Secunia Security Advisory - Multiple vulnerabilities have been reported in Symantec Message Filter, which can be exploited by malicious people to disclose sensitive information, conduct session fixation, cross-site scripting, and cross-site request forgery attacks.
5f498972f45a98052b0d2584cd3edfcd8377be6ddb5d6e5e30d33ac190f533c3
Secunia Security Advisory - A vulnerability has been discovered in the Website FAQ plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
c8e9fb5283788ed22bbefb1180a07cfcfa306903014b65a7c20726ab8fc2aaec
Secunia Security Advisory - Some vulnerabilities have been discovered in the SS Quiz plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks and bypass certain security restrictions.
43b9148dc362a06892fb954f3d4a3a9e98c4d0dace30ed21f470735f2141ac54
Secunia Security Advisory - Multiple vulnerabilities have been reported in HP System Management Homepage, where some have unknown impacts and others can be exploited by malicious, local users to gain escalated privileges and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, hijack a user's session, cause a DoS (Denial of Service), bypass certain security restrictions, manipulate certain data, and compromise a vulnerable system.
1ac283c2410ab42b9b401e8e4a6f341cc1d55d6ee02b43e197ec96b370c568ab
Secunia Security Advisory - Slackware has issued an update for freetype. This fixes multiple vulnerabilities, which can be exploited by malicious people to potentially compromise an application using the library.
49d01cc1b7feb9ff73ac9c468658809d42ba911207ffa34ab28ade290a2bd0ce
Secunia Security Advisory - Gentoo has issued an update for pam. This fixes multiple security issues and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, perform certain actions with escalated privileges, and potentially gain escalated privileges.
9bb3a993d3d4680ba299f484f5fdefe0b8a01b5f221ffd33879e2271cbca4834
Secunia Security Advisory - A vulnerability has been reported in Apache Roller, which can be exploited by malicious people to conduct cross-site request forgery attacks.
917313a6f7629cd9857192c1be48db0101dd3a74dd37bc5c24555e49d8e82b75
Secunia Security Advisory - Gentoo has issued an update for links. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.
adb6532c3423da89e39ba4b5a1d845ea7d92a072b7129d1f48b8aae3685d0f6f
Secunia Security Advisory - Gentoo has issued an update for postfix. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
f7402d2aa539b8e516df12a70d30dd630319c5ad5a16ff66cd2dbb2d2b488b73
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS (Denial of Service).
27c3010c51af2e6af8a3eb49c03f2cde1fa060c89e5a42e894b3592244bc6faa
Secunia Security Advisory - Emilio Pinna has discovered two vulnerabilities in FCKeditor, which can be exploited by malicious people to conduct cross-site scripting attacks.
090a8ed3b25fd3e44538f03afd6e51c47a7cefa135a4e62e91ce1fce226b8c0a
Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in UmaPresence, which can be exploited by malicious people to compromise a vulnerable system.
da496532e70179d271b56f51316425876fdcc6e86a4f25d838cbac27b2f0904b
Secunia Security Advisory - Gentoo has issued an update for nbd. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
2c93e07de2dcfb398c809449fc3bf5c1d598c61ce6684c8a77b0555fd3017e4f
Secunia Security Advisory - Gentoo has issued an update for msmtp. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.
757d7a63adef981a03c0fefc6b9d8aeebe847528c22bc17398e040456c98727a
HP Security Bulletin HPSBMU02792 SSRT100820 2 - A potential security vulnerability has been identified with HP Business Service Management (BSM) . The vulnerability could be remotely exploited to allow unauthorized disclosure of information, unauthorized modification, and Denial of Service (DoS) Revision 2 of this advisory.
02ada30c5b2b25138587bce2855554d1cb43092030ae3f9bb9451f0ed3b6029c
OpenLimit reader, an application aimed to provide security by validating X.509 signatures and signing PDFs inside Adobe Reader, contains completely outdated, superfluous and vulnerable components, which comprise 40% of the whole installation package.
4cc2e247a5f3aaa21b4f53170afeda08847ab6f3934f5cbbdf9af600f6da8c02
Slackware Security Advisory - New freetype packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
41cb6e0675fc04dd566d6c6376f8c6fa71e90af8d43606c5430c148c6702b020
Red Hat Security Advisory 2012-1041-01 - Red Hat Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. A flaw was found in the way Red Hat Directory Server handled password changes. If an LDAP user had changed their password, and the directory server had not been restarted since that change, an attacker able to bind to the directory server could obtain the plain text version of that user's password via the "unhashed#user#password" attribute. It was found that when the password for an LDAP user was changed, and audit logging was enabled, the new password was written to the audit log in plain text form. This update introduces a new configuration parameter, "nsslapd-auditlog-logging-hide-unhashed-pw", which when set to "on", prevents Red Hat Directory Server from writing plain text passwords to the audit log. This option can be configured in "/etc/dirsrv/slapd-[ID]/dse.ldif".
02001d1e71ee84e1ac827dd563294cf7f71f0d1e542e4d2379a601515d3d2c88
Red Hat Security Advisory 2012-1043-01 - libwpd is a library for reading and converting Corel WordPerfect Office documents. A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents. An attacker could provide a specially-crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.
e23252ae448c1a44a7f03eeeafc940ab7c8d750681fe5a9dbffb9731f0bfe7c1
Red Hat Security Advisory 2012-1042-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. It was found that the kvm_vm_ioctl_assign_device() function in the KVM subsystem of a Linux kernel did not check if the user requesting device assignment was privileged or not. A local, unprivileged user on the host could assign unused PCI devices, or even devices that were in use and whose resources were not properly claimed by the respective drivers, which could result in the host crashing.
40cee47ca38fd36212e40e2fc4e2a93d9ca6eec1d81c1a7cbc0f4200899d8b20
Secunia Security Advisory - SEC Consult has reported a vulnerability in Zend Framework, which can be exploited by malicious people to disclose sensitive information.
f4599f9fbc1c8138c26b70bb8b8f2a39bee051ef689b31973dd31abcdb907d75
Secunia Security Advisory - Red Hat has issued an update for postgresql and postgresql84. This fixes a weakness, which can be exploited by malicious people to conduct brute force attacks.
de8d3cad81f77cdaa5b68ba7f61935e32af28f8771201960e2a4790449adbe53
Secunia Security Advisory - Sense of Security has reported multiple vulnerabilities in Squiz Matrix, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.
f7464bd473216b5acea9d5fc7715ef19e6de04eb18ffa6e7aed4f19a3e0d2eff
Secunia Security Advisory - A vulnerability has been reported in Support Tickets MyTickets, which can be exploited by malicious people to conduct SQL injection attacks.
edb65b1bfb040891e601d335ffe29552ae2aa23ae6031499d53fd544ef9ff755
Secunia Security Advisory - Gitsnik has discovered a vulnerability in SoftPerfect Bandwidth Manager, which can be exploited by malicious people to disclose potentially sensitive information.
b37fea7757d55b4644158b61b201ed2a45b2ac680e329f4b0ab07affdbf64f8e