iDefense Security Advisory 01.17.06 - Remote exploitation of a input validation vulnerability in Cisco Systems, Inc.'s IOS 11 HTML package can allow attackers to execute arbitrary scripting code.
15d83441eb0f4eca8a5f6e181b29e10704aa00bd1be6c0248814846fe57036e6
Phpclanwebsite is vulnerable to XSS in the img tag.
24e50536a0de45843ca0bca1d841e4ae3573c8c09acaaa8735d434ddeea71d2a
TZO-012006 - Checkpoint VPN-1 SecureClient insecure usage of CreateProcess()
ddfa7039151f9be7a466fc3ee6130bce6ca4b3302873a8f391f1cfe7ff9151f2
The event 10053 is storing the masterkey of Oracle Transparent Data Encryption unencrypted in a trace-file. A skilled attacker or non-security DBA could set this special event to get the plaintext masterkey for the TDE encryption.
f4ca69910f6b6bd84af219a014b2bd03ffa45c23b0ba4521dcb398e9865c28a3
The Oracle Reports parameter desformat can read any file by using an absolute or relative file name. Parts of the file content are displayed in the Reports error message.
71bda64001af5d5de9c3ae98cca97149f55cf7d9152db5019ba1564dcdd1c929
By specifing a special value for the parameter desname Oracle Reports can overwrite any file on the application server. On Windows systems an attacker can overwrite any files (e.g. boot.ini) on the application server. On UNIX system an attacker can overwrite all files (e.g. opmn.xml) which belongs to the Oracle Application Server user. This attack can be done with a simple URL.
100bcb12928b2140f513bf2498d97f32bac11ba0f7d933420a1441a525169dcd
The Oracle Reports parameter customize can read any file by using an absolute or relative file name. Parts of the file content are displayed in the Reports error message
f0314d4bf413e9fae79071434d7822edcb24e11ed4940e67ecba30ac5acd510f
The Oracle security feature "Transparent Data Encryption" is storing the masterkey unencrypted in the SGA. A skilled attacker or non-security DBA can retrieve the plaintext masterkey.
53734153442fd7cb77962aa30534146324550a2e0a0680fe77b1bc8e91a0d592
Secunia Security Advisory - Steve Kemp has reported a vulnerability in Linley's Dungeon Crawl, which potentially can be exploited by malicious, local users to gain escalated privileges.
db5c85247c37a74c545928e817b9284f3b1d249e6db293d653c47f03d3110cf9
Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix various vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
f4d2360a664c2fdd37e4ce66aca94c8678fa644ca0b213a0e59199eff008b049
Secunia Security Advisory - Debian has issued an update for trac. This fixes two vulnerabilities, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.
b20b1b2b3bea1a4cb937323d6bf0ec78c7c5899ec0d6b539e0da7ed748002fb4
Secunia Security Advisory - SUSE has issued an update for kdelibs3. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
b58bf38c8e7ebb890d1f3fd0a54304819d2a711c25b1b36a4aa5c5aa6071ac9c
Secunia Security Advisory - Debian has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
6af7af9e8c8d862e260ea78a6711ecc1e17f5ba6aa0d78e2ac573c93a3c4bc1a
Secunia Security Advisory - A vulnerability has been reported in LSH, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information or to cause a DoS (Denial of Service).
e8f760c15f05425c05b71044e28117520c9c73a67fdb0a17b0e5434116dc482c
Secunia Security Advisory - Roozbeh Afrasiabi has reported two vulnerabilities in AZ Bulletin Board, which can be exploited by malicious people to conduct cross-site scripting attacks.
ef2f98178e2bb83efff68d01e0c4ee8b7e6f18d995b2367f835a053519a47326
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered a security issue in Note-A-Day Weblog, which can be exploited by malicious people to disclose sensitive information.
512c912818e6df80b4fb1dcc67bdbcd1bfdc0e6acb96bac90cad3735aced3b0f
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered some vulnerabilities in e-moBLOG, which can be exploited by malicious people to conduct SQL injection attacks.
323e7661b7fa2e81b1b7224f4c409dab1d6232359d5294eeae742251f0e9d7fe
Secunia Security Advisory - Debian has issued an update for libapache-auth-ldap. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
15b4da301aafa199d55103be0602bd93159774c2ad81677a156b56af0a28ce2f
Secunia Security Advisory - Avaya has acknowledged a vulnerability in Predictive Dialing System (PDS), which can be exploited by malicious people to cause a DoS (Denial of Service).
2c036b8952be26504830e8fbe3158dddba41f1e7f6656304b8e5ce404287b3e0
Secunia Security Advisory - Gentoo has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
bbf48c884ebbf1bfde1b03e3c9b4856d4843e5957006aed88592b2483cf0ea9c
Secunia Security Advisory - A vulnerability has been reported in Fetchmail, which can be exploited by malicious people to cause a DoS (Denial of Service).
4586198307ce457f067bff33a3a63513bab72e1ea59ca87ad9527f753de80dde
Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered a vulnerability in Pixelpost, which can be exploited by malicious people to conduct script insertion attacks.
d4dfd4ea10896f3d85efde55937f180ff2df469c753ca24cad1c36209166168e
Secunia Security Advisory - Debian has issued an update for crawl. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges.
85d820c1e3f7640f07556640d7d089b030d22e9338042a9b43837bf301720afb
Secunia Security Advisory - Andy Staudacher has reported a vulnerability in ADOdb, which potentially can be exploited by malicious people to conduct SQL injection attacks.
02f37addc544fd4386242c27ca40e20c45095880c4725d2c7e27a6cc01bf5c6a
Secunia Security Advisory - Lasse Overlier and Paul Syverson have reported a weakness in Tor, which can be exploited by malicious people to disclose certain sensitive information.
4c6e098c7f026c8c19dd9ba2da7010d1fa76727722e458164ee17311b50c6b16