Secunia Security Advisory - rPath has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
2b6bab3c14183dd8d5bbaf15a38bf2e1b33e855b5635c6677411cf9b733764e4
Secunia Security Advisory - A security issue has been reported in futomi's CGI Cafe Analysis of High-Performance Access CGI, which can be exploited by malicious people to hijack a user session
a4dc3dc538dd410c49a6553f98d70b835c1bc032cde9d066f30a3b2fdd2fd057
Secunia Security Advisory - Some security issues have been reported in MailScanner, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
43e50c4538d372f58f42c7a7286379e1c6b2d98fc8f4a60a51d4b41fa021d50c
Secunia Security Advisory - x0r has discovered a vulnerability in phpAddEdit, which can be exploited by malicious people to bypass certain security restrictions.
52e4ee4720f0aafdf38bcace4eab549da620b7848d577297c704a836254ed048
Secunia Security Advisory - AlpHaNiX has reported a security issue in multiple The Net Guys products, which can be exploited by malicious people to disclose sensitive information
78e4d9847d4d8cdd93c285ee19e3fa3860d0f82820d9328ca29d0a2af8e4d51f
Secunia Security Advisory - Sina Yazdanmehr has discovered a vulnerability in ASP-CMS, which can be exploited by malicious people to conduct SQL injection attacks.
4f9485f4673cd4afbfe3ba9cce1786ff3e91964052bfede032910920595ff649
Secunia Security Advisory - Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
6995a9476a90da4ca3e261909ffd0bfd02dfc63e3ff5e2033879df22f25dab49
Secunia Security Advisory - IBM has acknowledged a vulnerability in WebSphere Portal, which can be exploited by malicious people to bypass certain security restrictions.
eb6c5b77eb76658c2a2ca2c87e08a555840725ecdf1d46a77bc08591974589d0
Secunia Security Advisory - Cyb3r-1sT has reported a vulnerability in Social Groupie, which can be exploited by malicious users to conduct SQL injection attacks.
0577cd7fbecaa3fc2de1b12bf77032a486841f3e64ae418d7a575dc752b8e5b1
Secunia Security Advisory - 0in has reported a vulnerability in Livebox TP Router, which can be exploited by malicious people to cause a DoS (Denial of Service).
dd34c4e6572015a2c29402e01e7bad644b58e5f55fd19ec5850c6df558877b87
Microsoft Internet Explorer 8.0 Beta 2 suffers from various security holes relating to the Anti-XSS filter it has built-in. Examples of how to bypass this filter are included.
bf1c3a2b9bde334002cee2e30b1693e6e24476d9f1a2f9b5fe1957f34d5fed62
Affiliate Software Java version 4.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ea6637a5499244e895507f434695e8ee896a0b35e100979d85c2f290d6ad8090
Ad Management Java suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3e4e3418264b3cd25c5929f101b903b3de2b932acaaad552c1b5dfe730463a5e
Banner Exchange Java suffers from a remote SQL injection vulnerability that allows for authentication bypass.
553db84512b19a2d82c6943b0f2066b38afe5e555a6394ef3c6eb6853bd6ab8f
PHP Support Tickets version 2.2 suffers from a remote file upload vulnerability.
b786a54691b05645c9e9875ed039083a194e40fcf4443216048d7bf53919ed04
This was posted to Full Disclosure today. It appears that Checkpoint VPN1 source has been stolen and a remote root exploit is circulating as well.
f06d63693b43f4f11a20b5e0573d30f86a2e55aa2ca9e64486e0f32979f689b8
Secunia Research has discovered a vulnerability in BrightStor ARCserve Backup, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to insufficient validation of "handle_t" arguments passed to RPC endpoints. Passing object pointers to procedures that expect different types can result in arbitrary code execution. CA ARCserve Backup 11.5 SP4 build 4491 is affected.
e2a11f405220b9f29248d5ad13bb5f7b5c4b3427fdd20d80cf7519bac87cd5c3
evCal Events Calendar suffers from a remote database disclosure vulnerability.
d1786b4c21f502338e6c07b9e85d40448cc48fe1486bbc9f3dae881f455c0a6d
Factor suffers from a remote database disclosure vulnerability.
1482317f82c02afb11a92c6efa37f2704c00f6895132a039240e76c681d81b9d
MyCal Personal Events Calendar suffers from a remote database disclosure vulnerability.
3a65c932c404bf026ef0470bff2bfc5d23b0b4698937ee1d3a5472de89e65bbf
eZ Publish versions 3.9.0, 3.9.5, and 3.10.1 command execution exploit that requires administrative access.
68e29944a27bb34a03e9a90e020a8870df6664ed600fbf8de4aa6046b7736220
aspProductCatalog suffers from a remote SQL injection vulnerability.
66844fdcbde177ae264e502aefe21d0ba7ce5b29832a4406b9065973be71da5f
Asterisk Project Security Advisory - There is a possibility to remotely crash an Asterisk server if the server is configured to use realtime IAX2 users. The issue occurs if either an unknown user attempts to authenticate or if a user that uses hostname matching attempts to authenticate.
ef23e216fc8fbfffc2d988c07ff4844b1d8aeaf228f027c02fe7ede7f6bb7006
Feed Cms version 1.07.03.19b suffers from a local file inclusion vulnerability.
aa3cc6dd724502294a23729019629a95fe401fd029b1be8715c7fe76d8cf360c
phpAddEdit version 1.3 suffers from a login bypass vulnerability via cookie manipulation.
d0f2e13bebe9707a65373668eb8b9a47de9d4c6c388fa1a26e1e763ad2552ea7