Miranda is a Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices, particularly Internet Gateway Devices (aka, routers). It can be used to audit UPNP-enabled devices on a network for possible vulnerabilities.
d14d0b979b115a202bce72bdcfd7fc749f57546b53bf094e2e1119c7c9a8c158By exploiting either of the VMware flaws described in this document, user-mode code executing in a virtual machine may gain kernel privileges within the virtual machine, dependent upon the guest operating system. The flaws have been proven exploitable on x64 versions of Windows, and they have produced potentially exploitable crashes on x64 versions of *BSD. The Linux kernel does not allow exploitation of these flaws on x64 versions of Linux.
00028132b68b6b52ccbf9adca27a78831980d6aa94845933c21f512a28b129b3The jabber server Openfire versions 3.6.0a and below contain several serious vulnerabilities. Depending on the particular runtime environment these issues can potentially even be used by an attacker to execute code on operating system level. Full exploitation details provided.
e1e9a58f4293b2465f10522e4ad1097e16abdeef9a210399eae0280937117098V3 Chat - Profiles/Dating Script version 3.0.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e37e6d9fa0e6bc82b586faa7093acc9c3c3d16376932674772fdb86c9e823b81Whitepaper entitled Protecting A Web Application Against Attacks Through HTML Shared Files.
a332ffa53a93ffea3c43a63213809c1bc705467514a6098021161dd8468c04fbH-Zine Volume #1 - Discussing IpTables, C++, SQL injection, and more. Written in Spanish.
f469b6e9b8f510a569419a76ea58c063e330ad93e0a6924f5005d7c95a34ff55Anti-Keylogger Elite version 3.3.0 privilege escalation exploit that makes use of AKEProtect.sys.
947c61f151a4a1908ac87ca71f782f1153851a8dd8742e2ff17dc9ef8e96adb8Domain Seller Pro version 1.5 suffers from a remote SQL injection vulnerability.
53513bf7a444ffe29bd9f632ec5c6fb4deb97f44f070847060aa6b27472ecf26The SpeedStream 5200 suffers from an authentication bypass vulnerability via Host header modification.
0e3c38f2cac373a41d993ae5af53a61eab5944e2da8abbaba6e29cc9d4d4e7c5Mandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel.
07420495aa7cda94bcb423e119a9c13e63e0d3b150270e1ff058301f03053469Mandriva Linux Security Advisory - Denial of service, spoofing, and bypass vulnerabilities exist in Ruby.
488309119dea14c6a264f6053e8b8d14c8d560c0a40a71fd0e398684d17eb685Myiosoft EasyBookMarker version 4 suffers from a remote SQL injection vulnerability.
83df2edfd70212f9a43b6667f15e25105d3452e00d682c09041279a896ac4d01E-topbiz Number Links 1 suffers from a remote SQL injection vulnerability.
890b5f538fbf52221fbfa044cb20d57a18b621df0a16fa1c76ccc5f7e0fe754bVLC Media Player versions below 0.9.6 .RT stack buffer overflow exploit.Spawns calc.exe.
885454393c4e99bc5fc0b83823b3a3c169446cb21872b399d36814636e1d9b76Mini Web Calendar version 1.2 suffers from file disclosure and cross site scripting vulnerabilities.
e5dcf4a98914f87dbd7979829a1aded1c4c927d8fe8985c822ab2515e7aadb7dVMware Security Advisory - VMware Hosted products and patches for ESX and ESXi resolve multiple security issues. A flaw in the CPU hardware emulation may allow for a privilege escalation on virtual machine guest operating systems. In addition a directory traversal issue is resolved.
a2cc4fb617dd573bde38a03b8b1f2ca7106b716cdac17f5f3c3c96573df9e5c2The Joomla Feederator component version 1.0.5 suffers from multiple remote file inclusion vulnerabilities.
357f5efc75fc9246420aeba2bf080c676acc85ee920e2d7effcf8fc6bde64d58The Joomla Recly!Competitions component version 1.0.0 suffers from multiple remote file inclusion vulnerabilities.
fc0562c441077d95d6222a0557e1955be8f1f2838569aca7a04931b306fad082The Joomla Clickheat component version 1.0.1 suffers from multiple remote file inclusion vulnerabilities.
68aacf133226e8f2614ba09a9268ee4efd75ebce710713a2fac9272efd5f8efdVNCcrack is a simple, fast offline-mode VNC password cracker. It takes a set of challenge-response pairs of the type passed during a VNC authentication attempt, and attempts to recover the passwords using a dictionary file.
a6b55baeb838fb9ceba777369bace4a6929bfe58a051349808c800008e0bcaebE-topbiz Online Store 1 suffers from a remote SQL injection vulnerability.
105a1a37d43be84ea5586ecb6ad4c42b92f7666943963469bee7e3c7f793177dPre Car Lister suffers from a remote SQL injection vulnerability that allows for authentication bypass.
5f8f42efad763348eaf3d9deb288524d2750af0c41de9141c1da24da16bfec46Secunia Security Advisory - Ubuntu has issued an update for netpbm. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.
82d08bf6326dfb79a47da6631e03f4de021cfc7c66706f90e53c74c9411acd1cPardus Linux Security Advisory 2008-67 - A remotely exploitable heap-based buffer overflow exists in libcaudio versions prior to 0.99.12-2-2.
6273274b35ca23a850c3df31e3310cf18e41dbdfa85a0db467c45b6b489785d3Pardus Linux Security Advisory 2008-66 - An untrusted search path vulnerability in BPY_interface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySys_SetArgv function.Blender versions prior to 2.47-14-3 are affected.
f6c4f042b3d94489e7fc447f94e9dc1e3fc5a416d6e1396261743844b53235e9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed