LuxCal version 3.2.2 suffers from cross site request forgery and remote blind SQL injection vulnerabilities.
cb1d2b3682114f3b26171869233c5bde5b3187d3b611ab0235bc2c24bb7a38ab
ClipSharePro version 4.1 suffers from a local file inclusion vulnerability.
4bda46b32b5ee2408e5d9ae4e5b7a0735b8b72bd399ea7ec9bb984b111ae1d62
QNX versions 6.4.x and 6.5.x suffer from a ppoectl vulnerability that allows for disclosure of /etc/shadow.
5c0faf1a0a91819585324e6293f765978634beef1af118930f364899b2d8cd3f
QNX version 6.5.0 local root exploit that leverages a buffer overflow in /usr/photon/bin/phfont.
19e870dc4af45f9142802364260c85a97bb855c6dd8f4c546f6dc5f966feffd3
QNX version 6.5.0 x86 io-graphics local root exploit that leverages a buffer overflow vulnerability.
599feb2a83e57f9097abc6a63e81c1d71632e87f4c7b3b69c52d7312d2d62af9
QNX versions 6.4.x and 6.5.x ifwatchd local root exploit.
e5b7e006717ecc66aed13554af23e9c9683aad8e73b91602735a97db51e3be49
QNX version 6.x Photon functionality allows for an arbitrary file overwrite with root level privileges allowing for denial of service and privilege escalation for a local user.
2428c5f0b3b62dae9b037b581daba0764dd42b93c2e8ded7b7b27d6dddee2045
Gentoo Linux Security Advisory 201403-2 - A Vulnerability in LibYAML could result in execution of arbitrary code. Versions less than 0.1.5 are affected.
5af7769072fb1c2fa085a3d704f5c9bcba6a0eb4453a6e683f06f898d0cf182b
Mandriva Linux Security Advisory 2014-050 - Multiple vulnerabilities was found and corrected in Wireshark. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.
5d0325ffd6a325a71f963bfca7e8750d853c633e4a8175d97cbcd93aea5b0d21
Red Hat Security Advisory 2014-0266-01 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way sudo handled its blacklist of environment variables. When the "env_reset" option was disabled, a user permitted to run certain commands via sudo could use this flaw to run such a command with one of the blacklisted environment variables set, allowing them to run an arbitrary command with the target user's privileges. Note: This issue does not affect the default configuration of the sudo package as shipped with Red Hat Enterprise Linux 5.
f10125d63e7953977de9d21c114beec69b7bd3670a5733b33b5fd25f0ee33485
Debian Linux Security Advisory 2871-1 - Multiple vulnerabilities were discovered in Wireshark.
5dca6b9a21f684c0874c46a33c8b8aea70765f5a1925276ec74a7727127cb78f
Debian Linux Security Advisory 2872-1 - Florian Weimer discovered a buffer overflow in udisks's mount path parsing code which may result in privilege escalation.
3770672a72490b90d1d2d45d4d967b5f28593c522423e64579e22e602bf4d379
Mandriva Linux Security Advisory 2014-049 - The get_resource function in repos.c in the mod_dav_svn module in Apache Subversion before 1.7.15 and 1.8.x before 1.8.6, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service via vectors related to the server root and request methods other than GET, as demonstrated by the svn ls http://svn.example.com command. This advisory provides the latest version of subversion which is not vulnerable to this issue.
6dc36b60facb0c513dec64a3947fa32a7e8f3f108314026f3f279dac8b4fef82
Mandriva Linux Security Advisory 2014-048 - It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker.
3ce0f32f5ce56849a4c33a25e7f469b1c11cf2283019c23c3438a49e62da8402
Debian Linux Security Advisory 2870-1 - Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
5ae52e3c2de0b635a84fa42b1da961627ebdf663a5be16346661ae855100bd05
Ubuntu Security Notice 2142-1 - Florian Weimer discovered that UDisks incorrectly handled certain long path names. A local attacker could use this issue to cause udisks to create certain directory structures, possibly leading to privilege escalation.
390e66bcde86a577bb810b745a889165575865a06ecd9f960604c396242acf44
QNX version 6.x suffers from an enumeration vulnerability using the setuid /usr/photon/bin/phfont binary.
6d8c2b3e86406470b2ec78792cebe88b0350304f76f4474ded0115d2baf4ab28
QNX version 6.x suffers from a file enumeration vulnerability that leverages the setuid /usr/photon/bin/phgrafx binary.
f9892def99ee2cd533b3bb50760be4d343f5ec3f2e072b5939393723e93753b2