Secunia Security Advisory - Matteo Ignaccolo has reported a security issue in Linksys WAP610N, which can be exploited by malicious people to compromise a vulnerable system.
88b060999e5c1386a52de314ae88c49d449096b12f3565f1884fc5dc72037a84
Secunia Security Advisory - High-Tech Bridge SA has discovered two vulnerabilities in the WP Forum Server plugin for WordPress, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
e1ee3e97cfbaf31a770946a56e2487b503c877044b9cd1e758184cdb3d7f51b2
Secunia Security Advisory - Multiple vulnerabilities have been reported in DiY-Page, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
b07a6099288b535bf7531ae96f653b550d06b31d8a8eaa1bab27bd144778dce5
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in IBM Lotus Connections.
5201adba9f66784c94a8853ca69b471322c2b25dbdfbc0f10b956944181ce5bd
Secunia Security Advisory - Fedora has issued an update for abcm2ps. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
2ae8263c6408c5bf6bbdf7f044aaca06998dc47f23a22da0ae7917d3a9488d9a
Secunia Security Advisory - Two vulnerabilities have been reported in OpenLDAP, which can be exploited by malicious people to bypass certain security restrictions.
2dafb0fe9fa63313971368238022f23259ae568b2e05d81a546df1405856ecb7
Secunia Security Advisory - Gjoko Krstic has discovered some vulnerabilities in TaskFreak, which can be exploited by malicious people to conduct cross-site scripting attacks.
44d340a65a0b576eaf91d824cf377e52bb1e3d32b4a67537189e407efd32935e
Secunia Security Advisory - NoNameMT has discovered a vulnerability in Escort Agency CMS, which can be exploited by malicious people to conduct SQL injection attacks.
3d5aba01d1cc91f312a0e993992bcff874a6cae79940f64aebeac14c26aefb76
Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
4a1cdc8c6d992a4edd13c93b1eddae707d0fa925e4db8e5ab2fca47b5de4f466
Secunia Security Advisory - Debian has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
be86c9118726a83d9b4243b0a39c4462230ae9916c946a6239f53c1008527812
Secunia Security Advisory - A vulnerability has been discovered in ProjectForge, which can be exploited by malicious people to conduct cross-site scripting attacks.
2b3c8d759d7e7f787967200096ec9c66dc5817531c2226afeeae4674f8830cd9
Secunia Security Advisory - Ubuntu has issued an update for qemu-kvm. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
24e813b5c36b33d15df36d09784ff7e031924c674858a739becfc2126f3e37a4
Secunia Security Advisory - High-Tech Bridge SA has discovered two vulnerabilities in Seo Panel, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
4a21c12dd6dfa7b67036b60cc6b208a68b486d7ee0916e7b4c38cda2153a213a
Secunia Security Advisory - Multiple vulnerabilities have been reported in SRWare Iron, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
a74b542a683a1fb565a472128f4fe9b7ef872d97c87512ec093e2e7068f0528e
Zero Day Initiative Advisory 11-088 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Security Agent Management Console. Authentication is not required to exploit this vulnerability. The flaw exists within the webagent.exe component which is handed requests by an Apache instance that listens by default on TCP port 443. When handling an st_upload request the process does not properly validate POST parameters used for a file creation. The contents of this newly created file are controllable via another POST variable. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
afbe55b3e564da923681dad32e0726e55ac683aee2d12b50ef9cf2d3abb1b9a3
Zero Day Initiative Advisory 11-087 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Server. Authentication is not required to exploit this vulnerability. The flaw exists within the '/opt/novell/iprint/bin/ipsmd' component this component communicates with 'ilprsrvd' which listens on TCP port 515. When handling multiple LPR opcodes the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the iprint user.
d7e0117a956cd472bee18fe8352467a732e437b089cf3146bcd59c8a6c723556
Debian Linux Security Advisory 2168-1 - Two vulnerabilities were discovered the distributed filesystem AFS. Andrew Deason discovered that a double free in the Rx server process could lead to denial of service or the execution of arbitrary code. It was discovered that insufficient error handling in the kernel module could lead to denial of service.
2851ebec291b8b1441546e98bdb9fc1d229c895084c4ab1c0adf2820fc3432cb
Debian Linux Security Advisory 2167-1 - It was discovered that phpMyAdmin, a tool to administer MySQL over the web, suffers from an arbitrary query execution vulnerability.
34e352b971430e15f0cf88ee127f8fa67f1806585d70f91210a7f2fb7bd221b2
Cisco Security Advisory - The Management Center for Cisco Security Agent is affected by a vulnerability that may allow an unauthenticated attacker to perform remote code execution on the affected device. Cisco has released free software updates that address this vulnerability. A workaround is available to mitigate this vulnerability.
8a30271766ef9217b8676a1167d5ca59656931fa55e196a9c9e122a70d3f9355
Debian Linux Security Advisory 2166-1 - Several vulnerabilities were discovered in the Chromium browser.
a6a76d3c535b5fb417f4e7106d5ad0ee7686155e667ca967a7c17a31f118f588
A request that included a specially crafted request parameter could be used to inject arbitrary HTML or Javascript into the Apache Archiva user management page. Versions 1.3.3 and earlier are affected.
ef5405a5cdb908fbdea9c2ca94e9485904f66d387638df61bed5396d7b39036a
Debian Linux Security Advisory 2165-1 - Several vulnerabilities have been discovered in FFmpeg coders, which are used by by MPlayer and other applications.
b86d844f77a36230e7ea5dd52db346756dc5589423153d62a071288e7d8462ed
Debian Linux Security Advisory 2164-1 - Kees Cook discovered that the chfn and chsh utilities do not properly sanitize user input that includes newlines. An attacker could use this to to corrupt passwd entries and may create users or groups in NIS environments.
3c7165f169abaa8fe7fc4e48f066e16009452afff08998bc155b3bce7e40bb3b
Drupal versions 6.20 and below suffer from broken anti-automation and path disclosure vulnerabilities.
998d6854d0553d84a23f01ebfab42858ac12d515cef3a3c74af722f5b84febca
Ubuntu Security Notice 1065-1 - Kees Cook discovered that some shadow utilities did not correctly validate user input. A local attacker could exploit this flaw to inject newlines into the /etc/passwd file. If the system was configured to use NIS, this could lead to existing NIS groups or users gaining or losing access to the system, resulting in a denial of service or unauthorized access.
92adb8f4be3a172b9daf23a25bcfb40f576aef58e5527fc907ecb89a7df62a69