Gentoo Linux Security Advisory GLSA 200812-18 - Multiple memory management errors in JasPer might lead to execution of arbitrary code via jpeg2k files. Versions less than 1.900.1-r3 are affected.
4d57aebd7f1e7f3c83b382b57ad902e73ac27115f7b4c7d96b63d1bae4385111
Joomla fails to set the secure flag in the session cookie allowing the possibility of a session getting hijacked.
a0f0b11a97d38cd11e6da4f7b89ff1d72b8153bcd12e0b35bdbafea736cee8af
The Barracuda Networks Message Archiver product is vulnerable to persistent and reflect cross site scripting attacks.
7d5ba643cb91e384c25bc6c8b9b798506aa2c146a0eb1e25cdc27fb3cdcc863e
The Barracuda Networks Spam Firewall is vulnerable to various remote SQL injection attacks.
4a06cf636ddf600a8fa7b1e3104ca846b7810df35ab3c3da2a438c7b755bd9e4
v6 is a script that performs SQL Injection, local/remote file inclusion and code execution scanning. It's controlled via irc as an irc-bot. It scans on a lot of engines, performs a mass scan, and a bypass for google and yahoo.
8e71b5b683b5e169ff5eded068320ed3e6687e1d1b55d98aa69608504172e1f0
EvimGibi Pro Resim Galerisi version 1.0 suffers from a remote SQL injection vulnerability.
e8f5f29204963b8d74595cdf4d48b630601e20142e1af996f81579d2fd52400a
Gentoo Linux Security Advisory GLSA 200812-17 - Multiple vulnerabilities have been discovered in Ruby that allow for attacks including arbitrary code execution and Denial of Service. Versions less than 1.8.6_p287-r1 are affected.
fc3d0e1000f9f9bfede1eca24d080fd7125be4acdc61e8d5f8e06afcd003ef16
Zero Day Initiative Advisory 08-088 - This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of Oracle E-Business Suite Business Intelligence. Authentication is not required to exploit this vulnerability. The specific flaw exists in the APPS.ICXSUPWF.DisplayContacts package. The procedure fails to validate the contents of a WHERE clause containing user-suppled input. This allows an attacker to execute arbitrary SQL statements in the context of the APPS user.
45aace3526309f21ce527289fb342b9e73195493e59ce9dce43e859c100cfa9e
Aiyoota! CMS remote blind SQL injection exploit.
5fe1f519e4f3e8d6131052331a1e2520afba7ff252c5e3d08ca8a8fedffe9878
FLDS version 1.2a remote SQL injection exploit that leverages report.php.
5d94a5a7ea6dce7ddf65ab0bab80b2fb2417b49558d782fe174b397b373b41e1
Ubuntu Security Notice USN-691-1 - Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service. This update also fixes a regression in the upstream patch previously applied to fix CVE-2008-3790. The regression would cause parsing of some XML documents to fail.
8e6e9a4a0c546126aa35f85750f347d27b3886321646d22ce793a2ac11d744df
FLDS version 1.2a suffers from a blind SQL injection vulnerability in lpro.php.
eeca86bfa60726d6d88db68e98029bc47a279b2dd021a83f352a48710f441c60
TableEditoR suffers from a remote database disclosure vulnerability.
c4025d206d7d798e5a6a3687064bcda8448b91f3dd12926fa6bb04cae009a72a
Portail PHP version 2.0 suffers from a local file inclusion vulnerability.
f2a3c3253a127a6e100615a5eb7e4007d153297fdd9c9c2fb3eff3acc48f8c09
Web Wiz Guestbook version 8.21 suffers from a remote database disclosure vulnerability.
12a1d911ce3e44a1ae03dc5639f41d374c1b052712e7fd084fdf6804f3106b06
FaScript FaUpload suffers from a remote SQL injection vulnerability in download.php.
23ef236a5ece965a75b46e1929801b3871f530cb11ecb0241168031615b46eb7
GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP specific capabilities such as presence and messaging. It supports secure telephone extensions for making calls over the Internet, and intercept/decrypt-free peer-to-peer audio and video extensions. It is not a SIP proxy, a multi-protocol telephone server, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
896f9eae255dd403dea8c387a2642b6f82e829828c9731874a0b7b48721d414d
Secunia Security Advisory - shinnai has discovered a vulnerability in Realtek Media Player (RtlRack), which can be exploited by malicious people to compromise a user's system.
f8b0bb94897577ded3db589558d8e8a830733120f8c9b84cf836b2e8faced230
Secunia Security Advisory - SUSE has issued an update for freeradius. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
706f37e282f37557acfc21a241647be3a0239af982011de3d79d13eacdacfd55
Secunia Security Advisory - SUSE has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
c363e382bc9b1ef47fb92de14e7fb9bba0cc83be09f7ed4eaaba2c2ae4a628fb
Secunia Security Advisory - SUSE has issued an update for IBM Java. This fixes some vulnerabilities, which can be exploited by malicious people to disclose system and potentially sensitive information and bypass certain security restrictions.
7f68293b74255ad08d1de471f04ffba4f068dfd5ea47ff735a7f44898650dad8
Secunia Security Advisory - Dr. Marian Ventuneac has reported some vulnerabilities in various Barracuda products, which can be exploited by malicious people to conduct cross-site scripting attacks.
62d39486e0c0180ede2c66aa137ae9ae285954ed51fb2bb3b43db2127bb1f18a
Secunia Security Advisory - Red Hat has issued an update for enscript. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
89f251820b78e8a90b6fabc6659f6e0c23a8fb55454ff1770c36b71d798b08fb
Secunia Security Advisory - Gentoo has issued an update for aview. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
71413bd02aec3c0a7e8a1cd3b8073ca68b14411ad7fd70982e32433ab22765a9
Secunia Security Advisory - Fedora has issued an update for gallery2. This fixes some vulnerabilities, can be exploited by malicious users to disclose sensitive information and conduct script insertion attacks.
7c7247d88ee7fa6cea7f067a4f59534cbacc403ff2f07c41ce05766d0352523f