FreeBSD VuXML

Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.

topic index


Topic Entered
"Content-Type" XSS vulnerability affecting other webmail systems 2004-07-05
11/libX11 multiple vulnerabilities 2023-10-12
a2ps -- format string vulnerability 2015-11-22
a2ps -- insecure command line argument handling 2004-10-20
a2ps -- insecure temporary file creation 2004-12-30
aacplusenc -- denial of service 2017-09-25
abiword, koffice -- stack based buffer overflow vulnerabilities 2006-02-20
Account takeover through API in GLPI 2023-10-11
Account takeover via Kanban feature in GLPI 2023-10-11
Account takeover via SQL Injection in UI layout preferences in GLPI 2023-10-11
AccountsService -- Insufficient path check in user_change_icon_file_authorized_cb() 2021-04-15
acme.sh -- closes potential remote vuln 2023-06-09
acroread -- buffer overflow vulnerability 2005-07-06
acroread -- insecure temporary file creation 2005-07-06
acroread -- plug-in buffer overflow vulnerability 2005-08-16
acroread -- XML External Entity vulnerability 2005-06-18
acroread uudecoder input validation error 2004-08-12
acroread5 -- mailListIsPdf() buffer overflow vulnerability 2004-12-21
acroread9 -- Multiple Vulnerabilities 2012-01-26
activemq -- Unsafe deserialization 2016-03-25
activemq -- Web Console Clickjacking 2016-03-25
activemq -- Web Console Cross-Site Scripting 2016-03-25
adminer -- remote code execution 2016-02-17
adminer -- XSS vulnerability 2016-02-17
adminer -- XSS vulnerability 2016-02-17
adminer -- XSS vulnerability 2016-02-17
adns -- multiple vulnerabilities 2020-08-20
Adobe Flash Player -- critical vulnerabilities 2015-05-13
Adobe Flash Player -- critical vulnerabilities 2015-06-11
Adobe Flash Player -- critical vulnerabilities 2015-07-14
Adobe Flash Player -- critical vulnerabilities 2015-07-08
Adobe Flash Player -- critical vulnerabilities 2015-08-12
Adobe Flash Player -- critical vulnerabilities 2015-04-17
Adobe Flash Player -- critical vulnerabilities 2015-03-13
Adobe Flash Player -- critical vulnerabilities 2015-06-24
Adobe Flash Player -- critical vulnerability 2015-01-26
Adobe Flash Player -- multiple vulnerabilities 2015-01-22
advancecomp -- multiple vulnerabilities 2021-11-19
advancecomp -- Multiple vulnerabilities 2022-11-24
aide -- heap-based buffer overflow 2022-01-23
aiohttp -- open redirect vulnerability 2021-06-03
All versions of Apache OpenOffice through 4.1.9 can open non-http(s) hyperlinks. If the link is specifically crafted this could lead to untrusted code execution. 2021-04-20
alsaplayer -- multiple vulnerabilities 2006-08-13
amarok -- multiple vulnerabilities 2009-03-23
amavisd-new -- multipart boundary confusion 2024-03-17
amaya -- Attribute Value Buffer Overflow Vulnerabilities 2006-04-27
amaya -- multiple buffer overflow vulnerabilities 2009-02-09
AMD CPUs -- Guest Memory Vulnerabilities 2024-08-10
ampache -- insecure temporary file usage 2008-12-26
ansible - subversion password leak from PID 2020-04-17
ansible - Vault password leak from temporary file 2020-04-17
ansible - win_unzip path normalization 2020-04-17
Ansible -- Ansible user credentials disclosure in ansible-connection module 2021-10-11
ansible -- code execution from compromised remote host data or untrusted local data 2015-07-02
Ansible -- Command execution on Ansible controller from host 2017-01-12
ansible -- enable host key checking in paramiko connection type 2015-07-02
ansible -- information disclosure flaw 2017-09-25
ansible -- Input validation flaw in jinja2 templating system 2017-06-02
Ansible -- Insecure Temporary File 2021-05-05
ansible -- local symlink exploits 2015-07-02
ansible -- multiple vulnerabilities 2015-07-02
ansible -- multiple vulnerabilities 2015-07-02
ansible -- remote code execution vulnerability 2015-07-02
Ansible -- Templating engine bug 2021-06-24
ansible -- use of predictable paths in lxc_container 2016-04-20
Anydesk -- Multiple Vulnerabilities 2020-07-04
apache -- ap_resolve_env buffer overflow 2004-09-15
apache -- Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication 2023-12-10
apache -- apr_uri_parse IPv6 address handling vulnerability 2004-09-15
apache -- Certificate Revocation List (CRL) off-by-one vulnerability 2005-09-17
apache -- Cross-site scripting vulnerability 2009-03-11
Apache -- Denial of service vulnerability in HTTP/2 2018-09-26
apache -- heap overflow in mod_proxy 2004-09-19
Apache -- HTTP OPTIONS method can leak server memory 2017-09-19
apache -- http request smuggling 2005-07-26
Apache -- Insecure LD_LIBRARY_PATH handling 2012-08-01
apache -- mod_imap cross-site scripting flaw 2006-01-01
apache -- mod_rewrite buffer overflow vulnerability 2006-07-28
apache -- multiple vulnerabilities 2008-06-24
apache -- multiple vulnerabilities 2018-03-24
Apache -- Multiple vulnerabilities 2019-04-02
Apache -- Multiple vulnerabilities 2019-08-17
Apache -- Multiple vulnerabilities 2020-04-02
apache -- multiple vulnerabilities 2007-09-11
apache -- multiple vulnerabilities 2012-01-31
apache -- Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long) 2010-02-03
apache -- Range header DoS vulnerability 2011-08-30
apache -- Remote DoS bug in mod_cache and mod_dav 2010-07-26
apache -- several vulnerabilities 2014-03-22
Apache -- vulnerability 2019-01-23
Apache 1.3 -- mod_proxy reverse proxy exposure 2011-11-14
Apache 1.3 IP address access control failure on some 64-bit platforms 2004-03-08
Apache 2 mod_ssl denial-of-service 2004-03-08
Apache Ant leaks sensitive information via the java.io.tmpdir 2020-09-28
Apache APR -- DoS vulnerabilities 2011-05-12
Apache APR -- DoS vulnerabilities 2011-05-23
Apache APR -- DoS vulnerabilities 2011-11-13
Apache Commons FileUpload -- denial of service (DoS) vulnerability 2016-06-26
Apache httpd -- denial of service in HTTP/2 2016-12-06
Apache httpd -- Multiple vulnerabilities 2021-12-20
Apache httpd -- Multiple vulnerabilities 2023-03-11
Apache httpd -- Multiple vulnerabilities 2024-07-01
Apache httpd -- multiple vulnerabilities 2017-07-13
Apache httpd -- Multiple vulnerabilities 2021-06-10
Apache httpd -- Multiple vulnerabilities 2022-03-15
Apache httpd -- multiple vulnerabilities 2024-04-05
Apache httpd -- Multiple vulnerabilities 2020-08-08
Apache httpd -- multiple vulnerabilities 2018-07-18
Apache httpd -- multiple vulnerabilities 2021-09-17
Apache httpd -- Multiple vulnerabilities 2023-10-19
Apache httpd -- Multiple vulnerabilities 2021-10-05
Apache httpd -- Multiple vulnerabilities 2023-01-17
Apache httpd -- Multiple vulnerabilities 2022-06-09
Apache httpd -- Path Traversal and Remote Code Execution 2021-10-07
Apache httpd -- several vulnerabilities 2017-06-20
Apache httpd -- several vulnerabilities 2016-12-21
Apache httpd -- source code disclosure 2024-07-04
Apache httpd -- Source code disclosure with handlers configured via AddType 2024-07-17
Apache Maven -- multiple vulnerabilities 2021-04-19
apache mod_include buffer overflow vulnerability 2004-11-06
Apache OpenOffice -- master password vulnerabilities 2023-03-08
Apache OpenOffice -- multiple vulnerabilities 2017-10-24
Apache OpenOffice -- multiple vulnerabilities. 2021-10-09
Apache OpenOffice -- Unrestricted actions leads to arbitrary code execution in crafted documents 2020-11-10
Apache OpenOffice 4.1.2 -- Memory Corruption Vulnerability (Impress Presentations) 2016-07-21
Apache Tomcat -- Multiple Vulnerabilities 2020-07-23
Apache Tomcat Remote Code Execution via session persistence 2020-05-22
Apache Traffic Server -- heap overflow vulnerability 2012-03-24
Apache-SSL optional client certificate vulnerability 2004-02-10
apache-xml-security-c -- heap overflow 2013-06-18
apache-xml-security-c -- heap overflow during XPointer evaluation 2013-06-28
apache13-modssl -- format string vulnerability in proxy support 2004-10-17
apache2 -- SSL remote DoS 2004-10-21
apache2 multiple space header denial-of-service vulnerability 2004-11-10
apache22 -- chunk header parsing defect 2015-07-17
apache22 -- several vulnerabilities 2013-07-05
apache22 -- several vulnerabilities 2013-03-02
apache22 -- several vulnerabilities 2014-07-24
apache22 -- several vulnerabilities 2012-11-02
apache22 -- several vulnerabilities 2009-08-25
apache24 -- multiple vulnerabilities 2015-07-15
apache24 -- several vulnerabilities 2015-01-31
apache24 -- several vulnerabilities 2014-07-19
apache24 -- several vulnerabilities 2013-07-20
apache24 -- X509 Client certificate based authentication can be bypassed when HTTP/2 is used 2016-07-05
apr -- multiple vulnerabilities 2009-06-08
apr -- multiple vunerabilities 2010-10-06
Arbitrary code execution via a format string vulnerability in jftpgw 2004-08-13
arj -- multiple vulnerabilities 2017-10-19
ark -- directory traversal 2020-07-30
ark -- extraction outside of extraction directory 2020-08-28
Arti -- Security issues related to circuit construction 2024-05-18
asterisk -- AMI user could execute system commands 2019-11-22
asterisk -- An unsuspecting user could crash Asterisk with multiple hold/unhold requests 2021-02-18
asterisk -- Asterisk Susceptibility to POODLE Vulnerability 2014-10-21
asterisk -- Authentication Bypass 2016-12-09
asterisk -- Buffer overflow in CDR's set user 2017-04-04
asterisk -- Buffer overflow in CDR's set user 2017-11-09
asterisk -- Buffer overflow in pjproject header parsing can cause crash in Asterisk 2017-11-09
asterisk -- Buffer Overrun in PJSIP transaction layer 2017-05-19
asterisk -- Crash in PJSIP resource when missing a contact header 2017-12-23
asterisk -- Crash on ACK from unknown endpoint 2016-09-08
asterisk -- Crash on SDP offer or answer from endpoint using Opus 2016-12-09
asterisk -- Crash when negotiating for T.38 with a declined stream 2019-09-06
asterisk -- Crash when negotiating T.38 with a zero port 2021-03-04
asterisk -- denial of service vulnerability, local system access 2006-04-25
asterisk -- DOS Vulnerability in Asterisk chan_skinny 2017-12-01
asterisk -- Exploitable Stack and Heap Array Overflows 2011-02-22
asterisk -- Exploitable Stack Buffer Overflow 2011-01-19
asterisk -- File descriptor leak when incompatible codecs are offered 2015-01-29
Asterisk -- func_odbc: Possible SQL Injection 2022-04-14
asterisk -- Infinite loop when reading iostreams 2018-06-11
asterisk -- Long Contact URIs in REGISTER requests can crash Asterisk 2016-04-15
asterisk -- Memory exhaustion on short SCCP packets 2017-05-19
asterisk -- Memory/File Descriptor/RTP leak in pjsip session resource 2017-11-09
asterisk -- Mitigation for libcURL HTTP request injection vulnerability 2015-01-29
asterisk -- Multiple vulnerabilities 2014-11-21
asterisk -- multiple vulnerabilities 2014-06-17
Asterisk -- multiple vulnerabilities 2023-02-02
asterisk -- Multiple Vulnerabilities 2011-03-16
asterisk -- Multiple Vulnerabilities 2011-12-09
asterisk -- Multiple vulnerabilities 2014-11-21
asterisk -- multiple vulnerabilities 2022-03-05
asterisk -- multiple vulnerabilities 2012-03-15
asterisk -- multiple vulnerabilities 2014-03-10
asterisk -- multiple vulnerabilities 2013-01-03
Asterisk -- multiple vulnerabilities 2011-04-21
asterisk -- multiple vulnerabilities 2013-12-17
asterisk -- multiple vulnerabilities 2013-08-28
Asterisk -- multiple vulnerabilities 2022-04-14
asterisk -- multiple vulnerabilities 2012-05-29
asterisk -- multiple vulnerabilities 2012-07-06
asterisk -- Multiple vulnerabilities 2016-02-04
asterisk -- multiple vulnerabilities 2012-04-23
asterisk -- multiple vulnerabilities 2012-08-30
Asterisk -- multiple vulnerabilities 2011-06-25
asterisk -- multiple vulnerabilities 2018-02-22
asterisk -- multiple vulnerabilities 2013-03-29
asterisk -- Outbound INVITE loop on challenge with different nonce 2020-11-05
asterisk -- pjproject/pjsip: crash when SSL socket destroyed during handshake 2021-07-23
asterisk -- PJSIP endpoint presence disclosure when using ACL 2018-06-11
asterisk -- Re-invite with T.38 and malformed SDP causes crash 2019-11-22
asterisk -- Remote attacker could prematurely tear down SRTP calls 2021-02-18
asterisk -- Remote crash in res_pjsip_diversion 2021-02-18
asterisk -- Remote crash in res_pjsip_diversion 2020-12-22
asterisk -- Remote crash in res_pjsip_session 2020-11-05
asterisk -- Remote crash possible when negotiating T.38 2021-02-18
asterisk -- Remote Crash Vulerability in res_pjsip 2017-09-01
asterisk -- remote crash vulnerability 2012-06-14
asterisk -- Remote crash vulnerability 2011-06-02
asterisk -- Remote crash vulnerability DNS SRV and NAPTR lookups 2018-11-14
asterisk -- Remote Crash Vulnerability in audio transcoding 2019-09-06
asterisk -- Remote Crash Vulnerability in chan_sip channel driver 2019-07-12
asterisk -- Remote crash vulnerability in HTTP websocket upgrade 2018-09-21
asterisk -- Remote Crash Vulnerability in PJSIP channel driver 2021-07-23
asterisk -- Remote Crash Vulnerability in PJSIP channel driver 2021-02-18
asterisk -- Remote Crash Vulnerability in RTCP Stack 2017-12-13
asterisk -- remote crash vulnerability in SIP channel driver 2011-10-17
asterisk -- Remote Crash Vulnerability in WebSocket Server 2014-12-11
asterisk -- Remote crash vulnerability with MESSAGE messages 2019-07-12
asterisk -- Remote crash vulnerability with SDP protocol violation 2019-03-01
asterisk -- Remote crash when using IAX2 channel driver 2021-07-23
asterisk -- remote heap overwrite vulnerability 2006-10-20
asterisk -- Remotely triggered crash 2014-09-18
asterisk -- RTP Resource Exhaustion 2016-09-08
asterisk -- RTP/RTCP information leak 2017-09-19
asterisk -- SIP request can change address of a SIP peer 2019-11-22
asterisk -- SRTP Video Remote Crash Vulnerability 2012-01-20
asterisk -- TLS Certificate Common name NULL byte exploit 2015-04-08
asterisk -- Unauthorized data disclosure and shell access command injection in app_minivm 2017-09-01
asterisk and pjsip -- multiple vulnerabilities 2018-02-22
atheme-services -- multiple vulnerabilities 2016-12-16
atutor -- multiple vulnerabilities 2016-07-16
atutor -- multiple vulnerabilities 2016-07-16
automake -- Insecure 'distcheck' recipe granted world-writable distdir 2012-08-06
avahi -- denial of service 2011-03-13
avidemux26 -- multiple vulnerabilities in bundled FFmpeg 2015-06-01
awstats -- arbitrary code execution vulnerability 2005-08-14
awstats -- arbitrary command execution 2005-02-16
awstats -- arbitrary command execution vulnerability 2006-05-05
awstats -- arbitrary commands execution vulnerability 2011-02-10
awstats -- multiple XSS vulnerabilities 2009-01-04
awstats -- remote code execution 2018-01-08
awstats -- remote command execution vulnerability 2005-01-18
axel -- remote buffer overflow 2005-04-17
Axis2 -- Cross-site scripting (XSS) vulnerability 2016-10-18
Axis2 -- Security vulnerabilities on dependency Apache HttpClient 2016-10-28
Axis2 -- Security vulnerability on dependency Apache Commons FileUpload 2017-08-09
bacula -- Console ACL Bypass 2012-09-15
Bacula-Web -- Multiple Vulnerabilities 2021-10-05
base -- PHP SQL injection vulnerability 2005-10-31
bash -- out-of-bounds memory access in parser 2014-10-01
bash -- remote code execution 2014-10-01
bash -- remote code execution vulnerability 2014-09-24
bastillion -- log4j vulnerability 2021-12-14
bchunk -- access violation near NULL on destination operand and crash 2018-02-13
bchunk -- heap-based buffer overflow (with invalid free) and crash 2018-02-13
bchunk -- heap-based buffer overflow and crash 2018-02-13
bftpd -- Multiple vulnerabilities 2020-08-10
bidwatcher -- format string vulnerability 2005-02-18
bind -- buffer overrun vulnerability 2005-09-03
bind -- denial of service vulnerability 2014-01-13
bind -- denial of service vulnerability 2016-01-22
bind -- denial of service vulnerability 2015-07-07
bind -- denial of service vulnerability 2016-03-28
bind -- denial of service vulnerability 2014-12-11
bind -- denial of service vulnerability 2015-02-23
bind -- denial of service vulnerability 2016-03-28
bind -- denial of service vulnerability 2016-03-28
bind -- denial of service vulnerability 2016-01-20
bind -- denial of service vulnerability 2015-09-03
bind -- denial of service vulnerability 2016-08-06
bind -- denial of service vulnerability 2013-07-26
bind -- denial of service vulnerability 2015-09-03
bind -- denial of service vulnerability 2015-07-28
BIND -- Dynamic update message remote DoS 2009-08-01
BIND -- Large RRSIG RRsets and Negative Caching DoS 2011-06-04
bind -- Multiple Denial of Service vulnerabilities 2007-02-27
BIND -- multiple vulnerabilities 2017-01-12
bind -- multiple vulnerabilities 2015-12-16
BIND -- multiple vulnerabilities 2018-05-21
BIND -- multiple vulnerabilities 2017-04-13
BIND -- Remote Denial of Service vulnerability 2016-09-28
BIND -- Remote Denial of Service vulnerability 2016-11-02
BIND -- Remote Denial of Service vulnerability 2020-06-18
BIND -- Remote Denial of Service vulnerability 2020-06-18
BIND -- Remote DOS 2011-11-16
BIND -- Remote DoS against authoritative and recursive servers 2011-07-05
BIND -- Remote DoS with certain RPZ configurations 2011-07-05
BIND,Knot,NSD,PowerDNS -- denial over service via oversized zone transfers 2016-08-10
bind8 negative cache poison attack 2003-12-12
bind9 -- denial of service 2005-09-03
bind9 -- Denial of Service in named(8) 2006-12-19
binutils -- excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section() 2021-08-13
binutils -- Multiple vulnerabilities 2024-09-06
bip -- buffer overflow 2012-02-11
bitcoin -- denial of service 2012-09-02
bitcoin -- denial of service 2015-07-06
bitcoin -- Denial of Service and Possible Mining Inflation 2018-09-29
bitlbee -- account recreation security issues 2008-09-26
bitmessage -- remote code execution vulnerability 2018-02-14
bmon -- unsafe set-user-ID application 2004-10-05
bnc -- remotely exploitable buffer overflow in getnickuserhost 2004-12-04
bogofilter -- heap corruption by invalid base64 input 2012-12-03
bogofilter -- heap corruption through excessively long words 2006-01-07
bogofilter -- heap corruption through malformed input 2006-01-07
bogofilter -- heap underrun on malformed base64 input 2010-07-06
bogofilter -- RFC 2047 decoder denial-of-service vulnerability 2004-10-26
Borg (Backup) -- flaw in cryptographic authentication scheme in Borg allowed an attacker to fake archives and indirectly cause backup data loss. 2023-08-31
borgbackup -- remote users can override repository restrictions 2017-11-29
botan -- cryptographic vulnerability 2016-06-14
botan -- multiple vulnerabilities 2016-06-14
Botan BER Decoder vulnerabilities 2016-03-31
botan2 -- ECDSA side channel 2018-08-17
botan2 -- Side channel during ECC key generation 2019-01-27
bouncycastle15 -- bcrypt password checking vulnerability 2021-08-20
Boundary checking errors in syscons 2004-10-04
bro -- "Magellan" remote code execution vulnerability in bundled sqlite 2018-12-20
bro -- array bounds and potential DOS issues 2018-08-29
bro -- integer overflow allows remote DOS 2018-02-16
bro -- invalid memory access or heap buffer over-read 2019-09-17
bro -- multiple memory allocation issues 2018-06-06
bro -- Null pointer dereference and Signed integer overflow 2019-08-09
bro -- out of bounds write allows remote DOS 2018-02-16
bro -- Unsafe integer conversions can cause unintentional code paths to be executed 2019-05-31
brotli -- buffer overflow 2016-03-08
bsh -- remote code execution vulnerability 2016-02-21
buffer cache invalidation implementation issues 2004-05-26
Buffer overflow in INN control message handling 2004-01-08
Buffer overflow in Mutt 1.4 2004-02-12
Buffer overflow in pam_smb password handling 2003-10-25
Buffer overflow in Squid NTLM authentication helper 2004-06-09
Buffer overflows and format string bugs in Emil 2004-03-28
Buffer overflows in libmcrypt 2003-10-25
Buffer overflows in XFree86 servers 2004-02-12
bugzilla -- "createmailregexp" security bypass vulnerability 2007-09-20
bugzilla -- Cross Site Request Forgery 2014-07-25
bugzilla -- Cross-Site Request Forgery 2014-04-18
bugzilla -- cross-site scripting vulnerability 2005-01-24
Bugzilla -- Directory Traversal in importxml.pl 2008-08-15
bugzilla -- information disclosure 2010-07-05
bugzilla -- information disclosure, denial of service 2010-08-24
bugzilla -- information leak 2009-11-23
bugzilla -- information leak 2010-02-01
bugzilla -- multiple serious vulnerabilities 2011-01-25
bugzilla -- multiple vulnerabilities 2013-10-17
bugzilla -- multiple vulnerabilities 2006-11-11
bugzilla -- multiple vulnerabilities 2012-04-21
bugzilla -- multiple vulnerabilities 2005-07-08
bugzilla -- multiple vulnerabilities 2012-09-01
bugzilla -- multiple vulnerabilities 2006-02-27
bugzilla -- multiple vulnerabilities 2007-09-21
bugzilla -- multiple vulnerabilities 2012-11-14
bugzilla -- multiple vulnerabilities 2012-07-27
bugzilla -- multiple vulnerabilities 2012-02-06
bugzilla -- multiple vulnerabilities 2013-02-20
bugzilla -- multiple vulnerabilities 2011-08-13
bugzilla -- multiple vulnerabilities 2012-01-05
bugzilla -- product name information leak 2009-08-05
bugzilla -- Social Engineering 2014-04-18
bugzilla -- two SQL injections, sensitive data exposure 2009-09-17
bugzilla Cross-Site Request Forgery 2012-04-10
Bugzilla multiple security issues 2014-10-06
Bugzilla multiple security issues 2015-01-26
Bugzilla security issues 2016-05-17
Bugzilla security issues 2015-09-14
Bugzilla security issues 2018-02-16
Bugzilla security issues 2015-12-23
buildbot -- CRLF injection in Buildbot login and logout redirect code 2019-04-26
buildbot -- OAuth Authentication Vulnerability 2019-06-01
bzip2 -- crash with certain malformed archive files 2008-03-20
bzip2 -- denial of service and permission race vulnerabilities 2005-06-29
bzip2 -- integer overflow vulnerability 2010-10-25
bzip2 -- multiple issues 2019-06-30
c-ares -- DNS Cache Poisoning Vulnerability 2007-06-09
ca_root_nss -- extraction of explicitly-untrusted certificates into trust bundle 2011-09-04
cabextract -- directory traversal with UTF-8 symbols in filenames 2015-05-31
cabextract -- insecure directory handling 2004-10-20
cacti -- ADOdb "server.php" Insecure Test Script Security Issue 2006-04-27
cacti -- allow remote attackers to execute arbitrary SQL commands 2013-08-29
cacti -- Authenticated users may bypass authorization checks 2019-10-02
cacti -- Cross Site Scripting issue 2017-10-19
Cacti -- Cross-site scripting (XSS) vulnerability in auth_profile.php 2017-07-29
Cacti -- Cross-site scripting (XSS) vulnerability in link.php 2017-07-17
cacti -- cross-site scripting issues 2009-11-23
cacti -- multiple security vulnerabilities 2015-06-21
cacti -- Multiple security vulnerabilities have been discovered 2008-02-12
Cacti -- multiple vulnerabilities 2020-07-27
cacti -- multiple vulnerabilities 2020-01-06
cacti -- multiple vulnerabilities 2020-04-02
cacti -- multiple vulnerabilities 2005-07-05
cacti -- multiple vulnerabilities 2016-05-28
cacti -- multiple vulnerabilities 2017-11-20
cacti -- multiple vulnerabilities 2010-06-24
cacti -- Multiple vulnerabilities 2011-10-26
cacti -- Multiple vulnerabilities 2007-01-12
cacti -- multiple vulnerabilities 2016-03-02
cacti -- Multiple XSS and SQL injection vulnerabilities 2015-06-21
cacti -- Multiple XSS and SQL injection vulnerabilities 2015-07-20
cacti -- potential SQL injection and cross site scripting attacks 2005-06-21
cacti -- SQL injection 2004-10-17
cacti -- SQL injection and command execution vulnerabilities 2010-04-24
cacti -- SQL injection vulnerabilities 2016-01-05
cacti -- SQL Injection was possible due to incorrect validation order 2021-06-10
cacti -- XSS exposure 2020-05-04
CairoSVG -- Regular Expression Denial of Service vulnerability 2021-01-10
Calligra, KOffice -- input validation failure 2012-08-26
caml-light -- insecure use of temporary files 2011-11-06
Carrierwave -- Multiple vulnerabilities 2021-04-28
cassandra -- remote execution of arbitrary code 2015-05-24
cassandra3 -- arbitrary code execution 2023-01-11
cassandra3 -- jBCrypt integer overflow 2023-01-11
cassandra3 -- multiple vulnerabilities 2023-01-11
CCE contains exploitable buffer overflows 2004-02-12
cdf3 -- Buffer overflow vulnerability 2008-08-19
cdrdao -- unspecified privilege escalation vulnerability 2005-05-19
ceph14 -- HTTP header injection via CORS ExposeHeader tag 2020-08-16
ceph14 -- multiple security issues 2020-04-14
cfengine -- arbitrary file overwriting vulnerability 2005-10-01
cgit -- directory traversal vulnerability 2018-08-04
cgit -- multiple vulnerabilities 2016-01-20
cgiwrap -- XSS Vulnerability 2009-01-13
ChaSen -- buffer overflow 2014-04-13
chicken -- buffer overrun in substring-index[-ci] 2015-06-22
chicken -- multiple vulnerabilities 2018-08-12
chicken -- multiple vulnerabilities 2017-02-04
chicken -- Potential buffer overrun in string-translate* 2015-06-22
ChiTeX/ChiLaTeX unsafe set-user-id root 2004-02-12
chocolate-doom -- Arbitrary code execution 2021-01-22
chromium -- heap buffer overflow 2020-08-18
chromium -- heap buffer overflow in V8 2021-02-05
chromium -- Incorrect handling of CSP header 2018-06-10
chromium -- insufficient data validation in Mojo 2022-09-03
chromium -- mulitple vulnerabilities 2022-10-12
Chromium -- mulitple vulnerabilities 2022-04-12
chromium -- multiple security fixes 2024-10-26
chromium -- multiple security fixes 2024-08-06
chromium -- multiple security fixes 2024-10-26
chromium -- multiple security fixes 2024-04-12
chromium -- multiple security fixes 2023-11-16
chromium -- multiple security fixes 2024-06-03
chromium -- multiple security fixes 2023-11-29
chromium -- multiple security fixes 2024-09-13
chromium -- multiple security fixes 2023-12-11
chromium -- multiple security fixes 2024-11-02
chromium -- multiple security fixes 2023-12-13
chromium -- multiple security fixes 2024-11-06
chromium -- multiple security fixes 2024-08-29
chromium -- multiple security fixes 2024-04-25
chromium -- multiple security fixes 2024-04-04
chromium -- multiple security fixes 2024-03-27
chromium -- multiple security fixes 2024-07-31
chromium -- multiple security fixes 2024-05-22
chromium -- multiple security fixes 2024-03-22
chromium -- multiple security fixes 2024-01-04
chromium -- multiple security fixes 2024-09-03
chromium -- multiple security fixes 2024-05-02
chromium -- multiple security fixes 2024-06-18
chromium -- multiple security fixes 2024-01-17
chromium -- multiple security fixes 2024-06-20
chromium -- multiple security fixes 2024-07-30
chromium -- multiple security fixes 2024-10-09
chromium -- multiple security fixes 2024-08-22
chromium -- multiple security fixes 2024-03-06
chromium -- multiple security fixes 2024-10-09
chromium -- multiple security fixes 2024-09-30
chromium -- multiple security fixes 2024-02-29
chromium -- multiple security fixes 2024-02-24
chromium -- multiple security fixes 2024-02-02
chromium -- multiple security fixes 2024-02-02
chromium -- multiple security fixes 2024-05-12
chromium -- multiple security fixes 2024-02-08
chromium -- multiple security fixes 2024-06-25
chromium -- multiple security fixes 2024-05-14
chromium -- multiple security fixes 2024-04-21
chromium -- multiple vulnerabilities 2020-08-26
chromium -- multiple vulnerabilities 2022-05-10
chromium -- multiple vulnerabilities 2016-03-29
chromium -- multiple vulnerabilities 2017-09-06
chromium -- multiple vulnerabilities 2015-02-06
chromium -- multiple vulnerabilities 2020-09-09
chromium -- multiple vulnerabilities 2022-03-02
chromium -- multiple vulnerabilities 2015-11-11
chromium -- multiple vulnerabilities 2023-01-10
chromium -- multiple vulnerabilities 2023-06-13
chromium -- multiple vulnerabilities 2016-06-17
chromium -- multiple vulnerabilities 2019-01-05
chromium -- multiple vulnerabilities 2023-06-27
chromium -- multiple vulnerabilities 2015-01-21
chromium -- multiple vulnerabilities 2022-08-17
chromium -- multiple vulnerabilities 2023-06-07
chromium -- multiple vulnerabilities 2015-12-02
chromium -- multiple vulnerabilities 2018-01-23
chromium -- multiple vulnerabilities 2020-08-11
chromium -- multiple vulnerabilities 2022-08-31
chromium -- multiple vulnerabilities 2022-03-15
chromium -- multiple vulnerabilities 2023-05-31
chromium -- multiple vulnerabilities 2022-06-22
chromium -- multiple vulnerabilities 2021-06-10
chromium -- multiple vulnerabilities 2016-12-05
chromium -- multiple vulnerabilities 2015-12-13
chromium -- multiple vulnerabilities 2021-06-18
chromium -- multiple vulnerabilities 2023-05-17
chromium -- multiple vulnerabilities 2020-04-12
chromium -- multiple vulnerabilities 2021-03-31
chromium -- multiple vulnerabilities 2017-09-22
chromium -- multiple vulnerabilities 2021-05-11
chromium -- multiple vulnerabilities 2023-09-06
chromium -- multiple vulnerabilities 2022-02-15
chromium -- multiple vulnerabilities 2015-12-18
chromium -- multiple vulnerabilities 2018-05-30
chromium -- multiple vulnerabilities 2021-04-14
chromium -- multiple vulnerabilities 2023-05-03
chromium -- multiple vulnerabilities 2020-07-28
chromium -- multiple vulnerabilities 2021-09-21
chromium -- multiple vulnerabilities 2017-03-30
chromium -- multiple vulnerabilities 2022-08-03
chromium -- multiple vulnerabilities 2020-09-22
chromium -- multiple vulnerabilities 2021-03-16
chromium -- multiple vulnerabilities 2022-09-14
chromium -- multiple vulnerabilities 2021-07-16
chromium -- multiple vulnerabilities 2018-01-23
chromium -- multiple vulnerabilities 2021-11-16
chromium -- multiple vulnerabilities 2023-04-20
chromium -- multiple vulnerabilities 2020-07-15
chromium -- multiple vulnerabilities 2022-06-09
chromium -- multiple vulnerabilities 2023-04-15
chromium -- multiple vulnerabilities 2022-02-02
chromium -- multiple vulnerabilities 2020-10-07
chromium -- multiple vulnerabilities 2017-08-01
chromium -- multiple vulnerabilities 2021-07-21
chromium -- multiple vulnerabilities 2022-03-29
chromium -- multiple vulnerabilities 2021-02-17
chromium -- multiple vulnerabilities 2014-11-18
chromium -- multiple vulnerabilities 2022-09-27
chromium -- multiple vulnerabilities 2016-11-10
chromium -- multiple vulnerabilities 2015-03-04
chromium -- multiple vulnerabilities 2016-06-06
chromium -- multiple vulnerabilities 2022-09-30
chromium -- multiple vulnerabilities 2015-10-13
chromium -- multiple vulnerabilities 2021-03-04
chromium -- multiple vulnerabilities 2015-05-19
chromium -- multiple vulnerabilities 2017-10-21
chromium -- multiple vulnerabilities 2018-05-11
chromium -- multiple vulnerabilities 2020-10-21
chromium -- multiple vulnerabilities 2023-11-03
chromium -- multiple vulnerabilities 2016-05-28
chromium -- multiple vulnerabilities 2016-01-21
chromium -- multiple vulnerabilities 2022-07-20
chromium -- multiple vulnerabilities 2016-10-31
chromium -- multiple vulnerabilities 2023-07-20
chromium -- multiple vulnerabilities 2021-01-07
chromium -- multiple vulnerabilities 2016-05-28
chromium -- multiple vulnerabilities 2023-10-11
chromium -- multiple vulnerabilities 2016-10-31
chromium -- multiple vulnerabilities 2021-01-22
chromium -- multiple vulnerabilities 2018-02-27
chromium -- multiple vulnerabilities 2015-09-27
chromium -- multiple vulnerabilities 2016-05-28
chromium -- multiple vulnerabilities 2021-04-15
chromium -- multiple vulnerabilities 2023-01-25
chromium -- multiple vulnerabilities 2017-06-16
chromium -- multiple vulnerabilities 2020-06-24
chromium -- multiple vulnerabilities 2021-10-29
chromium -- multiple vulnerabilities 2022-10-25
chromium -- multiple vulnerabilities 2016-02-09
chromium -- multiple vulnerabilities 2022-12-14
chromium -- multiple vulnerabilities 2022-04-15
chromium -- multiple vulnerabilities 2023-04-05
chromium -- multiple vulnerabilities 2021-08-03
chromium -- multiple vulnerabilities 2023-09-13
chromium -- multiple vulnerabilities 2020-04-02
chromium -- multiple vulnerabilities 2019-11-12
chromium -- multiple vulnerabilities 2020-11-03
chromium -- multiple vulnerabilities 2021-09-14
chromium -- multiple vulnerabilities 2023-08-04
chromium -- multiple vulnerabilities 2020-06-05
chromium -- multiple vulnerabilities 2017-06-06
chromium -- multiple vulnerabilities 2016-04-19
chromium -- multiple vulnerabilities 2021-10-19
chromium -- multiple vulnerabilities 2022-01-05
chromium -- multiple vulnerabilities 2017-03-12
chromium -- multiple vulnerabilities 2016-09-16
chromium -- multiple vulnerabilities 2017-01-26
chromium -- multiple vulnerabilities 2022-05-24
chromium -- multiple vulnerabilities 2021-12-14
chromium -- multiple vulnerabilities 2017-04-21
chromium -- multiple vulnerabilities 2023-03-22
chromium -- multiple vulnerabilities 2022-11-09
chromium -- multiple vulnerabilities 2015-04-27
chromium -- multiple vulnerabilities 2021-05-26
chromium -- multiple vulnerabilities 2021-10-08
chromium -- multiple vulnerabilities 2023-03-09
chromium -- multiple vulnerabilities 2016-09-13
chromium -- multiple vulnerabilities 2021-08-17
chromium -- multiple vulnerabilities 2021-04-27
chromium -- multiple vulnerabilities 2023-08-17
chromium -- multiple vulnerabilities 2016-09-13
chromium -- multiple vulnerabilities 2022-04-28
chromium -- multiple vulnerabilities 2016-03-05
chromium -- multiple vulnerabilities 2020-12-05
chromium -- multiple vulnerabilities 2015-04-28
chromium -- multiple vulnerabilities 2018-07-27
chromium -- multiple vulnerabilities 2020-05-24
chromium -- multiple vulnerabilities 2017-11-10
chromium -- multiple vulnerabilities 2021-04-21
chromium -- multiple vulnerabilities 2015-07-25
chromium -- multiple vulnerabilities 2023-08-24
chromium -- multiple vulnerabilities 2023-02-22
chromium -- multiple vulnerabilities 2016-07-22
chromium -- multiple vulnerabilities 2022-11-30
chromium -- multiple vulnerabilities 2015-09-02
chromium -- multiple vulnerabilities 2022-11-25
chromium -- multiple vulnerabilities 2023-02-10
chromium -- multiple vulnerabilities 2021-09-01
chromium -- multiple vulnerabilities 2023-09-29
chromium -- multiple vulnerabilities 2022-07-07
chromium -- multiple vulnerabilities 2016-03-29
chromium -- multiple vulnerabilities 2023-10-27
chromium -- multiple vulnerabilities 2021-12-07
chromium -- multiple vulnerabilities 2021-09-30
chromium -- multiple vulnerabilities 2022-01-20
chromium -- out of bounds read 2018-01-23
chromium -- out-of-bounds memory access 2016-11-03
chromium -- race condition vulnerability 2017-05-03
chromium -- same origin bypass 2016-02-18
chromium -- security fix 2024-01-10
chromium -- security fix 2024-05-29
chromium -- security fix 2024-02-14
chromium -- security fix 2023-12-21
chromium -- security update 2023-11-08
chromium -- Stack overflow in V8 2017-10-28
chromium -- Type confusion in V8 2022-04-05
chromium -- Type confusion in V8 2022-12-03
chromium -- type confusion in v8 2023-10-04
chromium -- Type confusion in V8 2022-10-28
chromium -- use after free 2020-04-16
chromium -- use after free 2019-06-15
chromium -- use after free in MediaStream 2023-08-30
chromium -- Use after free in PDFium 2019-01-05
chromium -- use after free in Portals 2021-09-24
chromium -- V8 type confusion 2022-03-25
chromium -- vulnerability 2018-03-08
chromium -- vulnerability 2018-02-27
chromium -- vulnerability 2018-04-30
chromium -- vulnerability 2018-04-24
chromium -- vulnerability 2018-03-27
chrony -- multiple vulnerabilities 2015-04-18
chrony <= 3.5.1 data corruption through symlink vulnerability writing the pidfile 2020-08-22
clamav -- arbitrary code execution and DoS vulnerabilities 2005-09-24
clamav -- cabinet file handling DoS vulnerability 2005-07-06
clamav -- CHM Processing Denial of Service 2008-09-12
clamav -- CHM unpacker and PE rebuilding vulnerabilities 2006-10-16
clamav -- ClamAV libclamav PE File Integer Overflow Vulnerability 2008-02-15
clamav -- Denial-of-Service (DoS) vulnerability 2020-02-05
clamav -- Denial-of-Service (DoS) vulnerability 2019-11-25
clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability 2006-05-03
clamav -- heap overflow vulnerability 2006-08-08
clamav -- invalid pointer read that may cause a crash 2022-01-12
clamav -- MS-Expand file handling DoS vulnerability 2005-07-06
clamav -- Multipart Nestings Denial of Service 2006-12-12
clamav -- multiple remote buffer overflows 2005-07-25
clamav -- multiple remote Denial of Service vulnerabilities 2007-09-21
clamav -- Multiple vulnerabilites 2021-04-07
clamav -- Multiple vulnerabilities 2023-02-16
clamav -- Multiple vulnerabilities 2022-05-19
clamav -- multiple vulnerabilities 2020-05-14
clamav -- Multiple Vulnerabilities 2006-04-06
clamav -- multiple vulnerabilities 2018-01-26
clamav -- multiple vulnerabilities 2019-04-05
clamav -- multiple vulnerabilities 2012-06-16
clamav -- Multiple vulnerabilities 2024-02-07
clamav -- multiple vulnerabilities 2018-10-03
clamav -- Multiple Vulnerabilities 2008-04-15
clamav -- multiple vulnerabilities 2020-07-16
clamav -- multiple vulnerabilities 2007-06-19
clamav -- Multiple vulnerabilities 2024-09-09
clamav -- multiple vulnerabilities 2015-05-19
clamav -- multiple vulnerabilities 2019-08-21
clamav -- multiple vulnerabilities 2018-07-09
clamav -- off-by-one heap overflow in VBA project parser 2008-11-10
clamav -- Possible crash in the HTML file parser that could cause a denial-of-service (DoS) condition 2024-04-19
clamav -- Possible denial of service vulnerability in the AutoIt file parser 2023-08-16
clamav -- Possible denial of service vulnerability in the HFS+ file parser 2023-08-16
clamav -- possible heap overflow in the UPX code 2006-01-10
clamav -- zip handling DoS vulnerability 2005-03-26
clamav remote denial-of-service 2004-02-12
claws-mail -- APOP vulnerability 2007-04-19
claws-mail -- insecure temporary file creation 2008-01-22
claws-mail -- no bounds checking on the output buffer in conv_jistoeuc, conv_euctojis, conv_sjistoeuc 2016-01-19
claws-mail -- POP3 Format String Vulnerability 2007-08-27
Cleartext leak in libudisks 2022-10-22
Client/server denial of service when handling AES-CTR ciphers 2020-04-19
cloud-init -- sensitive data exposure in cloud-init logs 2023-04-29
cloud-init -- Wrong access permissions of authorized keys 2021-01-19
codeigniter -- arbitrary script execution in the new Form Validation class 2009-02-11
codeigniter -- file upload class vulnerability 2010-07-21
codeigniter -- input validation bypass 2017-11-23
codeigniter -- input validation bypass 2017-07-08
codeigniter -- multiple vulnerabilities 2017-03-05
codeigniter -- multiple vulnerabilities 2017-01-06
codeigniter -- multiple vulnerabilities 2017-01-06
codeigniter -- multiple vulnerabilities 2015-11-01
codeigniter -- multiple vulnerabilities 2017-04-25
codeigniter -- multiple vulnerabilities 2015-09-28
codeigniter -- multiple vulnerabilities 2015-09-28
codeigniter -- multiple XSS vulnerabilities 2015-10-20
codeigniter -- mysql database driver vulnerability 2015-09-28
codeigniter -- SQL injection vulnerability 2015-09-28
codeigniter -- SQL injection vulnerability 2015-09-28
collectd -- Network plugin heap overflow 2016-08-05
collectd5 -- Denial of service by sending a signed network packet to a server which is not set up to check signatures 2017-07-19
comms/hylafax -- Malformed fax sender remote code execution in JPEG support 2019-05-05
Composer -- Code execution and possible privilege escalation 2024-02-08
Composer -- Command injection vulnerability 2022-04-13
Composer -- Multiple command injections via malicious git/hg branch names 2024-06-10
Configobj -- Regular Expression Denial of Service attack 2024-08-29
consul -- Fix Consul Connect CA private key configuration 2020-12-06
Consul -- Multiple vulnerabilities 2021-04-17
consul -- rpc: authorize raft requests 2021-09-11
consul -- vulnerability in embedded DNS library 2018-02-16
Containous Traefik -- exposes the configuration and secret 2018-09-11
coppermine -- "file" Local File Inclusion Vulnerability 2006-05-22
coppermine -- File Inclusion Vulnerabilities 2006-05-22
coppermine -- IP spoofing and XSS vulnerability 2005-05-01
coppermine -- Multiple File Extensions Vulnerability 2006-05-22
coppermine -- multiple vulnerabilities 2008-02-25
coppermine -- Multiple vulnerabilities 2012-08-30
coppermine -- multiple vulnerabilities 2007-09-20
corkscrew -- buffer overflow vulnerability 2010-08-21
coturn -- information leakage 2020-07-02
couchdb -- administrator privilege escalation 2018-12-13
couchdb -- administrator privilege escalation 2018-08-08
couchdb -- DOM based Cross-Site Scripting via Futon UI 2013-05-26
couchdb -- information sharing via couchjs processes 2023-12-17
couchdb -- multiple vulnerabilities 2018-07-10
couchdb -- user privilege escalation 2021-10-12
Courier Authentication Library -- SQL Injection 2008-06-13
Courier mail services: remotely exploitable buffer overflows 2004-03-31
courier-imap -- format string vulnerability in debug mode 2004-08-22
cpio -- multiple vulnerabilities 2006-01-27
cpio -- multiple vulnerabilities 2015-03-31
Critical SQL injection in phpBB 2004-03-28
crossfire-server -- denial of service and remote code execution vulnerability 2006-04-23
cryptopp -- ElGamal implementation allows plaintext recovery 2022-02-24
cryptopp -- multiple vulnerabilities 2016-12-06
cscope -- buffer overflow 2009-06-16
cscope -- Buffer Overflow Vulnerabilities 2006-10-02
cscope -- buffer overflow vulnerabilities 2006-05-23
cscope -- multiple buffer overflows 2009-06-16
cscope -- symlink attack vulnerability 2004-12-07
cups -- Incomplete SSL Negotiation Denial of Service 2007-06-12
CUPS -- local information disclosure 2004-10-13
CUPS -- memory corruption 2020-06-24
cups -- multiple vulnerabilities 2015-06-09
cups -- multiple vulnerabilities 2008-10-10
CUPS -- multiple vulnerabilities 2019-08-16
cups -- off-by-one buffer overflow 2007-11-09
cups -- potential buffer overflow in PNG reading code 2008-11-29
cups -- print queue browser denial-of-service 2004-09-15
cups -- remote code execution and DNS rebinding 2009-05-07
cups-base -- CUPS server remote DoS vulnerability 2005-01-18
cups-base -- HPGL buffer overflow vulnerability 2005-01-17
cups-filters -- buffer overflow in texttopdf size allocation 2015-06-29
cups-filters -- code execution 2015-12-17
cups-filters -- code execution 2015-12-17
cups-filters -- remote code execution 2024-09-27
cups-filters -- texttopdf integer overflow 2015-07-03
cups-lpr -- lppasswd multiple vulnerabilities 2005-01-17
curl -- authentication buffer overflow vulnerability 2005-02-27
curl -- Automatic referer leaks credentials 2021-04-10
cURL -- buffer overflow 2016-12-22
curl -- Credentials not checked 2016-01-27
curl -- cURL/libcURL Location: Redirect URLs Security Bypass 2009-03-04
cURL -- Escape and unescape integer overflows 2016-09-14
curl -- expired pointer dereference vulnerability 2020-08-19
curl -- HTTP headers eat all memory 2023-09-13
cURL -- inappropriate GSSAPI delegation 2014-04-11
curl -- libcurl buffer overflow vulnerability 2010-04-19
curl -- multiple vulnerabilities 2023-03-05
cURL -- Multiple vulnerabilities 2021-07-21
cURL -- multiple vulnerabilities 2015-05-26
curl -- multiple vulnerabilities 2023-05-19
curl -- multiple vulnerabilities 2020-06-24
cURL -- Multiple vulnerabilities 2018-01-26
cURL -- Multiple vulnerabilities 2017-11-29
cURL -- multiple vulnerabilities 2016-11-02
cURL -- Multiple vulnerabilities 2020-12-09
curl -- multiple vulnerabilities 2019-02-07
curl -- multiple vulnerabilities 2023-03-20
cURL -- Multiple vulnerabilities 2021-09-17
curl -- multiple vulnerabilities 2018-11-01
cURL -- Multiple vulnerabilities 2022-04-28
cURL -- multiple vulnerabilities 2017-08-09
cURL -- Multiple vulnerabilities 2022-06-27
curl -- multiple vulnerabilities 2019-09-14
curl -- multiple vulnerabilities 2022-12-14
cURL -- multiple vulnerabilities 2018-05-16
curl -- multiple vulnerabilities 2019-05-25
curl -- Multiple vulnerabilities 2022-05-13
cURL -- Multiple Vulnerability 2015-06-17
cURL -- ocsp status validation error 2017-02-22
curl -- OCSP verification bypass with TLS session reuse 2024-02-28
cURL -- out of bounds read 2017-10-04
cURL -- out of bounds read 2017-10-23
curl -- password overflow vulnerability 2018-09-05
cURL -- potential memory disclosure 2017-04-05
cURL -- sensitive HTTP server headers also sent to proxies 2015-05-26
curl -- SMTP send heap buffer overflow 2018-07-27
curl -- SOCKS5 heap buffer overflow 2023-10-11
curl -- TFTP packet buffer overflow vulnerability 2006-03-20
curl -- TLS 1.3 session ticket proxy host mixup 2021-04-10
cURL -- TLS session resumption client cert bypass (again) 2017-04-20
cURL -- uninitialized random vulnerability 2016-12-24
curl -- URL buffer overflow vulnerability 2005-12-09
cURL -- URL file scheme drive letter buffer overflow 2017-06-15
cURL -- URL request injection vulnerability 2015-01-09
cURL library -- cert name check ignore with GnuTLS 2013-12-18
cURL library -- heap corruption in curl_easy_unescape 2013-06-23
cvs -- numerous vulnerabilities 2004-08-17
cvs -- Remote code execution via ssh command injection 2018-02-24
CVS path validation errors 2004-04-14
cvs pserver remote heap buffer overflow 2004-05-19
cvsbug -- race condition 2006-01-27
Cyrus IMAP pre-authentication heap overflow vulnerability 2004-05-12
Cyrus IMAPd -- APPEND command uses undefined programming construct 2004-11-22
Cyrus IMAPd -- FETCH command out of bounds memory corruption 2004-11-22
Cyrus IMAPd -- IMAPMAGICPLUS preauthentification overflow 2004-11-22
Cyrus IMAPd -- PARTIAL command out of bounds memory corruption 2004-11-22
Cyrus IMSPd multiple vulnerabilities 2004-09-20
cyrus-imapd -- broken "other users" behaviour 2017-09-10
cyrus-imapd -- buffer overrun in httpd 2019-05-27
cyrus-imapd -- integer overflow in the start_octet addition 2015-12-01
cyrus-imapd -- multiple buffer overflow vulnerabilities 2005-02-27
cyrus-imapd -- multiple-minute daemon hang via input that is mishandled during hash-table interaction 2021-09-01
cyrus-imapd -- Potential buffer overflow in Sieve 2009-09-09
cyrus-imapd -- Remote authenticated users could bypass intended access restrictions on certain server annotations. 2021-05-10
cyrus-imapd -- unbounded memory allocation 2024-06-05
cyrus-sasl -- buffer overflow vulnerability 2009-05-15
cyrus-sasl -- DIGEST-MD5 Pre-Authentication Denial of Service 2006-04-22
cyrus-sasl -- dynamic library loading and set-user-ID applications 2004-10-08
cyrus-sasl -- Escape password for SQL insert/update commands 2022-02-23
cyrus-sasl -- Fix off by one error 2022-02-28
cyrus-sasl -- potential buffer overflow in DIGEST-MD5 plugin 2004-10-12
darkhttpd -- DOS vulnerability 2022-11-08
Darwin Streaming Server denial-of-service vulnerability 2004-02-25
databases/mongodb* -- Improper Certificate Validation 2024-03-20
databases/postgresql*-client -- multiple vulnerabilities 2012-02-28
databases/postgresql*-server -- crypt vulnerabilities 2012-05-30
databases/postgresql*-server -- multiple vulnerabilities 2012-08-17
davmail -- fix potential CVE-2014-3566 vulnerability (POODLE) 2015-05-23
dbus -- incomplete fix for CVE-2014-3636 part A 2014-11-11
dbus -- local dos 2013-06-13
dbus -- local DoS 2014-06-14
dbus -- match_rule_equal() Weakness 2006-12-14
dbus -- multiple vulnerabilities 2014-07-03
dbus -- multiple vulnerabilities 2014-09-17
dbus file descriptor leak 2020-07-03
dbus-glib -- privledge escalation 2014-04-11
dcraw -- integer overflow condition 2015-05-15
dendrite -- Incorrect parsing of the event default power level in event auth 2022-08-15
dendrite -- Signature checks not applied to some retrieved missing events 2022-09-12
devel/ipython -- CSRF possible remote execution vulnerability 2015-07-13
devel/ipython -- multiple vulnerabilities 2015-10-10
devel/ipython -- remote execution 2015-06-22
devel/subversion -- contrib hook-scripts can allow arbitrary code execution 2013-05-31
devel/subversion -- fsfs repositories can be corrupted by newline characters in filenames 2013-05-31
devel/subversion -- svnserve remotely triggerable DoS 2013-05-31
devel/viewvc-devel is vulnerable to cross-site scripting 2023-01-05
devfs -- ruleset bypass 2005-08-05
dhcpcd -- multiple vulnerabilities 2016-01-08
dhcpcd -- remote code execution/denial of service 2016-04-17
dhcpcd -- remote code execution/denial of service 2016-04-17
dia -- remote command execution vulnerability 2009-02-17
dia -- XFig Import Plugin Buffer Overflow 2006-04-05
diffoscope -- arbitrary file write 2017-02-14
dillo -- format string vulnerability 2005-01-08
dino -- Insufficient message sender validation in Dino 2023-03-24
dino -- Path traversal in Dino file transfers 2021-06-08
dircproxy -- remote denial of service 2007-11-04
distcc -- incorrect parsing of IP access control rules 2004-10-03
Django -- AdminURLFieldWidget XSS 2019-06-06
Django -- Content spoofing possibility in the default 404 page 2019-01-05
django -- cross-site scripting vulnerability 2010-09-17
django -- CSRF protection bypass on a site with Google Analytics 2016-09-27
django -- denial-of-service attack 2009-10-16
django -- denial-of-service via large passwords 2013-09-22
django -- Fixed session flushing in the cached_db backend 2015-05-31
Django -- Incorrect HTTP detection with reverse-proxy connecting via HTTPS 2019-07-01
django -- information leak vulnerability 2015-11-30
Django -- information leakage 2018-02-02
Django -- multiple vulnerabilities 2023-05-05
Django -- multiple vulnerabilities 2024-07-10
django -- multiple vulnerabilities 2016-03-08
Django -- multiple vulnerabilities 2020-06-04
django -- multiple vulnerabilities 2014-08-21
Django -- multiple vulnerabilities 2024-03-04
Django -- multiple vulnerabilities 2023-09-04
Django -- multiple vulnerabilities 2023-10-05
django -- multiple vulnerabilities 2011-02-09
django -- multiple vulnerabilities 2013-01-06
django -- multiple vulnerabilities 2011-09-13
Django -- multiple vulnerabilities 2022-10-06
Django -- multiple vulnerabilities 2022-04-12
django -- multiple vulnerabilities 2015-03-27
django -- multiple vulnerabilities 2016-11-02
Django -- multiple vulnerabilities 2021-05-05
django -- multiple vulnerabilities 2013-09-12
django -- multiple vulnerabilities 2014-04-23
django -- multiple vulnerabilities 2013-02-24
django -- multiple vulnerabilities 2015-08-18
Django -- multiple vulnerabilities 2024-02-07
django -- multiple vulnerabilities 2012-10-24
Django -- multiple vulnerabilities 2023-02-14
Django -- multiple vulnerabilities 2022-01-06
Django -- multiple vulnerabilities 2023-07-03
django -- multiple vulnerabilities 2010-12-29
Django -- multiple vulnerabilities 2023-02-06
Django -- multiple vulnerabilities 2022-08-05
Django -- multiple vulnerabilities 2019-08-03
django -- multiple vulnerabilities 2017-04-04
django -- multiple vulnerabilities 2015-07-09
Django -- multiple vulnerabilities 2024-08-07
Django -- multiple vulnerabilities 2019-12-03
django -- multiple vulnerabilities 2012-07-31
Django -- multiple vulnerabilities 2022-07-04
django -- multiple vulnerabilities 2015-01-23
Django -- multiple vulnerabilities 2020-09-05
Django -- password hash disclosure 2018-10-03
Django -- possible XSS in traceback section of technical 500 debug page 2017-09-06
Django -- potential SQL injection vulnerability 2020-02-04
Django -- potential SQL injection vulnerability 2020-03-12
django -- regression in permissions model 2016-02-28
django -- XSS vulnerability 2008-05-14
django-cms -- XSS Vulnerability 2013-01-25
dnrd -- remote buffer and stack overflow vulnerabilities 2005-07-21
dns/bind9* -- A recursive resolver can be crashed by a query for a malformed zone 2013-06-06
dns/bind9* -- crash on deliberately constructed combination of records 2012-10-10
dns/bind9* -- Heavy DNSSEC Validation Load Can Cause a 'Bad Cache' Assertion Failure 2012-07-24
dns/bind9* -- Malicious Regex Can Cause Memory Exhaustion 2013-03-27
dns/bind9* -- servers using DNS64 can be crashed by a crafted query 2012-12-04
dns/bind9* -- Several vulnerabilities 2012-09-18
dns/bind9* -- zero-length RDATA can cause named to terminate, reveal memory 2012-06-04
dns/c-ares -- malformatted file causes application crash 2024-02-23
dns/nsd -- DoS vulnerability from non-standard DNS packet 2012-07-20
dnscrypt-proxy -- code execution 2016-02-10
dnsdist -- multiple vulnerabilities 2017-08-22
dnsdist -- Transfer requests received over DoH can lead to a denial of service 2024-05-13
dnsmasq -- cache poisoning vulnerability in certain configurations 2021-03-18
dnsmasq -- data exposure and denial of service 2015-05-23
dnsmasq -- denial of service 2016-06-30
dnsmasq -- DNS cache poisoning, and DNSSEC buffer overflow, vulnerabilities 2021-01-20
dnsmasq -- heap use-after-free in dhcp6_no_relay 2022-04-03
dnsmasq -- multiple vulnerabilities 2017-10-02
dnsmasq -- remotely exploitable buffer overflow in release candidate 2015-05-23
dnsmasq -- TFTP server remote code injection vulnerability 2009-09-02
DNSSEC validators -- denial-of-service/CPU exhaustion from KeyTrap and NSEC3 vulnerabilities 2024-02-13
doas -- Prevent passing of environment variables 2019-08-09
dojo -- cross-site scripting and other vulnerabilities 2010-04-06
Dokuwiki -- cross site scripting vulnerability 2012-04-23
Dokuwiki -- cross site scripting vulnerability 2012-07-18
Dokuwiki -- cross site scripting vulnerability 2011-06-20
dokuwiki -- Local File Inclusion with register_globals on 2009-06-04
dokuwiki -- multiple privilege escalation vulnerabilities 2011-01-24
dokuwiki -- multiple vulnerabilities 2006-09-30
dokuwiki -- multiple vulnerabilities 2006-06-11
dokuwiki -- multiple vulnerabilities 2006-09-30
dokuwiki -- multiple vulnerabilities 2010-01-18
dokuwiki -- spellchecker remote PHP code execution 2006-06-05
dokuwiki -- XSS vulnerability in spellchecker backend 2007-07-24
DomainKeys Identified Mail (DKIM) Verifiers may inappropriately convey message trust 2012-11-12
dovecot -- abort of SASL authentication results in a memory leak 2018-01-26
dovecot -- ACL plugin bypass vulnerabilities 2008-11-19
dovecot -- Buffer overflow reading extension header 2019-03-28
dovecot -- denial of service vulnerability 2011-08-19
Dovecot -- DoS 2024-08-16
dovecot -- Dovecot DoS when passdb dict was used for authentication 2017-04-30
Dovecot -- improper input validation 2019-08-28
dovecot -- Insecure directory permissions 2009-12-10
dovecot -- json encoder crash 2019-04-18
Dovecot -- Multiple vulnerabilities 2019-04-30
dovecot -- multiple vulnerabilities 2020-02-13
dovecot -- multiple vulnerabilities 2021-06-22
Dovecot -- Multiple vulnerabilities 2020-05-18
dovecot -- null pointer deref in notify with empty headers 2019-12-13
dovecot -- security hole in blocking passdbs 2008-03-10
dovecot -- Specific LDAP + auth cache configuration may mix up user logins 2007-12-29
dovecot-managesieve -- Script Name Directory Traversal Vulnerability 2008-12-07
dovecot-pigeonhole -- Sieve excessive resource usage 2021-06-22
dpkg -- stack-based buffer overflow 2015-12-25
dragonfly -- argument injection 2021-06-11
drm graphics drivers -- Local privilege escalation and denial of service 2019-11-20
drm graphics drivers -- potential information disclusure via local access 2020-01-15
dropbear -- arbitrary code execution 2012-03-04
dropbear -- authorized_keys command= bypass 2016-03-14
dropbear -- exposure of sensitive information, DoS 2013-10-17
dropbear -- multiple vulnerabilities 2016-09-15
Dropbear -- two vulnerabilities 2017-07-03
drupal -- Cross site request forgeries 2007-07-28
drupal -- cross site request forgeries 2006-10-18
drupal -- cross site request forgery 2008-01-11
drupal -- cross site scripting 2009-04-30
drupal -- cross site scripting (register_globals) 2008-01-11
drupal -- cross site scripting (utf8) 2008-01-11
drupal -- cross-site scripting 2009-05-14
drupal -- Drupal core - Access bypass 2019-07-21
drupal -- Drupal core - Arbitrary PHP code execution 2019-01-19
drupal -- Drupal core - Highly critical - Remote Code Execution 2019-02-21
drupal -- Drupal core - Moderately critical 2018-04-19
drupal -- Drupal core - Moderately critical 2019-04-25
drupal -- Drupal core - Moderately critical 2019-06-08
drupal -- Drupal core - Moderately critical - Cross Site Scripting 2019-03-27
drupal -- Drupal Core - Moderately critical - Third-party library 2020-04-17
drupal -- Drupal Core - Multiple Vulnerabilities 2018-04-16
drupal -- Drupal Core - Multiple Vulnerabilities 2017-08-19
drupal -- Drupal Core - Multiple Vulnerabilities 2017-07-06
drupal -- Drupal Core - Multiple Vulnerabilities 2018-10-22
drupal -- Drupal Core - Multiple Vulnerabilities 2019-12-21
drupal -- Drupal Core - Multiple Vulnerabilities 2018-02-25
drupal -- Drupal Core - Multiple Vulnerabilities 2018-05-03
drupal -- HTML attribute injection 2006-10-18
drupal -- multiple cross-site scripting 2009-12-25
drupal -- Multiple cross-site scripting vulnerabilities 2007-07-28
drupal -- multiple vulnerabilities 2009-02-04
drupal -- Multiple Vulnerabilities 2020-10-17
drupal -- multiple vulnerabilities 2012-02-07
drupal -- multiple vulnerabilities 2006-07-13
drupal -- multiple vulnerabilities 2007-01-05
drupal -- multiple vulnerabilities 2013-12-06
drupal -- multiple vulnerabilities 2005-12-01
drupal -- multiple vulnerabilities 2010-03-08
drupal -- multiple vulnerabilities 2016-06-17
drupal -- multiple vulnerabilities 2016-02-25
drupal -- Multiple Vulnerabilities 2020-05-22
drupal -- multiple vulnerabilities 2008-12-19
drupal -- multiple vulnerabilities 2008-07-13
drupal -- multiple vulnerabilities 2015-06-19
drupal -- multiple vulnerabilities 2015-08-22
drupal -- multiple vulnerabilities 2008-08-18
drupal -- multiple vulnerabilities 2008-10-12
drupal -- multiple vulnerabilities 2009-09-22
drupal -- multiple vulnerabilities 2006-03-17
drupal -- Multiple Vulnerabilities 2020-07-01
drupal -- multiple vulnerabilities 2009-07-13
drupal -- multiple vulnerabilities 2008-10-22
drupal -- multiple vulnerabilities 2013-01-20
drupal -- multiple vulnerabilities 2006-06-05
drupal -- multiple XSS vulnerabilities 2006-10-18
drupal -- open redirect vulnerability 2015-10-24
drupal -- PHP code execution vulnerabilities 2005-07-16
drupal -- SQL injection vulnerability 2007-12-12
drupal -- XSS vulnerability 2006-08-02
drupal --- multiple vulnerabilities 2007-10-24
Drupal Code -- Multiple Vulnerabilities 2016-11-25
Drupal Views plugin -- cross-site scripting 2010-12-28
drupal-pubcookie -- authentication may be bypassed 2006-09-13
drupal6 -- multiple vulnerabilities 2011-05-26
drupal6-cck -- cross-site scripting 2009-04-11
drupal7 -- Denial of service 2013-02-21
drupal7 -- fix possible CSS 2021-06-06
drupal7 -- multiple vulnerabilities 2012-10-31
drupal7 -- SQL injection 2014-10-16
drupal8 -- Drupal Core - Critical - Access Bypass 2017-04-21
drupal8 -- multiple vulnerabilities 2017-03-17
drupal9 -- multiple vulnerabilities 2022-08-20
dtc -- multiple vulnerabilities 2011-08-13
Dulwich -- Remote code execution 2015-04-17
duo -- Two-factor authentication bypass 2017-06-01
e107 -- code execution and XSS vulnerabilities 2010-04-20
e2fsprogs -- buffer overflow if s_first_meta_bg too big 2015-02-24
e2fsprogs -- heap buffer overflow 2007-12-20
e2fsprogs -- maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck 2019-12-21
e2fsprogs -- out-of-bounds read/write vulnerability 2022-06-05
e2fsprogs -- potential buffer overflow in closefs() 2015-02-24
e2fsprogs -- potential buffer overrun bugs in the blkid library and in the fsck program 2018-03-14
e2fsprogs -- rehash.c/pass 3a mutate_name() code execution vulnerability 2020-01-08
eb -- Potential buffer overrun vulnerability 2022-04-26
ecartis -- unauthorised access to admin interface 2004-12-21
ecartis buffer overflows and input validation bugs 2004-03-29
ee -- temporary file privilege escalation 2006-01-27
eggdrop -- denial of service vulnerability 2009-05-30
egroupware -- arbitrary file download in JiNN 2005-01-21
egroupware -- multiple cross-site scripting (XSS) and SQL injection vulnerabilities 2005-07-23
egroupware -- two vulnerabilities 2010-03-11
ejabberd -- cross-site scripting vulnerability 2009-04-17
ejabberd -- queue overload denial of service vulnerability 2010-04-19
ejabberd -- remote denial of service vulnerability 2011-06-24
ekg -- insecure temporary file creation 2005-07-08
elasticsearch -- cross site scripting vulnerability in the CORS functionality 2015-06-26
elasticsearch -- directory traversal attack via snapshot API 2015-08-05
elasticsearch -- directory traversal attack with site plugins 2015-06-26
elasticsearch -- remote code execution via transport protocol 2015-08-05
elasticsearch -- remote OS command execution via Groovy scripting engine 2015-06-26
elasticsearch -- security fix for shared file-system repositories 2015-06-26
elasticsearch and logstash -- remote OS command execution via dynamic scripting 2015-06-26
electron -- vulnerability 2023-05-18
electron22 -- multiple vulnerabilities 2023-06-22
electron22 -- multiple vulnerabilities 2023-07-14
electron22 -- multiple vulnerabilities 2023-08-31
electron22 -- multiple vulnerabilities 2023-09-13
electron22 -- multiple vulnerabilities 2023-06-16
electron23 -- multiple vulnerabilities 2023-06-16
electron24 -- multiple vulnerabilities 2023-06-16
electron24 -- multiple vulnerabilities 2023-08-31
electron25 -- multiple vulnerabilities 2023-12-07
electron25 -- multiple vulnerabilities 2023-08-24
electron25 -- multiple vulnerabilities 2023-12-01
electron25 -- multiple vulnerabilities 2023-08-31
electron25 -- Use after free in extensions vulnerability 2023-10-12
electron26 -- multiple vulnerabilities 2024-01-04
electron26 -- multiple vulnerabilities 2023-12-01
electron26 -- Out of bounds memory access in V8 2024-01-19
electron27 -- multiple vulnerabilities 2024-02-23
electron27 -- multiple vulnerabilities 2024-01-04
electron28 -- multiple vulnerabilities 2024-05-25
electron29 -- multiple vulnerabilities 2024-07-19
electron29 -- multiple vulnerabilities 2024-05-09
electron29 -- multiple vulnerabilities 2024-07-13
electron29 -- multiple vulnerabilities 2024-06-28
electron29 -- multiple vulnerabilities 2024-05-08
electron29 -- setuid() does not affect libuv's internal io_uring 2024-05-17
electron29 -- use after free in Dawn 2024-05-25
electron30 -- multiple vulnerabilities 2024-07-13
electron31 -- multiple vulnerabilities 2024-08-18
electron31 -- multiple vulnerabilities 2024-10-24
electron32 -- multiple vulnerabilities 2024-11-08
electron32 -- multiple vulnerabilities 2024-10-23
electron{22,23,24,25} -- multiple vulnerabilities 2023-08-07
electron{22,24,25} -- Heap buffer overflow in vp8 encoding in libvpx 2023-09-29
electron{22,24} -- multiple vulnerabilities 2023-08-24
electron{23,24} -- multiple vulnerabilities 2023-06-22
electron{23,24} -- multiple vulnerabilities 2023-07-06
electron{24,25} -- multiple vulnerabilities 2023-09-13
electron{25,26} -- multiple vulnerabilities 2023-11-09
electron{25,26} -- use after free in Garbage Collection 2023-11-22
electron{25,26} -- Use after free in Site Isolation 2023-10-19
electron{25,26} -- use after free in WebAudio 2023-11-16
electron{26,27,28} -- Use after free in Web Audio 2024-02-01
electron{26,27} -- multiple vulnerabilities 2024-01-12
electron{26,27} -- multiple vulnerabilities 2024-01-17
electron{26,27} -- multiple vulnerabilities 2023-12-22
electron{27,28,29} -- multiple vulnerabilities 2024-04-18
electron{27,28} -- multiple vulnerabilities 2024-04-05
electron{27,28} -- Object lifecycle issue in V8 2024-03-29
electron{27,28} -- Out of bounds memory access in V8 2024-04-11
electron{27,28} -- Out of bounds memory access in V8 2024-03-14
electron{27,28} -- Use after free in Mojo 2024-02-29
electron{27,28} -- vulnerability in libxml2 2024-03-07
electron{29,30} -- multiple vulnerabilities 2024-08-18
electron{31,32} -- multiple vulnerabilities 2024-10-18
electrum -- JSONRPC vulnerability 2018-02-11
element-web -- Cross site scripting in Export Chat feature 2023-07-18
element-web -- matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting 2023-04-26
element-web -- Potential exposure of access token via authenticated media 2024-10-15
ElGamal sign+encrypt keys created by GnuPG can be compromised 2003-12-12
elinks -- buffer overflow vulnerability 2009-10-25
elm -- remote buffer overflow in Expires header 2005-08-23
emacs -- arbitary shell command execution vulnerability of ctags 2023-01-12
emacs -- Arbitrary shell code evaluation vulnerability 2024-06-23
emacs -- enriched text remote code execution vulnerability 2017-09-12
emacs -- movemail format string vulnerability 2005-02-14
emacs -- multiple vulnerabilities 2024-03-26
emacs -- multiple vulnerabilities 2023-02-27
emacs -- remote code execution vulnerability 2012-09-08
emacs -- run-python vulnerability 2008-11-07
End of Life Ports 2017-01-06
End of Life Ports 2016-08-18
Enhanced cTorrent -- stack-based overflow 2009-10-28
enscript -- arbitrary code execution vulnerability 2008-11-18
enscript -- multiple vulnerabilities 2005-02-11
eog -- out-of-bounds write 2016-08-22
eperl -- Remote code execution 2012-09-26
epiphany -- untrusted search path vulnerability 2009-03-11
Erlang -- ssh library uses a weak random number generator 2011-05-25
ethereal -- Multiple Protocol Dissector Vulnerabilities 2006-04-27
ethereal -- multiple protocol dissectors vulnerabilities 2005-06-24
ethereal -- multiple protocol dissectors vulnerabilities 2005-02-08
ethereal -- multiple protocol dissectors vulnerabilities 2005-03-14
ethereal -- multiple protocol dissectors vulnerabilities 2005-07-30
ethereal -- multiple vulnerabilities 2004-12-23
ettercap -- buffer overflow in target list parsing 2013-01-16
ettercap -- out-of-bound read vulnerability 2019-07-03
evince -- Buffer Overflow Vulnerability 2006-12-14
evince and atril -- command injection vulnerability in CBT handler 2017-07-13
evolution -- arbitrary code execution vulnerability 2005-01-25
evolution -- remote format string vulnerabilities 2005-08-27
evolution-data-server -- remote execution of arbitrary code vulnerability 2007-06-25
exim -- a buffer overflow vulnerability, remote code execution 2018-02-10
exim -- DKIM private key leak 2016-12-25
Exim -- heap-based buffer overflow in string_vformat leading to RCE 2019-09-29
exim -- local privilege escalation 2011-02-10
exim -- local privilege escalation 2011-01-08
exim -- local privillege escalation 2016-03-02
exim -- Privilege escalation via multiple memory leaks 2017-06-21
Exim -- RCE in ${sort} expansion 2019-07-25
Exim -- RCE in deliver_message() function 2019-06-06
Exim -- RCE with root privileges in TLS SNI handler 2019-09-06
Exim -- remote code execution 2012-10-26
Exim -- remote code execution and information disclosure 2011-05-14
exim -- remote code execution, deny of service in BDAT 2017-11-27
exim -- remote DoS attack in BDAT processing 2017-11-30
exim -- two buffer overflow vulnerabilities 2005-01-05
exim buffer overflow when verify = header_syntax is used 2004-05-06
Exiv2 -- Multiple vulnerabilities 2021-06-30
exiv2 -- Out-of-bounds read in AsfVideo::streamProperties 2024-09-07
expat -- denial of service vulnerability on malformed input 2016-05-20
expat -- Heap use-after-free vulnerability 2022-09-27
expat -- multiple vulnerabilities 2016-06-09
expat -- multiple vulnerabilities 2018-07-05
expat -- multiple vulnerabilities 2024-09-24
expat2 -- buffer over-read and crash 2009-12-08
expat2 -- denial of service 2016-06-30
expat2 -- Fix extraction of namespace prefixes from XML names 2019-09-17
expat2 -- Fix extraction of namespace prefixes from XML names 2019-09-16
expat2 -- Parser crash with specially formatted UTF-8 sequences 2009-12-08
extman -- password bypass vulnerability 2008-04-25
eyeOS -- multiple XSS security bugs 2006-09-25
ez-ipupdate -- format string vulnerability 2004-11-11
ezbounce remote format string vulnerability 2004-03-26
f2c -- insecure temporary files 2006-04-10
faad2 -- heap overflow vulnerability 2008-11-12
fail2ban -- possible RCE vulnerability in mailing action using mailutils 2021-10-28
fbsdmon -- information disclosure vulnerability 2017-02-21
fcron -- multiple vulnerabilities 2005-01-21
fd_set -- bitmap index overflow in multiple applications 2005-06-17
fetchmail -- 6.4.19 and older denial of service or information disclosure 2021-07-28
fetchmail -- address parsing vulnerability 2003-10-25
fetchmail -- chosen plaintext attack against SSL CBC initialization vectors 2012-08-30
fetchmail -- crash when bouncing a message 2006-01-23
fetchmail -- crashes when refusing a message bound for an MDA 2007-01-06
fetchmail -- denial of service on reject of local warning message 2007-09-02
fetchmail -- denial of service vulnerability 2010-04-20
fetchmail -- denial of service/crash from malicious POP3 server 2005-07-22
fetchmail -- denial-of-service vulnerability 2004-02-25
fetchmail -- fetchmailconf local password exposure 2005-10-30
fetchmail -- heap overflow on verbose X.509 display 2010-02-12
fetchmail -- improper SSL certificate subject verification 2009-08-11
fetchmail -- insecure APOP authentication 2007-04-09
fetchmail -- null pointer dereference in multidrop mode with headerless email 2005-12-19
fetchmail -- potential crash in -v -v verbose mode 2008-06-20
fetchmail -- potential crash in -v -v verbose mode (revised patch) 2008-07-01
fetchmail -- remote root/code injection from malicious POP3 server 2005-07-20
fetchmail -- STARTTLS bypass vulnerabilities 2021-08-26
fetchmail -- STARTTLS denial of service 2011-06-06
fetchmail -- TLS enforcement problem/MITM attack/password exposure 2007-01-06
fetchmail -- two vulnerabilities in NTLM authentication 2012-08-14
ffmpeg -- 4xm processing memory corruption vulnerability 2009-03-16
ffmpeg -- heap overflow in lavf/mov.c 2017-02-12
ffmpeg -- libavcodec buffer overflow vulnerability 2005-12-07
ffmpeg -- multiple vulnerabilities 2015-12-02
ffmpeg -- multiple vulnerabilities 2015-12-28
ffmpeg -- multiple vulnerabilities 2018-07-27
ffmpeg -- multiple vulnerabilities 2015-09-20
ffmpeg -- multiple vulnerabilities 2012-01-14
ffmpeg -- multiple vulnerabilities 2023-04-07
FFmpeg -- multiple vulnerabilities 2017-10-12
ffmpeg -- multiple vulnerabilities 2015-06-02
ffmpeg -- out-of-bounds array access 2015-09-01
ffmpeg -- remote attacker can access local files 2016-01-17
ffmpeg -- remote denial of service in JPEG2000 decoder 2016-02-06
ffmpeg -- use-after-free 2015-09-01
fidogate -- write files as `news' user 2004-08-22
file -- buffer overruns and missing buffer size tests 2014-08-21
file -- denial of service 2014-03-03
file -- Heap buffer overflow possible 2019-11-02
file -- multiple vulnerabilities 2015-01-02
file -- out-of-bounds access in search rules with offsets from input file 2014-03-29
File deletion through document upload process in GLPI 2023-10-11
file disclosure in phpMyAdmin 2004-02-22
file-roller -- path traversal vulnerability 2016-10-12
findutils -- GNU locate heap buffer overrun 2007-06-01
firebird -- multiple remote buffer overflow vulnerabilities 2007-10-04
firebird -- Remote Stack Buffer Overflow 2013-03-06
firefox & mozilla -- buffer overflow vulnerability 2005-09-10
firefox & mozilla -- command line URL shell command injection 2005-09-22
firefox & mozilla -- multiple vulnerabilities 2005-07-16
firefox & mozilla -- multiple vulnerabilities 2005-09-23
firefox -- arbitrary code execution from sidebar panel 2005-03-24
firefox -- arbitrary code execution in sidebar panel 2005-04-16
firefox -- Arbitrary code execution through unsanitized browser UI 2018-01-29
firefox -- Crash in TransportSecurityInfo due to cached data 2018-09-21
firefox -- Cross-origin restriction bypass using Fetch 2015-10-16
firefox -- Dangling pointer crash regression from plugin parameter array fix 2010-08-09
firefox -- denial of service vulnerability 2006-05-03
firefox -- Heap buffer overflow rasterizing paths in SVG with Skia 2018-06-08
firefox -- integer overflow in createImageBitmap() 2017-03-18
firefox -- javascript garbage collector vulnerability 2008-04-25
firefox -- multiple remote unspecified memory corruption vulnerabilities 2007-11-27
firefox -- multiple vulnerabilities 2024-10-03
firefox -- multiple vulnerabilities 2024-09-05
firefox -- multiple vulnerabilities 2024-08-30
firefox -- Multiple vulnerabilities 2024-08-23
firefox -- multiple vulnerabilities 2024-08-13
firefox -- multiple vulnerabilities 2009-02-11
firefox -- OnUnload Javascript browser entrapment vulnerability 2007-10-22
firefox -- PLUGINSPAGE privileged javascript execution 2005-04-16
firefox -- Potential memory corruption and exploitable crash 2024-09-07
firefox -- Re-use of freed object due to scope confusion 2010-04-05
firefox -- Same-origin-policy violation using Service Workers with plugins 2016-02-15
firefox -- use-after-free code execution 2024-10-10
firefox -- WOFF heap corruption due to integer overflow 2010-03-23
fish -- local privilege escalation and remote code execution 2014-09-29
Fix a buffer overflow in the tiff reader 2018-07-26
flac -- fix encoder bug 2022-02-24
flac -- media file processing integer overflow vulnerabilities 2007-11-13
flac -- Multiple vulnerabilities 2014-11-25
FLAC -- out-of-bounds read 2021-05-08
flac123 -- stack overflow in comment parsing 2007-06-28
flash -- multiple vulnerabilities 2016-06-19
flash -- multiple vulnerabilities 2015-12-29
flash -- multiple vulnerabilities 2015-10-14
flash -- multiple vulnerabilities 2015-09-28
flash -- multiple vulnerabilities 2016-02-10
flash -- multiple vulnerabilities 2015-12-08
flash -- multiple vulnerabilities 2016-03-31
flash -- multiple vulnerabilities 2017-01-11
flash -- multiple vulnerabilities 2016-11-10
flash -- multiple vulnerabilities 2015-11-14
flash -- multiple vulnerabilities 2016-10-24
flash -- multiple vulnerabilities 2016-06-19
flash -- multiple vulnerabilities 2016-06-19
flash -- multiple vulnerabilities 2016-07-16
flash -- remote code execution 2015-10-16
flash -- remote code execution 2016-10-27
Flash Player -- arbitrary code execution 2019-05-14
Flash Player -- arbitrary code execution 2018-05-09
Flash Player -- arbitrary code execution 2019-06-11
Flash Player -- arbitrary code execution 2020-10-13
Flash Player -- arbitrary code execution 2020-06-09
Flash Player -- arbitrary code execution 2018-11-20
Flash Player -- arbitrary code execution 2020-02-11
Flash Player -- information disclosure 2018-09-11
Flash Player -- information disclosure 2018-11-13
Flash Player -- information disclosure 2018-01-09
Flash Player -- information disclosure 2019-02-12
Flash player -- Multiple security vulnerabilities in www/linux-*-flashplugin11 2014-09-25
Flash Player -- multiple vulnerabilities 2018-04-10
Flash Player -- multiple vulnerabilities 2018-07-11
Flash Player -- multiple vulnerabilities 2018-02-06
Flash Player -- multiple vulnerabilities 2017-03-16
Flash Player -- multiple vulnerabilities 2017-09-12
Flash Player -- multiple vulnerabilities 2019-09-10
Flash Player -- multiple vulnerabilities 2017-11-16
Flash Player -- multiple vulnerabilities 2018-08-14
Flash Player -- multiple vulnerabilities 2017-07-13
Flash Player -- multiple vulnerabilities 2018-03-13
Flash Player -- multiple vulnerabilities 2018-12-06
Flash Player -- multiple vulnerabilities 2017-06-15
Flash Player -- multiple vulnerabilities 2018-06-07
Flash Player -- multiple vulnerabilities 2019-04-10
Flash Player -- multiple vulnerabilities 2017-08-10
Flash Player -- Remote code execution 2017-10-17
flyspray -- authentication bypass 2007-09-19
flyspray -- cross-site scripting vulnerabilities 2005-11-10
flyspray -- multiple vulnerabilities 2008-10-25
fontconfig -- insufficiently cache file validation 2016-08-21
foreman-proxy SSL verification issue 2014-10-09
forgejo -- HTTP/2 CONTINUATION flood in net/http 2024-04-11
forgejo -- multiple issues 2024-04-11
forgejo -- multiple vulnerabilities 2024-10-29
forgejo -- multiple vulnerabilities 2024-09-06
forgejo -- The scope of application tokens was not verified when writing containers or Conan packages. 2024-08-30
Format string vulnerability in SSLtelnet 2004-07-05
foswiki -- Script Insertion Vulnerability via unchecked user registration fields 2012-05-21
FreeBSD -- 802.11 heap buffer overflow 2022-04-07
FreeBSD -- AIO credential reference count leak 2022-08-10
FreeBSD -- amd64 swapgs local privilege escalation 2008-09-05
FreeBSD -- arc4random(9) predictable sequence vulnerability 2009-01-05
FreeBSD -- arm64 boot CPUs may lack speculative execution protections 2023-10-04
FreeBSD -- bhyve - privilege escalation vulnerability 2016-10-25
FreeBSD -- Bhyve e82545 device emulation out-of-bounds write 2022-04-07
FreeBSD -- Bhyve out-of-bounds read in XHCI device 2019-07-30
FreeBSD -- bhyve privilege escalation via VMCS access 2020-09-16
FreeBSD -- bhyve privileged guest escape via fwctl 2023-08-31
FreeBSD -- bhyve SVM guest escape 2020-09-16
FreeBSD -- bhyve(8) out-of-bounds read access via XHCI emulation 2024-09-20
FreeBSD -- bhyve(8) privileged guest escape via TPM device passthrough 2024-09-05
FreeBSD -- bhyve(8) privileged guest escape via USB controller 2024-09-05
FreeBSD -- bhyve(8) virtual machine escape 2016-12-06
FreeBSD -- bhyveload(8) host file access 2024-02-14
FreeBSD -- BIND named(8) cache poisoning with DNSSEC validation 2010-10-24
FreeBSD -- BIND remote denial of service 2013-04-02
FreeBSD -- BIND remote DoS with deliberately crafted DNS64 query 2013-02-21
FreeBSD -- bootpd buffer overflow 2018-12-19
FreeBSD -- bsnmpd remote denial of service vulnerability 2016-08-11
FreeBSD -- Buffer overflow in handling of UNIX socket addresses 2012-01-29
FreeBSD -- Buffer overflow in keyboard driver 2016-08-11
FreeBSD -- Buffer overflow in stdio 2016-08-11
FreeBSD -- Buffer overflow in tcpdump(1) 2007-08-02
FreeBSD -- copy_file_range insufficient capability rights check 2023-10-04
FreeBSD -- Cross-mount links between nullfs(5) mounts 2013-09-19
FreeBSD -- Cross-site request forgery in ftpd(8) 2009-01-05
FreeBSD -- Deadlock in the NFS server 2016-08-11
FreeBSD -- Denial of service attack against sshd(8) 2016-08-11
FreeBSD -- Denial of Service in TCP packet processing 2016-08-11
FreeBSD -- Denial of Service with IPv6 Router Advertisements 2016-08-11
FreeBSD -- Devfs / VFS NULL pointer race condition 2009-10-06
FreeBSD -- devfs rules not applied by default for jails 2016-08-11
FreeBSD -- dhclient heap overflow 2020-09-02
FreeBSD -- DNS cache poisoning 2008-07-13
FreeBSD -- double free in accept_filter(9) socket configuration interface 2021-04-07
FreeBSD -- EAP-pwd message reassembly issue with unexpected fragment 2019-04-23
FreeBSD -- EAP-pwd missing commit validation 2019-04-23
FreeBSD -- EAP-pwd side-channel attack 2019-04-23
FreeBSD -- errors handling corrupt compress file in compress(1) and gzip(1) 2012-01-29
FreeBSD -- File description reference count leak 2019-07-30
FreeBSD -- File description reference count leak 2019-02-11
FreeBSD -- FPU information disclosure 2006-04-19
FreeBSD -- ftpd privilege escalation via ftpchroot feature 2020-09-16
FreeBSD -- GELI silently omits the keyfile if read from stdin 2023-08-31
FreeBSD -- glob(3) related resource exhaustion 2013-02-21
FreeBSD -- heap overflow in file(1) 2007-05-23
FreeBSD -- Heap overflow vulnerability in bspatch 2016-10-10
FreeBSD -- Heap vulnerability in bspatch 2016-08-11
FreeBSD -- heimdal KDC-REP service name validation vulnerability 2017-10-03
FreeBSD -- ICMP/ICMP6 packet filter bypass in pf 2019-07-30
FreeBSD -- ICMPv6 / MLDv2 out-of-bounds memory access 2019-10-24
FreeBSD -- ICMPv6 use-after-free in error message handling 2020-12-02
FreeBSD -- iconv buffer overflow 2019-07-30
FreeBSD -- iconv(3) NULL pointer dereference and out-of-bounds array access 2016-08-11
FreeBSD -- Improper checking in SCTP-AUTH shared key update 2020-05-12
FreeBSD -- Improper ELF header parsing 2018-09-12
FreeBSD -- Improper environment sanitization in rtld(1) 2010-10-24
FreeBSD -- Inappropriate directory permissions in freebsd-update(8) 2010-10-24
FreeBSD -- Incorrect argument handling in sendmsg(2) 2016-08-11
FreeBSD -- Incorrect argument validation in sysarch(2) 2016-08-11
FreeBSD -- Incorrect crypt() hashing 2012-06-27
FreeBSD -- Incorrect error handling in PAM policy parser 2016-08-11
FreeBSD -- Incorrect handling of zero-length RDATA fields in named(8) 2012-06-27
FreeBSD -- Incorrect libcap_net limitation list manipulation 2023-11-08
FreeBSD -- Incorrect privilege validation in the NFS server 2016-08-09
FreeBSD -- Incorrect user-controlled pointer use in epair 2020-03-19
FreeBSD -- Infinite loop in SACK handling 2006-02-14
FreeBSD -- Information leak in kldstat(2) 2017-12-06
FreeBSD -- Insecure default GELI keyfile permissions 2016-08-11
FreeBSD -- Insecure default snmpd.config permissions 2016-08-11
FreeBSD -- Insufficient bounds checking in bhyve(8) device model 2018-12-10
FreeBSD -- Insufficient credential checks in network ioctl(2) 2013-09-19
FreeBSD -- Insufficient cryptodev MAC key length check 2020-05-12
FreeBSD -- Insufficient environment sanitization in jail(8) 2010-10-24
FreeBSD -- Insufficient ixl(4) ioctl(2) privilege checking 2020-03-19
FreeBSD -- Insufficient message length validation for EAP-TLS messages 2012-11-24
FreeBSD -- Insufficient message length validation in bsnmp library 2019-10-24
FreeBSD -- Insufficient oce(4) ioctl(2) privilege checking 2020-03-19
FreeBSD -- Insufficient packet length validation in libalias 2020-05-12
FreeBSD -- Insufficient validation of guest-supplied data (e1000 device) 2019-10-24
FreeBSD -- Integer overflow in bzip2 decompression 2010-10-24
FreeBSD -- Integer overflow in IGMP protocol 2016-08-11
FreeBSD -- integer overflow in IP_MSFILTER 2016-08-09
FreeBSD -- Integer overflow in libnv 2024-09-20
FreeBSD -- Intel CPU Microcode Update 2019-11-25
FreeBSD -- ipfilter(4) fragment handling panic 2017-05-26
FreeBSD -- ipfw invalid mbuf handling 2020-04-21
FreeBSD -- ipsec crash or denial of service 2018-04-05
FreeBSD -- ipsec validation and use-after-free 2018-03-14
FreeBSD -- IPv6 fragment reassembly panic in pf(4) 2019-07-30
FreeBSD -- IPv6 Hop-by-Hop options use-after-free bug 2020-09-02
FreeBSD -- IPv6 Neighbor Discovery Protocol routing vulnerability 2009-01-05
FreeBSD -- IPv6 remote Denial-of-Service 2019-10-24
FreeBSD -- IPv6 Routing Header 0 is dangerous 2007-04-28
FreeBSD -- IPv6 socket option race condition and use after free 2020-07-10
FreeBSD -- jail escape possible by mounting over jail root 2021-04-07
FreeBSD -- Jail rc.d script privilege escalation 2007-02-27
FreeBSD -- jail(2) information leak 2024-02-14
FreeBSD -- jail_attach(2) relies on the caller to change the cwd 2021-02-25
FreeBSD -- jail_remove(2) fails to kill all jailed processes 2021-02-25
FreeBSD -- Kernel data leak via ptrace(PT_LWPINFO) 2017-12-06
FreeBSD -- kernel memory disclosure from /dev/midistat 2019-10-24
FreeBSD -- Kernel memory disclosure in control messages and SCTP 2016-08-11
FreeBSD -- Kernel memory disclosure in firewire(4) 2007-02-27
FreeBSD -- Kernel memory disclosure in freebsd32_ioctl 2019-07-30
FreeBSD -- Kernel memory disclosure in sctp(4) 2016-08-09
FreeBSD -- Kernel memory disclosure with nested jails 2020-03-19
FreeBSD -- kernel stack data disclosure 2020-01-29
FreeBSD -- Kernel stack disclosure in 4.3BSD compatibility layer 2016-08-11
FreeBSD -- Kernel stack disclosure in Linux compatibility layer 2016-08-11
FreeBSD -- Kernel stack disclosure in setlogin(2) / getlogin(2) 2016-08-11
FreeBSD -- Kernel stack disclosure in UFS/FFS 2019-07-30
FreeBSD -- kqueue pipe race conditions 2009-10-06
FreeBSD -- ktrace kernel memory disclosure 2016-08-11
FreeBSD -- ktrace(2) fails to detach when executing a setuid binary 2024-09-20
FreeBSD -- L1 Terminal Fault (L1TF) Kernel Information Disclosure 2018-08-22
FreeBSD -- Lazy FPU State Restore Information Disclosure 2018-06-21
FreeBSD -- libc stdio buffer overflow 2023-11-08
FreeBSD -- libfetch buffer overflow 2020-01-29
FreeBSD -- libfetch out of bounds read 2021-08-25
FreeBSD -- link_ntoa(3) buffer overflow 2016-12-06
FreeBSD -- Linux compatibility layer incorrect futex handling 2016-08-11
FreeBSD -- Linux compatibility layer input validation error 2012-11-24
FreeBSD -- Linux compatibility layer issetugid(2) system call 2016-08-11
FreeBSD -- Linux compatibility layer setgroups(2) system call 2016-08-11
FreeBSD -- Local kernel memory disclosure 2006-02-14
FreeBSD -- Local privilege escalation in IRET handler 2016-08-11
FreeBSD -- login.access fails to apply rules 2021-02-25
FreeBSD -- Lost mbuf flag resulting in data corruption 2010-10-24
FreeBSD -- Machine Check Exception on Page Size Change 2019-11-25
FreeBSD -- Memory disclosure by stale virtual memory mapping 2022-08-10
FreeBSD -- Memory disclosure by stale virtual memory mapping 2021-04-07
FreeBSD -- Memory disclosure vulnerability in libalias 2020-05-12
FreeBSD -- memory leak in sandboxed namei lookup 2016-08-11
FreeBSD -- Microarchitectural Data Sampling (MDS) 2019-07-30
FreeBSD -- Mishandling of x86 debug exceptions 2018-05-08
FreeBSD -- Missing bounds check in 9p message handling 2022-08-10
FreeBSD -- Missing error handling in bhyve(8) device models 2021-08-25
FreeBSD -- Missing IPsec anti-replay window check 2020-01-29
FreeBSD -- Missing message validation in libradius(3) 2021-05-27
FreeBSD -- mpr/mps/mpt driver ioctl heap out-of-bounds write 2022-04-07
FreeBSD -- msdosfs data disclosure 2023-10-04
FreeBSD -- Multiple Denial of Service vulnerabilities with named(8) 2012-11-24
FreeBSD -- Multiple integer overflows in expat (libbsdxml) XML parser 2016-08-11
FreeBSD -- Multiple issues in ctl(4) CAM Target Layer 2024-09-05
FreeBSD -- Multiple libarchive vulnerabilities 2016-10-10
FreeBSD -- Multiple ntp vulnerabilities 2016-08-11
FreeBSD -- Multiple OpenSSL vulnerabilities 2016-08-11
FreeBSD -- Multiple portsnap vulnerabilities 2016-10-10
FreeBSD -- Multiple vulnerabilities in bzip2 2019-10-24
FreeBSD -- Multiple vulnerabilities in file(1) and libmagic(3) 2016-08-11
FreeBSD -- Multiple vulnerabilities in Heimdal 2023-08-31
FreeBSD -- Multiple vulnerabilities in libnv 2024-09-05
FreeBSD -- Multiple vulnerabilities in NFS server code 2018-12-10
FreeBSD -- Multiple vulnerabilities in OpenSSL 2023-08-31
FreeBSD -- Multiple vulnerabilities in rtsold 2020-12-02
FreeBSD -- Multiple vulnerabilities of ntp 2017-05-26
FreeBSD -- Multiple vulnerabilities of ntp 2016-12-22
FreeBSD -- named(8) DNSSEC validation Denial of Service 2012-08-07
FreeBSD -- netgraph / bluetooth privilege escalation 2009-01-05
FreeBSD -- Network ACL mishandling in mountd(8) 2012-01-29
FreeBSD -- Network authentication attack via pam_krb5 2023-08-31
FreeBSD -- Network authentication attack via pam_krb5 2023-08-31
FreeBSD -- NFS client accepts file names containing path separators 2024-09-20
FreeBSD -- NFS client data corruption and kernel memory disclosure 2023-12-13
FreeBSD -- NFS remote denial of service 2013-04-29
FreeBSD -- nmount(2) local arbitrary code execution 2008-09-05
FreeBSD -- ntpd mode 7 denial of service 2010-10-24
FreeBSD -- OpenSSH Denial of Service vulnerability 2017-10-03
FreeBSD -- OpenSSH multiple vulnerabilities 2017-01-11
FreeBSD -- OpenSSH pre-authentication double free 2023-08-31
FreeBSD -- OpenSSH Remote Denial of Service vulnerability 2016-10-29
FreeBSD -- OpenSSL multiple vulnerabilities 2012-06-27
FreeBSD -- OpenSSL multiple vulnerabilities 2013-04-02
FreeBSD -- OpenSSL multiple vulnerabilities 2017-12-10
FreeBSD -- OpenSSL multiple vulnerabilities 2017-12-06
FreeBSD -- OpenSSL Remote DoS vulnerability 2016-11-02
FreeBSD -- OPIE off-by-one stack overflow 2010-10-24
FreeBSD -- Out of bound read in elf_note_prpsinfo() 2022-08-10
FreeBSD -- pam_ssh improperly grants access when user account has unencrypted SSH private keys 2012-01-29
FreeBSD -- pam_ssh() does not validate service names 2012-01-29
FreeBSD -- pf incorrectly handles multiple IPv6 fragment headers 2023-09-07
FreeBSD -- pf incorrectly matches different ICMPv6 states in the state table 2024-09-20
FreeBSD -- POSIX shm allows jails to access global namespace 2017-12-06
FreeBSD -- posix_spawnp(3) buffer overflow 2020-07-10
FreeBSD -- Possible login(1) argument injection in telnetd(8) 2016-12-06
FreeBSD -- Potential jail escape vulnerabilities in netmap 2022-04-07
FreeBSD -- Potential memory corruption in USB network device drivers 2020-08-06
FreeBSD -- Potential remote code execution via ssh-agent forwarding 2023-08-31
FreeBSD -- Predictable query ids in named(8) 2007-08-02
FreeBSD -- Prefix Truncation Attack in the SSH protocol 2024-01-02
FreeBSD -- Privilege escalation in cd(4) driver 2019-07-30
FreeBSD -- Privilege escalation via mmap 2013-06-18
FreeBSD -- Privilege escalation when returning from kernel 2012-06-27
FreeBSD -- pts(4) write-after-free 2019-07-30
FreeBSD -- Reference count overflow in mqueue filesystem 2019-07-30
FreeBSD -- Reference count overflow in mqueue filesystem 32-bit compat 2019-10-24
FreeBSD -- Remote code execution in ggatec(8) 2021-08-25
FreeBSD -- Remote command execution in ftp(1) 2016-08-11
FreeBSD -- Remote denial of service in IPv6 fragment reassembly 2023-08-31
FreeBSD -- Remote kernel panics on IPv6 connections 2008-09-05
FreeBSD -- remotely exploitable crash in OpenSSL 2009-05-07
FreeBSD -- Resource exhaustion due to sessions stuck in LAST_ACK state 2016-08-11
FreeBSD -- Resource exhaustion in IP fragment reassembly 2018-08-22
FreeBSD -- Resource exhaustion in non-default RACK TCP stack 2019-07-30
FreeBSD -- Resource exhaustion in TCP reassembly 2018-08-06
FreeBSD -- Resource exhaustion in TCP reassembly 2016-08-11
FreeBSD -- routed(8) remote denial of service vulnerability 2016-08-11
FreeBSD -- routed(8) remote denial of service vulnerability 2016-08-11
FreeBSD -- rpcbind(8) remote denial of service [REVISED] 2016-08-11
FreeBSD -- rtsold(8) remote buffer overflow vulnerability 2016-08-11
FreeBSD -- SAE confirm missing state validation 2019-04-23
FreeBSD -- SAE side-channel attacks 2019-04-23
FreeBSD -- SCTP ICMPv6 error message vulnerability 2016-08-11
FreeBSD -- SCTP SCTP_SS_VALUE kernel memory corruption and disclosure 2016-08-11
FreeBSD -- SCTP socket use-after-free bug 2020-09-02
FreeBSD -- SCTP stream reset vulnerability 2016-08-11
FreeBSD -- sendmail improper close-on-exec flag handling 2016-08-11
FreeBSD -- sendmsg(2) privilege escalation 2020-08-06
FreeBSD -- shell injection vulnerability in patch(1) 2016-08-11
FreeBSD -- shell injection vulnerability in patch(1) 2016-08-11
FreeBSD -- Speculative Execution Vulnerabilities 2018-03-14
FreeBSD -- ssh-add does not honor per-hop destination constraints 2023-08-31
FreeBSD -- SSL protocol flaw 2010-10-24
FreeBSD -- Stack overflow in ping(8) 2023-08-31
FreeBSD -- System call kernel data register leak 2019-02-11
FreeBSD -- TCP IPv6 SYN cache kernel information disclosure 2020-03-19
FreeBSD -- TCP MD5 signature denial of service 2016-08-11
FreeBSD -- TCP reassembly vulnerability 2016-08-11
FreeBSD -- TCP spoofing vulnerability in pf(4) 2023-12-05
FreeBSD -- telnet(1) client multiple vulnerabilities 2019-07-30
FreeBSD -- umtx Kernel panic or Use-After-Free 2024-09-05
FreeBSD -- Unauthenticated EAPOL-Key Decryption Vulnerability 2018-08-22
FreeBSD -- Uninitialized kernel stack leaks in several file systems 2021-01-29
FreeBSD -- Unvalidated input in nfsclient 2010-10-24
FreeBSD -- ure device driver susceptible to packet-in-packet attack 2020-09-16
FreeBSD -- USB HID descriptor parsing error 2020-06-09
FreeBSD -- Use after free in cryptodev module 2020-05-12
FreeBSD -- vt console buffer overflow 2022-02-02
FreeBSD -- vt console memory disclosure 2018-04-05
FreeBSD -- Wi-Fi encryption bypass 2023-09-07
FreeBSD -- WPA2 protocol vulnerability 2017-12-06
FreeBSD -- Xen grant mapping error handling issues 2021-02-25
FreeBSD -- Xen guests can triger backend Out Of Memory 2021-01-29
FreeBSD -- ZFS ZIL playback with insecure permissions 2010-10-24
FreeBSD -- zlib compression out-of-bounds write 2022-04-07
FreeBSD -- zlib heap buffer overflow 2022-08-31
FreeBSD-kernel -- Multiple WiFi issues 2022-03-16
FreeBSD-kernel -- SMAP bypass 2021-05-27
freeciv -- Denial of Service Vulnerabilities 2006-09-26
freeciv -- Packet Parsing Denial of Service Vulnerability 2006-09-26
freeimage -- code execution vulnerability 2017-02-04
freeimage -- multiple integer overflows 2015-12-13
freeradius -- arbitrary code execution for TLS-based authentication 2012-09-11
freeradius -- authentication bypass vulnerability 2006-06-08
freeradius -- denial-of-service vulnerability 2004-10-13
freeradius -- EAP-MSCHAPv2 Authentication Bypass 2006-03-29
freeradius -- EAP-TTLS Tunnel Memory Leak Remote DOS Vulnerability 2007-04-13
freeradius -- insufficient CRL application vulnerability 2015-07-13
FreeRadius -- Multiple vulnerabilities 2017-08-14
freeradius -- multiple vulnerabilities 2006-06-08
freeradius -- remote packet of death vulnerability 2009-12-14
freeradius -- sql injection and denial of service vulnerability 2005-05-22
FreeRADIUS -- TLS resumption authentication bypass 2017-06-01
freeradius3 -- insufficient validation on packets 2015-08-14
freerdp -- clients using `/parallel` command line switch might read uninitialized data 2023-02-24
freerdp -- clients using the `/video` command line switch might read uninitialized data 2023-02-24
FreeRDP -- Integer overflow in RDPEGFX channel 2020-07-28
FreeRDP -- multiple vulnerabilities 2020-05-28
freerdp -- multiple vulnerabilities 2022-12-24
freetype -- LWFN Files Buffer Overflow Vulnerability 2006-10-02
freetype -- Multiple vulnerabilities 2013-01-05
freetype -- multiple vulnerabilities 2012-04-06
freetype -- Out of bounds stack-based read/write 2014-12-07
freetype -- Some type 1 fonts handling vulnerabilities 2011-11-01
FreeType 2 -- Heap overflow vulnerability 2007-05-24
FreeType 2 -- Multiple Vulnerabilities 2008-07-03
freetype2 -- buffer overflows 2017-05-17
freetype2 -- execute arbitrary code or cause denial of service 2011-08-11
freetype2 -- heap buffer overlfow 2020-10-22
freetype2 -- multiple vulnerabilities 2009-04-18
freetype2 -- Out of bounds read/write 2014-03-09
freexl -- integer overflow 2015-08-18
freexl -- multiple vulnerabilities 2015-08-18
frontpage -- cross site scripting vulnerability 2006-05-23
froxlor -- database password information leak 2015-08-13
frr - BGP 2024-09-24
frr - Multiple vulnerabilities 2024-06-28
frr -- BGP Mishandled attribute length on Error 2017-11-21
fsp buffer overflow and directory traversal vulnerabilities 2004-01-19
fsplib -- multiple vulnerabilities 2007-08-02
fswiki -- command injection vulnerability 2005-08-29
fswiki -- XSS problem in file upload form 2005-05-29
fswiki -- XSS vulnerability 2006-05-06
fuser -- missing user's privileges check 2009-12-21
fwbuilder -- security issue in temporary file handling 2009-09-18
gaim -- AIM/ICQ away message buffer overflow 2005-08-12
gaim -- AIM/ICQ non-UTF-8 filename crash 2005-08-12
gaim -- AIM/ICQ remote denial of service vulnerability 2005-04-25
gaim -- buffer overflow in MSN protocol support 2004-10-25
gaim -- Content-Length header denial-of-service vulnerability 2004-10-25
gaim -- heap overflow exploitable by malicious GroupWise server 2004-10-25
gaim -- jabber remote crash 2005-04-10
gaim -- malicious smiley themes 2004-10-25
gaim -- MSN denial-of-service vulnerabilities 2004-10-25
gaim -- MSN remote DoS vulnerability 2005-05-14
gaim -- MSN Remote DoS vulnerability 2005-06-17
gaim -- multiple buffer overflows 2004-10-25
gaim -- remote crash on some protocols 2005-05-14
gaim -- remote DoS on receiving certain messages over IRC 2005-04-10
gaim -- remote DoS on receiving malformed HTML 2005-04-25
gaim -- remote DoS on receiving malformed HTML 2005-04-10
gaim -- Yahoo! remote crash vulnerability 2005-06-17
gaim remotely exploitable vulnerabilities in MSN component 2004-08-12
gallery -- cross-site scripting 2005-06-17
gallery -- multiple vulnerabilities 2013-07-17
gallery -- multiple vulnerabilities 2008-09-19
gallery -- remote code injection via HTTP_POST_VARS 2005-06-17
Gallery 1.4.3 and ealier user authentication bypass 2004-06-24
gallery2 -- file disclosure vulnerability 2005-10-15
gallery2 -- multiple vulnerabilities 2007-11-09
gallery2 -- multiple vulnerabilities 2007-12-25
ganglia -- buffer overflow vulnerability 2009-01-30
ganglia-webfrontend -- auth bypass 2015-09-08
ganglia-webfrontend -- XSS vulnerabilities 2007-12-17
gcab -- stack overflow 2018-01-27
gd -- '_gdGetColors' remote buffer overflow vulnerability 2009-11-05
gd -- integer overflow 2004-11-05
gd -- multiple vulnerabilities 2016-08-04
gd -- multiple vulnerabilities 2007-06-29
gdcm -- multiple vulnerabilities 2016-02-01
gdk-pixbuf -- image decoding vulnerabilities 2004-09-15
gdk-pixbuf -- multiple vulnerabilities 2017-09-01
gdk-pixbuf2 -- head overflow and DoS 2015-10-05
gdk-pixbuf2 -- heap overflow and DoS 2015-08-19
gdk-pixbuf2 -- heap overflow and DoS affecting Firefox and other programs 2015-07-22
gdk-pixbuf2 -- integer overflows 2015-09-04
gdm -- lock screen bypass when holding escape key 2015-11-18
gdm -- privilege escalation vulnerability 2011-03-29
gedit -- format string vulnerability 2006-02-20
geeklog xss vulnerability 2008-01-15
getmail -- symlink vulnerability during maildir delivery 2004-10-04
gforge -- directory traversal vulnerability 2005-06-03
gforge -- XSS and email flood vulnerabilities 2005-08-09
gftp -- directory traversal vulnerability 2005-02-18
gftp -- multiple vulnerabilities 2007-11-05
Ghostscript -- arbitrary code execution 2018-09-04
ghostscript -- buffer overflow vulnerability 2009-05-13
ghostscript -- denial of service (crash) via crafted Postscript files 2015-09-01
ghostscript -- exploitable buffer overflow in (T)BCP in PS interpreter 2023-04-13
ghostscript -- insecure temporary file creation vulnerability 2005-11-27
Ghostscript -- SAFER Sandbox Breakout 2021-01-17
Ghostscript -- Security bypass vulnerabilities 2019-12-09
Ghostscript -- Security bypass vulnerability 2019-04-21
ghostscript -- zseticcspace() function buffer overflow vulnerability 2008-03-05
giflib -- heap overflow 2016-02-26
GIMP - Heap Buffer Overflow Vulnerability 2018-07-27
git -- "git apply" overwriting paths outside the working tree 2023-02-21
git -- Arbitrary command execution on case-insensitive filesystems 2014-12-19
git -- buffer overflow vulnerability 2010-07-23
git -- denial of service vulnerability 2009-06-15
Git -- Execute arbitrary code 2015-10-19
Git -- Fix memory out-of-bounds and remote code execution vulnerabilities (CVE-2018-11233 and CVE-2018-11235) 2018-06-02
git -- gitattributes parsing integer overflow 2023-02-21
git -- gitweb privilege escalation 2009-01-19
git -- Heap overflow in `git archive`, `git log --format` leading to RCE 2023-02-21
git -- integer overflow 2016-03-18
git -- Local clone-based data exfiltration with non-local transports 2023-02-21
git -- Multiple vulnerabilities 2023-04-26
git -- Multiple vulnerabilities 2022-10-18
git -- potential code execution 2016-03-17
git -- privilege escalation 2022-07-12
gitea -- avoid open HTTP redirects 2023-07-05
gitea -- block user account creation from blocked email domains 2023-09-10
gitea -- Disallow dangerous URL schemes 2023-07-23
gitea -- Escape git fetch remote 2022-05-05
gitea -- Fix XSS vulnerabilities 2024-02-24
gitea -- Improper/incorrect authorization 2022-03-29
gitea -- information disclosure 2023-08-27
gitea -- information disclosure 2019-10-30
gitea -- information disclosure 2023-01-24
gitea -- insufficient privilege check 2019-01-06
gitea -- missing permission checks 2023-09-10
gitea -- multiple issues 2022-09-11
gitea -- multiple issues 2023-07-05
gitea -- multiple issues 2022-10-15
gitea -- multiple issues 2023-01-02
gitea -- multiple issues 2024-09-05
gitea -- multiple issues 2022-08-05
gitea -- multiple issues 2022-12-22
gitea -- multiple issues 2022-08-05
gitea -- multiple vulnerabilities 2021-06-19
gitea -- multiple vulnerabilities 2020-05-31
gitea -- multiple vulnerabilities 2021-02-06
gitea -- multiple vulnerabilities 2019-05-06
gitea -- multiple vulnerabilities 2020-12-04
gitea -- multiple vulnerabilities 2020-11-21
gitea -- multiple vulnerabilities 2020-12-31
gitea -- multiple vulnerabilities 2020-03-07
gitea -- multiple vulnerabilities 2021-11-04
gitea -- multiple vulnerabilities 2021-08-20
gitea -- multiple vulnerabilities 2020-01-18
gitea -- multiple vulnerabilities 2021-04-11
gitea -- multiple vulnerabilities 2021-08-22
gitea -- multiple vulnerabilities 2021-03-23
gitea -- multiple vulnerabilities 2019-08-22
gitea -- multiple vulnerabilities 2019-02-01
gitea -- multiple vulnerabilities 2019-07-31
gitea -- multiple vulnerabilities 2021-02-06
gitea -- multiple vulnerabilities 2021-04-09
gitea -- multiple vulnerabilities 2019-01-26
gitea -- multiple vulnerabilities 2021-07-18
gitea -- multiple vulnerabilities 2018-10-11
gitea -- multiple vulnerabilities 2019-11-22
gitea -- multiple vulnerabilities 2019-07-31
gitea -- Open Redirect on login 2022-03-29
gitea -- password hash quality 2023-02-20
gitea -- Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin 2023-12-21
gitea -- Prevent anonymous container access 2024-02-15
gitea -- privilege escalation, XSS 2018-12-21
gitea -- quoting in markdown text 2021-03-21
gitea -- remote code execution 2019-04-17
gitea -- remote code exeution 2018-11-01
gitea -- token missing access control for packages 2024-10-09
gitea -- TOTP passcode reuse 2018-08-12
gitea -- XSS vulnerability 2019-03-20
Gitlab -- Arbitrary File read in Gitlab project import 2018-12-22
Gitlab -- Arbitrary File read in GitLab project import with Git LFS 2018-12-14
Gitlab -- Arbitrary repo read in Gitlab project import 2019-01-17
gitlab -- Directory traversal via "import/export" feature 2016-11-09
Gitlab -- Disclosure Vulnerabilities 2019-10-02
Gitlab -- Disclosure Vulnerabilities 2019-10-30
Gitlab -- Gitlab 2021-08-04
Gitlab -- Group Runner Registration Token Exposure 2019-04-11
Gitlab -- Information Disclosure 2019-05-01
Gitlab -- multiple vulnerabilities 2018-08-30
Gitlab -- Multiple vulnerabilities 2018-12-06
Gitlab -- multiple vulnerabilities 2020-10-02
Gitlab -- Multiple vulnerabilities 2021-03-05
Gitlab -- Multiple Vulnerabilities 2021-07-02
Gitlab -- Multiple Vulnerabilities 2020-07-07
Gitlab -- multiple vulnerabilities 2022-08-30
Gitlab -- Multiple Vulnerabilities 2020-07-02
Gitlab -- Multiple vulnerabilities 2019-03-05
Gitlab -- Multiple Vulnerabilities 2021-12-07
Gitlab -- Multiple Vulnerabilities 2023-05-06
Gitlab -- Multiple Vulnerabilities 2023-05-02
Gitlab -- Multiple Vulnerabilities 2019-11-27
Gitlab -- Multiple Vulnerabilities 2019-11-28
Gitlab -- Multiple Vulnerabilities 2019-08-30
Gitlab -- Multiple vulnerabilities 2022-09-30
Gitlab -- Multiple Vulnerabilities 2019-08-13
GitLab -- multiple vulnerabilities 2018-02-21
Gitlab -- multiple vulnerabilities 2022-07-30
Gitlab -- Multiple Vulnerabilities 2021-10-30
Gitlab -- Multiple Vulnerabilities 2019-12-10
Gitlab -- Multiple vulnerabilities 2020-11-02
Gitlab -- Multiple vulnerabilities 2022-11-05
GitLab -- multiple vulnerabilities 2017-12-14
Gitlab -- Multiple Vulnerabilities 2020-06-04
Gitlab -- Multiple Vulnerabilities 2020-08-06
Gitlab -- Multiple vulnerabilities 2019-02-06
Gitlab -- multiple vulnerabilities 2018-03-27
Gitlab -- Multiple Vulnerabilities 2020-05-28
Gitlab -- multiple vulnerabilities 2018-04-05
Gitlab -- Multiple Vulnerabilities 2020-01-03
Gitlab -- Multiple vulnerabilities 2019-01-31
Gitlab -- multiple vulnerabilities 2018-05-01
Gitlab -- multiple vulnerabilities 2022-03-09
Gitlab -- Multiple Vulnerabilities 2020-05-01
Gitlab -- multiple vulnerabilities 2020-09-02
Gitlab -- multiple vulnerabilities 2022-07-09
Gitlab -- Multiple Vulnerabilities 2019-07-30
Gitlab -- multiple vulnerabilities 2022-06-04
Gitlab -- multiple vulnerabilities 2018-05-31
Gitlab -- Multiple vulnerabilities 2021-02-02
Gitlab -- Multiple vulnerabilities 2020-12-07
Gitlab -- multiple vulnerabilities 2018-06-25
Gitlab -- Multiple vulnerabilities 2021-03-18
Gitlab -- Multiple Vulnerabilities 2020-04-15
Gitlab -- Multiple vulnerabilities 2019-04-29
Gitlab -- multiple vulnerabilities 2021-01-09
Gitlab -- multiple vulnerabilities 2018-07-27
Gitlab -- Multiple Vulnerabilities 2022-12-01
Gitlab -- Multiple vulnerabilities 2018-11-28
Gitlab -- Multiple Vulnerabilities 2019-07-03
Gitlab -- Multiple Vulnerabilities 2023-03-31
Gitlab -- Multiple Vulnerabilities 2023-03-03
Gitlab -- Multiple Vulnerabilities 2020-03-26
Gitlab -- Multiple Vulnerabilities 2021-06-01
Gitlab -- Multiple vulnerabilities 2019-01-02
Gitlab -- Multiple Vulnerabilities 2022-01-12
Gitlab -- Multiple vulnerabilities 2019-04-02
Gitlab -- multiple vulnerabilities 2018-10-29
Gitlab -- Multiple Vulnerabilities 2021-02-12
Gitlab -- Multiple vulnerabilities 2021-04-06
Gitlab -- Multiple Vulnerabilities 2023-01-11
Gitlab -- Multiple Vulnerabilities 2019-09-12
GitLab -- multiple vulnerabilities 2017-09-14
GitLab -- multiple vulnerabilities 2017-10-25
Gitlab -- Multiple Vulnerabilities 2019-10-02
Gitlab -- multiple vulnerabilities 2022-04-04
Gitlab -- Multiple Vulnerabilities 2023-02-01
Gitlab -- Multiple Vulnerabilities 2020-03-06
Gitlab -- multiple vulnerabilities 2018-10-01
Gitlab -- multiple vulnerabilities 2018-10-05
Gitlab -- multiple vulnerabilities 2022-02-04
Gitlab -- Multiple Vulnerabilities 2020-01-31
Gitlab -- Multiple Vulnerabilities 2019-06-03
Gitlab -- Multiple vulnerabilities 2018-11-20
Gitlab -- Patch Release: 16.10.2, 16.9.4, 16.8.6 2024-04-11
Gitlab -- Private objects exposed through project import 2020-01-14
gitlab -- privilege escalation via "impersonate" feature 2016-05-03
Gitlab -- Remote Code Execution 2022-08-23
gitlab -- Remote code execution on project import 2018-01-17
Gitlab -- Remote Code Execution Vulnerability in GitLab Projects Import 2018-07-18
Gitlab -- SSRF in Kubernetes integration 2018-11-01
GitLab -- two vulnerabilities 2017-08-11
GitLab -- Various security issues 2017-06-30
gitlab -- Various security issues 2017-05-18
GitLab -- Various security issues 2017-07-20
gitlab -- Various security issues 2017-05-18
Gitlab -- vulnerabilities 2024-09-12
Gitlab -- vulnerabilities 2024-02-08
Gitlab -- vulnerabilities 2024-10-10
Gitlab -- vulnerabilities 2024-09-26
Gitlab -- Vulnerabilities 2024-05-22
Gitlab -- Vulnerabilities 2023-11-01
Gitlab -- Vulnerabilities 2023-06-30
Gitlab -- vulnerabilities 2024-01-26
Gitlab -- Vulnerabilities 2021-08-31
Gitlab -- vulnerabilities 2024-03-28
Gitlab -- Vulnerabilities 2023-12-01
Gitlab -- vulnerabilities 2024-09-18
Gitlab -- vulnerabilities 2024-05-09
Gitlab -- Vulnerabilities 2021-04-15
Gitlab -- vulnerabilities 2024-08-25
Gitlab -- vulnerabilities 2021-09-30
Gitlab -- Vulnerabilities 2024-02-22
Gitlab -- Vulnerabilities 2023-09-01
Gitlab -- Vulnerabilities 2021-04-28
Gitlab -- vulnerabilities 2023-09-29
Gitlab -- Vulnerabilities 2024-08-07
Gitlab -- Vulnerabilities 2023-07-05
Gitlab -- Vulnerabilities 2024-06-13
Gitlab -- Vulnerabilities 2024-06-27
Gitlab -- Vulnerabilities 2023-08-02
Gitlab -- Vulnerabilities 2024-03-07
Gitlab -- vulnerabilities 2024-04-24
Gitlab -- vulnerabilities 2024-10-24
Gitlab -- vulnerabilities 2024-01-12
Gitlab -- Vulnerabilities 2024-07-25
Gitlab -- vulnerabilities 2024-07-11
Gitlab -- vulnerabilities 2023-12-14
Gitlab -- Vulnerability 2020-03-12
Gitlab -- Vulnerability 2019-03-21
Gitlab -- vulnerability 2021-01-14
Gitlab -- vulnerability 2021-07-08
Gitlab -- Vulnerability 2020-02-13
Gitlab -- Vulnerability 2019-03-20
Gitlab -- vulnerability 2023-09-19
Gitlab -- Vulnerability 2023-05-13
Gitlab -- Vulnerability 2023-06-07
gitolite -- path traversal vulnerability 2012-10-15
gld -- format string and buffer overflow vulnerabilities 2005-04-19
glibc -- getaddrinfo stack-based buffer overflow 2016-02-18
glibc -- gethostbyname buffer overflow 2015-01-28
global -- gozilla vulnerability 2017-12-16
globus -- Multiple tmpfile races 2006-08-15
glpi -- able to read any token through API user endpoint 2020-03-30
glpi -- Account takeover vulnerability 2019-08-05
glpi -- Any CalDAV calendars is read-only for every authenticated user 2020-10-01
glpi -- bypass of the open redirect protection 2020-03-30
glpi -- Improve encryption algorithm 2020-03-30
glpi -- Insecure Direct Object Reference on ajax/comments.ph 2020-10-22
glpi -- Insecure Direct Object Reference on ajax/getDropdownValue.php 2020-10-22
glpi -- leakage issue with knowledge base 2020-06-25
glpi -- multiple related stored XSS vulnerabilities 2020-03-30
glpi -- Multiple SQL Injections Stemming From isNameQuoted() 2020-06-25
GLPI -- multiple vulnerabilities 2024-04-28
GLPI -- multiple vulnerabilities 2024-04-22
GLPI -- multiple vulnerabilities 2024-07-16
GLPI -- multiple vulnerabilities 2024-04-22
GLPI -- multiple vulnerabilities 2024-04-22
glpi -- multiple vulnerabilities 2023-05-08
glpi -- Public GLPIKEY can be used to decrypt any data 2020-01-02
glpi -- Reflexive XSS in Dropdown menus 2020-03-30
glpi -- remote attack via crafted POST request 2012-02-10
glpi -- Remote Code Execution (RCE) via the backup functionality 2020-03-30
glpi -- SQL Injection 2009-01-28
glpi -- SQL injection for all helpdesk instances 2020-03-30
glpi -- SQL injection for all usages of "Clone" feature 2020-06-25
glpi -- SQL Injection in Search API 2020-06-25
glpi -- stored XSS 2020-05-09
glpi -- Unauthenticated File Deletion 2020-06-25
glpi -- Unauthenticated Stored XSS 2020-06-25
glpi -- weak csrf tokens 2020-03-30
GLPI vulnerable to reflected XSS in search pages 2023-10-11
GLPI vulnerable to SQL injection through Computer Virtual Machine information 2023-10-11
GLPI vulnerable to SQL injection via dashboard administration 2023-10-11
GLPI vulnerable to SQL injection via inventory agent request 2023-10-11
GLPI vulnerable to unauthenticated access to Dashboard data 2023-10-11
GLPI vulnerable to unauthorized access to Dashboard data 2023-10-11
GLPI vulnerable to unauthorized access to KnowbaseItem data 2023-10-11
GLPI vulnerable to unauthorized access to User data 2023-10-11
glpi-project -- SQL injection in ITIL actors in GLPI 2023-10-11
gnats -- format string vulnerability 2004-11-12
GNATS local privilege elevation 2004-07-02
gnome-screensaver -- Multiple monitor hotplug issues 2010-02-13
gnomevfs -- unsafe URI handling 2004-08-26
GNU Anubis buffer overflows and format string vulnerabilities 2004-03-06
GNU binutils -- multiple vulnerabilities 2015-03-24
GNU cpio -- multiple vulnerabilities 2019-11-15
GNU finger vulnerability 2007-12-05
GNU gatekeeper -- denial of service 2012-09-01
GNU libtool insecure temporary file handling 2004-02-13
gnu-radius -- SNMP-related denial-of-service 2004-09-20
gnupg -- 2 more possible memory allocation attacks 2006-08-02
gnupg -- AEAD key import overflow 2020-09-03
gnupg -- attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output 2016-08-18
gnupg -- buffer overflow 2006-11-27
GnuPG -- denial of service 2019-07-09
gnupg -- false positive signature verification 2006-02-17
gnupg -- memory corruption vulnerability 2008-04-26
gnupg -- OpenPGP symmetric encryption vulnerability 2005-07-31
gnupg -- possible DoS using garbled compressed data packets 2014-06-23
gnupg -- possible infinite recursion in the compressed packet parser 2013-10-05
gnupg -- remotely controllable function pointer 2006-12-07
gnupg -- RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack 2013-12-18
gnupg -- side channel attack on RSA secret keys 2013-07-25
gnupg -- unsanitized output (CVE-2018-12020) 2018-06-08
gnupg -- user id integer overflow vulnerability 2006-06-25
GnuPG and Libgcrypt -- side-channel attack vulnerability 2013-08-17
GnuPG does not detect injection of unsigned data 2006-03-10
gnutls -- "gnutls_handshake()" Denial of Service 2008-08-21
gnutls -- certificate chain verification DoS 2004-10-05
gnutls -- client session resumption vulnerability 2011-11-10
gnutls -- client-side memory corruption 2014-06-03
gnutls -- client-side memory corruption 2014-06-04
gnutls -- denial of service 2013-10-25
GnuTLS -- Denial of service vulnerability 2017-06-08
gnutls -- double free in certificate DN decoding 2015-08-14
gnutls -- double free vulnerability 2022-08-09
GnuTLS -- double free, invalid pointer access 2019-04-19
gnutls -- file overwrite by setuid programs 2016-06-07
GnuTLS -- flaw in DTLS protocol implementation 2020-03-31
GnuTLS -- flaw in TLS session ticket key construction 2020-06-04
GnuTLS -- improper SSL certificate verification 2009-08-17
gnutls -- MD5 downgrade in TLS signatures 2015-08-14
GnuTLS -- Memory corruption vulnerabilities 2017-01-09
gnutls -- multiple certificate verification issues 2014-03-04
GnuTLS -- multiple vulnerabilities 2009-08-17
GnuTLS -- null pointer dereference 2020-09-06
gnutls -- OCSP validation issue 2016-09-09
gnutls -- possible overflow/Denial of service vulnerabilities 2012-03-21
gnutls -- RSA Signature Forgery Vulnerability 2006-10-02
GnuTLS -- timing sidechannel in RSA decryption 2023-02-13
gnutls -- X.509 certificate chain validation vulnerability 2008-11-16
go -- archive/zip: overflow in preallocation check can cause OOM panic 2021-09-10
go -- cmd/go: packages using cgo can cause arbitrary code execution at build time; crypto/elliptic: incorrect operations on the P-224 curve 2021-01-19
go -- crypto/elliptic: incorrect P-256 ScalarMult and ScalarBaseMult results 2023-03-08
go -- crypto/tls: clients can panic when provided a certificate of the wrong type for the negotiated parameters 2021-07-12
go -- decoding big.Float and big.Rat can panic 2022-08-02
go -- encoding/binary: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs 2020-08-06
go -- encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader; archive/zip: panic when calling Reader.Open 2021-03-10
go -- http2: close connections when receiving too many headers 2024-04-15
go -- information disclosure vulnerability 2016-01-18
go -- invalid headers are normalized, allowing request smuggling 2019-09-26
go -- math/big: panic during recursive division of very large numbers; cmd/go: arbitrary code execution at build time through cgo 2020-11-12
go -- misc/wasm, cmd/link: do not let command line arguments overwrite global data 2021-10-09
go -- multiple vulnerabilities 2021-06-03
go -- multiple vulnerabilities 2022-07-13
go -- multiple vulnerabilities 2022-06-07
go -- multiple vulnerabilities 2022-12-06
go -- multiple vulnerabilities 2022-03-19
go -- multiple vulnerabilities 2022-10-04
go -- multiple vulnerabilities 2022-05-02
go -- multiple vulnerabilities 2024-03-06
go -- multiple vulnerabilities 2022-02-18
go -- multiple vulnerabilities 2023-02-15
go -- multiple vulnerabilities 2015-08-25
go -- multiple vulnerabilities 2021-11-05
go -- multiple vulnerabilities 2023-08-02
go -- multiple vulnerabilities 2022-09-07
go -- multiple vulnerabilities 2021-12-09
go -- multiple vulnerabilities 2023-09-07
go -- multiple vulnerabilities 2024-06-15
go -- multiple vulnerabilities 2023-04-07
go -- net/http/cgi, net/http/fcgi: Cross-Site Scripting (XSS) when Content-Type is not specified 2020-09-01
go -- net/http: denial of service due to improper 100-continue handling 2024-07-03
go -- net/http: panic due to racy read of persistConn after handler panic 2021-08-05
go -- net/http: ReadRequest can stack overflow due to recursion with very large headers 2021-05-06
go -- net: malformed DNS message can cause infinite loop 2024-05-13
go -- remote denial of service 2016-04-14
go -- syscall, os/exec: unsanitized NUL in environment variables 2022-11-01
go -- syscall.Faccessat checks wrong group on Linux 2022-05-15
gogs -- open redirect vulnerability 2018-08-22
gogs -- XSS in issue attachments 2022-05-05
golddig -- local buffer overflow vulnerabilities 2005-01-03
google-earth -- heap overflow in the KML engine 2006-10-14
gpgme -- heap-based buffer overflow in gpgsm status handler 2014-08-02
Grafana -- Account takeover / authentication bypass 2023-06-23
Grafana -- Broken access control: viewer can send test alerts 2023-06-07
Grafana -- Critical vulnerability in golang 2023-04-26
Grafana -- CSRF 2022-02-12
Grafana -- Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins 2022-11-12
Grafana -- Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins 2022-11-12
Grafana -- Data source permission escalation 2024-03-11
Grafana -- Directory Traversal 2021-12-12
Grafana -- Directory Traversal 2021-12-12
Grafana -- Email verification is not required after email change 2024-02-20
Grafana -- Exposure of sensitive information to an unauthorized actor 2023-04-26
Grafana -- Grafana DS proxy race condition 2023-06-07
Grafana -- Improper authentication 2022-11-12
Grafana -- Incorrect Access Control 2021-12-11
grafana -- LDAP and OAuth login vulnerability 2018-08-31
Grafana -- OAuth Account Takeover 2022-07-15
Grafana -- Path Traversal 2021-12-11
Grafana -- Plugin signature bypass 2022-11-12
Grafana -- Privilege escalation 2022-11-12
Grafana -- Privilege escalation 2022-11-12
Grafana -- Privilege escalation 2022-09-21
Grafana -- Snapshot authentication bypass 2021-10-06
Grafana -- Spoofing originalUrl of snapshots 2023-02-09
Grafana -- Stored XSS 2022-07-15
Grafana -- Stored XSS in geomap panel plugin via attribution 2023-03-01
Grafana -- Stored XSS in Graphite FunctionDescription tooltip 2023-03-29
Grafana -- Stored XSS in ResourcePicker component 2023-02-09
Grafana -- Stored XSS in text panel plugin 2023-03-01
Grafana -- Stored XSS in TraceView panel 2023-03-01
Grafana -- Teams API IDOR 2022-02-12
Grafana -- Unauthorized file disclosure 2022-09-01
Grafana -- Username enumeration 2022-11-12
Grafana -- XSS 2021-12-11
Grafana -- XSS 2022-02-12
graphics/webp heap buffer overflow 2023-09-21
GraphicsMagick -- multiple vulnerabilities 2019-06-16
GraphicsMagick -- multiple vulnerabilities 2018-06-18
GraphicsMagick -- SVG/Rendering vulnerability 2018-08-11
graphite2 -- code execution vulnerability 2016-02-09
graphite2 -- multiple vulnerabilities 2016-03-08
graphite2 -- out-of-bounds write with malicious font 2017-04-19
graphviz -- format string vulnerability 2015-08-29
graylog -- include log4j patches 2021-12-11
graylog -- remote code execution in log4j from user-controlled log input 2021-12-17
greed -- insecure GRX file processing 2005-01-03
grip -- CDDB response multiple matches buffer overflow vulnerability 2005-03-14
groff -- groffer uses temporary files unsafely 2005-05-09
groff -- pic2graph and eqn2graph are vulnerable to symlink attack through temporary files 2005-05-09
groovy -- remote execution of untrusted code 2015-07-16
groovy -- remote execution of untrusted code/DoS vulnerability 2017-01-15
grub2-bhyve -- multiple privilege escalations 2020-02-12
gsoap -- remote code execution via via overflow 2017-07-25
gstreamer-ffmpeg -- Multiple vulnerabilities in bundled libav 2013-08-20
gstreamer-plugins-good -- multiple memory overflows 2009-03-16
gstreamer1-rtsp-server -- Potential Denial-of-Service (DoS) with specially crafted client requests 2024-11-07
gtar -- buffer overflow in rmt client 2010-03-24
gtar -- Directory traversal vulnerability 2007-09-01
gtar -- GNU TAR safer_name_suffix Remote Denial of Service Vulnerability 2009-01-15
gtar -- GNUTYPE_NAMES directory traversal vulnerability 2006-11-30
gtar -- invalid headers buffer overflow 2006-03-03
gtar -- name mangling symlink vulnerability 2007-02-27
gtetrinet -- remote code execution 2006-09-02
gtk-vnc -- bounds checking vulnerabilities 2017-02-11
guile2 -- multiple vulnerabilities 2017-02-04
gzip -- directory traversal and permission race vulnerabilities 2005-06-18
gzip -- multiple vulnerabilities 2006-12-19
h2o -- directory traversal vulnerability 2016-01-15
h2o -- directory traversal vulnerability 2015-09-16
h2o -- DoS in workers 2017-10-17
h2o -- fix DoS attack vector 2016-09-14
h2o -- heap buffer overflow during logging 2018-07-03
h2o -- HTTP/2 Rapid Reset attack vulnerability 2023-10-10
h2o -- Malformed HTTP/1.1 causes Out-of-Memory Denial of Service 2023-04-30
h2o -- multiple HTTP/2 vulnerabilities 2019-08-25
h2o -- multiple HTTP/2 vulnerabilities 2019-08-25
h2o -- uninitialised memory access in HTTP3 2022-02-02
h2o -- use after free on premature connection close 2016-06-01
h2o -- Use-after-free vulnerability 2016-12-29
ha -- Directory traversals 2021-09-30
habari -- Cross-Site Scripting Vulnerability 2008-12-07
hadoop2 -- unauthorized disclosure of data vulnerability 2016-03-19
hafiye -- lack of terminal escape sequence filtering 2004-11-11
haproxy -- buffer overflow 2012-05-24
haproxy -- denial of service 2016-06-30
haproxy -- information leak vulnerability 2015-07-07
HAproxy -- serious vulnerability affecting the HPACK decoder used for HTTP/2 2020-04-02
hashcash -- format string vulnerability 2005-04-02
hashcash -- heap overflow vulnerability 2006-06-27
hcode -- buffer overflow in mail.c 2024-05-01
hdf5 -- multiple vulnerabilities 2017-01-09
heartbeat -- insecure temporary file creation vulnerability 2006-02-16
heimdal -- bypass of capath policy 2017-05-31
heimdal -- Multiple vulnerabilities 2006-03-20
heimdal kadmind remote heap buffer overflow 2004-05-05
Helm -- client unpacking chart that contains malicious content 2019-01-18
helvis -- arbitrary file deletion problem 2005-01-10
helvis -- information leak vulnerabilities 2005-01-10
hiawatha -- integer overflow in Content-Length header parsing 2011-03-17
hiawatha -- memory leak in PreventSQLi routine 2011-11-18
hiredis -- integer/buffer overflow 2022-04-29
hive -- authorization logic vulnerability 2016-07-03
hlstats -- multiple cross site scripting vulnerabilities 2006-09-02
horde -- "url" disclosure of sensitive information vulnerability 2006-03-15
horde -- Cross site scripting vulnerabilities in MIME viewers 2005-11-22
horde -- Cross site scripting vulnerabilities in several of Horde's templates 2005-12-11
horde -- cross-site scripting vulnerability in help window 2004-10-27
horde -- Horde Page Title Cross-Site Scripting Vulnerability 2005-04-05
horde -- multiple parameter cross site scripting vulnerabilities 2006-06-17
horde -- multiple vulnerabilities 2008-09-11
horde -- Phishing and Cross-Site Scripting Vulnerabilities 2006-08-17
horde -- remote code execution vulnerability in the help viewer 2006-03-28
horde -- various problems in dereferrer 2006-07-05
horde -- XSS vulnerabilities 2005-01-22
horde -- XSS vulnerabilities 2016-02-14
horde-base -- multiple vulnerabilities 2009-09-14
horde-base -- XSS and CSRF vulnerabilities 2010-09-28
horde-base -- XSS: VCARD attachments vulnerability 2010-11-23
horde-gollem -- XSS vulnerability 2010-09-28
horde-imp -- XSS vulnerability 2010-09-28
hostapd and wpa_supplicant -- multiple vulnerabilities 2015-06-01
hostapd and wpa_supplicant -- multiple vulnerabilities 2016-04-19
hostapd and wpa_supplicant -- psk configuration parameter update allowing arbitrary data to be written 2016-05-20
hplip -- hpssd Denial of Service 2008-11-29
hsftp format string vulnerabilities 2004-02-25
htdig -- cross site scripting vulnerability 2005-09-04
HTMLDOC -- buffer overflow issues when reading AFM files and parsing page sizes 2014-01-22
hwloc2 -- Denial of service or other unspecified impacts 2024-10-29
hylafax -- unauthorized login vulnerability 2005-01-11
i2p -- Multiple Vulnerabilities 2014-07-28
icecast -- Cross-Site Scripting Vulnerability 2004-10-13
icecast -- HTTP header overflow 2004-10-13
icecast 1.x multiple vulnerabilities 2004-02-12
Icinga -- buffer overflow in classic web interface 2014-03-29
Icinga Web 2 -- directory traversal vulnerability 2020-08-19
icingaweb2 -- remote code execution 2016-07-03
icoutils -- check_offset overflow on 64-bit systems 2017-01-19
icu -- multiple vulnerabilities 2017-04-20
id Tech 3 -- remote code execution vulnerability 2017-04-07
id3lib -- insecure temporary file creation 2007-10-01
ident2 double byte buffer overflow 2004-04-23
IEEE 802.11 -- buffer overflow 2006-02-14
ifmail -- unsafe set-user-ID application 2004-10-19
ikiwiki -- authentication bypass vulnerability 2017-03-05
ikiwiki -- cleartext passwords 2008-06-01
ikiwiki -- cross site request forging 2008-04-13
ikiwiki -- empty password security hole 2008-05-31
ikiwiki -- improper symlink verification vulnerability 2007-11-27
ikiwiki -- insufficient blacklisting in teximg plugin 2009-09-13
ikiwiki -- javascript insertion via uris 2008-02-11
ikiwiki -- multiple vulnerabilities 2017-03-05
ikiwiki -- tty hijacking via ikiwiki-mass-rebuild 2011-06-15
ikiwiki -- XSS vulnerability 2016-06-05
ilmbase, openexr -- v2.5.3 is a patch release with various bug/security fixes 2020-08-13
ImageMagick -- BMP decoder buffer overflow 2004-08-31
imagemagick -- buffer overflow 2016-05-13
ImageMagick -- denial of service via a crafted font file 2017-09-26
ImageMagick -- EXIF parser buffer overflow 2004-11-11
ImageMagick -- format string vulnerability 2005-03-03
ImageMagick -- heap overflow vulnerability 2016-12-04
ImageMagick -- multiple vulnerabilities 2017-05-25
ImageMagick -- multiple vulnerabilities 2016-10-12
ImageMagick -- multiple vulnerabilities 2019-05-30
ImageMagick -- multiple vulnerabilities 2007-10-10
ImageMagick -- multiple vulnerabilities 2012-06-14
ImageMagick -- multiple vulnerabilities 2016-05-06
ImageMagick -- PSD handler heap overflow vulnerability 2005-01-18
ImageMagick -- ReadPNMImage() heap overflow vulnerability 2005-04-27
ImageMagick -- SGI Image File heap overflow vulnerability 2006-12-02
ImageMagick and GraphicsMagick -- DoS via specially crafted PNG file 2012-09-20
ImageMagick png vulnerability fix 2004-08-04
ImageMagick6 -- multiple vulnerabilities 2021-05-13
ImageMagick7 -- multiple vulnerabilities 2021-05-13
ImageMagick7 -- multiple vulnerabilities 2016-12-04
IMAP fcc/postpone machine-in-the-middle attack 2020-06-24
imap-uw -- authentication bypass when CRAM-MD5 is enabled 2005-06-03
imap-uw -- imap c-client buffer overflow 2009-01-11
imap-uw -- local buffer overflow vulnerabilities 2009-01-11
imap-uw -- mailbox name handling remote buffer vulnerability 2005-10-05
imap-uw -- University of Washington IMAP c-client Remote Format String Vulnerability 2009-05-21
imlib -- BMP decoder heap buffer overflow 2004-08-31
imlib -- xpm heap buffer overflows and integer overflows 2005-01-21
imlib2 -- BMP decoder buffer overflow 2004-08-31
imlib2 -- denial of service vulnerabilities 2016-01-22
Imlib2 -- multiple image file processing vulnerabilities 2006-11-08
imlib2 -- XPM processing buffer overflow vulnerability 2008-11-24
imp3 -- XSS hole in the HTML viewer 2004-10-05
imwheel -- insecure handling of PID file 2004-10-19
Incorrect cross-realm trust handling in Heimdal 2004-04-02
Information disclosure - Gitea leaks email addresses 2018-09-05
ingo -- local arbitrary shell command execution 2006-10-18
inn -- plaintext command injection into encrypted channel 2012-08-25
insecure temporary file creation in xine-check, xine-bugreport 2004-03-26
inspircd -- authentication bypass vulnerability 2016-09-06
inspircd -- buffer overflow 2012-05-17
inspircd -- DoS 2015-12-29
InspIRCd websocket module double free vulnerability 2021-01-01
Intel CPU issues 2020-12-28
Intel CPUs -- multiple vulnerabilities 2024-09-10
Intel CPUs -- multiple vulnerabilities 2024-05-14
Intel CPUs -- multiple vulnerabilities 2024-03-12
Intel CPUs -- multiple vulnerabilities 2024-08-14
Intel(R) NVMUpdate -- Intel(R) Ethernet Controller X710/XL710 NVM Security Vulnerability 2017-01-23
iodined -- authentication bypass 2014-06-18
iperf3 -- buffer overflow 2016-06-08
ipfw -- IP fragment denial of service 2006-02-14
ipsec -- Incorrect key usage in AES-XCBC-MAC 2005-08-05
ipsec -- reply attack vulnerability 2006-03-24
ipsec-tools -- Memory leak leading to denial of service 2015-05-19
ipsec-tools -- remotely exploitable computational-complexity attack 2018-04-14
ipset-tools -- Denial of Service Vulnerabilities 2009-01-21
ipython -- Execution with Unnecessary Privileges 2022-11-12
IRC Services-- Denial of Service Vulnerability 2008-01-19
irc-ratbox -- multiple vulnerabilities 2010-01-28
irc/bitchx -- multiple vulnerabilities 2013-05-31
ircd-ratbox and charybdis -- remote DoS vulnerability 2013-01-02
ircII -- denial of service 2021-03-30
irssi -- heap corruption and missing boundary checks 2016-09-21
irssi -- multiple vulnerabilities 2017-07-08
irssi -- multiple vulnerabilities 2010-04-19
irssi -- multiple vulnerabilities 2017-10-22
irssi -- multiple vulnerabilities 2018-02-19
Irssi -- multiple vulnerabilities 2017-01-05
irssi -- multiple vulnerabilities 2018-01-06
irssi -- remote DoS 2017-06-08
irssi -- Use after free 2019-01-10
irssi -- Use after free when sending SASL login to the server 2019-07-01
irssi -- use-after-free potential code execution 2017-03-18
isakmpd payload handling denial-of-service vulnerabilities 2004-03-31
ISC KEA -- Multiple vulnerabilities 2019-09-20
isc-dhcp -- Multiple vulnerabilities 2018-03-02
isc-dhcp -- multiple vulnerabilities 2012-07-25
isc-dhcp -- remotely exploitable vulnerability 2021-06-02
isc-dhcp-client -- dhclient does not strip or escape shell meta-characters 2011-04-10
isc-dhcp-client -- Stack overflow vulnerability 2009-07-15
isc-dhcp-server -- DHCPv6 crash 2011-01-28
isc-dhcp-server -- DoS in DHCPv6 2012-01-13
isc-dhcp-server -- Empty link-address denial of service 2010-11-24
isc-dhcp-server -- Remote DoS 2011-12-07
isc-dhcp-server -- server halt upon processing certain packets 2011-08-13
isc-dhcp3-server buffer overflow in logging mechanism 2004-06-25
isc-dhcpd -- Denial of Service 2016-01-12
isc-dhcpd -- format string vulnerabilities 2005-07-23
isolate -- local root exploit 2010-08-13
Istio -- Security vulnerabilities 2019-04-22
jabberd -- 3 buffer overflows 2005-07-30
jabberd -- authentication bypass vulnerability 2017-07-26
jabberd -- denial-of-service vulnerability 2004-12-26
jabberd -- domain spoofing in server dialback protocol 2012-08-23
jabberd -- remote buffer overflow vulnerability 2004-11-30
jabberd -- SASL Negotiation Denial of Service Vulnerability 2006-05-01
jailed processes can attach to other jails 2004-04-07
jailed processes can manipulate host routing tables 2004-06-07
james -- multiple vulnerabilities 2015-10-01
jansson -- local denial of service vulnerabilities 2016-05-04
jasper -- buffer overflow 2013-04-18
jasper -- heap overflow vulnerability 2020-12-13
jasper -- multiple vulnerabilities 2021-03-03
jasper -- multiple vulnerabilities 2016-02-20
jasper -- multiple vulnerabilities 2020-08-25
jasper -- multiple vulnerabilities 2015-08-18
java -- multiple vulnerabilities 2015-12-15
Java 1.7 -- security manager bypass 2012-08-30
java 7.x -- security manager bypass 2013-01-14
jdk -- jar directory traversal vulnerability 2005-04-16
jdk/jre -- Applet Caching May Allow Network Access Restrictions to be Circumvented 2007-10-08
jdk/jre -- Security Vulnerability With Java Plugin 2004-11-25
jellyfin -- Multiple vulnerabilities 2023-04-25
jenkins -- Arbitrary file read vulnerability in workspace browsers 2021-01-26
jenkins -- Buffer corruption in bundled Jetty 2020-08-17
jenkins -- CSRF protection bypass vulnerability 2023-06-14
jenkins -- Denial of service vulnerability in bundled Jetty 2021-04-20
jenkins -- DoS vulnerability in bundled XStream library 2022-02-10
jenkins -- HTTP access to the server to retrieve the master cryptographic key 2013-01-08
jenkins -- HTTP/2 denial of service vulnerability in bundled Jetty 2023-10-18
jenkins -- HTTP/2 denial of service vulnerability in bundled Jetty 2024-04-02
jenkins -- Jenkins core bundles vulnerable version of the commons-httpclient library 2021-10-07
jenkins -- multiple issues 2017-11-09
jenkins -- multiple issues 2017-10-13
jenkins -- multiple vulnerabilities 2021-11-04
jenkins -- multiple vulnerabilities 2018-05-10
jenkins -- multiple vulnerabilities 2020-07-15
jenkins -- multiple vulnerabilities 2017-02-01
jenkins -- multiple vulnerabilities 2023-09-25
jenkins -- multiple vulnerabilities 2024-01-24
jenkins -- multiple vulnerabilities 2016-05-12
jenkins -- multiple vulnerabilities 2019-08-28
jenkins -- multiple vulnerabilities 2021-01-13
jenkins -- multiple vulnerabilities 2019-04-10
jenkins -- multiple vulnerabilities 2019-09-25
jenkins -- multiple vulnerabilities 2021-04-08
jenkins -- multiple vulnerabilities 2018-10-11
jenkins -- multiple vulnerabilities 2015-03-24
jenkins -- multiple vulnerabilities 2022-06-22
jenkins -- multiple vulnerabilities 2018-12-05
jenkins -- multiple vulnerabilities 2012-09-17
jenkins -- multiple vulnerabilities 2018-08-15
jenkins -- multiple vulnerabilities 2015-03-01
jenkins -- multiple vulnerabilities 2018-07-18
jenkins -- multiple vulnerabilities 2014-02-15
jenkins -- multiple vulnerabilities 2020-08-12
jenkins -- multiple vulnerabilities 2024-10-03
jenkins -- multiple vulnerabilities 2023-03-09
jenkins -- multiple vulnerabilities 2021-07-01
jenkins -- multiple vulnerabilities 2019-01-16
jenkins -- multiple vulnerabilities 2018-04-12
jenkins -- multiple vulnerabilities 2013-02-17
jenkins -- multiple vulnerabilities 2013-05-03
jenkins -- multiple vulnerabilities 2020-01-29
jenkins -- multiple vulnerabilities 2024-08-07
jenkins -- multiple vulnerabilities 2020-03-25
jenkins -- multiple vulnerabilities 2016-02-25
jenkins -- multiple vulnerabilities 2019-07-17
jenkins -- multiple vulnerabilities 2015-12-09
jenkins -- multiple vulnerabilities 2022-01-12
jenkins -- multiple vulnerabilities 2017-04-27
jenkins -- Path traversal vulnerability allows access to files outside plugin resources 2018-02-14
jenkins -- Privilege escalation vulnerability in bundled Spring Security library 2021-02-20
jenkins -- remote code execution via unsafe deserialization 2015-11-11
jenkins -- Remote code execution vulnerability in remoting module 2016-11-16
jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS 2014-10-01
jenkins -- slave-originated arbitrary code execution on master servers 2014-10-31
jenkins -- Stored XSS vulnerability 2023-07-26
jenkins -- Terrapin SSH vulnerability in Jenkins CLI client 2024-04-19
jenkins -- Two startup race conditions 2017-12-15
jenkins -- XSS vulnerability 2012-03-07
jenkins -- XSS vulnerability 2022-10-05
jetty -- multiple vulnerabilities 2007-12-10
jetty -- multiple vulnerability 2008-02-04
Jinja2 -- Vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter 2024-08-20
joomla -- flaw in the reset token validation 2008-08-20
joomla -- multiple remote vulnerabilities 2007-01-17
Joomla -- multiple vulnerabilities 2006-06-30
joomla -- multiple vulnerabilities 2015-12-17
joomla -- multiple vulnerabilities 2009-06-16
joomla -- multiple vulnerabilities 2007-08-02
joomla -- multiple vulnerabilities 2006-08-30
joomla -- multiple vulnerabilities 2010-04-26
joomla -- Privilege Escalation 2012-06-19
Joomla! -- Core - ACL Violation vulnerabilities 2015-10-25
Joomla! -- Core - CSRF Protection vulnerabilities 2015-10-25
Joomla! -- Core - Multiple Vulnerabilities 2014-03-23
Joomla! -- Core - Open Redirect vulnerability 2015-10-25
Joomla! -- Core - Remote File Execution/Denial of Service vulnerabilities 2015-10-25
Joomla! -- Core - SQL Injection/ACL Violation vulnerabilities 2015-10-25
Joomla! -- Core - Unauthorized Login vulnerability 2015-10-25
Joomla! -- Core - XSS Vulnerability 2015-10-25
Joomla! -- Core - XSS Vulnerability 2015-10-25
Joomla! -- Core XSS Vulnerabilities 2013-12-04
Joomla! -- multiple vulnerabilities 2016-12-22
Joomla! -- multiple vulnerabilities 2016-12-22
Joomla! -- multiple vulnerabilities 2016-12-22
Joomla! -- multiple vulnerabilities 2016-12-22
Joomla! -- XXS and DDoS vulnerabilities 2013-04-27
joomla15 -- com_mailto Timeout Issue 2009-08-07
Joomla3 -- SQL Injection 2017-05-18
joomla3 -- vulnerabilitiesw 2018-09-15
joomla3 -- vulnerabilitiesw 2019-01-20
jose -- DoS vulnerability 2024-04-11
jpgraph2 -- XSS vulnerability 2016-03-13
json-c -- integer overflow and out-of-bounds write via a large JSON file 2020-05-14
junkbuster -- heap corruption vulnerability and configuration modification vulnerability 2005-04-22
Jupyter notebook -- cross-site inclusion (XSSI) vulnerability 2019-03-16
jupyter notebook -- open redirect vulnerability 2020-11-08
Jupyter notebook -- open redirect vulnerability 2019-03-29
Jupyter Notebook -- vulnerability 2018-03-19
kaffeine -- buffer overflow vulnerability 2006-04-07
kafka -- Denial Of Service vulnerability 2023-02-04
kamailio - buffer overflow 2018-05-06
kamailio -- SEAS Module Heap overflow 2016-03-19
kaminari -- potential XSS vulnerability 2020-05-28
Kanboard -- Clipboard based cross-site scripting (blocked with default CSP) in Kanboard 2023-05-30
kanboard -- multiple privilege escalation vulnerabilities 2017-08-26
Kanboard -- Multiple vulnerabilities 2023-06-06
kanboard -- Project Takeover via IDOR in ProjectPermissionController 2024-06-07
kauth: Local privilege escalation 2017-05-10
KDE -- multiple vulnerabilities 2009-11-02
KDE Frameworks -- malicious .desktop files execute code 2019-08-09
kde-runtime -- incorrect CBC encryption handling 2015-01-14
kde-runtime -- kdesu: displayed command truncated by unicode string terminator 2017-03-11
kde-workspace -- privilege escalation 2014-11-17
kdebase -- Kate backup file permission leak 2005-07-18
kdeconnect -- packet manipulation can be exploited in a Denial of Service attack 2020-10-04
kdelibs -- directory traversal vulnerability 2016-08-27
kdelibs -- insecure temporary file creation 2005-02-18
kdelibs -- integer overflow in khtml 2006-10-22
kdelibs -- KAuth PID Reuse Flaw 2014-07-31
kdelibs -- kimgio input validation errors 2005-04-22
kdelibs -- konqueror cross-domain cookie injection 2004-08-26
kdelibs -- local DCOP denial of service vulnerability 2005-03-21
kdelibs insecure temporary file handling 2004-08-12
kdelibs3 -- konqueror FTP command injection vulnerability 2005-01-01
kdelibs4 -- KMail/KIO POP3 SSL Man-in-the-middle Flaw 2014-07-16
kdelibs4, rekonq -- input validation failure 2011-10-23
kdepim exploitable buffer overflow in VCF reader 2004-04-15
kdepimlibs -- directory traversal on KTNEF 2017-03-11
kdeutils4 -- Directory traversal vulnerability 2011-11-14
kdewebdev -- kommander untrusted code execution vulnerability 2005-04-23
KDM -- local privilege escalation vulnerability 2010-04-14
kdm -- passwordless login vulnerability 2007-09-19
kea -- unexpected termination while handling a malformed packet 2016-01-04
KeePassX -- information disclosure 2015-12-08
kernel -- information disclosure when using HTT 2005-05-13
kernel -- ipfw packet matching errors with address tables 2005-06-29
kernel -- TCP connection stall denial of service 2005-06-29
keycloak -- Missing server identity checks when sending mails via SMTPS 2024-10-31
kf5-kauth -- Insecure handling of arguments in helpers 2019-02-10
kibana4 -- CSRF vulnerability 2015-11-22
kibana4 -- XSS vulnerability 2016-01-13
kio-extras -- HTML Thumbnailer automatic remote file access 2018-11-12
kio: Information Leak when accessing https when using a malicious PAC file 2017-03-11
konquerer -- address bar spoofing 2007-09-19
konqueror -- Password Disclosure for SMB Shares 2004-12-12
konversation -- crash in IRC message parsing 2017-11-12
Konversation -- out-of-bounds read on a heap-allocated array 2014-11-05
konversation -- shell script command injection 2005-01-19
kpdf -- heap based buffer overflow 2006-02-15
kpopup -- local root exploit and local denial of service 2006-02-07
kramdown -- template option vulnerability 2020-07-08
krb5 -- ASN.1 decoder denial-of-service vulnerability 2004-08-31
krb5 -- client impersonation vulnerability 2010-12-09
krb5 -- Double-free in KDC TGS processing 2023-08-14
krb5 -- double-free vulnerabilities 2004-08-31
krb5 -- heap buffer overflow vulnerability in libkadm5srv 2004-12-21
krb5 -- Integer overflow vulnerabilities in PAC parsing 2022-11-15
krb5 -- KDC denial of service vulnerability 2016-07-21
krb5 -- KDC double free vulnerability 2010-04-21
krb5 -- KDC null pointer dereference in TGS handling 2011-12-14
krb5 -- MITKRB5-SA-2011-001, kpropd denial of service 2011-04-14
krb5 -- MITKRB5-SA-2011-002, KDC vulnerable to hang when using LDAP back end 2011-04-14
krb5 -- MITKRB5-SA-2011-003, KDC vulnerable to double-free when PKINIT enabled 2011-04-14
krb5 -- MITKRB5-SA-2011-004, kadmind invalid pointer free() [CVE-2011-0285] 2011-04-14
krb5 -- multiple checksum handling vulnerabilities 2010-12-09
krb5 -- multiple checksum handling vulnerabilities 2010-12-09
krb5 -- multiple denial of service vulnerabilities 2010-04-19
krb5 -- Multiple vulnerabilities 2017-10-18
krb5 -- null pointer dereference in the KDC PKINIT code [CVE-2013-1415] 2013-02-22
krb5 -- remote denial of service vulnerability 2010-04-18
krb5 -- requires_preauth bypass in PKINIT-enabled KDC 2015-05-28
krb5 -- RFC 3961 key-derivation checksum handling vulnerability 2010-12-09
krb5 -- UDP ping-pong vulnerability in the kpasswd (password changing) service. [CVE-2002-2443] 2013-06-03
krb5 -- unkeyed PAC checksum handling vulnerability 2010-12-09
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092 2015-02-04
krb5 -- Vulnerabilities in kadmind, libgssrpc, gss_process_context_token VU#540092 2015-02-12
krb5 1.11 -- New release/fix multiple vulnerabilities 2015-02-25
krb5 1.12 -- New release/fix multiple vulnerabilities 2015-02-21
krb5-appl -- telnetd code execution vulnerability 2011-12-26
krfb -- Multiple security issues in bundled libvncserver 2014-09-25
krfb -- Possible Denial of Service or code execution via integer overflow 2014-08-03
kronolith -- arbitrary local file inclusion vulnerability 2006-11-30
kronolith -- Cross site scripting vulnerabilities in several of the calendar name and event data fields 2005-12-11
ksh93 -- certain environment variables interpreted as arithmetic expressions on startup, leading to code injection 2020-02-07
kstars -- exploitable set-user-ID application fliccd 2005-06-17
ktorrent -- multiple vulnerabilities 2007-03-11
Kubectl -- Potential directory traversal 2019-04-01
kvirc -- multiple vulnerabilities 2010-06-30
KWallet-PAM -- Access to privileged files 2018-05-04
kwebkitpart, kde-runtime -- insufficient input validation 2014-11-20
L2TP, ISAKMP, and RADIUS parsing vulnerabilities in tcpdump 2004-01-19
lasso -- signature checking failure 2021-06-01
lbreakout2 vulnerability in environment variable handling 2004-02-25
lcms2 -- Null Pointer Dereference Denial of Service Vulnerability 2013-08-15
ldapscripts -- Command Line User Credentials Disclosure 2007-10-23
leafnode -- denial of service vulnerability 2005-06-09
leafnode -- fetchnews denial-of-service triggered by transmission abort/timeout 2005-05-13
leafnode denial-of-service triggered by article request 2004-05-21
leafnode fetchnews denial-of-service triggered by missing header 2004-05-21
leafnode fetchnews denial-of-service triggered by truncated transmission 2004-05-21
ledger -- multiple vulnerabilities 2017-09-26
lftp -- multiple HTTP client download filename vulnerability 2010-09-03
lftp HTML parsing vulnerability 2003-12-12
lha -- numerous vulnerabilities when extracting archives 2004-09-23
lha buffer overflows and path traversal issues 2004-05-02
libadplug -- Various vulnerabilities 2020-06-10
libarchive -- Infinite loop in corrupt archives handling in libarchive 2007-02-26
libarchive -- multiple vulnerabilities 2016-01-18
libarchive -- multiple vulnerabilities 2016-06-23
libarchive -- RCE vulnerability 2016-05-09
libaudiofile -- heap-based overflow in Microsoft ADPCM compression module 2014-04-11
libav -- divide by zero 2015-07-16
libbson -- Denial of Service 2017-09-26
libcdaudio -- remote buffer overflow and code execution 2009-01-11
libcloud -- possible SSL MITM due to invalid regexp used to validate target server hostname 2012-08-11
libcue -- out-of-bounds array access 2023-10-14
libde256 -- multiple vulnerabilities 2023-02-21
libdwarf -- multiple vulnerabilities 2017-01-09
libebml -- multiple vulnerabilities 2017-02-04
libetpan -- null dereference vulnerability in MIME parsing component 2017-05-09
libevent -- integer overflow in evbuffers 2015-01-11
libevent -- multiple vulnerabilities 2017-04-19
libexif -- buffer overflow vulnerability 2005-03-08
libexif -- multiple remote vulnerabilities 2013-03-13
libexif -- multiple vulnerabilities 2020-10-05
libexif -- privilege escalation 2020-02-11
libgadu -- multiple vulnerabilities 2005-08-12
libgcrypt -- ECDSA timing attack 2019-09-02
libgcrypt -- side-channel attack on ECDH 2016-02-16
libgcrypt -- side-channel attack on RSA secret keys 2017-06-30
libgcrypt -- side-channel attack vulnerability 2018-06-13
libgcrypt -- side-channel attack vulnerability 2017-08-30
libgd -- Denial of servica via double free 2017-09-26
libgd -- integer overflow which could lead to heap buffer overflow 2016-10-11
Libgit2 -- Fixing insufficient validation of submodule names 2018-06-05
Libgit2 -- multiple vulnerabilities 2024-02-08
Libgit2 -- multiple vulnerabilities 2018-07-11
Libgit2 -- multiple vulnerabilities 2019-08-18
Libgit2 -- multiple vulnerabilities 2018-10-15
libidn -- multiple vulnerabilities 2016-07-31
libidn -- out-of-bounds read issue with invalid UTF-8 input 2015-07-23
libidn2 -- roundtrip check vulnerability 2019-11-18
libjpeg-turbo -- heap-based buffer overflow 2012-07-18
libjpeg-turbo -- Issue in the PPM reader causing a buffer overrun in cjpeg, TJBench, or the tjLoadImage() function. 2020-10-10
libksba -- local denial of service vulnerabilities 2016-05-03
libmad -- multiple vulnerabilities 2019-11-13
libmms -- stack-based buffer overflow 2006-09-22
libmspack -- frame_end overflow which could cause infinite loop 2015-05-31
libmspack -- infinite loop denial of service 2010-07-30
libmusicbrainz -- multiple buffer overflow vulnerabilities 2006-12-02
libmysoft -- Heap-based buffer overflow vulnerability 2022-02-20
libntlm -- buffer overflow vulnerability 2020-04-21
libofx -- exploitable buffer overflow 2017-09-27
libotr -- buffer overflows 2012-08-18
libotr -- integer overflow 2016-03-09
libpano13 -- arbitrary memory access through format string vulnerability 2021-09-07
libpgf -- use-after-free 2015-08-20
libpng buffer overflow in png_set_PLTE 2015-11-15
libpng denial-of-service 2004-05-02
libpng stack-based buffer overflow and other code concerns 2004-08-04
libproxy -- stack-based buffer overflow 2016-01-17
libpurple -- Invalid memory dereference in the XMPP protocol plug-in by processing serie of specially-crafted file transfer requests 2012-05-12
libpurple -- multiple vulnerabilities 2013-03-10
libpurple -- Remote DoS via an MSN OIM message that lacks UTF-8 encoding 2012-04-01
libpurple/pidgin -- multiple vulnerabilities 2014-10-24
libqb -- Buffer overflow 2024-11-04
libraw -- buffer overflow 2017-09-26
libraw -- denial of service and remote code execution 2017-09-26
libraw -- index overflow in smal_decode_segment 2015-12-07
libraw -- memory objects not properly initialized 2015-12-07
libraw -- multiple DoS vulnerabilities 2018-02-15
libraw -- multiple DoS vulnerabilities 2018-02-15
libraw -- Out-of-bounds Read 2017-09-28
librecad -- out-of-bounds read in importshp plugin 2023-07-10
LibreOffice -- Remote arbitrary file disclosure vulnerability via WEBSERVICE formula 2018-02-23
libreoffice -- use-after-free vulnerability 2016-07-15
LibreOffice Security Advisory 2020-06-12
LibreSSL -- Arbitrary memory read 2023-02-08
LibreSSL -- DTLS vulnerability 2015-01-22
LibreSSL -- Memory leak and buffer overflow 2015-10-16
LibreSSL -- NULL pointer dereference 2020-12-11
libressl -- NULL pointer dereference 2015-12-08
LibreSSL -- TLS verification vulnerability 2017-04-28
LibreSSL -- use-after-free 2021-03-16
librewolf -- Undefined behavior in selection node cache 2024-10-30
librsvg2 -- denial of service vulnerability 2015-12-22
librsvg2 -- denial of service vulnerability 2015-12-22
librsvg2 -- multiple vulnerabilities 2020-03-02
librsync -- collision vulnerability 2016-01-08
libsamplerate -- multiple vulnerabilities 2017-04-20
libsndfile -- CAF processing integer overflow vulnerability 2009-03-16
libsndfile -- multiple vulnerabilities 2018-03-01
libsndfile -- multiple vulnerabilities 2009-05-30
libsndfile -- multiple vulnerabilities 2017-04-20
libsndfile -- out-of-bounds read memory access 2020-07-28
libsndfile -- out-of-bounds read memory access 2018-03-01
libsndfile -- out-of-bounds reads 2018-03-01
libsndfile -- PAF file processing integer overflow 2011-09-12
libsndfile_project -- Integer overflow in dataend calculation 2023-11-08
libsoup -- stack based buffer overflow 2017-08-17
libsoup -- unintentionally allow access to entire local filesystem 2011-07-28
libspf2 -- Buffer overflow 2008-10-27
libspf2 -- Integer Underflow Remote Code Execution 2023-10-04
libsrtp -- DoS via crafted RTP header vulnerability 2016-02-21
libssh -- authentication bypass vulnerability 2018-10-17
libssh -- null pointer dereference 2015-05-10
libssh -- possible heap-buffer overflow vulnerability 2021-09-21
libssh -- PRNG state reuse on forking servers 2014-10-29
libssh -- Unsanitized location in scp could lead to unwanted command execution 2020-02-02
libssh -- weak Diffie-Hellman secret generation 2016-03-05
libssh2 -- denial of service vulnerability 2015-09-22
libssh2 -- multiple issues 2019-04-18
libtasn1 -- ASN.1 length decoding vulnerability 2012-03-21
libtasn1 -- denial of service parsing malicious DER certificates 2016-04-21
libtasn1 -- stack-based buffer overflow in asn1_der_decoding 2015-04-22
libtiff -- Improper Input Validation 2017-10-10
libtomcrypt -- weak signature scheme with ECC keys 2006-02-16
libtool -- Library Search Path Privilege Escalation Issue 2009-11-28
libtorrent -- remote DoS 2018-02-10
libtorrent-rasterbar -- denial of service 2016-06-30
libtremor -- memory corruption 2015-08-25
libtremor -- multiple vulnerabilities 2015-08-25
libutp -- remote denial of service or arbitrary code execution 2014-12-29
libuv -- incorrect revocation order while relinquishing privileges 2015-03-24
libvirt -- ACL bypass using ../ to access beyond storage pool 2015-12-20
libvncserver -- memory corruption 2015-09-08
libvncserver -- multiple buffer overflows 2017-01-09
libvncserver -- multiple security vulnerabilities 2016-10-11
libvorbis -- Multiple memory corruption flaws 2007-07-26
libvorbis -- multiple vulnerabilities 2018-03-16
libvorbis -- multiple vulnerabilities 2009-11-24
libvorbis -- two vulnerabilities 2020-06-28
libvorbis -- various security issues 2008-05-17
libvpx -- buffer overflow in vp9_init_context_buffers 2015-11-10
libvpx -- multiple buffer overflows 2015-08-11
libvpx -- out-of-bounds write 2015-08-12
libwebp heap buffer overflow 2023-09-20
libwmf -- embedded GD library Use-After-Free vulnerability 2009-05-16
libwmf -- integer overflow vulnerability 2009-05-16
libwmf -- multiple vulnerabilities 2015-07-15
libwww -- multiple vulnerabilities 2016-11-29
libX11 -- Arbitrary code execution 2021-06-01
libX11 -- Doublefree in locale handlng code 2020-08-25
libX11 -- Heap corruption in the X input method client in libX11 2020-08-01
libX11 -- Multiple vulnerabilities 2018-08-22
libX11 -- Sub-object overflows 2023-06-16
libXcursor -- integer overflow that can lead to heap buffer overflow 2017-12-17
libXdmcp -- insufficient entropy generating session keys 2019-03-21
libXfont -- BDF parsing issues 2015-03-18
libXfont -- multiple memory leaks 2017-12-17
libXfont -- permission bypass when opening files through symlinks 2017-12-17
libXfont -- possible local privilege escalation 2011-08-11
libXfont -- Stack buffer overflow in parsing of BDF font files in libXfont 2014-01-08
libXfont -- X Font Service Protocol and Font metadata file handling issues 2014-05-13
libxine -- array index vulnerability 2008-04-24
libxine -- buffer overflow vulnerability 2008-01-19
libxine -- buffer overflow vulnerability 2008-02-26
libxine -- buffer overflow vulnerability 2008-01-29
libxine -- buffer overflow vulnerability 2006-06-11
libxine -- buffer-overflow vulnerability in aiff support 2004-12-29
libxine -- denial of service vulnerability 2008-10-19
libxine -- DVD subpicture decoder heap overflow 2005-01-12
libxine -- format string vulnerability 2005-10-09
libxine -- multiple buffer overflow vulnerabilities 2006-12-07
libxine -- multiple buffer overflows in RTSP 2005-01-12
libxine -- multiple vulnerabilities 2009-05-17
libxine -- multiple vulnerabilities 2009-05-17
libxine -- multiple vulnerabilities in VideoCD handling 2005-01-12
libxml -- Integer overflow 2011-11-10
libxml -- Multiple use-after-free vulnerabilities 2011-11-10
libxml -- multiple vulnerabilities 2020-09-22
libxml -- remote buffer overflows 2004-11-09
libxml -- Stack consumption vulnerability 2011-11-10
libxml2 -- An off-by-one out-of-bounds write by XPointer 2012-05-18
libxml2 -- cpu consumption Dos 2013-03-29
libxml2 -- Denial of service 2014-10-18
libxml2 -- Enforce the reader to run in constant memory 2015-07-01
libxml2 -- entity substitution DoS 2014-05-06
libxml2 -- heap buffer overflow 2012-02-27
libxml2 -- lack of end-of-document check DoS 2013-07-10
libxml2 -- Multiple Issues 2017-12-13
libxml2 -- multiple vulnerabilities 2023-04-16
libxml2 -- multiple vulnerabilities 2016-08-28
libxml2 -- multiple vulnerabilities 2015-11-20
libxml2 -- multiple vulnerabilities 2008-11-19
libxml2 -- Possible denial of service 2021-05-23
libxml2 -- two vulnerabilities 2008-10-15
libxml2 stack buffer overflow in URI parsing 2004-02-25
libXpm -- Issues handling XPM files 2023-03-23
libxslt -- Denial of Service 2016-06-20
libxslt -- DoS vulnerability due to type confusing error 2015-11-20
libxslt -- security framework bypass 2019-07-16
libyaml heap overflow resulting in possible code execution 2014-02-01
LibYAML input sanitization errors 2014-03-26
libzip -- denial of service 2017-09-27
libzip -- integer overflow 2015-03-28
libzmq4 -- Denial of Service 2021-05-25
libzmq4 -- Remote Code Execution Vulnerability 2019-01-26
libzmq4 -- Stack overflow 2021-05-25
libzmq4 -- V3 protocol handler vulnerable to downgrade attacks 2015-06-10
libzrtpcpp -- multiple security vulnerabilities 2013-07-11
lifetype -- ADOdb "server.php" Insecure Test Script Security Issue 2006-04-27
lighttpd - multiple vulnerabilities 2016-08-03
lighttpd - use-after-free vulnerabilities 2018-11-09
lighttpd -- denial of service vulnerability 2010-02-16
lighttpd -- DOS when access files with mtime 0 2007-04-14
lighttpd -- FastCGI header overrun in mod_fastcgi 2007-09-10
lighttpd -- Log injection vulnerability in mod_auth 2015-08-10
lighttpd -- multiple vulnerabilities 2014-02-14
lighttpd -- multiple vulnerabilities 2007-07-21
lighttpd -- multiple vulnerabilities 2008-09-27
lighttpd -- OpenSSL Error Queue Denial of Service Vulnerability 2008-04-13
lighttpd -- Remote DOS in CRLF parsing 2007-04-14
lighttpd -- remote DoS in header parsing 2012-11-21
lighttpd -- remote DoS in HTTP authentication 2011-12-28
lighttpd -- script source disclosure vulnerability 2005-03-01
links -- denial of service 2018-08-23
Linux binary compatibility mode input validation error 2004-06-30
linux-flashplugin -- arbitrary code execution vulnerability 2006-03-15
linux-flashplugin -- critical vulnerabilities 2007-07-18
linux-flashplugin -- cross-site scripting vulnerability 2011-06-08
linux-flashplugin -- multiple vulnerabilities 2014-01-24
linux-flashplugin -- multiple vulnerabilities 2009-12-09
linux-flashplugin -- multiple vulnerabilities 2010-02-13
linux-flashplugin -- multiple vulnerabilities 2013-06-14
linux-flashplugin -- multiple vulnerabilities 2011-05-23
linux-flashplugin -- multiple vulnerabilities 2012-12-14
linux-flashplugin -- multiple vulnerabilities 2013-04-10
linux-flashplugin -- multiple vulnerabilities 2013-02-08
linux-flashplugin -- multiple vulnerabilities 2012-11-02
linux-flashplugin -- multiple vulnerabilities 2010-11-06
linux-flashplugin -- multiple vulnerabilities 2013-05-16
linux-flashplugin -- multiple vulnerabilities 2012-03-09
linux-flashplugin -- multiple vulnerabilities 2011-09-22
linux-flashplugin -- multiple vulnerabilities 2014-05-26
linux-flashplugin -- multiple vulnerabilities 2013-07-15
linux-flashplugin -- multiple vulnerabilities 2012-11-02
linux-flashplugin -- multiple vulnerabilities 2011-08-10
linux-flashplugin -- multiple vulnerabilities 2010-08-13
linux-flashplugin -- multiple vulnerabilities 2014-02-04
linux-flashplugin -- multiple vulnerabilities 2013-09-13
linux-flashplugin -- multiple vulnerabilities 2008-10-17
linux-flashplugin -- multiple vulnerabilities 2012-06-09
linux-flashplugin -- multiple vulnerabilities 2011-02-11
linux-flashplugin -- multiple vulnerabilities 2008-01-03
linux-flashplugin -- multiple vulnerabilities 2011-11-11
linux-flashplugin -- multiple vulnerabilities 2010-06-14
linux-flashplugin -- multiple vulnerabilities 2013-02-27
linux-flashplugin -- multiple vulnerabilities 2012-04-10
linux-flashplugin -- multiple vulnerabilities 2013-03-12
linux-flashplugin -- multiple vulnerabilities 2012-02-27
linux-flashplugin -- multiple vulnerabilities 2013-11-12
linux-flashplugin -- remote code execution 2010-09-22
linux-flashplugin -- remote code execution vulnerability 2011-04-17
linux-flashplugin -- remote code execution vulnerability 2011-06-15
linux-flashplugin -- remote code execution vulnerability 2011-03-24
linux-flashplugin -- unspecified remote code execution vulnerability 2008-05-30
linux-flashplugin7 -- arbitrary code execution vulnerabilities 2006-09-12
linux-realplayer -- buffer overrun 2006-03-27
linux-realplayer -- heap overflow 2006-03-27
linux-realplayer -- multiple vulnerabilities 2008-01-04
linux-realplayer -- RealText parsing heap overflow 2005-06-24
linux_base -- vulnerabilities in Red Hat 7.1 libraries 2005-06-01
liveMedia -- DoS vulnerability 2007-12-08
liveMedia -- potential remote code execution 2018-10-28
lives -- insecure files permissions 2016-11-12
lizard -- Negative size passed to memcpy resulting in memory corruption 2024-01-31
lldpd -- Buffer overflow/Denial of service 2015-10-26
logstash -- Directory traversal vulnerability in the file output plugin 2015-06-24
logstash -- password disclosure vulnerability 2016-04-28
logstash -- Remote command execution in Logstash zabbix and nagios_nsca outputs 2015-06-24
logstash -- SSL/TLS vulnerability with Lumberjack input 2015-07-27
logstash-forwarder and logstash -- susceptibility to POODLE vulnerability 2015-06-24
Loofah -- XSS vulnerability 2018-03-20
Loofah -- XSS vulnerability 2019-10-23
Loofah -- XSS vulnerability 2018-11-01
lrzsz -- Integer overflow in zmodem, crash and information leak 2024-11-08
lsh -- multiple vulnerabilities 2007-09-05
lshell -- Multiple security issues 2018-07-27
lshell -- Shell autocomplete reveals forbidden directories 2018-07-27
lxr -- multiple XSS vulnerabilities 2010-05-05
lynx -- multiple vulnerabilities 2017-01-09
lynx -- remote buffer overflow 2005-10-30
lynx -- SSL certificate validation error 2021-08-14
LZO -- potential buffer overrun when processing malicious input data 2014-06-26
Machine-in-the-middle response injection attack when using STARTTLS with IMAP, POP3, and SMTP 2020-06-24
Macromedia flash player -- swf file handling arbitrary code 2005-11-13
magento -- multiple vulnerabilities 2015-10-14
mahara -- sql injection vulnerability 2010-04-18
mail-notification -- denial-of-service vulnerability 2004-10-12
mail/dovecot -- multiple vulnerabilities 2021-01-04
mail/dovecot -- multiple vulnerabilities 2020-08-13
mail/dovecot -- Suitable client certificate can be used to login as other user 2019-02-05
mail/sympa* -- Multiple vulnerabilities in Sympa archive management 2012-06-05
mail/trojita -- may leak mail contents (not user credentials) over unencrypted connection 2014-03-23
mailman -- 2.1.37 fixes XSS via user options, and moderator offline brute-force vuln against list admin password 2021-11-13
mailman -- arbitrary content injection vulnerability via options or private archive login pages 2020-05-07
mailman -- brute-force vuln on list admin password, and CSRF vuln in releases before 2.1.35 2021-10-20
mailman -- content spoofing with invalid list names in web UI 2018-07-31
Mailman -- Cross-site scripting (XSS) vulnerability in the web UI 2018-02-08
Mailman -- cross-site scripting in web interface 2010-11-03
mailman -- CSRF hardening in parts of the web interface 2016-09-06
mailman -- CSRF protection enhancements 2016-08-29
mailman -- directory traversal vulnerability 2005-02-12
mailman -- generated passwords are poor quality 2005-06-01
mailman -- hardening against malicious listowners injecting evil HTML scripts 2018-06-25
mailman -- Multiple Vulnerabilities 2006-09-04
mailman -- password disclosure 2005-06-01
mailman -- path traversal vulnerability 2015-04-09
mailman -- Private Archive Script Cross-Site Scripting 2006-04-16
mailman -- script insertion vulnerability 2008-04-25
mailman -- XSS vulnerability 2011-03-10
mailman < 2.1.38 -- CSRF vulnerability of list mod or member against list admin page 2021-12-01
mailman denial-of-service vulnerability in MailCommandHandler 2004-02-25
mailman XSS in admin script 2004-02-25
mailman XSS in create script 2004-02-25
mailman XSS in user options page 2004-02-25
Mailpit -- Content Security Policy XSS 2024-07-26
Mailpit affected by vulnerability in included go markdown module 2023-09-23
malicious URLs can cause git to send a stored credential to wrong server 2020-04-22
malicious URLs may present credentials to wrong server 2020-04-22
mambo -- "register_globals" emulation layer overwrite vulnerability 2005-11-30
mambo -- multiple SQL injection vulnerabilities 2006-10-05
mambo -- multiple vulnerabilities 2005-08-05
mambo -- SQL injection vulnerabilities 2006-07-05
mantis -- "t_core_path" file inclusion vulnerability 2005-12-14
mantis -- "view_filters_page.php" cross site scripting vulnerability 2006-02-16
mantis -- "view_filters_page.php" cross-site scripting vulnerability 2005-12-14
mantis -- information disclosure vulnerability 2015-12-24
mantis -- multiple vulnerabilities 2020-11-14
mantis -- multiple vulnerabilities 2024-01-06
mantis -- multiple vulnerabilities 2008-12-06
mantis -- multiple vulnerabilities 2012-06-12
mantis -- multiple vulnerabilities 2023-03-08
mantis -- multiple vulnerabilities 2021-03-10
mantis -- multiple vulnerabilities 2021-07-09
mantis -- multiple vulnerabilities 2018-07-29
mantis -- multiple vulnerabilities 2019-09-27
mantis -- php code execution vulnerability 2008-12-06
mantis -- session hijacking vulnerability 2008-11-22
mantis -- XSS vulnerability 2018-09-25
mantis -- XSS vulnerability 2017-02-04
many out-of-sequence TCP packets denial-of-service 2004-04-07
maradns -- CNAME record resource rotation denial of service 2008-01-10
maradns -- denial of service when resolving a long DNS hostname 2011-01-31
MariaDB -- Denial-of-Service vulnerability 2023-11-26
MariaDB -- Multiple vulnerabilities 2022-08-25
MariaDB -- Multiple vulnerabilities 2022-02-10
MariaDB -- Multiple vulnerabilities 2022-02-18
MariaDB -- Multiple vulnerabilities 2022-05-23
MariaDB -- Nullpointer dereference 2023-05-28
MariaDB -- Undisclosed vulnerability 2020-10-18
MariaDB -- unspecified vulnerability 2017-12-23
MariaDB -- Vulnerability in C API 2020-02-02
mat2 -- directory traversal/arbitrary file read during ZIP file processing 2022-07-10
mathopd -- directory traversal vulnerability 2012-02-03
Mathopd buffer overflow 2003-12-12
matomo -- XSS vulnerability 2018-10-19
Matrix clients -- Prototype pollution in matrix-js-sdk 2023-03-29
Matrix clients -- several vulnerabilities 2021-09-13
Matrix clients -- several vulnerabilities 2022-09-28
Matrix clients -- several vulnerabilities 2021-12-13
Matrix clients -- several vulnerabilities 2022-08-31
mbed TLS (PolarSSL) -- multiple vulnerabilities 2018-04-23
mbed TLS (PolarSSL) -- multiple vulnerabilities 2017-03-12
mbed TLS (PolarSSL) -- remote code execution 2018-03-10
Mbed TLS -- Cache attack against RSA key import in SGX 2020-02-24
Mbed TLS -- Local side channel attack on classical CBC decryption in (D)TLS 2020-09-06
Mbed TLS -- Local side channel attack on RSA and static Diffie-Hellman 2020-09-06
Mbed TLS -- Local timing attack on RSA decryption 2018-12-14
mbed TLS -- plaintext recovery vulnerabilities 2018-08-10
Mbed TLS -- Potential double-free after an out of memory error 2021-12-30
Mbed TLS -- Side channel attack on deterministic ECDSA 2019-09-19
Mbed TLS -- Side channel attack on ECDSA 2020-02-24
Mbed TLS -- Side channel attack on ECDSA 2020-04-15
Mbed TLS -- Side-channel attack on ECC key import and validation 2020-07-07
mbedTLS/PolarSSL -- DoS and possible remote code execution 2015-10-15
mbedTLS/PolarSSL -- multiple vulnerabilities 2015-10-06
mbedTLS/PolarSSL -- multiple vulnerabilities 2015-10-06
mbedTLS/PolarSSL -- SLOTH attack on TLS 1.2 server authentication 2016-01-07
mc -- multiple vulnerabilities 2005-01-21
mcollective -- cert valication issue 2014-07-21
mcpp -- Heap-based buffer overflow 2024-08-23
mcweject -- exploitable buffer overflow 2007-04-08
md4c -- DoS attack 2024-08-23
mdbook -- XSS in mdBook's search page 2021-04-15
mDNSResponder -- corrupted stack crash when parsing bad resolv.conf 2010-06-27
mediawiki -- authenticated CSRF vulnerability 2010-05-05
mediawiki -- Clickjacking vulnerabilities 2011-01-06
mediawiki -- cross site scripting vulnerability 2007-09-21
mediawiki -- cross site scripting vulnerability 2006-04-05
mediawiki -- hardcoded placeholder string security bypass vulnerability 2006-04-05
mediawiki -- multiple vulnerabilities 2023-04-01
mediawiki -- multiple vulnerabilities 2011-02-09
mediawiki -- multiple vulnerabilities 2022-12-29
mediawiki -- multiple vulnerabilities 2020-03-27
mediawiki -- multiple vulnerabilities 2012-09-01
mediawiki -- multiple vulnerabilities 2022-07-03
mediawiki -- multiple vulnerabilities 2022-10-02
mediawiki -- multiple vulnerabilities 2021-12-21
mediawiki -- multiple vulnerabilities 2018-09-22
mediawiki -- multiple vulnerabilities 2017-11-19
mediawiki -- multiple vulnerabilities 2024-03-31
mediawiki -- multiple vulnerabilities 2022-04-04
mediawiki -- multiple vulnerabilities 2019-11-03
mediawiki -- multiple vulnerabilities 2015-12-24
mediawiki -- multiple vulnerabilities 2008-12-19
mediawiki -- multiple vulnerabilities 2015-08-14
mediawiki -- multiple vulnerabilities 2015-10-23
mediawiki -- multiple vulnerabilities 2023-07-01
mediawiki -- multiple vulnerabilities 2023-10-02
mediawiki -- multiple vulnerabilities 2019-07-05
mediawiki -- multiple vulnerabilities 2016-05-24
mediawiki -- multiple vulnerabilities 2011-05-12
mediawiki -- multiple vulnerabilities 2021-10-01
mediawiki -- two security vulnerabilities 2010-06-02
memcached -- memcached stats maps Information Disclosure Weakness 2009-08-17
memcached -- multiple vulnerabilities 2016-11-02
Memory leak bug in Toxcore 2018-10-11
Memory leak in different components 2018-07-24
mencoder -- potential buffer overrun when processing malicious lzo compressed input 2014-06-28
mercurial -- arbitrary code execution vulnerability 2016-05-01
mercurial -- multiple issues 2017-10-16
Mercurial -- multiple vulnerabilities 2017-08-12
mercurial -- multiple vulnerabilities 2016-03-29
messagelib -- HTML email can open browser window automatically 2018-11-28
metamail format string bugs and buffer overflows 2004-02-18
mgetty+sendfax -- symlink attack via insecure temporary files 2008-12-07
Midnight Commander buffer overflow during symlink resolution 2004-04-03
Midnight Commander buffer overflows, format string bugs, and insecure temporary file handling 2004-05-02
milter-bogom -- headerless message crash 2006-01-09
mini_httpd -- buffer overflow via snprintf 2016-01-03
mini_httpd -- disclose arbitrary files is some circumstances 2018-10-26
mini_httpd,thttpd -- Buffer overflow in htpasswd 2018-02-06
minio -- MITM attack 2021-03-17
minio -- policy restriction issue 2021-10-23
minio -- privilege escalation via permissions inheritance 2024-06-05
minio -- Server Side Request Forgery 2021-01-31
minio -- unintentional information disclosure 2024-06-05
MinIO -- unprivileged users can create service accounts for admin users 2023-02-13
minio -- User privilege escalation 2021-12-29
miniupnpc -- buffer overflow 2015-10-14
miniupnpc -- integer signedness error 2017-05-22
mitmproxy -- Insufficient Protection against HTTP Request Smuggling 2022-06-20
mkbold-mkitalic -- format string vulnerability 2005-02-24
mksh -- TTY attachment privilege escalation 2008-04-25
mksnap_ffs clears file system options 2004-04-07
mkvtoolnix -- code execution via specially crafted files 2016-10-09
mnemo -- Cross site scripting vulnerabilities in several of the notepad name and note data fields 2005-12-11
mnGoSearch buffer overflow in UdmDocToTextBuf() 2004-02-15
mod_access_referer -- null pointer dereference vulnerability 2004-12-11
mod_auth_mellon -- Redirect URL validation bypass 2021-09-22
mod_dav -- lock related denial-of-service 2004-09-15
mod_dav_svn -- server crash 2021-02-10
mod_dosevasive -- insecure temporary file creation 2005-01-24
mod_fcgid -- possible heap buffer overwrite 2013-10-10
mod_gnutls -- Infinite Loop on request read timeout 2023-04-15
mod_jk -- information disclosure 2015-08-17
mod_jk -- information disclosure 2007-06-05
mod_jk -- long URL stack overflow vulnerability 2007-03-05
mod_pagespeed -- critical cross-site scripting (XSS) vulnerability 2013-10-28
mod_pagespeed -- multiple vulnerabilities 2012-09-12
mod_perl -- cross-site scripting 2009-05-16
mod_perl -- remote DoS in PATH_INFO parsing 2007-04-24
mod_perl2 -- execute arbitrary Perl code 2019-10-09
mod_pubcookie -- cross site scripting vulnerability 2006-04-05
mod_pubcookie -- Empty Authentication Security Advisory 2011-05-23
mod_python -- information leakage vulnerability 2005-02-13
mod_python denial-of-service vulnerability in parse_qs 2004-03-03
mod_ssl -- SSLCipherSuite bypass 2004-10-23
ModSecurity -- XML External Entity Processing Vulnerability 2013-04-16
ModSecurity for Apache 2.x remote off-by-one overflow 2004-03-17
mohawk -- multiple vulnerabilities 2014-04-30
moinmoin -- ACL group bypass 2004-08-26
moinmoin -- cross-site scripting via RST parser 2012-09-05
MoinMoin -- cross-site scripting vulnerabilities 2011-01-11
moinmoin -- cross-site scripting vulnerabilities 2009-05-16
moinmoin -- multiple cross site scripting vulnerabilities 2009-01-30
moinmoin -- multiple cross site scripting vulnerabilities 2009-05-13
moinmoin -- Multiple vulnerabilities 2013-01-05
moinmoin -- multiple vulnerabilities 2008-02-25
moinmoin -- multiple vulnerabilities 2021-01-18
moinmoin -- superuser privilege escalation 2008-06-14
moinmoin -- wrong processing of group membership 2012-09-05
moinmoin -- XSS vulnerabilities 2017-01-09
MoinMoin administrative group name privilege escalation vulnerability 2004-06-28
mongodb -- Attach IDs to users 2019-09-28
mongodb -- Bump Windows package dependencies 2019-09-30
MongoDB -- Ensure RoleGraph can serialize authentication restrictions to BSON 2020-06-29
mongodb -- Our init scripts check /proc/[pid]/stat should validate that `(${procname})` is the process' command name. 2019-09-30
monitorix -- serious bug in the built-in HTTP server 2013-12-01
monkey -- improper input validation vulnerability 2009-12-21
mono -- "System.CodeDom.Compiler" Insecure Temporary Creation 2006-10-05
mono -- DoS and code execution 2015-12-31
mono -- TLS bugs 2015-03-07
mono -- XML signature HMAC truncation spoofing 2009-07-29
monotone -- remote denial of service in default setup 2010-10-24
moodle -- Login CSRF vulnerability 2018-12-03
moodle -- multiple vulnerabilities 2015-09-18
moodle -- multiple vulnerabilities 2010-04-24
moodle -- multiple vulnerabilities 2016-08-06
moodle -- multiple vulnerabilities 2016-04-03
moodle -- multiple vulnerabilities 2016-07-03
moodle -- multiple vulnerabilities 2016-11-16
moodle -- multiple vulnerabilities 2016-11-16
moodle -- multiple vulnerabilities 2018-03-31
moodle -- multiple vulnerabilities 2018-09-18
moodle -- multiple vulnerabilities 2016-02-28
moodle -- multiple vulnerabilities 2010-06-28
moodle -- multiple vulnerabilities 2015-07-18
moodle -- multiple vulnerabilities 2017-03-18
moodle -- multiple vulnerabilities 2015-11-16
moodle -- multiple vulnerabilities 2017-03-18
moonlight-embedded -- multiple vulnerabilities 2023-10-16
mosquitto -- NULL pointer dereference 2021-07-24
motion -- Denial of Service 2020-10-28
mozilla -- "Wrapped" javascript: urls bypass security checks 2005-05-12
mozilla -- arbitrary code execution vulnerability 2005-02-26
mozilla -- automated file upload 2004-09-22
mozilla -- BMP decoder vulnerabilities 2004-09-28
mozilla -- built-in CA certificates may be overridden 2004-09-22
mozilla -- code execution through javascript: favicons 2005-04-16
mozilla -- code execution via javascript: IconURL vulnerability 2005-05-11
mozilla -- code execution via Quicktime media-link files 2007-09-19
mozilla -- corrupt JIT state after deep return from native function 2009-07-17
mozilla -- data: URL can inherit wrong origin after an HTTP redirect 2016-11-29
mozilla -- heap buffer overflow in GIF image processing 2005-03-24
mozilla -- Heap buffer overflow mixing document.write and DOM insertion 2010-10-28
mozilla -- heap overflow in NNTP handler 2005-01-13
mozilla -- heap-buffer overflow 2012-02-17
mozilla -- hostname spoofing bug 2004-09-30
mozilla -- insecure permissions for some downloaded files 2005-01-18
mozilla -- insecure temporary directory vulnerability 2005-02-26
mozilla -- javascript "lambda" replace exposes memory contents 2005-04-16
mozilla -- multiple heap buffer overflows 2004-09-28
mozilla -- multiple vulnerabilities 2016-09-20
mozilla -- multiple vulnerabilities 2013-04-03
mozilla -- multiple vulnerabilities 2017-06-13
mozilla -- multiple vulnerabilities 2019-06-19
mozilla -- multiple vulnerabilities 2013-01-09
mozilla -- multiple vulnerabilities 2018-01-23
mozilla -- multiple vulnerabilities 2015-05-12
mozilla -- multiple vulnerabilities 2013-08-08
mozilla -- multiple vulnerabilities 2016-12-14
mozilla -- multiple vulnerabilities 2010-03-19
mozilla -- multiple vulnerabilities 2006-07-27
mozilla -- multiple vulnerabilities 2015-02-27
mozilla -- multiple vulnerabilities 2018-09-05
mozilla -- multiple vulnerabilities 2017-04-19
mozilla -- multiple vulnerabilities 2010-02-18
mozilla -- multiple vulnerabilities 2008-12-19
mozilla -- multiple vulnerabilities 2016-02-01
mozilla -- multiple vulnerabilities 2017-12-25
mozilla -- multiple vulnerabilities 2010-12-10
mozilla -- multiple vulnerabilities 2016-06-07
mozilla -- multiple vulnerabilities 2012-06-05
mozilla -- multiple vulnerabilities 2010-03-30
mozilla -- multiple vulnerabilities 2019-07-09
mozilla -- multiple vulnerabilities 2012-03-14
mozilla -- multiple vulnerabilities 2015-11-19
mozilla -- multiple vulnerabilities 2013-10-30
mozilla -- multiple vulnerabilities 2019-09-03
mozilla -- multiple vulnerabilities 2019-03-19
mozilla -- multiple vulnerabilities 2008-09-24
mozilla -- multiple vulnerabilities 2006-09-15
mozilla -- multiple vulnerabilities 2014-02-04
mozilla -- multiple vulnerabilities 2008-03-30
mozilla -- multiple vulnerabilities 2014-10-14
mozilla -- multiple vulnerabilities 2018-10-23
mozilla -- multiple vulnerabilities 2013-02-19
mozilla -- multiple vulnerabilities 2010-07-21
mozilla -- multiple vulnerabilities 2006-04-16
mozilla -- multiple vulnerabilities 2009-04-22
Mozilla -- multiple vulnerabilities 2011-04-29
mozilla -- multiple vulnerabilities 2011-11-08
mozilla -- multiple vulnerabilities 2009-06-12
mozilla -- multiple vulnerabilities 2009-12-16
mozilla -- multiple vulnerabilities 2016-11-16
mozilla -- multiple vulnerabilities 2015-12-15
mozilla -- multiple vulnerabilities 2010-10-20
mozilla -- multiple vulnerabilities 2012-11-20
mozilla -- multiple vulnerabilities 2017-01-24
mozilla -- multiple vulnerabilities 2018-12-11
mozilla -- multiple vulnerabilities 2007-02-24
mozilla -- multiple vulnerabilities 2015-09-22
mozilla -- multiple vulnerabilities 2015-03-22
mozilla -- multiple vulnerabilities 2014-04-29
mozilla -- multiple vulnerabilities 2013-05-15
mozilla -- multiple vulnerabilities 2017-12-05
mozilla -- multiple vulnerabilities 2013-08-18
mozilla -- multiple vulnerabilities 2017-09-29
mozilla -- multiple vulnerabilities 2014-07-23
mozilla -- multiple vulnerabilities 2018-03-16
mozilla -- multiple vulnerabilities 2017-08-08
mozilla -- multiple vulnerabilities 2015-04-04
mozilla -- multiple vulnerabilities 2016-04-26
mozilla -- multiple vulnerabilities 2009-08-04
mozilla -- multiple vulnerabilities 2011-08-16
mozilla -- multiple vulnerabilities 2008-02-22
mozilla -- multiple vulnerabilities 2015-08-07
mozilla -- multiple vulnerabilities 2019-02-13
mozilla -- multiple vulnerabilities 2013-06-26
mozilla -- multiple vulnerabilities 2012-08-30
Mozilla -- multiple vulnerabilities 2011-09-28
mozilla -- multiple vulnerabilities 2014-12-02
mozilla -- multiple vulnerabilities 2015-07-16
mozilla -- multiple vulnerabilities 2010-09-08
mozilla -- multiple vulnerabilities 2008-11-13
mozilla -- multiple vulnerabilities 2019-05-22
mozilla -- multiple vulnerabilities 2018-10-02
mozilla -- multiple vulnerabilities 2012-04-24
Mozilla -- multiple vulnerabilities 2016-09-07
mozilla -- multiple vulnerabilities 2012-10-27
mozilla -- multiple vulnerabilities 2018-03-13
mozilla -- multiple vulnerabilities 2015-03-31
mozilla -- multiple vulnerabilities 2015-08-28
mozilla -- multiple vulnerabilities 2015-08-11
mozilla -- multiple vulnerabilities 2013-12-14
mozilla -- multiple vulnerabilities 2012-10-10
mozilla -- multiple vulnerabilities 2011-03-01
mozilla -- multiple vulnerabilities 2011-06-21
mozilla -- multiple vulnerabilities 2018-06-26
mozilla -- multiple vulnerabilities 2017-03-07
mozilla -- multiple vulnerabilities 2016-10-21
mozilla -- multiple vulnerabilities 2017-11-14
mozilla -- multiple vulnerabilities 2012-02-01
mozilla -- multiple vulnerabilities 2019-01-29
mozilla -- multiple vulnerabilities 2018-05-09
mozilla -- multiple vulnerabilities 2015-01-14
mozilla -- multiple vulnerabilities 2016-03-08
Mozilla -- multiple vulnerabilities 2019-06-21
Mozilla -- multiple vulnerabilities 2019-06-21
mozilla -- multiple vulnerabilities 2012-08-02
mozilla -- multiple vulnerabilities 2014-06-10
mozilla -- multiple vulnerabilities 2010-06-23
Mozilla -- multiple vulnerabilities 2019-06-21
mozilla -- multiple vulnerabilities 2011-12-21
mozilla -- multiple vulnerabilities 2007-07-19
mozilla -- multiple vulnerabilities 2014-03-19
mozilla -- multiple vulnerabilities 2009-10-28
mozilla -- NULL bytes in FTP URLs 2004-09-22
mozilla -- POP client heap overflow 2004-09-14
mozilla -- privilege escalation via DOM property overrides 2005-04-16
mozilla -- privilege escalation via non-DOM property overrides 2005-05-12
mozilla -- scripting vulnerabilities 2004-09-30
mozilla -- security icon spoofing 2004-09-22
mozilla -- SOAPParameter integer overflow 2004-09-14
mozilla -- Speculative execution side-channel attack 2018-01-05
Mozilla -- Stored passwords in 'Saved Logins' can be copied without master password entry 2019-08-28
Mozilla -- SVG Animation Remote Code Execution 2016-12-01
mozilla -- update to HTTPS certificate blacklist 2011-03-24
mozilla -- use-after-free 2015-04-21
mozilla -- use-after-free in compositor 2018-03-27
mozilla -- use-after-free in HTML Editor 2013-03-08
mozilla -- use-after-free in nsXBLDocumentInfo::ReadPrototypeBindings 2012-02-11
mozilla -- users may be lured into bypassing security dialogs 2004-09-30
mozilla -- vCard stack buffer overflow 2004-09-28
Mozilla / Firefox user interface spoofing vulnerability 2004-07-30
Mozilla certificate spoofing 2004-07-30
mozilla firefox -- multiple vulnerabilities 2009-09-10
mozilla firefox -- protocol information guessing 2024-08-10
mozilla products -- spoofing attack 2024-08-19
mozjpeg -- heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PPM input file 2020-10-10
mpack -- Information disclosure 2012-01-26
MPD -- buffer overflows in http output 2017-02-26
MPD5 PPPoE Server remotely exploitable crash 2021-09-09
mpg123 -- buffer overflow in URL handling 2004-10-23
mpg123 -- buffer overflow vulnerability 2005-01-13
mpg123 -- playlist processing buffer overflow vulnerability 2005-01-03
mpg123 buffer overflow 2004-09-14
mpg123 vulnerabilities 2004-03-07
mplayer & libxine -- MMS and Real RTSP buffer overflow vulnerabilities 2005-04-25
mplayer -- buffer overflow in the code for RealMedia RTSP streams. 2007-01-08
mplayer -- cddb stack overflow 2007-06-07
mplayer -- DMO File Parsing Buffer Overflow Vulnerability 2007-03-09
mplayer -- heap overflow in the ASF demuxer 2006-03-09
mplayer -- multiple integer overflows 2008-10-01
mplayer -- Multiple integer overflows 2006-04-07
mplayer -- multiple vulnerabilities 2008-03-06
mplayer -- multiple vulnerabilities 2004-12-21
mplayer -- potential buffer overrun when processing malicious lzo compressed input 2014-06-28
mplayer -- twinvq processing buffer overflow vulnerability 2008-12-30
mplayer -- vulnerability in STR files processor 2009-01-15
mplayer heap overflow in http requests 2004-03-31
mpv -- arbitrary code execution via crafted website 2018-02-09
msmtp -- certificate-verification issue 2019-02-15
MT -- Search Unspecified XSS 2006-10-02
mt-daapd -- denial of service vulnerability 2007-11-12
mt-daapd -- integer overflow 2008-05-02
Multi-link PPP protocol daemon MPD5 remotely exploitable crash 2020-09-06
multiple buffer overflows in xboing 2004-03-05
Multiple exploitable heap-based buffer overflow vulnerabilities exists in FreeXL 1.0.3 2017-10-13
Multiple implementations -- DoS via hash algorithm collision 2012-01-16
Multiple Potential Buffer Overruns in Samba 2004-07-21
Multiple vulnerabilities in Botan 2016-03-31
multiple vulnerabilities in ethereal 2004-07-11
multiple vulnerabilities in ethereal 2004-07-11
multiple vulnerabilities in ethereal 2004-03-26
multiple vulnerabilities in phpBB 2004-03-26
mumble -- multiple vulnerabilities 2014-05-29
mumble -- NULL pointer dereference and heap-based buffer overflow 2014-05-29
mupdf -- multiple vulnerabilities 2016-10-12
mupdf -- Remote System Access 2011-02-10
mustache - Possible Remote Code Execution 2022-01-27
Mutiple browser frame injection vulnerability 2004-08-12
mutt -- authentication credentials being sent over an unencrypted connection 2020-11-20
mutt -- buffer overflow vulnerability 2007-07-29
mutt -- denial of service 2021-01-23
mutt -- denial of service via crafted mail message 2014-12-23
mutt -- denial of service, potential remote code execution 2014-03-14
mutt -- mutt_decode_uuencoded() can read past the of the input line 2022-04-12
mutt -- Remote Buffer Overflow Vulnerability 2006-06-30
mutt -- remote code injection and path traversal vulnerability 2018-07-17
mutt-devel -- failure to check SMTP TLS server certificate 2012-04-06
mutt/neomutt -- multiple vulnerabilities 2018-07-19
mybb -- multible vulnerabilities 2020-07-09
mybb -- multiple vulnerabilities 2018-03-24
mybb -- multiple vulnerabilities 2009-09-30
mybb -- multiple vulnerabilities 2017-12-02
mybb -- multiple vulnerabilities 2017-11-24
mybb -- vulnerabilities 2018-09-11
mybb -- vulnerabilities 2019-06-12
mybb -- vulnerabilities 2019-03-02
mybb -- vulnerabilities 2018-09-13
mybb -- vulnerabilities 2018-07-07
MySQL - Multiple vulnerabilities 2015-11-11
mysql -- ALTER MERGE denial of service vulnerability 2004-12-16
mysql -- command line client input validation vulnerability 2008-10-01
mysql -- database "case-sensitive" privilege escalation 2006-10-29
mysql -- database suid privilege escalation 2006-10-29
mysql -- denial of service vulnerability 2017-03-18
mysql -- empty bit-string literal denial of service 2009-01-11
mysql -- erroneous access restrictions applied to table renames 2004-12-16
mysql -- format string vulnerability 2006-08-13
mysql -- FTS request denial of service vulnerability 2004-12-16
mysql -- GRANT access restriction problem 2004-12-16
mysql -- heap buffer overflow with prepared statements 2004-09-23
MySQL -- Information Disclosure and Buffer Overflow Vulnerabilities 2006-06-01
MySQL -- Multiple vulerabilities 2019-11-02
MySQL -- Multiple vulerabilities 2019-07-22
MySQL -- Multiple vulerabilities 2020-01-15
MySQL -- Multiple vulnerabilities 2021-10-17
MySQL -- Multiple vulnerabilities 2023-10-23
MySQL -- Multiple vulnerabilities 2016-07-21
MySQL -- Multiple vulnerabilities 2023-01-21
MySQL -- Multiple vulnerabilities 2022-04-16
MySQL -- multiple vulnerabilities 2019-04-13
MySQL -- multiple vulnerabilities 2018-10-20
MySQL -- multiple vulnerabilities 2017-07-19
MySQL -- multiple vulnerabilities 2018-01-19
MySQL -- Multiple vulnerabilities 2022-10-30
MySQL -- multiple vulnerabilities 2019-01-27
MySQL -- Multiple vulnerabilities 2020-07-11
MySQL -- Multiple vulnerabilities 2022-07-21
MySQL -- multiple vulnerabilities 2017-01-14
MySQL -- Multiple vulnerabilities 2023-04-22
mysql -- multiple vulnerabilities 2017-01-14
mysql -- multiple vulnerabilities 2017-01-18
MySQL -- multiple vulnerabilities 2017-04-19
MySQL -- Multiple vulnerabilities 2021-07-20
MySQL -- multiple vulnerabilities 2017-10-18
MySQL -- Multiple vulnerabilities 2023-08-17
MySQL -- multiple vulnerabilities 2016-11-01
MySQL -- multiple vulnerabilities 2018-04-21
MySQL -- Multiple vulnerabilities 2022-01-19
MySQL -- Multiple vulnerabilities 2021-04-20
MySQL -- multiple vulnerabilities 2016-04-30
MySQL -- Multiple vulnerabilities 2021-01-23
MySQL -- Multiple vulnerabilities 2024-07-16
MySQL -- multiple vulnerabilities 2018-08-08
MySQL -- Multiple vulnerabilities 2020-10-21
mysql -- MyISAM table privileges security bypass vulnerability 2008-09-10
mysql -- MyISAM table privileges security bypass vulnerability for symlinked paths 2008-12-30
mysql -- mysql_real_connect buffer overflow vulnerability 2004-12-16
mysql -- mysqlhotcopy insecure temporary file creation 2004-08-22
mysql -- privilege escalation and overwrite of the system table information 2009-01-11
mysql -- remote dos via malformed password packet 2009-01-11
mysql -- Remote Root Code Execution 2016-09-13
mysql -- renaming of arbitrary tables by authenticated users 2009-01-11
MySQL -- SQL-injection security vulnerability 2006-06-01
mysql -- SSL Downgrade 2015-07-13
MySQL authentication bypass / buffer overflow 2004-07-05
MySQL Client -- Multiple vulerabilities 2020-04-23
MySQL insecure temporary file creation (mysqlbug) 2004-04-16
MySQL Server -- Multiple vulerabilities 2020-04-23
mysql-scripts -- mysqlaccess insecure temporary file creation 2005-01-16
mysql-server -- insecure temporary file creation 2005-07-09
mysql-server -- multiple remote vulnerabilities 2005-03-14
mysql/mariadb/percona server -- multiple vulnerabilities 2013-02-01
mysql50-server -- COM_TABLE_DUMP arbitrary code execution 2006-05-06
nag -- Cross site scripting vulnerabilities in several of the tasklist name and task data fields 2005-12-11
nagios -- buffer overflow in history.cgi 2013-01-10
nagios -- Command Injection Vulnerability 2009-06-30
Nagios -- Cross Site Scripting Vulnerability 2008-05-28
nagios -- denial of service vulnerability 2014-01-14
nagios -- web interface privilege escalation vulnerability 2009-01-12
nagios-plugins -- Long Location Header Buffer Overflow Vulnerability 2007-10-11
nap allows arbitrary file access 2004-02-12
nas -- multiple vulnerabilities 2014-04-11
nbd-server -- buffer overflow vulnerability 2005-12-22
nbsmtp -- format string vulnerability 2005-08-01
ncurses -- multiple issues 2017-10-11
nebula -- security fix for terrapin vulnerability 2023-12-19
neon -- NULL pointer dereference in Digest domain support 2008-09-12
neon date parsing vulnerability 2004-05-19
neon format string vulnerabilities 2004-04-15
nested filters leads to stack overflow 2020-04-28
net-mgmt/cacti is vulnerable to remote command injection 2023-01-05
net-snmp -- denial of service via GETBULK request 2007-11-13
net-snmp -- DoS for SNMP agent via crafted GETBULK request 2008-11-14
net-snmp -- fixproc insecure temporary file creation 2005-07-09
net-snmp -- Remote DoS 2012-04-27
net-snmp -- remote DoS vulnerability 2005-07-05
net-snmp -- snmp_pdu_parse() function incomplete initialization 2015-07-31
net-snmp -- snmptrapd crash 2015-07-31
net/eternalterminal -- Multiple vulnerabilities 2023-01-23
net/krill -- DoS vulnerability 2023-01-23
net/openafs -- buffer overflow 2013-06-03
net/rsync -- multiple zlib issues 2020-08-16
netatalk -- arbitrary command execution in papd daemon 2009-03-18
netatalk3 -- Multiple vulnerabilities 2024-06-30
netatalk3 -- multiple WolfSSL vulnerabilities 2024-09-09
netatalk3 -- remote code execution vulnerability 2019-06-16
netdata -- multiple vulnerabilities with streaming 2022-12-27
netpbm -- buffer overflow in pnmtopng 2006-04-05
nettle 3.7.2 -- fix serious ECDSA signature verify bug 2021-03-27
newsfetch -- server response buffer overflow vulnerability 2005-02-01
newsgrab -- directory traversal vulnerability 2005-02-01
newsgrab -- insecure file and directory creation 2005-02-01
newspost -- server response buffer overflow vulnerability 2005-02-01
Nextcloud -- multiple vulnerabilities 2020-04-23
Nextcloud -- Password share by mail not hashed 2020-09-19
Nextcloud Calendar -- SMTP Command Injection 2022-04-17
nexus2-oss -- Apache ActiveMQ JMX vulnerability 2021-09-29
nexus2-oss -- Multiple vulerabilities 2019-11-07
nexus2-oss -- NXRM2 Directory Traversal vulnerability 2021-09-29
nfs -- remote denial of service 2006-03-12
nfsen -- remote command execution 2017-01-27
nfsen -- remote command execution 2009-07-03
nghttp2 -- Denial of service due to NULL pointer dereference 2018-04-13
nghttp2 -- DoS vulnerability 2020-06-03
nghttp2 -- multiple vulnerabilities 2019-08-16
nghttp2 -- Out of memory in nghttpd, nghttp, and libnghttp2_asio 2016-02-13
nghttp2 -- use after free 2016-01-29
NGINX -- 1-byte memory overwrite in resolver 2021-05-25
nginx -- a specially crafted request might result in an integer overflow 2017-07-11
nginx -- a specially crafted request might result in worker process crash 2016-05-31
nginx -- Buffer overflow in the ngx_http_mp4_module 2012-04-16
NGINX -- HTTP request smuggling 2020-02-09
nginx -- inject commands into SSL session vulnerability 2014-09-16
nginx -- inject commands into SSL session vulnerability 2014-08-09
nginx -- multiple vulnerabilities 2016-01-30
NGINX -- Multiple vulnerabilities 2019-08-14
NGINX -- Multiple vulnerabilities 2018-11-06
nginx -- multiple vulnerabilities 2013-05-07
nginx -- Multiple Vulnerabilities in HTTP/3 2024-05-29
nginx -- potential information leak 2012-03-15
nginx -- remote denial of service vulnerability 2009-09-14
nginx -- Request line parsing vulnerability 2013-11-19
nginx -- SPDY heap buffer overflow 2014-03-23
nginx -- SPDY memory corruption 2014-03-06
nginx -- Two vulnerabilities 2022-10-19
nginx -- Vulnerability in the ngx_http_mp4_module 2024-08-22
nginx-devel -- Multiple Vulnerabilities in HTTP/3 2024-02-15
nginx-devel -- SPDY heap buffer overflow 2014-03-23
ngircd -- buffer overflow vulnerability 2005-02-13
ngircd -- format string vulnerability 2005-02-13
node -- access to unintended files 2017-10-10
node -- multiple vulnerabilities 2016-03-14
node -- private information disclosure 2012-05-07
node, iojs, and v8 -- denial of service 2015-07-06
Node.js -- April 2021 Security Releases 2021-04-07
node.js -- ares_create_query single byte out of buffer write 2016-10-26
Node.js -- August 2021 Security Releases 2021-09-21
Node.js -- August 2021 Security Releases (2) 2021-09-21
node.js -- Data Confidentiality/Integrity Vulnerability, December 2017 2017-12-14
node.js -- DoS Vulnerability 2013-10-19
Node.js -- February 2021 Security Releases 2021-03-09
Node.js -- January 2021 Security Releases 2021-01-14
Node.js -- January 2022 Security Releases 2022-02-12
Node.js -- July 2021 Security Releases 2021-09-21
Node.js -- July 2021 Security Releases (2) 2021-09-21
Node.js -- July 7th 2022 Security Releases 2022-07-08
Node.js -- June 2020 Security Releases 2020-06-12
Node.js -- multiple vulnerabilities 2019-03-03
node.js -- multiple vulnerabilities 2018-08-25
node.js -- multiple vulnerabilities 2018-06-15
node.js -- multiple vulnerabilities 2017-07-12
node.js -- multiple vulnerabilities 2018-03-28
node.js -- multiple vulnerabilities 2018-12-10
Node.js -- multiple vulnerabilities 2020-03-09
node.js -- multiple vulnerabilities 2016-10-28
Node.js -- multiple vulnerabilities 2019-08-21
Node.js -- November 2020 Security Releases 2020-11-21
Node.js -- October 2021 Security Releases 2021-10-14
Node.js -- remote DOS security vulnerability 2017-10-25
Node.js -- September 2020 Security Releases 2020-09-16
node_exporter -- bypass security with cache poisoning 2023-02-04
NodeJS -- Vulnerabilities 2024-03-01
Nokogiri -- injection vulnerability 2019-08-13
nokogiri -- Security vulnerability 2021-01-22
nomad -- multiple vulnerabilities 2020-11-27
NPM -- Multiple vulnerabilities 2020-06-10
nsd -- buffer overflow vulnerability 2009-05-19
nsd -- Denial of Service 2012-07-27
nsd -- Stack-based Buffer Overflow 2019-08-19
nss -- exploitable buffer overflow in SSLv2 protocol handler 2004-08-27
NSS -- MD5 downgrade in TLS 1.2 signatures 2015-12-28
NSS -- Memory corruption 2021-12-02
NSS -- multiple vulnerabilities 2016-03-08
NSS -- multiple vulnerabilities 2017-04-19
NSS -- multiple vulnerabilities 2016-03-08
NSS -- multiple vulnerabilities 2016-06-07
NSS -- RSA Signature Forgery 2014-09-25
nss -- Use-after-free in TLS 1.2 generating handshake hashes 2017-10-12
nss-pam-ldapd -- file descriptor buffer overflow 2013-02-20
nss/ca_root_nss -- fraudulent certificates issued by DigiNotar.nl 2011-09-03
ntp -- 13 low- and medium-severity vulnerabilities 2015-10-21
ntp -- control message remote Denial of Service vulnerability 2015-06-30
ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet 2019-03-07
ntp -- denial of service vulnerability 2016-01-08
ntp -- multiple vulnerabilities 2016-04-27
ntp -- multiple vulnerabilities 2016-11-22
ntp -- Multiple vulnerabilities 2020-03-03
ntp -- multiple vulnerabilities 2016-01-21
ntp -- multiple vulnerabilities 2018-02-28
ntp -- multiple vulnerabilities 2014-12-20
ntp -- multiple vulnerabilities 2015-04-07
ntp -- stack-based buffer overflow 2009-05-20
ntpd DRDoS / Amplification Attack using ntpdc monlist command 2014-01-14
null -- Routinator terminates when RTR connection is reset too quickly after opening 2024-02-28
nut -- upsd can be remotely crashed 2012-05-30
NVIDIA UNIX driver -- access to arbitrary system memory 2012-05-10
NVIDIA UNIX driver -- arbitrary root code execution vulnerability 2006-10-16
NVIDIA UNIX driver -- ARGB cursor buffer overflow in "NoScanout" mode 2013-04-08
NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler 2017-05-23
NVIDIA UNIX driver -- multiple vulnerabilities in the kernel mode layer handler 2017-04-04
NVIDIA UNIX driver -- remote denial of service or arbitrary code execution 2014-12-14
nwclient -- multiple vulnerabilities 2005-07-08
oauth2-proxy -- domain whitelist could be used as redirect 2021-02-12
oauth2-proxy -- multiple vulnerabilities 2024-10-18
OCaml -- Multiple Security Vulnerabilities 2019-05-23
oftpd denial-of-service vulnerability (PORT command) 2004-03-28
Okular -- Local binary execution via action links 2020-03-13
oniguruma -- multiple vulnerabilities 2017-07-07
oniguruma -- multiple vulnerabilities 2019-09-07
oops -- format string vulnerability 2005-05-22
Open DC Hub -- remote buffer overflow vulnerability 2004-11-27
open-vm-tools -- Multiple vulnerabilities 2023-11-01
openafs -- Denial of Service 2014-04-09
openafs -- information disclosure 2015-10-28
openafs -- local DoS vulnerability 2016-06-05
openafs -- multiple vulnerabilities 2016-06-05
openafs -- single-DES cell-wide key brute force vulnerability 2013-07-25
OpenDMARC - Multiple vulnerabilities 2021-12-30
OpenDMARC - Remote denial of service 2021-12-30
OpenEXR -- heap buffer overflow in internal_huf_decompress 2023-06-27
OpenEXR -- heap buffer overflow, and out-of-memory bugs 2019-12-29
openexr -- Heap Overflow in Scanline Deep Data Parsing 2024-02-12
OpenEXR -- Heap-buffer-overflow in Imf_3_1::LineCompositeTask::execute 2022-01-28
OpenEXR -- multiple remote code execution and denial of service vulnerabilities 2017-05-25
openexr v3.0.5 -- fixes miscellaneous security issues 2021-07-02
openexr, ilmbase -- security fixes related to reading corrupted input files 2021-02-12
OpenEXR/ilmbase 2.5.2 -- patch release with various bug/security fixes 2020-07-16
openfire -- multiple vulnerabilities 2009-01-25
openfire -- multiple vulnerabilities 2008-11-19
openfire -- Openfire No Password Changes Security Bypass 2009-05-04
openfire -- unspecified denial of service 2008-04-25
Openfire administration console authentication bypass 2024-05-21
opengrok -- Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. 2021-12-21
openhab -- log4j remote code injection 2021-12-13
OpenHAB CometVisu addon -- Multiple vulnerabilities 2024-08-09
OpenJPEG -- integer overflow 2019-02-11
OpenJPEG -- multiple vulnerabilities 2018-07-27
openjpeg -- multiple vulnerabilities 2016-10-11
openjpeg -- Multiple vulnerabilities 2014-05-24
openjpeg -- use-after-free vulnerability 2015-09-17
openldap -- denial of service vulnerability 2015-09-12
OpenLDAP -- incorrect handling of NULL in certificate Common Name 2014-04-11
openldap -- modrdn Denial of Service vulnerability 2008-02-22
openldap -- multiple remote denial of service vulnerabilities 2007-10-30
openldap -- slapd acl selfwrite Security Issue 2006-10-05
openldap -- two remote denial of service vulnerabilities 2015-02-06
openldap -- two security bypass vulnerabilities 2011-02-25
openoffice -- arbitrary code execution vulnerabilities 2008-11-29
openoffice -- arbitrary command execution vulnerability 2007-09-20
openoffice -- DOC document heap overflow vulnerability 2005-04-13
openoffice -- document disclosure 2004-09-14
openoffice -- information disclosure vulnerability 2016-10-12
OpenOffice 4.1.1 -- multiple vulnerabilities 2015-11-05
openoffice.org -- Multiple vulnerabilities 2011-02-10
openoffice.org -- multiple vulnerabilities 2010-02-25
opensaml2 -- unauthenticated login 2011-07-25
OpenSearch -- Log4Shell 2021-12-13
OpenSearch -- Log4Shell 2021-12-27
OpenSearch -- Log4Shell 2021-12-27
openslp -- denial of service vulnerability 2015-09-17
OpenSMTPd -- critical LPE / RCE vulnerability 2020-01-29
OpenSMTPd -- LPE and RCE in OpenSMTPD's default install 2020-02-24
OpenSMTPD -- multiple vulnerabilities 2015-10-06
OpenSMTPD -- multiple vulnerabilities 2015-10-04
openssh -- command injection when X11Forwarding is enabled 2016-03-11
OpenSSH -- Double-free memory corruption in ssh-agent 2021-03-13
openssh -- information disclosure 2016-01-14
OpenSSH -- MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices 2015-07-27
OpenSSH -- Memory corruption in sshd 2013-11-08
openssh -- multiple vulnerabilities 2006-09-30
OpenSSH -- OpenSSH 6.2 through 8.7 failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand 2021-10-12
OpenSSH -- PAM vulnerabilities 2015-08-21
OpenSSH -- PermitRootLogin may allow password connections with 'without-password' 2015-08-21
OpenSSH -- Pre-authentication async signal safety issue 2024-09-15
OpenSSH -- Race condition resulting in potential remote code execution 2024-07-01
OpenSSH -- remote code execution via a forwarded agent socket 2023-07-21
openssh -- remote denial of service 2006-03-12
openssh -- sshd -- remote valid user discovery and PAM /bin/login attack 2016-09-01
OpenSSL -- AES OCB fails to encrypt some bytes 2022-07-05
OpenSSL -- AES-SIV implementation ignores empty associated data entries 2023-07-16
openssl -- alternate chains certificate forgery vulnerability 2015-07-09
OpenSSL -- BN_mod_exp incorrect results on MIPS 2022-01-28
OpenSSL -- Buffer overflows in Email verification 2022-11-01
OpenSSL -- Cache timing vulnerability 2018-04-16
OpenSSL -- Certificate validation issue 2021-12-14
OpenSSL -- ChaCha20-Poly1305 nonce vulnerability 2019-03-07
OpenSSL -- Client DoS due to large DH parameter 2018-06-12
OpenSSL -- CMS and S/MIME Bleichenbacher attack 2012-03-15
OpenSSL -- Command injection vulnerability 2022-06-22
openssl -- crash on handshake 2017-02-16
openssl -- denial of service 2016-06-30
openssl -- denial of service in DTLS implementation 2009-05-30
OpenSSL -- Denial of Service vulnerability 2024-05-17
OpenSSL -- DoS in DH generation 2023-11-08
OpenSSL -- DTLS and TLS 1.1, 1.2 denial of service 2012-05-10
OpenSSL -- DTLS Denial of Service 2012-01-20
OpenSSL -- Excessive Resource Usage Verifying X.509 Policy Constraints 2023-03-24
OpenSSL -- Excessive time spent checking DH q parameter value 2023-07-31
OpenSSL -- Heap memory corruption with RSA private key operation 2022-07-03
openssl -- Incorrect PKCS#1 v1.5 padding validation in crypto(3) 2006-12-19
OpenSSL -- Infinite loop in BN_mod_sqrt parsing certificates 2022-03-16
OpenSSL -- integer conversions result in memory corruption 2012-04-21
OpenSSL -- Local Information Disclosure 2014-04-11
OpenSSL -- Multiple problems in crypto(3) 2007-02-26
OpenSSL -- multiple vulnerabilities 2015-01-08
OpenSSL -- Multiple vulnerabilities 2019-09-11
OpenSSL -- Multiple vulnerabilities 2021-02-16
OpenSSL -- Multiple vulnerabilities 2022-05-04
openssl -- multiple vulnerabilities 2014-01-06
OpenSSL -- multiple vulnerabilities 2018-03-27
OpenSSL -- multiple vulnerabilities 2014-10-15
OpenSSL -- Multiple vulnerabilities 2023-03-29
OpenSSL -- multiple vulnerabilities 2021-08-24
OpenSSL -- Multiple vulnerabilities 2017-11-02
OpenSSL -- Multiple vulnerabilities 2024-01-31
OpenSSL -- multiple vulnerabilities 2017-12-07
OpenSSL -- multiple vulnerabilities 2016-09-26
openssl -- multiple vulnerabilities 2015-12-05
OpenSSL -- multiple vulnerabilities 2017-01-26
OpenSSL -- multiple vulnerabilities 2012-01-14
OpenSSL -- multiple vulnerabilities 2014-06-05
OpenSSL -- Multiple vulnerabilities 2024-09-03
OpenSSL -- Multiple vulnerabilities 2023-02-07
OpenSSL -- multiple vulnerabilities 2011-09-07
OpenSSL -- multiple vulnerabilities 2016-09-22
OpenSSL -- multiple vulnerabilities 2016-05-03
OpenSSL -- Multiple vulnerabilities 2021-03-26
OpenSSL -- multiple vulnerabilities 2015-03-19
openssl -- multiple vulnerabilities 2016-01-28
openssl -- multiple vulnerabilities 2015-06-11
openssl -- multiple vulnerabilities 2016-11-10
OpenSSL -- multiple vulnerabilities 2014-08-06
OpenSSL -- Multiple vulnerabilities in 1.1 branch 2018-10-29
OpenSSL -- NULL pointer de-reference 2020-12-08
OpenSSL -- NULL pointer dereference / DoS 2014-05-03
OpenSSL -- OOB memory access vulnerability 2024-10-19
OpenSSL -- Overflow vulnerability 2019-12-20
OpenSSL -- Padding oracle vulnerability 2019-02-20
OpenSSL -- Possible DoS translating ASN.1 identifiers 2023-05-31
OpenSSL -- potential loss of confidentiality 2023-10-24
OpenSSL -- Potential NULL encryption in NID_undef with Custom Cipher 2022-10-18
openssl -- potential SSL 2.0 rollback 2005-10-12
OpenSSL -- Remote Data Injection / DoS 2014-04-23
OpenSSL -- Remote Information Disclosure 2014-04-07
openssl -- timing attack vulnerability 2017-01-11
OpenSSL -- timing vulnerability 2018-11-12
OpenSSL -- TLS 1.1, 1.2 denial of service 2013-02-06
openssl -- TLS extension parsing race condition 2010-11-17
OpenSSL -- Unbounded memory growth with session handling in TLSv1.3 2024-04-11
OpenSSL -- Use after free vulnerability 2024-05-28
OpenSSL -- Vector register corruption on PowerPC 2024-01-11
OpenSSL -- vulnerability in DSA signing 2016-06-09
OpenSSL ChangeCipherSpec denial-of-service vulnerability 2004-03-17
OpenSSL remote denial of service vulnerability 2020-04-21
OpenTTD -- Buffer overflows in savegame loading 2011-10-16
OpenTTD -- Denial of Service 2012-08-18
OpenTTD -- Denial of service (server) via infinite loop 2010-08-22
OpenTTD -- Denial of service (server) via slow read attack 2012-01-16
OpenTTD -- Denial of service (server/client) via invalid read 2010-11-23
OpenTTD -- Denial of service using forcefully crashed aircrafts 2013-11-28
OpenTTD -- Denial of service via improperly validated commands 2011-10-16
OpenTTD -- Multiple buffer overflows in validation of external data 2011-10-16
openvpn -- 2.6.0...2.6.6 --fragment option division by zero crash, and TLS data leak 2023-11-15
openvpn -- arbitrary code execution on client through malicious or compromised server 2005-11-01
OpenVPN -- Buffer overflow in PAM authentication and DoS through port sharing 2016-05-14
openvpn -- deferred authentication can be bypassed in specific circumstances 2021-04-21
OpenVPN -- denial of service security vulnerability 2014-12-02
openvpn -- denial of service: client certificate validation can disconnect unrelated clients 2005-08-19
openvpn -- denial of service: malicious authenticated "tap" client can deplete server virtual memory 2005-08-19
openvpn -- denial of service: undecryptable packet from authorized client can disconnect unrelated clients 2005-08-19
openvpn -- illegal client float can break VPN session for other users 2020-04-16
openvpn -- LD_PRELOAD code execution on client through malicious or compromised server 2006-04-05
openvpn -- multiple TCP clients connecting with the same certificate at the same time can crash the server 2005-08-19
OpenVPN -- out-of-bounds write in legacy key-method 1 2017-09-27
openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins 2022-03-17
openvpn -- potential denial-of-service on servers in TCP mode 2005-11-01
OpenVPN -- potential side-channel/timing attack when comparing HMACs 2013-03-31
OpenVPN -- several vulnerabilities 2017-06-21
OpenVPN -- two remote denial-of-service vulnerabilities 2017-05-11
openvpn -- two security fixes 2024-06-20
openvpn-devel -- arbitrary code execution 2008-08-07
openvswitch -- MPLS buffer overflow 2016-05-29
openx -- remote code execution vulnerability 2010-09-26
OpenX -- SQL injection vulnerability 2013-12-22
OpenX -- SQL injection vulnerability 2012-09-27
openx -- sql injection vulnerability 2008-10-25
openx -- undisclosed security issue 2012-03-02
opera -- "data:" URI handler spoofing vulnerability 2005-02-18
opera -- "javascript:" URL cross-site scripting vulnerability 2005-06-20
Opera -- code injection vulnerability through broken frameset handling 2011-05-23
opera -- command line URL shell command injection 2005-11-30
opera -- Data URIs can be used to allow cross-site scripting 2010-06-25
opera -- download dialog spoofing vulnerability 2005-07-30
opera -- execution of arbitrary code 2012-12-18
opera -- execution of arbitrary code 2012-11-22
opera -- execution of arbitrary code 2013-02-01
opera -- image dragging vulnerability 2005-07-30
opera -- kfmclient exec command execution vulnerability 2005-02-18
opera -- moderately severe issue 2014-04-30
opera -- multiple vulnerabilities 2007-10-25
opera -- multiple vulnerabilities 2008-04-05
opera -- multiple vulnerabilities 2011-02-10
opera -- multiple vulnerabilities 2005-11-30
opera -- multiple vulnerabilities 2009-09-04
opera -- multiple vulnerabilities 2008-02-22
opera -- multiple vulnerabilities 2007-12-19
opera -- multiple vulnerabilities 2012-11-06
opera -- multiple vulnerabilities 2007-01-05
opera -- multiple vulnerabilities 2010-08-13
opera -- multiple vulnerabilities 2008-11-03
opera -- multiple vulnerabilities 2009-10-31
opera -- multiple vulnerabilities 2008-10-28
opera -- multiple vulnerabilities 2011-12-13
opera -- multiple vulnerabilities 2009-12-01
opera -- multiple vulnerabilities 2008-10-10
opera -- multiple vulnerabilities 2008-12-19
opera -- multiple vulnerabilities 2010-10-26
opera -- multiple vulnerabilities 2007-07-19
opera -- multiple vulnerabilities 2008-08-25
opera -- multiple vulnerabilities 2009-03-15
opera -- multiple vulnerabilities in Java implementation 2005-01-24
opera -- redirection cross-site scripting vulnerability 2005-06-20
opera -- RSA Signature Forgery 2006-09-22
opera -- URL parsing heap overflow vulnerability 2006-10-20
opera -- Vulnerability in javascript handling 2007-08-15
opera -- XMLHttpRequest security bypass 2005-06-20
OPIE -- arbitrary password change 2006-03-24
optipng -- arbitrary code execution via crafted BMP image 2009-01-19
optipng -- multiple vulnerabilities 2017-02-16
optipng -- use-after-free vulnerability 2013-03-21
optipng -- use-after-free vulnerability 2015-09-17
osc -- shell command injection via crafted _service files 2015-03-31
osip -- Improper Restriction of Operations within the Bounds of a Memory Buffer 2017-10-11
otrs -- Clickjacking issue 2014-04-03
otrs -- Incomplete Access Control 2014-12-16
otrs -- information disclosure 2013-06-19
otrs -- information disclosure 2013-05-23
otrs -- Information disclosure and Data manipulation 2013-04-05
otrs -- multiple vulnerabilities 2014-01-28
OTRS -- Multiple vulnerabilities 2017-12-30
OTRS -- Multiple XSS and denial of service vulnerabilities 2010-11-03
otrs -- Scheduler Process ID File Access 2015-09-30
OTRS -- Several XSS attacks possible 2011-04-12
otrs -- SQL injection 2010-02-08
otrs -- Sql Injection + Xss Issue 2013-07-11
OTRS -- Vulnerabilities in OTRS-Core allows read access to any file on local file system 2011-08-18
otrs -- XSS Issue 2014-02-25
otrs -- XSS vulnerability 2012-12-30
otrs -- XSS vulnerability 2013-05-23
otrs -- XSS vulnerability could lead to remote code execution 2013-02-25
otrs -- XSS vulnerability in Firefox and Opera 2012-12-30
otrs -- XSS vulnerability in Firefox and Opera could lead to remote code execution 2013-02-25
otrs -- XSS vulnerability in Internet Explorer 2012-12-30
otrs -- XSS vulnerability in Internet Explorer could lead to remote code execution 2013-02-25
Overflow error in fetch 2004-11-18
owncloud -- Multiple security vulnerabilities 2013-06-11
owncloud -- multiple vulnerabilities 2016-01-29
owncloudclient -- Improper validation of certificates when using self-signed certificates 2015-11-11
p11-kit -- Multiple vulnerabilities 2020-12-12
p5-Archive-Zip -- virus detection evasion 2004-11-08
p5-Config-IniFiles -- unsafe temporary file creation 2012-05-07
p5-Dancer -- possible to abuse session cookie values 2015-06-20
p5-DBI -- insecure temporary file creation vulnerability 2006-04-23
p5-Email-Address-List -- DDoS related vulnerability 2019-01-31
p5-File-Path -- rmtree allows creation of setuid files 2009-01-03
p5-HTML-Parser -- denial of service 2009-11-06
p5-HTML-Scrubber -- XSS vulnerability 2015-11-11
p5-Imager -- possibly exploitable buffer overflow 2007-04-30
p5-libwww -- possibility to remote servers to create file with a .(dot) character 2010-08-31
p5-Mail-SpamAssassin -- denial of service vulnerability 2005-06-18
p5-Mail-SpamAssassin -- local user symlink-attack DoS vulnerability 2007-06-18
p5-Mail-SpamAssassin -- long message header denial of service 2005-11-10
p5-Mojolicious -- cookie-handling vulnerability 2018-02-17
p5-Net-DNS -- multiple Vulnerabilities 2007-07-28
p5-PathTools -- File::Spec::canonpath loses taint 2016-01-12
p5-RT-Authen-ExternalAuth -- privilege escalation 2012-07-26
p5-Spreadsheet-ParseExcel -- Remote Code Execution Vulnerability 2024-02-11
p5-UI-Dialog -- shell command execution vulnerability 2015-10-10
p5-XSLoader -- local arbitrary code execution 2016-08-04
p7zip -- directory traversal vulnerability 2015-09-16
p7zip -- heap overflow vulnerability 2016-07-15
p7zip -- heap-based buffer overflow 2018-02-10
p7zip -- Null pointer dereference 2016-11-30
p7zip -- out-of-bounds read vulnerability 2016-07-15
p7zip -- usage of uninitialized memory 2021-12-11
p7zip-codec-rar -- insufficient error handling 2018-02-10
palemoon -- multiple vulnerabilities 2017-11-28
palemoon -- multiple vulnerabilities 2018-02-03
pam_ldap -- authentication bypass vulnerability 2005-08-27
pango -- buffer overflow 2020-07-23
pango -- integer overflow 2009-05-13
pango -- remote DoS vulnerability 2018-10-01
passenger -- client controlled header overwriting 2015-12-07
passenger -- security vulnerability 2013-06-01
password-store -- GPG parsing vulnerabilities 2018-06-14
patch -- multiple vulnerabilities 2018-11-11
Pavuk HTTP Location header overflow 2004-07-03
Payara -- A Polymorphic Typing issue in FasterXML jackson-databind 2020-10-06
payara -- Code execution via crafted PUT requests to JSPs 2018-11-28
payara -- Default typing issue in Jackson Databind 2018-11-28
payara -- Multiple vulnerabilities 2018-11-28
payara -- multiple vulnerabilities 2020-10-06
Payara -- path trasversal flaw via either loc/con parameters in Eclipse Mojarra 2020-10-06
pcal -- buffer overflow vulnerabilities 2005-01-06
pcre -- arbitrary code execution 2007-11-06
pcre -- buffer overflow vulnerability 2008-02-29
pcre -- heap overflow vulnerability 2016-04-03
pcre -- heap overflow vulnerability 2015-08-24
pcre -- heap overflow vulnerability in '(?|' situations 2015-08-10
pcre -- Heap Overflow Vulnerability in find_fixedlength() 2015-06-29
pcre -- multiple vulnerabilities 2015-06-04
pcre -- multiple vulnerabilities 2015-05-22
pcre -- regular expression buffer overflow 2005-08-26
pcre -- stack buffer overflow 2016-03-21
pdfjam -- insecure temporary files 2009-01-11
PEAR -- Net_Ping and Net_Traceroute remote arbitrary command injection 2010-01-04
pear-Horde_Image -- DoS vulnerability 2017-06-21
pear-Horde_Image -- remote code execution vulnerability 2017-06-21
pear-PEAR -- PEAR installer arbitrary code execution vulnerability 2005-11-04
pear-twig -- remote code execution 2015-10-14
pear-XML_RPC -- arbitrary remote code execution 2005-07-03
pear-XML_RPC -- information disclosure vulnerabilities 2005-07-08
pear-XML_RPC -- remote PHP code injection vulnerability 2005-08-15
pecl-phar -- format string vulnerability 2011-01-13
peercast -- arbitrary code execution 2008-05-21
peercast -- buffer overflow vulnerability 2007-12-19
perdition -- str_vwrite format string vulnerability 2007-11-05
perl -- denial of service via algorithmic complexity attack on hashing routines 2013-03-10
perl -- Directory Permissions Race Condition 2009-02-03
perl -- File::Path insecure file/directory permissions 2005-01-21
perl -- local arbitrary code execution 2016-08-04
perl -- multiple vulnerabilities 2017-09-24
perl -- multiple vulnerabilities 2018-04-15
perl -- regular expressions unicode data buffer overflow 2007-11-06
perl -- vulnerabilities in PERLIO_DEBUG handling 2005-02-02
perl, webmin, usermin -- perl format string integer wrap vulnerability 2006-02-15
perl5 -- taint mechanism bypass vulnerability 2016-05-10
pf -- IP fragment handling panic 2006-02-14
PG Partition Manager -- arbitrary code execution 2021-05-24
pgbouncer -- failed auth_query lookup leads to connection as auth_user 2015-09-09
pgbouncer -- remote denial of service 2015-06-10
pglogical -- shell command injection in pglogical.create_subscription() 2021-06-06
Phishing through a login page malicious URL in GLPI 2023-10-11
php -- _ecalloc Integer Overflow Vulnerability 2006-10-06
php -- arbitrary code execution 2015-07-13
php -- arbitrary remote code execution vulnerability 2012-02-04
php -- corruption of $GLOBALS and $this variables via extract() method 2011-01-13
php -- crash on crafted tag in exif 2011-03-25
PHP -- crypt() returns only the salt for MD5 2011-08-23
PHP -- denial of service attack 2017-10-30
php -- env_path_info underflow in fpm_main.c can lead to RCE 2019-11-06
php -- ini database truncation inside dba_replace() function 2009-05-16
php -- input validation error in safe_mode 2008-06-22
php -- integer overflow vulnerability 2008-04-25
php -- memory_limit related vulnerability 2004-09-27
php -- multiple security vulnerabilities 2007-11-16
php -- multiple vulnerabilities 2016-05-03
php -- multiple vulnerabilities 2015-10-04
PHP -- multiple vulnerabilities 2016-09-30
php -- multiple vulnerabilities 2016-02-09
php -- multiple vulnerabilities 2009-12-17
php -- multiple vulnerabilities 2011-01-09
php -- multiple vulnerabilities 2016-04-03
php -- multiple vulnerabilities 2015-05-22
php -- multiple vulnerabilities 2008-12-07
php -- multiple vulnerabilities 2012-05-12
php -- multiple vulnerabilities 2007-05-07
php -- multiple vulnerabilities 2015-09-08
php -- multiple vulnerabilities 2016-05-28
php -- multiple vulnerabilities 2007-02-17
php -- multiple vulnerabilities 2004-12-17
php -- multiple vulnerabilities 2007-09-11
php -- Multiple vulnerabilities 2024-09-30
php -- Multiple vulnerabilities 2024-04-16
PHP -- Multiple vulnerabilities 2016-12-12
php -- multiple vulnerabilities 2016-01-11
PHP -- multiple vulnerabilities 2005-11-01
php -- multiple vulnerabilities 2016-06-25
PHP -- multiple vulnerabilities 2016-12-29
PHP -- multiple vulnerabilities 2016-12-29
php -- multiple vulnerabilities 2011-08-20
php -- multiple vulnerabilities 2012-04-28
php -- multiple vulnerabilities 2012-01-11
php -- multiple vulnerabilities 2006-09-13
PHP -- multiple vulnerabilities 2016-09-30
php -- multiple vulnerabilities 2016-07-26
PHP -- Multiple vulnerabilities in EXIF module 2019-05-11
php -- NULL byte poisoning 2011-01-13
php -- open_basedir bypass 2011-01-13
php -- open_basedir Race Condition Vulnerability 2006-10-05
php -- php_variables memory disclosure 2004-10-05
php -- potential overflow in _php_stream_scandir 2012-07-23
php -- readfile() DoS vulnerability 2005-04-10
php -- strip_tags cross-site scripting vulnerability 2004-09-27
PHP -- undisclosed vulnerabilities 2017-01-19
php -- use-after-free vulnerability 2015-07-13
php -- use-after-free vulnerability 2015-07-13
php -- vulnerability in certain CGI-based setups 2012-05-05
php -- vulnerability in RFC 1867 file upload processing 2004-09-15
php -- ZipArchive segfault with FL_UNCHANGED on empty archive 2011-03-25
PHP multiple vulnerabilities 2014-08-18
php-filter -- Denial of Service 2011-01-13
php-gd and gd -- Buffer over-read into uninitialized memory 2017-09-26
php-imap -- Denial of Service 2011-01-13
php-imap -- imap_open allows to run arbitrary shell commands via mailbox parameter 2018-11-22
php-mbstring -- php mbstring buffer overflow vulnerability 2009-03-16
php-phar -- multiple vulnerabilities 2015-07-18
php-zip -- multiple Denial of Service vulnerabilities 2011-01-13
php5 -- Denial of Service in php_date_parse_tzfile() 2012-09-19
php5 -- header splitting attack via carriage-return character 2012-09-05
php5 -- Heap based buffer overflow in quoted_printable_encode 2013-06-07
PHP5 -- Heap corruption in XML parser 2013-07-16
PHP5 -- Integer overflow in Calendar module 2013-07-16
PHP5 -- memory corruption in openssl_x509_parse() 2013-12-14
php5 -- Multiple security issues 2009-10-12
php5 -- multiple vulnerabilities 2016-03-13
php5 -- multiple vulnerabilities 2015-08-17
php5 -- Multiple vulnerabilities 2013-03-18
php5 -- multiple vulnerabilities 2015-06-23
php5 -- multiple vulnerabilities 2015-02-26
php5 -- potential magic_quotes_gpc vulnerability 2008-12-08
php5-gd -- uninitialized memory information disclosure vulnerability 2009-01-05
php5-sqlite -- open_basedir bypass 2012-09-19
php7 -- multiple vulnerabilities 2016-03-13
php72 -- use of freed hash key 2020-08-27
phpbb -- arbitrary command execution and other vulnerabilities 2004-12-22
phpbb -- Insuffient check against HTML code in usercp_register.php 2005-03-05
phpbb -- multiple information disclosure vulnerabilities 2005-02-23
phpbb -- multiple vulnerabilities 2005-07-09
phpbb -- multiple vulnerabilities 2006-02-16
phpbb -- NULL byte injection vulnerability 2006-10-04
phpbb -- privilege elevation and path disclosure 2005-02-28
phpbb -- remote PHP code execution vulnerability 2005-07-03
phpBB IP address spoofing 2004-04-23
phpBB session table exhaustion 2004-05-06
phpbb3 -- multiple issues 2018-01-19
phpicalendar -- cross site scripting vulnerability 2006-02-15
phpicalendar -- file disclosure vulnerability 2006-02-15
phpldapadmin -- Cross-Site Scripting and Script Insertion vulnerabilities 2006-05-14
phpLDAPadmin -- Remote PHP code injection vulnerability 2011-10-24
phpldapadmin -- XSS vulnerability 2023-07-05
phplist -- local file inclusion vulnerability 2009-02-09
phpList -- SQL injection and XSS vulnerability 2012-07-02
phpmailer -- Multiple vulnerability 2018-11-21
phpmailer -- Remote Code Execution 2016-12-28
phpmailer -- Remote Code Execution 2016-12-26
phpmailer -- Remote Code Execution 2017-01-12
PHPmailer -- SMTP injection vulnerability 2015-12-03
phpmailer -- XSS in code example and default exeception handler 2017-08-23
phpmyadmin -- 'set_theme' Cross-Site Scripting 2006-04-06
phpmyadmin -- arbitrary file include and XSS vulnerabilities 2005-03-08
phpMyAdmin -- bypass 'no password' restriction 2017-03-29
phpMyAdmin -- clickJacking protection can be bypassed 2013-08-04
phpmyadmin -- Code execution vulnerability 2008-09-17
phpmyadmin -- command execution vulnerability 2004-12-15
phpMyAdmin -- Content spoofing vulnerability 2015-10-23
phpmyadmin -- cross site request forgery vulnerabilities 2008-07-18
phpmyadmin -- Cross Site Scripting 2007-11-21
phpmyadmin -- Cross Site Scripting Vulnerabilities 2008-06-28
phpmyadmin -- cross site scripting vulnerability 2005-07-31
phpmyadmin -- cross site scripting vulnerability 2006-07-03
phpmyadmin -- cross-site request forgery vulnerability 2008-12-11
phpMyAdmin -- cross-site scripting vulnerabilities 2004-11-20
phpmyadmin -- cross-site scripting vulnerability 2007-11-11
phpmyadmin -- cross-site scripting vulnerability 2007-10-17
phpmyadmin -- cross-site scripting vulnerability 2007-10-16
phpmyadmin -- Cross-Site Scripting Vulnerability 2008-09-23
phpmyadmin -- Cross-Site Scripting Vulnerability 2008-10-31
phpmyadmin -- CSRF vulnerability allowing arbitrary SQL execution 2018-04-19
phpMyAdmin -- CSRF vulnerability in login form 2019-06-13
phpMyAdmin -- File disclosure and SQL injection 2019-01-27
phpmyadmin -- file disclosure vulnerability 2004-12-15
phpmyadmin -- Full path disclosure vulnerability in SQL parser 2016-01-28
phpMyAdmin -- Global variable scope injection 2013-06-30
phpmyadmin -- HTTP Response Splitting vulnerability 2005-11-16
phpmyadmin -- increased privilege vulnerability 2005-03-15
phpmyadmin -- information disclosure vulnerability 2005-03-08
phpmyadmin -- Insecure password generation in JavaScript 2016-01-28
phpmyadmin -- insufficient output sanitizing when generating configuration file 2009-03-25
phpmyadmin -- insufficient output sanitizing when generating configuration file 2009-04-15
phpmyadmin -- Local file inclusion 2011-11-12
phpmyadmin -- local file inclusion vulnerability 2005-10-11
phpmyadmin -- Multiple full path disclosure vulnerabilities 2016-01-28
phpmyadmin -- Multiple full path disclosure vulnerabilities 2016-01-28
phpMyAdmin -- Multiple security vulnerabilities 2013-04-24
phpMyAdmin -- Multiple vulnerabilities 2017-01-24
phpmyadmin -- multiple vulnerabilities 2011-07-03
phpmyadmin -- multiple vulnerabilities 2016-08-17
phpMyAdmin -- multiple vulnerabilities 2013-07-28
phpMyAdmin -- multiple vulnerabilities 2016-07-01
phpmyadmin -- multiple vulnerabilities 2019-12-06
phpMyAdmin -- multiple vulnerabilities 2018-12-12
phpMyAdmin -- multiple vulnerabilities 2011-02-11
phpMyAdmin -- multiple vulnerabilities 2016-11-25
phpmyadmin -- multiple vulnerabilities 2011-07-24
phpMyAdmin -- Multiple XSS 2011-12-22
phpMyAdmin -- Multiple XSS 2011-12-01
phpmyadmin -- multiple XSS and a man-in-the-middle vulnerability 2016-03-01
phpMyAdmin -- Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack 2012-10-14
phpMyAdmin -- Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages 2012-08-17
phpMyAdmin -- multiple XSS vulnerabilities 2011-08-24
phpmyadmin -- Multiple XSS vulnerabilities 2016-01-28
phpMyAdmin -- multiple XSS vulnerabilities 2011-09-14
phpMyAdmin -- multiple XSS vulnerabilities, missing validation 2014-07-18
phpMyAdmin -- Path disclosure due to missing library 2012-08-11
phpMyAdmin -- Path disclosure due to missing verification of file presence 2012-03-28
phpMyAdmin -- path disclosure vulnerability 2015-12-26
phpMyAdmin -- reCaptcha bypass 2015-09-08
phpmyadmin -- register_globals emulation "import_blacklist" manipulation 2005-12-07
phpmyadmin -- remote code inclusion and XSS scripting 2018-06-22
phpmyadmin -- remote command execution vulnerability 2004-10-20
phpMyAdmin -- Risk of BREACH attack due to reflected parameter 2015-03-08
phpMyAdmin -- self XSS in central columns feature 2018-02-22
phpMyAdmin -- Self-XSS due to unescaped HTML output in import. 2014-02-15
phpmyadmin -- Several XSS vulnerabilities 2010-08-21
phpmyadmin -- Shared Host Information Disclosure 2008-04-24
phpMyAdmin -- SQL injection 2020-01-11
phpMyAdmin -- SQL injection 2020-03-25
phpmyadmin -- SQL injection vulnerability 2008-03-04
phpMyAdmin -- two XSS vulnerabilities due to unescaped db/table names 2014-06-20
phpmyadmin -- Unsafe comparison of XSRF/CSRF token 2016-01-28
phpmyadmin -- Unsafe generation of XSRF/CSRF token 2016-01-28
phpmyadmin -- Username/Password Session File Information Disclosure 2008-04-24
phpMyAdmin -- XSRF and man-in-the-middle vulnerabilities 2015-05-13
phpmyadmin -- XSRF vulnerabilities 2006-05-21
phpmyadmin -- XSRF vulnerabilities 2006-10-02
phpMyAdmin -- XSRF/CSRF due to DOM based XSS in the micro history feature 2014-09-13
phpMyAdmin -- XSRF/CSRF vulnerability 2017-12-23
phpMyAdmin -- XSS and DoS vulnerabilities 2014-12-04
phpMyAdmin -- XSS and information disclosure vulnerabilities 2014-11-21
phpmyadmin -- XSS and sensitive data leakage 2016-05-25
phpmyadmin -- XSS and SQL injection vulnerabilities 2009-10-13
phpMyAdmin -- XSS attack in database search 2010-11-30
phpMyAdmin -- XSS due to unescaped HTML output in Create View page 2013-06-05
phpMyAdmin -- XSS due to unescaped HTML output in GIS visualisation page 2013-04-20
phpMyAdmin -- XSS in replication setup 2012-02-18
phpmyadmin -- XSS in the import dialog 2018-08-22
phpMyAdmin -- XSS vulnerabilities 2014-10-01
phpmyadmin -- XSS vulnerabilities 2005-12-07
phpmyadmin -- XSS vulnerabilities 2006-04-06
phpMyAdmin -- XSS vulnerabilities 2014-08-17
phpMyAdmin -- XSS vulnerabilities in SQL debug output and server monitor page. 2014-10-22
phpmyadmin -- XSS vulnerability 2009-06-30
phpMyAdmin -- XSS vulnerability in drag-and-drop upload 2023-03-16
phpmyadmin -- XSS vulnerability in normalization page 2016-01-28
phpmyadmin -- XSS vulnerability in SQL editor 2016-01-28
phpmyfaq -- arbitrary PHP code execution vulnerability 2013-12-16
phpmyfaq -- cross site scripting vulnerabilities 2010-10-02
phpmyfaq -- cross-site request forgery vulnerability 2016-04-23
phpmyfaq -- CSRF vulnerability 2022-10-21
phpmyfaq -- multiple issues 2017-09-29
phpmyfaq -- multiple vulnerabilities 2023-05-21
phpmyfaq -- multiple vulnerabilities 2023-03-24
phpmyfaq -- multiple vulnerabilities 2023-01-20
phpmyfaq -- multiple vulnerabilities 2023-02-12
phpmyfaq -- multiple vulnerabilities 2023-04-24
phpmyfaq -- multiple vulnerabilities 2024-02-11
phpmyfaq -- multiple vulnerabilities 2022-11-11
phpmyfaq -- multiple vulnerabilities 2024-03-26
phpmyfaq -- multiple vulnerabilities 2023-11-02
phpmyfaq -- multiple vulnerabilities 2023-08-23
phpmyfaq -- multiple vulnerabilities 2022-12-12
phpmyfaq -- multiple vulnerabilities 2014-02-06
phpmyfaq -- Remote PHP Code Execution Vulnerability 2012-04-14
phpmyfaq -- Remote PHP Code Injection Vulnerability 2011-10-26
phpmyfaq -- SQL injection, takeover, path disclosure, remote code execution 2005-09-29
phpmyfaq -- XSS vulnerability 2021-01-12
phppgadmin -- "formLanguage" local file inclusion vulnerability 2005-07-08
phppgadmin -- cross site scripting vulnerability 2007-06-04
phppgadmin -- directory traversal with register_globals enabled 2009-03-16
phpSysInfo -- "register_globals" emulation layer overwrite vulnerability 2005-11-13
phpSysInfo -- cross site scripting vulnerability 2005-07-09
phpsysinfo -- url Cross-Site Scripting 2007-07-28
phpwebftp -- "language" Local File Inclusion 2006-05-03
picasm -- buffer overflow vulnerability 2005-10-02
pidgin -- MSN overflow parsing SLP messages 2009-08-20
pidgin -- multiple remote denial of service vulnerabilities 2010-04-20
pidgin -- multiple vulnerabilities 2009-06-16
pidgin-otr -- format string vulnerability 2012-05-16
pidgin-otr -- use after free 2016-03-10
Pillow -- Allocation of resources without limits or throttling 2019-10-15
Pillow -- multiple vulnerabilities 2021-05-12
Pillow -- multiple vulnerabilities 2016-12-04
Pillow -- Multiple vulnerabilities 2020-01-24
Pillow -- Regular Expression Denial of Service (ReDoS) 2021-09-03
pine insecure URL handling 2004-02-12
pine remote denial-of-service attack 2004-02-12
pine remotely exploitable buffer overflow in newmail.c 2004-02-12
pine remotely exploitable vulnerabilities 2004-02-12
pitivi -- code execution 2016-02-26
pivot-weblog -- file deletion vulnerability 2009-03-27
PivotX -- 'ajaxhelper.php' Cross Site Scripting Vulnerability 2012-05-12
PivotX -- administrator password reset vulnerability 2011-02-20
pivotx -- cross-site scripting (XSS) vulnerability 2015-07-11
pivotx -- Multiple unrestricted file upload vulnerabilities 2015-07-11
PivotX -- Remote File Inclusion Vulnerability of TimThumb 2011-10-17
piwigo -- CSRF/Path Traversal 2013-03-18
piwigo -- Multible Vulnerabilities 2020-05-23
piwigo -- SQL injection 2023-05-12
piwik -- cross site scripting vulnerability 2010-05-07
Piwik -- Local File Inclusion Vulnerability 2010-08-04
piwik -- multiple vulnerabilities 2015-12-02
piwik -- php code execution 2009-12-11
Piwik -- remote command execution vulnerability 2011-06-21
piwik -- unknown critical vulnerabilities 2011-10-20
piwik -- xss and click-jacking issues 2012-02-16
piwik -- XSS vulnerability 2016-08-09
piwik -- XSS vulnerability 2016-06-23
pixman -- heap overflow 2022-11-03
pjsip -- Race condition in SSL socket server 2021-07-23
PJSIP -- TCP denial of service in PJProject 2016-04-15
pkg -- vulnerability in libfetch 2020-01-29
plans -- multiple vulnerabilities 2006-09-26
plasma[56]-plasma-workspace -- Unauthorized users can access session manager 2024-06-11
Plex Media Server -- Information Disclosure Vulnerability 2018-09-11
Plex Media Server -- security vulnerability 2023-01-30
plib -- buffer overflow 2013-05-19
plib -- remote code execution via buffer overflow 2012-02-19
plib -- stack-based buffer overflow 2013-05-19
pligg -- Cross-Site Scripting and Cross-Site Request Forgery 2009-12-12
Pligg CMS -- XSS Vulnerability 2016-12-22
plone -- "member_id" Parameter Portrait Manipulation Vulnerability 2006-04-18
plone -- multiple vulnerabilities 2015-10-05
plone -- Remote Security Bypass 2011-02-10
plone -- unprotected MembershipTool methods 2006-10-19
plone -- unsafe data interpreted as pickles 2007-11-12
plone -- user can masquerade as a group 2006-12-27
png -- DoS crash vulnerability 2007-05-16
png -- heap overflow for 32-bit builds 2015-01-05
png -- libpng decompression buffer overflow 2010-06-28
png -- libpng decompression denial of service 2010-04-20
png -- memory corruption/possible remote code execution 2012-04-08
png -- multiple vulnerabilities 2007-10-11
png -- unknown chunk processing uninitialized memory access 2008-04-25
pngcheck -- Buffer-overrun vulnerability 2021-01-28
pngcrush -- libpng Uninitialised Pointer Arrays Vulnerability 2009-03-04
polarssl -- denial of service vulnerability 2013-08-13
polarssl -- Remote attack using crafted certificates 2015-01-19
PolarSSL -- Security Fix Backports 2015-07-15
polarssl -- Timing attack against protected RSA-CRT implementation 2013-10-02
polkit -- Local Privilege Escalation 2022-01-26
polkit -- local privilege escalation using polkit_system_bus_name_get_creds_sync 2021-06-04
polkit -- multiple vulnerabilities 2016-01-08
popfile file disclosure 2004-08-12
poppler -- multiple denial of service issues 2017-08-24
poppler -- Poppler Multiple Vulnerabilities 2009-04-18
poppler -- uninitialized pointer 2008-07-09
portaudit -- auditfile remote code execution 2012-03-11
portupgrade -- insecure temporary file handling vulnerability 2005-04-12
portupgrade-devel -- lack of distfile checksums 2012-04-30
Postfix -- memory corruption vulnerability 2011-05-09
postfix -- plaintext command injection with SMTP over TLS 2011-03-19
postfix-policyd-weight -- working directory symlink vulnerability 2008-04-06
postfixadmin -- Multiple Vulnerabilities 2012-01-27
postfixadmin -- SQL injection vulnerability 2014-07-13
PostgreSQL -- anonymous remote access data corruption vulnerability 2013-04-04
postgresql -- bitsubstr overflow 2010-03-25
postgresql -- character conversion and tsearch2 vulnerabilities 2006-02-16
PostgreSQL -- Denial-of-Service and Code Injection Vulnerabilities 2016-08-11
postgresql -- encoding based SQL injection 2006-08-13
PostgreSQL -- Memory disclosure in partition routing 2019-05-09
PostgreSQL -- Memory disclosure in partitioned-table UPDATE ... RETURNING 2021-05-14
PostgreSQL -- minor security problems. 2015-05-22
PostgreSQL -- minor security problems. 2016-03-31
PostgreSQL -- minor security problems. 2015-10-08
PostgreSQL -- multiple buffer overflows and memory issues 2015-02-05
postgresql -- multiple buffer overflows in PL/PgSQL parser 2005-02-17
PostgreSQL -- multiple privilege issues 2014-02-20
postgresql -- multiple vulnerabilities 2006-08-13
postgresql -- multiple vulnerabilities 2009-12-17
postgresql -- multiple vulnerabilities 2008-04-24
PostgreSQL -- Possible man-in-the-middle attacks 2021-11-10
PostgreSQL -- Prevent unauthorized code execution during pg_dump 2024-08-08
postgresql -- privilege escalation vulnerability 2005-02-08
PostgreSQL -- Security Fixes for Regular Expressions, PL/Java. 2016-02-12
PostgreSQL -- Selectivity estimators bypass row security policies 2019-05-09
PostgreSQL -- SQL injection in pg_upgrade and pg_dump 2018-11-08
PostgreSQL -- Stack-based buffer overflow via setting a password 2019-06-27
PostgreSQL -- two vulnerabilities 2018-08-10
PostgreSQL server -- Client memory disclosure when connecting, with Kerberos, to modified server. 2023-02-09
PostgreSQL Server -- execute arbitrary SQL code as DBA user 2022-05-11
PostgreSQL server -- Memory disclosure in certain queries 2021-08-12
PostgreSQL server -- Potentially allowing authenicated database users to see data that they shouldn't. 2024-05-09
PostgreSQL server -- two security issues 2021-05-14
PostgreSQL vulnerabilities 2017-05-11
PostgreSQL vulnerabilities 2018-02-08
PostgreSQL vulnerabilities 2018-03-01
PostgreSQL vulnerabilities 2017-11-09
PostgreSQL vulnerabilities 2017-08-10
postgresql-contrib -- insecure temporary file creation 2004-11-06
postgresql-server -- Buffer overrun from integer overflow in array modification 2023-11-09
postgresql-server -- CREATE SCHEMA ... schema elements defeats protective search_path changes 2023-05-11
postgresql-server -- Extension script @substitutions@ within quoting allow SQL injection 2023-08-10
postgresql-server -- Memory disclosure in aggregate function calls 2023-11-09
postgresql-server -- MERGE fails to enforce UPDATE or SELECT row security policies 2023-08-10
postgresql-server -- non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL 2024-02-08
postgresql-server -- Role pg_cancel_backend can signal certain superuser processes 2023-11-09
postgresql-server -- Row security policies disregard user ID changes after inlining 2023-05-11
postgresql81-server -- SET ROLE privilege escalation 2006-02-18
PostgresSQL -- ALTER ... DEPENDS ON EXTENSION is missing authorization checks 2020-03-29
PostgresSQL -- TYPE in pg_temp execute arbitrary SQL during `SECURITY DEFINER` execution 2019-08-08
postnuke -- admin section SQL injection 2006-10-03
postnuke -- cross-site scripting (XSS) vulnerabilities 2005-03-04
postnuke -- multiple vulnerabilities 2005-08-08
postnuke -- SQL injection vulnerabilities 2005-03-04
postsrsd -- Denial of service vulnerability 2020-12-21
potrace -- multiple memory failure 2017-02-28
pound remotely exploitable vulnerability 2004-05-02
poweradmin -- multiple XSS vulnerabilities 2013-02-16
powerdns -- denial of service 2022-03-27
powerdns -- denial of service 2015-09-02
powerdns -- Denial of Service 2015-11-09
PowerDNS -- Denial of Service Vulnerability 2012-01-12
powerdns -- DoS vulnerability 2005-02-14
PowerDNS -- Insufficient validation in the HTTP remote backend 2019-03-19
powerdns -- Label decompression bug can cause crashes or CPU spikes 2015-05-01
PowerDNS -- LDAP backend fails to escape all queries 2005-07-21
powerdns -- Leaking uninitialised memory through crafted zone records 2020-09-24
powerdns -- multiple vulnerabilities 2019-06-21
powerdns -- Multiple vulnerabilities 2018-11-19
powerdns -- multiple vulnerabilities 2017-01-18
powerdns -- remotely triggered crash 2021-07-27
powerdns -- Various issues in GSS-TSIG support 2020-12-21
powerdns-recursor -- access restriction bypass 2020-07-02
powerdns-recursor -- cache pollution 2020-10-14
powerdns-recursor -- Crafted query can cause a denial of service 2018-12-09
powerdns-recursor -- denial of service 2022-03-27
powerdns-recursor -- denial of service 2023-01-23
powerdns-recursor -- denial of service 2022-09-01
powerdns-recursor -- denial of service 2024-04-24
powerdns-recursor -- denial of service 2023-03-30
powerdns-recursor -- denial of service 2024-10-09
powerdns-recursor -- DNS cache poisoning 2008-04-05
powerdns-recursor -- insufficient validation of DNSSEC signatures 2018-01-23
powerdns-recursor -- multiple vulnerabilities 2019-01-22
powerdns-recursor -- Multiple Vulnerabilities 2024-02-16
powerdns-recursor -- multiple vulnerabilities 2010-01-09
powerdns-recursor -- Multiple vulnerabilities 2018-11-17
powerdns-recursor -- multiple vulnerabilities 2020-05-26
PptiPNG -- Global-buffer-overflow 2023-11-02
ppxp -- local root exploit 2005-05-22
Privilege Escalation from technician to super-admin in GLPI 2023-10-11
privoxy -- malicious server spoofing as proxy vulnerability 2016-01-26
privoxy -- multiple vulnerabilities 2016-01-26
privoxy -- multiple vulnerabilities 2016-01-26
privoxy -- multiple vulnerabilities 2016-01-26
Privoxy -- Multiple vulnerabilities (memory leak, XSS) 2021-12-15
procmail -- Heap-based buffer overflow 2017-11-21
proftpd -- arbitrary code execution vulnerability with chroot 2015-05-20
proftpd -- arbitrary code execution vulnerability with chroot 2011-12-23
proftpd -- Compromised source packages backdoor 2010-12-04
proftpd -- format string vulnerabilities 2005-08-03
proftpd -- Long Command Processing Vulnerability 2008-09-23
proftpd -- multiple sql injection vulnerabilities 2009-03-16
proftpd -- remote code execution vulnerabilities 2006-12-21
proftpd -- Remote Code Execution Vulnerability 2006-11-14
proftpd -- remote code execution vulnerability 2010-11-23
proftpd -- user chroot escape vulnerability 2017-07-27
proftpd -- vulnerability in mod_tls 2016-04-20
ProFTPD ASCII translation bug resulting in remote root compromise 2004-01-05
proftpd IP address access control list breakage 2004-05-02
Prometheus -- arbitrary redirects 2021-06-01
prometheus2 -- basic authentication bypass 2023-01-30
prosody -- multiple vulnerabilities 2016-01-14
Prosody -- multiple vulnerabilities 2021-05-13
Prosody -- Remote Information Disclosure 2021-08-03
prosody -- user impersonation vulnerability 2016-01-28
Prosody XMPP server advisory 2022-01-13 2022-01-14
proxychains-ng -- current path as the first directory for the library search path 2015-05-29
proxytunnel -- format string vulnerability 2004-11-15
ProZilla -- server response buffer overflow vulnerabilities 2004-11-25
pspp -- multiple vulnerabilities 2017-08-22
Pubcookie Login Server -- XSS vulnerability 2011-05-23
pubcookie-login-server -- cross site scripting vulnerability 2006-04-05
punbb -- NULL byte injection vulnerability 2006-09-30
puppet -- Multiple Vulnerabilities 2012-04-10
puppet -- multiple vulnerabilities 2012-12-30
puppet -- multiple vulnerabilities 2012-07-10
puppet -- multiple vulnerabilities 2013-08-16
puppet -- Silent Configuration Failure 2021-11-10
puppet -- Unauthenticated Remote Code Execution Vulnerability 2013-06-22
puppet -- Unsafe HTTP Redirect 2021-11-10
puppet-agent MCollective plugin -- Remote Code Execution vulnerability 2016-08-15
puppet26 -- multiple vulnerabilities 2013-03-13
puppet27 and puppet -- multiple vulnerabilities 2013-03-13
puppet6 -- Arbitrary Catalog Retrieval 2020-03-23
puppetdb -- Multiple vulnerabilities 2020-08-11
puppetdb -- Potential SQL injection 2022-09-16
PuppetDB -- SQL Injection 2021-06-25
puppetserver and puppetdb -- Puppet Server and PuppetDB may leak sensitive information via metrics API 2020-03-23
pureftpd -- multiple vulnerabilities 2011-05-23
PuTTY - old-style scp downloads may allow remote code execution 2016-03-07
putty -- add protocol extension against 'Terrapin attack' 2023-12-19
putty -- buffer overflow vulnerability in ssh2 support 2004-11-04
PuTTY -- fails to scrub private keys from memory after use 2015-03-05
PuTTY -- Four security holes in versions before 0.63 2013-08-07
PuTTY -- integer overflow permits memory overwrite by forwarded ssh-agent connections 2017-03-16
PuTTY -- memory corruption in terminal emulator's erase character handling 2015-11-09
PuTTY -- Password vulnerability 2011-12-12
putty -- pscp/psftp heap corruption vulnerabilities 2005-02-20
PuTTY -- Release 0.74 fixes two security vulnerabilities 2020-06-28
PuTTY -- security fixes in new release 2019-03-17
PuTTY 0.72 -- buffer overflow in SSH-1 and integer overflow in SSH client 2019-07-20
PuTTY and embedders (f.i., filezilla) -- biased RNG with NIST P521/ecdsa-sha2-nistp521 signatures permits recovering private key 2024-04-16
py-amf -- input sanitization errors 2015-12-17
py-ansible -- data leak vulnerability 2023-04-10
py-ansible -- multiple vulnerabilities 2023-04-10
py-asyncssh -- Allows bypass of authentication 2018-12-08
py-beaker -- arbitrary code execution vulnerability 2023-04-10
py-bleach -- regular expression denial-of-service 2020-04-26
py-bleach -- unsanitized character entities 2018-07-27
py-cinder -- data leak 2023-04-09
py-cinder -- unauthorized data access 2023-04-09
py-cryptography -- allows programmers to misuse an API 2023-04-10
py-cryptography -- includes a vulnerable copy of OpenSSL 2023-04-10
py-cryptography -- tag forgery vulnerability 2018-08-06
py-cryptography -- vulnerable HKDF key generation 2016-12-04
py-django -- denial of service vulnerability 2007-10-27
py-django-photologue -- XSS vulnerability 2023-08-31
py-djblets -- Self-XSS vulnerability 2016-04-03
py-dparse -- REDoS vulnerability 2023-08-31
py-flask-caching -- remote code execution or local privilege escalation vulnerabilities 2023-08-31
py-Flask-Cors -- directory traversal vulnerability 2023-08-31
py-flask-security -- user redirect to arbitrary URL vulnerability 2023-08-31
py-foolscap -- local file inclusion 2015-08-12
py-graphite-web -- Multiple vulnerabilities 2013-09-30
py-gunicorn -- CWE-113 vulnerability 2019-03-05
py-httpie -- exposure of sensitive information vulnerabilities 2023-08-31
py-httpx -- input validation vulnerability 2023-08-31
py-imaging, py-pillow -- Buffer overflow in FLI decoding code 2016-02-09
py-imaging, py-pillow -- Buffer overflow in PCD decoder 2016-02-09
py-impacket -- multiple path traversal vulnerabilities 2023-04-09
py-kerberos -- DoS and MitM vulnerabilities 2023-04-10
py-markdown2 -- regular expression denial of service vulnerability 2023-08-31
py-markdown2 -- XSS vulnerability 2023-08-31
py-matrix-synapse -- DoS on Federation API 2020-12-13
py-matrix-synapse -- incomplete cleanup of 3rd-party-IDs on user deactivation 2019-11-28
py-matrix-synapse -- malformed events may prevent users from joining federated rooms 2020-09-21
py-matrix-synapse -- malicious push rules may be used for a denial of service attack. 2021-05-11
py-matrix-synapse -- missing signature checks on some federation APIs 2019-10-29
py-matrix-synapse -- multiple vulnerabilities 2019-12-18
py-matrix-synapse -- multiple vulnerabilities 2020-07-03
py-matrix-synapse -- multiple vulnerabilities 2019-07-28
py-matrix-synapse -- several vulnerabilities 2021-11-23
py-matrix-synapse -- several vulnerabilities 2021-09-02
py-matrix-synapse -- unbounded recursion in urlpreview 2022-06-29
py-matrix-synapse -- undisclosed vulnerability 2019-01-15
py-matrix-synapse -- users of single-sign-on are vulnerable to phishing 2020-03-11
py-matrix-synapse -- weakness in auth chain indexing allows DoS 2024-04-24
py-matrix-synapse -- XSS vulnerability 2020-10-17
py-nicotine-plus -- Denial of service vulnerability 2023-04-09
py-numpy -- Missing return-value validation of the function PyArray_DescrNew 2022-06-11
py-pillow -- Buffer overflow in TIFF decoding code 2016-02-09
py-pillow -- Integer overflow in Resample.c 2016-02-09
py-psutil -- double free vulnerability 2023-04-10
py-pygments -- multiple DoS vulnerabilities 2023-08-31
py-pylons -- Path traversal bug 2008-07-04
py-pymatgen -- regular expression denial of service 2023-04-09
py-rsa -- Bleichenbacher'06 signature forgery vulnerability 2016-02-04
py-salt -- potential shell injection vulnerabilities 2015-05-24
py-Scrapy -- cookie injection vulnerability 2023-08-31
py-Scrapy -- credentials leak vulnerability 2023-08-31
py-Scrapy -- DoS vulnerability 2023-08-31
py-Scrapy -- exposure of sensitive information vulnerability 2023-08-31
py-slixmpp -- incomplete SSL certificate validation 2023-04-09
py-social-auth-app-django -- Improper Handling of Case Sensitivity 2024-04-28
py-suds -- vulnerable to symlink attacks 2023-04-09
py-tensorflow -- denial of service vulnerability 2023-04-09
py-tensorflow -- unchecked argument causing crash 2023-04-09
py-tflite -- buffer overflow vulnerability 2023-04-09
py-tflite -- denial of service vulnerability 2023-04-09
py-treq -- sensitive information leak vulnerability 2023-08-31
py-twisted -- cookie and authorization headers are leaked when following cross-origin redirects 2022-02-13
py-twisted -- multiple vulnerabilities 2020-04-21
py-wagtail -- DoS vulnerability 2023-08-31
py-wagtail -- stored XSS vulnerability 2023-08-31
py-WsgiDAV -- XSS vulnerability 2023-08-31
py-yaml -- arbitrary code execution 2019-04-23
py-yaml -- FullLoader (still) exploitable for arbitrary command execution 2020-04-27
py27-setuptools44 -- denial of service vulnerability 2023-04-09
py39-celery -- command injection vulnerability 2023-04-09
py39-cinder -- insecure-credentials flaw 2023-04-09
py39-configobj -- vulnerable to Regular Expression Denial of Service 2023-04-09
py39-Elixir -- weak use of cryptography 2023-03-26
py39-joblib -- arbitrary code execution 2023-04-09
py39-lmdb -- multiple vulnerabilities 2023-03-26
py39-OWSLib -- arbitrary file read vulnerability 2023-04-09
py39-py -- Regular expression Denial of Service vulnerability 2023-04-09
py39-pycares -- domain hijacking vulnerability 2023-04-09
py39-redis -- can send response data to the client of an unrelated request 2023-04-09
py39-redis -- can send response data to the client of an unrelated request 2023-04-09
py39-rencode -- infinite loop that could lead to Denial of Service 2023-03-25
py39-sentry-sdk -- sensitive cookies leak 2023-04-09
py39-setuptools -- denial of service vulnerability 2023-04-09
py39-setuptools58 -- denial of service vulnerability 2023-04-09
py39-sqlalchemy10 -- multiple SQL Injection vulnerabilities 2023-03-28
py39-sqlalchemy11 -- multiple SQL Injection vulnerabilities 2023-04-09
py39-sqlalchemy12 -- multiple SQL Injection vulnerabilities 2023-04-09
py39-unicorn -- sandbox escape and arbitrary code execution vulnerability 2023-04-09
pyblosxom -- atom flavor multiple XML injection vulnerabilities 2009-02-11
pycrypto -- ARC2 module buffer overflow 2009-02-15
pycrypto -- PRNG reseed race condition 2013-10-19
pycrypto -- vulnerable ElGamal key generation 2012-06-24
pygments -- shell injection vulnerability 2016-01-09
pyrad -- multiple vulnerabilities 2021-11-05
pysaml2 -- multiple vulnerabilities 2021-01-26
Python -- buffer overflow in socket.recvfrom_into() 2014-03-01
python -- buffer overrun in repr() for unicode strings 2006-10-07
Python -- CRLF injection via the host part of the url passed to urlopen() 2020-05-09
Python -- DoS via malformed XML-RPC / HTTP POST request 2012-02-14
Python -- HTTP Header Injection in Python urllib 2016-06-30
python -- Information disclosure via pydoc -p: /getfile?key=path allows to read arbitrary file on the filesystem 2021-04-10
Python -- Integer overflow in zipimport module 2016-06-17
python -- Integer Signedness Error in zlib Module 2008-04-25
Python -- multiple vulnerabilities 2021-09-02
Python -- multiple vulnerabilities 2022-10-20
Python -- multiple vulnerabilities 2023-09-07
Python -- multiple vulnerabilities 2020-08-19
Python -- multiple vulnerabilities 2022-12-07
python -- multiple vulnerabilities 2008-09-10
Python -- multiple vulnerabilities 2020-07-31
Python -- multiple vulnerabilities 2021-05-05
Python -- multiple vulnerabilities 2020-07-06
Python -- multiple vulnerabilities 2021-09-09
Python -- multiple vulnerabilities 2020-09-20
Python -- multiple vulnerabilities 2020-07-20
Python -- multiple vulnerabilities 2021-09-07
Python -- multiple vulnerabilities 2023-06-08
Python -- multiple vulnerabilities 2022-09-08
Python -- NULL pointer dereference vulnerability 2019-03-26
python -- possible integer overflow vulnerability 2018-02-11
Python -- Regular Expression DoS attack against client 2020-04-23
python -- SimpleXMLRPCServer.py allows unrestricted traversal 2005-02-03
Python -- smtplib StartTLS stripping vulnerability 2016-07-03
python 2.7 -- multiple vulnerabilities 2018-05-05
Python 2.7 -- multiple vulnerabilities 2017-10-11
python 3.6 -- multiple vulnerabilities 2019-07-08
python 3.7 -- multiple vulnerabilities 2019-07-12
python 3.7 -- multiple vulnerabilities 2019-10-19
PyYAML -- arbitrary code execution 2021-06-02
qemu -- "drive_init()" Disk Format Security Bypass 2008-05-08
qemu -- buffer overflow vulnerability in virtio-serial message exchanges 2016-01-01
qemu -- buffer overflow vulnerability in VNC 2016-01-01
qemu -- code execution on host machine 2016-01-01
qemu -- denial of service vulnerabilities in eepro100 NIC support 2016-01-03
qemu -- denial of service vulnerabilities in NE2000 NIC support 2016-01-02
qemu -- denial of service vulnerability 2016-12-04
qemu -- denial of service vulnerability in e1000 NIC support 2016-01-02
qemu -- denial of service vulnerability in Human Monitor Interface support 2016-01-03
qemu -- denial of service vulnerability in IDE disk/CD/DVD-ROM emulation 2016-01-02
qemu -- denial of service vulnerability in MegaRAID SAS HBA emulation 2016-01-03
qemu -- denial of service vulnerability in MSI-X support 2016-01-03
qemu -- denial of service vulnerability in Q35 chipset emulation 2016-01-03
qemu -- denial of service vulnerability in Rocker switch emulation 2016-01-03
qemu -- denial of service vulnerability in USB EHCI emulation support 2016-01-03
qemu -- denial of service vulnerability in virtio-net support 2016-01-02
qemu -- denial of service vulnerability in VMWARE VMXNET3 NIC support 2016-01-03
qemu -- denial of service vulnerability in VNC 2016-01-03
qemu -- denial of service vulnerability in VNC 2016-01-02
qemu -- Heap overflow in Cirrus emulation 2008-11-02
qemu -- Heap overflow in QEMU PCNET controller, allowing guest to host escape (CVE-2015-3209) 2015-06-26
qemu -- several vulnerabilities 2007-05-01
qemu -- stack buffer overflow while parsing SCSI commands 2016-01-01
qemu -- Translation Block Local Denial of Service Vulnerability 2007-12-12
qemu -- unchecked block read/write vulnerability 2008-03-11
qemu and xen-tools -- denial of service vulnerabilities in AMD PC-Net II NIC support 2016-01-03
qemu, xen and VirtualBox OSE -- possible VM escape and code execution ("VENOM") 2015-05-17
qemu, xen-tools -- QEMU heap overflow flaw with certain ATAPI commands 2015-08-04
qemu, xen-tools -- QEMU leak of uninitialized heap memory in rtl8139 device model 2015-08-17
qemu, xen-tools -- use-after-free in QEMU/Xen block unplug protocol 2015-08-17
qmail -- 64 bit integer overflows with possible remote code execution on large SMTP requests 2005-05-11
qmail -- 64 bit integer overflows with possible remote code execution on large SMTP requests 2005-05-11
qmail -- 64 bit integer overflows with possible remote code execution on large SMTP requests 2005-05-11
qpopper -- multiple privilege escalation vulnerabilities 2005-11-07
qpopper format string vulnerability 2003-12-12
qpress -- directory traversal 2023-06-06
qt -- image loader vulnerabilities 2004-08-22
qt4-gui, qt5-gui -- DoS vulnerability in the BMP image handler 2015-03-05
qt4-imageformats, qt4-gui, qt5-gui -- Multiple Vulnerabilities in Qt Image Format Handling 2015-04-14
qt4-imageformats, qt5-gui -- DoS vulnerability in the GIF image handler 2014-07-19
qt4-xml -- XML Entity Expansion Denial of Service 2014-05-05
Qt5 -- QProcess unexpected search path 2022-02-21
qt5-webengine -- Multiple vulnerabilities 2024-10-31
qt5-webengine -- Multiple vulnerabilities 2024-06-20
qt5-webengine -- Multiple vulnerabilities 2024-01-29
qt5-webengine -- Multiple vulnerabilities 2024-09-05
qt5-webengine -- Multiple vulnerabilities 2024-05-19
qt6-base (core module) -- Invalid pointer in QStringConverter 2024-05-15
qt6-webengine -- Multiple vulnerabilities 2024-01-31
qt6-webengine -- Multiple vulnerabilities 2024-01-29
qt6-webengine -- Multiple vulnerabilities 2024-06-20
qt6-webengine -- Multiple vulnerabilities 2024-05-15
QtNetwork -- potential buffer overflow 2024-01-07
QtNetworkAuth -- predictable seeding of PRNG in QAbstractOAuth 2024-05-24
quagga -- BGP OPEN denial of service vulnerability 2012-06-05
quagga -- Denial of Service 2009-05-06
quagga -- multiple vulnerabilities 2011-10-05
quagga -- multiple vulnerabilities 2012-03-24
quagga -- several security issues 2018-02-15
quagga -- stack based buffer overflow vulnerability 2016-03-10
quagga -- stack overflow and DoS vulnerabilities 2010-08-25
quagga -- two DoS vulnerabilities 2011-04-01
quake2 -- multiple critical vulnerabilities 2005-01-21
quassel -- multiple vulnerabilities 2018-04-26
quassel -- remote denial of service 2016-07-07
quassel -- remote denial of service 2015-12-18
Quassel IRC -- SQL injection vulnerability 2013-11-06
Quassel IRC -- SQL injection vulnerability 2015-05-16
quiche -- Multiple Vulnerabilities 2024-03-26
qutebrowser -- Reloading page with certificate errors shows a green URL 2020-05-09
qutebrowser -- Remote code execution due to CSRF 2018-07-14
R -- arbitrary code execution vulnerability 2024-05-02
RabbitMQ -- Authentication vulnerability 2017-01-15
RabbitMQ -- Denial of Service in AMQP1.0 plugin 2021-05-10
RabbitMQ -- Denial of Service via improper input validation 2021-06-28
rabbitmq -- Security issues in management plugin 2015-01-31
RabbitMQ-C -- auth credentials visible in commandline tool options 2024-08-30
RabbitMQ-C -- integer overflow leads to heap corruption 2021-06-25
rack -- information leak / session hijack vulnerability 2019-12-29
rack -- Multiple vulnerabilities 2023-01-19
rack -- possible denial of service vulnerability in header parsing 2023-03-24
rack -- possible DoS vulnerability in multipart MIME parsing 2023-03-06
racoon -- improper certificate handling 2004-10-03
racoon -- remote denial-of-service 2005-06-03
racoon fails to verify signature during Phase 1 2004-04-07
racoon remote denial of service vulnerability (IKE Generic Payload Header) 2004-04-07
racoon remote denial of service vulnerability (ISAKMP header length field) 2004-04-14
racoon security association deletion vulnerability 2004-03-25
radicale -- multiple vulnerabilities 2016-01-29
Rails -- Action View vulnerabilities 2019-03-18
Rails -- Active Job vulnerability 2018-12-02
rails -- multiple vulnerabilities 2013-12-08
Rails -- multiple vulnerabilities 2021-05-07
Rails -- multiple vulnerabilities 2020-05-19
rails -- multiple vulnerabilities 2016-02-02
Rails -- multiple vulnerabilities 2021-02-17
rails -- multiple vulnerabilities 2016-03-06
Rails -- permission vulnerability 2020-06-22
Rails -- Possible XSS vulnerability 2020-10-10
Rails -- Potential XSS vulnerability 2020-09-12
Rails -- remote code execution vulnerability 2020-05-16
Rails -- XSS vulnerabilities 2022-04-30
Rails 4 -- Possible XSS Vulnerability in Action View 2016-08-18
Rails 4 -- Unsafe Query Generation Risk in Active Record 2016-08-18
rails-html-sanitizer -- possible XSS vulnerability 2018-03-24
rainloop -- cross-site-scripting (XSS) vulnerability 2022-05-03
raptor/raptor2 -- XXE in RDF/XML File Interpretation 2012-03-25
raptor2 -- buffer overflow 2020-11-09
raptor2 -- malformed input file can lead to a segfault 2021-02-20
rar -- password prompt buffer overflow vulnerability 2007-02-17
razor-agents -- denial of service vulnerability 2005-06-20
rclone -- Multiple vulnerabilities 2024-01-26
rdesktop - critical - Remote Code Execution 2019-02-22
RDoc -- command injection vulnerability 2021-05-02
RDoc -- multiple jQuery vulnerabilities 2019-08-29
re2c -- uncontrolled recursion 2023-01-25
readstat -- Heap buffer overflow in readstat_convert 2024-02-12
realplayer -- arbitrary file deletion and other vulnerabilities 2005-01-21
realplayer -- remote heap overflow 2005-03-04
redis -- EVAL Lua Sandbox Escape 2015-06-08
redis -- heap overflow in COMMAND GETKEYS and ACL evaluation 2023-07-10
redis -- Heap overflow in the cjson and cmsgpack libraries 2023-07-10
redis -- HINCRBYFLOAT can be used to crash a redis-server process 2023-05-08
redis -- integer overflow 2021-06-01
redis -- Integer overflow issues with BITFIELD command on 32-bit systems 2021-07-27
redis -- Integer overflow on 32-bit systems 2021-02-23
redis -- multiple vulnerabilities 2021-05-03
redis -- Multiple vulnerabilities 2022-04-27
redis -- multiple vulnerabilities 2023-03-01
redis -- multiple vulnerabilities 2023-01-16
redis -- multiple vulnerabilities 2021-10-05
redis -- Possible bypassing ACL configuration 2023-09-07
redis -- Possible bypassing Unix socket permissions 2023-10-18
redis -- Potential remote code execution vulnerability 2022-07-18
redis -- Potential remote code execution vulnerability 2022-09-21
redis -- sensitive information leak through command history file 2016-10-11
redis -- specially crafted MSETNX command can lead to denial-of-service 2023-03-21
redis,valkey -- Multiple vulnerabilities 2024-10-02
redmine -- CSRF protection bypass 2015-12-10
redmine -- information leak vulnerability 2015-12-10
redmine -- information leak vulnerability 2015-12-10
redmine -- multiple vulnerabilities 2010-07-10
redmine -- multiple vulnerabilities 2015-12-10
redmine -- multiple vulnerabilities 2015-12-10
redmine -- multiple vulnerabilities 2010-12-23
redmine -- multiple vulnerabilities 2010-05-14
redmine -- open redirect vulnerability 2015-12-10
redmine -- open redirect vulnerability 2015-12-10
redmine -- potential XSS vulnerability 2015-12-10
redmine -- XSS vulnerability 2015-12-10
redmine -- XSS vulnerability 2011-03-07
remind -- buffer overflow with malicious reminder file input 2015-09-18
Remote Code Execution via web-accessible composer 2023-09-29
Remote code injection in phpMyAdmin 2004-07-02
Remote Denial of Service of HTTP server and client 2004-06-25
Remote-Code-Execution vulnerability in mysql and its variants CVE 2016-6662 2016-11-24
Remote-Code-Execution vulnerability in mysql and its variants CVE 2016-6662 2016-09-14
Request Tracker -- information exposure vulnerability 2024-07-04
Request Tracker -- multiple vulnerabilities 2023-10-18
rest-client -- plaintext password disclosure 2015-05-31
rest-client -- session fixation vulnerability 2015-05-31
ricochet -- information disclosure 2016-03-10
ripMIME -- decoding bug allowing content filter bypass 2004-08-27
rkhunter -- insecure temporary file creation 2007-09-05
rockdodger -- buffer overflows 2004-12-02
Roundcube -- arbitrary command execution 2016-11-29
roundcube -- arbitrary file disclosure vulnerability 2013-04-19
roundcube -- arbitrary password resets 2017-06-09
roundcube -- cross-site scripting in HTML email messages 2012-08-27
Roundcube -- Cross-site scripting vulnerabilities 2024-05-21
roundcube -- file disclosure vulnerability 2017-11-11
roundcube -- IMAP command injection vulnerability 2018-04-13
Roundcube -- Multiple vulnerabilities 2021-11-15
Roundcube -- Multiple vulnerabilities 2024-08-10
roundcube -- multiple vulnerabilities 2015-07-07
roundcube -- remote execution of arbitrary code 2008-12-30
roundcube -- webmail script insertion and php code injection 2009-03-16
Roundcube -- XSS vulnerability 2023-09-16
roundcube -- XSS vulnerability 2016-06-10
Roundcube -- XSS vulnerability 2021-12-31
roundcube -- XSS vulnerability 2011-09-13
Roundcube -- XSS vulnerability in SVG 2023-10-18
roundcube-thunderbird_labels -- RCE with custom label titles 2022-10-12
routinator -- multiple vulnerabilities 2023-09-16
routinator -- multiple vulnerabilities 2022-01-05
routinator -- Possible path traversal when storing RRDP responses 2023-09-27
routinator -- potential DOS attack 2022-10-07
rpm4 -- Multiple Vulnerabilities 2022-12-01
rpm4 -- regression in -setperms, -setugids and -restore 2018-12-26
rsnapshot -- local privilege escalation 2005-05-01
rssh & scponly -- arbitrary command execution 2004-12-02
rssh - multiple vulnerabilities 2019-03-06
rssh -- arbitrary command execution 2012-08-22
rssh -- configuration restrictions bypass 2012-08-22
rssh -- file name disclosure bug 2004-09-21
rssh -- format string vulnerability 2004-10-25
rssh -- privilege escalation vulnerability 2006-02-16
rsync -- client-side arbitrary file write vulnerability 2022-08-10
rsync -- incremental recursion memory corruption vulnerability 2011-07-20
rsync -- multiple vulnerabilities 2017-12-20
rsync -- off by one stack overflow 2007-08-21
rsync -- path sanitizing vulnerability 2004-08-26
rsync buffer overflow in server mode 2004-02-12
rsync path traversal issue 2004-05-02
rsyslog -- remote syslog PRI vulnerability 2014-09-30
rsyslog8 -- heap buffer overflow on receiving TCP syslog 2022-05-06
RT -- Multiple Vulnerabilities 2012-05-23
RT -- Multiple Vulnerabilities 2012-11-01
RT -- multiple vulnerabilities 2013-05-23
rt -- multiple vulnerabilities 2011-04-17
rt -- Remote DoS, Information disclosure and Session Hijackingvulnerabilities 2015-03-08
rt -- Session fixation vulnerability 2009-12-09
RT -- two XSS vulnerabilities 2015-08-12
rt -- XSS via jQuery 2019-03-06
rt and dependent modules -- multiple security vulnerabilities 2017-06-15
rt42 -- denial-of-service attack via the email gateway 2014-01-27
rt42 -- vulnerabilities related to shellshock 2014-10-02
ruby -- $SAFE escaping vulnerability about Exception#to_s/NameError#to_s 2012-11-01
ruby -- arbitrary command execution on XMLRPC server 2005-06-23
ruby -- Arbitrary memory address read vulnerability with Regex search 2024-04-23
ruby -- BigDecimal denial of service vulnerability 2009-06-13
Ruby -- Buffer overrun in String-to-Float conversion 2022-04-13
ruby -- CGI DoS 2004-11-13
ruby -- cgi.rb library Denial of Service 2006-11-04
ruby -- cgi.rb library Denial of Service 2006-12-04
ruby -- Command injection vulnerability in Net::FTP 2017-12-14
Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON 2013-02-16
ruby -- DNS spoofing vulnerability 2008-08-16
ruby -- DoS vulnerability in REXML 2013-02-24
ruby -- DoS vulnerability in WEBrick 2008-08-16
Ruby -- Double free in Regexp compilation 2022-04-13
ruby -- Hash-flooding DoS vulnerability for ruby 1.9 2012-11-10
ruby -- Heap Overflow in Floating Point Parsing 2013-11-23
ruby -- heap overflow vulnerability 2009-12-09
ruby -- Hostname check bypassing vulnerability in SSL client 2013-07-11
ruby -- multiple integer and buffer overflow vulnerabilities 2008-06-21
ruby -- multiple vulnerabilities 2018-10-20
ruby -- multiple vulnerabilities 2019-10-02
ruby -- multiple vulnerabilities 2006-07-29
ruby -- multiple vulnerabilities 2017-09-19
Ruby -- multiple vulnerabilities 2021-07-14
ruby -- multiple vulnerabilities 2018-03-29
ruby -- multiple vulnerabilities in safe level 2008-08-16
ruby -- Object taint bypassing in DL and Fiddle in Ruby 2013-05-26
Ruby -- OpenSSL Hostname Verification Vulnerability 2015-04-14
ruby -- Unintentional file creation caused by inserting an illegal NUL character 2012-11-01
Ruby -- unsafe tainted string vulnerability 2015-12-23
ruby -- UTF-7 encoding XSS vulnerability in WEBrick 2010-08-17
ruby -- vulnerability in the safe level settings 2005-10-27
ruby -- XML round-trip vulnerability in REXML 2021-04-05
Ruby -- XSS exploit of RDoc documentation generated by rdoc 2013-02-16
Ruby Activemodel Gem -- Circumvention of attr_protected 2013-02-17
Ruby insecure file permissions in the CGI session management 2004-08-16
Ruby Rack Gem -- Multiple Issues 2013-02-17
ruby-gems -- Algorithmic Complexity Vulnerability 2013-11-24
ruby-gems -- Algorithmic Complexity Vulnerability 2013-11-24
ruby-saml -- XML signature wrapping attack 2016-07-08
rubygem-actionpack -- Denial of Service 2012-07-26
rubygem-activerecord -- multiple vulnerabilities 2012-07-23
rubygem-bson -- DoS and possible injection 2015-06-23
rubygem-cgi -- buffer overrun in CGI.escape_html 2021-11-24
rubygem-cgi -- cookie prefix spoofing in CGI::Cookie.parse 2021-11-24
rubygem-cgi -- HTTP response splitting vulnerability 2022-11-24
rubygem-date -- Regular Expression Denial of Service Vunlerability of Date Parsing Methods 2021-11-15
rubygem-doorkeeper -- token revocation vulnerability 2018-07-31
rubygem-dragonfly -- arbitrary code execution 2013-02-28
rubygem-geminabox -- XSS & CSRF vulnerabilities 2017-09-19
rubygem-geminabox -- XSS vulnerabilities 2017-11-13
rubygem-json -- Unsafe Objection Creation Vulnerability in JSON (Additional fix) 2020-03-26
rubygem-mail -- multiple vulnerabilities 2012-05-09
rubygem-mail -- Remote Arbitrary Shell Command Injection Vulnerability 2011-02-10
rubygem-paperclip -- validation bypass vulnerability 2015-06-22
rubygem-passenger -- arbitrary file read vulnerability 2017-12-18
rubygem-rails -- evaluation of ruby code 2006-08-10
rubygem-rails -- JSON XSS vulnerability 2007-11-28
rubygem-rails -- multiple vulnerabilities 2013-04-10
rubygem-rails -- multiple vulnerabilities 2012-08-10
rubygem-rails -- multiple vulnerabilities 2013-01-08
rubygem-rails -- multiple vulnerabilities 2011-08-19
rubygem-rails -- multiple vulnerabilities 2015-06-17
rubygem-rails -- session-fixation vulnerability 2007-11-27
rubygem-rails -- SQL injection vulnerability 2008-09-10
rubygem-rails -- SQL injection vulnerability 2013-01-07
rubygem-redcarpet -- XSS vulnerability 2015-05-14
rubygem-ruby_parser -- insecure tmp file usage 2013-02-24
rubygem-time -- ReDoS vulnerability 2023-03-30
rubygem-uri -- ReDoS vulnerability 2023-03-30
rubygems -- deserialization vulnerability 2017-10-10
RubyGems -- multiple vulnerabilities 2019-03-15
rubygems -- multiple vulnerabilities 2017-08-29
rubygems -- request hijacking vulnerability 2015-05-17
Rundeck3 -- Log4J RCE vulnerability 2023-02-16
Rust -- Race condition enabling symlink following 2022-01-31
Rust -- violation of Rust's safety guarantees 2019-05-15
rxvt-unicode -- buffer overflow vulnerability 2005-03-13
rxvt-unicode -- restore permissions on tty devices 2006-01-04
rxvt-unicode is vulnerable to a remote code execution 2023-01-03
salt -- code execution 2016-02-03
Salt -- information disclosure 2015-12-07
salt -- Insecure configuration of PAM external authentication service 2016-03-27
salt -- Maliciously crafted minion IDs can cause unwanted directory traversals on the Salt-master 2017-08-22
salt -- multiple vulnerabilities 2021-03-03
salt -- multiple vulnerabilities 2017-11-23
Salt -- multiple vulnerabilities 2015-10-17
salt -- multiple vulnerabilities 2020-11-12
salt -- multiple vulnerabilities 2018-10-27
salt -- multiple vulnerabilities in salt-master process 2020-05-16
salt -- salt-api vulnerability 2020-03-07
sam2p -- multiple issues 2017-09-28
samba -- "root" credential remote code execution 2012-04-10
samba -- ACLs are not checked on opening an alternate data stream on a file or directory 2013-11-19
samba -- buffer overflow in Heimdal unwrap_des3() 2022-10-25
samba -- buffer overflow vulnerability 2007-12-12
samba -- client side SMB2/3 required signing can be downgraded 2016-07-13
samba -- combination of parameters and permissions can allow user to escape from the share path definition 2019-09-03
Samba -- cross site scripting and request forgery vulnerabilities 2011-08-16
Samba -- Denial of service - memory corruption 2011-06-21
samba -- denial of service vulnerability 2013-08-09
samba -- Elevation of privilege to Active Directory Domain Controller 2015-01-16
samba -- Exposure of machine account credentials in winbind log files 2006-04-05
samba -- format string bug in afsacl.so VFS plugin 2007-03-16
samba -- incorrect permission checks vulnerability 2012-04-30
samba -- integer overflow vulnerability 2004-12-21
samba -- memory exhaustion DoS in smbd 2006-07-10
samba -- multiple vulnerabilities 2018-03-13
samba -- Multiple Vulnerabilities 2021-03-28
samba -- multiple vulnerabilities 2019-05-14
samba -- multiple vulnerabilities 2020-04-29
samba -- Multiple Vulnerabilities 2021-11-10
samba -- multiple vulnerabilities 2023-04-07
samba -- multiple vulnerabilities 2007-11-21
samba -- multiple vulnerabilities 2023-08-05
samba -- multiple vulnerabilities 2007-05-16
samba -- multiple vulnerabilities 2016-04-12
samba -- multiple vulnerabilities 2019-10-29
samba -- Multiple vulnerabilities 2022-10-11
samba -- Multiple Vulnerabilities 2020-07-02
samba -- Multiple Vulnerabilities 2022-02-01
samba -- multiple vulnerabilities 2018-08-14
samba -- multiple vulnerabilities 2019-12-12
samba -- multiple vulnerabilities 2016-12-26
samba -- multiple vulnerabilities 2013-12-11
samba -- Multiple Vulnerabilities 2020-10-30
samba -- multiple vulnerabilities 2020-01-27
samba -- multiple vulnerabilities 2014-03-11
samba -- multiple vulnerabilities 2014-06-23
samba -- multiple vulnerabilities 2015-12-19
samba -- multiple vulnerabilities 2018-08-14
samba -- negative idmap cache entries vulnerability 2021-05-01
samba -- nss_info plugin privilege escalation vulnerability 2007-09-21
samba -- Orpheus Lyre mutual authentication validation bypass 2017-07-12
samba -- potential Denial of Service bug in smbd 2007-03-16
samba -- potential leakage of arbitrary memory contents 2008-11-29
samba -- potential remote DoS vulnerability 2004-11-12
samba -- Private key in key.pem world readable 2013-11-19
samba -- remote code execution 2014-08-02
samba -- remote code execution vulnerability 2017-05-24
samba -- remote file disclosure 2004-09-30
samba -- symlink race allows access outside share definition 2017-03-24
samba -- Unauthenticated domain takeover via netlogon 2020-09-20
samba -- Unexpected code execution in smbd 2015-02-23
Samba 3.0.x password initialization bug 2004-02-12
samba3 DoS attack 2004-09-14
Sane -- Multiple Vulnerabilities 2020-05-28
Sanitize -- XSS vulnerability 2018-03-21
sbibboleth-sp -- denial of service vulnerability 2021-04-26
scponly -- local privilege escalation exploits 2005-12-22
screen -- combined UTF-8 characters vulnerability 2006-10-29
screen -- stack overflow 2015-09-08
SDL2_image -- multiple vulnerabilities 2019-07-03
sdl2_sound -- multiple vulnerabilities 2024-04-22
sdl_image -- buffer overflow vulnerabilities 2008-05-02
seatd-launch -- privilege escalation with SUID 2021-09-16
seatd-launch -- remove files with escalated privileges with SUID 2022-02-21
Security Vulnerability found in ExifTool 2022-03-25
Security Vulnerability found in ExifTool leading to RCE 2022-06-11
security/cfs -- buffer overflow 2011-09-04
security/keycloak -- Multiple possible DoS attacks 2023-01-16
security/ossec-hids-* -- root escalation via syscheck feature 2015-06-12
security/ossec-hids-* -- root escalation via temp files 2014-09-11
security/py-ecdsa -- multiple issues 2020-08-16
security/shibboleth-idp -- CAS service SSRF 2024-03-21
security/tor -- SOCKS4(a) inversion bug 2023-01-14
security/trousers -- several vulnerabilities 2020-08-18
sendmail -- Incorrect multipart message handling 2006-06-14
sendmail -- race condition vulnerability 2006-03-24
Sensitive fields enumeration through API in GLPI 2023-10-11
serendipity -- multiple cross site scripting vulnerabilities 2008-04-25
Serendipity -- multiple vulnerabilities 2018-09-30
serendipity -- XSS 2019-05-26
Serendipity -- XSS Vulnerabilities 2006-10-21
serf -- SSL Certificate Null Byte Poisoning 2014-08-11
serviio -- affected by log4j vulnerability 2021-12-15
seti@home remotely exploitable buffer overflow 2004-02-12
setsockopt(2) IPv6 sockets input validation error 2004-03-29
Several issues in Lynis 2020-06-18
Several remotely exploitable buffer overflows in gaim 2004-02-12
Several Security Defects in the Bouncy Castle Crypto APIs 2018-07-15
Several Security Defects in the Bouncy Castle Crypto APIs 2017-03-12
several security issues in sqlite3 2020-06-10
Several vulnerabilities found in IcedTea-Web 2012-08-13
Several vulnerabilities found in PHP 2015-04-25
Several vulnerabilities found in PHP 2015-04-01
Several vulnerabilities found in PHPNuke 2004-07-03
Several vulnerabilities in libav 2015-04-03
sge -- local root exploit in bundled rsh executable 2006-01-23
shadowsocks-libev -- command injection via shell metacharacters 2018-02-05
sharutils -- buffer overflows 2004-10-13
sharutils -- unshar insecure temporary file creation 2005-05-01
shells/fish -- arbitrary code execution via git 2023-01-21
shibboleth-sp -- crashes on malformed date/time content 2018-12-20
shibboleth-sp -- DoS vulnerability 2015-07-23
shibboleth-sp -- vulnerable to forged user attribute data 2018-02-27
shibboleth-sp -- vulnerable to forged user attribute data 2018-01-12
shibboleth2-sp -- "Dynamic" metadata provider plugin issue 2017-11-15
shmat reference counting bug 2004-04-07
shotwell -- failure to encrypt authentication 2017-02-01
shotwell -- not verifying certificates 2016-02-05
shoutcast -- cross-site scripting, information exposure 2006-07-11
shtool -- insecure temporary file creation 2005-07-09
shutter -- arbitrary code execution 2015-09-17
sieve-connect -- TLS hostname verification was not occurring 2013-04-15
silc -- pkcs_decode buffer overflow 2008-03-26
silc-client -- Format string vulnerability 2009-08-04
silc-toolkit -- Format string vulnerabilities 2009-09-08
sinatra -- XSS vulnerability 2018-07-31
sircd -- remote operator privilege escalation vulnerability 2007-01-15
sircd -- remote reverse DNS buffer overflow 2007-01-15
skype -- multiple buffer overflow vulnerabilities 2005-11-01
slim -- insecure PATH assignment 2010-08-19
slim -- local disclosure of X authority magic cookie 2009-05-30
slixmpp -- improper access control 2019-03-05
Slixmpp -- Lack of SSL Certificate hostname validation in XMLStream 2024-09-30
slurm -- insecure handling of user_name and gid fields 2018-06-16
slurm-wlm -- Several security issues 2023-12-19
slurm-wlm -- SQL Injection attacks against SlurmDBD 2018-03-17
smart_proxy_dynflow -- authentication bypass vulnerability 2018-09-22
smarty3 -- shell injection in math 2017-07-03
smbd -- buffer-overrun vulnerability 2004-11-17
smbfs -- chroot escape 2006-06-09
smbftpd -- format string vulnerability 2007-12-12
SnappyMail -- multiple mXSS in HTML sanitizer 2024-09-16
snmptt -- malicious shell code 2020-08-15
snort -- Back Orifice preprocessor buffer overflow vulnerability 2005-10-18
snort -- DCE/RPC preprocessor vulnerability 2007-02-21
socat -- buffer overflow with data from command line 2014-01-29
socat -- diffie hellman parameter was not prime 2016-02-01
socat -- FD leak 2013-05-26
socat -- format string vulnerability 2004-11-10
socat -- Heap-based buffer overflow 2012-05-14
soft-serve -- Remote code execution vulnerability 2024-08-09
SoftEtherVPN -- multiple vulnerabilities 2023-06-30
SOGo -- SAML user authentication impersonation 2021-06-02
Solr -- Apache Log4J 2021-12-13
solr -- Code execution via entity expansion 2017-10-13
Solr -- multiple vulnerabilities 2020-02-29
sox -- input sanitization errors 2015-07-23
sox -- memory corruption vulnerabilities 2015-07-23
SoX buffer overflows when handling .WAV files 2004-08-26
spamass-milter -- remote command execution vulnerability 2010-05-06
SpamAssassin -- denial-of-service in tokenize_headers 2004-08-23
spamassassin -- Malicious rule configuration (.cf) files can be configured to run system commands 2021-03-24
spamassassin -- multiple vulnerabilities 2019-12-13
spamassassin -- multiple vulnerabilities 2018-09-26
spamassassin -- Nefarious rule configuration files can run system commands 2020-01-31
spamdyke -- Buffer Overflow Vulnerabilities 2012-01-23
spamdyke -- open relay 2008-05-27
spamdyke -- STARTTLS Plaintext Injection Vulnerability 2012-01-08
Spotipy -- Path traversal vulnerability 2023-02-02
sppp -- buffer overflow vulnerability 2006-08-23
SQL injection vulnerability in phpnuke 2004-02-25
sql-ledger -- multiple vulnerabilities 2006-12-18
sql-ledger -- security bypass vulnerability 2007-03-16
SQLite -- Corrupt DB can cause a NULL pointer dereference 2018-03-22
SQLite -- Corrupt DB can cause a NULL pointer dereference 2018-07-01
sqlite -- multiple vulnerabilities 2015-04-18
sqlite -- use-after-free bug in jsonparseaddnodearray 2024-09-29
sqlite3 -- heap-buffer overflow 2017-08-08
SQLite3 -- Tempdir Selection Vulnerability 2016-07-03
sqlite3 -- use after free 2019-05-26
squashfs-tools -- Integer overflow 2021-03-15
squid -- Buffer overflow in SNMP processing 2014-09-18
squid -- buffer overflow in WCCP recvfrom() call 2005-01-28
squid -- buffer overflow vulnerability in gopherToHTML 2005-01-12
squid -- client-first SSL-bump does not correctly validate X509 server certificate 2015-07-06
squid -- confusing results on empty acl declarations 2004-12-23
squid -- correct handling of oversized HTTP reply headers 2005-02-08
squid -- denial of service 2012-12-28
squid -- denial of service 2013-07-15
Squid -- Denial of Service Vulnerability 2007-12-04
squid -- Denial of Service vulnerability in DNS handling 2010-02-01
squid -- Denial of Service vulnerability in HTCP 2010-02-14
squid -- Denial of service vulnerability in request handling 2010-09-24
squid -- Denial Of Service Vulnerability in sslConnectTimeout 2005-09-04
squid -- denial of service with forged WCCP messages 2005-01-12
squid -- denial-of-service vulnerabilities 2005-06-03
squid -- DNS lookup spoofing vulnerability 2005-05-19
squid -- DoS on failed PUT/POST requests vulnerability 2005-04-10
squid -- Exposure of sensitive information in cache manager 2022-09-26
squid -- FTP server response handling denial of service 2005-11-01
squid -- HTTP response splitting cache pollution attack 2005-01-22
squid -- Improper Protection of Alternate Path with CONNECT requests 2015-07-06
Squid -- multiple vulnerabilities 2020-04-07
squid -- multiple vulnerabilities 2016-04-21
squid -- multiple vulnerabilities 2016-04-02
squid -- multiple vulnerabilities 2016-05-07
squid -- Multiple vulnerabilities 2023-10-25
squid -- multiple vulnerabilities 2016-12-23
squid -- no sanity check of usernames in squid_ldap_auth 2005-01-19
squid -- NTLM authentication denial-of-service vulnerability 2004-10-18
squid -- possible abuse of cachemgr.cgi 2005-05-19
squid -- possible cache-poisoning via malformed HTTP responses 2005-01-24
squid -- possible denial of service condition regarding NTLM authentication 2005-09-15
squid -- Possible Denial Of Service Vulnerability in store.c 2005-09-04
squid -- possible information disclosure 2004-12-09
squid -- remote denial of service vulnerability 2009-02-09
squid -- remote DoS in HTTP response processing 2016-02-24
squid -- several remote denial of service vulnerabilities 2009-07-27
squid -- SNMP module denial-of-service vulnerability 2004-10-12
squid -- SSL/TLS processing remote DoS 2016-02-18
squid -- TLS/SSL parser denial of service vulnerability 2015-09-18
Squid -- TRACE method handling denial of service 2007-03-21
squid -- Vulnerable to Denial of Service attack 2018-02-23
squid -- Vulnerable to HTTP Digest Authentication 2019-11-19
squid ACL bypass due to URL decoding bug 2004-03-26
squidclamav -- cross-site scripting in default virus warning pages 2012-08-25
squidclamav -- Denial of Service 2012-08-25
squidGuard -- multiple vulnerabilities 2009-10-22
squirrelmail -- _$POST variable handling allows for various attacks 2005-09-17
squirrelmail -- Cross site scripting in HTML filter 2007-05-21
squirrelmail -- cross site scripting vulnerability 2004-11-12
squirrelmail -- Cross site scripting vulnerability 2008-12-04
squirrelmail -- multiple vulnerabilities 2006-02-24
SquirrelMail -- Plug-ins compromise 2009-08-02
squirrelmail -- plugin.php local file inclusion vulnerability 2006-06-05
SquirrelMail -- post-authentication access privileges 2018-03-17
SquirrelMail -- post-authentication remote code execution 2017-08-22
squirrelmail -- random variable overwrite vulnerability 2006-08-12
squirrelmail -- Session hijacking vulnerability 2008-09-23
squirrelmail -- Several cross site scripting vulnerabilities 2005-06-18
squirrelmail -- XSS and remote code injection vulnerabilities 2005-06-01
SSH.COM SFTP server -- format string vulnerability 2006-03-04
streamripper -- multiple buffer overflows 2008-11-23
strongswan - denial-of-service vulnerability in the gmp plugin/denial-of-service vulnerability in the in-memory certificate cache 2022-01-25
strongswan - Incorrect Handling of Early EAP-Success Messages 2022-01-25
strongswan - Insufficient input validation in RSASSA-PSS signature parser 2018-02-19
strongswan -- authentication bypass vulnerability in the eap-mschapv2 plugin 2015-11-16
strongSwan -- certificate verification vulnerability 2023-03-04
strongswan -- Denial-of-service and potential remote code execution vulnerability 2015-06-09
strongswan -- DOS attack vulnerability 2022-10-10
strongSwan -- ECDSA signature verification issue 2013-05-03
strongswan -- Fix Denial-of-Service Vulnerability strongSwan (CVE-2018-10811, CVE-2018-5388) 2018-05-31
strongswan -- Information Leak Vulnerability 2015-06-09
strongswan -- multiple DoS vulnerabilities 2014-01-27
strongswan -- multiple vulnerabilities 2017-07-19
strongswan -- Remote Authentication Bypass 2014-05-04
strongSwan -- vulnerability in charon-tkm 2023-11-24
stunnel -- heap corruption vulnerability 2011-08-26
stunnel -- Remote Code Execution 2013-03-03
subversion -- Arbitrary code execution vulnerability 2017-08-11
subversion -- DoS vulnerabilities 2014-12-15
subversion -- DoS vulnerabilities 2015-03-31
subversion -- heap overflow vulnerability 2009-08-06
subversion -- mod_dav_svn vulnerability 2014-02-26
subversion -- multiple DoS 2011-01-13
subversion -- multiple vulnerabilities 2013-11-25
subversion -- multiple vulnerabilities 2016-04-28
Subversion -- multiple vulnerabilities 2013-04-05
subversion -- multiple vulnerabilities 2015-12-15
subversion -- multiple vulnerabilities 2015-08-06
Subversion -- multiple vulnerabilities 2011-06-02
Subversion -- Multiple vulnerabilities in server code 2022-04-13
subversion -- remote HTTP DoS vulnerability 2011-03-05
subversion -- remotely triggerable "Assertion failed" DoS vulnerability or read overflow. 2013-07-24
subversion -- several vulnerabilities 2014-08-11
subversion -- Unrestricted XML entity expansion in mod_dontdothat and Subversionclients using http(s) 2016-11-29
subversion -- WebDAV fails to protect metadata 2004-09-26
subversion date parsing vulnerability 2004-05-19
sudo -- arbitrary command execution 2006-02-16
sudo -- Authentication bypass when clock is reset 2013-03-01
sudo -- certain authorized users could run commands as any user 2009-02-06
sudo -- environmental variable CDPATH is not cleared 2005-01-21
sudo -- Flaw in Runas group matching 2010-09-07
sudo -- format string vulnerability 2012-01-30
sudo -- local privilege escalation 2011-01-13
sudo -- local race condition vulnerability 2005-06-20
sudo -- Multiple vulnerabilities 2021-01-26
sudo -- netmask vulnerability 2012-05-16
sudo -- Potential bypass of Runas user restrictions 2019-10-24
sudo -- Potential bypass of Runas user restrictions 2020-01-30
sudo -- Potential bypass of sudo_noexec.so via wordexp() 2016-10-28
sudo -- Potential bypass of tty_tickets constraints 2013-03-01
sudo -- Potential information leak in sudoedit 2021-01-11
sudo -- Potential out-of-bounds write for small passwords 2022-11-07
sudo -- potential privilege escalation via symlink misconfiguration 2016-01-26
sudo -- privilege escalation with bash scripts 2004-11-13
sudo -- Privilege escalation with sudoedit 2010-03-01
sudo -- Privilege escalation with sudoedit 2010-04-15
sudo -- Secure path vulnerability 2010-06-02
sudo -- sudoedit information disclosure 2004-09-20
sudoscript -- signal delivery vulnerability 2004-12-01
sudosh -- buffer overflow 2012-08-09
sugarcrm -- multiple vulnerabilities 2017-09-26
sup -- format string vulnerability 2005-02-27
Supervisord -- An authenticated client can run arbitrary shell commands via malicious XML-RPC requests 2017-08-15
suphp -- multiple local privilege escalation vulnerabilities 2008-04-05
suPHP -- Privilege escalation 2013-07-22
surf -- private information disclosure 2012-02-11
suricata -- buffer over-read 2019-05-26
suricata -- multiple vulnerabilities 2024-02-23
suricata -- TLS/DER Parser Bug (DoS) 2015-05-12
svnserve is vulnerable to a local privilege escalation vulnerability via symlink attack. 2013-09-02
swfdec -- exposure of sensitive information 2008-05-07
sylpheed -- buffer overflow in header processing 2005-03-23
sylpheed -- MIME-encoded file name buffer overflow vulnerability 2005-07-31
sympa - Security flaws in setuid wrappers 2020-05-26
sympa -- buffer overflow in "queue" 2005-06-01
sympa -- Denial of service caused by malformed CSRF token 2020-05-22
sympa -- Inappropriate use of the cookie parameter can be a security threat. This parameter may also not provide sufficient security. 2021-04-27
sympa -- Multiple Security Bypass Vulnerabilities 2012-05-21
sympa -- Remote attackers can read arbitrary files 2015-03-13
sympa -- Unauthorised full access via SOAP API due to illegal cookie 2021-02-06
syncthing -- crash due to malformed relay protocol message 2021-04-12
syslog-ng2 -- startup directory leakage in the chroot environment 2008-11-18
sysutils/openzfs-kmod -- critical permissions issues 2020-08-20
taglib -- heap-based buffer over-read via a crafted audio file 2020-05-03
tailscale -- Insufficient inbound packet filtering in subnet routers and exit nodes 2024-05-09
tailscale -- security vulnerability in Tailscale SSH 2023-03-23
tailscale -- Security vulnerability in the client 2022-11-22
tarsnap -- buffer overflow and local DoS 2015-08-21
tarsnap -- cryptographic nonce reuse 2011-01-19
tauthon -- Regular Expression Denial of Service 2021-06-04
tcl/tk -- buffer overflow in ReadImage function 2007-10-05
tcpdump -- infinite loops in protocol decoding 2005-06-18
tcpdump -- multiple vulnerabilities 2017-09-26
tcpdump ISAKMP payload handling remote denial-of-service 2004-03-31
tcpreplay -- Multiple vulnerabilities 2020-06-11
tcpslice -- heap-based use-after-free in extract_slice() 2022-03-22
tdiary -- cross site scripting vulnerability 2006-12-02
tdiary -- injection vulnerability 2006-12-13
Teamspeak Server -- Directory Traversal Vulnerability 2009-01-20
TeamSpeak Server 3 -- Multiple vulnerabilities including Remote Code Execution 2016-08-14
Teeworlds -- Buffer Overflow 2022-03-10
teeworlds -- Remote code execution 2016-11-21
telepathy-gabble -- TLS verification bypass 2013-06-05
Template::Toolkit -- Directory traversal on write 2020-01-14
testdisk -- buffer overflow with malicious disk image 2015-06-16
texindex -- temporary file privilege escalation 2006-01-27
texproc/expat2 -- billion laugh attack 2021-05-24
textproc/elasticsearch6 -- field disclosure flaw 2020-08-20
The Bouncy Castle Crypto APIs -- EC math vulnerability 2021-08-20
The Bouncy Castle Crypto APIs: CVE-2017-13098 ("ROBOT") 2017-12-29
The GIMP -- Use after Free vulnerability 2016-07-19
The Update Framwork -- path traversal vulnerability 2022-02-22
thunderbird -- javascript execution 2006-04-07
tidy -- heap-buffer-overflow 2015-06-08
tiff -- buffer overflow 2016-07-15
tiff -- buffer overflow vulnerability 2010-06-12
tiff -- buffer overflow vulnerability 2005-07-30
tiff -- directory entry count integer overflow vulnerability 2005-01-06
tiff -- divide-by-zero denial-of-service 2005-01-18
tiff -- Multiple integer overflows 2010-06-16
tiff -- multiple integer overflows 2004-10-13
tiff -- multiple vulnerabilities 2018-01-29
tiff -- multiple vulnerabilities 2017-02-06
tiff -- multiple vulnerabilities 2017-04-20
tiff -- out-of-bounds read in CIE Lab image format 2016-01-05
tiff -- out-of-bounds read in tif_getimage.c 2016-01-05
tiff -- RLE decoder heap overflows 2004-10-13
tiff -- tiffdump integer overflow vulnerability 2005-01-06
TightVNC -- Muliple Vulnerabilities 2023-02-08
tikiwiki -- multiple vulnerabilities 2006-09-30
tikiwiki -- multiple vulnerabilities 2007-11-09
TiMidity++ -- Multiple vulnerabilities 2020-03-02
tin -- buffer overflow vulnerabilities 2006-10-05
tinc -- Buffer overflow 2018-10-09
tinc -- Buffer overflow 2013-04-22
TinyMCE -- mXSS in multiple plugins 2024-01-23
tinyproxy -- ACL lists ineffective when range is configured 2011-04-08
tkdiff -- temporary file symlink privilege escalation 2006-10-15
tmux -- stack overflow in CSI parsing 2020-10-30
tnef -- An attacker may be able to write to the victim's .ssh/authorized_keys file via an e-mail message 2024-10-26
tnef -- Invalid read and write operations, controlled by an attacker 2024-10-26
tnftp -- mget does not check for directory escapes 2005-01-07
tnftpd -- Remote root Exploit 2006-12-11
tnftpd -- remotely exploitable vulnerability 2004-08-17
tomcat -- authentication weaknesses 2012-11-08
tomcat -- bypass of CSRF prevention filter 2012-12-04
tomcat -- bypass of security constraints 2012-12-04
tomcat -- Cross-site scripting vulnerability 2011-02-15
tomcat -- Denial of Service 2012-11-08
tomcat -- Denial of Service 2012-01-17
tomcat -- denial of service 2012-12-04
tomcat -- HTTP request smuggling in multiple versions 2021-08-01
tomcat -- information disclosure vulnerability 2017-01-07
tomcat -- information disclosure vulnerability 2010-04-24
tomcat -- JNDI Realm Authentication Weakness in multiple versions 2021-08-01
tomcat -- multiple vulnerabilities 2015-06-16
tomcat -- multiple vulnerabilities 2017-01-07
tomcat -- multiple vulnerabilities 2014-07-23
tomcat -- multiple vulnerabilities 2017-01-07
tomcat -- multiple vulnerabilities 2016-02-28
tomcat -- multiple vulnerabilities 2016-02-28
tomcat -- multiple vulnerabilities 2007-07-24
tomcat -- Remote Code Execution 2017-10-06
tomcat -- Remote Denial of Service in multiple versions 2021-08-01
Tomcat -- Request Smuggling 2022-11-18
tomcat -- Security constraints ignored or applied too late 2018-02-23
tomcat -- Tomcat Manager cross-site scripting 2005-06-01
Tomcat -- XSS in examples web application 2022-08-14
tomcat -- XSS vulnerability in sample applications 2007-07-24
Tor - Unspecified high severity vulnerability 2022-06-17
tor -- diffie-hellman handshake flaw 2005-08-17
tor -- guard discovery 2013-06-16
tor -- information disclosure 2005-06-24
tor -- malicious tor server can locate a hidden service 2006-02-16
tor -- multiple vulnerabilities 2009-02-13
tor -- remote code execution and crash 2011-01-17
tor -- remote crash and potential remote code execution 2010-12-22
Tor -- remote denial of service 2016-10-18
tor -- remote DoS and loss of anonymity 2004-10-15
tor -- security regression 2017-06-30
tor -- traffic confirmation attack 2014-07-30
tor -- unspecified memory corruption vulnerability 2009-01-29
tor -- Use-after-free in onion service v2 2017-12-14
tor-devel -- DNS resolution vulnerability 2009-06-23
torcs -- untrusted local library loading 2012-01-09
torrentflux -- User-Agent XSS Vulnerability 2006-10-07
tptest -- pwd Remote Stack Buffer Overflow 2009-12-17
trac -- cross site scripting vulnerability 2007-03-09
trac -- file upload/download vulnerability 2005-06-20
trac -- potential DOS vulnerability 2008-11-09
trac -- reStructuredText breach of privacy and denial of service vulnerability 2006-07-07
trac -- search module SQL injection vulnerability 2005-12-07
trac -- Wiki Macro Script Insertion Vulnerability 2006-05-02
traefik -- Azure Identity Libraries Elevation of Privilege Vulnerability 2024-06-22
traefik -- Bypassing IP allow-lists via HTTP/3 early data requests 2024-07-07
traefik -- Denial of service in HTTP/2 2019-08-15
traefik -- multiple vulnerabilities 2022-12-10
traefik -- Resource exhaustion by malicious HTTP/2 client 2023-10-14
traefik -- Unexpected behavior with IPv4-mapped IPv6 addresses 2024-06-15
traefik -- Use of vulnerable Go module x/net/http2 2023-02-19
traefik -- Use of vulnerable Go modules net/http, net/textproto 2023-04-07
trafficserver -- resource consumption 2020-07-02
trafficserver -- unspecified vulnerability 2014-09-05
transmission-daemon -- vulnerable to dns rebinding attacks 2018-01-14
tt-rss -- multiple vulnerabilities 2020-09-20
turba -- Cross site scripting vulnerabilities in several of the address book name and contact data fields 2005-12-11
turnserver -- multiple vulnerabilities 2019-01-30
turnserver -- SQL injection vulnerability 2015-07-02
twiki -- Arbitrary code execution in session files 2008-09-14
twiki -- arbitrary shell command execution 2004-11-15
twiki -- multiple file extensions file upload vulnerability 2006-07-10
twiki -- multiple vulnerabilities 2008-12-30
twiki -- remote Perl code execution 2014-10-31
typespeed -- arbitrary code execution 2007-07-03
typo -- Cross-Site Scripting 2012-04-18
typo3 -- cross-site scripting and information disclosure 2009-02-11
typo3 -- Cross-Site Scripting Vulnerability in TYPO3 Core 2012-07-06
typo3 -- email header injection 2007-06-04
typo3 -- Missing access check in Extbase 2016-07-18
typo3 -- Multiple vulernabilities in TYPO3 Core 2012-08-15
typo3 -- multiple vulnerabilities 2023-08-14
typo3 -- multiple vulnerabilities 2020-08-04
typo3 -- multiple vulnerabilities 2009-02-09
typo3 -- multiple vulnerabilities 2018-12-14
typo3 -- multiple vulnerabilities 2019-02-02
typo3 -- multiple vulnerabilities 2019-12-25
typo3 -- multiple vulnerabilities 2020-05-13
typo3 -- Multiple vulnerabilities 2023-11-15
typo3 -- multiple vulnerabilities 2016-01-29
typo3 -- multiple vulnerabilities 2018-07-17
TYPO3 -- multiple vulnerabilities 2019-06-28
typo3 -- multiple vulnerabilities 2022-12-17
typo3 -- Multiple vulnerabilities in TYPO3 Core 2012-11-12
typo3 -- multiple vulnerabilities in TYPO3 Core 2009-11-05
typo3 -- Multiple vulnerabilities in TYPO3 Core 2013-03-06
typo3 -- Multiple vulnerabilities in TYPO3 Core 2013-08-05
typo3 -- Remote Code Execution 2011-12-18
typo3 -- XSS vulnerability in svg-sanitize 2022-02-27
typo3-{11,12} -- multiple vulnerabilities 2024-03-16
uim -- privilege escalation vulnerability 2005-03-01
uim -- privilege escalation vulnerability 2005-10-01
unace -- multiple vulnerabilities 2005-02-22
Unallowed PHP script execution in GLPI 2023-10-11
unarj -- directory traversal vulnerability 2004-11-26
unarj -- long filename buffer overflow 2004-11-26
Unbound -- an empty error packet handling assertion failure 2011-05-25
unbound -- can be tricked into following an endless series of delegations, this consumes a lot of resources 2014-12-09
Unbound -- Denial of service attack 2024-10-06
unbound -- denial of service vulnerabilities from nonstandard redirection and denial of existence 2011-12-19
Unbound -- Denial-of-Service vulnerability 2024-03-09
Unbound -- Multiple vulnerabilities 2022-08-05
unbound -- mutliple vulnerabilities 2020-05-22
unbound -- Non-Responsive Delegation Attack 2022-09-29
unbound -- parsing vulnerability 2019-11-23
unbound -- parsing vulnerability 2019-10-03
unbound -- vulnerability in the processing of wildcard synthesized NSEC records 2018-01-19
Unbound/NSD -- Denial of service vulnerability 2020-12-12
unit -- heap memory buffer overflow 2019-02-08
unreal -- denial of service 2015-08-18
unrtf -- buffer overflow vulnerability 2005-01-16
unzip -- heap based buffer overflow in iconv patch 2015-02-17
unzip -- input sanitization errors 2015-01-16
unzip -- multiple vulnerabilities 2016-01-04
unzip -- out of boundary access issues in test_compr_eb 2015-02-03
unzip -- permission race vulnerability 2005-09-13
unzoo -- Directory Traversal Vulnerability 2006-11-14
up-imapproxy -- multiple vulnerabilities 2005-01-02
upnp -- denial of service (crash) 2020-10-03
upnp -- multiple vulnerabilities 2013-01-30
upnp -- multiple vulnerabilities 2016-12-27
upnp -- stack overflow vulnerability 2021-04-06
urban -- stack overflow vulnerabilities 2005-09-02
URI handler vulnerabilities in several browsers 2004-05-18
uriparser -- Multiple vulnerabilities 2018-12-02
uriparser -- Multiple vulnerabilities 2022-01-09
uriparser -- Out-of-bounds read 2019-01-06
urllib3 -- certificate verification failure 2016-10-28
urllib3 -- multiple vulnerabilities 2019-11-26
Use-After-Free Vulnerability in pcsc-lite 2017-01-06
Users login enumeration by unauthenticated user in GLPI 2023-10-11
uudeview buffer overflows 2004-03-18
uwsgi -- a stack-based buffer overflow 2018-02-13
varnish -- Denial of Service Vulnerability 2022-08-10
Varnish -- Denial of service vulnerability 2017-08-02
varnish -- DoS vulnerability in Varnish HTTP cache 2014-01-25
varnish -- HTTP/2 Rapid Reset Attack 2023-12-02
varnish -- HTTP/2 Request Forgery Vulnerability 2022-11-09
varnish -- information disclosure vulnerability 2017-12-02
varnish -- Information Disclosure Vulnerability 2019-10-24
varnish -- Request Smuggling Vulnerability 2022-01-29
varnish -- Request Smuggling Vulnerability 2022-11-09
varnish -- Varnish HTTP Request Parsing Denial of Service 2009-02-14
vault -- unauthenticated license read 2021-02-27
vault -- User Enumeration via LDAP auth 2020-12-17
Vaultwarden -- Multiple vulnerabilities 2024-08-12
verlihub -- insecure temporary file usage and arbitrary command execution 2009-01-11
viewcvs -- information leakage 2004-12-08
ViewVC -- user-reachable override of cvsdb row limit 2011-05-23
vim -- arbitrary command execution 2016-12-23
vim -- Command Format String Vulnerability 2007-07-27
vim -- multiple vulnerabilities in the netrw module 2009-01-02
vim -- Vim Shell Command Injection Vulnerabilities 2008-06-21
vim -- vulnerabilities in modeline handling 2005-01-06
vim -- vulnerabilities in modeline handling: glob, expand 2005-07-31
Vim/NeoVim -- Security vulnerability 2019-06-13
vim6 -- heap-based overflow while parsing shell metacharacters 2010-09-09
vinagre -- format string vulnerability 2008-12-31
VirtualBox -- Multiple vulnerabilities 2020-07-19
VirtualBox -- Multiple vulnerabilities 2022-07-21
virtualbox -- privilege escalation 2009-10-07
VirtualBox -- undisclosed vulnerabilities 2016-10-12
virtualbox-ose -- local vulnerability 2014-01-16
virtualbox-ose -- multiple vulnerabilities 2023-07-19
virtualbox-ose -- multiple vulnerabilities 2023-07-19
virtualbox-ose -- multiple vulnerabilities 2023-07-19
vlc -- arbitrary code execution in Real RTSP and MMS support 2012-09-15
vlc -- arbitrary code execution in the RealMedia processor 2008-12-06
vlc -- arbitrary pointer dereference vulnerability 2015-08-20
vlc -- Buffer overflow vulnerability 2019-06-20
vlc -- cue processing stack overflow 2008-11-08
vlc -- Double free in Matroska demuxer 2019-06-20
vlc -- format string vulnerability and integer overflow 2007-06-18
VLC -- Heap corruption in MP4 demultiplexer 2011-04-17
vlc -- Insufficient input validation in MKV demuxer 2011-02-02
vlc -- invalid id3v2 tags may lead to invalid memory dereferencing 2010-08-14
vlc -- multiple vulnerabilities 2019-08-20
vlc -- Multiple vulnerabilities fixed in VLC media player 2020-04-29
VLC -- Possibly remote code execution via crafted file 2016-06-11
vlc -- remote code execution via crafted subtitles 2017-05-26
vlc -- stack overflow in MPA, AVI and ASF demuxer 2009-11-03
vlc -- unintended code execution with specially crafted data 2010-05-01
vlc -- Use after free vulnerability 2018-07-21
vlc heap-based buffer overflow 2020-06-17
vnc -- authentication bypass vulnerability 2006-05-18
vorbis-tools -- Speex header processing vulnerability 2008-05-11
vorbis-tools, opus-tools -- multiple vulnerabilities 2015-09-09
vorbistools -- heap buffer overflow in oggenc 2023-11-05
vscode -- Visual Studio Code for Linux Remote Code Execution Vulnerability 2024-10-11
vscode -- Visual Studio Code Information Disclosure Vulnerability 2023-05-10
vscode -- VS Code Information Disclosure Vulnerability 2023-06-13
vscode -- VS Code Remote Code Execution Vulnerability 2023-09-13
vte -- Classic terminal title set+query attack 2010-07-18
vtiger -- multiple remote file inclusion vulnerabilities 2006-10-15
Vulnerabilities in Curl 2016-08-04
Vulnerabilities in H.323 implementations 2004-02-22
Vulnerability in HWP document filter 2015-05-07
w3m - multiple vulnerabilities 2018-02-01
w3m -- format string vulnerability 2007-01-03
w3m -- multiple vulnerabilities 2017-01-01
Wagtail -- potential timing attack vulnerability 2020-05-05
Wagtail -- XSS vulnerability 2020-07-24
Wagtail -- XSS vulnerability 2020-04-22
wavpack -- integer overflow in pack_utils.c 2021-01-14
wavpack -- multiple invalid memory reads 2017-02-18
wavpack -- multiple vulnerabilities 2018-05-11
wayland -- integer overflow 2021-05-31
web browsers -- window injection vulnerabilities 2005-01-24
WebCalendar -- "noSet" variable overwrite vulnerability 2007-04-08
WebCalendar -- information disclosure vulnerability 2006-06-16
WebCalendar -- multiple vulnerabilities 2012-05-02
WebCalendar -- Persistent XSS 2012-02-12
WebCalendar -- remote file inclusion vulnerability 2005-10-15
WebCalendar -- unauthorized access vulnerability 2006-02-20
webkit -- UI spoof 2016-02-04
WebKit-gtk -- Multiple vulnerabilities 2015-01-09
webkit-gtk -- Multiple vulnerabilities 2019-02-24
Webkit-gtk2 -- Multiple Vulnabilities 2010-10-19
webkit-gtk2 -- Multiple vulnerabilities 2010-09-10
webkit-gtk2 -- Multiple vulnerabilities 2010-07-18
webkit-gtk2 -- Multiple vulnerabilities 2010-12-30
webkit-gtk2 -- Multiple vurnabilities. 2011-02-10
webkit-gtk3 -- Multiple vulnerabilities 2020-02-19
webkit-gtk3 -- Multiple vulnerabilities 2020-01-26
webkit2-gtk3 -- Denial of service 2020-04-18
webkit2-gtk3 -- multible vulnerabilities 2020-07-10
webkit2-gtk3 -- Multiple vulnerabilities 2019-11-27
webkit2-gtk3 -- multiple vulnerabilities 2017-07-25
webkit2-gtk3 -- multiple vulnerabilities 2021-09-24
webkit2-gtk3 -- Multiple vulnerabilities 2019-07-06
webkit2-gtk3 -- Multiple vulnerabilities 2019-08-30
webkit2-gtk3 -- Multiple vulnerabilities 2019-10-31
webkit2-gtk3 -- multiple vulnerabilities 2018-03-28
webmin -- cross site scripting vulnerability 2007-06-09
webmin -- insecure temporary file creation at installation time 2004-09-14
webmin -- potential XSS attack via real name field 2012-11-02
webmin -- unauthenticated remote code execution 2019-08-17
webmin, usermin -- arbitrary file disclosure vulnerability 2006-07-02
websocket-extensions -- ReDoS vulnerability 2020-06-03
websvn -- information disclosure 2016-03-06
websvn -- multiple vulnerabilities 2009-02-09
websvn -- reflected cross-site scripting 2016-03-06
webtrees -- vulnerability 2022-12-29
weechat -- Arbitrary shell command execution via scripts 2012-11-18
weechat -- crash in logger plugin 2017-09-25
weechat -- Crash or freeze when decoding IRC colors in strings 2012-11-10
WeeChat -- Crash when decoding a malformed websocket frame in relay plugin. 2021-09-05
weechat -- multiple vulnerabilities 2017-04-24
WeeChat -- Multiple vulnerabilities 2020-02-21
Weechat -- Possible man-in-the-middle attack in TLS connection to servers 2022-03-16
weex -- remote format string vulnerability 2005-10-02
wemux -- read-only can be bypassed 2014-03-13
wesnoth -- Code Injection vulnerability 2018-09-26
wesnoth -- disclosure of .pbl files with lowercase, uppercase, and mixed-case extension 2015-07-01
Wesnoth -- Remote information disclosure 2015-04-17
wget -- Access List Bypass / Race Condition 2016-11-30
wget -- cookie injection vulnerability 2018-05-08
wget -- Heap overflow in HTTP protocol handling 2017-10-27
wget -- HTTP to FTP redirection file name confusion vulnerability 2016-06-21
wget -- multiple HTTP client download filename vulnerability 2010-09-03
wget -- multiple vulnerabilities 2004-12-14
wget -- path traversal vulnerability in recursive FTP mode 2014-11-08
wget -- security flaw in caching credentials passed as a part of the URL 2019-04-12
wget -- Stack overflow in HTTP protocol handling 2017-10-27
win32-codecs -- multiple vulnerabilities 2006-09-14
wine -- information disclosure due to insecure temporary file handling 2005-03-24
wireshark -- denial of service in DRDA dissector 2012-08-31
wireshark -- DOCSIS dissector denial of service 2010-05-07
Wireshark -- DoS in the BER-based dissectors 2010-11-05
wireshark -- LWRES vulnerability 2010-02-10
wireshark -- Multiple problems 2007-07-06
wireshark -- multiple security issues 2017-12-10
wireshark -- multiple security issues 2018-03-04
wireshark -- multiple security issues 2017-10-30
Wireshark -- Multiple vulnerabilities 2012-08-18
wireshark -- multiple vulnerabilities 2015-05-28
wireshark -- multiple vulnerabilities 2007-12-19
wireshark -- multiple vulnerabilities 2016-05-02
Wireshark -- Multiple vulnerabilities 2012-01-23
wireshark -- multiple vulnerabilities 2016-07-04
wireshark -- multiple vulnerabilities 2016-12-01
wireshark -- multiple vulnerabilities 2009-05-09
wireshark -- multiple vulnerabilities 2016-08-06
wireshark -- multiple vulnerabilities 2016-03-01
wireshark -- multiple vulnerabilities 2016-03-01
wireshark -- multiple vulnerabilities 2015-09-08
wireshark -- multiple vulnerabilities 2009-03-22
Wireshark -- Multiple Vulnerabilities 2012-10-22
wireshark -- Pcapng file parser crash 2015-10-25
wireshark -- PCNFSD Dissector Denial of Service Vulnerability 2009-05-30
wireshark -- SMTP Processing Denial of Service Vulnerability 2008-12-07
wolfssl -- DDoS amplification in DTLS 2016-01-05
wolfssl -- leakage of private key information 2016-01-05
wolfssl -- multiple issues 2022-08-08
wordpress -- 2 cross-site scripting vulnerabilities 2015-05-07
WordPress -- cross site scripting vulnerability 2012-01-03
wordpress -- cross-site scripting 2007-11-01
wordpress -- cross-site scripting vulnerability 2015-05-07
wordpress -- full path disclosure 2006-04-23
wordpress -- header rss feed script insertion vulnerability 2008-11-29
wordpress -- multiple issues 2019-09-06
wordpress -- multiple issues 2019-11-12
wordpress -- multiple issues 2018-07-08
wordpress -- multiple issues 2018-01-19
wordpress -- multiple issues 2017-12-01
wordpress -- multiple issues 2017-11-01
wordpress -- multiple issues 2020-11-02
wordpress -- multiple issues 2018-12-15
wordpress -- multiple issues 2017-09-29
wordpress -- multiple issues 2019-03-21
wordpress -- multiple issues 2018-04-20
wordpress -- multiple issues 2022-03-16
wordpress -- multiple issues 2019-12-26
wordpress -- multiple unspecified privilege escalation bugs 2012-09-07
wordpress -- multiple vulnerabilities 2015-01-05
wordpress -- multiple vulnerabilities 2013-07-27
wordpress -- multiple vulnerabilities 2017-03-07
wordpress -- multiple vulnerabilities 2013-01-29
wordpress -- multiple vulnerabilities 2016-03-08
wordpress -- multiple vulnerabilities 2016-12-14
wordpress -- multiple vulnerabilities 2016-06-25
wordpress -- multiple vulnerabilities 2015-09-15
WordPress -- Multiple Vulnerabilities 2022-01-13
Wordpress -- multiple vulnerabilities 2017-05-21
wordpress -- multiple vulnerabilities 2012-04-23
wordpress -- multiple vulnerabilities 2005-07-05
wordpress -- multiple vulnerabilities 2009-11-14
wordpress -- multiple vulnerabilities 2017-01-29
wordpress -- multiple vulnerabilities 2016-05-10
wordpress -- multiple vulnerabilities 2017-01-15
wordpress -- multiple vulnerabilities 2005-07-05
wordpress -- multiple vulnerabilities 2013-10-19
wordpress -- multiple vulnerabilities 2015-04-24
wordpress -- Multiple vulnerability 2015-08-06
wordpress -- remote admin password reset vulnerability 2009-08-12
wordpress -- remote privilege escalation 2008-10-22
wordpress -- remote sql injection vulnerability 2007-09-21
wordpress -- snoopy "_httpsrequest()" shell command execution vulnerability 2008-10-24
wordpress -- SQL injection vulnerability 2011-02-05
wordpress -- unmoderated comments disclosure 2007-06-09
wordpress -- XMLRPC SQL Injection 2007-06-09
wordpress -- XSS 2024-04-10
wordpress -- XSS in administration panel 2004-10-13
wordpress -- XSS vulnerability 2015-07-23
wordpress -- XSS vulnerability 2016-01-26
WPA packet number reuse with replayed messages and key reinstallation 2017-10-16
wpa_supplicant -- P2P SSID processing vulnerability 2015-04-25
wpa_supplicant -- WPS_NFC option payload length validation vulnerability 2015-07-09
wu-ftpd -- remote globbing DoS vulnerability 2005-04-04
wu-ftpd ftpaccess `restricted-uid'/`restricted-gid' directive may be bypassed 2004-03-08
wv -- Multiple Integer Overflow Vulnerabilities 2006-12-13
wv2 -- Integer Overflow Vulnerability 2006-12-13
www/awstats -- Partial absolute pathname 2023-01-23
www/chromium -- multiple vulnerabilities 2015-06-22
www/chromium -- multiple vulnerabilities 2021-02-03
www/mod_dav_svn -- Malicious SVN clients can crash mod_dav_svn. 2019-01-23
www/mod_security -- NULL pointer dereference DoS 2013-06-03
www/py-bleach -- multiple vulnerabilities 2020-03-18
www/py-requests -- Information disclosure vulnerability 2019-01-22
www/varnish6 -- Denial of Service 2019-09-03
www/varnish7 -- Denial of Service 2024-03-18
wzdftpd -- remote DoS 2004-11-03
X.org libraries -- multiple vulnerabilities 2016-10-07
X11 server -- pixmap allocation vulnerability 2005-09-15
X11 Session -- SDDM allows unauthorised unlocking 2018-09-11
x11/cde -- Local privilege escalation via CDE dtsession 2021-08-09
x11/libXpm multiple vulnerabilities 2023-10-12
x11vnc -- access to shared memory segments 2024-11-08
x11vnc -- authentication bypass vulnerability 2006-08-13
xapian-omega -- cross-site scripting vulnerability 2009-09-13
xchat remotely exploitable buffer overflow (Socks5) 2004-04-23
xdelta3 -- buffer overflow vulnerability 2016-02-16
xdm -- remote denial of service 2019-08-18
xen-kernel -- arm: vgic-v2: GICD_SGIR is not properly emulated 2015-07-11
xen-kernel -- arm: vgic: incorrect rate limiting of guest triggered logging 2015-07-11
xen-kernel -- broken check in memory_exchange() permits PV guest breakout 2017-04-06
xen-kernel -- Certain domctl operations may be abused to lock up the host 2015-07-11
xen-kernel -- CPU lockup during exception delivery 2015-11-16
xen-kernel -- CR0.TS and CR0.EM not always honored for x86 HVM guests 2016-12-04
xen-kernel -- GNTTABOP_swap_grant_ref operation misbehavior 2015-07-11
xen-kernel -- guest 32-bit ELF symbol table load leaking host data 2016-12-04
xen-kernel -- Hypervisor memory corruption due to x86 emulator flaw 2015-07-11
xen-kernel -- information leak in legacy x86 FPU/XMM initialization 2016-01-06
xen-kernel -- Information leak through version information hypercall 2015-07-11
xen-kernel -- Information leak through XEN_DOMCTL_gettscinfo 2015-07-11
xen-kernel -- Information leak via internal x86 system device emulation 2015-07-11
xen-kernel -- ioreq handling possibly susceptible to multiple read issue 2016-01-06
xen-kernel -- leak of main per-domain vcpu pointer array 2015-11-11
xen-kernel -- leak of per-domain profiling-related vcpu pointer array 2015-11-11
xen-kernel -- Long latency populate-on-demand operation is not preemptible 2015-11-11
xen-kernel -- multiple vulnerabilities 2017-10-12
xen-kernel -- PV superpage functionality missing sanity checks 2016-02-28
xen-kernel -- some pmu and profiling hypercalls log without rate limiting 2015-11-11
xen-kernel -- Uncontrolled creation of large page mappings by PV guests 2015-11-11
xen-kernel -- use after free in FIFO event channel code 2016-12-04
xen-kernel -- VMX: guest user mode may crash guest with non-canonical RIP 2016-02-28
xen-kernel -- VMX: intercept issue with INVLPG on non-canonical address 2016-02-28
xen-kernel -- vulnerability in the iret hypercall handler 2015-07-11
xen-kernel -- x86 64-bit bit test instruction emulation broken 2016-12-04
xen-kernel -- x86 CMPXCHG8B emulation fails to ignore operand size override 2016-12-14
xen-kernel -- x86 HVM: Overflow of sh_ctxt->seg_reg[] 2016-12-04
xen-kernel -- x86 null segments not always treated as unusable 2016-12-04
xen-kernel -- x86 PV guests may be able to mask interrupts 2016-12-22
xen-kernel -- x86 segment base write emulation lacking canonical address checks 2016-12-04
xen-kernel -- x86 shadow pagetables: address width overflow 2016-07-04
xen-kernel -- x86 software guest page walk PS bit handling flaw 2016-07-04
xen-kernel -- x86 task switch to VM86 mode mis-handled 2016-12-04
xen-kernel -- x86: Disallow L3 recursive pagetable for 32-bit PV guests 2016-12-04
xen-kernel -- x86: Mishandling of instruction pointer truncation during emulation 2016-12-04
xen-kernel -- x86: Mishandling of SYSCALL singlestep during emulation 2016-12-20
xen-kernel -- x86: Missing SMAP whitelisting in 32-bit exception / event delivery 2016-08-02
xen-kernel -- x86: Privilege escalation in PV guests 2016-08-02
xen-kernel -- XENMEM_exchange error handling issues 2016-01-06
xen-kernel and xen-tools -- Long latency MMIO mapping operations are not preemptible 2015-07-11
xen-tools -- Cirrus VGA Heap overflow via display refresh 2017-03-23
xen-tools -- cirrus_bitblt_cputovideo does not check if memory region is safe 2017-02-22
xen-tools -- delimiter injection vulnerabilities in pygrub 2016-12-04
xen-tools -- Guest triggerable qemu MSI-X pass-through error messages 2015-07-11
xen-tools -- HVM qemu unexpectedly enabling emulated VGA graphics backends 2015-07-11
xen-tools -- libxl fails to honour readonly flag on disks with qemu-xen 2015-11-11
xen-tools -- libxl leak of pv kernel and initrd on error 2016-01-06
xen-tools -- oob access in cirrus bitblt copy 2017-02-11
xen-tools -- PCI MSI mask bits inadvertently exposed to guests 2015-07-11
xen-tools -- populate-on-demand balloon size inaccuracy can crash guests 2015-11-11
xen-tools -- Potential unintended writes to host MSI message data field via qemu 2015-07-11
xen-tools -- qemu incautious about shared ring processing 2016-12-04
xen-tools -- QEMU: Banked access to VGA memory (VBE) uses inconsistent bounds checks 2016-07-04
xen-tools -- Unmediated PCI command register access in qemu 2015-07-11
xen-tools -- Unmediated PCI register access in qemu 2015-07-11
xen-tools -- Unrestricted qemu logging 2016-07-04
xen-tools -- Unsanitised driver domain input in libxl device handling 2016-07-04
xen-tools -- Unsanitised guest input in libxl device handling code 2016-07-04
xen-tools -- virtio: unbounded memory allocation issue 2016-08-02
xen-tools -- xenstore denial of service via repeated update 2017-03-30
xen-tools -- xl command line config handling stack overflow 2015-07-11
xerces-c2 -- Attribute blowup denial-of-service 2004-10-13
xerces-c3 -- Parser Crashes on Malformed Input 2016-02-28
xercesi-c3 -- multiple vulnerabilities 2016-07-26
XFCE -- Allows executing malicious .desktop files pointing to remote code 2022-06-11
xfce -- multiple vulnerabilities 2008-01-22
XFCE tumbler -- Vulnerability in the GStreamer plugin 2022-08-12
XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0 2004-06-28
xfs -- multiple vulnerabilities 2007-10-08
xine -- multiple remote string vulnerabilities 2006-04-23
xine-lib arbitrary file overwrite 2004-05-02
xinetd -- attackers can bypass access restrictions if tcpmux-servers service enabled 2012-10-17
xinetd -- ignores user and group directives for TCPMUX services 2013-10-03
xli -- integer overflows in image size calculations 2005-06-03
xloadimage -- arbitrary command execution when handling compressed files 2005-06-03
xloadimage -- buffer overflow in FACES image handling 2005-06-03
xloadimage -- buffer overflows in NIFF image title handling 2005-10-20
xlockmore -- local exploit 2012-10-17
xml-security-c -- crashes on malformed KeyInfo content 2018-08-07
xmltooling -- remote resource access 2023-06-12
xmms -- Integer Overflow And Underflow Vulnerabilities 2014-03-06
xorg -- multiple vulnerabilities 2008-06-15
xorg -- multiple vulnerabilities 2008-01-23
xorg -- protocol handling issues in X Window System client libraries 2013-06-04
xorg server -- Multiple vulnerabilities 2024-04-04
xorg server -- Multiple vulnerabilities 2024-01-16
Xorg server -- two vulnerabilities in X server lock handling code 2011-10-18
xorg-server -- Information leak in the XkbSetGeometry request of X servers. 2015-02-12
xorg-server -- Input validation failures in X server XInput extension 2021-04-13
xorg-server -- Multiple input validation failures in X server extensions 2020-08-25
xorg-server -- Multiple input validation failures in X server XKB extension 2020-12-01
xorg-server -- Multiple Issues 2017-10-17
xorg-server -- Multiple security issues in X server extensions 2023-01-11
xorg-server -- multiple vulnerabilities 2017-10-13
xorg-server -- multiple vulnerabilities 2017-10-09
xorg-server -- Multiple vulnerabilities 2023-10-25
xorg-server -- Multiple vulnerabilities 2023-12-13
xorg-server -- Overlay Window Use-After-Free 2023-03-29
xorg-server -- Pixel Data Uninitialized Memory Information Disclosure 2020-08-01
xorg-server -- privilege escalation 2006-03-21
xorg-server -- Security issue in the X server 2023-02-08
xorg-server -- use-after-free 2013-10-24
xpcd -- buffer overflow 2007-06-21
xpdf -- buffer overflow vulnerability 2004-12-23
xpdf -- disk fill DoS vulnerability 2005-08-12
xpdf -- integer overflow vulnerabilities 2004-10-25
xpdf -- makeFileKey2() buffer overflow vulnerability 2005-01-26
xpdf -- multiple remote Stream.CC vulnerabilities 2007-11-12
Xpdf -- Multiple Vulnerabilities 2019-10-06
xpdf -- multiple vulnerabilities 2009-04-18
Xpdf -- Multiple Vulnerabilities 2009-10-20
xpdf -- stack based buffer overflow 2007-07-31
xpm -- image decoding vulnerabilities 2004-09-15
xrdb -- root hole via rogue hostname 2011-04-14
xrdp -- Improper handling of session establishment errors allows bypassing OS-level session restrictions 2023-09-27
xrdp -- local user can cause a denial of service 2017-11-29
xrdp -- Local users can perform a buffer overflow attack against the xrdp-sesman service and then inpersonate it 2020-06-30
xrdp -- multiple vulnerabilities 2022-12-10
xrdp -- privilege escalation 2022-02-08
xrdp -- unchecked access to font glyph info 2023-09-27
xscreensaver - lock bypass 2015-10-27
xserver -- multiple issue with X client request handling 2014-12-10
xshisen -- local buffer overflows 2005-01-11
XSS issue in MantisBT 2011-09-05
xterm -- DECRQSS remote command execution vulnerability 2009-01-05
xtrlock -- X display locking bypass 2005-06-01
xtrlock -- xtrlock does not block multitouch events 2021-08-09
xv -- exploitable buffer overflows 2004-10-05
xv -- filename handling format string vulnerability 2005-03-21
xview -- multiple buffer overflows in xv_parse_one 2005-06-01
Xymon -- buffer overrun 2015-02-02
xymon-server -- multiple vulnerabilities 2016-02-09
xymon-server -- multiple vulnerabilities 2019-09-07
yamt -- arbitrary command execution vulnerability 2005-01-23
yamt -- buffer overflow and directory traversal issues 2005-06-03
yii -- Remote arbitrary PHP code execution 2014-11-19
ypserv -- Inoperative access controls in ypserv 2006-06-09
YUI JavaScript library -- JavaScript injection exploits in Flash components 2010-12-15
YUI JavaScript library -- JavaScript injection exploits in Flash components 2012-11-27
zabbix -- php frontend multiple vulnerabilities 2009-03-16
Zabbix -- Remote code execution 2017-08-16
Zabbix -- Remote code execution 2020-05-20
zabbix -- shell command injection vulnerability 2013-12-16
zabbix-frontend -- multiple XSS vulnerabilities 2011-12-29
zebra/quagga denial of service vulnerability 2004-03-29
zeek -- null-pointer dereference vulnerability 2021-04-21
zeek -- potential denial of service issues 2020-03-15
zeek -- potential DoS vulnerabilities 2023-04-12
zeek -- potential DoS vulnerabilities 2023-05-19
zeek -- potential DoS vulnerabilities 2023-02-21
zeek -- potential DoS vulnerabilities 2023-09-12
zeek -- potential DoS vulnerabilities 2022-08-26
zeek -- potential DoS vulnerabilities 2023-02-01
zeek -- potential DoS vulnerabilities 2022-09-19
zeek -- potential DoS vulnerabilities 2023-10-27
zeek -- potential DoS vulnerabilities 2022-11-24
zeek -- potential DoS vulnerabilities 2022-11-09
zeek -- potential DoS vulnerability 2024-10-05
zeek -- potential DoS vulnerability 2024-09-24
zeek -- potential DoS vulnerability 2024-01-22
zeek -- potential DoS vulnerabilty 2022-04-21
zeek -- potential DoS vulnerabilty 2022-06-03
zeek -- Remote crash vulnerability 2021-02-22
zeek -- Remote crash vulnerability 2020-04-14
zeek -- several potential DoS vulnerabilities 2021-06-02
zeek -- several vulnerabilities 2021-09-22
zeek -- Various vulnerabilities 2020-07-28
zeek -- Various vulnerabilities 2020-05-06
zeek -- Various vulnerabilities 2020-06-10
zeek -- Various vulnerabilities 2020-09-09
zeek -- Vulnerability due to memory leak 2020-10-07
Zend Framework -- Local File Inclusion vulnerability in Zend_View::render() 2009-02-18
Zend Framework -- multiple vulnerabilities 2010-01-11
Zend Framework -- Multiple vulnerabilities via XXE injection 2012-10-16
Zend Framework -- potential SQL injection when using PDO_MySql 2011-05-13
Zend Framework -- security issues in bundled Dojo library 2010-04-06
ZendFramework1 -- SQL injection vulnerability 2015-10-06
zenphoto -- multiple vulnerabilities 2015-07-16
zenphoto -- XSS vulnerability 2008-02-09
zgrep -- arbitrary file write 2022-04-19
zgv -- exploitable heap overflows 2005-01-18
zgv, xzgv -- heap overflow vulnerability 2006-04-23
zhcon -- unauthorized file access 2005-01-25
zinf -- potential buffer overflow playlist support 2004-10-12
zip -- long path buffer overflow 2004-12-01
ziproxy -- atypical huge picture files vulnerability 2010-05-28
ziproxy -- multiple vulnerability 2009-04-15
ziproxy -- security vulnerability in PNG decoder 2010-06-15
zlib -- buffer overflow vulnerability 2005-07-06
zlib -- buffer overflow vulnerability 2005-08-05
znc -- Authenticated users can trigger an application crash 2020-06-10
znc -- Denial of Service 2019-03-31
znc -- multiple vulnerabilities 2018-07-18
znc -- null pointer dereference in webadmin module 2013-05-28
znc -- privilege escalation 2019-06-22
znc -- remote code execution vulnerability 2024-07-28
zoo -- stack based buffer overflow 2006-04-05
zookeeper -- Denial Of Service 2017-10-10
zope -- cross-site scripting vulnerability 2007-04-05
zope -- expose RestructuredText functionality to untrusted users 2005-10-11
zope -- information disclosure vulnerability 2006-07-14
zope -- restructuredText "csv_table" Information Disclosure 2006-09-22
zsh -- Arbitrary command execution vulnerability 2022-02-12
zydis -- heap buffer overflow 2022-10-04
zziplib - multiple vulnerabilities 2018-07-06