Secunia Security Advisory - Iron has discovered a vulnerability in DBHcms, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
5c676edba2a361be0bc8ca9ac9d670a8745cb7992a8123b8c224a68181ff4144Secunia Security Advisory - Nir Goldshlager (Avnet) has reported a vulnerability in IBM Lotus Quickr/QuickPlace, which can be exploited by malicious people to conduct cross-site scripting attacks.
eb6ef710b5435f6f0aae8917a948bf8e8233506c296e73741dc9873234f95f4cSecunia Security Advisory - Debian has issued an update for turba2. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.
dbf607ec81603b3c10347f0fb8a3c99c0b4b2dce221198873e5c9873bba75652Secunia Security Advisory - RoMaNcYxHaCkEr has reported two vulnerabilities in phpQLAdmin, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
521280e43a186fd6f2bdaccaa5def5100a79d486a511afd9282d35d175593bafSecunia Security Advisory - Debian has issued an update for iceape. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
d3f89c40dcfce48499175830097491f45a1ed132831f382b710e77ad8e6e984bSecunia Security Advisory - S@BUN has discovered a vulnerability in the Gary's Cookbook component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
8da7d704585862a8c58970684b44ecb257bf5a82f540053f9daf3c300802605cSecunia Security Advisory - A vulnerability has been reported in TikiWiki, which can be exploited by malicious users to conduct script insertion attacks.
9954e75d2f2d6587fb55996031ddb8ef080aa20f4fdb32cbe284fd171930f115Secunia Security Advisory - Ivan Sanchez and Maximiliano Soler have reported a vulnerability in Matt's Whois, which can be exploited by malicious people to conduct cross-site scripting attacks.
655713a2145606cb97b826e7e243fd85f9fdf39ec7624e32cc7ad7d07f4f4464Secunia Security Advisory - Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to conduct DoS (Denial of Service) attacks or compromise a user's system.
cb0ce4a0fffa9a0ecebe0597b1ed49334d077d25cb2efef052520d4bed9bb92aSecunia Security Advisory - A security issue has been reported in Net Activity Viewer, which can be exploited by malicious, local users to gain escalated privileges.
a2051c8b0f7842d1f506a29a7b449939d15a685470765d567c05a9d73ed95f00Secunia Security Advisory - Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
6a8137a929e8132755a9f23fa880bdcffed2df60dfddf7e1ec198e3c14fa1f19Secunia Security Advisory - .mario has reported a vulnerability in Snom 320 SIP Phone, which can be exploited by malicious people to conduct cross-site request forgery attacks.
529da541a52b9a402b09047658870fcd02873634104eefd19ae2fa7b0ffb8f5eSecunia Security Advisory - Debian has issued an update for kernel-2.4.27 and kernel-2.6.8. This fixes some weaknesses, security issues, and vulnerabilities, where one has an unknown impact, and others can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, bypass certain security restrictions, and gain escalated privileges, and by malicious people to cause a DoS.
7bfb45dd7063ed7a90e30a13300436cab7e7190ac3107fda1c0bec21193e8d1cSecunia Security Advisory - Mandriva has issued an update for nss_ldap. This fixes a security issue, which can be exploited by malicious people to manipulate certain data.
a4716871bf22709e296b31e273d4b4b09238d6acc075650ff12dff14398055baSurgeMail Mail Server version 38k4 and below and beta 39a along with Netwin's Webmail versions 3.1s and below are all susceptible to format string and buffer overflow vulnerabilities.
e952fa697baa5cd7cf0a4446ed1145fc6c1002df334d007bd01ff29eac866b6dSecunia Security Advisory - Adrian Pastor has reported some vulnerabilities in ZyXEL products, which can be exploited by malicious users to gain escalated privileges and by malicious people to bypass certain security restrictions or to hijack user sessions.
94dfc0a7c9e101b0888926249f413db379c87b0053c5c0f748dc79199a37a285Secunia Security Advisory - Red Hat has issued an update for cups. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
cbbea23bde26aba989d8dff2534d8510abfe7c75c5e700ff8a16599c19d75ebdSecunia Security Advisory - Hendrik-Jan Verheij has discovered a vulnerability in Joomla!, which can be exploited by malicious people to compromise a vulnerable system.
39cccfd82ccf0306ee3b2ab5eef2bbe622419bddd49cf025630b1af39fdc505aSecunia Security Advisory - Two vulnerabilities have been discovered in the XM-Memberstats module for Xoops, which can be exploited by malicious people to conduct SQL injection attacks.
25ef77a6db82044d2d13f669807522a3b28521c77ba072be969710b3b7a67215Debian Security Advisory 1508-1 - Dan Dennison discovered that Diatheke, a CGI program to make a bible website, performs insufficient sanitising of a parameter, allowing a remote attacker to execute arbitrary shell commands as the web server user.
bb11c3a3ef0a07cb04f25dbc195232a76773ead10aa5bf786069d5aeac14a102Mandriva Linux Security Advisory - A race condition in nss_ldap, when used in applications that use pthread and fork after a call to nss_ldap, does not properly handle the LDAP connection, which might cause nss_ldap to return the wrong user data to the wrong process, giving one user access to data belonging to another user, in some cases.
75d112db369f9688f13bfe33d1021ffa3523f0ff6d776022e439f0fd22953ac3S21Sec Advisory - BEA Weblogic versions 7.0sp6, 8.1sp4, and 9.0sp2 suffer from a flaw where it is possible to launch a credential brute force attack against known users through an internal servlet that permits the bypass of the user locking mechanism.
a5fb6b68cd55bdb29a6f99a3c3665b929686e92efde94604ece0630b44ed64f8Cisco has confirmed that their 7921 Wi-Fi VoIP phone is vulnerable to a bypass vulnerability where digital certificates are not verified.
9f03da1c077cbe61c6c72d4e86a9d1749eb113584ff25f8224dff1a743818749Gentoo Linux Security Advisory GLSA 200802-10 - Python 2.3 includes a copy of PCRE which is vulnerable to an integer overflow vulnerability, leading to a buffer overflow. Versions less than 2.3.6-r4 are affected.
0cceec1e550e0f58c3a9e5aeb9e6f90f336ffd7038b99c7e94759627c6022e41Debian Security Advisory 1507-1 - Peter Paul Elfferich discovered that turba2, a contact management component for horde framework did not correctly check access rights before allowing users to edit addresses. This could result in valid users being able to alter private address records.
c6b9e3465aa54c4bc2b1f33b1a0b3c490cb9972ccd88744457da1772aeda50de
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed