- TFTP server remote code injection vulnerability 2009-09-02
dojo -- cross-site scripting and other vulnerabilities 2010-04-06
Dokuwiki -- cross site scripting vulnerability 2012-04-23
Dokuwiki -- cross site scripting vulnerability 2012-07-18
Dokuwiki -- cross site scripting vulnerability 2011-06-20
dokuwiki -- Local File Inclusion with register_globals on 2009-06-04
dokuwiki -- multiple privilege escalation vulnerabilities 2011-01-24
dokuwiki -- multiple vulnerabilities 2006-06-11
dokuwiki -- multiple vulnerabilities 2006-09-30
dokuwiki -- multiple vulnerabilities 2006-09-30
dokuwiki -- multiple vulnerabilities 2010-01-18
dokuwiki -- spellchecker remote PHP code execution 2006-06-05
dokuwiki -- XSS vulnerability in spellchecker backend 2007-07-24
DomainKeys Identified Mail (DKIM) Verifiers may inappropriately convey message trust 2012-11-12
dovecot -- ACL plugin bypass vulnerabilities 2008-11-19
dovecot -- denial of service vulnerability 2011-08-19
dovecot -- Insecure directory permissions 2009-12-10
dovecot -- security hole in blocking passdbs 2008-03-10
dovecot -- Specific LDAP + auth cache configuration may mix up user logins 2007-12-29
dovecot-managesieve -- Script Name Directory Traversal Vulnerability 2008-12-07
dropbear -- arbitrary code execution 2012-03-04
dropbear -- exposure of sensitive information, DoS 2013-10-17
drupal -- cross site request forgeries 2006-10-18
drupal -- Cross site request forgeries 2007-07-28
drupal -- cross site request forgery 2008-01-11
drupal -- cross site scripting 2009-04-30
drupal -- cross site scripting (register_globals) 2008-01-11
drupal -- cross site scripting (utf8) 2008-01-11
drupal -- cross-site scripting 2009-05-14
drupal -- HTML attribute injection 2006-10-18
drupal -- multiple cross-site scripting 2009-12-25
drupal -- Multiple cross-site scripting vulnerabilities 2007-07-28
drupal -- multiple vulnerabilities 2012-02-07
drupal -- multiple vulnerabilities 2010-03-08
drupal -- multiple vulnerabilities 2006-06-05
drupal -- multiple vulnerabilities 2008-10-22
drupal -- multiple vulnerabilities 2006-03-17
drupal -- multiple vulnerabilities 2013-12-06
drupal -- multiple vulnerabilities 2008-10-12
drupal -- multiple vulnerabilities 2008-07-13
drupal -- multiple vulnerabilities 2013-01-20
drupal -- multiple vulnerabilities 2008-08-18
drupal -- multiple vulnerabilities 2009-09-22
drupal -- multiple vulnerabilities 2007-01-05
drupal -- multiple vulnerabilities 2009-02-04
drupal -- multiple vulnerabilities 2009-07-13
drupal -- multiple vulnerabilities 2006-07-13
drupal -- multiple vulnerabilities 2008-12-19
drupal -- multiple vulnerabilities 2005-12-01
drupal -- multiple XSS vulnerabilities 2006-10-18
drupal -- PHP code execution vulnerabilities 2005-07-16
drupal -- SQL injection vulnerability 2007-12-12
drupal -- XSS vulnerability 2006-08-02
drupal --- multiple vulnerabilities 2007-10-24
Drupal Views plugin -- cross-site scripting 2010-12-28
drupal-pubcookie -- authentication may be bypassed 2006-09-13
drupal6 -- multiple vulnerabilities 2011-05-26
drupal6-cck -- cross-site scripting 2009-04-11
drupal7 -- Denial of service 2013-02-21
drupal7 -- multiple vulnerabilities 2012-10-31
dtc -- multiple vulnerabilities 2011-08-13
e107 -- code execution and XSS vulnerabilities 2010-04-20
e2fsprogs -- heap buffer overflow 2007-12-20
ecartis -- unauthorised access to admin interface 2004-12-21
ecartis buffer overflows and input validation bugs 2004-03-29
ee -- temporary file privilege escalation 2006-01-27
eggdrop -- denial of service vulnerability 2009-05-30
egroupware -- arbitrary file download in JiNN 2005-01-21
egroupware -- multiple cross-site scripting (XSS) and SQL injection vulnerabilities 2005-07-23
egroupware -- two vulnerabilities 2010-03-11
ejabberd -- cross-site scripting vulnerability 2009-04-17
ejabberd -- queue overload denial of service vulnerability 2010-04-19
ejabberd -- remote denial of service vulnerability 2011-06-24
ekg -- insecure temporary file creation 2005-07-08
ElGamal sign+encrypt keys created by GnuPG can be compromised 2003-12-12
elinks -- buffer overflow vulnerability 2009-10-25
elm -- remote buffer overflow in Expires header 2005-08-23
emacs -- movemail format string vulnerability 2005-02-14
emacs -- remote code execution vulnerability 2012-09-08
emacs -- run-python vulnerability 2008-11-07
Enhanced cTorrent -- stack-based overflow 2009-10-28
enscript -- arbitrary code execution vulnerability 2008-11-18
enscript -- multiple vulnerabilities 2005-02-11
eperl -- Remote code execution 2012-09-26
epiphany -- untrusted search path vulnerability 2009-03-11
Erlang -- ssh library uses a weak random number generator 2011-05-25
ethereal -- Multiple Protocol Dissector Vulnerabilities 2006-04-27
ethereal -- multiple protocol dissectors vulnerabilities 2005-07-30
ethereal -- multiple protocol dissectors vulnerabilities 2005-06-24
ethereal -- multiple protocol dissectors vulnerabilities 2005-03-14
ethereal -- multiple protocol dissectors vulnerabilities 2005-02-08
ethereal -- multiple vulnerabilities 2004-12-23
ettercap -- buffer overflow in target list parsing 2013-01-16
evince -- Buffer Overflow Vulnerability 2006-12-14
evolution -- arbitrary code execution vulnerability 2005-01-25
evolution -- remote format string vulnerabilities 2005-08-27
evolution-data-server -- remote execution of arbitrary code vulnerability 2007-06-25
exim -- local privilege escalation 2011-01-08
exim -- local privilege escalation 2011-02-10
Exim -- remote code execution 2012-10-26
Exim -- remote code execution and information disclosure 2011-05-14
exim -- two buffer overflow vulnerabilities 2005-01-05
exim buffer overflow when verify = header_syntax is used 2004-05-06
expat2 -- buffer over-read and crash 2009-12-08
expat2 -- Parser crash with specially formatted UTF-8 sequences 2009-12-08
extman -- password bypass vulnerability 2008-04-25
eyeOS -- multiple XSS security bugs 2006-09-25
ez-ipupdate -- format string vulnerability 2004-11-11
ezbounce remote format string vulnerability 2004-03-26
f2c -- insecure temporary files 2006-04-10
faad2 -- heap overflow vulnerability 2008-11-12
fcron -- multiple vulnerabilities 2005-01-21
fd_set -- bitmap index overflow in multiple applications 2005-06-17
fetchmail -- address parsing vulnerability 2003-10-25
fetchmail -- chosen plaintext attack against SSL CBC initialization vectors 2012-08-30
fetchmail -- crash when bouncing a message 2006-01-23
fetchmail -- crashes when refusing a message bound for an MDA 2007-01-06
fetchmail -- denial of service on reject of local warning message 2007-09-02
fetchmail -- denial of service vulnerability 2010-04-20
fetchmail -- denial of service/crash from malicious POP3 server 2005-07-22
fetchmail -- denial-of-service vulnerability 2004-02-25
fetchmail -- fetchmailconf local password exposure 2005-10-30
fetchmail -- heap overflow on verbose X.509 display 2010-02-12
fetchmail -- improper SSL certificate subject verification 2009-08-11
fetchmail -- insecure APOP authentication 2007-04-09
fetchmail -- null pointer dereference in multidrop mode with headerless email 2005-12-19
fetchmail -- potential crash in -v -v verbose mode 2008-06-20
fetchmail -- potential crash in -v -v verbose mode (revised patch) 2008-07-01
fetchmail -- remote root/code injection from malicious POP3 server 2005-07-20
fetchmail -- STARTTLS denial of service 2011-06-06
fetchmail -- TLS enforcement problem/MITM attack/password exposure 2007-01-06
fetchmail -- two vulnerabilities in NTLM authentication 2012-08-14
ffmpeg -- 4xm processing memory corruption vulnerability 2009-03-16
ffmpeg -- libavcodec buffer overflow vulnerability 2005-12-07
ffmpeg -- multiple vulnerabilities 2012-01-14
fidogate -- write files as `news' user 2004-08-22
file -- denial of service 2014-03-03
file -- out-of-bounds access in search rules with offsets from input file 2014-03-29
file disclosure in phpMyAdmin 2004-02-22
findutils -- GNU locate heap buffer overrun 2007-06-01
firebird -- multiple remote buffer overflow vulnerabilities 2007-10-04
firebird -- Remote Stack Buffer Overflow 2013-03-06
firefox & mozilla -- buffer overflow vulnerability 2005-09-10
firefox & mozilla -- command line URL shell command injection 2005-09-22
firefox & mozilla -- multiple vulnerabilities 2005-07-16
firefox & mozilla -- multiple vulnerabilities 2005-09-23
firefox -- arbitrary code execution from sidebar panel 2005-03-24
firefox -- arbitrary code execution in sidebar panel 2005-04-16
firefox -- Dangling pointer crash regression from plugin parameter array fix 2010-08-09
firefox -- denial of service vulnerability 2006-05-03
firefox -- javascript garbage collector vulnerability 2008-04-25
firefox -- multiple remote unspecified memory corruption vulnerabilities 2007-11-27
firefox -- multiple vulnerabilities 2009-02-11
firefox -- OnUnload Javascript browser entrapment vulnerability 2007-10-22
firefox -- PLUGINSPAGE privileged javascript execution 2005-04-16
firefox -- Re-use of freed object due to scope confusion 2010-04-05
firefox -- WOFF heap corruption due to integer overflow 2010-03-23
flac -- media file processing integer overflow vulnerabilities 2007-11-13
flac123 -- stack overflow in comment parsing 2007-06-28
flyspray -- authentication bypass 2007-09-19
flyspray -- cross-site scripting vulnerabilities 2005-11-10
flyspray -- multiple vulnerabilities 2008-10-25
Format string vulnerability in SSLtelnet 2004-07-05
foswiki -- Script Insertion Vulnerability via unchecked user registration fields 2012-05-21
FreeBSD -- amd64 swapgs local privilege escalation 2008-09-05
FreeBSD -- arc4random(9) predictable sequence vulnerability 2009-01-05
FreeBSD -- BIND named(8) cache poisoning with DNSSEC validation 2010-10-24
FreeBSD -- BIND remote denial of service 2013-04-02
FreeBSD -- BIND remote DoS with deliberately crafted DNS64 query 2013-02-21
FreeBSD -- Buffer overflow in handling of UNIX socket addresses 2012-01-29
FreeBSD -- Buffer overflow in tcpdump(1) 2007-08-02
FreeBSD -- Cross-mount links between nullfs(5) mounts 2013-09-19
FreeBSD -- Cross-site request forgery in ftpd(8) 2009-01-05
FreeBSD -- Devfs / VFS NULL pointer race condition 2009-10-06
FreeBSD -- DNS cache poisoning 2008-07-13
FreeBSD -- errors handling corrupt compress file in compress(1) and gzip(1) 2012-01-29
FreeBSD -- FPU information disclosure 2006-04-19
FreeBSD -- glob(3) related resource exhaustion 2013-02-21
FreeBSD -- heap overflow in file(1) 2007-05-23
FreeBSD -- Improper environment sanitization in rtld(1) 2010-10-24
FreeBSD -- Inappropriate directory permissions in freebsd-update(8) 2010-10-24
FreeBSD -- Incorrect crypt() hashing 2012-06-27
FreeBSD -- Incorrect handling of zero-length RDATA fields in named(8) 2012-06-27
FreeBSD -- Infinite loop in SACK handling 2006-02-14
FreeBSD -- Insufficient credential checks in network ioctl(2) 2013-09-19
FreeBSD -- Insufficient environment sanitization in jail(8) 2010-10-24
FreeBSD -- Insufficient message length validation for EAP-TLS messages 2012-11-24
FreeBSD -- Integer overflow in bzip2 decompression 2010-10-24
FreeBSD -- IPv6 Neighbor Discovery Protocol routing vulnerability 2009-01-05
FreeBSD -- IPv6 Routing Header 0 is dangerous 2007-04-28
FreeBSD -- Jail rc.d script privilege escalation 2007-02-27
FreeBSD -- Kernel memory disclosure in firewire(4) 2007-02-27
FreeBSD -- kqueue pipe race conditions 2009-10-06
FreeBSD -- Linux compatibility layer input validation error 2012-11-24
FreeBSD -- Local kernel memory disclosure 2006-02-14
FreeBSD -- Lost mbuf flag resulting in data corruption 2010-10-24
FreeBSD -- Multiple Denial of Service vulnerabilities with named(8) 2012-11-24
FreeBSD -- named(8) DNSSEC validation Denial of Service 2012-08-07
FreeBSD -- netgraph / bluetooth privilege escalation 2009-01-05
FreeBSD -- Network ACL mishandling in mountd(8) 2012-01-29
FreeBSD -- NFS remote denial of service 2013-04-29
FreeBSD -- nmount(2) local arbitrary code execution 2008-09-05
FreeBSD -- ntpd mode 7 denial of service 2010-10-24
FreeBSD -- OpenSSL multiple vulnerabilities 2013-04-02
FreeBSD -- OpenSSL multiple vulnerabilities 2012-06-27
FreeBSD -- OPIE off-by-one stack overflow 2010-10-24
FreeBSD -- pam_ssh improperly grants access when user account has unencrypted SSH private keys 2012-01-29
FreeBSD -- pam_ssh() does not validate service names 2012-01-29
FreeBSD -- Predictable query ids in named(8) 2007-08-02
FreeBSD -- Privilege escalation via mmap 2013-06-18
FreeBSD -- Privilege escalation when returning from kernel 2012-06-27
FreeBSD -- Remote kernel panics on IPv6 connections 2008-09-05
FreeBSD -- remotely exploitable crash in OpenSSL 2009-05-07
FreeBSD -- SSL protocol flaw 2010-10-24
FreeBSD -- Unvalidated input in nfsclient 2010-10-24
FreeBSD -- ZFS ZIL playback with insecure permissions 2010-10-24
freeciv -- Denial of Service Vulnerabilities 2006-09-26
freeciv -- Packet Parsing Denial of Service Vulnerability 2006-09-26
freeradius -- arbitrary code execution for TLS-based authentication 2012-09-11
freeradius -- authentication bypass vulnerability 2006-06-08
freeradius -- denial-of-service vulnerability 2004-10-13
freeradius -- EAP-MSCHAPv2 Authentication Bypass 2006-03-29
freeradius -- EAP-TTLS Tunnel Memory Leak Remote DOS Vulnerability 2007-04-13
freeradius -- multiple vulnerabilities 2006-06-08
freeradius -- remote packet of death vulnerability 2009-12-14
freeradius -- sql injection and denial of service vulnerability 2005-05-22
freetype -- LWFN Files Buffer Overflow Vulnerability 2006-10-02
freetype -- Multiple vulnerabilities 2013-01-05
freetype -- multiple vulnerabilities 2012-04-06
freetype -- Some type 1 fonts handling vulnerabilities 2011-11-01
FreeType 2 -- Heap overflow vulnerability 2007-05-24
FreeType 2 -- Multiple Vulnerabilities 2008-07-03
freetype2 -- execute arbitrary code or cause denial of service 2011-08-11
freetype2 -- multiple vulnerabilities 2009-04-18
freetype2 -- Out of bounds read/write 2014-03-09
frontpage -- cross site scripting vulnerability 2006-05-23
fsp buffer overflow and directory traversal vulnerabilities 2004-01-19
fsplib -- multiple vulnerabilities 2007-08-02
fswiki -- command injection vulnerability 2005-08-29
fswiki -- XSS problem in file upload form 2005-05-29
fswiki -- XSS vulnerability 2006-05-06
fuser -- missing user's privileges check 2009-12-21
fwbuilder -- security issue in temporary file handling 2009-09-18
gaim -- AIM/ICQ away message buffer overflow 2005-08-12
gaim -- AIM/ICQ non-UTF-8 filename crash 2005-08-12
gaim -- AIM/ICQ remote denial of service vulnerability 2005-04-25
gaim -- buffer overflow in MSN protocol support 2004-10-25
gaim -- Content-Length header denial-of-service vulnerability 2004-10-25
gaim -- heap overflow exploitable by malicious GroupWise server 2004-10-25
gaim -- jabber remote crash 2005-04-10
gaim -- malicious smiley themes 2004-10-25
gaim -- MSN denial-of-service vulnerabilities 2004-10-25
gaim -- MSN Remote DoS vulnerability 2005-06-17
gaim -- MSN remote DoS vulnerability 2005-05-14
gaim -- multiple buffer overflows 2004-10-25
gaim -- remote crash on some protocols 2005-05-14
gaim -- remote DoS on receiving certain messages over IRC 2005-04-10
gaim -- remote DoS on receiving malformed HTML 2005-04-10
gaim -- remote DoS on receiving malformed HTML 2005-04-25
gaim -- Yahoo! remote crash vulnerability 2005-06-17
gaim remotely exploitable vulnerabilities in MSN component 2004-08-12
gallery -- cross-site scripting 2005-06-17
gallery -- multiple vulnerabilities 2008-09-19
gallery -- multiple vulnerabilities 2013-07-17
gallery -- remote code injection via HTTP_POST_VARS 2005-06-17
Gallery 1.4.3 and ealier user authentication bypass 2004-06-24
gallery2 -- file disclosure vulnerability 2005-10-15
gallery2 -- multiple vulnerabilities 2007-12-25
gallery2 -- multiple vulnerabilities 2007-11-09
ganglia -- buffer overflow vulnerability 2009-01-30
ganglia-webfrontend -- XSS vulnerabilities 2007-12-17
gd -- '_gdGetColors' remote buffer overflow vulnerability 2009-11-05
gd -- integer overflow 2004-11-05
gd -- multiple vulnerabilities 2007-06-29
gdk-pixbuf -- image decoding vulnerabilities 2004-09-15
gdm -- privilege escalation vulnerability 2011-03-29
gedit -- format string vulnerability 2006-02-20
geeklog xss vulnerability 2008-01-15
getmail -- symlink vulnerability during maildir delivery 2004-10-04
gforge -- directory traversal vulnerability 2005-06-03
gforge -- XSS and email flood vulnerabilities 2005-08-09
gftp -- directory traversal vulnerability 2005-02-18
gftp -- multiple vulnerabilities 2007-11-05
ghostscript -- buffer overflow vulnerability 2009-05-13
ghostscript -- insecure temporary file creation vulnerability 2005-11-27
ghostscript -- zseticcspace() function buffer overflow vulnerability 2008-03-05
git -- buffer overflow vulnerability 2010-07-23
git -- denial of service vulnerability 2009-06-15
git -- gitweb privilege escalation 2009-01-19
gitolite -- path traversal vulnerability 2012-10-15
gld -- format string and buffer overflow vulnerabilities 2005-04-19
globus -- Multiple tmpfile races 2006-08-15
glpi -- remote attack via crafted POST request 2012-02-10
glpi -- SQL Injection 2009-01-28
gnats -- format string vulnerability 2004-11-12
GNATS local privilege elevation 2004-07-02
gnome-screensaver -- Multiple monitor hotplug issues 2010-02-13
gnomevfs -- unsafe URI handling 2004-08-26
GNU Anubis buffer overflows and format string vulnerabilities 2004-03-06
GNU finger vulnerability 2007-12-05
GNU gatekeeper -- denial of service 2012-09-01
GNU libtool insecure temporary file handling 2004-02-13
gnu-radius -- SNMP-related denial-of-service 2004-09-20
gnupg -- 2 more possible memory allocation attacks 2006-08-02
gnupg -- buffer overflow 2006-11-27
gnupg -- false positive signature verification 2006-02-17
gnupg -- memory corruption vulnerability 2008-04-26
gnupg -- OpenPGP symmetric encryption vulnerability 2005-07-31
gnupg -- possible DoS using garbled compressed data packets 2014-06-23
gnupg -- possible infinite recursion in the compressed packet parser 2013-10-05
gnupg -- remotely controllable function pointer 2006-12-07
gnupg -- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack 2013-12-18
gnupg -- side channel attack on RSA secret keys 2013-07-25
gnupg -- user id integer overflow vulnerability 2006-06-25
GnuPG and Libgcrypt -- side-channel attack vulnerability 2013-08-17
GnuPG does not detect injection of unsigned data 2006-03-10
gnutls -- "gnutls_handshake()" Denial of Service 2008-08-21
gnutls -- certificate chain verification DoS 2004-10-05
gnutls -- client session resumption vulnerability 2011-11-10
gnutls -- client-side memory corruption 2014-06-03
gnutls -- client-side memory corruption 2014-06-04
gnutls -- denial of service 2013-10-25
GnuTLS -- improper SSL certificate verification 2009-08-17
gnutls -- multiple certificate verification issues 2014-03-04
GnuTLS -- multiple vulnerabilities 2009-08-17
gnutls -- possible overflow/Denial of service vulnerabilities 2012-03-21
gnutls -- RSA Signature Forgery Vulnerability 2006-10-02
gnutls -- X.509 certificate chain validation vulnerability 2008-11-16
golddig -- local buffer overflow vulnerabilities 2005-01-03
google-earth -- heap overflow in the KML engine 2006-10-14
gpgme -- heap-based buffer overflow in gpgsm status handler 2014-08-02
greed -- insecure GRX file processing 2005-01-03
grip -- CDDB response multiple matches buffer overflow vulnerability 2005-03-14
groff -- groffer uses temporary files unsafely 2005-05-09
groff -- pic2graph and eqn2graph are vulnerable to symlink attack through temporary files 2005-05-09
gstreamer-ffmpeg -- Multiple vulnerabilities in bundled libav 2013-08-20
gstreamer-plugins-good -- multiple memory overflows 2009-03-16
gtar -- buffer overflow in rmt client 2010-03-24
gtar -- Directory traversal vulnerability 2007-09-01
gtar -- GNU TAR safer_name_suffix Remote Denial of Service Vulnerability 2009-01-15
gtar -- GNUTYPE_NAMES directory traversal vulnerability 2006-11-30
gtar -- invalid headers buffer overflow 2006-03-03
gtar -- name mangling symlink vulnerability 2007-02-27
gtetrinet -- remote code execution 2006-09-02
gzip -- directory traversal and permission race vulnerabilities 2005-06-18
gzip -- multiple vulnerabilities 2006-12-19
habari -- Cross-Site Scripting Vulnerability 2008-12-07
hafiye -- lack of terminal escape sequence filtering 2004-11-11
haproxy -- buffer overflow 2012-05-24
hashcash -- format string vulnerability 2005-04-02
hashcash -- heap overflow vulnerability 2006-06-27
heartbeat -- insecure temporary file creation vulnerability 2006-02-16
heimdal -- Multiple vulnerabilities 2006-03-20
heimdal kadmind remote heap buffer overflow 2004-05-05
helvis -- arbitrary file deletion problem 2005-01-10
helvis -- information leak vulnerabilities 2005-01-10
hiawatha -- integer overflow in Content-Length header parsing 2011-03-17
hiawatha -- memory leak in PreventSQLi routine 2011-11-18
hlstats -- multiple cross site scripting vulnerabilities 2006-09-02
horde -- "url" disclosure of sensitive information vulnerability 2006-03-15
horde -- Cross site scripting vulnerabilities in MIME viewers 2005-11-22
horde -- Cross site scripting vulnerabilities in several of Horde's templates 2005-12-11
horde -- cross-site scripting vulnerability in help window 2004-10-27
horde -- Horde Page Title Cross-Site Scripting Vulnerability 2005-04-05
horde -- multiple parameter cross site scripting vulnerabilities 2006-06-17
horde -- multiple vulnerabilities 2008-09-11
horde -- Phishing and Cross-Site Scripting Vulnerabilities 2006-08-17
horde -- remote code execution vulnerability in the help viewer 2006-03-28
horde -- various problems in dereferrer 2006-07-05
horde -- XSS vulnerabilities 2005-01-22
horde-base -- multiple vulnerabilities 2009-09-14
horde-base -- XSS and CSRF vulnerabilities 2010-09-28
horde-base -- XSS: VCARD attachments vulnerability 2010-11-23
horde-gollem -- XSS vulnerability 2010-09-28
horde-imp -- XSS vulnerability 2010-09-28
hplip -- hpssd Denial of Service 2008-11-29
hsftp format string vulnerabilities 2004-02-25
htdig -- cross site scripting vulnerability 2005-09-04
HTMLDOC -- buffer overflow issues when reading AFM files and parsing page sizes 2014-01-22
hylafax -- unauthorized login vulnerability 2005-01-11
i2p -- Multiple Vulnerabilities 2014-07-28
icecast -- Cross-Site Scripting Vulnerability 2004-10-13
icecast -- HTTP header overflow 2004-10-13
icecast 1.x multiple vulnerabilities 2004-02-12
Icinga -- buffer overflow in classic web interface 2014-03-29
id3lib -- insecure temporary file creation 2007-10-01
ident2 double byte buffer overflow 2004-04-23
IEEE 802.11 -- buffer overflow 2006-02-14
ifmail -- unsafe set-user-ID application 2004-10-19
ikiwiki -- cleartext passwords 2008-06-01
ikiwiki -- cross site request forging 2008-04-13
ikiwiki -- empty password security hole 2008-05-31
ikiwiki -- improper symlink verification vulnerability 2007-11-27
ikiwiki -- insufficient blacklisting in teximg plugin 2009-09-13
ikiwiki -- javascript insertion via uris 2008-02-11
ikiwiki -- tty hijacking via ikiwiki-mass-rebuild 2011-06-15
ImageMagick -- BMP decoder buffer overflow 2004-08-31
ImageMagick -- EXIF parser buffer overflow 2004-11-11
ImageMagick -- format string vulnerability 2005-03-03
ImageMagick -- multiple vulnerabilities 2007-10-10
ImageMagick -- multiple vulnerabilities 2012-06-14
ImageMagick -- PSD handler heap overflow vulnerability 2005-01-18
ImageMagick -- ReadPNMImage() heap overflow vulnerability 2005-04-27
ImageMagick -- SGI Image File heap overflow vulnerability 2006-12-02
ImageMagick and GraphicsMagick -- DoS via specially crafted PNG file 2012-09-20
ImageMagick png vulnerability fix 2004-08-04
imap-uw -- authentication bypass when CRAM-MD5 is enabled 2005-06-03
imap-uw -- imap c-client buffer overflow 2009-01-11
imap-uw -- local buffer overflow vulnerabilities 2009-01-11
imap-uw -- mailbox name handling remote buffer vulnerability 2005-10-05
imap-uw -- University of Washington IMAP c-client Remote Format String Vulnerability 2009-05-21
imlib -- BMP decoder heap buffer overflow 2004-08-31
imlib -- xpm heap buffer overflows and integer overflows 2005-01-21
imlib2 -- BMP decoder buffer overflow 2004-08-31
Imlib2 -- multiple image file processing vulnerabilities 2006-11-08
imlib2 -- XPM processing buffer overflow vulnerability 2008-11-24
imp3 -- XSS hole in the HTML viewer 2004-10-05
imwheel -- insecure handling of PID file 2004-10-19
Incorrect cross-realm trust handling in Heimdal 2004-04-02
ingo -- local arbitrary shell command execution 2006-10-18
inn -- plaintext command injection into encrypted channel 2012-08-25
insecure temporary file creation in xine-check, xine-bugreport 2004-03-26
inspircd -- buffer overflow 2012-05-17
iodined -- authentication bypass 2014-06-18
ipfw -- IP fragment denial of service 2006-02-14
ipsec -- Incorrect key usage in AES-XCBC-MAC 2005-08-05
ipsec -- reply attack vulnerability 2006-03-24
ipset-tools -- Denial of Service Vulnerabilities 2009-01-21
IRC Services-- Denial of Service Vulnerability 2008-01-19
irc-ratbox -- multiple vulnerabilities 2010-01-28
irc/bitchx -- multiple vulnerabilities 2013-05-31
ircd-ratbox and charybdis -- remote DoS vulnerability 2013-01-02
irssi -- multiple vulnerabilities 2010-04-19
isakmpd payload handling denial-of-service vulnerabilities 2004-03-31
isc-dhcp -- multiple vulnerabilities 2012-07-25
isc-dhcp-client -- dhclient does not strip or escape shell meta-characters 2011-04-10
isc-dhcp-client -- Stack overflow vulnerability 2009-07-15
isc-dhcp-server -- DHCPv6 crash 2011-01-28
isc-dhcp-server -- DoS in DHCPv6 2012-01-13
isc-dhcp-server -- Empty link-address denial of service 2010-11-24
isc-dhcp-server -- Remote DoS 2011-12-07
isc-dhcp-server -- server halt upon processing certain packets 2011-08-13
isc-dhcp3-server buffer overflow in logging mechanism 2004-06-25
isc-dhcpd -- format string vulnerabilities 2005-07-23
isolate -- local root exploit 2010-08-13
jabberd -- 3 buffer overflows 2005-07-30
jabberd -- denial-of-service vulnerability 2004-12-26
jabberd -- domain spoofing in server dialback protocol 2012-08-23
jabberd -- remote buffer overflow vulnerability 2004-11-30
jabberd -- SASL Negotiation Denial of Service Vulnerability 2006-05-01
jailed processes can attach to other jails 2004-04-07
jailed processes can manipulate host routing tables 2004-06-07
jasper -- buffer overflow 2013-04-18
Java 1.7 -- security manager bypass 2012-08-30
java 7.x -- security manager bypass 2013-01-14
jdk -- jar directory traversal vulnerability 2005-04-16
jdk/jre -- Applet Caching May Allow Network Access Restrictions to be Circumvented 2007-10-08
jdk/jre -- Security Vulnerability With Java Plugin 2004-11-25
jenkins -- HTTP access to the server to retrieve the master cryptographic key 2013-01-08
jenkins -- multiple vulnerabilities 2012-09-17
jenkins -- multiple vulnerabilities 2013-02-17
jenkins -- multiple vulnerabilities 2014-02-15
jenkins -- multiple vulnerabilities 2013-05-03
jenkins -- XSS vulnerability 2012-03-07
jetty -- multiple vulnerabilities 2007-12-10
jetty -- multiple vulnerability 2008-02-04
joomla -- flaw in the reset token validation 2008-08-20
joomla -- multiple remote vulnerabilities 2007-01-17
joomla -- multiple vulnerabilities 2007-08-02
joomla -- multiple vulnerabilities 2006-08-30
joomla -- multiple vulnerabilities 2009-06-16
Joomla -- multiple vulnerabilities 2006-06-30
joomla -- multiple vulnerabilities 2010-04-26
joomla -- Privilege Escalation 2012-06-19
Joomla! -- Core - Multiple Vulnerabilities 2014-03-23
Joomla! -- Core XSS Vulnerabilities 2013-12-04
Joomla! -- XXS and DDoS vulnerabilities 2013-04-27
joomla15 -- com_mailto Timeout Issue 2009-08-07
junkbuster -- heap corruption vulnerability and configuration modification vulnerability 2005-04-22
kaffeine -- buffer overflow vulnerability 2006-04-07
KDE -- multiple vulnerabilities 2009-11-02
kdebase -- Kate backup file permission leak 2005-07-18
kdelibs -- insecure temporary file creation 2005-02-18
kdelibs -- integer overflow in khtml 2006-10-22
kdelibs -- KAuth PID Reuse Flaw 2014-07-31
kdelibs -- kimgio input validation errors 2005-04-22
kdelibs -- konqueror cross-domain cookie injection 2004-08-26
kdelibs -- local DCOP denial of service vulnerability 2005-03-21
kdelibs insecure temporary file handling 2004-08-12
kdelibs3 -- konqueror FTP command injection vulnerability 2005-01-01
kdelibs4 -- KMail/KIO POP3 SSL Man-in-the-middle Flaw 2014-07-16
kdelibs4, rekonq -- input validation failure 2011-10-23
kdepim exploitable buffer overflow in VCF reader 2004-04-15
kdeutils4 -- Directory traversal vulnerability 2011-11-14
kdewebdev -- kommander untrusted code execution vulnerability 2005-04-23
KDM -- local privilege escalation vulnerability 2010-04-14
kdm -- passwordless login vulnerability 2007-09-19
kernel -- information disclosure when using HTT 2005-05-13
kernel -- ipfw packet matching errors with address tables 2005-06-29
kernel -- TCP connection stall denial of service 2005-06-29
konquerer -- address bar spoofing 2007-09-19
konqueror -- Password Disclosure for SMB Shares 2004-12-12
konversation -- shell script command injection 2005-01-19
kpdf -- heap based buffer overflow 2006-02-15
kpopup -- local root exploit and local denial of service 2006-02-07
krb5 -- ASN.1 decoder denial-of-service vulnerability 2004-08-31
krb5 -- client impersonation vulnerability 2010-12-09
krb5 -- double-free vulnerabilities 2004-08-31
krb5 -- heap buffer overflow vulnerability in libkadm5srv 2004-12-21
krb5 -- KDC double free vulnerability 2010-04-21
krb5 -- KDC null pointer dereference in TGS handling 2011-12-14
krb5 -- MITKRB5-SA-2011-001, kpropd denial of service 2011-04-14
krb5 -- MITKRB5-SA-2011-002, KDC vulnerable to hang when using LDAP back end 2011-04-14
krb5 -- MITKRB5-SA-2011-003, KDC vulnerable to double-free when PKINIT enabled 2011-04-14
krb5 -- MITKRB5-SA-2011-004, kadmind invalid pointer free() [CVE-2011-0285] 2011-04-14
krb5 -- multiple checksum handling vulnerabilities 2010-12-09
krb5 -- multiple checksum handling vulnerabilities 2010-12-09
krb5 -- multiple denial of service vulnerabilities 2010-04-19
krb5 -- null pointer dereference in the KDC PKINIT code [CVE-2013-1415] 2013-02-22
krb5 -- remote denial of service vulnerability 2010-04-18
krb5 -- RFC 3961 key-derivation checksum handling vulnerability 2010-12-09
krb5 -- UDP ping-pong vulnerability in the kpasswd (password changing) service. [CVE-2002-2443] 2013-06-03
krb5 -- unkeyed PAC checksum handling vulnerability 2010-12-09
krb5-appl -- telnetd code execution vulnerability 2011-12-26
kronolith -- arbitrary local file inclusion vulnerability 2006-11-30
kronolith -- Cross site scripting vulnerabilities in several of the calendar name and event data fields 2005-12-11
kstars -- exploitable set-user-ID application fliccd 2005-06-17
ktorrent -- multiple vulnerabilities 2007-03-11
kvirc -- multiple vulnerabilities 2010-06-30
L2TP, ISAKMP, and RADIUS parsing vulnerabilities in tcpdump 2004-01-19
lbreakout2 vulnerability in environment variable handling 2004-02-25
lcms2 -- Null Pointer Dereference Denial of Service Vulnerability 2013-08-15
ldapscripts -- Command Line User Credentials Disclosure 2007-10-23
leafnode -- denial of service vulnerability 2005-06-09
leafnode -- fetchnews denial-of-service triggered by transmission abort/timeout 2005-05-13
leafnode denial-of-service triggered by article request 2004-05-21
leafnode fetchnews denial-of-service triggered by missing header 2004-05-21
leafnode fetchnews denial-of-service triggered by truncated transmission 2004-05-21
lftp -- multiple HTTP client download filename vulnerability 2010-09-03
lftp HTML parsing vulnerability 2003-12-12
lha -- numerous vulnerabilities when extracting archives 2004-09-23
lha buffer overflows and path traversal issues 2004-05-02
libarchive -- Infinite loop in corrupt archives handling in libarchive 2007-02-26
libaudiofile -- heap-based overflow in Microsoft ADPCM compression module 2014-04-11
libcdaudio -- remote buffer overflow and code execution 2009-01-11
libcloud -- possible SSL MITM due to invalid regexp used to validate target server hostname 2012-08-11
libexif -- buffer overflow vulnerability 2005-03-08
libexif -- multiple remote vulnerabilities 2013-03-13
libgadu -- multiple vulnerabilities 2005-08-12
libjpeg-turbo -- heap-based buffer overflow 2012-07-18
libmms -- stack-based buffer overflow 2006-09-22
libmspack -- infinite loop denial of service 2010-07-30
libmusicbrainz -- multiple buffer overflow vulnerabilities 2006-12-02
libotr -- buffer overflows 2012-08-18
libpng denial-of-service 2004-05-02
libpng stack-based buffer overflow and other code concerns 2004-08-04
libpurple -- Invalid memory dereference in the XMPP protocol plug-in by processing serie of specially-crafted file transfer requests 2012-05-12
libpurple -- multiple vulnerabilities 2013-03-10
libpurple -- Remote DoS via an MSN OIM message that lacks UTF-8 encoding 2012-04-01
libsndfile -- CAF processing integer overflow vulnerability 2009-03-16
libsndfile -- multiple vulnerabilities 2009-05-30
libsndfile -- PAF file processing integer overflow 2011-09-12
libsoup -- unintentionally allow access to entire local filesystem 2011-07-28
libspf2 -- Buffer overflow 2008-10-27
libtasn1 -- ASN.1 length decoding vulnerability 2012-03-21
libtomcrypt -- weak signature scheme with ECC keys 2006-02-16
libtool -- Library Search Path Privilege Escalation Issue 2009-11-28
libvorbis -- Multiple memory corruption flaws 2007-07-26
libvorbis -- multiple vulnerabilities 2009-11-24
libvorbis -- various security issues 2008-05-17
libwmf -- embedded GD library Use-After-Free vulnerability 2009-05-16
libwmf -- integer overflow vulnerability 2009-05-16
libXfont -- possible local privilege escalation 2011-08-11
libXfont -- Stack buffer overflow in parsing of BDF font files in libXfont 2014-01-08
libXfont -- X Font Service Protocol and Font metadata file handling issues 2014-05-13
libxine -- array index vulnerability 2008-04-24
libxine -- buffer overflow vulnerability 2006-06-11
libxine -- buffer overflow vulnerability 2008-01-29
libxine -- buffer overflow vulnerability 2008-02-26
libxine -- buffer overflow vulnerability 2008-01-19
libxine -- buffer-overflow vulnerability in aiff support 2004-12-29
libxine -- denial of service vulnerability 2008-10-19
libxine -- DVD subpicture decoder heap overflow 2005-01-12
libxine -- format string vulnerability 2005-10-09
libxine -- multiple buffer overflow vulnerabilities 2006-12-07
libxine -- multiple buffer overflows in RTSP 2005-01-12
libxine -- multiple vulnerabilities 2009-05-17
libxine -- multiple vulnerabilities 2009-05-17
libxine -- multiple vulnerabilities in VideoCD handling 2005-01-12
libxml -- Integer overflow 2011-11-10
libxml -- Multiple use-after-free vulnerabilities 2011-11-10
libxml -- remote buffer overflows 2004-11-09
libxml -- Stack consumption vulnerability 2011-11-10
libxml2 -- An off-by-one out-of-bounds write by XPointer 2012-05-18
libxml2 -- cpu consumption Dos 2013-03-29
libxml2 -- entity substitution DoS 2014-05-06
libxml2 -- heap buffer overflow 2012-02-27
libxml2 -- lack of end-of-document check DoS 2013-07-10
libxml2 -- multiple vulnerabilities 2008-11-19
libxml2 -- two vulnerabilities 2008-10-15
libxml2 stack buffer overflow in URI parsing 2004-02-25
libyaml heap overflow resulting in possible code execution 2014-02-01
LibYAML input sanitization errors 2014-03-26
libzrtpcpp -- multiple security vulnerabilities 2013-07-11
lifetype -- ADOdb "server.php" Insecure Test Script Security Issue 2006-04-27
lighttpd -- denial of service vulnerability 2010-02-16
lighttpd -- DOS when access files with mtime 0 2007-04-14
lighttpd -- FastCGI header overrun in mod_fastcgi 2007-09-10
lighttpd -- multiple vulnerabilities 2014-02-14
lighttpd -- multiple vulnerabilities 2007-07-21
lighttpd -- multiple vulnerabilities 2008-09-27
lighttpd -- OpenSSL Error Queue Denial of Service Vulnerability 2008-04-13
lighttpd -- Remote DOS in CRLF parsing 2007-04-14
lighttpd -- remote DoS in header parsing 2012-11-21
lighttpd -- remote DoS in HTTP authentication 2011-12-28
lighttpd -- script source disclosure vulnerability 2005-03-01
Linux binary compatibility mode input validation error 2004-06-30
linux-flashplugin -- arbitrary code execution vulnerability 2006-03-15
linux-flashplugin -- critical vulnerabilities 2007-07-18
linux-flashplugin -- cross-site scripting vulnerability 2011-06-08
linux-flashplugin -- multiple vulnerabilities 2008-10-17
linux-flashplugin -- multiple vulnerabilities 2013-07-15
linux-flashplugin -- multiple vulnerabilities 2013-04-10
linux-flashplugin -- multiple vulnerabilities 2012-06-09
linux-flashplugin -- multiple vulnerabilities 2011-02-11
linux-flashplugin -- multiple vulnerabilities 2012-04-10
linux-flashplugin -- multiple vulnerabilities 2013-05-16
linux-flashplugin -- multiple vulnerabilities 2012-12-14
linux-flashplugin -- multiple vulnerabilities 2014-05-26
linux-flashplugin -- multiple vulnerabilities 2010-02-13
linux-flashplugin -- multiple vulnerabilities 2013-02-27
linux-flashplugin -- multiple vulnerabilities 2013-06-14
linux-flashplugin -- multiple vulnerabilities 2010-11-06
linux-flashplugin -- multiple vulnerabilities 2011-08-10
linux-flashplugin -- multiple vulnerabilities 2010-08-13
linux-flashplugin -- multiple vulnerabilities 2008-01-03
linux-flashplugin -- multiple vulnerabilities 2011-11-11
linux-flashplugin -- multiple vulnerabilities 2014-01-24
linux-flashplugin -- multiple vulnerabilities 2014-02-04
linux-flashplugin -- multiple vulnerabilities 2012-02-27
linux-flashplugin -- multiple vulnerabilities 2012-03-09
linux-flashplugin -- multiple vulnerabilities 2009-12-09
linux-flashplugin -- multiple vulnerabilities 2013-09-13
linux-flashplugin -- multiple vulnerabilities 2013-03-12
linux-flashplugin -- multiple vulnerabilities 2012-11-02
linux-flashplugin -- multiple vulnerabilities 2013-02-08
linux-flashplugin -- multiple vulnerabilities 2011-09-22
linux-flashplugin -- multiple vulnerabilities 2013-11-12
linux-flashplugin -- multiple vulnerabilities 2012-11-02
linux-flashplugin -- multiple vulnerabilities 2011-05-23
linux-flashplugin -- multiple vulnerabilities 2010-06-14
linux-flashplugin -- remote code execution 2010-09-22
linux-flashplugin -- remote code execution vulnerability 2011-04-17
linux-flashplugin -- remote code execution vulnerability 2011-03-24
linux-flashplugin -- remote code execution vulnerability 2011-06-15
linux-flashplugin -- unspecified remote code execution vulnerability 2008-05-30
linux-flashplugin7 -- arbitrary code execution vulnerabilities 2006-09-12
linux-realplayer -- buffer overrun 2006-03-27
linux-realplayer -- heap overflow 2006-03-27
linux-realplayer -- multiple vulnerabilities 2008-01-04
linux-realplayer -- RealText parsing heap overflow 2005-06-24
linux_base -- vulnerabilities in Red Hat 7.1 libraries 2005-06-01
liveMedia -- DoS vulnerability 2007-12-08
lsh -- multiple vulnerabilities 2007-09-05
lxr -- multiple XSS vulnerabilities 2010-05-05
lynx -- remote buffer overflow 2005-10-30
LZO -- potential buffer overrun when processing malicious input data 2014-06-26
Macromedia flash player -- swf file handling arbitrary code 2005-11-13
mahara -- sql injection vulnerability 2010-04-18
mail-notification -- denial-of-service vulnerability 2004-10-12
mail/sympa* -- Multiple vulnerabilities in Sympa archive management 2012-06-05
mail/trojita -- may leak mail contents (not user credentials) over unencrypted connection 2014-03-23
Mailman -- cross-site scripting in web interface 2010-11-03
mailman -- directory traversal vulnerability 2005-02-12
mailman -- generated passwords are poor quality 2005-06-01
mailman -- Multiple Vulnerabilities 2006-09-04
mailman -- password disclosure 2005-06-01
mailman -- Private Archive Script Cross-Site Scripting 2006-04-16
mailman -- script insertion vulnerability 2008-04-25
mailman -- XSS vulnerability 2011-03-10
mailman denial-of-service vulnerability in MailCommandHandler 2004-02-25
mailman XSS in admin script 2004-02-25
mailman XSS in create script 2004-02-25
mailman XSS in user options page 2004-02-25
mambo -- "register_globals" emulation layer overwrite vulnerability 2005-11-30
mambo -- multiple SQL injection vulnerabilities 2006-10-05
mambo -- multiple vulnerabilities 2005-08-05
mambo -- SQL injection vulnerabilities 2006-07-05
mantis -- "t_core_path" file inclusion vulnerability 2005-12-14
mantis -- "view_filters_page.php" cross site scripting vulnerability 2006-02-16
mantis -- "view_filters_page.php" cross-site scripting vulnerability 2005-12-14
mantis -- multiple vulnerabilities 2012-06-12
mantis -- multiple vulnerabilities 2008-12-06
mantis -- php code execution vulnerability 2008-12-06
mantis -- session hijacking vulnerability 2008-11-22
many out-of-sequence TCP packets denial-of-service 2004-04-07
maradns -- CNAME record resource rotation denial of service 2008-01-10
maradns -- denial of service when resolving a long DNS hostname 2011-01-31
mathopd -- directory traversal vulnerability 2012-02-03
Mathopd buffer overflow 2003-12-12
mc -- multiple vulnerabilities 2005-01-21
mcollective -- cert valication issue 2014-07-21
mcweject -- exploitable buffer overflow 2007-04-08
mDNSResponder -- corrupted stack crash when parsing bad resolv.conf 2010-06-27
mediawiki -- authenticated CSRF vulnerability 2010-05-05
mediawiki -- Clickjacking vulnerabilities 2011-01-06
mediawiki -- cross site scripting vulnerability 2007-09-21
mediawiki -- cross site scripting vulnerability 2006-04-05
mediawiki -- hardcoded placeholder string security bypass vulnerability 2006-04-05
mediawiki -- multiple vulnerabilities 2012-09-01
mediawiki -- multiple vulnerabilities 2008-12-19
mediawiki -- multiple vulnerabilities 2011-05-12
mediawiki -- multiple vulnerabilities 2011-02-09
mediawiki -- two security vulnerabilities 2010-06-02
memcached -- memcached stats maps Information Disclosure Weakness 2009-08-17
mencoder -- potential buffer overrun when processing malicious lzo compressed input 2014-06-28
metamail format string bugs and buffer overflows 2004-02-18
mgetty+sendfax -- symlink attack via insecure temporary files 2008-12-07
Midnight Commander buffer overflow during symlink resolution 2004-04-03
Midnight Commander buffer overflows, format string bugs, and insecure temporary file handling 2004-05-02
milter-bogom -- headerless message crash 2006-01-09
mkbold-mkitalic -- format string vulnerability 2005-02-24
mksh -- TTY attachment privilege escalation 2008-04-25
mksnap_ffs clears file system options 2004-04-07
mnemo -- Cross site scripting vulnerabilities in several of the notepad name and note data fields 2005-12-11
mnGoSearch buffer overflow in UdmDocToTextBuf() 2004-02-15
mod_access_referer -- null pointer dereference vulnerability 2004-12-11
mod_dav -- lock related denial-of-service 2004-09-15
mod_dosevasive -- insecure temporary file creation 2005-01-24
mod_fcgid -- possible heap buffer overwrite 2013-10-10
mod_jk -- information disclosure 2007-06-05
mod_jk -- long URL stack overflow vulnerability 2007-03-05
mod_pagespeed -- critical cross-site scripting (XSS) vulnerability 2013-10-28
mod_pagespeed -- multiple vulnerabilities 2012-09-12
mod_perl -- cross-site scripting 2009-05-16
mod_perl -- remote DoS in PATH_INFO parsing 2007-04-24
mod_pubcookie -- cross site scripting vulnerability 2006-04-05
mod_pubcookie -- Empty Authentication Security Advisory 2011-05-23
mod_python -- information leakage vulnerability 2005-02-13
mod_python denial-of-service vulnerability in parse_qs 2004-03-03
mod_ssl -- SSLCipherSuite bypass 2004-10-23
ModSecurity -- XML External Entity Processing Vulnerability 2013-04-16
ModSecurity for Apache 2.x remote off-by-one overflow 2004-03-17
mohawk -- multiple vulnerabilities 2014-04-30
moinmoin -- ACL group bypass 2004-08-26
moinmoin -- cross-site scripting via RST parser 2012-09-05
MoinMoin -- cross-site scripting vulnerabilities 2011-01-11
moinmoin -- cross-site scripting vulnerabilities 2009-05-16
moinmoin -- multiple cross site scripting vulnerabilities 2009-01-30
moinmoin -- multiple cross site scripting vulnerabilities 2009-05-13
moinmoin -- multiple vulnerabilities 2008-02-25
moinmoin -- Multiple vulnerabilities 2013-01-05
moinmoin -- superuser privilege escalation 2008-06-14
moinmoin -- wrong processing of group membership 2012-09-05
MoinMoin administrative group name privilege escalation vulnerability 2004-06-28
monitorix -- serious bug in the built-in HTTP server 2013-12-01
monkey -- improper input validation vulnerability 2009-12-21
mono -- "System.CodeDom.Compiler" Insecure Temporary Creation 2006-10-05
mono -- XML signature HMAC truncation spoofing 2009-07-29
monotone -- remote denial of service in default setup 2010-10-24
moodle -- multiple vulnerabilities 2010-06-28
moodle -- multiple vulnerabilities 2010-04-24
mozilla -- "Wrapped" javascript: urls bypass security checks 2005-05-12
mozilla -- arbitrary code execution vulnerability 2005-02-26
mozilla -- automated file upload 2004-09-22
mozilla -- BMP decoder vulnerabilities 2004-09-28
mozilla -- built-in CA certificates may be overridden 2004-09-22
mozilla -- code execution through javascript: favicons 2005-04-16
mozilla -- code execution via javascript: IconURL vulnerability 2005-05-11
mozilla -- code execution via Quicktime media-link files 2007-09-19
mozilla -- corrupt JIT state after deep return from native function 2009-07-17
mozilla -- heap buffer overflow in GIF image processing 2005-03-24
mozilla -- Heap buffer overflow mixing document.write and DOM insertion 2010-10-28
mozilla -- heap overflow in NNTP handler 2005-01-13
mozilla -- heap-buffer overflow 2012-02-17
mozilla -- hostname spoofing bug 2004-09-30
mozilla -- insecure permissions for some downloaded files 2005-01-18
mozilla -- insecure temporary directory vulnerability 2005-02-26
mozilla -- javascript "lambda" replace exposes memory contents 2005-04-16
mozilla -- multiple heap buffer overflows 2004-09-28
mozilla -- multiple vulnerabilities 2009-12-16
mozilla -- multiple vulnerabilities 2012-06-05
mozilla -- multiple vulnerabilities 2009-08-04
mozilla -- multiple vulnerabilities 2008-02-22
mozilla -- multiple vulnerabilities 2013-10-30
mozilla -- multiple vulnerabilities 2009-10-28
mozilla -- multiple vulnerabilities 2008-03-30
mozilla -- multiple vulnerabilities 2011-12-21
Mozilla -- multiple vulnerabilities 2011-04-29
mozilla -- multiple vulnerabilities 2014-07-23
mozilla -- multiple vulnerabilities 2011-03-01
mozilla -- multiple vulnerabilities 2006-09-15
mozilla -- multiple vulnerabilities 2013-05-15
mozilla -- multiple vulnerabilities 2012-11-20
mozilla -- multiple vulnerabilities 2006-07-27
mozilla -- multiple vulnerabilities 2010-12-10
mozilla -- multiple vulnerabilities 2013-06-26
mozilla -- multiple vulnerabilities 2014-06-10
mozilla -- multiple vulnerabilities 2012-10-27
mozilla -- multiple vulnerabilities 2007-02-24
mozilla -- multiple vulnerabilities 2011-06-21
mozilla -- multiple vulnerabilities 2010-10-20
mozilla -- multiple vulnerabilities 2011-08-16
mozilla -- multiple vulnerabilities 2010-09-08
mozilla -- multiple vulnerabilities 2012-10-10
mozilla -- multiple vulnerabilities 2010-07-21
mozilla -- multiple vulnerabilities 2013-08-08
mozilla -- multiple vulnerabilities 2007-07-19
mozilla -- multiple vulnerabilities 2010-06-23
mozilla -- multiple vulnerabilities 2012-08-30
mozilla -- multiple vulnerabilities 2014-04-29
Mozilla -- multiple vulnerabilities 2011-09-28
mozilla -- multiple vulnerabilities 2010-03-30
mozilla -- multiple vulnerabilities 2013-08-18
mozilla -- multiple vulnerabilities 2010-03-19
mozilla -- multiple vulnerabilities 2010-02-18
mozilla -- multiple vulnerabilities 2013-01-09
mozilla -- multiple vulnerabilities 2012-08-02
mozilla -- multiple vulnerabilities 2011-11-08
mozilla -- multiple vulnerabilities 2013-12-14
mozilla -- multiple vulnerabilities 2013-02-19
mozilla -- multiple vulnerabilities 2008-11-13
mozilla -- multiple vulnerabilities 2012-02-01
mozilla -- multiple vulnerabilities 2009-04-22
mozilla -- multiple vulnerabilities 2012-04-24
mozilla -- multiple vulnerabilities 2008-12-19
mozilla -- multiple vulnerabilities 2013-04-03
mozilla -- multiple vulnerabilities 2008-09-24
mozilla -- multiple vulnerabilities 2006-04-16
mozilla -- multiple vulnerabilities 2012-03-14
mozilla -- multiple vulnerabilities 2014-03-19
mozilla -- multiple vulnerabilities 2014-02-04
mozilla -- multiple vulnerabilities 2009-06-12
mozilla -- NULL bytes in FTP URLs 2004-09-22
mozilla -- POP client heap overflow 2004-09-14
mozilla -- privilege escalation via DOM property overrides 2005-04-16
mozilla -- privilege escalation via non-DOM property overrides 2005-05-12
mozilla -- scripting vulnerabilities 2004-09-30
mozilla -- security icon spoofing 2004-09-22
mozilla -- SOAPParameter integer overflow 2004-09-14
mozilla -- update to HTTPS certificate blacklist 2011-03-24
mozilla -- use after free in nsXBLDocumentInfo::ReadPrototypeBindings 2012-02-11
mozilla -- Use-after-free in HTML Editor 2013-03-08
mozilla -- users may be lured into bypassing security dialogs 2004-09-30
mozilla -- vCard stack buffer overflow 2004-09-28
Mozilla / Firefox user interface spoofing vulnerability 2004-07-30
Mozilla certificate spoofing 2004-07-30
mozilla firefox -- multiple vulnerabilities 2009-09-10
mpack -- Information disclosure 2012-01-26
mpg123 -- buffer overflow in URL handling 2004-10-23
mpg123 -- buffer overflow vulnerability 2005-01-13
mpg123 -- playlist processing buffer overflow vulnerability 2005-01-03
mpg123 buffer overflow 2004-09-14
mpg123 vulnerabilities 2004-03-07
mplayer & libxine -- MMS and Real RTSP buffer overflow vulnerabilities 2005-04-25
mplayer -- buffer overflow in the code for RealMedia RTSP streams. 2007-01-08
mplayer -- cddb stack overflow 2007-06-07
mplayer -- DMO File Parsing Buffer Overflow Vulnerability 2007-03-09
mplayer -- heap overflow in the ASF demuxer 2006-03-09
mplayer -- multiple integer overflows 2008-10-01
mplayer -- Multiple integer overflows 2006-04-07
mplayer -- multiple vulnerabilities 2008-03-06
mplayer -- multiple vulnerabilities 2004-12-21
mplayer -- potential buffer overrun when processing malicious lzo compressed input 2014-06-28
mplayer -- twinvq processing buffer overflow vulnerability 2008-12-30
mplayer -- vulnerability in STR files processor 2009-01-15
mplayer heap overflow in http requests 2004-03-31
MT -- Search Unspecified XSS 2006-10-02
mt-daapd -- denial of service vulnerability 2007-11-12
mt-daapd -- integer overflow 2008-05-02
multiple buffer overflows in xboing 2004-03-05
Multiple implementations -- DoS via hash algorithm collision 2012-01-16
Multiple Potential Buffer Overruns in Samba 2004-07-21
multiple vulnerabilities in ethereal 2004-03-26
multiple vulnerabilities in ethereal 2004-07-11
multiple vulnerabilities in ethereal 2004-07-11
multiple vulnerabilities in phpBB 2004-03-26
mumble -- multiple vulnerabilities 2014-05-29
mumble -- NULL pointer dereference and heap-based buffer overflow 2014-05-29
mupdf -- Remote System Access 2011-02-10
Mutiple browser frame injection vulnerability 2004-08-12
mutt -- buffer overflow vulnerability 2007-07-29
mutt -- denial of service, potential remote code execution 2014-03-14
mutt -- Remote Buffer Overflow Vulnerability 2006-06-30
mutt-devel -- failure to check SMTP TLS server certificate 2012-04-06
mybb -- multiple vulnerabilities 2009-09-30
mysql -- ALTER MERGE denial of service vulnerability 2004-12-16
mysql -- command line client input validation vulnerability 2008-10-01
mysql -- database "case-sensitive" privilege escalation 2006-10-29
mysql -- database suid privilege escalation 2006-10-29
mysql -- empty bit-string literal denial of service 2009-01-11
mysql -- erroneous access restrictions applied to table renames 2004-12-16
mysql -- format string vulnerability 2006-08-13
mysql -- FTS request denial of service vulnerability 2004-12-16
mysql -- GRANT access restriction problem 2004-12-16
mysql -- heap buffer overflow with prepared statements 2004-09-23
MySQL -- Information Disclosure and Buffer Overflow Vulnerabilities 2006-06-01
mysql -- MyISAM table privileges security bypass vulnerability 2008-09-10
mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths 2008-12-30
mysql -- mysql_real_connect buffer overflow vulnerability 2004-12-16
mysql -- mysqlhotcopy insecure temporary file creation 2004-08-22
mysql -- privilege escalation and overwrite of the system table information 2009-01-11
mysql -- remote dos via malformed password packet 2009-01-11
mysql -- renaming of arbitrary tables by authenticated users 2009-01-11
MySQL -- SQL-injection security vulnerability 2006-06-01
MySQL authentication bypass / buffer overflow 2004-07-05
MySQL insecure temporary file creation (mysqlbug) 2004-04-16
mysql-scripts -- mysqlaccess insecure temporary file creation 2005-01-16
mysql-server -- insecure temporary file creation 2005-07-09
mysql-server -- multiple remote vulnerabilities 2005-03-14
mysql/mariadb/percona server -- multiple vulnerabilities 2013-02-01
mysql50-server -- COM_TABLE_DUMP arbitrary code execution 2006-05-06
nag -- Cross site scripting vulnerabilities in several of the tasklist name and task data fields 2005-12-11
nagios -- buffer overflow in history.cgi 2013-01-10
nagios -- Command Injection Vulnerability 2009-06-30
Nagios -- Cross Site Scripting Vulnerability 2008-05-28
nagios -- denial of service vulnerability 2014-01-14
nagios -- web interface privilege escalation vulnerability 2009-01-12
nagios-plugins -- Long Location Header Buffer Overflow Vulnerability 2007-10-11
nap allows arbitrary file access 2004-02-12
nas -- multiple vulnerabilities 2014-04-11
nbd-server -- buffer overflow vulnerability 2005-12-22
nbsmtp -- format string vulnerability 2005-08-01
neon -- NULL pointer dereference in Digest domain support 2008-09-12
neon date parsing vulnerability 2004-05-19
neon format string vulnerabilities 2004-04-15
net-snmp -- denial of service via GETBULK request 2007-11-13
net-snmp -- DoS for SNMP agent via crafted GETBULK request 2008-11-14
net-snmp -- fixproc insecure temporary file creation 2005-07-09
net-snmp -- Remote DoS 2012-04-27
net-snmp -- remote DoS vulnerability 2005-07-05
net/openafs -- buffer overflow 2013-06-03
netatalk -- arbitrary command execution in papd daemon 2009-03-18
netpbm -- buffer overflow in pnmtopng 2006-04-05
newsfetch -- server response buffer overflow vulnerability 2005-02-01
newsgrab -- directory traversal vulnerability 2005-02-01
newsgrab -- insecure file and directory creation 2005-02-01
newspost -- server response buffer overflow vulnerability 2005-02-01
nfs -- remote denial of service 2006-03-12
nfsen -- remote command execution 2009-07-03
nginx -- Buffer overflow in the ngx_http_mp4_module 2012-04-16
nginx -- multiple vulnerabilities 2013-05-07
nginx -- potential information leak 2012-03-15
nginx -- remote denial of service vulnerability 2009-09-14
nginx -- Request line parsing vulnerability 2013-11-19
nginx -- SPDY heap buffer overflow 2014-03-23
nginx -- SPDY memory corruption 2014-03-06
nginx-devel -- SPDY heap buffer overflow 2014-03-23
ngircd -- buffer overflow vulnerability 2005-02-13
ngircd -- format string vulnerability 2005-02-13
node -- private information disclosure 2012-05-07
node.js -- DoS Vulnerability 2013-10-19
nsd -- buffer overflow vulnerability 2009-05-19
nsd -- Denial of Service 2012-07-27
nss -- exploitable buffer overflow in SSLv2 protocol handler 2004-08-27
nss-pam-ldapd -- file descriptor buffer overflow 2013-02-20
nss/ca_root_nss -- fraudulent certificates issued by DigiNotar.nl 2011-09-03
ntp -- stack-based buffer overflow 2009-05-20
ntpd DRDoS / Amplification Attack using ntpdc monlist command 2014-01-14
nut -- upsd can be remotely crashed 2012-05-30
NVIDIA UNIX driver -- access to arbitrary system memory 2012-05-10
NVIDIA UNIX driver -- ARGB cursor buffer overflow in "NoScanout" mode 2013-04-08
nvidia-driver -- arbitrary root code execution vulnerability 2006-10-16
nwclient -- multiple vulnerabilities 2005-07-08
oftpd denial-of-service vulnerability (PORT command) 2004-03-28
oops -- format string vulnerability 2005-05-22
Open DC Hub -- remote buffer overflow vulnerability 2004-11-27
openafs -- Denial of Service 2014-04-09
openafs -- single-DES cell-wide key brute force vulnerability 2013-07-25
openfire -- multiple vulnerabilities 2008-11-19
openfire -- multiple vulnerabilities 2009-01-25
openfire -- Openfire No Password Changes Security Bypass 2009-05-04
openfire -- unspecified denial of service 2008-04-25
openjpeg -- Multiple vulnabilities 2014-05-24
OpenLDAP -- incorrect handling of NULL in certificate Common Name 2014-04-11
openldap -- modrdn Denial of Service vulnerability 2008-02-22
openldap -- multiple remote denial of service vulnerabilities 2007-10-30
openldap -- slapd acl selfwrite Security Issue 2006-10-05
openldap -- two security bypass vulnerabilities 2011-02-25
openoffice -- arbitrary code execution vulnerabilities 2008-11-29
openoffice -- arbitrary command execution vulnerability 2007-09-20
openoffice -- DOC document heap overflow vulnerability 2005-04-13
openoffice -- document disclosure 2004-09-14
openoffice.org -- Multiple vulnerabilities 2011-02-10
openoffice.org -- multiple vulnerabilities 2010-02-25
opensaml2 -- unauthenticated login 2011-07-25
OpenSSH -- Memory corruption in sshd 2013-11-08
openssh -- multiple vulnerabilities 2006-09-30
openssh -- remote denial of service 2006-03-12
OpenSSL -- CMS and S/MIME Bleichenbacher attack 2012-03-15
openssl -- denial of service in DTLS implementation 2009-05-30
OpenSSL -- DTLS and TLS 1.1, 1.2 denial of service 2012-05-10
OpenSSL -- DTLS Denial of Service 2012-01-20
openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3) 2006-12-19
OpenSSL -- integer conversions result in memory corruption 2012-04-21
OpenSSL -- Local Information Disclosure 2014-04-11
OpenSSL -- Multiple problems in crypto(3) 2007-02-26
OpenSSL -- multiple vulnerabilities 2011-09-07
OpenSSL -- multiple vulnerabilities 2014-06-05
openssl -- multiple vulnerabilities 2014-01-06
OpenSSL -- multiple vulnerabilities 2012-01-14
OpenSSL -- NULL pointer dereference / DoS 2014-05-03
openssl -- potential SSL 2.0 rollback 2005-10-12
OpenSSL -- Remote Data Injection / DoS 2014-04-23
OpenSSL -- Remote Information Disclosure 2014-04-07
OpenSSL -- TLS 1.1, 1.2 denial of service 2013-02-06
openssl -- TLS extension parsing race condition 2010-11-17
OpenSSL ChangeCipherSpec denial-of-service vulnerability 2004-03-17
OpenTTD -- Buffer overflows in savegame loading 2011-10-16
OpenTTD -- Denial of Service 2012-08-18
OpenTTD -- Denial of service (server) via infinite loop 2010-08-22
OpenTTD -- Denial of service (server) via slow read attack 2012-01-16
OpenTTD -- Denial of service (server/client) via invalid read 2010-11-23
OpenTTD -- Denial of service using forcefully crashed aircrafts 2013-11-28
OpenTTD -- Denial of service via improperly validated commands 2011-10-16
OpenTTD -- Multiple buffer overflows in validation of external data 2011-10-16
openvpn -- arbitrary code execution on client through malicious or compromised server 2005-11-01
openvpn -- denial of service: client certificate validation can disconnect unrelated clients 2005-08-19
openvpn -- denial of service: malicious authenticated "tap" client can deplete server virtual memory 2005-08-19
openvpn -- denial of service: undecryptable packet from authorized client can disconnect unrelated clients 2005-08-19
openvpn -- LD_PRELOAD code execution on client through malicious or compromised server 2006-04-05
openvpn -- multiple TCP clients connecting with the same certificate at the same time can crash the server 2005-08-19
openvpn -- potential denial-of-service on servers in TCP mode 2005-11-01
OpenVPN -- potential side-channel/timing attack when comparing HMACs 2013-03-31
openvpn-devel -- arbitrary code execution 2008-08-07
openx -- remote code execution vulnerability 2010-09-26
OpenX -- SQL injection vulnerability 2012-09-27
OpenX -- SQL injection vulnerability 2013-12-22
openx -- sql injection vulnerability 2008-10-25
openx -- undisclosed security issue 2012-03-02
opera -- "data:" URI handler spoofing vulnerability 2005-02-18
opera -- "javascript:" URL cross-site scripting vulnerability 2005-06-20
Opera -- code injection vulnerability through broken frameset handling 2011-05-23
opera -- command line URL shell command injection 2005-11-30
opera -- Data URIs can be used to allow cross-site scripting 2010-06-25
opera -- download dialog spoofing vulnerability 2005-07-30
opera -- execution of arbitrary code 2012-12-18
opera -- execution of arbitrary code 2012-11-22
opera -- execution of arbitrary code 2013-02-01
opera -- image dragging vulnerability 2005-07-30
opera -- kfmclient exec command execution vulnerability 2005-02-18
opera -- moderately severe issue 2014-04-30
opera -- multiple vulnerabilities 2008-08-25
opera -- multiple vulnerabilities 2008-10-10
opera -- multiple vulnerabilities 2008-02-22
opera -- multiple vulnerabilities 2005-11-30
opera -- multiple vulnerabilities 2009-03-15
opera -- multiple vulnerabilities 2012-11-06
opera -- multiple vulnerabilities 2011-12-13
opera -- multiple vulnerabilities 2009-10-31
opera -- multiple vulnerabilities 2007-10-25
opera -- multiple vulnerabilities 2008-04-05
opera -- multiple vulnerabilities 2010-08-13
opera -- multiple vulnerabilities 2009-09-04
opera -- multiple vulnerabilities 2011-02-10
opera -- multiple vulnerabilities 2007-07-19
opera -- multiple vulnerabilities 2008-10-28
opera -- multiple vulnerabilities 2008-11-03
opera -- multiple vulnerabilities 2007-01-05
opera -- multiple vulnerabilities 2009-12-01
opera -- multiple vulnerabilities 2008-12-19
opera -- multiple vulnerabilities 2010-10-26
opera -- multiple vulnerabilities 2007-12-19
opera -- multiple vulnerabilities in Java implementation 2005-01-24
opera -- redirection cross-site scripting vulnerability 2005-06-20
opera -- RSA Signature Forgery 2006-09-22
opera -- URL parsing heap overflow vulnerability 2006-10-20
opera -- Vulnerability in javascript handling 2007-08-15
opera -- XMLHttpRequest security bypass 2005-06-20
OPIE -- arbitrary password change 2006-03-24
optipng -- arbitrary code execution via crafted BMP image 2009-01-19
optipng -- use-after-free vulnerability 2013-03-21
otrs -- Clickjacking issue 2014-04-03
otrs -- information disclosure 2013-06-19
otrs -- information disclosure 2013-05-23
otrs -- Information disclosure and Data manipulation 2013-04-05
otrs -- multiple vulnerabilities 2014-01-28
OTRS -- Multiple XSS and denial of service vulnerabilities 2010-11-03
OTRS -- Several XSS attacks possible 2011-04-12
otrs -- SQL injection 2010-02-08
otrs -- Sql Injection + Xss Issue 2013-07-11
OTRS -- Vulnerabilities in OTRS-Core allows read access to any file on local file system 2011-08-18
otrs -- XSS Issue 2014-02-25
otrs -- XSS vulnerability 2012-12-30
otrs -- XSS vulnerability 2013-05-23
otrs -- XSS vulnerability could lead to remote code execution 2013-02-25
otrs -- XSS vulnerability in Firefox and Opera 2012-12-30
otrs -- XSS vulnerability in Firefox and Opera could lead to remote code execution 2013-02-25
otrs -- XSS vulnerability in Internet Explorer 2012-12-30
otrs -- XSS vulnerability in Internet Explorer could lead to remote code execution 2013-02-25
Overflow error in fetch 2004-11-18
owncloud -- Multiple security vulnerabilities 2013-06-11
p5-Archive-Zip -- virus detection evasion 2004-11-08
p5-Config-IniFiles -- unsafe temporary file creation 2012-05-07
p5-DBI -- insecure temporary file creation vulnerability 2006-04-23
p5-File-Path -- rmtree allows creation of setuid files 2009-01-03
p5-HTML-Parser -- denial of service 2009-11-06
p5-Imager -- possibly exploitable buffer overflow 2007-04-30
p5-libwww -- possibility to remote servers to create file with a .(dot) character 2010-08-31
p5-Mail-SpamAssassin -- denial of service vulnerability 2005-06-18
p5-Mail-SpamAssassin -- local user symlink-attack DoS vulnerability 2007-06-18
p5-Mail-SpamAssassin -- long message header denial of service 2005-11-10
p5-Net-DNS -- multiple Vulnerabilities 2007-07-28
p5-RT-Authen-ExternalAuth -- privilege escalation 2012-07-26
pam_ldap -- authentication bypass vulnerability 2005-08-27
pango -- integer overflow 2009-05-13
passenger -- security vulnerability 2013-06-01
Pavuk HTTP Location header overflow 2004-07-03
pcal -- buffer overflow vulnerabilities 2005-01-06
pcre -- arbitrary code execution 2007-11-06
pcre -- buffer overflow vulnerability 2008-02-29
pcre -- regular expression buffer overflow 2005-08-26
pdfjam -- insecure temporary files 2009-01-11
PEAR -- Net_Ping and Net_Traceroute remote arbitrary command injection 2010-01-04
pear-PEAR -- PEAR installer arbitrary code execution vulnerability 2005-11-04
pear-XML_RPC -- arbitrary remote code execution 2005-07-03
pear-XML_RPC -- information disclosure vulnerabilities 2005-07-08
pear-XML_RPC -- remote PHP code injection vulnerability 2005-08-15
pecl-phar -- format string vulnerability 2011-01-13
peercast -- arbitrary code execution 2008-05-21
peercast -- buffer overflow vulnerability 2007-12-19
perdition -- str_vwrite format string vulnerability 2007-11-05
perl -- denial of service via algorithmic complexity attack on hashing routines 2013-03-10
perl -- Directory Permissions Race Condition 2009-02-03
perl -- File::Path insecure file/directory permissions 2005-01-21
perl -- regular expressions unicode data buffer overflow 2007-11-06
perl -- vulnerabilities in PERLIO_DEBUG handling 2005-02-02
perl, webmin, usermin -- perl format string integer wrap vulnerability 2006-02-15
pf -- IP fragment handling panic 2006-02-14
php -- _ecalloc Integer Overflow Vulnerability 2006-10-06
php -- arbitrary remote code execution vulnerability 2012-02-04
php -- corruption of $GLOBALS and $this variables via extract() method 2011-01-13
php -- crash on crafted tag in exif 2011-03-25
PHP -- crypt() returns only the salt for MD5 2011-08-23
php -- ini database truncation inside dba_replace() function 2009-05-16
php -- input validation error in safe_mode 2008-06-22
php -- integer overflow vulnerability 2008-04-25
php -- memory_limit related vulnerability 2004-09-27
php -- multiple security vulnerabilities 2007-11-16
PHP -- multiple vulnerabilities 2005-11-01
php -- multiple vulnerabilities 2012-05-12
php -- multiple vulnerabilities 2012-04-28
php -- multiple vulnerabilities 2004-12-17
php -- multiple vulnerabilities 2008-12-07
php -- multiple vulnerabilities 2007-09-11
php -- multiple vulnerabilities 2012-01-11
php -- multiple vulnerabilities 2007-05-07
php -- multiple vulnerabilities 2009-12-17
php -- multiple vulnerabilities 2011-08-20
php -- multiple vulnerabilities 2007-02-17
php -- multiple vulnerabilities 2006-09-13
php -- multiple vulnerabilities 2011-01-09
php -- NULL byte poisoning 2011-01-13
php -- open_basedir bypass 2011-01-13
php -- open_basedir Race Condition Vulnerability 2006-10-05
php -- php_variables memory disclosure 2004-10-05
php -- potential overflow in _php_stream_scandir 2012-07-23
php -- readfile() DoS vulnerability 2005-04-10
php -- strip_tags cross-site scripting vulnerability 2004-09-27
php -- vulnerability in certain CGI-based setups 2012-05-05
php -- vulnerability in RFC 1867 file upload processing 2004-09-15
php -- ZipArchive segfault with FL_UNCHANGED on empty archive 2011-03-25
php-filter -- Denial of Service 2011-01-13
php-imap -- Denial of Service 2011-01-13
php-mbstring -- php mbstring buffer overflow vulnerability 2009-03-16
php-zip -- multiple Denial of Service vulnerabilities 2011-01-13
php5 -- Denial of Service in php_date_parse_tzfile() 2012-09-19
php5 -- header splitting attack via carriage-return character 2012-09-05
php5 -- Heap based buffer overflow in quoted_printable_encode 2013-06-07
PHP5 -- Heap corruption in XML parser 2013-07-16
PHP5 -- Integer overflow in Calendar module 2013-07-16
PHP5 -- memory corruption in openssl_x509_parse() 2013-12-14
php5 -- Multiple security issues 2009-10-12
php5 -- Multiple vulnerabilities 2013-03-18
php5 -- potential magic_quotes_gpc vulnerability 2008-12-08
php5-gd -- uninitialized memory information disclosure vulnerability 2009-01-05
php5-sqlite -- open_basedir bypass 2012-09-19
phpbb -- arbitrary command execution and other vulnerabilities 2004-12-22
phpbb -- Insuffient check against HTML code in usercp_register.php 2005-03-05
phpbb -- multiple information disclosure vulnerabilities 2005-02-23
phpbb -- multiple vulnerabilities 2006-02-16
phpbb -- multiple vulnerabilities 2005-07-09
phpbb -- NULL byte injection vulnerability 2006-10-04
phpbb -- privilege elevation and path disclosure 2005-02-28
phpbb -- remote PHP code execution vulnerability 2005-07-03
phpBB IP address spoofing 2004-04-23
phpBB session table exhaustion 2004-05-06
phpicalendar -- cross site scripting vulnerability 2006-02-15
phpicalendar -- file disclosure vulnerability 2006-02-15
phpldapadmin -- Cross-Site Scripting and Script Insertion vulnerabilities 2006-05-14
phpLDAPadmin -- Remote PHP code injection vulnerability 2011-10-24
phplist -- local file inclusion vulnerability 2009-02-09
phpList -- SQL injection and XSS vulnerability 2012-07-02
phpmyadmin -- 'set_theme' Cross-Site Scripting 2006-04-06
phpmyadmin -- arbitrary file include and XSS vulnerabilities 2005-03-08
phpMyAdmin -- clickJacking protection can be bypassed 2013-08-04
phpmyadmin -- Code execution vulnerability 2008-09-17
phpmyadmin -- command execution vulnerability 2004-12-15
phpmyadmin -- cross site request forgery vulnerabilites 2008-07-18
phpmyadmin -- Cross Site Scripting 2007-11-21
phpmyadmin -- Cross Site Scripting Vulnerabilities 2008-06-28
phpmyadmin -- cross site scripting vulnerability 2005-07-31
phpmyadmin -- cross site scripting vulnerability 2006-07-03
phpmyadmin -- cross-site request forgery vulnerability 2008-12-11
phpMyAdmin -- cross-site scripting vulnerabilities 2004-11-20
phpmyadmin -- Cross-Site Scripting Vulnerability 2008-10-31
phpmyadmin -- Cross-Site Scripting Vulnerability 2008-09-23
phpmyadmin -- cross-site scripting vulnerability 2007-11-11
phpmyadmin -- cross-site scripting vulnerability 2007-10-17
phpmyadmin -- cross-site scripting vulnerability 2007-10-16
phpmyadmin -- file disclosure vulnerability 2004-12-15
phpMyAdmin -- Global variable scope injection 2013-06-30
phpmyadmin -- HTTP Response Splitting vulnerability 2005-11-16
phpmyadmin -- increased privilege vulnerability 2005-03-15
phpmyadmin -- information disclosure vulnerability 2005-03-08
phpmyadmin -- insufficient output sanitizing when generating configuration file 2009-04-15
phpmyadmin -- insufficient output sanitizing when generating configuration file 2009-03-25
phpmyadmin -- Local file inclusion 2011-11-12
phpmyadmin -- local file inclusion vulnerability 2005-10-11
phpMyAdmin -- Multiple security vulnerabilities 2013-04-24
phpMyAdmin -- multiple vulnerabilities 2013-07-28
phpmyadmin -- multiple vulnerabilities 2011-07-03
phpmyadmin -- multiple vulnerabilities 2011-07-24
phpMyAdmin -- multiple vulnerabilities 2011-02-11
phpMyAdmin -- Multiple XSS 2011-12-22
phpMyAdmin -- Multiple XSS 2011-12-01
phpMyAdmin -- Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack 2012-10-14
phpMyAdmin -- Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages 2012-08-17
phpMyAdmin -- multiple XSS vulnerabilities 2011-08-24
phpMyAdmin -- multiple XSS vulnerabilities 2011-09-14
phpMyAdmin -- multiple XSS vulnerabilities, missing validation 2014-07-18
phpMyAdmin -- Path disclosure due to missing library 2012-08-11
phpMyAdmin -- Path disclosure due to missing verification of file presence 2012-03-28
phpmyadmin -- register_globals emulation "import_blacklist" manipulation 2005-12-07
phpmyadmin -- remote command execution vulnerability 2004-10-20
phpMyAdmin -- Self-XSS due to unescaped HTML output in import. 2014-02-15
phpmyadmin -- Several XSS vulnerabilities 2010-08-21
phpmyadmin -- Shared Host Information Disclosure 2008-04-24
phpmyadmin -- SQL injection vulnerability 2008-03-04
phpMyAdmin -- two XSS vulnerabilities due to unescaped db/table names 2014-06-20
phpmyadmin -- Username/Password Session File Information Disclosure 2008-04-24
phpmyadmin -- XSRF vulnerabilities 2006-10-02
phpmyadmin -- XSRF vulnerabilities 2006-05-21
phpmyadmin -- XSS and SQL injection vulnerabilities 2009-10-13
phpMyAdmin -- XSS attack in database search 2010-11-30
phpMyAdmin -- XSS due to unescaped HTML output in Create View page 2013-06-05
phpMyAdmin -- XSS due to unescaped HTML output in GIS visualisation page 2013-04-20
phpMyAdmin -- XSS in replication setup 2012-02-18
phpmyadmin -- XSS vulnerabilities 2006-04-06
phpmyadmin -- XSS vulnerabilities 2005-12-07
phpmyadmin -- XSS vulnerability 2009-06-30
phpmyfaq -- arbitrary PHP code execution vulnerability 2013-12-16
phpmyfaq -- cross site scripting vulnerabilities 2010-10-02
phpmyfaq -- multiple vulnerabilities 2014-02-06
phpmyfaq -- Remote PHP Code Execution Vulnerability 2012-04-14
phpmyfaq -- Remote PHP Code Injection Vulnerability 2011-10-26
phpmyfaq -- SQL injection, takeover, path disclosure, remote code execution 2005-09-29
phppgadmin -- "formLanguage" local file inclusion vulnerability 2005-07-08
phppgadmin -- cross site scripting vulnerability 2007-06-04
phppgadmin -- directory traversal with register_globals enabled 2009-03-16
phpSysInfo -- "register_globals" emulation layer overwrite vulnerability 2005-11-13
phpSysInfo -- cross site scripting vulnerability 2005-07-09
phpsysinfo -- url Cross-Site Scripting 2007-07-28
phpwebftp -- "language" Local File Inclusion 2006-05-03
picasm -- buffer overflow vulnerability 2005-10-02
pidgin -- MSN overflow parsing SLP messages 2009-08-20
pidgin -- multiple remote denial of service vulnerabilities 2010-04-20
pidgin -- multiple vulnerabilities 2009-06-16
pidgin-otr -- format string vulnerability 2012-05-16
pine insecure URL handling 2004-02-12
pine remote denial-of-service attack 2004-02-12
pine remotely exploitable buffer overflow in newmail.c 2004-02-12
pine remotely exploitable vulnerabilities 2004-02-12
pivot-weblog -- file deletion vulnerability 2009-03-27
PivotX -- 'ajaxhelper.php' Cross Site Scripting Vulnerability 2012-05-12
PivotX -- administrator password reset vulnerability 2011-02-20
PivotX -- Remote File Inclusion Vulnerability of TimThumb 2011-10-17
piwigo -- CSRF/Path Traversal 2013-03-18
piwik -- cross site scripting vulnerability 2010-05-07
Piwik -- Local File Inclusion Vulnerability 2010-08-04
piwik -- php code execution 2009-12-11
Piwik -- remote command execution vulnerability 2011-06-21
piwik -- unknown critical vulnerabilities 2011-10-20
piwik -- xss and click-jacking issues 2012-02-16
plans -- multiple vulnerabilities 2006-09-26
plib -- buffer overflow 2013-05-19
plib -- remote code execution via buffer overflow 2012-02-19
plib -- stack-based buffer overflow 2013-05-19
pligg -- Cross-Site Scripting and Cross-Site Request Forgery 2009-12-12
plone -- "member_id" Parameter Portrait Manipulation Vulnerability 2006-04-18
plone -- Remote Security Bypass 2011-02-10
plone -- unprotected MembershipTool methods 2006-10-19
plone -- unsafe data interpreted as pickles 2007-11-12
plone -- user can masquerade as a group 2006-12-27
png -- DoS crash vulnerability 2007-05-16
png -- libpng decompression buffer overflow 2010-06-28
png -- libpng decompression denial of service 2010-04-20
png -- memory corruption/possible remote code execution 2012-04-08
png -- multiple vulnerabilities 2007-10-11
png -- unknown chunk processing uninitialized memory access 2008-04-25
pngcrush -- libpng Uninitialised Pointer Arrays Vulnerability 2009-03-04
polarssl -- denial of service vulnerability 2013-08-13
polarssl -- Timing attack against protected RSA-CRT implementation 2013-10-02
popfile file disclosure 2004-08-12
poppler -- Poppler Multiple Vulnerabilities 2009-04-18
poppler -- uninitialized pointer 2008-07-09
portaudit -- auditfile remote code execution 2012-03-11
portupgrade -- insecure temporary file handling vulnerability 2005-04-12
portupgrade-devel -- lack of distfile checksums 2012-04-30
Postfix -- memory corruption vulnerability 2011-05-09
postfix -- plaintext command injection with SMTP over TLS 2011-03-19
postfix-policyd-weight -- working directory symlink vulnerability 2008-04-06
postfixadmin -- Multiple Vulnerabilities 2012-01-27
postfixadmin -- SQL injection vulnerability 2014-07-13
PostgreSQL -- anonymous remote access data corruption vulnerability 2013-04-04
postgresql -- bitsubstr overflow 2010-03-25
postgresql -- character conversion and tsearch2 vulnerabilities 2006-02-16
postgresql -- encoding based SQL injection 2006-08-13
postgresql -- multiple buffer overflows in PL/PgSQL parser 2005-02-17
PostgreSQL -- multiple privilege issues 2014-02-20
postgresql -- multiple vulnerabilities 2006-08-13
postgresql -- multiple vulnerabilities 2009-12-17
postgresql -- multiple vulnerabilities 2008-04-24
postgresql -- privilege escalation vulnerability 2005-02-08
postgresql-contrib -- insecure temporary file creation 2004-11-06
postgresql81-server -- SET ROLE privilege escalation 2006-02-18
postnuke -- admin section SQL injection 2006-10-03
postnuke -- cross-site scripting (XSS) vulnerabilities 2005-03-04
postnuke -- multiple vulnerabilities 2005-08-08
postnuke -- SQL injection vulnerabilities 2005-03-04
pound remotely exploitable vulnerability 2004-05-02
poweradmin -- multiple XSS vulnerabilities 2013-02-16
PowerDNS -- Denial of Service Vulnerability 2012-01-12
powerdns -- DoS vulnerability 2005-02-14
PowerDNS -- LDAP backend fails to escape all queries 2005-07-21
powerdns-recursor -- DNS cache poisoning 2008-04-05
powerdns-recursor -- multiple vulnerabilities 2010-01-09
ppxp -- local root exploit 2005-05-22
proftpd -- arbitrary code execution vulnerability with chroot 2011-12-23
proftpd -- Compromised source packages backdoor 2010-12-04
proftpd -- format string vulnerabilities 2005-08-03
proftpd -- Long Command Processing Vulnerability 2008-09-23
proftpd -- multiple sql injection vulnerabilities 2009-03-16
proftpd -- remote code execution vulnerabilities 2006-12-21
proftpd -- Remote Code Execution Vulnerability 2006-11-14
proftpd -- remote code execution vulnerability 2010-11-23
ProFTPD ASCII translation bug resulting in remote root compromise 2004-01-05
proftpd IP address access control list breakage 2004-05-02
proxytunnel -- format string vulnerability 2004-11-15
ProZilla -- server response buffer overflow vulnerabilities 2004-11-25
Pubcookie Login Server -- XSS vulnerability 2011-05-23
pubcookie-login-server -- cross site scripting vulnerability 2006-04-05
punbb -- NULL byte injection vulnerability 2006-09-30
puppet -- Multiple Vulnerabilities 2012-04-10
puppet -- multiple vulnerabilities 2013-08-16
puppet -- multiple vulnerabilities 2012-12-30
puppet -- multiple vulnerabilities 2012-07-10
puppet -- Unauthenticated Remote Code Execution Vulnerability 2013-06-22
puppet26 -- multiple vulnerabilities 2013-03-13
puppet27 and puppet -- multiple vulnerabilities 2013-03-13
pureftpd -- multiple vulnerabilities 2011-05-23
putty -- buffer overflow vulnerability in ssh2 support 2004-11-04
PuTTY -- Four security holes in versions before 0.63 2013-08-07
PuTTY -- Password vulnerability 2011-12-12
putty -- pscp/psftp heap corruption vulnerabilities 2005-02-20
py-django -- denial of service vulnerability 2007-10-27
py-graphite-web -- Multiple vulnerabilities 2013-09-30
py-pylons -- Path traversal bug 2008-07-04
pyblosxom -- atom flavor multiple XML injection vulnerabilities 2009-02-11
pycrypto -- ARC2 module buffer overflow 2009-02-15
pycrypto -- PRNG reseed race condition 2013-10-19
pycrypto -- vulnerable ElGamal key generation 2012-06-24
Python -- buffer overflow in socket.recvfrom_into() 2014-03-01
python -- buffer overrun in repr() for unicode strings 2006-10-07
Python -- DoS via malformed XML-RPC / HTTP POST request 2012-02-14
python -- Integer Signedness Error in zlib Module 2008-04-25
python -- multiple vulnerabilities 2008-09-10
python -- SimpleXMLRPCServer.py allows unrestricted traversal 2005-02-03
qemu -- "drive_init()" Disk Format Security Bypass 2008-05-08
qemu -- Heap overflow in Cirrus emulation 2008-11-02
qemu -- several vulnerabilities 2007-05-01
qemu -- Translation Block Local Denial of Service Vulnerability 2007-12-12
qemu -- unchecked block read/write vulnerability 2008-03-11
qpopper -- multiple privilege escalation vulnerabilities 2005-11-07
qpopper format string vulnerability 2003-12-12
qt -- image loader vulnerabilities 2004-08-22
qt4-imageformats, qt5-gui -- DoS vulnerability in the GIF image handler 2014-07-19
qt4-xml -- XML Entity Expansion Denial of Service 2014-05-05
quagga -- BGP OPEN denial of service vulnerability 2012-06-05
quagga -- Denial of Service 2009-05-06
quagga -- multiple vulnerabilities 2011-10-05
quagga -- multiple vulnerabilities 2012-03-24
quagga -- stack overflow and DoS vulnerabilities 2010-08-25
quagga -- two DoS vulnerabilities 2011-04-01
quake2 -- multiple critical vulnerabilities 2005-01-21
Quassel IRC -- SQL injection vulnerability 2013-11-06
racoon -- improper certificate handling 2004-10-03
racoon -- remote denial-of-service 2005-06-03
racoon fails to verify signature during Phase 1 2004-04-07
racoon remote denial of service vulnerability (IKE Generic Payload Header) 2004-04-07
racoon remote denial of service vulnerability (ISAKMP header length field) 2004-04-14
racoon security association deletion vulnerability 2004-03-25
rails -- multiple vulnerabilities 2013-12-08
raptor/raptor2 -- XXE in RDF/XML File Interpretation 2012-03-25
rar -- password prompt buffer overflow vulnerability 2007-02-17
razor-agents -- denial of service vulnerability 2005-06-20
realplayer -- arbitrary file deletion and other vulnerabilities 2005-01-21
realplayer -- remote heap overflow 2005-03-04
redmine -- multiple vulnerabilities 2010-12-23
redmine -- multiple vulnerabilities 2010-07-10
redmine -- multiple vulnerabilities 2010-05-14
redmine -- XSS vulnerability 2011-03-07
Remote code injection in phpMyAdmin 2004-07-02
Remote Denial of Service of HTTP server and client 2004-06-25
ripMIME -- decoding bug allowing content filter bypass 2004-08-27
rkhunter -- insecure temporary file creation 2007-09-05
rockdodger -- buffer overflows 2004-12-02
roundcube -- arbitrary file disclosure vulnerability 2013-04-19
roundcube -- cross-site scripting in HTML email messages 2012-08-27
roundcube -- remote execution of arbitrary code 2008-12-30
roundcube -- webmail script insertion and php code injection 2009-03-16
roundcube -- XSS vulnerability 2011-09-13
rsnapshot -- local privilege escalation 2005-05-01
rssh & scponly -- arbitrary command execution 2004-12-02
rssh -- arbitrary command execution 2012-08-22
rssh -- configuration restrictions bypass 2012-08-22
rssh -- file name disclosure bug 2004-09-21
rssh -- format string vulnerability 2004-10-25
rssh -- privilege escalation vulnerability 2006-02-16
rsync -- incremental recursion memory corruption vulnerability 2011-07-20
rsync -- off by one stack overflow 2007-08-21
rsync -- path sanitizing vulnerability 2004-08-26
rsync buffer overflow in server mode 2004-02-12
rsync path traversal issue 2004-05-02
rt -- multiple vulnerabilities 2011-04-17
RT -- Multiple Vulnerabilities 2012-05-23
RT -- Multiple Vulnerabilities 2012-11-01
RT -- multiple vulnerabilities 2013-05-23
rt -- Session fixation vulnerability 2009-12-09
rt42 -- denial-of-service attack via the email gateway 2014-01-27
ruby -- $SAFE escaping vulnerability about Exception#to_s/NameError#to_s 2012-11-01
ruby -- arbitrary command execution on XMLRPC server 2005-06-23
ruby -- BigDecimal denial of service vulnerability 2009-06-13
ruby -- CGI DoS 2004-11-13
ruby -- cgi.rb library Denial of Service 2006-11-04
ruby -- cgi.rb library Denial of Service 2006-12-04
Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON 2013-02-16
ruby -- DNS spoofing vulnerability 2008-08-16
ruby -- DoS vulnerability in REXML 2013-02-24
ruby -- DoS vulnerability in WEBrick 2008-08-16
ruby -- Hash-flooding DoS vulnerability for ruby 1.9 2012-11-10
ruby -- Heap Overflow in Floating Point Parsing 2013-11-23
ruby -- heap overflow vulnerability 2009-12-09
ruby -- Hostname check bypassing vulnerability in SSL client 2013-07-11
ruby -- multiple integer and buffer overflow vulnerabilities 2008-06-21
ruby -- multiple vulnerabilities 2006-07-29
ruby -- multiple vulnerabilities in safe level 2008-08-16
ruby -- Object taint bypassing in DL and Fiddle in Ruby 2013-05-26
ruby -- Unintentional file creation caused by inserting an illegal NUL character 2012-11-01
ruby -- UTF-7 encoding XSS vulnerability in WEBrick 2010-08-17
ruby -- vulnerability in the safe level settings 2005-10-27
Ruby -- XSS exploit of RDoc documentation generated by rdoc 2013-02-16
Ruby Activemodel Gem -- Circumvention of attr_protected 2013-02-17
Ruby insecure file permissions in the CGI session management 2004-08-16
Ruby Rack Gem -- Multiple Issues 2013-02-17
ruby-gems -- Algorithmic Complexity Vulnerability 2013-11-24
ruby-gems -- Algorithmic Complexity Vulnerability 2013-11-24
rubygem-actionpack -- Denial of Service 2012-07-26
rubygem-activerecord -- multiple vulnerabilities 2012-07-23
rubygem-dragonfly -- arbitrary code execution 2013-02-28
rubygem-mail -- multiple vulnerabilities 2012-05-09
rubygem-mail -- Remote Arbitrary Shell Command Injection Vulnerability 2011-02-10
rubygem-rails -- evaluation of ruby code 2006-08-10
rubygem-rails -- JSON XSS vulnerability 2007-11-28
rubygem-rails -- multiple vulnerabilities 2013-01-08
rubygem-rails -- multiple vulnerabilities 2012-08-10
rubygem-rails -- multiple vulnerabilities 2013-04-10
rubygem-rails -- multiple vulnerabilities 2011-08-19
rubygem-rails -- session-fixation vulnerability 2007-11-27
rubygem-rails -- SQL injection vulnerability 2008-09-10
rubygem-rails -- SQL injection vulnerability 2013-01-07
rubygem-ruby_parser -- insecure tmp file usage 2013-02-24
rxvt-unicode -- buffer overflow vulnerability 2005-03-13
rxvt-unicode -- restore permissions on tty devices 2006-01-04
samba -- "root" credential remote code execution 2012-04-10
samba -- ACLs are not checked on opening an alternate data stream on a file or directory 2013-11-19
samba -- buffer overflow vulnerability 2007-12-12
Samba -- cross site scripting and request forgery vulnerabilities 2011-08-16
Samba -- Denial of service - memory corruption 2011-06-21
samba -- denial of service vulnerability 2013-08-09
samba -- Exposure of machine account credentials in winbind log files 2006-04-05
samba -- format string bug in afsacl.so VFS plugin 2007-03-16
samba -- incorrect permission checks vulnerability 2012-04-30
samba -- integer overflow vulnerability 2004-12-21
samba -- memory exhaustion DoS in smbd 2006-07-10
samba -- multiple vulnerabilities 2007-05-16
samba -- multiple vulnerabilities 2013-12-11
samba -- multiple vulnerabilities 2014-06-23
samba -- multiple vulnerabilities 2007-11-21
samba -- multiple vulnerabilities 2014-03-11
samba -- nss_info plugin privilege escalation vulnerability 2007-09-21
samba -- potential Denial of Service bug in smbd 2007-03-16
samba -- potential leakage of arbitrary memory contents 2008-11-29
samba -- potential remote DoS vulnerability 2004-11-12
samba -- Private key in key.pem world readable 2013-11-19
samba -- remote file disclosure 2004-09-30
Samba 3.0.x password initialization bug 2004-02-12
samba3 DoS attack 2004-09-14
scponly -- local privilege escalation exploits 2005-12-22
screen -- combined UTF-8 characters vulnerability 2006-10-29
sdl_image -- buffer overflow vulnerabilities 2008-05-02
security/cfs -- buffer overflow 2011-09-04
sendmail -- Incorrect multipart message handling 2006-06-14
sendmail -- race condition vulnerability 2006-03-24
serendipity -- multiple cross site scripting vulnerabilities 2008-04-25
Serendipity -- XSS Vulnerabilities 2006-10-21
seti@home remotely exploitable buffer overflow 2004-02-12
setsockopt(2) IPv6 sockets input validation error 2004-03-29
Several remotely exploitable buffer overflows in gaim 2004-02-12
Several vulnerabilities found in IcedTea-Web 2012-08-13
Several vulnerabilities found in PHPNuke 2004-07-03
sge -- local root exploit in bundled rsh executable 2006-01-23
sharutils -- buffer overflows 2004-10-13
sharutils -- unshar insecure temporary file creation 2005-05-01
shmat reference counting bug 2004-04-07
shoutcast -- cross-site scripting, information exposure 2006-07-11
shtool -- insecure temporary file creation 2005-07-09
sieve-connect -- TLS hostname verification was not occurring 2013-04-15
silc -- pkcs_decode buffer overflow 2008-03-26
silc-client -- Format string vulnerability 2009-08-04
silc-toolkit -- Format string vulnerabilities 2009-09-08
sircd -- remote operator privilege escalation vulnerability 2007-01-15
sircd -- remote reverse DNS buffer overflow 2007-01-15
skype -- multiple buffer overflow vulnerabilities 2005-11-01
slim -- insecure PATH assignment 2010-08-19
slim -- local disclosure of X authority magic cookie 2009-05-30
smbd -- buffer-overrun vulnerability 2004-11-17
smbfs -- chroot escape 2006-06-09
smbftpd -- format string vulnerability 2007-12-12
snort -- Back Orifice preprocessor buffer overflow vulnerability 2005-10-18
snort -- DCE/RPC preprocessor vulnerability 2007-02-21
socat -- buffer overflow with data from command line 2014-01-29
socat -- FD leak 2013-05-26
socat -- format string vulnerability 2004-11-10
socat -- Heap-based buffer overflow 2012-05-14
SoX buffer overflows when handling .WAV files 2004-08-26
spamass-milter -- remote command execution vulnerability 2010-05-06
SpamAssassin -- denial-of-service in tokenize_headers 2004-08-23
spamdyke -- Buffer Overflow Vulnerabilities 2012-01-23
spamdyke -- open relay 2008-05-27
spamdyke -- STARTTLS Plaintext Injection Vulnerability 2012-01-08
sppp -- buffer overflow vulnerability 2006-08-23
SQL injection vulnerability in phpnuke 2004-02-25
sql-ledger -- multiple vulnerabilities 2006-12-18
sql-ledger -- security bypass vulnerability 2007-03-16
squid -- buffer overflow in WCCP recvfrom() call 2005-01-28
squid -- buffer overflow vulnerability in gopherToHTML 2005-01-12
squid -- confusing results on empty acl declarations 2004-12-23
squid -- correct handling of oversized HTTP reply headers 2005-02-08
squid -- denial of service 2012-12-28
squid -- denial of service 2013-07-15
Squid -- Denial of Service Vulnerability 2007-12-04
squid -- Denial of Service vulnerability in DNS handling 2010-02-01
squid -- Denial of Service vulnerability in HTCP 2010-02-14
squid -- Denial of service vulnerability in request handling 2010-09-24
squid -- Denial Of Service Vulnerability in sslConnectTimeout 2005-09-04
squid -- denial of service with forged WCCP messages 2005-01-12
squid -- denial-of-service vulnerabilities 2005-06-03
squid -- DNS lookup spoofing vulnerability 2005-05-19
squid -- DoS on failed PUT/POST requests vulnerability 2005-04-10
squid -- FTP server response handling denial of service 2005-11-01
squid -- HTTP response splitting cache pollution attack 2005-01-22
squid -- no sanity check of usernames in squid_ldap_auth 2005-01-19
squid -- NTLM authentication denial-of-service vulnerability 2004-10-18
squid -- possible abuse of cachemgr.cgi 2005-05-19
squid -- possible cache-poisoning via malformed HTTP responses 2005-01-24
squid -- possible denial of service condition regarding NTLM authentication 2005-09-15
squid -- Possible Denial Of Service Vulnerability in store.c 2005-09-04
squid -- possible information disclosure 2004-12-09
squid -- remote denial of service vulnerability 2009-02-09
squid -- several remote denial of service vulnerabilities 2009-07-27
squid -- SNMP module denial-of-service vulnerability 2004-10-12
Squid -- TRACE method handling denial of service 2007-03-21
squid ACL bypass due to URL decoding bug 2004-03-26
squidclamav -- cross-site scripting in default virus warning pages 2012-08-25
squidclamav -- Denial of Service 2012-08-25
squidGuard -- multiple vulnerabilities 2009-10-22
squirrelmail -- _$POST variable handling allows for various attacks 2005-09-17
squirrelmail -- Cross site scripting in HTML filter 2007-05-21
squirrelmail -- cross site scripting vulnerability 2004-11-12
squirrelmail -- Cross site scripting vulnerability 2008-12-04
squirrelmail -- multiple vulnerabilities 2006-02-24
SquirrelMail -- Plug-ins compromise 2009-08-02
squirrelmail -- plugin.php local file inclusion vulnerability 2006-06-05
squirrelmail -- random variable overwrite vulnerability 2006-08-12
squirrelmail -- Session hijacking vulnerability 2008-09-23
squirrelmail -- Several cross site scripting vulnerabilities 2005-06-18
squirrelmail -- XSS and remote code injection vulnerabilities 2005-06-01
SSH.COM SFTP server -- format string vulnerability 2006-03-04
streamripper -- multiple buffer overflows 2008-11-23
strongSwan -- ECDSA signature verification issue 2013-05-03
strongswan -- multiple DoS vulnerabilities 2014-01-27
strongswan -- Remote Authentication Bypass 2014-05-04
stunnel -- heap corruption vulnerability 2011-08-26
stunnel -- Remote Code Execution 2013-03-03
subversion -- heap overflow vulnerability 2009-08-06
subversion -- mod_dav_svn vulnerability 2014-02-26
subversion -- multiple DoS 2011-01-13
subversion -- multiple vulnerabilities 2013-11-25
Subversion -- multiple vulnerabilities 2013-04-05
Subversion -- multiple vulnerabilities 2011-06-02
subversion -- remote HTTP DoS vulnerability 2011-03-05
subversion -- remotely triggerable "Assertion failed" DoS vulnerability or read overflow. 2013-07-24
subversion -- WebDAV fails to protect metadata 2004-09-26
subversion date parsing vulnerability 2004-05-19
sudo -- arbitrary command execution 2006-02-16
sudo -- Authentication bypass when clock is reset 2013-03-01
sudo -- certain authorized users could run commands as any user 2009-02-06
sudo -- environmental variable CDPATH is not cleared 2005-01-21
sudo -- Flaw in Runas group matching 2010-09-07
sudo -- format string vulnerability 2012-01-30
sudo -- local privilege escalation 2011-01-13
sudo -- local race condition vulnerability 2005-06-20
sudo -- netmask vulnerability 2012-05-16
sudo -- Potential bypass of tty_tickets constraints 2013-03-01
sudo -- privilege escalation with bash scripts 2004-11-13
sudo -- Privilege escalation with sudoedit 2010-04-15
sudo -- Privilege escalation with sudoedit 2010-03-01
sudo -- Secure path vulnerability 2010-06-02
sudo -- sudoedit information disclosure 2004-09-20
sudoscript -- signal delivery vulnerability 2004-12-01
sudosh -- buffer overflow 2012-08-09
sup -- format string vulnerability 2005-02-27
suphp -- multiple local privilege escalation vulnerabilities 2008-04-05
suPHP -- Privilege escalation 2013-07-22
surf -- private information disclosure 2012-02-11
svnserve is vulnerable to a local privilege escalation vulnerability via symlink attack. 2013-09-02
swfdec -- exposure of sensitive information 2008-05-07
sylpheed -- buffer overflow in header processing 2005-03-23
sylpheed -- MIME-encoded file name buffer overflow vulnerability 2005-07-31
sympa -- buffer overflow in "queue" 2005-06-01
sympa -- Multiple Security Bypass Vulnerabilities 2012-05-21
syslog-ng2 -- startup directory leakage in the chroot environment 2008-11-18
tarsnap -- cryptographic nonce reuse 2011-01-19
tcl/tk -- buffer overflow in ReadImage function 2007-10-05
TCP denial-of-service attacks against long lived connections 2004-04-23
tcpdump -- infinite loops in protocol decoding 2005-06-18
tcpdump ISAKMP payload handling remote denial-of-service 2004-03-31
tdiary -- cross site scripting vulnerability 2006-12-02
tdiary -- injection vulnerability 2006-12-13
Teamspeak Server -- Directory Traversal Vulnerability 2009-01-20
telepathy-gabble -- TLS verification bypass 2013-06-05
texindex -- temporary file privilege escalation 2006-01-27
thunderbird -- javascript execution 2006-04-07
tiff -- buffer overflow vulnerability 2005-07-30
tiff -- buffer overflow vulnerability 2010-06-12
tiff -- directory entry count integer overflow vulnerability 2005-01-06
tiff -- divide-by-zero denial-of-service 2005-01-18
tiff -- Multiple integer overflows 2010-06-16
tiff -- multiple integer overflows 2004-10-13
tiff -- RLE decoder heap overflows 2004-10-13
tiff -- tiffdump integer overflow vulnerability 2005-01-06
tikiwiki -- multiple vulnerabilities 2007-11-09
tikiwiki -- multiple vulnerabilities 2006-09-30
tin -- buffer overflow vulnerabilities 2006-10-05
tinc -- Buffer overflow 2013-04-22
tinyproxy -- ACL lists ineffective when range is configured 2011-04-08
tkdiff -- temporary file symlink privilege escalation 2006-10-15
tnftp -- mget does not check for directory escapes 2005-01-07
tnftpd -- Remote root Exploit 2006-12-11
tnftpd -- remotely exploitable vulnerability 2004-08-17
tomcat -- authentication weaknesses 2012-11-08
tomcat -- bypass of CSRF prevention filter 2012-12-04
tomcat -- bypass of security constraints 2012-12-04
tomcat -- Cross-site scripting vulnerability 2011-02-15
tomcat -- Denial of Service 2012-11-08
tomcat -- denial of service 2012-12-04
tomcat -- Denial of Service 2012-01-17
tomcat -- information disclosure vulnerability 2010-04-24
tomcat -- multiple vulnerabilities 2014-07-23
tomcat -- multiple vulnerabilities 2007-07-24
tomcat -- Tomcat Manager cross-site scripting 2005-06-01
tomcat -- XSS vulnerability in sample applications 2007-07-24
tor -- diffie-hellman handshake flaw 2005-08-17
tor -- guard discovery 2013-06-16
tor -- information disclosure 2005-06-24
tor -- malicious tor server can locate a hidden service 2006-02-16
tor -- multiple vulnerabilites 2009-02-13
tor -- remote code execution and crash 2011-01-17
tor -- remote crash and potential remote code execution 2010-12-22
tor -- remote DoS and loss of anonymity 2004-10-15
tor -- traffic confirmation attack 2014-07-30
tor -- unspecified memory corruption vulnerability 2009-01-29
tor-devel -- DNS resolution vulnerabiliity 2009-06-23
torcs -- untrusted local library loading 2012-01-09
torrentflux -- User-Agent XSS Vulnerability 2006-10-07
tptest -- pwd Remote Stack Buffer Overflow 2009-12-17
trac -- cross site scripting vulnerability 2007-03-09
trac -- file upload/download vulnerability 2005-06-20
trac -- potential DOS vulnerability 2008-11-09
trac -- reStructuredText breach of privacy and denial of service vulnerability 2006-07-07
trac -- search module SQL injection vulnerability 2005-12-07
trac -- Wiki Macro Script Insertion Vulnerability 2006-05-02
turba -- Cross site scripting vulnerabilities in several of the address book name and contact data fields 2005-12-11
twiki -- Arbitrary code execution in session files 2008-09-14
twiki -- arbitrary shell command execution 2004-11-15
twiki -- multiple file extensions file upload vulnerability 2006-07-10
twiki -- multiple vulnerabilities 2008-12-30
typespeed -- arbitrary code execution 2007-07-03
typo -- Cross-Site Scripting 2012-04-18
typo3 -- cross-site scripting and information disclosure 2009-02-11
typo3 -- Cross-Site Scripting Vulnerability in TYPO3 Core 2012-07-06
typo3 -- email header injection 2007-06-04
typo3 -- Multiple vulernabilities in TYPO3 Core 2012-08-15
typo3 -- multiple vulnerabilities 2009-02-09
typo3 -- Multiple vulnerabilities in TYPO3 Core 2012-11-12
typo3 -- multiple vulnerabilities in TYPO3 Core 2009-11-05
typo3 -- Multiple vulnerabilities in TYPO3 Core 2013-08-05
typo3 -- Multiple vulnerabilities in TYPO3 Core 2013-03-06
typo3 -- Remote Code Execution 2011-12-18
uim -- privilege escalation vulnerability 2005-10-01
uim -- privilege escalation vulnerability 2005-03-01
unace -- multiple vulnerabilities 2005-02-22
unarj -- directory traversal vulnerability 2004-11-26
unarj -- long filename buffer overflow 2004-11-26
Unbound -- an empty error packet handling assertion failure 2011-05-25
unbound -- denial of service vulnerabilities from nonstandard redirection and denial of existence 2011-12-19
unrtf -- buffer overflow vulnerability 2005-01-16
unzip -- permission race vulnerability 2005-09-13
unzoo -- Directory Traversal Vulnerability 2006-11-14
up-imapproxy -- multiple vulnerabilities 2005-01-02
upnp -- multiple vulnerabilities 2013-01-30
urban -- stack overflow vulnerabilities 2005-09-02
URI handler vulnerabilities in several browsers 2004-05-18
uudeview buffer overflows 2004-03-18
varnish -- DoS vulnerability in Varnish HTTP cache 2014-01-25
varnish -- Varnish HTTP Request Parsing Denial of Service 2009-02-14
verlihub -- insecure temporary file usage and arbitrary command execution 2009-01-11
viewcvs -- information leakage 2004-12-08
ViewVC -- user-reachable override of cvsdb row limit 2011-05-23
vim -- Command Format String Vulnerability 2007-07-27
vim -- multiple vulnerabilities in the netrw module 2009-01-02
vim -- Vim Shell Command Injection Vulnerabilities 2008-06-21
vim -- vulnerabilities in modeline handling 2005-01-06
vim -- vulnerabilities in modeline handling: glob, expand 2005-07-31
vim6 -- heap-based overflow while parsing shell metacharacters 2010-09-09
vinagre -- format string vulnerability 2008-12-31
virtualbox -- privilege escalation 2009-10-07
virtualbox-ose -- local vulnerability 2014-01-16
vlc -- arbitrary code execution in Real RTSP and MMS support 2012-09-15
vlc -- arbitrary code execution in the RealMedia processor 2008-12-06
vlc -- cue processing stack overflow 2008-11-08
vlc -- format string vulnerability and integer overflow 2007-06-18
VLC -- Heap corruption in MP4 demultiplexer 2011-04-17
vlc -- Insufficient input validation in MKV demuxer 2011-02-02
vlc -- invalid id3v2 tags may lead to invalid memory dereferencing 2010-08-14
vlc -- stack overflow in MPA, AVI and ASF demuxer 2009-11-03
vlc -- unintended code execution with specially crafted data 2010-05-01
vnc -- authentication bypass vulnerability 2006-05-18
vorbis-tools -- Speex header processing vulnerability 2008-05-11
vte -- Classic terminal title set+query attack 2010-07-18
vtiger -- multiple remote file inclusion vulnerabilities 2006-10-15
Vulnerabilities in H.323 implementations 2004-02-22
w3m -- format string vulnerability 2007-01-03
web browsers -- window injection vulnerabilities 2005-01-24
WebCalendar -- "noSet" variable overwrite vulnerability 2007-04-08
WebCalendar -- information disclosure vulnerability 2006-06-16
WebCalendar -- multiple vulnerabilities 2012-05-02
WebCalendar -- Persistent XSS 2012-02-12
WebCalendar -- remote file inclusion vulnerability 2005-10-15
WebCalendar -- unauthorized access vulnerability 2006-02-20
webkit-gtk2 -- Multiple vulnabilities 2010-12-30
webkit-gtk2 -- Multiple vulnabilities 2010-07-18
Webkit-gtk2 -- Multiple Vulnabilities 2010-10-19
webkit-gtk2 -- Multiple vulnabilities 2010-09-10
webkit-gtk2 -- Multiple vurnabilities. 2011-02-10
webmin -- cross site scripting vulnerability 2007-06-09
webmin -- insecure temporary file creation at installation time 2004-09-14
webmin -- potential XSS attack via real name field 2012-11-02
webmin, usermin -- arbitrary file disclosure vulnerability 2006-07-02
websvn -- multiple vulnerabilities 2009-02-09
weechat -- Arbitrary shell command execution via scripts 2012-11-18
weechat -- Crash or freeze when decoding IRC colors in strings 2012-11-10
weex -- remote format string vulnerability 2005-10-02
wemux -- read-only can be bypassed 2014-03-13
wget -- multiple HTTP client download filename vulnerability 2010-09-03
wget -- multiple vulnerabilities 2004-12-14
win32-codecs -- multiple vulnerabilities 2006-09-14
wine -- information disclosure due to insecure temporary file handling 2005-03-24
wireshark -- denial of service in DRDA dissector 2012-08-31
wireshark -- DOCSIS dissector denial of service 2010-05-07
Wireshark -- DoS in the BER-based dissectors 2010-11-05
wireshark -- LWRES vulnerability 2010-02-10
wireshark -- Multiple problems 2007-07-06
Wireshark -- Multiple Vulnerabilities 2012-10-22
Wireshark -- Multiple vulnerabilities 2012-08-18
wireshark -- multiple vulnerabilities 2007-12-19
Wireshark -- Multiple vulnerabilities 2012-01-23
wireshark -- multiple vulnerabilities 2009-05-09
wireshark -- multiple vulnerabilities 2009-03-22
wireshark -- PCNFSD Dissector Denial of Service Vulnerability 2009-05-30
wireshark -- SMTP Processing Denial of Service Vulnerability 2008-12-07
WordPress -- cross site scripting vulnerability 2012-01-03
wordpress -- cross-site scripting 2007-11-01
wordpress -- full path disclosure 2006-04-23
wordpress -- header rss feed script insertion vulnerability 2008-11-29
wordpress -- multiple unspecified privilege escalation bugs 2012-09-07
wordpress -- multiple vulnerabilities 2013-07-27
wordpress -- multiple vulnerabilities 2009-11-14
wordpress -- multiple vulnerabilities 2012-04-23
wordpress -- multiple vulnerabilities 2005-07-05
wordpress -- multiple vulnerabilities 2005-07-05
wordpress -- multiple vulnerabilities 2013-10-19
wordpress -- multiple vulnerabilities 2013-01-29
wordpress -- remote admin password reset vulnerability 2009-08-12
wordpress -- remote privilege escalation 2008-10-22
wordpress -- remote sql injection vulnerability 2007-09-21
wordpress -- snoopy "_httpsrequest()" shell command execution vulnerability 2008-10-24
wordpress -- SQL injection vulnerability 2011-02-05
wordpress -- unmoderated comments disclosure 2007-06-09
wordpress -- XMLRPC SQL Injection 2007-06-09
wordpress -- XSS in administration panel 2004-10-13
wu-ftpd -- remote globbing DoS vulnerability 2005-04-04
wu-ftpd ftpaccess `restricted-uid'/`restricted-gid' directive may be bypassed 2004-03-08
wv -- Multiple Integer Overflow Vulnerabilities 2006-12-13
wv2 -- Integer Overflow Vulnerability 2006-12-13
www/chromium -- multiple vulnerabilities 2012-08-10
www/chromium -- multiple vulnerabities 2014-03-15
www/chromium --multiple vulnerabilities 2014-03-11
www/mod_security -- NULL pointer dereference DoS 2013-06-03
wzdftpd -- remote DoS 2004-11-03
X11 server -- pixmap allocation vulnerability 2005-09-15
x11vnc -- authentication bypass vulnerability 2006-08-13
xapian-omega -- cross-site scripting vulnerability 2009-09-13
xchat remotely exploitable buffer overflow (Socks5) 2004-04-23
xerces-c2 -- Attribute blowup denial-of-service 2004-10-13
xfce -- multiple vulnerabilities 2008-01-22
XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0 2004-06-28
xfs -- multiple vulnerabilites 2007-10-08
xine -- multiple remote string vulnerabilities 2006-04-23
xine-lib arbitrary file overwrite 2004-05-02
xinetd -- attackers can bypass access restrictions if tcpmux-servers service enabled 2012-10-17
xinetd -- ignores user and group directives for TCPMUX services 2013-10-03
xli -- integer overflows in image size calculations 2005-06-03
xloadimage -- arbitrary command execution when handling compressed files 2005-06-03
xloadimage -- buffer overflow in FACES image handling 2005-06-03
xloadimage -- buffer overflows in NIFF image title handling 2005-10-20
xlockmore -- local exploit 2012-10-17
xmms -- Integer Overflow And Underflow Vulnerabilities 2014-03-06
xorg -- multiple vulnerabilities 2008-06-15
xorg -- multiple vulnerabilities 2008-01-23
xorg -- protocol handling issues in X Window System client libraries 2013-06-04
Xorg server -- two vulnerabilities in X server lock handling code 2011-10-18
xorg-server -- privilege escalation 2006-03-21
xorg-server -- use after free 2013-10-24
xpcd -- buffer overflow 2007-06-21
xpdf -- buffer overflow vulnerability 2004-12-23
xpdf -- disk fill DoS vulnerability 2005-08-12
xpdf -- integer overflow vulnerabilities 2004-10-25
xpdf -- makeFileKey2() buffer overflow vulnerability 2005-01-26
xpdf -- multiple remote Stream.CC vulnerabilities 2007-11-12
Xpdf -- Multiple Vulnerabilities 2009-10-20
xpdf -- multiple vulnerabilities 2009-04-18
xpdf -- stack based buffer overflow 2007-07-31
xpm -- image decoding vulnerabilities 2004-09-15
xrdb -- root hole via rogue hostname 2011-04-14
xshisen -- local buffer overflows 2005-01-11
XSS issue in MantisBT 2011-09-05
xterm -- DECRQSS remote command execution vulnerability 2009-01-05
xtrlock -- X display locking bypass 2005-06-01
xv -- exploitable buffer overflows 2004-10-05
xv -- filename handling format string vulnerability 2005-03-21
xview -- multiple buffer overflows in xv_parse_one 2005-06-01
yamt -- arbitrary command execution vulnerability 2005-01-23
yamt -- buffer overflow and directory traversal issues 2005-06-03
ypserv -- Inoperative access controls in ypserv 2006-06-09
YUI JavaScript library -- JavaScript injection exploits in Flash components 2012-11-27
YUI JavaScript library -- JavaScript injection exploits in Flash components 2010-12-15
zabbix -- php frontend multiple vulnerabilities 2009-03-16
zabbix -- shell command injection vulnerability 2013-12-16
zabbix-frontend -- multiple XSS vulnerabilities 2011-12-29
zebra/quagga denial of service vulnerability 2004-03-29
Zend Framework -- Local File Inclusion vulnerability in Zend_View::render() 2009-02-18
Zend Framework -- multiple vulnerabilities 2010-01-11
Zend Framework -- Multiple vulnerabilities via XXE injection 2012-10-16
Zend Framework -- potential SQL injection when using PDO_MySql 2011-05-13
Zend Framework -- security issues in bundled Dojo library 2010-04-06
zenphoto -- XSS vulnerability 2008-02-09
zgv -- exploitable heap overflows 2005-01-18
zgv, xzgv -- heap overflow vulnerability 2006-04-23
zhcon -- unauthorized file access 2005-01-25
zinf -- potential buffer overflow playlist support 2004-10-12
zip -- long path buffer overflow 2004-12-01
ziproxy -- atypical huge picture files vulnerability 2010-05-28
ziproxy -- multiple vulnerability 2009-04-15
ziproxy -- security vulnerability in PNG decoder 2010-06-15
zlib -- buffer overflow vulnerability 2005-08-05
zlib -- buffer overflow vulnerability 2005-07-06
znc -- null pointer dereference in webadmin module 2013-05-28
zoo -- stack based buffer overflow 2006-04-05
zope -- cross-site scripting vulnerability 2007-04-05
zope -- expose RestructuredText functionality to untrusted users 2005-10-11
zope -- information disclosure vulnerability 2006-07-14
zope -- restructuredText "csv_table" Information Disclosure 2006-09-22