Secunia Security Advisory - Parvez Anwar has discovered a weakness in HP PKI ActiveX control, which can be exploited by malicious people to cause a DoS (Denial of Service).
ca79902a496720c54c8d371eff1416a450cbf56cf7f93599f1ae157f4f7a18e6
Secunia Security Advisory - Two vulnerabilities have been discovered in w-CMS, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.
2a32f5151363e7cc7dc4f7989b731f919105c94a7e9dad0b8f12a54aeadbd61f
Secunia Security Advisory - Blue Coat has acknowledged multiple weaknesses, security issues and vulnerabilities in Blue Coat IntelligenceCenter, which can be exploited by malicious, local users to disclose sensitive information and bypass certain security restrictions, by malicious users to disclose sensitive information, bypass certain security restrictions, manipulate certain data, gain escalated privileges, cause a DoS (Denial of Service), and compromise a vulnerable system, and by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain system information, bypass certain security restrictions, and cause a DoS (Denial of Service).
37346eb2b70fc348afadcdfd6e2f0347ef6aa220a8480858bf8f402f63e394d6
Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Rational License Key Server, which can be exploited by malicious people to compromise a vulnerable system.
253417d4c931a847a1a0f958f5ce13b5ccdc30615a85465b8f613dfadcbce559
Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Telelogic License Server and IBM Rational License Server, which can be exploited by malicious people to compromise a vulnerable system.
2079ac0d1657d52c2aa7c16665ff6905dbee58d463251762666ac92ea62cae5b
Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
9c0822785fc67e26efb8775672c06e58ca4ae2f270e9aa218b6cb388af81f732
Secunia Security Advisory - Red Hat has issued an update for php53 and php. This fixes two vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
b293b423d770ae9f831d89508981279fc240fcbecb7ea6c33ebfe9ed2fcc795b
Secunia Security Advisory - Multiple vulnerabilities have been reported in @Mail Server, which can be exploited by malicious users to conduct script insertion attacks.
0fc17f46e4b0c1ecc6fa9740106360a782cdc01018c6f6348a10b6f7972a348b
Secunia Security Advisory - Ubuntu has issued an update for linux-lts-backport-maverick. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and to cause a DoS (Denial of Service).
6ae66286353f3902f17748e2ad71c960871bf5d64fcc72290898d790c11a30c7
Secunia Security Advisory - Ubuntu has issued an update for linux-mvl-dove. This fixes one vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
4b5995520da2fcce4b427eb23f816128c4cb8116fac5d3f29ba1bd15dc3f8638
Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes one weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
d24f833ce9e21adf4422a1921d10f9dcb4d4bad2b3eb588121f71e67a8da11ca
Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
8fb83759fd36becb038f2a5a5cc35ecc0226d5cfbfba1e9068392b494a59bd2d
Secunia Security Advisory - A vulnerability has been reported in multiple MailEnable products, which can be exploited by malicious people to conduct cross-site scripting attacks.
900ad96f4fa3d8ce8257e61f01a60109e22dd3241a17da9c8a4e3dc645a696e3
Secunia Security Advisory - A vulnerability has been reported in multiple MailEnable products, which can be exploited by malicious people to conduct cross-site scripting attacks.
ecbdad318cb59152f13e745103a49a85205552eac17a80cb7927542d38030cd5
Secunia Security Advisory - Two vulnerabilities have been discovered in the Count Per Day plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
4d8ae5c250045774aa66bd6c2affbfa409998da7ea0877aca963ab5e14bfffa7
Secunia Security Advisory - SUSE has issued an update for libxml2. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise an application using the library.
2c833458d64b54fa4421270d388ee9b4a01c2fc297d2c179bbf8b8477be83ac9
Secunia Security Advisory - A vulnerability has been discovered in the HD Video Share component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
c5bb91a125bc018c3abd83725eaa9a934e36f7bab4607782759cb71fc57838a1
Zero Day Initiative Advisory 12-016 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Diagnostics server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way the HP Diagnostics server handles incoming packets with 0x00000000 as the first 32-bit value. The magentservice.exe process listens on port 23472 by default. It will eventually take that first dword, decrease it by one and use it as a size value to copy data into a stack buffer. The resulting stack-based buffer overflow can result in remote code execution under the system user.
f89cf1cca7956e3476a79653108a775954c6207b163d593dad96b7179e74c5f5
Zero Day Initiative Advisory 12-015 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP MSA 2000 G3. Authentication is not required to exploit this vulnerability. The specific flaws exists within the web interface listening on TCP port 80. There exists a directory traversal flaw that can allow a remote attacker to view any file on the system by simply specifying it in the default URI. Additionally, the password file contains a default login that can be used to authenticate to the device. This can be leveraged by a remote attacker to perform any tasks an administrator is able to.
efef31e729581273d43acf86536cbf3cf65886fa8a51dab225bf70b406583cb8
IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers. Revision 2 of this document. This revision includes, among other things, a discussion of possible issues with SEND as a result of IPv6 fragmentation.
a8b7a492cc8ab102f8884547a7f042ea0e94a1cdbbad648050eb655bf675f524
MailEnable Professional and Enterprise versions are prone to cross site scripting vulnerabilities as the user-supplied input received via the "Username" parameter of the "ForgottonPassword.aspx" page is not properly sanitized. Versions 4.2.6 and below, 5.52 and below and 6.02 and below are affected.
cab4ee58932f48fbb2493be671b4513aaa7da0caa31bfdb2f95731c6adf0d732
Mandriva Linux Security Advisory 2012-004 - Multiple vulnerabilities has been found and corrected in t1lib. A heap-based buffer overflow flaw was found in the way AFM font file parser, used for rendering of DVI files, in GNOME evince document viewer and other products, processed line tokens from the given input stream. A remote attacker could provide a DVI file, with embedded specially-crafted font file, and trick the local user to open it with an application using the AFM font parser, leading to that particular application crash or, potentially, arbitrary code execution with the privileges of the user running the application. Various other issues were also addressed.
f9a48e9ae40316e20b4d213e0862b9dee1e34ba82c1cf80d054005a9862897ce
Zero Day Initiative Advisory 12-014 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor ActiveX control (CLSID: {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9}). By passing an overlong string to the LoadXML() method it is possible to trigger a heap corruption vulnerability. A remote attacker could exploit this vulnerability to execute arbitrary code on the affected machine under the context of the user running the Internet Explorer process.
4c0d8147a4cc744a03c4b805f15c9dfd3c1b87e71dd48d95d2810e446ce52c6d
HashCollision denial of service proof of concept exploit written in Python. It generates the payload on the fly and sends it to the server.
9ea223d1751dc755d5ba16393c4065f1bda060687cfe5211724fcb29a994c2c5
YABSoft Advanced Image Hosting Script suffers from a remote SQL injection vulnerability.
3489b2d8762d7b2212e2012148ac474b5fa37010d94ac80b6cd32c026b0a8645