Secunia Security Advisory - Some vulnerabilities have been reported in Hal Networks products, which can be exploited by malicious people to conduct cross-site scripting attacks.
75006768d9b2e14c0aeb873531214a1d32faaa3706d6e4b2fcbb8015b61eb262Secunia Security Advisory - Secunia Research has discovered a vulnerability in XnView and NConvert, which can be exploited by malicious people to compromise a user's system.
36ea1c10d7da30267a2d2e6237789972bd64ee2745b5b260cce55928bc64a389Secunia Security Advisory - Mandriva has issued an update for mysql. This fixes a security issue and a vulnerability, which can be exploited by malicious users to gain escalated privileges or cause a DoS (Denial of Service).
5423fc2df908a3c7eb08303f355b80435f7088e85134d0b21ea9062f63cc03fcSecunia Security Advisory - ShaFuck31 has reported a vulnerability in AmpJuke, which can be exploited by malicious people to conduct cross-site scripting attacks.
2fcea3f777f9c3086299178714511b0eb02edcde12c32bee0d900e43c6485a7dSecunia Security Advisory - Larry W. Cashdollar has reported two security issues in the PatchLink Update client for Unix, which can be exploited by malicious, local users to truncate arbitrary files and to gain escalated privileges.
9b31536cdb411af7ccfa7e1895b28444cd1bff9de6ed0d8bfc654afbbd0ca6faSecunia Security Advisory - Russ McRee has reported some vulnerabilities in SoftCart, which can be exploited by malicious people to conduct cross-site scripting attacks.
32adc55e96420cc5024d0b4132a89efda1bd16fe7a4f250eb3dd5c9ff0480e96Secunia Security Advisory - Alexandr Polyakov and Stas Svistunovich have reported a vulnerability in Nucleus CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
76fb95f652270730901922e9f78d99696da488691807c80fcd5bbd11b62a01e1Secunia Security Advisory - GoLd_M has reported a vulnerability in Smart Publisher, which can be exploited by malicious people to compromise a vulnerable system.
93880f146d33e81691953e56eb03849d59cc54996e5146902f0d8746d9840270Secunia Security Advisory - enter_the_dragon has discovered a vulnerability in the AdServe plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
a3b70b432bfadb30c05d16e6c3853a3b105612139dbd7b68c1de4a9cdbc9ce7dSecunia Security Advisory - Alexandr Polyakov and Stas Svistunovich have discovered a vulnerability in phpCMS, which can be exploited by malicious people to disclose sensitive information.
863b9a5c58b24c7331dbf020e0112b366a5cc59c5eb025b4a2e6803d77e12a35Secunia Security Advisory - Secunia Research has discovered a vulnerability in GFL SDK, which can be exploited by malicious people to compromise an application using the library.
08a1e260f4593cbe0ef845450b7a0ad5a323b4e4f4063062e5426b0eba1a4320Gentoo Linux Security Advisory GLSA 200801-17 - Venustech AD-LAB discovered that an FTP client connected to a vulnerable server with passive mode and SSL support can trigger an fclose() function call on an uninitialized stream in ftpd.c. Versions less than 0.17-r7 are affected.
bd67b7eda977adc5ef431363341f83d40f36d1bb148bf0c727253e3615807bd7Gentoo Linux Security Advisory GLSA 200801-16 - Michael Krieger reported that a specially crafted DNS could prevent an authoritative canonical name (CNAME) record from being resolved because of an improper rotation of resource records. Versions less than 1.2.12.08 are affected.
94e75db6440ebd64855198a426cd4cf2ce3809bf22e77682527d4257aef4d440Gentoo Linux Security Advisory GLSA 200801-15 - If using the expression indexes feature, PostgreSQL executes index functions as the superuser during VACUUM and ANALYZE instead of the table owner, and allows SET ROLE and SET SESSION AUTHORIZATION in the index functions (CVE-2007-6600). Additionally, several errors involving regular expressions were found (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067). Eventually, a privilege escalation vulnerability via unspecified vectors in the DBLink module was reported (CVE-2007-6601). This vulnerability is exploitable when local trust or ident authentication is used, and is due to an incomplete fix of CVE-2007-3278. Versions less than 8.0.15 are affected.
172cdfb474f0118a788ae219c7fb68c7559798040452c1e1dd818d4e41193477Debian Security Advisory 1479-1 - Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
17d4d9a0f7ff8fa49e82e020f7eb075a2b6fdfd0fa9b97ccec62ce258d078174Debian Security Advisory 1478-1 - Luigi Auriemma discovered two buffer overflows in YaSSL, an SSL implementation included in the MySQL database package, which could lead to denial of service and possibly the execution of arbitrary code.
a5bbf52ada0eed00558dd1a430d49094c4ff97fb4f30e2ecbc418bf0d68e81a8LSrunasE version 1.0 and Supercrypt version 1.0 suffer from a vulnerability where an insecure use of RC4 is applied.
1cf8e9786da360cf50ea789c75e0f6efd6e2213c7f35d9e4714cb9803787e474PHPKIT version 1.6.4 PL1 suffers from multiple cross site request forgery vulnerabilities.
bd686a8d96632c15e6c574107869fd642622cbadb3de3bd820f5ae158927a167Tripwire Enterprise/Server version 7.0 suffers from a cross site scripting vulnerability.
09af4065e6fcef87f65af8a2296db2d3e52911057956746f184867eb19febcecAmpJuke version 0.7.0 suffers from a cross site scripting vulnerability in index.php.
03ad0e9b69cd6dcda374bd10f0aa448c28897d57287f35c400b695b83993ba95Nucleus CMS version 3.31 suffers from a cross site scripting vulnerability.
23a51b21913456595850de5b00ec1110c2edad6b9e1a21cd321af82207f78f25Using RATS to Audit PHP Web Applications.
21558bbde390cf9fb5dc409cfa0d9a46d9e6655b1fafaedd50ba7366e9e865bdBanner Student version 7.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
8403560c03cb62052635309d6308a8bf34755c36ce3b19d7edbec472976bb8c2A little ptrace()-based utility for process argument/name hiding. Works on most Linux 2.6 kernels/configurations (x86/x86-64 architecture).
c8189416cea76ef2b7593e1099350b755174245c2e87c027f52dae3aff4fe941Woltlab Burning Board versions 3.x.x suffers from a private message delete cross site request forgery vulnerability.
ee56416062f9a3aa1f182b35d87f3d93b648939643b7138045b19b2b1065441a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed