CVE’s

Multiple cross-site scripting (XSS) vulnerabilities in Gallarific Free Edition allow remote attackers to inject arbitrary web script or HTML via (1) the e-mail address, (2) a comment, which is not properly handled during moderation, and (3) the tag parameter to gallery/tags.php.

Unspecified vulnerability in Octopussy before 0.9.5.8 has unknown impact and attack vectors related to a "major security" vulnerability.

Cross-site scripting (XSS) vulnerability in Invision Power Board 2.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via an IFRAME tag in the signature.

Nortel UNIStim protocol, as used in Communication Server 1000 and other products, uses predictable sequence numbers, which allows remote attackers to hijack sessions via sniffing or brute force attacks.

Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DTD file.

Cross-site scripting (XSS) vulnerability in jax_linklists.php in Jack (tR) Jax LinkLists 1.00 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Citrix Presentation Server Client for Windows before 10.200 does not clear "credential information" from process memory in unspecified circumstances, which might allow local users to gain privileges.

Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product.

Merge mcd in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges via a crafted -d argument that contains .. (dot dot) sequences that point to a directory containing a file whose name includes shell metacharacters.

Untrusted search path vulnerability in (1) hvdisp and (2) rcvm in ReliantHA 1.1.4 in SCO UnixWare 7.1.4 allows local users to gain root privileges by modifying the RELIANT_PATH environment variable to point to a malicious bin/hvenv program.