A vulnerability allows attackers to execute arbitrary code on vulnerable installations of BMC PatrolAgent. Authentication is not required to exploit this vulnerability. The specific flaw exists due to a format string handling error during log message writing. Supplying an invalid version number containing format string tokens to a vulnerable target on TCP port 3181 triggers an exploitable format string vulnerability which can result in arbitrary code execution.
50a024ee379bd4d4b653015b171b320e160575d9344f28669885a9d75e113f28
Yet another way to bypass PHP safe_mode.
e10423c9951a5db273b47ada045c6c7123c3150fa042997c5a07552152324afe
Write up discussing the breaking of Google Gears' cross origin communication model.
42c449424322d157ce506a8ff66a83abe0194f2dc1ba8d911cb1133691c3df2a
Aruba Networks Security Advisory - A denial of service vulnerability was discovered during standard bug reporting procedures in the Aruba Mobility Controller. A malformed EAP frame causes a process crash on the Aruba Mobility Controller causing a temporary denial of service condition for new clients configured to use EAP authentication. Prior successful security association is not required to cause this condition.
8a0d6e47b01396e94c7ae30e0ae5c5e6d22569e79a5505e39f1ccd696214662c
A repacked version of the Microsoft free LSP sample and Komodia's LSP guide. LSP is a technology that allows to intercepts all commands between an application and winsock (ws2_32.dll) thus allowing to log all network data, modify network commands and even change inbound/outbound data.
81611dc7f5df31f6a81a16b210dd6e7c50a416dba613435dcb07ff3e7326d6bd
Write up discussing denial of service attacks on MIME-capable software via complex MIME emails.
53bd10bad899d06e8cd5862e270f0daa6438c3d83e9db951ef28550f67c14c2c
XOOPS versions 2.3.1 and 2.3.2a suffer from a stored cross site scripting vulnerability.
534f8f6aef7f2108ae837a182e4ce5048655e00d91deb8c48ef9603fc0d3a2d3
XOOPS version 2.3.1 suffers from multiple local file inclusion vulnerabilities.
54b099c150b887ab86caa338b11cff18f3adad66ee42ba0782d9a29563b137f5
Multiple Anti-Virus vendors suffer from a malicious webpage detection bypass vulnerability.
f9dfa7e4d1f5008192bc17bb6b43ec0be0a51b5cc1e9623349686dfec0b9b2c1
HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Reporter and HP Reporter running on Windows. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
dd0e8331e23e78f9bf1b14b2588919532dc0118888dc6e0e7552c0f43ac4738b
HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Performance Agent and HP Performance Agent. The vulnerability could be exploited remotely to create a Denial of Service (DoS).
dd16be0b227e1a5a6d31ffd458a4aef324c95f1c334ed72b85456a8bafbe0643
The face recognition authentication mechanism in Lenovo, Asus, and Toshiba laptops suffers from a bypass vulnerability.
af4826555c3f1216ccef140a9ee97e90f1bd689835fef766d6a4543d535d16b8
WebCAF versions 1.4 and below suffer from local file inclusion and remote code execution vulnerabilities.
02714586ceb58b2d7c6fce2533f3b0e5069e55a7fadd16fb69a1e1e8c2488041
phpBB version 3 (Mod Tag Board versions 4 and below) remote blind SQL injection exploit.
f334f10b3869bf5cac4e41127f0afd51cf50004bfbde08a40689507077503878
Debian Security Advisory 1683-1 - Multiple buffer overflows involving HTTP header and playlist parsing have been discovered in streamripper.
e31c37741d4c87bf8e0d7f90072b7d60e9bea91960d307dee4674120e5a311cc
PHPepperShop version 1.4 suffers from four reflective cross site scripting vulnerabilities.
59d7d0c55a6e204217214485974834d11f9822f2250e9ffc6eb282478cf6ebb7
PrestaShop version 1.1.0.3 suffers from a cross site scripting vulnerability.
54da5e1958764afe41b5ce67562353b39442f87ef11574611cc5b569e748c4f9
Google Analytics suffers from a stored cross site scripting vulnerability.
0a209401c10f1b5d544652d1f5d9cd721d1de9c2fe2cc9d09f5c228d23a3831f
3CX version 6.0.806.0 suffers from session hijacking, cross site scripting, information disclosure, and denial of service vulnerabilities.
e041e74be469043bab5b9dcb42d39ea35a71d8850d91ceff171f6749c54515a3
ezscheduler suffers from a remote database disclosure vulnerability.
34af5d552f4da002070f4c9dd974dec79feaa5217d83bfbe3d1c9e2e05b84178
ezpoll suffers from a remote database disclosure vulnerability.
658001395285c7d01776f6c5b3696fa37b2549c7a468085dc7f0981f0a80e4a2
eznewsletter suffers from multiple remote database disclosure vulnerabilities.
4c196053bad64eac438ed52014e279882aebcc33e5fd46fa75633f7c5002a477
ezhomepagepro suffers from multiple remote database disclosure vulnerabilities.
073f0a0a73fbb29d659f20bc062136b2597432e99af8d6c0bd7f962b93f7cf1d
ezguestbook suffers from a remote database disclosure vulnerability.
84aff7a133693ded9a7dd0be59b40e6d86093d61190fedce6e13212f304ddb12
Secure Download version 2.0.0r for vBulletin suffers from a remote SQL injection vulnerability.
5635f83d5140df3514730ee273c03e6462d47c2b5d377363aa364dff173d40e2