Secunia Security Advisory - Fedora has issued an update for webkitgtk. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, and compromise an application using the library.
f95ba9b0a0ba34d60f8eb1d740339caeb1c38a3738ccc7a7ba31263ee8d77a0bSecunia Security Advisory - Fedora has issued an update for postgresql. This fixes a security issue, which can be exploited by malicious users to perform certain actions with escalated privileges.
d61f9234cbad77538eb7eb5de5a649f4788b370ff95d607fdb650798f37d2420Secunia Security Advisory - Red Hat has issued an update for cobbler. This fixes a vulnerability, which can be exploited by malicious users to gain escalated privileges.
03fddd23db68259bf18767470c47ef25cd708f6866554cd686db6f676cfa1bd7Secunia Security Advisory - A vulnerability has been reported in IBM Informix Dynamic Server, which can be exploited by malicious people to compromise a vulnerable system.
748fd2c0baecb26ad229d11293d1b909719670ef48a01a626b3c996ac4f9d7fbSecunia Security Advisory - A vulnerability has been reported in IBM Informix Dynamic Server, which can be exploited by malicious users to compromise a vulnerable system.
5db190d6bd56e737c3e1c4c8d85eec23e4ee8e9fce0697112f0a6e9365b51e75Secunia Security Advisory - shinnai has discovered a vulnerability in VLC Media Player, which can be exploited by malicious people to potentially compromise a user's system.
5feb444b5074c5e65021fc010014cbebbd7c01a60321f70fabca63b32c3bb15bPowerDVD version 5.00.1107 DLL hijacking exploit.
8ffac900622ad03cf1582395594d3181becb1e9462edd017fca13b0f9e43daa8Zero Day Initiative Advisory 10-214 - This vulnerability allows remote attackers to execute code on vulnerable installations of Rational Quality Manager and Rational Test Lab Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the installation of the bundled tomcat server. The default ADMIN account is improperly disabled within 'tomcat-users.xml' An account providing manager role level access is left enabled with a default password. A remote attacker can use this vulnerability to execute arbitrary code under the context of the tomcat server.
5b7e364cefc265db65102910ac3f53f9be8fe8a7647cebb31b28730a58236ce3This Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to execute arbitrary code.
6cf335d7a911baa5a781d9110c547c3f8feb4e5400dc4f0212b17723f78da7c3Event Ticket Portal Script suffers from a cross site request forgery vulnerability.
88ebc39cf565b45d4b8222b5709f3c325f45d3f584c1cf6c11821b3c7cac129eThe GNU C library dynamic linker suffers from an $ORIGIN expansion vulnerability.
c7b3de2fd4f6e322d777f6c679824b18538afa2600db0b0d4feac2239de8466aSecunia Research has discovered a vulnerability in RealPlayer SP, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by missing input validation in the handling of sample chunks when parsing QCP audio content. This can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. RealPlayer SP 1.0.5 is affected.
eeeb4329cff7001ffd06cec1862563c1994e5260cf8c7aa4113f614fd72bb98eCopyProtected.com suffers from a remote SQL injection vulnerability.
4841349b583ab768c94585037764d565a9cf1bbd98dff87bd65295614b0da12aTravel Portal suffers from a cross site request forgery vulnerability.
1556d140ac60ae0ba8258f6d453ba89589ff3d5083d8ba0e0cd1538e3e4f56f6GeekLog version 1.7.0 suffers from a remote shell upload vulnerability.
a7a55a606c47085b3081e0af137c5c06e70805f422f5b54b77f3823674eb56a7411cc e-Commerce suffers from a remote SQL injection vulnerability.
86abc26e684ec339e5dad73a16eb13a4f0b5e202e106e511455d6cdca6348638This Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to execute arbitrary code.
388759d36655c0ed2039607f9ec5c8c8d9a87a60ebfb3d8b487ad627d522e542This Metasploit module exploits a directory traversal vulnerability which allows remote attackers to upload and execute arbitrary code.
98da432c7c2923876a9cb0384f23add13edaad4b6df70a92a15aea6992464c78Avast Free Antivirus version 5.0.677 DLL hijacking exploit.
89288cd663546d483341e603998cff633bba5dd0bcea269b5ac5dbadc7d8cdadTotal Video Player version 1.31 DLL hijacking exploit.
32fbdbeb90cf937815600c526f7f9a868f018141d581d2acbc809defd9813e46Avira Premium version 9.0.0.420 DLL hijacking exploit.
107b1d5d2cd123d719f32f834908d80ae41afd12c84b83a5683a34ba50443b50Accounting Pro 2003, Brilliant Accounting System, Rafe 7, Sahar Money Manager, Holoo and Xilisoft Video Converter Ultimate all suffer from insecure library loading vulnerabilities.
91a918465b808e89372067a864d031b06dd3f281d83c429096eed3d51faa0eea
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed