This archive has a whitepaper that discusses research and methods used to circumvent Microsoft Windows 7 and 8 memory protections in order to execute arbitrary assembly code. Proof of concepts are also provided.
c8e610b00b7c56c4bacab2f28c7776039d77d68be2dd25ef959f8e2a888d5f82WordPress SolveMedia version 1.1.0 suffers from a cross site request forgery vulnerability.
d6d5e137bc5f0fd2a00a14895fd74b59860d9438f3c86d91c1becb0e2045422eSQLiteManager versions 1.2.4 and below suffer from a remote PHP code injection vulnerability.
61d7e00826c1ad6e61312d9904f3e661a3f1f6e54ab615e5b0e96b810b66f878iCart Pro version 4.0.1 appears to suffer from a remote SQL injection vulnerability.
3b48b3579020811b9ff44226fda4004419b2ed8fa19f76a27cc1df8a74f23ac0PHP Weby Directory Software version 1.2 suffers from cross site request forgery and remote blind SQL injection vulnerabilities.
572d1b20768e8331c2b66eac4d6d1dc5cfdf85fc241f40af5ca5afd11e3ac57fKMPlayer versions 3.5.0.77 and below suffer from a denial of service vulnerability.
21636c8ad96d39b661590a210d00122e1737eabf00f768fb403dac06928de73bSecunia Security Advisory - A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
9c6556bca23c048f0b21f2cc4a53b48db77f739dc15c918270eb7bb250f3f08cSecunia Security Advisory - Debian has issued an update for ircd-ratbox. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
d80e0dc410274fc7b4291c8e4be8fc461ccb0a1e008c629c3991c1582b380fdbSecunia Security Advisory - Multiple vulnerabilities have been reported in Wordpress, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks and disclose sensitive data.
18e0bf4a9e6d6ca0bc10d1b6994e5f0ffa380335b0cbcd3bf6cdd04bc44df398Secunia Security Advisory - Compass Security has discovered two vulnerabilities in iTop, which can be exploited by malicious people to conduct cross-site scripting attacks.
7baa54ea2cac302e37fe766ca2d24c6a34715dafd889ed0c3a03fecaac3b94a3Secunia Security Advisory - IBM has acknowledged two vulnerabilities in IBM InfoSphere BigInsights, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service).
b520cd41aae56b88bb5e74afe15043e674f77660f2b56752a5414e88d2969863Secunia Security Advisory - A vulnerability has been reported in django CMS, which can be exploited by malicious users to conduct script insertion attacks.
fb46424fe8cf1454199d9752e1034c6aeff5ffd0ef0958013839a01954942385Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Application Platform and JBoss Enterprise Web Platform. This fixes a weakness, a security issue, and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, by malicious users to bypass certain security restrictions, and by malicious people to conduct cross-site scripting and request forgery attacks and bypass certain security restrictions.
3405cdd6431e68300c07c23aa8a5a5602e14e562c27c457f846b0462f31fec43Secunia Security Advisory - SEC Consult has reported a vulnerability in F5 Products, which can be exploited by malicious users to disclose certain sensitive information.
bdc7650d7f6706573471a261d84b1730240f50336290596f0b2afd49530c25f7Secunia Security Advisory - SUSE has issued an update for WebYaST and SUSE Studio Standard Edition. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.
69e545b46ae1587cecb24bcdf945b32484df927fa42edb3d47fb71a398862ec6Secunia Security Advisory - SEC Consult has reported a vulnerability in F5 Products, which can be exploited by malicious users to conduct SQL injection attacks.
69a4c850aef387d706b84993b40451f061176579a14bb0f6d1e5f31769fff148Secunia Security Advisory - SUSE has issued an updated for libtiff. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
408532807286f17437e2f1297d3acd50f7f3f34a3a7bfc5b26c6ad9d74dc025bSecunia Security Advisory - ERPScan has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to disclose certain sensitive information.
5158d33fd0d4e77692c4037ff3e400431f340ed166e4ecbb1dd30cc90b113305Secunia Security Advisory - A vulnerability has been reported in Google Web Toolkit, which can be exploited by malicious people to conduct cross-site scripting attacks.
a050f92cfe9d28ec8c853af2dddc6a0e8b68b90c1ff4749aa8b44bd0fe630825Secunia Security Advisory - SUSE has issued an update for squid3. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).
40a92c0286c465efe428e5514ca335ba697b2ee319cb96287a056568ae926408Secunia Security Advisory - Two vulnerabilities have been reported in GE Intelligent Platforms products, which can be exploited by malicious users to disclose certain sensitive information and compromise a vulnerable system.
e0c3d2920eb435ad86a8257df7eaaace988cf8af237633bdb24fbbfc3394a594Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
1fd7fc3f804fc5bc661a8c3c576a62fa5e41889c93bbefaa6d1c9abe4d811694Secunia Security Advisory - Charlie Eriksen has discovered a security issue in TripAdvisor for iOS, which can be exploited by malicious people to disclose sensitive information.
739f46801df346d6ef8fa0ee8402761f3a0b49813672d4b1e3ab3db5ccdcc254This exploit abuses a buffer overflow vulnerability in Novell eDirectory. The vulnerability exists in the ndsd daemon, specifically in the NCP service, while parsing a specially crafted Keyed Object Login request. It allows remote code execution with root privileges.
41c7d577cabf17bf6074aed42966e6f700d82cb01279178ff1582300f49a6054This Metasploit module can be used to execute a payload on MoveableType (MT) that exposes a CGI script, mt-upgrade.cgi (usually at /mt/mt-upgrade.cgi), that is used during installation and updating of the platform. This allows for code injection.
9f1569dcdb5b14c9f7ccc437f947a2040582d389fc39d6d3e38a34b0a7f83d25
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed