Secunia Security Advisory - Rapid7 has reported two security issues in Novell ZENworks Asset Management, which can be exploited by malicious people to disclose sensitive information.
bbd63e4999884e1a97ad4cb37964fc7e65a9c461df49875681972139b9f594ef
Secunia Security Advisory - A security issue has been reported in radsecproxy, which can be exploited by malicious users to bypass certain security restrictions.
9caa4e1062e7e450e36a4c07c9ed02543c4f75fe273b625994698e29bd872ed1
Secunia Security Advisory - Debian has issued an update for libexif. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information, cause a DoS (Denial of Service), and compromise an application using the library.
17ddc4f508fc0dc19b920c6dfcb9dd27f1d16d7094264b7b34de26fee29b0a26
Secunia Security Advisory - High-Tech Bridge has discovered two vulnerabilities in AContent, which can be exploited by malicious people to bypass certain security restrictions and conduct SQL injection attacks.
542c86733c0d23eb13a2e46e2c66951cdb056a3c83f9fa211aa72239ab65c16b
Secunia Security Advisory - A vulnerability has been reported in Drupal, which can be exploited by malicious people to disclose potentially sensitive information.
b54bd0613d19e04b9da701eb085a1c63c32adbbc6e4d7490e5956aa30ef5e985
Secunia Security Advisory - SEC Consult has reported a vulnerability in ModSecurity, which can be exploited by malicious people to bypass certain security restrictions.
d29e680b9d1b35434ff3d030b4166a664a20e11160e40a0c77d9a4570761e0c2
WordPress Social Discussions plugin version 6.1.1 suffers from local file inclusion, path disclosure, and remote file inclusion vulnerabilities.
6933e3b623f1553697b15b2ffeb7d2791b92487442eb60c7da616d9ff9df1f71
WordPress Slideshow plugin versions 2.1.12 and below suffer from cross site scripting and path disclosure vulnerabilities.
da1af48b7e10782660bd99d291eaed392728e957f960e5ad28cedbd89efdf24e
Amateur Photographer's Image Gallery version 0.9a suffers from cross site scripting, remote file disclosure, and remote SQL injection vulnerabilities.
5f9f29a0eb56a1f97678a27b19ab175cb15181cbf062a2ab9a42ed9109a05cc0
BSW Gallery suffers from a remote shell upload vulnerability.
cbe491d9281409a8c67abca0c387d9207d4efea38e9e436208e034927e06a8fb
jCore version 1.0pre suffers from cross site scripting and remote SQL injection vulnerabilities.
6b5298a41aa2820b67dc3beb4a6b02db1aaee7603772138dd6228a587a308157
Subrion CMS version 2.2.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
a3cf7fcdf1b5f6d220a577633d480f22b716b77a1b6f6819efe7e82d7b6fc0dd
ATutor AContent versions 1.2 and below suffer from improper authentication, cross site scripting, and remote SQL injection vulnerabilities.
f884299c5d9976c978753e2b78b0f47541e45479ec64ddb6f85cd4a678ba506e
Red Hat Security Advisory 2012-1385-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions.
1ab9eba3cd8523c24b7360edb76fb7cd4a74585c7f602268d19072977676e5fd
Red Hat Security Advisory 2012-1384-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions.
24e419285a203b410a677329f5229678b7380389fb34021417dfb3017977396f
Red Hat Security Advisory 2012-1386-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the Beans, Libraries, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. The default Java security properties configuration did not restrict access to certain com.sun.org.glassfish packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. This update lists those packages as restricted.
7953072500e60f1a34d886169a7e764d3576d701739377834ad9c9a8a433fabc
Debian Linux Security Advisory 2559-1 - Several vulnerabilities were found in libexif, a library used to parse EXIF meta-data on camera files.
c8bf62536ad8e1aa054b95d4326eede5318456337e927cddf2983c064b9c88b3
Ubuntu Security Notice 1613-2 - USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. Various other issues were also addressed.
03c1d61f1a7fd46df33c2cd303dd9df766d417bf63c2774bc68e006f265282de
Ubuntu Security Notice 1613-1 - It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. It was discovered that the audioop module did not correctly perform input validation. If a user or automated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. Various other issues were also addressed.
c13b76291797c5dc6f6323302b6fdfb272dd24cd1b617c855c76a194beaf1ed9
Secunia Security Advisory - A vulnerability has been reported in OTRS Help Desk, which can be exploited by malicious people to conduct script insertion attacks.
b62157ff1c522d43c7202dd0c9ff99c84446694cc08eb708e541fc9a62322623
Secunia Security Advisory - ReVuln has discovered a vulnerability in Steam, which can be exploited by malicious people to compromise a user's system.
feebdf1108d0963e727d034583c7555e409dc56455a3ee42df446b827650275a
Secunia Security Advisory - Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to compromise an application using the library.
e95b4be051a5a894f508f35c98560abbde8efb031abff9a2fba88f91cdc4af80
Secunia Security Advisory - High-Tech Bridge has discovered multiple vulnerabilities in AContent, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
e675efdc82657a8525e3701150b4fede3244caaefd679c358f8434296a66f8cf
Secunia Security Advisory - High-Tech Bridge has discovered multiple vulnerabilities in Subrion CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
8a7b9c873757a31c7ef3b588b537f449cca9690208f485e90db2122ce3d7eac7
Internet Explore 9 suffers from a cross site scripting filter bypass vulnerability.
7efa996042e8eed00bc79381471e8b40fc3c777a09a054edbce6d231f7849cde