Secunia Security Advisory - A vulnerability has been reported in Sun GlassFish Enterprise Server and Java System Application Server, which can be exploited by malicious, local users to manipulate or disclose certain data.
145eb52a4799c0a95d8f1674427088f8da0ad0d33bb972225cbfc4050015fff3
Secunia Security Advisory - Multiple vulnerabilities have been reported in Sun Solaris, which can be exploited by malicious, local users to manipulate or disclose certain data and cause a DoS (Denial of Service), by malicious users to cause a DoS, and by malicious people to conduct cross-site request forgery attacks, cause a DoS, or to compromise a vulnerable system.
bfd947a8098a77dac5684b952f4d97e3b3c4f8ea5ea7ba8f1b689606bd2f35ed
Secunia Security Advisory - Fedora has issued an update for qt. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a user's system.
5dff9eb9e1a44f4b0fc5b2c713a7e7def47e2971ed3342b2ecebc00ec7a7f7a8
Secunia Security Advisory - A vulnerability has been reported in I2P, which can be exploited by malicious people to disclose potentially sensitive information.
2b9046434e4a29264c4cf0db1d8f582890fb0fa4bdce3fdfe4f9e0e86a9eae58
Secunia Security Advisory - A vulnerability has been reported in OlyKit eBay Clone Script 2010, which can be exploited by malicious people to conduct SQL injection attacks.
ff949c9fe3a10a15c5d4424d9502a8ee1eaa7fcd640bae6a106a5845cedd8071
Secunia Security Advisory - Some vulnerabilities have been discovered in Mortgage and Amortization Calculator Script, which can be exploited by malicious people to conduct cross-site scripting attacks.
2c5fb3cd2cd274b639a7af55ed8109fc69f589e38f1a69ecfbdef86fd4147003
Secunia Security Advisory - A vulnerability has been reported in 2daybiz Custom Business Card Script, which can be exploited by malicious people to conduct SQL injection attacks.
ef06d97be93e122446f81e853aaf55710e50e9776204b692f98c634ad76e6062
Secunia Security Advisory - Oracle has acknowledge a vulnerability in RealPlayer, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
668a9fe13ca28e02b9f92932b216801b98415f946a11b5a361314b091fca6e03
Secunia Security Advisory - Oracle has acknowledge a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise an application using the affected library.
de7cc1675c8ee2e99f6a38a0681b744f5e7504a67c415c7a6d16e53e40a8a2fa
Secunia Security Advisory - Some vulnerabilities have been reported in FreeType, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
f13fb1602cacd20209f7400f95d487444768ab9194876eab54e2210ce2c3555b
Secunia Security Advisory - Ubuntu has issued an update for ghostscript. This fixes multiple vulnerabilities which can be exploited by malicious people to compromise a user's system.
3f9a8f84cea48760244ca91070f3a82a0b3b302bf519e40ec9f445cd91119178
Secunia Security Advisory - A vulnerability has been discovered in Campsite, which can be exploited by malicious people to conduct cross-site scripting attacks.
e9ff24860ec16780e5fbcec629b8f97b1514a7852a8cf22560f4433d545ba0b1
Zero Day Initiative Advisory 10-125 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the solid.exe process which listens by default on TCP port 1315. The code responsible for parsing the first handshake packet does not properly validate the length of the username field. By crafting an overly long value in the request an attacker can exploit this to execute arbitrary code under the context of the SYSTEM user.
09a594428fe5144b5d55c44a064d4fd3f3446333fdced8903b468d07f28a9aa3
Zero Day Initiative Advisory 10-124 - This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit these vulnerabilities. The specific flaws exist due to how the application passes CGI parameters to the internal obtool binary running on port 443. Due to improper filtering of user data a specially crafted request could lead to arbitrary commands being executed under the credentials of the service.
f3eb8b93e738858b3c6e2a5e1d54e8b3d36f41f83639ca0370ec81c55f379812
HP Security Bulletin - A potential security vulnerability has been identified with HP OpenVMS Auditing. The vulnerability could result in a local disclosure of information or elevation of privilege. In addition, a potential vulnerability has been identified with HP OpenVMS on Itanium platforms. This vulnerability could be exploited locally resulting in a Denial of Service (DoS).
39c0d11da89787baaf3c0b0dac7b12f69810b7a422b6fbe96bac6ceb6c5154b0
Virtual Security Research, LLC. Security Advisory - Over the last several years, VSR analysts had observed unusual behavior in multiple WebLogic deployments when certain special characters were URL encoded and appended to URLs. In late April, 2010 VSR began researching this more in depth and found that the issue could allow for HTTP header injection and HTTP request smuggling attacks.
5d7636d4025d8667dd9edaf1762d3650f321ba8bf02999b83dd50d2261a56eff
Technical Cyber Security Alert 2010-194B - A large amount of Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
5d39915f295318f0c13ddb691bc6cb2e44b7ba729140fe7a42d65b94d3861c77
There exists a vulnerability within a function of the ToolTalk database server (rpc.ttdbserverd), which when properly exploited can lead to compromise of the vulnerable system. This vulnerability can be triggered by creating a fake database (.rec file) on the system and calling remote procedure 7 of ToolTalk database server pointing to this database, leading to a heap overflow.
d52652680c2282a365582b370699c7a5d7ea1fad7ca3f74abec30bf475ffe69d
Secunia Security Advisory - A vulnerability has been reported in Sun Java System Web Proxy Server, which can be exploited by malicious people to disclose potentially sensitive information or manipulate certain data.
9e38ee7821a9e97f8ea435a18129da2d9107e23fd62c488d8c4f8ba1b999d99b
HP Security Bulletin - A potential vulnerability has been identified with HP Client Automation Enterprise Infrastructure (Radia). The default configuration allows remote disclosure of information.
3b5831b3d034e6ac87804180979c6933c321dabfa21793949265ae24a6fbd436
VUPEN Vulnerability Research Team discovered multiple vulnerabilities in Winamp. These issues are caused by integer and buffer overflow errors within the "vp6.w5s" component when parsing malformed Flash Video data, which could allow attackers to execute arbitrary code by tricking a user into opening a specially crafted FLV file. Versions 5.572 and below are affected.
8fbaac671d34798bc99f557cfffe222926f9d45cd0c0e2cf9cd4975d2e5732d4
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of commands sent to the obscheduled.exe service listening by default on TCP port 1026, or 1027. Due to a lack of bounds checking on a specific command sequence the program stack can be overwritten with user controlled data. Successful exploitation can lead to remote system compromise under the SYSTEM credentials.
b97beb4e58e46d6a4719bd8417540a0d0f63bac1d2dbac31e1272e615cc3a6b5
Arora Browser version 0.10.0-1 remote denial of service exploit.
464a693b68d3103f918fcc7e499c7c5254f3704fc1386ad5554d93f7f6e7452d
Diferior CMS version 8.01 suffers from multiple cross site request forgery vulnerabilities.
68862d8b3ca0cb1db27ff9190373f9678f4390b26c98b6114cd729d40e073a6d
Zero Day Initiative Advisory 10-123 - This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. The specific flaw exists within the register globals emulation layer which allows attackers to specify values for arbitrary program variables. When specific parameters are specified via the URI it is possible for an attacker to bypass the authentication mechanism and reach functionality otherwise inaccessible without proper credentials. This can be leveraged by remote attackers to trigger what were post-auth vulnerabilities without valid credentials.
1b6cb7c2d8ebbfb8aa18f8b3517e80976924e54abe93a72aade5cc60697221de