WordPress Photo Gallery plugin version 1.2.8 suffers from a remote SQL injection vulnerability.
bc5f2f631b044356d69b3727c7d0fcafc45bec4fe1e1517bae82f5dc5e56b314
Exim ESTMP denial of service exploit that leverages the GHOST glibc gethostbyname buffer overflow.
5ecc35645890c0c48e753cb63b2c03579f6cc942a311b5aad37e578368a54b58
A malicious Jar file can bypass all OS X Gatekeeper warnings and protections, allowing a remote attacker to execute arbitrary unsigned code downloaded by the user. Java must be installed on the victim's machine.
12bedb80e935c14c525f7aca1139b70f471d66838a84cc908b3de4717f0877b1
CMS Saurus version 4.7 suffers from a cross site scripting vulnerability.
c976c6baa79025033fb95b0d12b1014d81986b7c453a16543edf4263720be6df
T-Mobile Internet Manager suffers from a DLL hijacking vulnerability.
166dfceb43c6b95cb0dabb5fe01c754f2762e18cdfd8ecf6925606f53ee52fd3
Mantis BugTracker version 1.2.19 suffers from an open redirection vulnerability.
a4a5d3a57136e2c7c69197773c4c6f2b7d1873d9a94832d2eb5e95f58d43524e
Core Security Technologies Advisory - Multiple vulnerabilities have been found in the FreeBSD kernel code that implements the vt console driver (previously known as Newcons) and the code that implements SCTP sockets. These vulnerabilities could allow local unprivileged attackers to disclose kernel memory containing sensitive information, crash the system, and execute arbitrary code with superuser privileges.
ab4dd6486f4ee6eea333af5b0238b5e37c79372f03d28ec456d911e6e9c2a2f2
New CMS version 2.1 suffers from a local file inclusion vulnerability.
26b93c8a8cc6dbb8ec52f0210258d68239e0acf6e87359bc67630c70164293cd
Sites powered by Restaurantbiller suffer from remote shell upload and remote SQL injection vulnerabilities.
f4a1adac8a45ce05a5b00694825f0222021b21e9d260550f0910c915cc9c69e7
FancyFon FAMOC version 3.16.5 suffers from multiple cross site scripting vulnerabilities.
efa9652e44569c33fc4fee812a69f383c8001fe4f217c3d71994dbc05b3b72c3
FancyFon FAMOC version 3.16.5 suffers from a remote SQL injection vulnerability.
3a671192f0facf33bd6129a2886a8ff9396192343746c6b576a400840ee63a00
Qualys Security Advisory - During a code audit performed internally at Qualys, they discovered a buffer overflow in the __nss_hostname_digits_dots() function of the GNU C Library (glibc). This bug is reachable both locally and remotely via the gethostbyname*() functions, so they decided to analyze it -- and its impact -- thoroughly, and named this vulnerability "GHOST".
ffa8d4a79d99689d850b8267b77bc648e3bd73f6426baa39b73870777ee69adb
The Syrian Electronic Army SEANux linux distro version 1.0 suffers from a remote code execution vulnerability.
b080cc1a04a781bc198b71a73b2e7296a4626b1e7f06b5166036b5722ce7cf48
Exploit for remotely changing DNS settings on the D-Link DSL-2740R router.
12bcee98da8a2545e67c0fd61295e3e76c43d64f193a59bac3a91c594c824b90
FancyFon FAMOC version 3.16.5 suffers from a session fixation vulnerability.
d9ed306cd69939777d43977859a23d2b0d269c3652c90899c8652bcdeb2459ce
FancyFon FAMOC version 3.16.5 fails to mint one-way hashes without use of a salt.
b1d0a56de5c177ff2044a5a97d03ce257e2444febf937112e175e2fe8e4765a8
Multiple nasa.gov subdomains suffered from cross site scripting vulnerabilities.
6191218f1434ba043aed4a65a60f43793bbac40fe0e83ed770b31f5accb7a689
Proof of concept exploit that allows a local application to gain system privileges via CVE-2014-7911 and then root via CVE-2014-4322. The exploit included is for a Nexus 5 with Android 4.4.4 (KTU8P). The exploit may also work on other devices if the offsets of the rop chain are modified.
9bee54444ab6e873a99692c9254b7a2016b81c6a94b64203d4746a410081dac3
Core Security Technologies Advisory - Some Android devices are affected by a denial of service attack when scanning for WiFi Direct devices. An attacker could send a specially crafted 802.11 Probe Response frame causing the Dalvik subsystem to reboot because of an Unhandle Exception on WiFiMonitor class.
feb52e38d88fae494e9480f07d94fba29e88f585adbd14e6a5b09a5a89af5f6c
Photo Gallery version 1.2.5 suffers from a remote shell upload vulnerability.
cccaa6d7d8925aad8a70eeff4842b9b5c3c554891b45ac03b8d34ce6dcd33cff
Barracuda Networks Cloud Series products suffer from a malicious script insertion vulnerability.
b1d15ccdb7a81c7eb9860d092e8b040f08ceb595b2f77fa74bd0e6c2533ad304
Comodo Backup version 4.4.0.0 suffers from a NULL pointer dereference vulnerability.
f496f6e77d0b41fcd441a5916787820bb16d44af5ecc6ccf2bc7293bd6d55a7e
WordPress RedSteel theme suffers from a file disclosure vulnerability. Note that this finding houses site-specific data.
8a8b4ccb9d8e631c26e3dc2dfe473c46f7651237b41364e8ae30f0f5eb5e1d36
JClassifiedsManager suffers from cross site scripting and remote SQL injection vulnerabilities.
a2c31b71a54d83ab8d3a5dac2797c3865f2693cb70aa077df35e26201e49b531
OpenSchool Community Edition version 2.2 suffers from access bypass and cross site scripting vulnerabilities.
a94312ebdf8d35a30e75a38e37f85f944d7a0db2abdd1e05c0a67b685b7fe964