Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
a3eb1d8d5c24874e5cfa543fddcd28a558fcae234cbe1999f81e9a5992de2549SoftBizScripts Hosting Script suffers from a remote SQL injection vulnerability.
0c9b13a3a2f89999e72bb06578ec5b39a4d95566fcfdb3dee94359b77e2e11a5SoftBizScripts Dating Script suffers from a remote SQL injection vulnerability.
50e83f42dd7c942695260a3f890e816fcc4e04c28cfae023022b535d59ad7a18GeneShop version 5.1.1 suffers from a remote SQL injection vulnerability.
e27fb6ff783e27237acb6378e2f7a39ac29fe667c01212e5878147c63fa43727UBB.threads 6.4.4 Forum suffers from a cross site scripting vulnerability.
8cc680403713d3f0b758dc6cc5bf4bf3163c0a46dc3143b365ac7496c0847821Microsoft SharePoint Server 2007 suffers from a cross site scripting vulnerability.
1a31485d6b626dae460a2e3b7d0478f8e6364c68f3ca848d96c887bc981501cfMandriva Linux Security Advisory 2010-084 - Multiple Java OpenJDK security vulnerabilities have been identified and fixed. Packages for 2009.0 are provided due to the Extended Maintenance Program.
312b3c1da3613bba6dee3a18734818e0ba9d2e9be62220fe962af073b0b2a26fMandriva Linux Security Advisory 2009-332 - Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow. Additionally the patch for in MDVSA-2009:296 was incomplete, this update corrects this as well. This update provides a solution to this vulnerability. Packages for 2009.0 are provided due to the Extended Maintenance Program.
d2b192cd78da8edd2e68f462274472b050263f13b309e1cab890312f91302408The Joomla Wap4Joomla component suffers from a remote SQL injection vulnerability in wapmain.php.
331b9a8efe96a951f20193899004794dd17f40ae7d253aca823fcb3dc75f1854Tele Data's CMS version 0.9 suffers from a remote SQL injection vulnerability.
4c34f67555fc70368e4139fb4d22613428c7d1dcbf726225359040eb6bda3ba3Mandriva Linux Security Advisory 2010-085 - The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for ICQ and possibly AIM, as demonstrated by the SIM IM client. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Other issues have also been identified.
209643718e8208dbef837eae2a003ecf460b9808598317b3e97888b1d0d1d215Mandriva Linux Security Advisory 2010-078 - The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ., which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. Packages for 2009.0 are provided due to the Extended Maintenance Program.
434d5ae46530ca84b4e40cec180a734b59057077f1e870dbe4462b04e8ee1772Safari versions 4.0.3 and 4.0.4 stack exhaustion exploit.
938050b12d8e854b8d626299c5b02d2478693ccb82a3c9f2f0e60fae7b36d4e9Zero Day Initiative Advisory 10-079 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication provided by the administrative web interface and is only present if it is configured to use NTLM. The vulnerability can be triggered by specifying invalid Base64 string within the Authorization header. If the string is not proper Base64 the vulnerable function returns -1 which is not verified and is later used as a length to a string copy routine.
82b64874e461a91bd5206c27ae63f5c67cc13feabbf3505aea024977b045e5c3Pligg CMS version 1.0.4 suffers from a remote SQL injection vulnerability in story.php.
dfceebf1ddd3ae78d3a60379a8dc3112aaa232992645d2692e33ac0e33757e1dThe Joomla JE Property Finder component suffers from a remote shell upload vulnerability.
785f540949c9284b75d6f445e1195de9237e568cf2d1391438029433492dab0dSafari 4.0.5 and Internet Explorer 6.0 / 8.0 suffer from a canvas tag denial of service vulnerability.
3d68e03674c167cdb9f2be68ee115a16ce37f9b9fa334ccac260022a178880a3WhatWeb next generation web scanner identifies what websites are running. Released at the Kiwicon conference (kiwicon.org) in Wellington, New Zealand. Written in Ruby for Linux. Flexible plugin architecture with over 70 plugins so far. Passive plugins use information in the headers, cookies, HTML body and URL. Aggressive plugins can identify versions of Joomla, phpBB, etc by making extra requests to the webserver.
aceeab845573c4cd8661eb2c47f2086cfd6616595069ba6227bdfd86bf423c08Secunia Security Advisory - A vulnerability has been discovered in Acoustica CD/DVD Label Maker, which can be exploited by malicious people to compromise a user's system.
eaa4403036d68be10166456f3637ab7a38ab363c6354bbd0e4e17151429375b3Secunia Security Advisory - A vulnerability has been discovered in the Graphics component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.
d3a5aae0a775c70713d935096f2d2ad15dbad1ede414c0b38d6c02dd6b0d6196Secunia Security Advisory - A security issue has been discovered in Portaneo Open Source
5ba30ee467a99f29aea9aa861372f132fcf214cd3ec4eb6ae04109e1160ccb03Secunia Security Advisory - Some vulnerabilities have been reported in 2daybiz Advanced Poll Script, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
201ef179a467ad185d1def62f22ccfad25c1adb2f2e4e87311cf7a1413ade8feNIBE Heat Pump remote command execution exploit.
b7be4c5b5ec76e2e1bcc110e78615b4b3669adf96f53c1be031eb2ddf00f317aNIBE Heat Pump suffers from a local file inclusion vulnerability.
5d6ba859f170a18e649cc2161fb852dee7d942ed4650f159f9fdb80c12ad5f67OneHTTPD version 0.6 suffers from a directory traversal vulnerability.
c50fa9a39158c2c8478a3d3c8759333a933c6d5abd2674ab2675ae566345553d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed