The Joomla Cartweberp suffers from a local file inclusion vulnerability.
5bde175d802917c5b8d0a8433e90b8e3e21a71a1b51116d4df038f7fbb21c303The Joomla Rapid Recipe component suffers from a remote SQL injection vulnerability.
80d3482d3f55b88c113d8e7078dec4a0e8fc009f59f6d1df0ee422fc02e66bcdAVCON version 4.6.8.7 local buffer overflow exploit.
1a8a480461d0d3c2498b083537be67c68a7297cd1eb60d87123ba8dc696ca7e6Mandriva Linux Security Advisory 2010-092 - SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the export_item_id parameter. Additionally cacti has been upgraded to 0.8.7e for Corporate Server 4. The updated packages have been patched to correct this issue.
903d2242306e3fcc193b0e0611311173ff9c27b1c6764c9cad6cea5d2d29552eMicrosoft Windows SMB2 negotiate protocol response crash proof of concept exploit.
db7a828f945156b4e74b46c9c79c3bcae2bfc04bf5f6efa327998f2e3f9dba17WeBProdZ CMS suffers from a remote SQL injection vulnerability.
87b8af857bec065aaf31ed2bca1bec0a7ecb4ab1e0973cba0c3defa70e2e53ebThe PHP-Nuke Friend module suffers from a remote SQL injection vulnerability.
860f3e3d62f88754e5d08f5538ddaa7ef90f1f1b3f6bb1792b77f86246edd3ebOCS Inventory NG server versions 1.3.1 and below suffer from a remote authentication bypass vulnerability.
df00bc06d5a09e0f650d5ca1c68a00ee8664bfabe600ad3ac09a1932aa2d4431Factux suffers from a local file inclusion vulnerability.
e100af75ff0a46babd8facaba7cbdc2745fea471b44cb52ab2aca511539fb40eFriendster suffers from a persistent cross site scripting vulnerability.
5e3ae4259dd3a1f557c556ce903ecf836f49f137416e2023b89094e9a8a22ed8Zolsoft Office Server Free Edition version 2010.0502 suffers from a cross site request forgery vulnerability.
3322659f39a07946ac87618a0eaa1d2721658df7b1ccadad036ab3c9b1e6433bREZERVI version 3.0.2 remote command execution exploit.
96c46747f9050c4f46db0eb0e2965b1b837513d27059ac1aa665fbf9ff4827baZero Day Initiative Advisory 10-080 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Mercury LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process magentproc.exe that binds to TCP port 54345. A specially crafted packet will allow unauthenticated users to execute local commands. When a state of 0 or 4 is passed after the parameters, mchan.dll will process the commands on the host. This allows for remote code execution under the context of the SYSTEM user.
3a697f5301d22a62418676bae429ae274cd15b41bafb566750835d21ed410f17AV Arcade suffers from a cross site scripting vulnerability.
710f09d43d85d38901770d7f8a0134eda76aced8b9d3868d64ae09a42309ebc8HP Security Bulletin - A potential security vulnerability has been identified with the HP LoadRunner Agent running on Windows. The vulnerability could be exploited by a remote unauthenticated user to execute arbitrary code.
1778c04329294e34e18038a5d43bb6331b07a1a68d55165ce58abdbef6ba638aUbuntu Security Notice 937-1 - It was discovered that TeX Live incorrectly handled certain long .bib bibliography files. If a user or automated system were tricked into processing a specially crafted bib file, an attacker could cause a denial of service via application crash. This issue only affected Ubuntu 8.04 LTS, 9.04 and 9.10. Marc Schoenefeld, Karel Šrot and Ludwig Nussel discovered that TeX Live incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. Dan Rosenberg discovered that TeX Live incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
b7a0d008a0ef89d7a2fa39ac5e79750e6a3daa6eba9a13f5e1374344a352caa7Ubuntu Security Notice 936-1 - Dan Rosenberg discovered that dvipng incorrectly handled certain malformed dvi files. If a user or automated system were tricked into processing a specially crafted dvi file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
23e1806e667e375ce224dd1551dd81e163a77a4b0d3c96e6310f8689450dcab6GetSimple version 2.01 suffers from a local file inclusion vulnerability.
d0b0f4cc28206d2ad99e6c1cf5d156238b243833e3511e2c00293f1675b6e2b7Fetchmail versions 4.6.3 through 6.3.16 suffer from a denial of service vulnerability in debug mode.
c8acef1aeacf591fd77b9ec4a3ca6e3b6bcb8df278661e852d11d431d6c64b01VMware Security Advisory - VMware View 3.1.3 addresses an important cross-site scripting vulnerability.
50ad4e9c926166df1d54d7221256e059c8c05c335380ebe8d8e1d0b293d57e06Microsoft Paint version 5.1.2600.218 integer overflow denial of service exploit.
52915ad5a4c5bfc8b0e90325411a6130f2f27daddabcde06029616246b2a6550BaoFeng Storm suffers from .m3u file processing buffer overflow vulnerability.
9b98995cabbd9c0bd80f5d6b3aca58dc27665d553115a69ba088940978b0a9faDebian Linux Security Advisory 2042-1 - Florent Daigniere discovered multiple format string vulnerabilities in Linux SCSI target framework (which is known as iscsitarget under Debian) allow remote attackers to cause a denial of service in the ietd daemon. The flaw could be trigger by sending a carefully-crafted Internet Storage Name Service (iSNS) request.
86a82c4e0ffeee67d6e274032a347076cfee35affcfb26b3981bf2350db918fePCRE Library version 8.02 suffers from a buffer overflow vulnerability.
de0bdca03cd607c8f16f4706a2e7b1b5838e073bcf537ba31d70baaf405b082fThe libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.
9d508706f72ba613e6afdcd02208e2491b3e0d4dff60867a7738ae8d352f0de8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed