Symantec Web Gateway versions 5.2.1 and below suffer from a remote OS command injection vulnerability.
80e097e61c3144721b95a38213e7b0f3f782bac6d90fcd41c8baf29fdbab0249
GetSimple CMS versions 3.1.1 through 3.3.4 suffer from an XML external entity injection vulnerability.
08abfc94e71de2ed8b547ff31a3d88150accaa5198692c3c78a8a9486fd32308
CMS Absolute Engine version 1.73 suffers from cross site scripting and remote SQL injection vulnerabilities.
ad2e88836b90afa4afe10d894720956e6cd6782a14871da5af8c8721c7ef2f3d
This Metasploit module exploits a stack-based buffer overflow vulnerability in i-Ftp version 2.20, caused by a long time value set for scheduled download. By persuading the victim to place a specially-crafted Schedule.xml file in the i-FTP folder, a remote attacker could execute arbitrary code on the system or cause the application to crash. This Metasploit module has been tested successfully on Windows XP SP3.
94c5ffd4bba7cde5bb23f726de24dc0fd0c729b7a0fbb63bb8f2f94583c88279
Debian Linux Security Advisory 3116-1 - It was discovered that a memory leak in parsing X.509 certificates may result in denial of service.
716f00de140643e903111e8a49c5906ac4dc2315c7a5c2ff83b4b5f09bf2b093
Mantis Bug Tracker versions 1.2.0 through 1.2.17 suffer from a PHP code injection vulnerability.
5123adecd54a72a557dfcb5fa13fb9a040dc8f7303ed28a65d028c74cd29df24
Osclass versions 3.4.2 and below suffer from a local file inclusion vulnerability.
540c5a7d1919e55e0e1b5450e86af76917b39fa680c1edfea9aecdb3e4c5c065
EMC Replication Manager and EMC AppSync may contain unquoted entries in the Windows registry service path that could potentially be exploited by an attacker to execute malicious programs. EMC Replication Manager versions prior to 5.5.2 and EMC AppSync versions prior to 2.1.0 are affected.
085263f786a21f962439f7e0b2485d5c2b8b4c228b270b346a074cd80a39f6bd
Osclass versions 3.4.2 and below suffer from a remote shell upload vulnerability.
825d51702a5b5cff864eca84c0ff288307cf0918b165529a013cccb1666471cd
RSA BSAFE Micro Edition Suite and SSL-J contain updates designed to prevent Triple Handshake attacks. There is a known potential vulnerability in the TLS protocol where it is possible for a malicious server to impersonate a client to another server using the client's credentials and successfully perform a man-in-the-middle attack on the third handshake.
93be08d4c4e239ceb09c2ed267dbf8165470862f35b663be64f889d55c4e97e5
Osclass versions 3.4.2 and below suffer from a remote SQL injection vulnerability.
feb708538ef7cc58e421b2def7ebaeb3f6f71a708040f56f501d7b1cde85fc88
Desktop Central versions 7 and forward suffer from an add administrator vulnerability.
c2e77377429f0005eda7b7e387bc4d53931aff42d4cb2b99620c29f7791151c0
Debian Linux Security Advisory 3115-1 - Jonathan Gray and Stanislaw Pitucha found an assertion failure in the way wrapped strings are parsed in Python-YAML, a YAML parser and emitter for Python. An attacker able to load specially crafted YAML input into an application using python-yaml could cause the application to crash.
49ad22f3dd836f0d44e1d28a7e4a30bff012d8ec8e5bbb52b850fe99bc1e870b
Gentoo Linux Security Advisory 201412-53 - A vulnerability has been found in MIT Kerberos 5, possibly resulting in arbitrary code execution or a Denial of Service condition. Versions less than 1.13 are affected.
5cde42d374ab870f36dc359940e34aa0c1990a9800b99bca9fe88696b4e98ae5
UCell Software for ZTE Modems suffers from a DLL hijacking vulnerability.
0e24a72da1d26722ab921c8a7e01a34c4923fc932c51d571a3e8cc8dc5da3259