The file hosting company rapidshare.de suffers from XSS.
1fdb3fdcf2c1703ef2f288d31623370f558d9fdec694b9db6ad888f6fd180975
Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability in Microsoft Excel which may allow an remote attacker to execute arbitrary code on a user's system via the Internet Explorer Excel plugin.
ae3fa0f5a241dad53b8e479a4f415eafdf832a665751a40879f0c424a0e30182
SCO Security Advisory - OpenServer 5.0.6 OpenServer 5.0.7 OpenServer 6.0.0 : Multiple System Libraries Vulnerabilities.
3799edee6ac32c542aede100f28a5107cb7f3c2ef49e8f8d016a6fb4ec946993
CyBoards PHP Lite v1.25 suffers from SQL injection in post.php if magic_quotes_gpc is turned off.
25b52c8d14bf14e8abc261c3a2e971ada7de713336f7557a65f7c4c4b85b198a
ZDI-06-004: Microsoft Excel File Format Parsing Vulnerability - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file.
a0c168dd9a6b74618d3909d5c5b9a80f23f43b21f2ff0028aac086c8782d0f4b
Debian Security Advisory DSA 1000-1 - An algorithm weakness has been discovered in Apache2::Request, the generic request library for Apache2 which can be exploited remotely and cause a denial of service via CPU consumption.
40ce11e423958803cd6f34b3875a36c5b027ee35bced69975c732fd5043adb79
Debian Security Advisory DSA 1001-1 - It was discovered that Crossfire, a multiplayer adventure game, performs insufficient bounds checking on network packets when run in "oldsocketmode", which may possibly lead to the execution of arbitrary code.
53cfd63a734f307c40a9aa16b6e310a1b2796768146d6c3d03f2a349888a3a83
Debian Security Advisory DSA 999-1 - Several security related problems have been discovered in lurker, an archive tool for mailing lists with integrated search engine. The Common Vulnerability and Exposures project identifies the following problems:
8d40e6dd9881e3a931ef4b35ac1684269baecb1c78e712b9fb6d528d057968b3
Debian Security Advisory DSA 998-1 - Derek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in libextractor, a library to extract arbitrary meta-data from files.
c9dee64dbe3ea1494037f463cf861944bf0df7bde978dbdd6282e844cd77bf4c
DMA[2006-0313a] - Apple OSX Mail.app RFC1740 Real Name Buffer Overflow exploit.
13f2fb6a69d07991ff1a09e325d85755140c6c20f25a04064067a182186dfc6b
DMA[2006-0313a] - Apple OSX Mail.app RFC1740 Real Name Buffer Overflow - After applying Security Update 2006-001 Mail.app becomes vulnerable to a buffer overflow that may be triggered via a properly formatted MIME Encapsuled Macintosh file. Sending a file in the AppleDouble format with a long Real Name entry will invoke the overflow. Reading through RFC1740 should provide enough information to trigger the issue. The overflow is triggered by the file that contains the AppleDouble header information.
3edf284ed4ed9d45709010aab5c5a4c039e10a8f50cc01ac609017ae27a9b392
Drupal security advisory - Linefeeds and carriage returns were not being stripped from email headers, raising the possibility of bogus headers being inserted into outgoing email. This could lead to Drupal sites being used to send unwanted email.
1593c14061e40cbca8c0485ff8815eba5d4b704873ddee25db55fc17670c175f
Drupal security advisory - If someone creates a clever enough URL and convinces you to click on it, and you later log in but you do not log off then the attacker may be able to impersonate you.
26113c5ba32f52f8db7685785893b4a4abc1f3d1aa53eeca7cd3a86b2f451d71
Drupal security advisory - Some user input sanity checking was missing. This could lead to possible cross-site scripting (XSS) attacks.
22f936336daa931de712205477052d81713d84109b43fdabb0f8356a104eef4d
Drupal security advisory - If you use menu.module to create a menu item, the page you point to will be accessible to all, even if it is an admin page.
f20adb72ea5aba1fdfa5c3383930de33cb89aed2f989f96dda0a5fe814bf3ee3
Mandriva Linux Security Advisory - Another vulnerability, different from that fixed in MDKSA-2006:043 (CVE-2006-0455), was discovered in gnupg in the handling of signature files.
b5a38011b033b4c3bd0c78852b1633c0a5511f55d78f512a29f988eccc5d60af
On vBulletin, with vBookie installed, it is not possible to donate a negative amount of VChips to yourself or another user; however is it possible to alter the input string to get around this limitation and donate any amount you want to your account, or that of another registered user.
c9a8716ac4b6ee639e8755edcb7c93a6b66ba2e14c11e65a76b462183f26fe99
Secunia Security Advisory - Remco Verhoef has reported a vulnerability in Gemini, which can be exploited by malicious people to conduct script insertion attacks.
493ded37d0c7a29db798935516b2ab0ece92032ccaf4bd40ee48894675eefe8c
Secunia Security Advisory - Debian has issued an update for libapreq2-perl. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
8c9f8590044a88b2fe48ad3955a228f19935d7482a66bb97670f935ebdd551ca
Secunia Security Advisory - Debian has issued an update for lurker. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, and disclose and manipulate sensitive information.
af81950324e70d5a74784fbc2e6cc9898d1f301c3931bfd2176803fcc9e7a0d9
Secunia Security Advisory - Debian has issued an update for libextractor. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
7869871de632509e9be138b6fea7fcd231d72dccc36789445c60e8afabecfe60
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered multiple vulnerabilities in DSLogin, which can be exploited by malicious people to conduct SQL injection attacks.
494381e199ed995f4151dfb6a9ebdbce0956e0b0aaafdfe55342bd088d724873
Secunia Security Advisory - Slackware has issued an update for gnupg. This fixes a vulnerability and a security issue, which can be exploited by malicious people to bypass certain security restrictions.
e2f1460c051a34f82d6f7e42a386387788a507800f44389b1cf0052cded5c5e3
Secunia Security Advisory - Debian has issued an update for bomberclone. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
70c3349e9a88face431077e55ae1609abfd175987ae2d240cbeef2c0ed7cf3bb
Secunia Security Advisory - Aliaksandr Hartsuyeu has reported a vulnerability in Vegas Forum, which can be exploited by malicious people to conduct SQL injection attacks.
d83c835b00fe60dd8fcea937fcc6eb9b755ab207c2e9d38d8ea50f2e78ecd593