MetaCart e-Shop is susceptible to SQL injection and cross site scripting vulnerabilities.
5b1752bdc31faa1879fd8ae6525e8e6cfcd592f1d37994bb7c3c22ced414591b
Ubuntu Security Notice USN-126-1 - A denial of service vulnerability was discovered in the GNU TLS library, which provides common cryptographic algorithms and is used by many applications in Ubuntu. Due to a missing sanity check of the padding length field, specially crafted ciphertext blocks caused an out of bounds memory access which could crash the application. It was not possible to exploit this to execute any attacker specified code.
a3972f42ed956bc21421985a05fa3e50b0ab0cf627ca6abfbcee3c37549995ae
Exploit for htdigest 'realm' parameter overflow.
9a4dcdadd0dc2e74fcf88fb7dc4a3de8ce131898a421e629b8345d1f2389bc87
btxml.c creates a backup of a Nokia 6310i phone via bluetooth. Outputs data to stdout in XML format.
00bc376dd83394be463a90501116682c2477a38d203a965c64e6995823730308
FreeBSD Security Advisory FreeBSD-SA-05:09 - When running on processors supporting Hyper-Threading Technology, it is possible for a malicious thread to monitor the execution of another thread.
5e666245ff6f81ff72f602f77622595ea80e3cf57ceb0ef27419e4e10cfa5986
Simple demonstration of a stack overflow in GAIM 1.2.1.
2939f7d4c5b8f352d2fe3b7a82fb15899cf63ac93e106ff54705d72ce886c439
Packet Storm new exploits for April, 2005.
b037cc5b0bf138c22345d028f0f1abe9e783d6cb542cc195c5a4b1ae924cee0a
osTicket is susceptible to SQL injection vulnerabilities. All versions are affected.
342e3812e317e1b0abd7304b7bd758488e158450bc02ecdbc5034c31a27f2569
diStorm is a binary stream disassembler. It is capable of disassembling 80x86 instructions both in 16 and 32 bits. In addition, it disassembles FPU, MMX, SSE, SSE2, SSE3 and 3DNow! (w/ extensions) instruction sets. diStorm was written to decode every instruction as accurately as possible. Robust decoding, while taking special care for valid or unused prefixes, is what makes this disassembler powerful, especially for research. Another benefit that might come in handy is that the module was written as multi-threaded, which means you could disassemble several streams or more simultaneously.
151f9209bd20448587a879af39c6fc9f4e98f49ecbf3d726f97e5d214abd377d
Debian Security Advisory DSA 736-2 - A vulnerability was recently found in the way that SpamAssassin parses certain email headers. This vulnerability could cause SpamAssassin to consume a large number of CPU cycles when processing messages containing these headers, leading to a potential denial of service (DOS) attack.
7d806147c1352a31bea9ff1c8e30dc01371384c1bbf4cb1d4205d7561e0fdbeb
An uninitialized variable within PunBB can allow for SQL injection attacks. Versions 1.2.5 and below are affected.
eb81280e35ea34327585e1b7b5729bfc63d2a0f2e92532ceca5e39189c9408be
A poorly implemented feature of PunBB's template system can lead to execution of arbitrary PHP code. Versions 1.2.5 and below are affected.
bf008f3b79e34eaaecc1f82ba01fb769de6f07b844f0b7f4dd8378b54d52f33e
Debian Security Advisory DSA 742-1 - Derek Price, the current maintainer of CVS, discovered a buffer overflow in the CVS server, that serves the popular Concurrent Versions System, which could lead to the execution of arbitrary code.
1eb72c0ea613bdc328be8e8128bd6abb28b8eb9e5a68e41cbdc6a722fae95bca
The Oracle critical patch update released in April 2005 has failed to fix all of the vulnerabilities it claimed to have negated.
383a6999ae47ac35ce7d8021d5dbbcac0f545486211bebcfb856c3f21a79fe73
SimplePHPBlog 0.4.0 suffers from a remote password hash disclosure vulnerability due to the password file for the system being downloaded and in the webroot.
016c4d9d240eea862bd808ef48b474ed8821e6fdc873c7d98a7fa1f9736e2147
The CGI script kaiseki.cgi is susceptible to a remote command execution vulnerability due to a lack of input validation. Details for exploitation provided.
bc0460db05bca845ee18911023e1cc039a125bbe78c2169b02db98b996cf8ce3
Lantronix SecureLinx console servers allow for retrieval of ssh-private keys and system logfiles.
65794b69da34ab37e036edabed103b8b0b403e60cc03e5b062026b7669922df6
PHPSlash versions 0.7.1, 0.7.2, and 0.8.* suffer from an input validation flaw that can allow for account hijacking.
f1f584ddae33515379f349c6c88aaf4b2ad3066ac5c29dc727b3d0520b8b18d1
A vulnerability in Whatpulse.Org profiles allows cross site scripting and session hijacking.
65bc34ab2a209fcd93b11511b52adf93be49f8fe02136a8c9616782452b62013
Secunia Security Advisory - basher13 has discovered a vulnerability in PrivaShare, which can be exploited by malicious people to cause a DoS (Denial of Service).
a9372d29f6f604cc3b4020dec79cba6bfb1d4b8ede02368606ac49f97a4228a7
Secunia Security Advisory - A vulnerability has been reported in Jinzora, which can be exploited by malicious people to compromise a vulnerable system.
3f6268a8af694428e1b43071343a45f3f1fca7ade9e80770dc81eb4a7dcad7b0
Secunia Security Advisory - Several vulnerabilities have been reported in McAfee Intrushield IPS Management Console, which can be exploited by malicious users to conduct cross-site scripting attacks, bypass security restrictions, and gain escalated privileges in the web application.
3ef4d997d26752d3d9415349e870dee56830155bca8009276e7b899bd8b504eb
Secunia Security Advisory - Several vulnerabilites have been reported in WorkCentre Pro MicroServer Web Server, which can be exploited by malicious people to gain unauthorized access, cause a DoS (Denial of Service), or conduct script insertion attacks.
b19c2daa3ac7b4e1da6ddeea36ee59e0498f7b5e4384ac25c04c4f2aa1f2f7b8