WordPress WooCommerce plugin version 2.0.17 suffers from a cross site scripting vulnerability.
ef69a02041ba8bc7a3d11e1ab65a78fe
VMware Security Advisory 2013-0012 - VMware has updated vCenter Server, vCenter Server Appliance (vCSA), vSphere Update Manager (VUM), ESXi and ESX to address multiple security vulnerabilities.
51c0ba1233c2abd35c5235d9c032e743
Web-Spa is a Java web knocking tool for sending a single HTTP/S request to your web server in order to authorize the execution of a premeditated operating system (O/S) command on it.
a2bf3ee08a955e3c578e218f5a1f5034
Debian Linux Security Advisory 2780-1 - This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component.
02daed3807333eabe033f3d33038b231
Mandriva Linux Security Advisory 2013-256 - Apache mod_fcgid before version 2.3.9 fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
f3fcb34a28acf29468cfa0440ef186a6
Mandriva Linux Security Advisory 2013-255 - A security flaw was found in the way Clutter, an open source software library for creating rich graphical user interfaces, used to manage translation of hierarchy events in certain circumstances. Physically proximate attackers could use this flaw for example to obtain unauthorized access to gnome-shell session right after system resume.
59185307643f0f5885125255ba9eb797
Mandriva Linux Security Advisory 2013-254 - Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2. Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.
0bc06d10d58d6d1628744d4afa4e55ef
Mandriva Linux Security Advisory 2013-252 - A non-privileged user who was able to run jobs or login to a node which ran pbs_server or pbs_mom, could submit arbitrary jobs to a pbs_mom daemon to queue and run the job, which would run as root.
a56556c7c90b725b4ea6c00b201225ee
Mandriva Linux Security Advisory 2013-251 - A buffer overflow vulnerability has been discovered in Aircrack-ng. A remote attacker could entice a user to open a specially crafted dump file using Aircrack-ng, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
6ecce3ef269061bb9d3e6e7fe8034a90
Mandriva Linux Security Advisory 2013-253 - Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code.
aefeecd1461c353a5155c7f124777a67
Bugzilla Security Advisory - Multiple cross site scripting and cross site request forgery vulnerabilities have been discovered and addressed in various versions of Bugzilla.
bb3dbfca22221f11ac76979755c3e0f9
Elite Graphix ElitCMS versions 1.01 and PRO suffer from cross site scripting and remote SQL injection vulnerabilities.
5e7e16f8a14624da000f3dc473762f9a
Bluetooth U version 1.2.0 suffers from a directory traversal vulnerability.
b9f478a15c2bec417bf76d2299464098
This Metasploit module exploits a command execution vulnerability in WebTester version 5.x. The 'install2.php' file allows unauthenticated users to execute arbitrary commands in the 'cpusername', 'cppassword' and 'cpdomain' parameters.
5346027be18c609408f729a1a14f0e25
LinkedIn suffered from a cross site request forgery vulnerability in the Join Group functionality.
e0a75d4e00fbc57584483b2ed19c0887
Zikula CMS version 1.3.5 suffers from multiple cross site scripting vulnerabilities.
99b69ef2c64cc8a7cca5e67cc95ff609
hwk is an easy-to-use wireless authentication and de-authentication tool. Furthermore, it also supports probe response fuzzing, beacon injection flooding, antenna alignment and various injection testing modes. Information gathering is selected by default and shows the incoming traffic indicating the packet types.
e6966ea245e44d2ba33e57da24e1c00c
Apache has announced the release of the Struts 2.3.15.3 framework which addresses multiple security issues including a broken access control.
149e0dc307b59f5d4555fb2a5efcd54e
Adaudit Plus Online Demo suffers from multiple vulnerabilities including cross site request forgery, directory listing, and passwords being passed via a GET method.
cc4e518fbabe9f32665fb04b3c60e57f
Admanager Plus Online Demo suffers from cross site request forgery, directory listing, clickjacking, and cross site scripting vulnerabilities.
10a0e1da9187b18dd7f141c7e284365c
Quick Paypal Payments, the plugin from quick-plugins.com, suffers from a persistent cross site scripting vulnerability.
45a892c6ff55acd5d90d805df8701518
PHP Point Of Sale versions 10.x, 11.x, and 12.x remote code execution exploit.
189b59c7369ae4ec1267ad45aac0319b
Drupal Simplenews third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
af71e7cd7a0b0a6698d1ea8fda318417
AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
e1d4522e3f70b4cf9f842171fb455193
HP Security Bulletin HPSBPV02918 2 - Potential security vulnerabilities have been identified with HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM). These vulnerabilities could be exploited remotely to allow SQL injection, remote code execution and session reuse. Revision 2 of this advisory.
69eea8c03b85cb71b78f204d9f8ca9b4