Secunia Security Advisory - Ubuntu has issued an update for librpm4. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
50431dc43e8d36bb00a574eab8c5f3b64896201cc5b35cbbc1edaa69c6c83722
Secunia Security Advisory - A vulnerability has been reported in Fedora Core, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
17b869aba08499c9cbe19958b1027e726ec66a1ae617b3a04a12781ebb838c3f
Secunia Security Advisory - Gentoo has issued an update for screen. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
7e6a1911dda53a6ab545792251c292038d60ac6c9afd72d9fca81c5987912823
Aanval (pronounced: "anvil") is an advanced data management, correlation and analysis console designed specifically for Snort and Syslog data. Aanval is a complete web-based software solution designed to manage and correlate snort intrusion detection data and / or syslog device data.
8abc59399c4a41e8e0ecdd145857256816bdf72fc6d2ef36292aa025bb303e4a
IF-CMS suffers from a cross site scripting vulnerability in index.php.
a4d731562509b4f8d739b14d6ca6aea4d3fed83e3db46f3cee3279a20f9d409d
Essentia Web Server version 2.15 suffers from a buffer overflow vulnerability. Denial of service exploit included.
b6a275a0406f1b65144837ffc8082c6f99e97e4d2b21537d389ac4ee29f4ec45
Drake CMS version 0.2 suffers from a cross site scripting vulnerability.
970ad4149dcd4090f9a11dae899e49be43d3debdada03f5c9e220dcce04a2a42
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
cc7f90983aa61b3d893c3311e3f832c5faa204467143cff597ad80bf8ad24daa
Xenis.creator CMS suffers from multiple cross site scripting and SQL injection flaws.
91c6a2f2d1c37da731a8896669609f2faee49f3029488c5d48876d759906f521
admin.tool CMS versions 3 and below suffer from multiple cross site scripting flaws.
acd0d9ced35a4c99aa390a61e004f88d41f2e7a9c141e5385e73e47bdcbd6833
iodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.
6b56b4536548aa932533bbd65c37fdedef6900496482214446daf96534bc55b6
Secunia Security Advisory - A vulnerability has been reported in Microsoft XML Core Services, which can be exploited by malicious people to compromise a users system.
d547b4b829e14cc64f0e85e97c9ab9f82d3ff113b9611a4e8bbaa7c506021897
Ubuntu Security Notice 378-1 - An error was found in the RPM library's handling of query reports. In some locales, certain RPM packages would cause the library to crash. If a user was tricked into querying a specially crafted RPM package, the flaw could be exploited to execute arbitrary code with the user's privileges.
46dceed57c8becd4d8ec059a3d65276ebbe5886e1adadee226e2d0614dd95fc2
Ubuntu Security Notice 377-1 - Derek Abdine discovered that the NVIDIA Xorg driver did not correctly verify the size of buffers used to render text glyphs. When displaying very long strings of text, the Xorg server would crash. If a user were tricked into viewing a specially crafted series of glyphs, this flaw could be exploited to run arbitrary code with root privileges.
ec47b737c0f599490328b2d916c5bed8392588978151ef7d0c0019bdf011b4bc
Ubuntu Security Notice 376-1 - M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user were tricked into viewing or processing a specially crafted image with an application that uses imlib2, the flaws could be exploited to execute arbitrary code with the user's privileges.
6cf2948be4982cc7e0d1c19c4b6b0c6bd6da9919d184d4b607e1a34c0636f3b1
viksoe's GMail Drive shell extension and GSpace suffers from flaws that allow for arbitrary file injection, folder creation, and more.
4eb96b9eb20c590be8dd26fa79ad868bc0295d2b185604459b85248d9aab64c7
Hardened-PHP Project Security Advisory - PHP 5 versions 5.1.6 and below and PHP 4 versions 4.4.4 and below suffer from buffer overflows in htmlentities() and htmlspecialchars() which may allow for remote code execution.
dd4e3c70ff80ad927aae14623932b488a0e87be06018a88e926d95737511aa1d
Hardened-PHP Project Security Advisory - phpMyAdmin versions 2.9.0.2 and below suffer from a cross site scripting vulnerability in error.php.
1bae322ca8783399c8a21d7d7775c5260943a18a3e1112ed3866646ec425d742
The SAP Web Application Server suffers from denial of service, remote file disclosure, and local privilege escalation vulnerabilities.
de3975dce143466971026afe72001d10efca62500cacd7004d823edece217251
Short whitepaper discussing API hooking/interception via DLL redirection.
4f3b2999eaf8674d18053e9c19ddc2690f09ca07ac557ea9d739cbee813c6366