VideoLAN (VLC) versions 0.8.6d and below suffer from buffer overflow and format string vulnerabilities.
1c26fd7d991ebd85084dd1a4ff421c7c71b559127f0d8dd6c423e9c574b821adHP Security Bulletin - A potential security vulnerability has been identified with HP Software Update running on Windows. The vulnerability could exploited remotely to execute arbitrary code or gain privileged access.
8c5e1e55ffc43f67e2af8ab76bea1b53a7b8c8f6b99d9b8a8b9f5cd8696d37a2CA Security Advisory - A potential vulnerability exists in the Ingres software that is embedded in various CA products. This vulnerability exists only on Ingres 2.5 and Ingres 2.6 on Windows, and does not manifest itself on any Unix platform. Ingres r3 and Ingres 2006 are not affected.
f7ca90c4521927236d3bbfefb70dc89c88259368d66a18dae3701216866ea1caProof of concept code for WinUAE versions 1.4.4 and below which suffer from a buffer overflow vulnerability.
c6cdf0a1a02fc721d93582c59970a5d74322ca53f324f752f4de24296ca272d1WinUAE versions 1.4.4 and below suffer from a buffer overflow vulnerability.
d4b6cea98b13ad48f55a7ce4b8766bc9b8cb55012560c1e6d2e794b4cd9ab867Technical Cyber Security Alert TA07-355A - Adobe has released Security bulletin APSB07-20 to address multiple vulnerabilities affecting Adobe Flash Player. Attackers could exploit these vulnerabilities to execute arbitrary code, perform DNS rebinding and cross-site scripting attacks, conduct port scans, or cause a denial of service.
919c1590254878e0c4863f2f75851eac70566dd9784f124eab4be03b4820f001NmnNewsletter version 1.0.7 is susceptible to remote file inclusion attacks.
cb9b0f55d80db3fb9e9e4039bf1ee91c0fbfaffe9caaaddbbfff1cffbdfd0754It appears that the latest revision of Moodle may be susceptible to SQL injection attacks.
2830c51b5f57aba32f29102bcb3ef49729e7caa9244f6e7d9549e88723a3be47The first Call For Papers for the International Workshop on Computational Intelligence in Security for Information Systems (CISIS'08). This will be held October 23rd through the 24th, 2008 in Genova, Italy.
bb0be7507e5288acec4e6fb14261c62ce8eb7b818c6c80d893da0905f618ec4eUbuntu Security Notice 559-1 - Joe Gallo and Artem Russakovskii discovered that the InnoDB engine in MySQL did not properly perform input validation. An authenticated user could use a crafted CONTAINS statement to cause a denial of service. It was discovered that under certain conditions MySQL could be made to overwrite system table information. An authenticated user could use a crafted RENAME statement to escalate privileges. Philip Stoev discovered that the the federated engine of MySQL did not properly handle responses with a small number of columns. An authenticated user could use a crafted response to a SHOW TABLE STATUS query and cause a denial of service. It was discovered that MySQL did not properly enforce access controls. An authenticated user could use a crafted CREATE TABLE LIKE statement to escalate privileges.
ae30abbfc510aa1b5374607d3162c2ecded4d5bf712509d32e195be3b8105269Debian Security Advisory 1436-1 - Several local vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
74162b595bdfcc1fbbc422ccbad3f69059331bb2755e6cb505633ee62ddbfce7The Domino Web Access Upload Module version 7.0.34.1 seems to suffer from a memory corruption issue that may allow the execution of arbitrary code.
ec0bc8a997b7c201b3139c76a221545f80d3dba24cbadb0ce6e643e76f535b85MeGaCheatz version 1.1 suffers from multiple remote SQL injection vulnerabilities.
4e69d6c9ea23b28cff0e35f4add714960ab83c7c958e3679389e07a8fa3b3039ThemeSiteScript version 1.0 suffers from a remote file inclusion vulnerability.
e6111754e556c8a3019ed062f1023a10514ea4fde4058eea867da42cf9ab6332CuteNews versions 1.45 and below administrative password hash fetch exploit.
b75df010e8f28644bcc2f2f01bc1f01715a3cd55d07c95260c7c2fe2d1b8afffJupiter versions 1.1.5ex privilege escalation exploit.
4b6d630f6acb85b2b217d564c25c8054c75e52ed293e16414f1a3dafd5996ebcwebsihirbazi version 5.1.1 suffers from a remote blind SQL injection vulnerability.
e49904be498e0b14dccb86df2f6e43a468f85aacf9ce35304e8d97aeddcc7acaMMSLamp suffers from a remote SQL injection vulnerability.
05499b16b933a54325707aa2d2c65d14a11a3f5eb574951e9c251427d65425c5Adult Script versions 1.65 and below suffer from multiple remote SQL injection vulnerabilities.
39c3efc1d1f5f924383d273d46ffb2c23bed4a441a9dd4263707159c3b995e48PHP ZLink version 0.3 remote SQL injection exploit that makes use of go.php.
481544f701f9bfcd2b1cca35bd2a0940ba7f44e652b5421ecf2955416688c5fbzBlog version 1.2 suffers from a remote SQL injection vulnerability.
853410985bc3ac65e1d85e7092d3b32155d0ab52a594e56254b02cae98c88604Ip Reg version 0.3 suffers from remote SQL injection vulnerabilities.
fc29023479a27a2bafb52d78586b434ac85a8a3031b5d9aceeb25288b1213cdaWallpaper Site version 1.0.09 suffers from a remote SQL injection vulnerability in category.php.
9c3b793d8e510a9d30487263b024b0c8494525cb1bb207fa82d9ecf8080b194eOpenSSL versions below 0.9.7l and 0.9.8d SSLv2 client crash exploit.
cf2fa661fdd682ff85746a1fe91439e437ab9c13ea764a9f88fba19f2b8c43daSendmail with clamav-milter versions below 0.91.2 remote root exploit.
fea4042491dd36c19888b1f85a2b9c01a9dd5bcaa526004ec58c793d327c17c0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed