VDA Labs Advisory - Ipswitch FTP suffers from a cross site scripting vulnerability.
4724183e38c8f8f92c9d8d5ac9fcf53321d3f20875d52eda218d572ac90f2525
Technical Cyber Security Alert TA07-235A - Multiple buffer overflow vulnerabilities and an integer overflow vulnerability have been discovered in the RPC interfaces used by various components in Trend Micro's ServerProtect software package. These vulnerabilities could be exploited by a remote attacker with the ability to supply a specially crafted RPC request to the system running the affected software.
97a4f35b86996204d4335c89074fa98cf98f0fdb80c5b8d72adcda5a09ef2579
Mandriva Linux Security Advisory - Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
f5cd3a839b74573668b70ec1a548f2844302a4ef684ad1f8b724abe85ed23526
Gentoo Linux Security Advisory GLSA 200708-17 - An error known as a virtual function call on an invalid pointer has been discovered in the JavaScript engine. Furthermore, iDefense Labs reported that an already-freed pointer may be still used under unspecified circumstances in the BitTorrent support. At last, minor other errors have been discovered, relative to memory read protection (Opera Advisory 861) and URI displays. Versions less than 9.23 are affected.
a631ac4552c2f3bb4f44d2668ca99c69711d7c9a6895a750859b5aa7937d32e0
Gentoo Linux Security Advisory GLSA 200708-16 - Tim Brown of Portcullis Computer Security Ltd and Dirk Mueller of KDE reported multiple format string errors in qWarning() calls in files qtextedit.cpp, qdatatable.cpp, qsqldatabase.cpp, qsqlindex.cpp, qsqlrecord.cpp, qglobal.cpp, and qsvgdevice.cpp. Versions less than 3.3.8-r3 are affected.
80a0f7dba946f1db00ba3c0d7e46e7509d5e70a1ae25e2200e1a0ad559695e67
Proof of concept buffer overflow exploit for the Asura engine included with Rogue Trooper versions 1.0 and below and Prism: Guard Shield versions 1.1.1.0 and below which suffers from a buffer overflow vulnerability.
7618b4bbc8c5df0185b1b622c41fdfb807190b4aeb24b3f171fd8e33d014a9b6
The Asura engine included with Rogue Trooper versions 1.0 and below and Prism: Guard Shield versions 1.1.1.0 and below suffers from a buffer overflow vulnerability.
b2da20b37df5ce4d44f52dde0e4992d9bbd948fe01888fca9909218c4aa7dce6
Whitepaper entitled "Las nuevas backdoors", discussing new techniques in backdoors and sniffing. Written in Spanish.
ad3835828509aa5430280f10dce98cbff07e56d28bf314f1479c5d2519d64339
Amsterdammail (www.amsterdammail.nl) is susceptible to cross site scripting and SQL injection vulnerabilities.
bf1eb1c6fca2254cc752c98536e303b4fbdb12e044040fdc4d8b6f7747344744
HISPASEC Security Advisory - X-Diesel Unreal Commander version 0.92 suffers from name spoofing and directory traversal vulnerabilities.
4b6405903518d8cc539aa225d0ae78b40266ba8b21b84f35ab602aeb57c85e05
The Thomson ST2030 SIP phone is susceptible to a denial of service vulnerability. Exploit included.
fcc85d3d9b95f6bd30e103330b1aa858315aa973f24e7a77ced2548d94dbb610
www.search.org suffers from cross site scripting vulnerabilities.
a361ba12d0d38a0dc5da2d19a078692691f3f766d218663860067edffa2ab989
Mercury/32 version 4.51 SMTPD CRAM-MD5 pre-auth universal remote stack overflow exploit.
aa372807d8f3416528598fa33aea32d6d542c358719e925a5c8c3e63b6059260
PHP FFI extension version 5.0.5 local safe mode bypass exploit.
fafd0498802d5483eb48ea5a6830b9140d11592ed65bcef8808d6077e6e67588
PHP versions 5.2.3 and below win_browse_file local buffer overflow exploit.
3a75a22cfd4a2161f1f86673799e91c18321b25a862d091c59040553327452fc
PHP versions 5.2.3 and below win_browse_file local buffer overflow exploit.
eed40468d521dbe25dc18d44f115c6ea69433c0c26f75d387a8c86a96659bcca
BibTeX Joomla component versions 1.3 and below remote blind SQL injection exploit.
1c22c4bc295e0d7f78966f02e037d618badf6a77b5a987209a94bfedaee7595e
The EventList Joomla component versions 0.8 and below suffer from a SQL injection vulnerability.
9ba1bbb5d396863c7be159435f99c4aceb68799301c55082ea029f501ed159c1
The Nice Talk Joomla component versions 0.9.3 and below suffer from a SQL injection vulnerability.
5e12d5334fad86e6094390675f8eed715a29a78eb454ca6b8fd0d6cd691185b8
The RSfiles Joomla component versions 1.0.2 and below suffer from a local file download vulnerability.
3719054eece148909ce57b903973845eeb78f194cb5adf06c202318064e3dd93
The RemoSitory Mambo component suffers from a SQL injection vulnerability.
8f96cfae99fea19e3bad40df24b42b2bca4ca479108ab048dd2850572aff30dc
The NeoRecruit Joomla component versions 1.4 and below suffer from a SQL injection vulnerability.
8850f28a326f1fc7ab2bdd7e96f991affb1ae8bb717c1988744ab02efc7ffb28
PHP version 5.2.3 php_ntuser ntuser_getuserlist() local buffer overflow proof of concept exploit.
250dc104b4edbe5da195bf85ca78c5ddff4913d4ba7e7c83a7566c8fd85b27d6
SPIP version 1.7 suffers from a remote file inclusion vulnerability.
04f73ad6f29fb12727e3185360feafb337b9510e90aefe7f66758e66bbf34456
phpress version 0.2.0 suffers from a remote file inclusion vulnerability in adisplay.php.
af002fcd8460bc218a7044bf3c0f7d1f8f6596338a22a0f79eb2a5f09eb54847