Secunia Security Advisory - Some vulnerabilities have been reported in Dokeos, which can be exploited by malicious people to conduct cross-site scripting attacks.
b97163df628645cc97c6edd5cabe2d67
Secunia Security Advisory - A vulnerability has been reported in Sun Java System Application Server (SJSAS) and Sun Java System Web Server (SJSWS), which can be exploited by malicious people to gain knowledge of sensitive information.
0abdeb437b4928c2ef7f8ee09a7c6248
Ubuntu Security Notice USN-328-1 - Mark Dowd discovered an off-by-one buffer overflow in the mod_rewrite module's ldap scheme handling for Apache 2.
f7dfeb500655513bde2fc845015f145e
JD-WordPress suffers from a remote file inclusion vulnerability.
2a3881b018346243e5e0cacf383d40fc
Heartbeat versions below 2.0.6 insecure shared memory local denial of service exploit.
cc0cb06c57f9ec4230223cd6444e5749
Ubuntu Security Notice USN-327-1 - A multitude of javascript related vulnerabilities have been patched in Firefox.
7e801bfa79b1c6235c2c40b735e4b950
Technical Cyber Security Alert TA06-208A - The Mozilla web browser and derived products contain several vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system.
b30e4f3549d6d2a510102aa7c8f8efb2
Whitepaper titled "Bypassing Oracle dbms_assert".
ac0419dc44ce733a0a575d1bdbc20e3b
Ubuntu Security Notice USN-326-1 - Yan Rong Ge discovered that heartbeat did not set proper permissions for an allocated shared memory segment. A local attacker could exploit this to render the heartbeat service unavailable causing a denial of service condition.
68dcb259ec00bff26a001ecda3a338ed
Ubuntu Security Notice USN-325-1 - ruby1.8 suffer from flaws where the alias function, certain directory operations, and regular expressions did not correctly implement safe levels. Depending on the application these flaws might allow attackers to bypass safe level restrictions and perform unintended operations.
f871c9ce413ce45050cfc2aaf09a69b6
Secunia Research has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an memory corruption error within the handling of simultaneously happening XPCOM events resulting in the use of a deleted timer object. Successful exploitation allows execution of arbitrary code. Versions below 1.5.0.5 are susceptible.
bde6b1169cfc76eb2977349723567c93
A stack-based buffer overflow has been discovered in Winlpd version 1.26.
dd3e1670b3b744d9d3d2d284237d2c30
Phorum version 5.1.14 is susceptible to cross site scripting and local file inclusion attacks.
0f036b3d8f0e0a5f4189fa5fcab6e25a
Debian Security Advisory 1126-1 - A problem has been discovered in the IAX2 channel driver of Asterisk, an Open Source Private Branch Exchange and telephony toolkit, which may allow a remote to cause a crash of the Asterisk server.
6c717c066efa96be031027b621f9de7b
GeoClassifieds Enterprise version 2.0.5.2 is susceptible to cross site scripting attacks.
6997c8ee618d65a8c3f8ae8e74e54625
The NSFocus Security Team discovered a remote denial of service vulnerability in ISS RealSecure/BlackICE product lines' detection of the MailSlot Heap Overflow as discussed in MS06-035.
c4b7da5cb6a1bb73e20f9661c46d3c5a
Remote exploit for the Syslog server by eIQnetworks that has a vulnerability when processing long strings transmitted to its TCP port.
653a1bb8051ce1b14857399b0dbbb5bd
Remote exploit for the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer.
b8686bb21a24ef8b23d48ea2992c0d2a
This Metasploit module exploits the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. This module exploits buffers of 1262 bytes in size. This module should work on all rebranded eiq analyzers. Exploitation assistance from KF of digital munition.
ddeca744de09b27c3a7b8b0c0df91427
This Metasploit module exploits the buffer overflow found in the LICMGR_ADDLICENSE Field of EIQ networks network analyzer. This module exploits buffers of 494 bytes in size. This module should work on all EIQ branded analyzers. Exploitation assistance from KF.
322367dffe353d69a331c65b0223c358
Etomite CMS versions 0.6.1 and below 'username' SQL injection and administrative credential disclosure exploit.
f18fa61d46a419eabaf89101a6f58998
WMNews suffers from a remote file inclusion vulnerability.
ddec6d0e66dbfc93460fc917d7bba4d1
A remote file inclusion flaw exists in the a6mambohelpdesk Mambo component versions 18RC1 and below.
72708f25a7e6eaa6cfde4713af84f565
Triton version 1.0.4 remote exploit for the sipxtapi vulnerability.
c58da24cf8218d09d5499f3d36f0a635
Yahoo! Mail suffers from a cross site scripting flaw.
dc64250751f4fd8c40902709bc16c28d