Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environmental information such as TERM or TERMINFO_DIRS.

Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user

WebKit, as used in Apple iOS before 8.1.1 and Apple TV before 7.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than CVE-2

Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message."

Multiple cross-site scripting (XSS) vulnerabilities in cPanel 9.1.0-R85 allow remote attackers to inject arbitrary web script or HTML via the (1) email parameter to testfile.html, (2) file parameter to erredit.html, (3) dns parameter to dnslook.html,

Buffer overflow in the MSN module in Trillian 0.74i allows remote MSN servers to execute arbitrary code via a long string that ends in a newline character.

Unknown vulnerability in Veritas Cluster Server 1.0.1 through 4.0 allows local users to gain root access via unspecified vectors.

Ansel 1.2 through 2.0 uses insecure default permissions, which allows remote attackers to gain access to web readable directories.

SQL injection vulnerability in forum.asp in AliveSites Forums 2.0 allows remote attackers to execute arbitrary SQL commands via the forum_id parameter.

Cross-site scripting (XSS) vulnerability in AliveSites Forums 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) forum_id, (2) method, or (3) forum_title parameters to post.asp, (4) the forum_title parameter to forum.asp,

SQL injection vulnerability in NatterChat 1.12 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Multiple SQL injection vulnerabilities in WowBB Forum 1.61 allow remote attackers to execute arbitrary SQL commands via the (1) sort_by or (2) page parameters to view_user.php, or the (3) forum_id parameter to view_topic.php. NOTE: the sort_by vecto

Cross-site scripting (XSS) vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors.

Multiple cross-site scripting (XSS) vulnerabilities in Express-Web Content Management System (CMS) allow remote attackers to steal cookie-based authentication information and possibly perform other exploits via the (1) n, (2) b, (3) e, or (4) a param

SQL injection vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Multiple cross-site scripting (XSS) vulnerabilities in WowBB Forum 1.61 allow remote attackers to inject arbitrary web script or HTML via the (1) country parameter to view_user.php, (2) show parameter to view_forum.php, (3) letter parameter to view_u

SQL injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to execute arbitrary SQL commands via unknown vectors.

Cross-site scripting (XSS) vulnerability in DevoyBB Web Forum 1.0.0 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.