Internet Explorer 5.01 through 6 allows remote attackers to spoof arbitrary web sites by injecting content from one window into another window whose name is known but resides in a different domain, as...

Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code ...

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD documen...

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary code via an e-mail message with a crafted PDF attachment.

Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges.

Computer Associates eTrust EZ Antivirus 7.0.0 to 7.0.4, including 7.0.1.4, installs its files with insecure permissions (ACLs), which allows local users to gain privileges by replacing critical progra...

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.

Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges.

The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, ...

Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1...

Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.

Multiple buffer overflows in the enable command for SCO OpenServer 5.0.6 and 5.0.7 allow local users to execute arbitrary code via long command line arguments.

SQL injection vulnerability in (1) fdelmail.asp, (2) addressc.asp, and possibly (3) postmail.asp and (4) fmvmail.asp in CMailServer 5.2 allow remote attackers to inject arbitrary SQL commands and dele...

Buffer overflow in CMailCOM.dll in CMailServer 5.2 allows remote attackers to execute arbitrary code via an attachment with a long filename.

Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with administrator privileges, to execute arbitrary code via a long RedirectAll command.

Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to...

Safari 1.x to 1.2.4, and possibly other versions, allows inactive windows to launch dialog boxes, which can allow remote attackers to spoof the dialog boxes from web sites in other windows, aka the "D...

Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a...

Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.

Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows re...

The init scripts in ChessBrain 20407 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the programs.

The init scripts in Great Internet Mersenne Prime Search (GIMPS) 23.9 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifying the program...

The init scripts in Search for Extraterrestrial Intelligence (SETI) project 3.08-r3 and earlier execute user-owned programs with root privileges, which allows local users to gain privileges by modifyi...