Secunia Security Advisory - A vulnerability has been reported in the Mosets Tree component for Joomla!, which can be exploited by malicious people to conduct cross-site request forgery attacks.
016a1b02f7d2fa14f2603b590306b29aaad5f45f1f0958051ffc76f8fabba39c
Secunia Security Advisory - Two vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
26b723f100271408b31456ed2bc60ebdbd158dc15bfd1fa1604f5b6db8040c37
Secunia Security Advisory - Fedora has issued an update for systemtap. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and cause a DoS (Denial of Service).
ec2d93fa8b2eb909cf2b445ddce3ccaff2e2af07804e33de5160b1fc65b28d0d
Secunia Security Advisory - A security issue has been reported in multiple Fujitsu Interstage products, which can be exploited by malicious people to bypass certain security restrictions.
3f021a724e0e8dd2dbcdb7022072053ced4ad99c0a25398ff605ddbdd6f0c339
Secunia Security Advisory - A vulnerability has been discovered in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system.
6582dcec2708ba5591bb3d200056a9cac163f52e48e1e11eb22e8e889543b0d5
Secunia Security Advisory - Multiple vulnerabilities and weaknesses have been reported in Apple Safari, which can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, or compromise a user's system.
b8844e461e5295ba25a223b7dd3cf558dc4225a3a12ae5908268714f55a5240d
Secunia Security Advisory - A vulnerability has been reported in PGP Desktop, which can be exploited by malicious people to bypass certain security restrictions.
f734f1593ad2c551b58f214c9310b694551da7da10d6293a0020415002a91d85
Secunia Security Advisory - A vulnerability has been reported in PGP Desktop, which can be exploited by malicious people to bypass certain security restrictions.
24abb0752fdc71383ca5ad0717c8021b42d0496e0b5191318062d8c16be617ea
Secunia Security Advisory - A vulnerability has been discovered in CompactCMS, which can be exploited by malicious people to conduct SQL injection attacks.
90f812afe9d4fde5cc067ef9797e76f149720fb7bcb78fd31d3ba412e910b1bf
Secunia Security Advisory - Some vulnerabilities have been discovered in vtiger CRM, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
a131d982326a705fa2e1acea673974f78f9fcec42429b02e34f12295d25cda04
Zero Day Initiative Advisory 10-256 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the ienipp.ocx component. When handling the exposed method a GetDriverSettings call is made into nipplib!IppGetDriverSettings2 where the process will blindly copy user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
2971af8cebc50a3a9ade2dcd7ba6f3f41d191dfe5ac51ccb9c5ecc235e08c17f
The Call for Papers for the second annual HITBSecConf in Europe is now open. Taking place from the 17th through the 20th of May at the NH Grand Krasnapolsky in Amsterdam, HITB2011AMS will be a quad-track conference line up featuring keynote speaker Joe Sullivan (Chief Security Officer of Facebook) and a special keynote panel discussion on The Economics of Vulnerabilities.
cf58e87d0c2a449f61522b9a8f6f8a34944b6a681ba5ece86b407d733ad934d1
ViArt SHOP version 4.0.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
1337e98c02ad0b166da6fb21b4fbcdbc7cb096ce66b35f262001044b2fec92ea
Compact CMS version 1.4.1 suffers from multiple cross site scripting vulnerabilities.
d856e3e38213b483aec9af4c4a382440d5e9f7ec5173d3fe4506445670f5c0c8
This application is used to get information about SSL usage (protocols and ciphers) at a server. It can also be used for testing and rating ciphers on SSL clients. The code is written for win32 but may easily be ported to Linux.
5e977f061ef21b1f021b84c1fcb266f3ae1fb13e5515f9b4c6c16376313a0c3f
South Korean UTW CMS suffers from cross site request forgery, source code disclosure, local file inclusion and various other vulnerabilities.
a0de06ac87db2f75cd8996bb2375f8eed1b3a45b7a4597eeeebb4404f5127c2b
FozzCom Shopping versions 7.94 and below and 8.04 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
39abefdd89310ab474b3c8e0886c5474c077ce27702484bcc0af10835897bd5c
This Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to execute arbitrary code.
e57bb6121457517c53d2597e5f16074557b9196d59670db5966120b5bff8d475
Ubuntu Security Notice 1018-1 - Rob Hulswit discovered a race condition in the OpenSSL TLS server extension parsing code when used within a threaded server. A remote attacker could trigger this flaw to cause a denial of service or possibly execute arbitrary code with application privileges.
6061d4d1c08fc368362d3bae3287dcd126c1c778172a5f8f4ef56c6098cce0d7
Mosets Tree version 2.1.6 template overwrite cross site request forgery exploit.
7e0514382fad8be73396ea4c19cd3aac6c2715bedcc7e94759293841f683ee31
Xion Audio Player version 1.0.126 buffer overflow proof of concept code.
cf466d4cb783f28edd6edad5536ed6fc02e70c422122c2b33900fda413d7365f
chCounter versions 3.1.3 and below remote SQL injection exploit.
19259098ec82895c702fc50b205a95585cb608b8e2ee21f2affcfef07b9cec7f
This Metasploit module exploits an arbitrary command execution flaw in FreeNAS 0.7.2 < rev.5543. When passing a specially formatted URL to the exec_raw.php page, an attacker may be able to execute arbitrary commands. NOTE: This Metasploit module works best with php/meterpreter payloads.
13b5f4e61c7a060d9336946021f180e27222fd5a2afded6ea947cf8bd1fd5ed1
MP3-Nator buffer overflow exploit with SEH - DEP bypass.
bf3f7ae0b6f6552d61477656f9c026a8526709df9f392688ec8f3bf111018bcc
DIZzy version 1.12 suffers from a local stack overflow vulnerability.
cfe6dab8470ec88790ec626dda109b2be737eb8cb9734417413102ef48b994f8