Ganeti versions greater than and equal to 1.2.9, 2.0.5, and 2.1.0-rc2 suffer from an arbitrary code execution vulnerability.
38ad9fb8176a29c49ef7d6bc05a8b7d39a8a5f0fd8c68eab4b4ac8fe36fc89c9
Winamp versions 5.56 and below suffer from PNG / JPEG data related integer overflows.
00ac4b07e29ca97458c3bf23efeb44c90db99bf75eae3b7d99c57c99fcb24140
Horde version 3.3.5 suffers from a cross site scripting vulnerability.
1627efc1a062f84d9d9c5667d6a97f0f55081228b23f76fefb6717a55faaf8a5
Cisco VPN SSL Clientless lets administrators define rules to specific targets within the private network that WebVPN users will be able to access. This specific targets are published using links in VPN SSL home page. These links (URL) are protected (obfuscated) using a ROT13 substitution and converting ASCII characters to hexadecimal. An user with a valid account and without "URL entry" can access any internal/external resource simply taken an URL, encrypt with ROT 13, convert ASCII characters to hexadecimal and appending this string to Cisco VPN SSL URL. Brilliant. Versions 8.x and below are affected. Proof of concept included.
eed08b404d2e80d03da94999244f8dcc1cc89b2c4db6f0ac79d11d118d8c4c7c
Sitecore Staging Module versions 5.4.0 revision 080625 and below suffer from authentication bypass and file manipulation vulnerabilities.
0021244a4c6cebaaec10e5a1c3d431de7999b29903a312e90b39f88e0151ebb6
SomeryC version 0.2.5 suffers from the same remote file inclusion previously discovered in 0.2.4.
f3ec16bd27b334c53f45b7a77fadbbce3355d1f6297ca6ec6a8f1c3f6b984e5a
Rumba XML suffers from a cross site scripting vulnerability.
d25348706003b40e96af4297734bb2cfcc34deef0399ab25849570e52107f78e
Hostmap is a free, automatic, hostnames and virtual hosts discovery tool written in Ruby and licensed under GNU General Public License version 3 (GPLv3). It's goal is to enumerate all hostnames and configured virtual hosts on an IP address. The primary users of hostmap are professionals performing vulnerability assessments and penetration tests.
a06c770c7aaaaaa5ceac444c53dcb693e0a188f472e1d9b614145219d8de7f17
Secunia Research has discovered three vulnerabilities in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by boundary errors in the Module Decoder Plug-in (IN_MOD.DLL) when parsing instrument definitions and can be exploited to cause heap-based buffer overflows via a specially crafted Impulse Tracker file. Successful exploitation may allow execution of arbitrary code.
ca49063a3ce1d04720b9450f40327282be08ce864b34b3207257c6a67a5ed246
Secunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the Module Decoder Plug-in (IN_MOD.DLL) when parsing samples and can be exploited to cause a heap-based buffer overflow via a specially crafted Impulse Tracker file. Successful exploitation may allow execution of arbitrary code.
07e9de28b9074addc7c2002be4bc50f5d8a928740507ce513ac4af97b163c2e6
Secunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the Module Decoder Plug-in (IN_MOD.DLL) when parsing Ultratracker files and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code.
da211724536ef1c0859a7361b4f4cf6b1b6866921c4d73d47b44411d27b7fdda
PHP F1 suffers from a remote shell upload vulnerability.
f8a3aaa2ecebf10bba91b9dd757a4fb77861c059319794df9cbaf53ec4392438
Secunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer overflow error in the Module Decoder Plug-in (IN_MOD.DLL) when parsing Oktalyzer files and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code.
123cb62bfd01bb8e6554db8f9fa0a7da3e9f532dcd856406860c649b903bde01
DBLog suffers from a remote database disclosure vulnerability.
e85613a71a24eadb016d3ee0b8e925f7a8c9faf13410733cfe77edb58692a5c5
Mandriva Linux Security Advisory 2009-334 - Multiple poppler vulnerabilities have been addressed though Mandriva failed to note them. Check the CVEs for additional information.
030273d5d33a240b7b1fd29191f45d4461d598cf3adb0356f63b653f5b433171
Basic PHP Events Listed version 2 suffers from a remote administrator addition vulnerability.
74ed9b3642d70d0412605811887c34ceccf76ce3536f5299e16f7330254e7f58
HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Storage Data Protector running on HP-UX, Windows, Linux and Solaris. These vulnerabilities could be exploited remotely to execute arbitrary code.
6cc8f95ed238f04230a64989f4543105eec588432c89532c7c415c015f512406
Jobscript4Web version 3.5 suffers from multiple cross site request forgery vulnerabilities.
065f02f1573dfa592a1aa6d0b782b4c891a70801860af56a5c95efcaf8bbc00b
Matrimony Script suffers from a cross site request forgery vulnerability.
1716b41e4bcc6a693df27ace159b8b94f99ea19d9dd8d331b16924ee294ded5a
Secunia Security Advisory - Debian has issued an update for xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct spoofing attacks, or compromise a user's system.
25a2538fec74e08bc6d336d10cba14c00c3465b00148729b1dbb7407aca0e276
Secunia Security Advisory - Maxim A. Kulakov has reported a vulnerability in multiple Kaspersky products, which can be exploited by malicious, local users to gain escalated privileges.
3ed36b5f9b1d604a9760c658a9e56ed5742a6d6999e0355612281237729ab11b
Secunia Security Advisory - Some vulnerabilities have been reported in ScriptsEz Ez Blog, which can be exploited by malicious people to conduct cross-site scripting, request forgery, and script insertion attacks.
87515113710eb062a6753aca3446f3116ef235ce80cdbe2ad9d336077bbe24dc
Secunia Security Advisory - A security issue has been reported in GNU Automake, which can be exploited by malicious, local users to manipulate certain data.
dc5a0bf1c63345153fc2af008d05c33860bda7796b89325f1675051b4db4fbf2
Secunia Security Advisory - Justin C. Klein Keane has reported a vulnerability in the Sections module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
8ce8527c3873d7d56989db9f9efd9a840d4e8e403faf408cb14e8a3846da161f
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco WebEx WRF Player, which can be exploited by malicious people to compromise a user's system.
8baa669dcbaf015922a456ac5d58e3d8b4ad6d55c31a05dd2f9d9442d6fc35c6