In Shopizer before version 2.11.0, using API or Controller based versions negative quantity is not adequately validated hence creating incorrect shopping cart and order total. This vulnerability makes it possible to create a negative total in the shopping cart. This has been patched in version 2.11.0.
qpid-cpp 1.0 crashes when a large message is sent and the Digest-MD5 mechanism with a security layer is in use .
Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp), enabling attackers to overwrite an arbitrary file via a symlink attack.
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user with an open session that was blocked could maintain their session on the Drupal si...
Mumble: murmur-server has DoS due to malformed client query
Cisco IOS before 12.2(33)SXI allows remote authenticated users to cause a denial of service (device reboot).
It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command.