Secunia Security Advisory - Two vulnerabilities have been reported in OpenStack Compute (Nova), which can be exploited by malicious users to compromise a vulnerable system.
a4284561d7cc566f53d416cedca16012c7bc338fcb88d308510cc8c9fcf1361dSecunia Security Advisory - Ubuntu has issued an update for nova. This fixes two vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system.
eb2351617db0c3a0707457da06f36253bec7dab7a7a0863ed57ab8f2a257adffSecunia Security Advisory - A vulnerability has been reported in the International Components for Unicode (ICU), which potentially can be exploited by malicious people to compromise an application using the library.
9d96322c24fb138abe77b00390380cea4ba78e3868e09a88b8f914002da0ecb4Secunia Security Advisory - Two vulnerabilities have been reported in Splunk, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
78c918dde9a7687d1fc97e4616b0964af358dd675a8ee5844dc6c0dae983fd32Secunia Security Advisory - Multiple vulnerabilities have been reported in Social Book Facebook clone 2010, which can be exploited by malicious people to conduct cross-site scripting attacks.
fe18893f97c1e730f0706e1c40988dd1f457858d4ccd20e2eb93ec49fa98f030Secunia Security Advisory - A weakness and two vulnerabilities have been reported in Pulse Pro CMS, which can be exploited by malicious people to disclose sensitive information and conduct cross-site scripting attacks.
e6044eaeb7f9308639fc91c1eed77b7df96e1acea183c9fcfddaf17e21d0d7b0Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in PHP-SCMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
dcaf4567aa03fc2ecb52fd1a36eef3cf95d9d727a3c98fb6d69183fbf32216dcSecunia Security Advisory - Two vulnerabilities have been reported in RSA Adaptive Authentication, which can be exploited by malicious people to bypass certain security restrictions.
589cc1bb2bd3f7726b387380b1e5310c49038f75c6f45412180111f5f199f489Secunia Security Advisory - Two vulnerabilities have been reported in IBM AIX, which can be exploited by malicious, local users to manipulate certain data and perform certain actions with escalated privileges.
47470338592c50d11d99d4c8eab74302d5ae765d6754ffc5c4f0eea430012d31Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway, which can be exploited by malicious people to bypass certain security restrictions.
91af0a7074f799534153ef9ea2785851eab679b1466b41452c1c1d1e8b64ced9Secunia Security Advisory - Two vulnerabilities have been discovered in Fork CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
439067b1fc32fc43a7622274752933ff512eb227b970614908e69fbe354284b2Secunia Security Advisory - SUSE has issued an update for dhcp. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
a84250445f6ace3f3120f0bd7c1d348c9edc09a470f7b3d447ac6c0bcfa3563dSecunia Security Advisory - Three vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
5e59d9f3c10d3e199e1e365749e0b4729cc59f61ea968501b6cc33ed9750a587Secunia Security Advisory - Multiple vulnerabilities have been reported in Cacti, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
5ed69403f1c217b52f7d053abc19514a0c2d57bfa163efdf3552c51673a32869Secunia Security Advisory - Ubuntu has issued an update for linux-ec2. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges and by malicious people to cause a DoS (Denial of Service).
c257e59db31567343d5f5fb12fa022c390f416a9c699536d8cb3206d40610c76Secunia Security Advisory - A vulnerability has been discovered in the SCORM Cloud For WordPress plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
020808bdd28e0ba9691ebf8bdd0039af732c50e5e2337854c7c5e071062b1007Secunia Security Advisory - Ubuntu has issued an update for linux-mvl-dove. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges and by malicious people to cause a DoS.
a71d1dd83eedc90b4b30cb4e804aa5c287c739385b85b6dc690690d2a636a6d5Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS.
b6d668bdf075604752e9c96ab2463868b3a321b18b28e85d5f166623a636e576ICS-Alert 11-346-01 - On December 12, 2011, independent security researcher Rubén Santamarta publicly announced details of multiple vulnerabilities affecting the Schneider Electric Quantum Ethernet Module. Prior to publication, Mr. Santamarta notified ICS-CERT of the vulnerabilities. ICS-CERT is coordinating mitigations with Mr. Santamarta and Schneider Electric. Schneider has produced a fix for two of the reported vulnerabilities and is continuing to develop additional mitigations.
9778d7636ef3e4a79ff7e21dffc414c0bcb49002566536caf10085dd1ba06dccZero Day Initiative Advisory 11-348 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within nnmRotConfig.exe CGI program. When processing crafted nameParams parameters, there exists an insufficient boundary check that can lead to a insufficient heap buffer, enabling a heap overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.
8b34d80ef01f16adfe54e85e1bc39fc4193f07b869044663840aeecfaefde141i4Style Web Design suffer from remote SQL injection and cross site scripting vulnerabilities.
1c38a500e4e3bdab6965199201e8033eaa702be19dfcba11c26c7d32d01d9ef3Red Hat Security Advisory 2011-1815-01 - The International Components for Unicode library provides robust and full-featured Unicode services. A stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially-crafted locale representation was opened in an application linked against ICU, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. All users of ICU should upgrade to these updated packages, which contain a backported patch to resolve this issue. All applications linked against ICU must be restarted for this update to take effect.
80064f93a00c591c9eb00ee3c62f207e8ca534830ec5880d7ae14456ad08780dRed Hat Security Advisory 2011-1814-01 - The ipmitool package contains a command line utility for interfacing with devices that support the Intelligent Platform Management Interface specification. IPMI is an open standard for machine health, inventory, and remote power control. It was discovered that the IPMI event daemon created its process ID file with world-writable permissions. A local user could use this flaw to make the ipmievd init script kill an arbitrary process when the ipmievd daemon is stopped or restarted. All users of ipmitool are advised to upgrade to this updated package, which contains a backported patch to correct this issue. After installing this update, the IPMI event daemon will be restarted automatically.
62add3e212c5b9df0506f9c22fdba3b39dd6ac36a3e365b075092f91e980f787Red Hat Security Advisory 2011-1813-01 - Updated kernel packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support.
3b16278bac583a2c1428428c3ee68d41f050c60bf38ba7270277894b824802f2Zero Day Initiative Advisory 11-347 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word 2007/2010. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application handles a border containing a specific property. When parsing this property, the application will incorrectly free it. If the application attempts to render the object, a use-after-free condition can be made to occur. This can lead to code execution under the context of the application.
c998ca3897ccbe8974534d8594685d9229d85af0647b8834346c4f9d08b43858
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed