Netgear WPN824v3 allows for a remote party to download the configuration file unauthenticated.
06e9758cc624e50c9ef6019e428d78a591a6733fb0bb99f6c0f03c6e3a08dc24
Multiple cross site scripting vulnerabilities have been addressed in Open-Xchange Server 6.
38f5d840701796b2a31696211c071436c988be8266dff7c81100c20207b476a2
Many Microsoft products install outdated and vulnerable Microsoft Visual C++ Runtime Libraries MSVC?80.DLL version 8.0.50727.42.
79d41b28c3cca91d28fadfcdc33dd2ddd6f4aeafcc354d1098eef8ce90448472
DS3 Authentication Server suffers from path disclosure and remote command execution vulnerabilities.
d07d1f72f40c9b53f97cf062264dfb6ed349d318e2eea59c7eed003aced0fc18
Imperva SecureSphere Operations Manager version 9.0.0.5 Enterprise Edition suffers from path disclosure, command execution, and arbitrary file upload vulnerabilities.
eec04250ec48215aa48bf604cc560ffa6c8c039d2efdf01586190d7250bc757b
Netgear DGN1000 with firmware version prior to 1.1.00.48 and Netgear DGN2200 version 1 suffer from authentication bypass and command execution vulnerabilities.
cc4a79d89c492b5de9ab547904883302b794d0b6e6cd1cf1d61806ddfe1a4660
Debian Linux Security Advisory 2702-1 - Maksim Otstavnov discovered that the Wocky submodule used by telepathy-gabble, the Jabber/XMPP connection manager for the Telepathy framework, does not respect the tls-required flag on legacy Jabber servers. A network intermediary could use this vulnerability to bypass TLS verification and perform a man-in-the-middle attack.
6949abe285282ac5e2ae2ea127cf92f08bcd070215f0049630e67a6a6c5da94b
Red Hat Security Advisory 2013-0897-01 - Mesa provides a 3D graphics API that is compatible with Open Graphics Library. It also provides hardware-accelerated drivers for many popular graphics chips. An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
61e73b76a9599ec628e29d14931f81edeb1e8991e06be3eea1e54195f86ed1f7
Red Hat Security Advisory 2013-0898-01 - Mesa provides a 3D graphics API that is compatible with Open Graphics Library. It also provides hardware-accelerated drivers for many popular graphics chips. It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of Mesa are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against Mesa must be restarted for this update to take effect.
f7195d024f57e7ff0c78661b7b3ba601407fbf382941f9034ca78bbb6209bfaa
Red Hat Security Advisory 2013-0791-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages form the user-space component for running virtual machines using KVM. It was found that QEMU Guest Agent created certain files with world-writable permissions when run in daemon mode. An unprivileged guest user could use this flaw to consume all free space on the partition containing the qemu-ga log file, or modify the contents of the log. When a UNIX domain socket transport was explicitly configured to be used, an unprivileged guest user could potentially use this flaw to escalate their privileges in the guest. This update requires manual action.
3d0f63964a221be88b397d15513f4e055eed4a93d446220253423c80e54723d2
Red Hat Security Advisory 2013-0896-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. It was found that QEMU Guest Agent created certain files with world-writable permissions when run in daemon mode. An unprivileged guest user could use this flaw to consume all free space on the partition containing the qemu-ga log file, or modify the contents of the log. When a UNIX domain socket transport was explicitly configured to be used, an unprivileged guest user could potentially use this flaw to escalate their privileges in the guest. This update requires manual action.
78c09a27924b169fc35495ec7822a2252c1000ec9bf69ee699b081bcde3ba5e1
Red Hat Security Advisory 2013-0895-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.1 was retired on May 31, 2013, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.1 EUS. In addition, technical support through Red Hat's Global Support Services is no longer provided. Note: This notification applies only to those customers with subscriptions to the Extended Update Support channels for Red Hat Enterprise Linux 6.1.
8f70af02177fabdc8086a91206b22ffeb3b894a3f84bc8438cf9c95ed106b6c5
This is the announcement for the Balkan Computer Congress 2013 (BalCCon) Call For Papers. It will be held September 6th through the 7th in Novi Sad, Vojvodina, Serbia.
32cb05e249e1c1b4c0fb8b3bf79d7424fa8db9fa52648e96dd4f5f59a72ad216
Shellcodecs is a collection of shellcodes, loaders, sources, and generators provided with documentation designed to ease the exploitation and shellcode programming process.
69a40e2afeb214b34568d99eb3bccf78671d4ef81484e96550e4d019f0942d35
There is a pretty obvious bug in win32k!EPATHOBJ::pprFlattenRec where the PATHREC object returned by win32k!EPATHOBJ::newpathrec does not initialize the next list pointer. This is a local ring0 exploit for Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7/8.
8cf6980d8150418310b84eb82f5ea9cd1af781bba12ccb9ac233cd2f50bba066
Scriptalicious Pro suffers from a cross site scripting vulnerability.
b4de5bc88d1678157c2740d127d10c6a89ce46abaece60e55305241cd6ff9ecb