Format string vulnerability in miniserv.pl Perl web server in Webmin before 1.250 and Usermin before 1.180, with syslog logging enabled, allows remote attackers to cause a denial of service (crash or ...

Multiple SQL injection vulnerabilities in calendar.php in BosDates 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) year and (2) category parameters.

SQL injection vulnerability in merchants/index.php in Post Affiliate Pro 2.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the sortorder parameter.

Unspecified vulnerability in Java Runtime Environment in Java JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary ap...

Multiple unspecified vulnerabilities in reflection APIs in Java SDK and JRE 1.4.2_08 and earlier and JDK and JRE 5.0 Update 3 and earlier allow remote attackers to escape the Java sandbox and access a...

Unspecified vulnerability in reflection APIs in Java SDK and JRE 1.3.1_15 and earlier, 1.4.2_08 and earlier, and JDK and JRE 5.0 Update 3 and earlier allows remote attackers to escape the Java sandbox...

Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary...

Macromedia Flash Communication Server MX 1.0 and 1.5 does not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service (instability or crash), as demonstrated using...

Macromedia Breeze Communication Server and Breeze Live Server does 5.1 and earlier not sufficiently validate certain RTMP data, which allows attackers to cause a denial of service (instability or cras...

Apple Safari 2.0.2 allows remote attackers to cause a denial of service (system slowdown) via a Javascript BODY onload event that calls the window function.

Mozilla allows remote attackers to cause a denial of service (CPU consumption) via a Javascript BODY onload event that calls the window function.

Multiple SQL injection vulnerabilities in index.pl in Open Ticket Request System (OTRS) 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3 allow remote attackers to execute arbitrary SQL commands and bypass ...

Stack-based buffer overflow in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash) via an image filename between exactly 192 to 200 characters, which does not account for the "...

Gadu-Gadu 7.20 allows remote attackers to cause a denial of service (crash and configuration loss) via a page with a large number of gg: URIs.

Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code of 6 or 7, which triggers a large number of popup windows to the user and creates a large numbe...

Memory leak in Gadu-Gadu 7.20 allows remote attackers to cause a denial of service via multiple DCC packets with a code other than 2 and a large size field, which allocates memory for the packet but d...

Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certai...

Multiple SQL injection vulnerabilities in the search action in Zainu 2.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) term and (2) start parameters to index.php.

SQL injection vulnerability in answer.php in FAQSystems FAQRing Knowledge Base Software 3.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

SQL injection vulnerability in search.php in AtlantisFAQ Knowledge Base Software 2.03 and earlier allows remote attackers to execute arbitrary SQL commands via the searchStr parameter.

Multiple SQL injection vulnerabilities in Omnistar KBase 4.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter in users/comments.php, (2) category_i...

Multiple SQL injection vulnerabilities in Softbiz Resource Repository Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) sbres_id parameter in (a) details_res....

Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earlier allow remote attackers to execute arbitrary SQL commands via the (1) folder_id parameter in list....

Multiple SQL injection vulnerabilities in adcbrowres.php in AD Center ADC2000 NG Pro 1.2 and NG Pro Lite allow remote attackers to execute arbitrary SQL commands via the (1) cat and (2) lang parameter...