Astaro Security Linux version 5 suffers from a cross site scripting vulnerability.
2261ead9e6b6144d6943b5c850cea15c286f0db6262083c728ec6f512148ee18Ubuntu Security Notice 916-1 - Emmanuel Bouillon discovered that Kerberos did not correctly handle certain message types. An unauthenticated remote attacker could send specially crafted traffic to cause the KDC to crash, leading to a denial of service. Nalin Dahyabhai, Jan iankko Lieskovsky, and Zbysek Mraz discovered that Kerberos did not correctly handle certain GSS packets. An unauthenticated remote attacker could send specially crafted traffic that would cause services using GSS-API to crash, leading to a denial of service.
df591f94dbb4d50dea322b699e1c376ae7a8357f3687817b6e910bc94d5e7374The Joomla AML 2 component suffers from a remote SQL injection vulnerability.
d2c5697c6651355872755ff784af8742a5607967333ec4f04a73d162f23bb63fSpringSource Hyperic HQ suffers from multiple stored cross site scripting vulnerability.
10513634324c50825e0c403f5eec29293c1318a9c53dd4584caab3a181828a8cThe Joomla Property component suffers from a local file inclusion vulnerability.
f1c77cc20064cae43fb3d7c3379f7e84a45e6cb2d9906b106bb58c2c5fe81005MIT krb5 Security Advisory 2010-002 - In MIT krb5 releases krb5-1.7 and later, the SPNEGO GSS-API mechanism can experience an assertion failure when receiving certain invalid messages. This can cause a GSS-API application to crash.
8b74aaf71f23d59e52c2c5e99d47fcfed5c74bdf28f1258ddc4c501fa74f3d46An insecure method vulnerability was discovered in SAP GUI version 7.1.
fb5ab0d8fa2ba1868b3e8cbfeabe5e49d3c31ce147b9ae7b2cecbb64d443fa95Mandriva Linux Security Advisory 2010-065 - Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more (colon) character. The Tar package as shipped with Mandriva Linux is not affected by this vulnerability, but it was patched nonetheless in order to provide additional security to customers who recompile the package while having the rsh package installed. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
c76ad343a946323626106b13f5b4855856acd6a8f4429eacd64b5224b9fafda3Insky CMS version 006-0111 suffers from remote file inclusion vulnerabilities.
8ef1ad1000e2f7e68ed20463fe7cee218e0f9537e3bd8750645d7c5bceb01777Zephyrus CMS suffers from a remote SQL injection vulnerability.
8a97fc8df49e399fd3ec3bbc77c7066826e8dc2325d5ed5e6223d2f925c4ba7aMandriva Linux Security Advisory 2010-064 - The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a decompression bomb attack. The updated packages have been patched to correct this issue.
52bdeb309fd76b71a6352ae379f9f22cb80420aa96750cb8c44c02015c8c73baXataface suffers from a direct access administrative bypass vulnerability.
8576077ddcd5bbad12a1e239893220b5ee9df452d1d64d4ab7e63fe3aca17f15The Joomla SMEStorage component suffers from a local file inclusion vulnerability.
7e1e2482c3a68392517b901bb2ce423b992ddc69a4af050472cb58c61c463bf4CaptchaSecurityImages suffers from bypass and denial of service vulnerabilities.
d9bbdb27d0c50c661e7a0e376a196895390c8c310db1f1c9c839589469c690deGameSec 2010 Call For Papers - This is conference on decision and game theory for security. It will take place in Berlin, Germany November 22nd through the 23rd, 2010.
d556f79f7c3b159eb51737b24cff2dc0b012a6ef5c1cfd125dd3678b26a6b020Debian Linux Security Advisory 2022-1 - Several vulnerabilities have been discovered in mediawiki, a web-based wiki engine.
f3a32970fa2d967d9f265d868d8376d9a0bdb4f71aae63781b80182096d79956The Joomla J!Research component suffers from a local file inclusion vulnerability.
41d26cdd711fbf47c1e76331f94770cac625e472124cb9de37877fe3958c8d96The Joomla CB component suffers from a remote SQL injection vulnerability.
0d822aeec88372ff742aac4184eb19151b6c0da582115b998e9077bacbee253aThe Joomla CX component suffers from a remote SQL injection vulnerability.
6ec4e9acd60770fe870b28fb92f1b4d1bf677e6462fa3c284c029847ce6c5669The Joomla GDS component suffers from a remote SQL injection vulnerability.
3c71a7e4c19499073a3f132009c27ea6320fc7c411d48e488585ac725f23b03aMultiple Lexmark laser printers suffer from a remote stack overflow vulnerability. Proof of concept code included.
9564488c97337d98ee78100dfc8337f082171206d5b27fc78d0fca2bd0e3c6a7The Joomla Jwmmxtd component suffers from a remote file inclusion vulnerability.
af3afe913e904f5925db3c43782ce49b21d280eeeb89fcb2a67b2ba2cc41a6f9Mandriva Linux Security Advisory 2010-063 - Multiple vulnerabilities has been found and corrected in libpng. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.
bb40c36ef163b50cd37a269e72df1ec850d1d50076f83046465dc77f238490a6MX Simulator Server version 2010-02-06 remote buffer overflow proof of concept exploit that spawns calc.exe.
37d5b28afb8e0fb8912fa25827309ea8a464bf7f4cb359d4f18fff32df8b1422UHTTP server version 0.1.0-alpha suffers from a path traversal vulnerability that allows for file disclosure.
c1050cb7ae93e9d5985ec9474b3e3df4cd8679492ffe9218f6d24eab892ae6bf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed