MttKe-php version 2.6 suffers from a cross site scripting flaw.
acb4fa8dc82c4238ba81970d67aea5492f38fd1851e06cd86f85f1d24926c94a
A vulnerability exists in Firefox versions 1.5.0 through 1.5.0.3 and SeaMonkey versions 1.0 through 1.0.2 that allows attackers to execute arbitrary code on vulnerable installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
92ff76589f52b7f12a99064f622ee16a1fcf346cee16f9c98a1edf93b848a97c
Debian Security Advisory 1125-1 - Several remote vulnerabilities have been discovered in the Drupal web site platform, which may lead to the execution of arbitrary web scripts.
d33d79b369ff9056d0cb5795b4f5bb0d5be992bd5fb933073859c9c6f9010aee
A cross site scripting flaw exists in www.uni-bocconi.it.
01afd36320e7137c012b0f6187b3fc939002234e9a3d9a5782748b832de29868
Debian Security Advisory 1111-2 - It was discovered that a race condition in the process filesystem can lead to privilege escalation for the Linux 2.6 kernel series. The initial advisory lacked builds for the IBM S/390, Motorola 680x0 and HP Precision architectures, which are now provided. Also, the kernels for the FAI installer have been updated.
29d04f30390e5c6a5457d0a7c7fb811303f7b8c1e81d94df734664be018dbfad
The Zyxel Prestige 660H-61 router is susceptible to cross site scripting attacks.
1720b41ae93ce1a113b3fb90b64a501944eec9577df00c122f4d1cd03ac285f3
SUSE Security Announcement SUSE-SA:2006:042 - A slew of kernel related vulnerabilities has been fixed in SUSE Linux for the 2.6 series.
4c8c22343a9c6f45ba441423e790535d6fa953e7a4733a9309a92d7c98856860
OpenCMS versions 6.2.1, 6.2, 6.0.3, and 6.0.4 are vulnerable to multiple access control and input validation vulnerabilities. Other versions may be vulnerable as well. Authenticated users can perform attacks allow arbitrary file access, viewing the source of JSP files, the uploading of malicious files, and more.
dae1da08286e5fcadd45f3c2651460bce4ec4265bc744b87f052a7a66a30c060
NTA Monitor discovered a denial of service vulnerability in the Cisco VPN 3000 series concentrator products while performing a VPN security test for a customer in July 2005. The vulnerability affects Phase-1 of the IKE protocol. Both Main Mode and Aggressive Mode over both UDP and TCP transports are affected. The vulnerability allows an attacker to exhaust the IKE resources on a VPN concentrator by sending a high rate of IKE requests, which will prevent valid clients from connected or re-keying. The attack does not require a high bandwidth, so one attacker could potentially target many concentrators. This mechanism behind this vulnerability is similar to the well-known TCP SYN flood vulnerability.
be9e71e7ed762a62e165c493b33ebe9e8bc248cea205d65985b9212c0de7e083
Secunia Research has discovered a vulnerability in AutoVue SolidModel Professional Desktop Edition, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of ARJ, RAR, and ZIP archives. This can be exploited to cause a stack-based buffer overflow when a malicious archive containing a file with an overly long filename is opened. Successful exploitation allows execution of arbitrary code. AutoVue SolidModel Professional Desktop Edition version 19.1 Build 5993 is affected. Other versions may also be affected.
e93adff3a8f625d54d58dc9486926383f88de6f10f23d5b6f9a008feef926f49
Ubuntu Security Notice 320-2 - USN-320-2 fixed several vulnerabilities in PHP. James Manning discovered that the Ubuntu 5.04 update introduced a regression, the function tempnam() caused a crash of the PHP interpreter in some circumstances. The updated packages fix this.
2198394c03ebd4c25f5b37e6da9b26b5af15075834b194d7361046b1ac0d0df8
wwwThreads is susceptible to a cross site scripting flaw.
b918e8da64c073df3ba9b7ebcd73b0658c6434e65b75187c42e97232c5a1f1e3
PHP-Auction suffers from remote SQL injection vulnerabilities. Details provided.
4bcaa056a2db57b12c72521e1c7d8378c28b9c2f996e414d7caf92ba0710a23c
Ubuntu Security Notice 323-1 - A massive security update for multiple vulnerabilities in Mozilla has been released.
5bac46201d85b7d87564a81483d060451294ae059915c3f5ed9d49a994560665
PHPProBid version 5.24 suffers from cross site scripting and SQL injection vulnerabilities.
f5ef7e02ab1a6140ee161214fe9d3c5a9d1bf4a4f077e96fbfa3e228b7e4c311
OpenPKG Security Advisory OpenPKG-SA-2006.014 - Brian Caswell from Sourcefire discovered vulnerabilities in OSSP Shiela, a CVS repository access control and logging extension. The vulnerabilities allow arbitrary code execution during CVS file commits if a filename is specially crafted to contain shell commands.
651a47962b4a17cf094ec8d6a0a5335125974ff1d48fa54c362051e4b58cf1c3
An arbitrary code execution vulnerability exists in PowerArchiver version 9.62.03.
be1c7f5acea357664b1372470353015f39b13264a61266b84630702156f1c79c
A buffer overflow exists in Midirecord version 2. Proof of concept exploit provided.
886784e049f1a5102e35911ca2cea4f6e4df504f06264a9a6709c32107a3783c
Etomite CMS versions 0.6.1 and below remote command execution exploit making use of rfiles.php.
f32148cfde5038ca39dc41c079d83a1c70f26109c9fdb480d1b79b8fbb729cad
Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system.
ca910b5e37e9b7f2457130bcc74c4501716cae92c7e6c40a020f4c920fc00416
Secunia Security Advisory - A vulnerability has been reported Heartbeat, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
98af680579b0b8d507a1f05da143f6235c24ea406e73de0898a881772016a33a
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), bypass certain security restrictions or potentially gain escalated privileges, and by malicious people to cause a DoS.
7a82853b54522fefb083f40da3d38d29650120bfab7abd9fcb4188ac06a64de1
Secunia Security Advisory - Michael Freeman has reported a security issue in Opsware NAS, which can be exploited by malicious, local users to disclose sensitive information.
cf8b221676625bf42b3997ffb8ce768bf7608be7fb2e48d0163c72153d3af569
Secunia Security Advisory - Meder Kydyraliev has reported some vulnerabilities in Alkacon OpenCms, which can be exploited by malicious users to conduct script insertion attacks, disclose certain sensitive information, and to perform certain actions with escalated privileges.
a3c15c12ef56e3386b53a6768224b565aea243b221c32f6c784f4656643df6b2
Secunia Security Advisory - Pete Foster has reported a vulnerability in Check Point VPN-1/Firewall-1, which can be exploited by malicious people to disclose certain sensitive information.
b43e80b240a8faa650171b47744530fb347304c253bd55d1050e9a5ae1d178d5