mpTREY is a MP3 fuzzing utility that manipulates tags. Written in Perl.
3f272c23c44352dd75429216312ed372076351d35fa4762a4869fd1da89d050d
BandSite CMS version 1.1.4 suffers from an insecure cooking handling vulnerability.
c4fd3f2d252e9360e9526ff69a57e2de6348d5351edf169a5af254d4cb755dbd
ScriptsFeed Recipes Listing Portal software suffers from a remote file upload vulnerability.
66d2a4e8dfbe5433b9bc7f0ab2be666546dd1c886cd2220351b2799ad20698da
ScriptsFeed Auto Classifieds software suffers from a remote file upload vulnerability.
8deffdb64d1e9e5ff76ffb9ed73fe538d35efb472ea246d57599cb6bc48f3158
ScriptsFeed Real Estate Classifieds software suffers from a remote file upload vulnerability.
5507e587dd496e035ffc189cf408249890480f643defed6af3cfab2b954ff5db
The GS Real Estate Portal US/Internal module suffers from cross site scripting, SQL injection, and remote file upload vulnerabilities.
0537b3a874893fed826f2b1ec084f4f67f7fbb3a0cc625305484fa06ef377e99
Secunia Security Advisory - Don has reported a vulnerability in Fresh Email Script, which can be exploited by malicious people to conduct cross-site scripting attacks.
918d794c2e61bb8a2c33ad50cba146c85c40894ff67565c6fc51948e0bd22705
Secunia Security Advisory - Red Hat has issued an update for acroread. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a user's system.
e85430a9fbad39a30ab019da577a9aff09186e87da0ac3059724e6b887b77a66
Secunia Security Advisory - Fedora has issued an update for libpng10. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
8918d6ba4d3a64bb18b1bf4fb9529dcb8c5047a3769b266e7deaf9f9b14cc6f5
27 bytes small GNU/Linux x86 setuid(0) && execve("/bin/sh",0,0) shellcode without NULLs.
c0c0138eb0cbf63e6e3e5b1a04fffbf8501663ccd3ea72f3924bcf3011fe0535
Secunia Security Advisory - rPath has issued an update for initscripts. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
9a2e8c8eb980f17976bae878b4b26bbc50ff53b0959f55cb7c30a453f72ee69b
The Netgear WGR614v9 administrator interface can cause a denial of service condition on the router when a simple question mark is appended to the URL.
f2c2574642ef8dd733e76621de159bcc9f66b4e306316c0205b9ab32a2bf6039
Digital Armaments has officially announced the launch of the October-November hacking challenge. Digital Armaments will give a prize of $5,000 for each submission that results in a exploitable vulnerability or working exploit for the Linux kernel. This should include examples and documentation.
b2ae9a5e465944ba7e4a7712d8625cfc7eb5e530b14e5d0fc164a1a11d2950aa
Secunia Security Advisory - Francesco Bianchino has reported a vulnerability in Metrica products, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
88845e8ee0872cdd776384117dd06487f5e98d5055c2c9c706351d971916b18f
Secunia Security Advisory - Fedora has issued an update for optipng. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
d09f49adf0efa55ac95f13b72fdc00ba11af018f57206c248e19948925b31eb7
Secunia Security Advisory - rPath has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
648c03dc838bfe9e2e121cc31f5c1b4609e98b325c1bdc483e63a781d35072f1
Secunia Security Advisory - Some vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user's system.
263fc312b82717af161fe5eaa9c16b7481375dea5c8c1b81d4798a8ab0173e58
The Pi3Web ISAPI interface suffers from a denial of service vulnerability that causes the server to crash. Versions 2.0.13 and below are affected.
28ae7b680667cd7af13babc98bd853018075234dc064ab260fbba2178f775bfe
.NET Framework Rootkits - This whitepaper covers various ways to develop rootkits for the .NET framework, so that every EXE/DLL that runs on a modified Framework will behave differently than what it's supposed to do. Code reviews will not detect backdoors installed inside the Framework since the payload is not in the code itself, but rather it is inside the Framework implementation. Writing Framework rootkits will enable the attacker to install a reverse shell inside the framework, to steal valuable information, to fixate encryption keys, disable security checks and to perform other nasty things as described in this paper.
f76d7dd718394137cdbc9cb275f43a192178ffb10a850e0e77481a838c67ea51
.NET-Sploit is a new tool for building MSIL rootkits that will enable the user to inject preloaded/custom payloads to the Framework core DLL.
5776c1769e93b6c84140aa59330ab249d6529d492a81f74654dbb0a444b97a81
Secunia Security Advisory - rPath has issued an update for net-snmp. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
cebcbd07df4cf06fcc63621505e0a313fbe06ae93a2812b2c831dc6b4303f984
Team SHATTER Security Advisory - Oracle Database provides the "LTADM" PL/SQL package that is part of the Oracle Workspace Manager component. This package has instances of SQL Injection in COMPRESSSTATE and GOTOTS procedures.
29603ed80c14670ee01111577280faac894cf3b0ed732e00604e0e4483cc40e7
Team SHATTER Security Advisory - Oracle Database provides the "LT" PL/SQL package that is part of the Oracle Workspace Manager component. This package has multiple instances of SQL Injection in COMPRESSWORKSPACETREE, MERGEWORKSPACE and REMOVEWORKSPACE procedures.
46972c6b9e06e4bc4b703ab2962224b03b0e54bbdc772217823fb7beae043812