SonicWALL EMail Security version 7.3.5 suffers from multiple cross site scripting and script insertion vulnerabilities.
9114c493bb903f88704ca152163273f441bb78904b6632d33f2bc90b09352025Axis VoIP Manager version 2.1.5.7 suffers from multiple cross site scripting vulnerabilities.
227d09434d3119f83463817515890f6a160a567edeea4900637426c5a2d81678Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.
3ecddde77082e049a2056e7fee7d05301ade18b02e1ebc838e4af707f2a74d39HP Security Bulletin HPSBMU02813 SSRT100712 - A potential security vulnerability has been identified with HP Operations Orchestration. The vulnerability could be remotely exploited to allow execution or arbitrary code. Revision 1 of this advisory.
97d3696a2802e4bc11756ed85fe0d744044522295b85a1672ae9318f837aae13Symantec Messaging Gateway version 9.5.3-3 suffers from an out-of-band stored cross site scripting vulnerability via email. Unfortunately, as usual, the NCC group are withholding any details for three months.
efc556b14d7eaaab1ee4e073431e2ec92e2cb39a2d25ac6dc8ece93acb4541ebSymantec Messaging Gateway version 9.5.3-3 suffers from an authenticated arbitrary file download vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
25af61338564cb5ac5945690d75e3ef01177fd3439ed35b0b88b7b650a1c8240Symantec Messaging Gateway version 9.5.3-3 suffers from an unauthorized ssh access vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
c0fb665289612f001a3b0b55edd4149f5142e0dc932b0d8e4991ffd2e0c26fc2Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
378f303f72289da19ddbd813812ef932bf32812e90d735f95783481de4d04b58Apple Security Advisory 2012-09-17-1 - Apple Remote Desktop 3.5.3 is now available and addresses an information disclosure vulnerability.
15417159543689958e35449fe891ef88e1551b36f07a6054a729946d40ac107fFortigate UTM WAF Appliance suffers from multiple cross site scripting vulnerabilities.
0559718c9efd3df76f1d071fa0b3c558881ae613812b65f9b546708e466f56f7This is a brief whitepaper that discusses DTMF input processing and easy denial of service attack via phone lines against banking systems.
69dbef581e13a4637e1b0aa3251b231aa329ac074cbf3ea2f4870506046ed98fWordPress version 3.4.2 appears to suffer from user enumeration and path disclosure vulnerabilities.
f672ffa3fe1c2cdc32145c392c8ccd21e2a5005b5593a62f5cdd4f6628b98a9bSymantec Messaging Gateway version 9.5.3-3 suffers from an unauthenticated detailed version disclosure vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
bbb4709841e4fe0d02dc171408f915bd1b98a01e969446b1da6b82f3608fa832Avcmedia CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
386079be1ad4a0714a78b9a73a2cebfd9bde5ba6e3a91636f4f08ec4ab3ec5f2vBulletin version 4.1.12 suffers from a remote SQL injection vulnerability in blog_plugin_useradmin.php.
2ff2c6b6842c2bb85c4e27bab7b624e79849eea8da77f95cba7862aa7f6a63b4A simple request to WordPress discloses a given author's name in the title when you enumerate values for author=.
523ced8ffd06cb5ce06338ed19e6b1fe16dd2776ba083fa543553d63fdd4b571Secunia Security Advisory - A security issue has been reported in CoSoSys Endpoint Protector, which can be exploited by malicious people to conduct brute-force attacks.
7934a61c0aa8afa7ae8f51c53d2ea05ae28ccb5156ad65314c778d7b3f304042Secunia Security Advisory - Red Hat has issued an update for spice-gtk. This fixes a vulnerability, which can be exploited by malicious, local users to potentially gain escalated privileges.
ef5be48554fb68e45b2229dc4a1cb28fc1e887c3b2b0bd3da1828ed3bc712473Secunia Security Advisory - Two vulnerabilities have been reported in Jenkins, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.
ea2f13f12305c190f04e091559c56c36a7d495bd7b697ccc6f1d384453130d7eSecunia Security Advisory - A vulnerability has been reported in OptiPNG, which can be exploited by malicious people to potentially compromise a user's system.
be9a29897e64e26110ed698afd670d310015fc407bda9a524551475e2aa1b929Secunia Security Advisory - A vulnerability has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.
52a4ca22d29d239078dc8e9ff621d64f46b60d252bcc5423493f0dbc1da20ab2Secunia Security Advisory - A vulnerability has been reported in Oracle Business Transaction Management, which can be exploited by malicious people to compromise a vulnerable system.
215e7f965c56e7b3584c25179813071521f08229313297bed42c96a7dc9e5a8cSecunia Security Advisory - SUSE has issued an update for xen. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges.
a3e1aa703bba0bbc779338ac22ab2448dbe4df7132569bb1d234205e21f8a76bSecunia Security Advisory - A weaknesses and some security issues have been reported in Moodle, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to disclose certain system information and bypass certain security restrictions.
4db216c859c9b3dab1eca0056e445d7aee587a43e2690114d09243c880938d21Secunia Security Advisory - SUSE has issued an update for inn. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.
58c7b8376cb98d77cb9b9daf0341ad4d2ae396193c52517c6f10bb20a5cc7066
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed