Secunia Security Advisory - Chris Steipp has reported some vulnerabilities in PatchLink Update Server, which can be exploited by malicious people to conduct SQL injection attacks, manipulate certain information, and potentially compromise a vulnerable system.
8de5227f0252db1822a96d8871c4f91e89ae5ad294d891eed46ab3ec4e1662d6
Secunia Security Advisory - Apple has issued an update for Mac OS X, which fixes multiple vulnerabilities.
023d75c045931ea136f455acc881f48c3138e7892dffc22fb373e26cef081140
Secunia Security Advisory - Mandriva has issued an update for mutt. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
bc15159ec8d8f02f74fa9e76c4f874b9ee1cea5ad29b171c7d1cfb04efcb759f
Secunia Security Advisory - luny has reported a vulnerability in PHP/MySQL Classifieds Script, which can be exploited by malicious users to conduct script insertion attacks.
17862de0cdf684e9fe664e19c4e6d271f03465f5399a0bdb97052b03fc0e0002
Secunia Security Advisory - KeyCoder has discovered a vulnerability in the MyAds module for Xoops, which can be exploited by malicious people to conduct SQL injection attacks.
bd940625f521d1ce18e097cfa59acbd1699ab234d5af3a59199712fe5993e4f9
Secunia Security Advisory - Botan has discovered a vulnerability in PHP iCalendar, which can be exploited by malicious people to conduct cross-site scripting attacks.
d73b14aa9ecf535ed2f0ddd2086b0ed9c5439c287fd6cea49159bf6db242bccb
Secunia Security Advisory - rUnViRuS has reported a vulnerability in MKPortal, which can be exploited by malicious people to disclose sensitive information.
130c097f59440a2bcb8701749153dbac86ea05146dded7b1c9ad5c6aa44e59ff
Secunia Security Advisory - A vulnerability has been reported in Novell GroupWise, which can be exploited by malicious users to bypass certain security restrictions.
3902c49b4dd5291ec748ad6f300d2c11f106f6595001c3565c5990947d04d5dd
Microsoft Outlook Web Access is vulnerable to an HTML code injection/cross site scripting attack. A malicous user could craft a mail containing HTML and Javascript code. Such code could be used to steal session information from the victims cookies, and thus enable the attacker to get access to the victim's emails.
dccfbc946917b8c4d45a7217924d48a440d871a4d69d0cbdf997231cd6903b20
MyBB 1.1.3 suffers from cross site scripting
02593e619b497f64477fe47c68cdda55f9b82219e889a8db18f9a9c03232be35
Hanaro Search suffers from cross site scripting
7c07151188639bae810aefe451feda3e692030173f7fb09f71f56b130567596a
Usenet Script v0.5 suffers from cross site scripting in index.php
1ccc621b4089584ddd76df052fc4861b60845bbcc2632642bd2c35ce5cb5d1ff
Winged Gallery v1.0 suffers from cross site scripting
2b28ffb3f73ead59c1df5a1909f5e2aec4d49f2bd23334dafdc770f2cab1da2c
Apple Open Directory Pre-Authentication Denial of Service: A denial of service condition exists in slapd (OpenLDAP-2.2.19) during the anonymous bind operation. By sending a malformed ldap-bind message, the slapd server can be forced to abort
d9553f5df18483b93dbebdc0884e1242dbb918c1e00d9668340b5b3a8f0e9f9e
Cisco Security Advisory: Access Point Web-Browser Interface Vulnerability: The Cisco web-browser interface for Cisco access points contains a vulnerability that could, under certain circumstances, remove the default security configuration from the managed access point and allow administrative access without validation of administrative user credentials.
859665dfe1c85f40a979f9ca36b048dd0a83308ea7421fb15d991ac3cae9b180
Cisco Security Advisory: Multiple Vulnerabilities in Wireless Control System
30b1c1d3922d75b004336cf7173601ec3300f0b854269945b3afb020eeb58508
OpenPKG Security Advisory OpenPKG-SA-2006.011 - The Portable Network Graphics (PNG) [1] library contains a vulnerability caused by a potential sprintf(3) related buffer overflow.
8071437e497695cd666fb98667d1187ce2643a3e0816095481e038b740d89d9c
Secunia Research 28/06/2006: Opera SSL Certificate "Stealing" Weakness - Secunia Research has discovered a weakness in Opera, which can be exploited to display the SSL certificate from a trusted site on an untrusted site.
a3d06dc28b9a3860f0785ca6c06ab1785ff2b547543ae217f9b6eafa812ca22a
Mandriva Linux Security Advisory MDKSA-2006-114: Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. Libwmf contains an embedded copy of the GD library code.
fb5bf8bd015ec069bbe71c5e1381a6ac1d81e7da580af58984884a9cfcf53158
Mandriva Linux Security Advisory MDKSA-2006-113: Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. Tetex contains an embedded copy of the GD library code.
65d1ad94500b01309e4f5fdd0aa0e88857564c61654b75ee36db1006e80664d9
Mandriva Linux Security Advisory MDKSA-2006-112: The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop.
0742d372f21535a306ff7393bc568a090f427c13a2d69119edad8097713dc60a
A format string vulnerability was discovered within etrust Antivirus 8.0. The vulnerability is due to improper processing of format strings within the scan job description field. An attacker could create a scan job containing special crafted format strings that could potential lead to execution of arbitrary code, rights escalation and at a minimum denial of service.
904184d605233967c52fd67cc3154342d54a0fa06cabd165e584e86fee6cb3b3
smartsite cms v1.0 suffers from a remote file inclusion vulnerability.
838ce200bdbeb0af6705849afacc47faa7637c3069a163fa2eb27216c118e948
Codewalkers ltwCalendar 4.x suffers from a SQL injection vulnerability.
14c4a543df895e011a180eaa4ad6d126004f65fa383265dc4a31510315e02864
The Quake 3 engine version 1.32c revision 803 suffers from several vulnerabilities which may allow a malicious quake server to compromise a users system.
91f59db2395e25a3d9afea9c61641c3801bc21cad8841138c59b9a967cb72a9f