Secunia Security Advisory - A vulnerability has been reported in RSA Data Protection Manager, which can be exploited by malicious users to conduct SQL injection attacks.
e32b410b307980bc4290d9c35ed512e7bd1e3bfc0699234fac01719c46d5d8c7Secunia Security Advisory - A vulnerability with unknown impact has been reported in Mosets Tree component for Joomla!.
ee120417f7d3468c976490565fe464859f20d4dbb6381d2cd9d1a0c46c574a1fSecunia Security Advisory - A vulnerability has been discovered in the Audio plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
87cf441a87cfbb1709329d9fd06ad1ab248088c668f4764b9a5e0acb860cb0fcSecunia Security Advisory - A vulnerability has been discovered in the BezahlCode-Generator plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
03948323d4bb75e052b405e67c18cb1e95134dd771fdf5386dfe36f220a59a92Secunia Security Advisory - A vulnerability has been discovered in RSS Feed Reader for WordPress plugin, which can be exploited by malicious people to conduct cross-site scripting attacks.
3b78d0861707c887c377226acd745dcc1f9700ba80503ea311f0cb37a098c31dSecunia Security Advisory - A vulnerability has been discovered in Look 'n' Stop Firewall, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
f83c882e4b89edbe37d4cbe74f32999d06a86ac4862e79c447b90643a267c367Secunia Security Advisory - AutoSec Tools has discovered a vulnerability in the FCChat Widget plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
843ce4a7101dbab768628a9f17a62408e1d42743fd6575e3bf86fed156db781bSecunia Security Advisory - Some vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct HTTP response splitting attacks, cross-site request forgery attacks, and bypass certain security restrictions. 1) An unspecified error related to insufficiently random numbers can be exploited to gain access to a user's account.
5c6f6876a5bbe4064d7aa1959450da1cf07a4332da6c07ef914d556d735d6bf9Secunia Security Advisory - Dmitry Chastuhin has reported multiple vulnerabilities in SAP Crystal Reports Server 2008, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks, manipulate certain data, and compromise a user's system.
11ab326efa92e8779d89217c612bd6edc729c6d6581fcca920949792d69e83c3Secunia Security Advisory - A vulnerability has been reported in Progress OpenEdge, which can be exploited by malicious people to bypass certain security restrictions.
170f82b059d054ca459f9d60ae4073e0db8501c0ba71a62f356abe98d694d8e7Oracle Document Capture version 10.1.3.5 suffers from buffer overflow and insecure method vulnerabilities.
d8de28a03cf63e8eb852fd978524155069a598269f9adfa1fc15fb5c2f8912faHuawei HG520 and HG530 routers are vulnerable to weak cipher attacks. It is possible to generate the default WEP/WPA key from the MAC address. This python code demonstrates the issue.
c5c634174c47951bb956edb6dd96f6515e4a2e857387c1b589cc81559cfed7b3Zero Day Initiative Advisory 11-025 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell GroupWise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gwwww1.dll module responsible for parsing VCALENDAR data within e-mail messages. When the code encounters a REQUEST-STATUS variable it allocates up to 0xFFFF bytes for the variable's value. It then proceeds to copy the value into the fixed-length buffer without checking if it will fit. By specifying a large enough string in the e-mail, an attacker can overflow the buffer and execute arbitrary code under the context of the SYSTEM user.
191f4ea4886e15f46822744f040abd9d0dec4d3828a80db4fb7a3e1fb0331d92It has been identified that OpenVAS Manager is vulnerable to command injection due to insufficient validation of user supplied data when processing OMP requests. It has been identified that this vulnerability allows privilege escalation within the OpenVAS Manager but more complex injection may allow arbitrary code to be executed with the privileges of the OpenVAS Manager on vulnerable systems.
465e38dd18df584bf3d5f7eda261e4615381784ac40a6d293ea96a4cc69f27a3HP Security Bulletin HPSBMA02624 SSRT100195 2 - A potential vulnerability has been identified with HP LoadRunner and HP Performance Center. The vulnerability could be remotely exploited to allow execution of arbitrary code. Revision 2 of this advisory.
0ae85c56d3d2c3beefa5625a23d8aae8de8e99fbfd15ff6ec394d62fa013d7af
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed