Secunia Security Advisory - A vulnerability with an unknown impact has been reported in DB2 Content Manager.
af9cc14e508d20381f35e0464f71fbe236d9f7d7bd11d5539955bfd159f83a8bSecunia Security Advisory - Avaya has acknowledged a weakness and a vulnerability in multiple Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
2f21b6a7fc7353b6738a244a4f61b451ba69650108f28122170549945c8914d5Secunia Security Advisory - r0ut3r has reported a vulnerability in Linksys WAG54G, which can be exploited by malicious people to cause a DoS (Denial of Service).
96703076c632de87640e56d5588fa6982e2898b7a6d437057f88d2abe80fad63Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
5d598c84237290fb9c430daeeabb47b0b0191d43df6b0f887114a9ddfefb623aSecunia Security Advisory - Will Dormann has discovered a vulnerability in SAP GUI, which can be exploited by malicious people to compromise a user's system.
8181a7b15ef60c99cf8665e055644c6cca1284af9d2e49c9f1a88f0c5cb094dbSecunia Security Advisory - A vulnerability has been discovered in WebEdition, which can be exploited by malicious people to disclose sensitive information.
385fee1072811fdcc954d9afbf9b403c7c0ff03976ba770bf8a222623d04fa2cSecunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some weaknesses and security issues, which can be exploited by malicious, local users to bypass certain security restrictions and cause a DoS (Denial of Service).
f500365af086dd97a61fa19c120e3ff4c351aa486ab8082693ab6a3d42c1bcd8Secunia Security Advisory - A vulnerability has been discovered in Podcast Generator, which can be exploited by malicious people to bypass certain security restrictions.
ae9ee8f179b102c65558742e95310770a921137c5262e5fe172515f7747d60d1Core Security Technologies Advisory - The Sun Calendar Express Web Server suffers from remote denial of service and cross site scripting vulnerabilities.
70c47cf0c1217dfc126f835834bf3fbffb2e26ed040905c0691ea08d84050823The PrecisionID Active-X control suffers from an arbitrary file overwriting vulnerability.
9593b464bae7b6dd5e4e3bb54e346c6d85741d2a877d6f62aa080e82180eb56fSAPDB suffers from multiple cross site scripting vulnerabilities.
20480cc38d05637406aaeaa81ff51bd746e7dc4ecc4867b684633b225b0e20acIBM WebSphere Application Server versions 7.0 and 6.1 suffer from multiple cross site scripting vulnerabilities.
4f4b7ea5a34c878402954e35424b0b14d0baca8469f28c98a9d163b1684dc0aewebEdition versions 6.0.0.4 and below suffer from a local file inclusion vulnerability.
58834c656aea83f86f4cd13324ad05f1cb9c4be232cb61dbebb8a926cce18b24UrlCrazy is for the study of domainname typos and URL hijacking. It generates domainname typo permutations then tests them to learn if they are in use, estimates their popularity and more. Typo types supported are: Character Omission, Adjacent Character Swap, Adjacent Character Replacement, Adjacent Character Insertion, Missing Dot, Strip Dashes, Singular or Pluralise. Urlcrazy is written in Ruby.
0accacdc470f20231ead2b7d06716604bea1e9f5beeab45ef44e05d06c52df45Positive Technologies Research Team has discovered multiple privilege escalation vulnerabilities in Trend Micro products. The IOCTL handler in tmactmon.sys uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate buffer data associated with the Irp object, which allows local users to gain SYSTEM privileges.
55ea736f59fb7ae8994b65029d905f7cae968eb2e5909d99df231a466897d933The Scout Portal Toolkit version 1.4 suffers from cross site scripting and SQL injection vulnerabilities. The SQL injection vulnerability was already previously discovered in May of 2008.
14f901b8058e4c69671750adba1d4df98618baa6973d8c4082742eb36b4d3b76Turnkey Ebook Store version 1.1 suffers from cross site scripting and redirection vulnerabilities.
0ff858011fd581f1e4c9ee6d8b6321636d4e387d18de3a82b24c22ac51e6f2d0OpenStego is a tool implemented in Java for generic steganography, with support for password-based encryption of the data. It supports plugins for various steganographic algorithms (currently, only Least Significant Bit algorithm is supported for images). Both source and jar releases are in this tarball.
ac9166905513d6f187ba97a2d1f5459ac3e672a22c38f7888d250ba98c06613eVSP Stats Processor version 0.45 suffers from a remote SQL injection vulnerability in gamestat.php.
556117c98db69cf220005749c47a92a273dd63c8fd78e2d4ea4c34c996e6ede7PHPRecipeBook version 2.39 suffers from a remote SQL injection vulnerability.
044602fcdcf98db5aea16ac5cfdeefafa0ae0d7e4c373f0074d1e393841c5864JobHut versions 1.2 and below suffer from remote password change/delete/active user vulnerabilities.
1b5b781cf06654262f84fbfc10cfcbae8d8b76cb05e83761bf3bf9f0e95eb79faspWebCalendar Free Edition suffers from a database disclosure vulnerability.
c0ecbfa4fee7f3411e7ee2cdd21f32a54ae3649c1aa8949f20bc9794f0167af2Debian Security Advisory 1760-1 - Two vulnerabilities have been discovered in openswan, an IPSec implementation for linux.
2c2aa3345edfeb4b31239b8671abeebadc6d458161424f2e9b565f1d82a519daDebian Security Advisory 1759-1 - Gerd v. Egidy discovered that the Pluto IKE daemon in strongswan, an IPSec implementation for linux, is prone to a denial of service attack via a malicious packet.
e50f4c4bdee473b2d0a12ed6e6e7f625f317c6e610e2d3965a17d7d06d62af8dVirtueMart versions 1.1.2 and below suffer from cross site scripting, SQL injection, remote/local file inclusion, and code execution vulnerabilities.
c1b8b1b104c5cb8ad97f285c6bcdb1512e50ac13adc92396ee282e41ac8a0bed
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed