Mandriva Linux Security Advisory - A programming flaw was found in Pulseaudio versions older than 0.9.9, by which a local user can gain root access, if pulseaudio is installed as a setuid to root binary, which is the recommended configuration.
381c4f1e95696b6696489b294e2642f56831ceb6a838555eea63d08b0115a1d8
Mandriva Linux Security Advisory - Will Drewry reported multiple flaws in how libicu processed certain malformed regular expressions. If an application linked against libicu, such as OpenOffice.org, processed a carefully-crafted regular expression, it could potentially cause the execution of arbitrary code with the privileges of the user running the application.
a999038e1e8e36b24fcc7d2f55e5e1d342de60b514b62e574149b8f7caa40f7a
A simple utility to thoroughly validate DOM, XMLHttpRequest, and cookie security restriction handling in modern web browsers. Notable features include exhaustive hierarchy crawling, cross-domain IPC system for blind write verification, page transition checks, and more.
3193283a884cf29dab7eb6c658285fc4ab255c371456911b95b7541483b34432
Secunia Security Advisory - 0in has discovered a vulnerability in Tiger Php News System, which can be exploited by malicious people to conduct SQL injection attacks.
f3ed167548ca31167c693efe2e1f27ebf5110006f64190da939fdc8c07965044
Secunia Security Advisory - Elazar Broad has discovered a vulnerability in Move Networks Upgrade Manager, which can be exploited by malicious people to compromise a user's system.
e1cd36b137d8d122d4ad32a94b13be82f7b096f56c00f389ed27ad5268746786
The PatchLink Update Unix Client suffers from multiple file clobbering vulnerabilities allowing for privilege escalation.
9edd2c3dea0e2f04c171d8980ce2fe3f0ec1fc649d996bba22558f6b5207870c
Proficy Information Portal version 2.6 passes a user's password base64 encoded on the wire, allowing for it to be easily intercepted and decoded.
193987184fe40b9994e6689d7dd2c17f6e7439290c4cec09274c18a66ec26f1d
Proficy Information Portal version 2.6 has a flaw that allows an authenticated attacker the ability to upload arbitrary code on the server.
8fe8e4b4c25860812b02f54a0cb017e1b4fc3b6c4390039ca199adb32e1f2f6b
Cimplicity HMI version 6.1, 6.1 SP5, and 6.1 SP6 all suffer from an exploitable heap overflow vulnerability.
ca32e6e16dfac1360f0eada284bc6fe1d217d79e79aab976e43fe12f5359abb4
E-SMART CART suffers from a login bypass vulnerability via SQL injection.
a2eefcd4a6146713a8c3695864e48664246813d6157f9b64ad2b0215f84fce3e
Pre Dynamic Institution suffers from a login bypass vulnerability via SQL injection.
286d737bb6f1f5516ff11ab8521d045d3b7d9847676734e6ba70720591bf95b3
Pre Hotel and Resorts Reservation Portal suffers from a login bypass vulnerability via SQL injection.
5aab0a18de471d306a7c0b3066f3aef90339e8af6d18a78d11eb53314e753fc3
Persits XUpload version 3.0 AddFile() remote buffer overflow exploit with calc.exe and port binding shellcode.
1fea1e695df1df31dfd3cf0867850309b9b7714aaf0ccca6d5403f4254ffba7f
CandyPress eCommerce Suite version 4.1.1.26 suffers from multiple vulnerabilities including SQL injection and cross site scripting.
6dea4b9ea36e243e8e32cd02a9ba55d515cf86faf74b42b2271eab1726f8e075
Sejoong Namo ActiveSquare 6 Namoinstaller.dll install method exploit.
3596a0ae0a59ddc293d9274943f1efe935b1a7c228600d42353393c0f943047c