Gentoo Linux Security Advisory 201110-14 - Multiple vulnerabilities were found in D-Bus, the worst of which allowing for a symlink attack. Versions less than 1.4.12 are affected.
55b8075783df5c6f9b4afa7745043043619b3aca7b24e38ad62b9bcd97d97883
Team SHATTER Security Advisory - Oracle Database supports spatial datatypes. A SQL injection vulnerability exists in the handling of spatial indexes. Users with create table and create procedure privileges can elevate their privileges to SYSDBA.
4616869b107611943cfb158aaeb48dfebc849d4b8aa5d6f570567435e9d23081
Team SHATTER Security Advisory - Oracle Database Vault provides additional protections from malicious privileged users. The protections include separation of duty for some tasks like user account management. Any user with SYSDBA privilege or DV_ACCTMGR role can bypass these protections and change any user's password (including Oracle Database Vault Owner user password) calling the OCIPasswordChange client API (the 'password' command in SqlPLUS uses this API).
08eb0063be1a9f53dacc8a42dfd1b62599503ff8a01981427d4b037d0ff49eff
Open EMR version 4.0 suffers from multiple remote SQL injection vulnerabilities.
115ccc61323b5f3e6518c7a2084a9bd363254a02e7ef505592e749b25644dfd5
Team SHATTER Security Advisory - Oracle Database Server provides the CTXSYS.DRVDISP package that is part of Oracle Text component. This package contains the function TABLEFUNC_ASOWN which is vulnerable to buffer overflow attacks when it is called with a long string in their parameters.
1770f12dffe5349b52e240a1777ecd2d6c40866b8e7d13e00fc89042de1955e0
hwk is used for wireless audits, fuzzing and stress testing under Linux. It provides various modes as wireless deauthentication and authentication flooding using a monitor mode interface as well as probe response and beacon fuzzing. Furthermore it comes with some basic injection testing and focusing modes.
fd8f96435bfbc2c8b9e273632f1b0d1579d7413d749d7fc059f09193858d585e
Mandriva Linux Security Advisory 2011-158 - Multiple vulnerabilities have been found and corrected in phpmyadmin. Missing sanitization on the table, column and index names leads to XSS vulnerabilities. When the js_frame parameter of phpmyadmin.css.php is defined as an array, an error message shows the full path of this file, leading to possible further attacks. Other issues were also addressed.
513a6634ec239490a9a92a87936f7267be3961a1e77857529e832da2c9b6ba9e
Cyclope Internet Filtering Proxy version 4.0 suffers from a denial of service vulnerability.
88e107c4bd84cd131ab1004d7397c57eab86ce2aa642b91196f8730223d2e824
Sports PHool versions 1.0 and below remote file inclusion exploit.
c9a5c128ec7ff9c3d7ec7c6edb9409f77c5343312821b394125b2666c39bb2b6
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing the "X-UA-COMPATIBLE" keyword of a "META" tag, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
48c8c110e7a16caf9bec75c333999b1e5148e63511b0674e0649301d7dfb1252
WordPress ThemeCity suffers from a cross site scripting vulnerability.
480a0862d20875300617c3117d32f28a213fe2b504fccb44353af5cad6b61d1c
Mandriva Linux Security Advisory 2011-157 - FreeType allows remote attackers to execute arbitrary code or cause a denial of service via a crafted font. A regression was found in freetype2 in Mandriva Enterprise Server 5 that caused ugly font rendering with firefox. Additionally, improvements concerning the LZW handling (as noted in the freetype-2.4.7 version) was added. The updated packages have been patched to correct these issues.
6f11129e2987a35e63c2b055f657449a05b60e7b6e472f6484ab277b8302f973
inCommand Technologies suffers from a cross site scripting vulnerability.
dc4746b27e2df90e6a39ca95395e5cc14bd1078f7b2ede898c0defeb07d1f3bd
Radius Manager version 3.9.0 suffers from a remote SQL injection vulnerability.
d7465d1cae603ceb6c99ab6cb16dcc593475dfd9122a239007bd547a0423fc45
Ubuntu Security Notice 1232-3 - USN-1232-1 fixed vulnerabilities in the X.Org X server. A regression was found on Ubuntu 10.04 LTS that affected GLX support, and USN-1232-2 was released to temporarily disable the problematic security fix. This update includes a revised fix for CVE-2010-4818.
d16b6ed5db915dab2883dbe8e21542b35ed1a03bc7433c600486d192144e139b
Oracle AutoVue version 20.0.1 suffers from an AutoVueX Active-X Control SaveViewStateToFile remote file creation / overwrite vulnerability. Proof of concept code included.
aeb1dfdd12a44a730bcec5864f95e60c365b938d372f776b6178f5919b0b4cf8
Oracle AutoVue version 20.0.1 suffers from an AutoVueX Active-X Control Export3DBom remote code execution vulnerability. Proof of concept code included.
f6e3523ba390057db8b6b08be7f5fe37093ca96f4f6757e658263c95e5e02a38
Oracle AutoVue version 20.0.1 suffers from an AutoVueX Active-X Control ExportEdaBom remote code execution vulnerability. Proof of concept code included.
1803baa2803612ed90a10f88057d39ae9f52161fa48eacbdfb002679c5977463
Secunia Security Advisory - Fedora has issued an update for ldns. This fixes a vulnerability, which can be exploited by malicious users to compromise an application using the library.
05156b796b50ff48e75f9c548025092ca15f7d548fd6eef5b4c5333286e0d855
Secunia Security Advisory - A vulnerability has been reported in Sun Ray Server Software, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).
952d585720ba2c517d193737c74648d28e2b2f90f548daa5828d4fb1b353c204
Secunia Security Advisory - Multiple vulnerabilities have been reported in Kerberos, which can be exploited by malicious people to cause a DoS (Denial of Service).
66de2ef0e0f9b490fb730f3fc0473e68c770ed69da2896f9844d18420f114458
Secunia Security Advisory - Fedora has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
59dd999fdf17947af5e1f750d7a7d5aa298d7b4ce85e2ea85cb7b15dc5c715ad
Secunia Security Advisory - SUSE has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
c618e4f9d3f1380cfa40b1cfe5624bf58fc733f1bdad5268a6645a575433103f
Secunia Security Advisory - Gentoo has issued an update for tor. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
1350318873256e37be08e7a2a7048927e168afb7032b908b1b1cc084a05cc4c7
Secunia Security Advisory - A security issue and a vulnerability have been reported in Cisco Show and Share, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions.
7baea8f03424786bc1d91896230ea8cd782d9eddcbb48abdda8fe4b0e0b29059