Trend Micro Control Manager versions 5.5 and 6.0 suffer from an AdHocQuery remote blind SQL injection vulnerability.
ce96999e810814c024c38533c2b23e3e57c9c4a4b441314fa7e4c4133f539757Smartfren Connex EC 1261-2 UI OUC suffers from a local privilege escalation vulnerability.
0ec1e258edf48173a940544afae0a141012670394cdffa3cf9890e76a8cbf613Gentoo Linux Security Advisory 201209-20 - A vulnerability in mod_rpaf may result in Denial of Service. Versions less than 0.6 are affected.
1e07e14ae6817fdb3613911807943dc43e04592179b966c1b55b79f5d692967cGentoo Linux Security Advisory 201209-19 - A buffer overflow in NUT might allow remote attackers to execute arbitrary code. Versions less than 2.6.3 are affected.
26cf59a1302101863453c61e09109055f9c2d3852b357e5c59d849763375a3dfUbuntu Security Notice 1586-1 - Hiroshi Oota discovered that Emacs incorrectly handled search paths. If a user were tricked into opening a file with Emacs, a local attacker could execute arbitrary Lisp code with the privileges of the user invoking the program. Paul Ling discovered that Emacs incorrectly handled certain eval forms in local-variable sections. If a user were tricked into opening a specially crafted file with Emacs, a remote attacker could execute arbitrary Lisp code with the privileges of the user invoking the program. Various other issues were also addressed.
e68c5c5c496cdf07a56ecb2cebeb00389e61b3d59a69baac3725b58811acc749Ubuntu Security Notice 1587-1 - Juri Aedla discovered that libxml2 incorrectly handled certain memory operations. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program.
a899b80649ea6f586d8981bc213cdf894806632b70ff04ce3c7a36b8568b52d7Debian Linux Security Advisory 2552-1 - Several vulnerabilities were discovered in Tiff, a library set and tools to support the Tag Image File Format (TIFF), allowing denial of service and potential privilege escalation.
54501d6daa7e0227cc4295dea1eb1182adbb49b3811ac7370a51eb73ad6ebe45Gentoo Linux Security Advisory 201209-18 - Multiple vulnerabilities have been found in Postfixadmin which may lead to SQL injection or cross-site scripting attacks. Versions less than 2.3.5 are affected.
483fff8b8c40f8c7a48ee6753a592cc64440c80a933a09fb2b3d976df89bf714Debian Linux Security Advisory 2554-1 - Several vulnerabilities have been discovered in Iceape, an internet suite based on Seamonkey.
367c4b80049e02adfcc8609be2a22ae776fe78a36fec636dc2cbf3dc28e9b0afGentoo Linux Security Advisory 201209-17 - A buffer overflow in Pidgin might allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 2.10.6 are affected.
bdad7264254fa4d62f5b0efa3a6c9ff198a60da18bbecd423795e3951b065dd7Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in Piwigo, which can be exploited by malicious people to conduct cross-site scripting attacks.
aafc85f27af9b9c151350645a20dadf8f441bcd53259e000a6328779e3f51fe1Secunia Security Advisory - HP has issued an update for OpenSSL in HP-UX. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) of the application using the library.
55b8cd61d5b3982db05c6f5f905824cb885de920adee1487b6c02799e629d346GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
6ff03900a084b8dd4095928f2e332aa55f3d465b1c1c0d6f91df172013b7d3e6Midori Browser version 0.3.2 suffers from a denial of service vulnerability.
4e2ac39a4af661e2d43542177067075d29ca5a2897fe1fbdcc060ee3f8e3f014Secunia Security Advisory - Ubuntu has issued an update for freeradius. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
503cec4c63ba43f566349164a5195fa81f9ce3b4ed4dc8232c314bbed2d6299eSecunia Security Advisory - Gentoo has issued an update for sqlalchemy. This fixes two vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks.
05fbde0cb95773a53461940740eb640df4c0f551458a3d07c116a3dcf535b366Secunia Security Advisory - Tom Gregory has reported a vulnerability in Trend Micro Control Manager, which can be exploited by malicious users to conduct SQL injection attacks.
a0c04aa7973105deae8ee946025c682a4f27cfab72a8c830d3cb5d08858c754bSecunia Security Advisory - IBM has acknowledged a security issue and a vulnerability in IBM Rational RequisitePro, which can be exploited by malicious people to conduct spoofing attacks and cause a DoS (Denial of Service).
b8bac7a1aaf394c5843a0f3e5aa5cfc3f32f631d496ecb9c7a23901915af7092Secunia Security Advisory - Gentoo has issued an update for postfixadmin. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
6693c56c2f108a20e0dcda9c18d324aebc47f973032682e0962f59bf7c80237bSecunia Security Advisory - Gentoo has issued an update for pidgin. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
8762c27020fdbd0d4929a04e15230ef3d40c0bf8c157d609d36e3f27a3b96cf5Secunia Security Advisory - Avaya has acknowledged multiple vulnerabilities in Avaya Communication Manager, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
78c72008daa53331c2790c755ad07c98f1eeb76c11c8b56cfff42a991526a924Secunia Security Advisory - A security issue has been discovered in Smartfren Connex EC1261, which can be exploited by malicious, local users to gain escalated privileges.
50f16859bd8d0606ba21d79a4c0c24bc913f34808e42c6ad6abdd45d9970c23bGentoo Linux Security Advisory 201209-16 - An input sanitation flaw in SQLAlchemy allows remote attacker to conduct SQL injection. Versions less than 0.7.4 are affected.
2d1a220b5cf7a1111480e2699f9d4935805dfc61f72402dc125669e7c5c0db26Cisco Security Advisory - The Catalyst 4500E series switch with Supervisor Engine 7L-E contains a denial of service (DoS) vulnerability when processing specially crafted packets that can cause a reload of the device. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
49312be1b554f56014723da957b3a2cdc550668991f364bacb9513352f8cb363Cisco Security Advisory - Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a single DHCP packet to or through an affected device, causing the device to reload. Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available.
fa62901858ad68bb5196e039df077aa95c4bea884d3ae32d63859f012838d86b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed