Core Security Technologies Advisory - A vulnerability has been found in SAP Netweaver that could allow an unauthenticated, remote attacker to create denial of service conditions. The vulnerability is triggered by sending a specially crafted SAP Enqueue Server packet to remote TCP port 32NN (NN being the SAP system number) of a host running the "Standalone Enqueue Server" service, part of SAP Netweaver Application Server ABAP/Java. The "Standalone Enqueue Server" is a critical component of a SAP Netweaver installation in terms of availability, rendering the whole SAP system unresponsive.
2fe79852efd8b14902357955bf4b11e2258b497446f8f44384873604c64f25db
OpenX version 2.8.10 suffers from multiple open redirection vulnerabilities.
777dfe1778ebee43de5c7970fcfe167872cabea8a13c7106abd4b6f0931c742f
HP Security Bulletin HPSBMU03126 - Potential security vulnerabilities have been identified with HP Operations Manager (formerly OpenView Communications Broker). The vulnerabilities could be exploited resulting in remote cross-site scripting (XSS). Revision 1 of this advisory.
64d7496b089a26adf2d01f2b523e2095422c10fd7c698000bbdb2a68ab6db383
Drupal versions 7.0 through 7.31 suffer from a remote SQL injection vulnerability.
9334b6a6e29d21e0ca0b95e292aa9748f72a53b287557bce5063375a461b299e
NETIS DL4322D 300Mbps Wireless N ADSL2+ modem router suffers from cross site request forgery, cross site scripting, and denial of service vulnerabilities.
b0c14dece0ef955428e9b6e9f570ca06da3ba8d664cbb649ec238a4e2091226d
Drupal versions 7.0 through 7.31 suffer from a pre-authentication remote SQL injection vulnerability.
f35969a96fc3edeea7c6ff6dae1ff02d6ed45becae3aa463f435daf8161a7cfc
HP Security Bulletin HPSBHF03125 - A potential security vulnerability has been identified with HP Next Generation Firewall (NGFW) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: This vulnerability can only be exploited if the attacker already has valid administrative login credentials. Revision 1 of this advisory.
17f8eddb7283be7cb8ad30c6586d35e371e0c3c28a85f0aa23c2b591cbc0f229
Cisco Security Advisory - On October 14, 2014, a vulnerability was publicly announced in the Secure Sockets Layer version 3 (SSLv3) protocol when using a block cipher in Cipher Block Chaining (CBC) mode. SSLv3 is a cryptographic protocol designed to provide communication security, which has been superseded by Transport Layer Security (TLS) protocols. By exploiting this vulnerability, an attacker could decrypt a subset of the encrypted communication.
e37c09bb8f42444adad931a1177f7eaee6f5ff1580e021798171df47e8be0c80
Cisco Security Advisory - Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Software suffer from multiple denial of service vulnerabilities.
f4761d353c361b635fbca858206c528f26cfc0deeb022515d8daebb6a267dcda
Cisco Security Advisory - A vulnerability in the network stack of Cisco TelePresence MCU Software could allow an unauthenticated, remote attacker to cause the exhaustion of available memory which could lead to system instability and a reload of the affected system.
4e26469d4866bd8bf06a9088e9a0751a8a63d9eafc2eea16f7156f791511a907
nytimes.com suffers from cross site scripting vulnerabilities.
68aa05f01a173b791ce1dcf46151c9bd16ea1b4375ed9dccd79311b27e696db3
Hamster Free ZIP Archiver version 2.0.1.7 DLL hijacking exploit.
d5d2c6500d69eeeed43f4f03d733064412af5cb611b1560b1a19e273f16d028a
Megapolis.Portal Manager suffers from multiple cross site scripting vulnerabilities.
a9258cd586d823687fa392665432bef1b62cb0c282a433f13c9bebbf12c2c7fd
IPy suffers from a blacklist bypass vulnerability.
52330e16a8c0db217b73de740ed229579f3d9b070a700c148046face2ef36557
This is a python script that performs brute forcing against WordPress installs using a wordlist.
34a1d35b75a5ee427f856e9296a435d61d1a6ff8f950bb5dafd9d5b3cbfb298a