Ubuntu Security Notice 1928-1 - It was discovered that Puppet incorrectly handled the resource_type service. A local attacker on the master could use this issue to execute arbitrary Ruby files. It was discovered that Puppet incorrectly handled permissions on the modules it installed. Modules could be installed with the permissions that existed when they were built, possibly exposing them to a local attacker. Various other issues were also addressed.
cdcde70f2713266a5b8a4ed92df915a902df42405d256a043c28743f4e1f6c7b
OpenX version 2.8.10 suffers from cross site scripting and remote SQL injection vulnerabilities.
e63af2e9b896b7c8eb47ee1b85fb36653f9042c5e5e8c8e23dcad89dcee326f8
Photo Transfer Upload version 1.0 for iOS suffers from cross site scripting, local file inclusion, and remote shell upload vulnerabilities.
9797a90f4d101bc559e0e7a955fc1029afada224bfd37dbdb8bd0fc40a9ac16e
w-CMS version 2.0.1 suffers from a remote code execution vulnerability.
efd54a5c7bc5ea4e8df8a03491a7815ef4eef5419d77a00351892d85ee2c964e
Quark Chat version 1.0 suffers from cross site scripting, path disclosure, and remote SQL injection vulnerabilities.
929e0896aa251b1adeffa2a27dd9e8623dd08b30f77b7b4491b9812d99c37c56
Copy to WebDAV version 1.1 for iOS suffers from local file inclusion, command injection, and remote shell upload vulnerabilities.
23dcf46f528554d76be9439abab500204ea1dfc338b343174897859c0b85f712
ACal version 2.2.6 suffers from a local file inclusion vulnerability.
8b456bbad7110133d868847964b7235eced3a31ddeaaf9bd88a99a1f357c20b0
Alibaba Clone Tritanium suffers from a remote SQL injection vulnerability.
9a89ea61a2acad21e0d3dbbc3e015e8b67228a2e028c4fdb115add3c71cb033b
PhpVibe version 3.1 suffers from cross site scripting and remote error-based blind SQL injection vulnerabilities.
712c25d819fd4f4f6c21ec1943c96c94f720cf0849291307b5cf92da7117b004
On various Linksys devices, an unspecified bug can cause an unsafe/undocumented TCP port to open allowing for unauthenticated remote access to the device.
498c65c860fe5d919123b02b7dda83e1dd02868d0b1adb1db402354c60007bd1
These are presentation slides for Explotando Add-On's de Mozilla Firefox, or Exploiting Add-Ons in Mozilla Firefox. Written in Spanish.
be5a0d2d8734ba09d02081c9ed082df4f7e9d69db609f8de7bd83cb6ceeee9dc
Pligg CMS versions 2.0.0rc2 and below suffer from a cross site request forgery vulnerability.
ff92bd903b53f3d80aaea2d128b6371304d4ac04de3a162a6b5413b95625956a
Massachusetts Institute of Technology suffers form a parent directory information disclosure issue.
25c4c820de4680add586c4f667935a3834dbffdb67c3acffb1699c117aa0e5ac
HP Security Bulletin HPSBMU02915 - A potential security vulnerability has been identified with HP Service Manager. The vulnerability could be exploited to allow remote unauthenticated access and elevation of privilege. Revision 1 of this advisory.
4aab2f4cbd7c2757d6b058eab56f90b8b510cfd70e2155b22d407190fbcdb86b
KCFinder version 2.51 suffers from a local file disclosure vulnerability.
e5b2f68a7dbe3eea0f99b54f87d0dd99dde65a924630d4d71713a48fe3378434