CMSimple suffers from a cross site scripting flaw.
e3a4325525739c8cf3593aec5e74a36f070cacc060a6eb0c88b877d1f04079d8
Secunia Research has discovered a security issue in PC Tools AntiVirus version 2.1.0.51, which can be exploited by malicious, local users to gain escalated privileges. Successful exploitation allows execution of arbitrary commands with SYSTEM privileges.
83c92f48a356ec3bbbcc54a63e89c46fa42cdc8b58d424b520367adccacb22c9
Vwar version 1.5.0 and below suffer from SQL injection and cross site scripting flaws.
15d14a06b9bcc2e848898db3aeb737ace31f508d07d6463e35a40fbf24c3d0d7
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Sendmail processing malformed multipart MIME messages. This vulnerability could potentially allow a remote unauthenticated user to cause a Denial of Service (DoS).
68f99f2177a039f4746a1b6b316fc5e24faeb27955f72abf60dea54d60ffc081
HP Security Bulletin - A potential security vulnerability has been identified in the ProCurve Series 3500yl, 6200yl, and 5400zl Switches. The vulnerability could be exploited remotely resulting in a Denial of Service (DoS).
6d901b97ccb5abb88d197bae38cbf3c521a996b0a358f1cb969f3a787610d707
Technical Cyber Security Alert TA06-214A - Apple has released Security Update 2006-004 to correct multiple vulnerabilities affecting Mac OS X, Mac OS X Server, Safari web browser, Mail, and other products. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Impacts of other vulnerabilities include bypass of security restrictions and denial of service.
36aa936f9b7bd92ff79fdc176de4d2d07ef1dd1543b3c71e6e7d1fa59d5831eb
Ubuntu Security Notice USN-330-1 - Tavis Ormandy discovered that the TIFF library did not sufficiently check handled images for validity. By tricking an user or an automated system into processing a specially crafted TIFF image, an attacker could exploit these weaknesses to execute arbitrary code with the target application's privileges.
02e8f7a4c424124d22e17346178b9572a0ee2b0c30f9d6f5ea1a83396cac5441
Debian Security Advisory 1138-1 - Carlo Contavalli discovered an integer overflow in CFS, a cryptographic filesystem, which allows local users to crash the encryption daemon.
d4f4912c27b869860408b27545b9dae1cb57283bbfc90a5c1f1aa230ff32112e
Debian Security Advisory 1137-1 - Tavis Ormandy of the Google Security Team discovered several problems in the TIFF library.
35dd59f756d92b64f5716ea63b858fac3d771b002aa63e45e87c38f2235d59ee
OZJournal version 1.5 suffers from a cross site scripting vulnerability.
5d6b05c9089b7e31ee5c0bb3b6497d047c41ee4755b01ded42f8456dc95f40cd
Whitepaper discussing the methodology demonstrated in the Microsoft PowerPoint 2003 SP2 exploit.
18a9798ab16576aac7dac8c0da34b42161c5b9e5254fbcaf52a8ec462748cf7f
Debian Security Advisory 1136-1 - infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which are also present in gpdf, the viewer with Gtk bindings, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code.
5c0cf7aefc51b063845696294db059d520a282066b9b9ab668fa4ab4db46465b
Secunia Research has discovered some vulnerabilities in Jetbox CMS version 2.1 SR1, which can be exploited by malicious people to conduct session fixation attacks, disclose certain system information, conduct cross-site scripting, script insertion, and SQL injection attacks, and compromise a vulnerable system.
9f04052cf29a6c2a2789c34d885d6c38cca5d32aabb96f773f141859450e1776
Proof of concept exploit that takes advantage of a buffer overflow in the /server directive of mIRC versions 6.17 and below. In a default install, this does not elevate privileges.
faeff6b29609fcd7cc837a37cb26366988e997241fd67e93e33221f8b168a3f6
SaveWeb Portal version 3.4 suffers from a remote file inclusion vulnerability.
e81db7ac387d0421b97e56db490615227c2fc3b7f5e86e93d7f4c85d27bc77a2
MyBB versions 1.1.6 and below suffer from a cross site scripting vulnerability.
decbade3396fd427f3e0b5e781172aa75733e48225cb57c71423d38637266dd9
The G3 Content Management Framework suffers from a cross site scripting flaw in its search functionality.
ed0b96675e9bb1b768f29e787bddb29303b2349d4a6b1cb18611de65d5734d18
Debian Security Advisory 1135-1 - Kevin Kofler discovered several stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp, a MusicBrainz tagging library, which allows remote attackers to cause a denial of service or execute arbitrary code.
d87b6e6b510003a0b0295297cb97437a8b545dc9fdbeb523d6de1237756c66c6
The Simpliciti Locked Browser interface jail can be broken out of using simple JavaScript.
31c51ec9f1335cb8936ef3d4bcd381e588378f1959fe7c6f88f870611fcf2a21
Exploit for fetchmail on Mac OSX versions 10.4.7 and below on the x86 architecture.
abc8c5b9a5bc11f1d75838f33a3f66f9084ed5b0f340b4ec323a19ef3bb3c7c7
Shellscript exploit for fetchmail on Mac OSX versions 10.4.7 and below.
a7bcf7de5e8c976b85f2fa9843daaa6d420c62fa3d036f99c66a984a01557bbf
Exploit for fetchmail on Mac OSX versions 10.4.7 and below on the PPC architecture.
8fefc8253056f33ef76e022136819d38456365ed244f5190a475b2f1a4db32ed
fetchmail on Mac OSX versions 10.4.7 and below suffer from an arbitrary code execution flaw.
a79a85fa9c78b353f28bab9c307f950ae95726f9619a959e9e455eb143f10992
The Barracuda Spam Firewalls from versions 3.3.01.001 through 3.3.02.053 are vulnerable to arbitrary file disclosure via the preview_email.cgi script.
8363029dcc673fedc8a62cebf430f37662f1cabb8e3673ab097dc0ee0fc14f0d
The Barracuda Spam Firewalls from versions 3.3.01.001 through 3.3.02.053 have a hardcoded password for the guest account in the Login.pm script.
a3fcc3dd2bedb5c6af2f3a9c0ba005f5a2e6ef2c19975142dd9f1d41ab2e55cb