Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via text strings that are not null terminated, which triggers a null dereference.

Format string vulnerability in Carsten's 3D Engine (Ca3DE), March 2004 version and earlier, allows remote attackers to execute arbitrary code via format string specifiers in a command.

Multiple SQL injection vulnerabilities in mod.php for phpCOIN 1.2.0 through 1.2.1b allow remote attackers to execute arbitrary SQL commands via the (1) the faq_id in the faq mod, (2) the id parameter ...

Unknown vulnerability in HTTP Anti Virus Proxy (HAVP) before 0.51 prevents viruses from being properly detected in certain files such as (1) .CAB or (2) .ZIP files.

SQL injection vulnerability in index.php for MercuryBoard 1.1.2 allows remote attackers to inject arbitrary SQL commands via the f parameter.

SQL injection vulnerability in the getwbbuserdata function in session.php for Woltlab Burning Board 2.0.3 through 2.3.0 allows remote attackers to execute arbitrary SQL commands via the (1) userid or ...

SQL injection vulnerability in a third party extension to TYPO3 allows remote attackers to execute arbitrary SQL commands via the category_uid parameter.

Multiple SQL injection vulnerabilities in ProjectBB 0.4.5.1 allow remote attackers to execute arbitrary SQL commands via (1) liste or (2) desc parameters to divers.php (incorrectly referred to as "dri...

SQL injection vulnerability in auth.php in paNews 2.0.4b allows remote attackers to execute arbitrary SQL via the mysql_prefix parameter.

Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4436 allows remote attackers to execute arbitrary code via a malformed LHA file with a type 2 header file name field, a variant of CV...

Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files.

SQL injection vulnerability in the Query Designer for Computer Associates (CA) Unicenter Asset Management (UAM) 4.0 allows remote attackers to execute arbitrary SQL via an imported file.

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer o...

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling th...

Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command.

Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command.

Buffer overflow in Golden FTP Server 1.92 allows remote attackers to execute arbitrary code via a long USER command.

Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.

Buffer overflow in RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to execute arbitrary code via a long URL.

SQL injection vulnerability in dl-search.php in PostNuke 0.750 and 0.760-RC2 allows remote attackers to execute arbitrary SQL commands via the show parameter.

Multiple SQL injection vulnerabilities in (1) index.php, (2) modules.php, or (3) admin.php in PostNuke 0.760-RC2 allow remote attackers to execute arbitrary SQL code via the catid parameter.

sessions.php in phpBB 2.0.12 and earlier allows remote attackers to gain administrator privileges via the autologinid value in a cookie.

Cisco IP/VC Videoconferencing System 3510, 3520, 3525 and 3530 contain hard-coded default SNMP community strings, which allows remote attackers to gain access, cause a denial of service, and modify co...

Multiple symlink vulnerabilities in portupgrade before 20041226_2 in FreeBSD allow local users to (1) overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkg_fetch, (...