PHP Auction version 3.2 suffers from remote file inclusion and information disclosure vulnerabilities.
c27e09f77a2ca645ee6c18974fe12181187eb70133fb442a775ad06d7497be76Silentum LoginSys version 1.0.0 suffers from a cross site scripting vulnerability.
9b0222b0bbbe0a43c34721e69c1b10388d15bc7e2dd6d0667581d40cf156b802IranMC CMS suffers from a remote SQL injection vulnerability.
56e10356bc27298efd0ac38b2a588bc3cd820ba9370b261370379df157e49ae3This is a paper detailing the Five Ws of the Citect ODBC vulnerability that affects Citect versions 5, 6, and 7.
964dabad19a7f4cc68531d84e4b801807359a6d0cc916ab14e3874c422b8c097This Metasploit module exploits a stack overflow in CitectSCADA's ODBC daemon. This has only been tested against Citect versions 5, 6, and 7.
4b8827fd3066f46018ff90f1daa741907933623b3c2e871114a59e4b146524c0Flock Social Web Browser version 1.2.5 looping denial of service exploit.
3f974f315832a1cbeb40d94292bb15e4def3ac49c4aa6f2d5ad68e0018a98d47Google Chrome Browser version 0.2.149.27 Inspect Element denial of service exploit.
c9565e7a2a8d629a7a7759f4c461ff8f895a59b6ce021e4156daae03fe1ff89aGoogle Chrome Browser version 0.2.149.27 automatic file download exploit that uses window.setTimeout.
04ab1fc310768e072f8ece301b0c69a1dcff764a42072ee691d0bf69bc835897Pardus Linux Security Advisory - Romain Francoise has found a security risk in a feature of GNU Emacs related to how Emacs interacts with Python.
48a13887b9e512f4baabfaf2c71af289e1947c6fe595ea6051cbd6d9f0bd19f5Pardus Linux Security Advisory - A security issue has been reported in Postfix, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
958c2becbf55d42c7936f60de3ecc7d90e1b2002e2058419d481531dd00703edPardus Linux Security Advisory - Multiple vulnerabilities have been discovered in Clamav including a DoS (Denial of Service) vulnerability and memory leaks.
2331c30928290a28bfd081bc7ad6f8d8dbfe7c81e96370e17f7a6bef9463794ePardus Linux Security Advisory - Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
7a2756675c858fefab07fe032db2c66d614e3bf57731f0e65770eff5c2169b3fPardus Linux Security Advisory - A vulnerability has been reported in Django, which can be exploited by malicious people to conduct cross-site request forgery attacks.
0f3e2d8d2aa2a771508d97fb6450823f97cb7e84e3836afa0152e50cc3924c78Mandriva Linux Security Advisory - A number of vulnerabilities have been discovered in the Apache Tomcat server. The default catalina.policy in the JULI logging component did not restrict certain permissions for web applications which could allow a remote attacker to modify logging configuration options and overwrite arbitrary files. A cross-site scripting vulnerability was found in the HttpServletResponse.sendError() method which could allow a remote attacker to inject arbitrary web script or HTML via forged HTTP headers. A cross-site scripting vulnerability was found in the host manager application that could allow a remote attacker to inject arbitrary web script or HTML via the hostname parameter. A traversal vulnerability was found when using a RequestDispatcher in combination with a servlet or JSP that could allow a remote attacker to utilize a specially-crafted request parameter to access protected web resources. A traversal vulnerability was found when the 'allowLinking' and 'URIencoding' settings were actived which could allow a remote attacker to use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the Tomcat process. The updated packages have been patched to correct these issues.
671c266b622abcde147cced4d2ade0342dc354b1e14091c9d9d4d069b8cb34a4Gentoo Linux Security Advisory GLSA 200809-05 - It has been discovered that some input (e.g. the username) passed to the Courier Authentication library are not properly sanitised before being used in SQL queries. Versions less than 0.60.6 are affected.
44bb3b3120ba26748dfeaf312e1564a3776e43643b878fab7073b2ec29ff6d60Secunia Security Advisory - James Bercegay has reported a vulnerability in CS-Cart, which can be exploited by malicious people to conduct SQL injection attacks.
b57c0b5b8b518cf06c8371d5b1a986205b38993388f3267f4b35f1a22a27f17bSecunia Security Advisory - Fedora has issued an update for samba. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
7a42c61894f8734a4266518563ad40457001a93b3fbf58892e073f7e62881009Secunia Security Advisory - Gentoo has issued an update for dnsmasq. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and poison the DNS cache.
fee2a244ec57f1f8e5eaab44e6dfd93017bfac91c82e3a434c0e17e6d126b662Secunia Security Advisory - Gentoo has issued an update for mysql. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
bf02dc5373939bb23ff7992fa3c2ee250f7b689fdcda8f14d97eed08be86375cSecunia Security Advisory - Gentoo has issued an update for realplayer. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
4b912da21961adfb3e732adf3a13f715bfbd201efe667c7dd79ce17d333df315Secunia Security Advisory - rPath has issued an update for libtiff. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
6068d11e8f8b634b85ae123e56e143138cb8f72a56cbd9760165f8722c1ac953Secunia Security Advisory - A vulnerability has been reported in various HP OpenView Select Identity Connectors, which can be exploited by malicious, local users to disclose potentially sensitive information.
fd70057fbf3a5a2abe68a898215ea0be8b9cdcb8e265140466be3bb9c2bbf6df
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed