HP Security Bulletin HPSBMA02654 SSRT100441 - Potential security vulnerabilities has been identified with HP OpenView Storage Data Protector. These vulnerabilities could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.
83f1bc01374980a7cc2327bb34498b3a438e237448a2b1eb4b89ca4005aab1db
Ubuntu Security Notice 1125-1 - Rafael Dominguez Vega discovered that PCSC-Lite incorrectly handled smart cards with malformed ATR messages. An attacker having physical access could exploit this with a special smart card and cause a denial of service or execute arbitrary code.
1f6cd6b13084e130b879a99b97190be6e3b43d434e8f2710672c5ef18b87d850
Ubuntu Security Notice 1124-1 - It was discovered that rsync incorrectly handled memory when certain recursion, deletion and ownership options were used. If a user were tricked into connecting to a malicious server, a remote attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
d5d28b49c35cf138278bca335f3a43fafdbe74b8ae492a3a556d3592ff36cb9e
HP Security Bulletin HPSBMA02667 SSRT100464 2 - Potential security vulnerabilities have been identified with HP SiteScope. These vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) and HTML injection. Revision 2 of this advisory.
2cf69103e1ccbf5117fbb99babe5f974812cc4b1b70ccc2127fb3306d3774343
Insomnia Security Vulnerability Advisory - One of the pages included in the admin interface of Up.time Systems Management software contains a function designed to set the administrator password when the interface is loaded for the first time. After this task has been completed the code which processes this request is left in the page. By sending a specially crafted request a remote attacker can abuse this functionality to bypass the servers authentication mechanism and reset the password for any account.
6c9f9fe29a5db7bd0c9e35ad56265abf778b16ff07e28d1298796b7d1a51ecf2
CA Technologies support is alerting customers to multiple security risks with CA Arcot WebFort Versatile Authentication Server. Two vulnerabilities exist that can allow a remote attacker to potentially compromise web user security. The first set of vulnerabilities occur due to insufficient handling of request parameters sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can potentially conduct cross-site scripting attacks. The second vulnerability occurs due to insufficient filtering of a request parameter sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can use redirection to potentially carry out additional web based attacks.
b7f2426e298629c164af95d01b3886396dbdea3a03957d1a67ef5c0aac369b16
PHPDirector version 0.30 suffers from an insecure cookie handling vulnerability that allows for privilege escalation.
7602308b2836f9720c4e4130f269ad8f2a067e36ac6e61aedb1949bfcdcc9d78
67 bytes small activate guest account shellcode for Win32/XP SP3.
5eb9e5a59cb9205dcfa21e15cf1832cb98df3ec64bbd499193aa321ce059954b
Cpanel X3 version 11.28.87 suffers from a cross site scripting vulnerability.
668b877429a09753fc0687182acb6df487a2b9db0ecabdd3f2936732861f677c
ConnectPlatform version 0.30 suffers from a remote SQL injection vulnerability in blog.cgi.
37bdcf8e4441542a78ef20c4bcf339293400fbaed028ef02e74f6b8ee9befa9a
phpwcms version 1.4.7 add administrator cross site request forgery exploit.
704bf06ac1515e2eb1ca1b482d400efceeedf4be19db3f0fc4522173e85c5c2d
Plum Design Studio suffers from a remote blind SQL injection vulnerability.
36b7ad08d84276e198f38e009a15639629647f3253a30a76774f4eff224057c0
Secunia Security Advisory - A security issue has been reported in Cisco IOS, which can be exploited by malicious people to bypass certain security restrictions.
a6be87a905b2573daa159b8b88957275d59c69405af5f5d6fe85a6ad594533dd
Secunia Security Advisory - Some vulnerabilities have been reported in openSUSE Build Service, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
9a103cd17d37f21824cfbdf4dd90fa9ee8e5bc0c33fc4fd9cf4b92820fabd1dc
Secunia Security Advisory - A vulnerability has been reported in openSUSE Build Service, which can be exploited by malicious people to bypass certain security restrictions.
f2590947096af849c99567becd5cb42454656154d5c05c2d12371b6eba579481
Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.
17c0e508710bb4f00f1f179e385b3d378527bd4b35827d30da710e418db26947
52 bytes small Microsoft Paint shellcode for Win32/XP SP3.
6cce3b104986cba0ba0f7a38893069b2dce9092a964b0fa5c9993637147ddc78
Secunia Security Advisory - Two vulnerabilities have been reported in Videcon Viola DVR VIO-4/1000, which can be exploited by malicious people to disclose sensitive information.
572461b87df68f531f4bb03e9e345de61f7aa87136626d8bfdf04cf1fd1ac534
Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges.
11cc3ef33852b29fdabe838c757706245d0fb726331366bd295ed3ce280c420f
Secunia Security Advisory - A vulnerability has been reported in phpMiniAdmin, which can be exploited by malicious people to conduct cross-site request forgery attacks.
b261ba0807f9d417a3726a48fd2c05fc1b2e1f0a05cb54bba34b428c6186781c
Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in the WP Ajax Recent Posts plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
1c0083bc38f5dcbc9d0bba9f575169c0e1e12f0231401d4da5807401d3e1f4ed
Secunia Security Advisory - A vulnerability has been reported in IBM solidDB, which can be exploited by malicious people to cause a DoS (Denial of Service).
0287578e1fa7efb9eaee0c818f1994a312a06b390a2571602e41b83c2fbc5e65
Secunia Security Advisory - Two vulnerabilities have been reported in Spree, which can be exploited by malicious people to disclose potentially sensitive information and compromise a vulnerable system.
96e3458e571c827da29079c9ccedf7f238acda2e931956253692217547458ec7
Secunia Security Advisory - John Leitch has discovered a vulnerability in webERP, which can be exploited by malicious people to conduct cross-site scripting attacks.
a8f9b49d002afdd0f7c986f8ed7e30f88d9dbea8293b4f4fed696e3ae615ab06
Secunia Security Advisory - A vulnerability has been reported in the GNU C Library, which can be exploited by malicious people to cause a DoS (Denial of Service).
25d745fddc520801daa3e5ab68d60d405e52b5d89e206ef28fbedd76a1bcf55f