Secunia Security Advisory - A vulnerability has been reported in Sybase EAServer, which can be exploited by malicious people to disclose sensitive information.
9fdebd8da410072bf3051645d1ff1f0650b65933c715cd625b37ad8a0a3a41ae
VUPEN Vulnerability Research Team discovered a critical vulnerability in 7T Interactive Graphical SCADA System (IGSS). The vulnerability is caused by a memory corruption error in the Open Database Connectivity (ODBC) component when processing packets sent to port 20222/TCP, which could result in an invalid structure being used, leading to an exploitable condition. Versions prior to 9.0.0.11143 are affected.
6e3832447425985a6f696ebb91be8820ba8801500741d4b2775eba9c6ee8f8c7
Ubuntu Security Notice 1133-1 - Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. Dan Carpenter discovered that the TTPCI DVB driver did not check certain values during an ioctl.
f80525e1f6c53abd390c72048278ff14463feb1c085eae156af3756b8d02500a
Mandriva Linux Security Advisory 2011-100 - The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a plaintext command injection attack, a similar issue to CVE-2011-0411.
dcd2c353c81c889d6b3ed40ee816336b07c372c37a756dfb0601d4a306195143
Lumension Device Control (formerly Sanctuary) versions 4.4 SR6 and below suffer from a remote memory corruption vulnerability.
1caa94de7a31ba6b7b07d67b405eeea35b0ad409884b1159f43029ba918c7e59
Mandriva Linux Security Advisory 2011-099 - The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service via an empty ZIP archive that is processed with a statName operation.
5f56bbf1927d311d0b7613020b373344a22acb4b5c91e1e99cedd55648e42362
NNT Change Tracker Enterprise version 4.7 suffers from a weak encryption vulnerability.
bb9cfa0dea1ecbb9aaa1f7f61253d99bceada83c9b55f2a9d67b79ffc1f7d419
Core Security Technologies Advisory - A memory corruption vulnerability in the Lotus Notes client application can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted spreadsheet files with the '.XLS' extension. The vulnerability arises from improper parsing of a BIFF record. This vulnerability could be used by a remote attacker to execute arbitrary code with the privileges of the user that opened the malicious file.
e3fb382c6354356fed21097c9c079189d9d234cd9528617f0916077745bc2a7c
Debian Linux Security Advisory 2241-1 - Nelson Elhage discovered that incorrect memory handling during the removal of ISA devices in KVM, a solution for full virtualization on x86 hardware, could lead to denial of service of the execution of arbitrary code.
63fe8a6aca0dbce22f7ce000073d718e6c722c7c9131ee4e56f605dee5c8ac70
Secunia Security Advisory - A weakness and a vulnerability have been reported in the phpMyAdmin extension for TYPO3, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks.
ee887dc259a186e2ce05d97a7e499ace1da0328b2fc37af207d2897eea5279fe
Secunia Security Advisory - Some vulnerabilities have been discovered in Legacy Family Tree, which can be exploited by malicious people to compromise a user's system.
5faef9463100bc7213609ca3835ff34312cf5cc79a707d9eef0121b633a20292
Secunia Security Advisory - A vulnerability has been discovered in Textpattern, which can be exploited by malicious people to conduct cross-site request forgery attacks.
fb7af023e0edbc5987f6720c424be3dcf91466dbb71b89b303a172263fbb744c
Secunia Security Advisory - A vulnerability has been reported in Ruby, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
c5ee154d81df0e571084fff99240e49e2a1674acbc687f892842008b02676adb
Secunia Security Advisory - A vulnerability has been reported in VisiWave Site Survey, which can be exploited by malicious people to compromise a user's system.
ba4d8a51cac0863c908166248e06e8b1fdcffdf1dc522cec138dc0355d4aa92f
Secunia Security Advisory - Abdul-Aziz Hariri has discovered multiple vulnerabilities in Avaya WinPDM, which can be exploited by malicious people to compromise a vulnerable system.
90b9c2fde3866111a6da509a0d6517baafbb4c0c40341c2a0e06cf1361a25a47
Secunia Security Advisory - A vulnerability has been discovered in My Little Forum, which can be exploited by malicious people to conduct cross-site request forgery attacks.
bd7273b43ef8d8239f2d1f4056fb4030a205c7b2221ddc8ab32ad9f55aaeb016
Secunia Security Advisory - Multiple vulnerabilities have been discovered in the Map Locator component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
d1c3dc9cceb27ca51d5b5c41134216be26b5b7c8b773f4662ed8cc839c59e7ad
Secunia Security Advisory - Two vulnerabilities have been reported in DH-MLM, which can be exploited by malicious people to conduct SQL injection attacks.
5b6a46874392b7bd664ad4d6f901aa878076236381bce3f0deef7d833b13823b
Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Portal, which can be exploited by malicious people to conduct cross-site scripting attacks.
165116b062d283784b3ad193ed160d7db2963f08dd0e2a27e2e37c70088ee257
Secunia Security Advisory - Two vulnerabilities have been reported in GeoIP C API, which can be exploited by malicious people to compromise a vulnerable system.
96129f4debac6965d830ea0d9428dafde1014fdea17964d0b4300f2121ab60fa
Secunia Security Advisory - A weakness has been reported in Zeacom Chat Server, which can be exploited by malicious people to conduct brute force attacks.
249fd463b3f2a15a518cbdf456919e8bdb53d38adee64ee65e4c9b31f14e1650
Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in phpScheduleIt, which can be exploited by malicious people to conduct cross-site scripting attacks.
bf3481639a41c7e575f08b8db2d754f00386cbc7160e0ffe8025183687eb3dd5
Secunia Security Advisory - A vulnerability has been discovered in MODx, which can be exploited by malicious people to conduct cross-site request forgery attacks.
1938580c5665381d7c50ad3e4c8d7d5ec1847b690593eacf73224f72016edf09
Secunia Security Advisory - High-Tech Bridge SA Security Research Lab has discovered a vulnerability in I.S. Lyubinskiy Ajax Chat, which can be exploited by malicious people to conduct cross-site scripting attacks.
10c1c208c67fc19dbcacd18a069cac211221c86e63f5ae0be5bcae360658054d
Mandriva Linux Security Advisory 2011-098 - Cross-site scripting vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page. The safe-level feature in Ruby allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an integer truncation issue. The updated packages have been patched to correct this issue.
c941433f0af830382d2f5cef03846e0594fa90093d37e8faa51dbc590703d07c