Secunia Security Advisory - xl4nothing has reported a vulnerability in the Personal Sticky Threads add-on for vBulletin, which can be exploited by malicious users to bypass certain security restrictions.
b7a3bdaa16a75b1cfc487425e0fa5600611a6e9a794f9d2f033b4d3207b7c06e
Secunia Security Advisory - Secunia Research has discovered a vulnerability in SAP GUI, which can be exploited by malicious people to compromise a user's system.
2607b59f1ceee4fd6934e60e66dc9a2a33d0a5ecb959f3697207cbdf71c94a5e
Secunia Security Advisory - ahmadbady has discovered a security issue in PollHelper, which can be exploited by malicious people to disclose sensitive information.
fa9dd48d7322e9a3c0a68434c8aad7d82b4b009f2983f33f9a64287182c33f65
Secunia Security Advisory - Red Hat has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
747dee0b12f3b05f98f52658eb3833042289a048ba53821d4df65cf078788a1c
Secunia Security Advisory - ahmadbady has discovered a security issue in BlogHelper, which can be exploited by malicious people to disclose sensitive information.
82b9de51f795bd1ab4d3315829091223c484bc60793a77717d598f78089347fd
Secunia Security Advisory - A vulnerability has been reported in OpenSSL, which can be exploited by malicious people to conduct spoofing attacks.
d7970ace50544d5a0df0d64631aa1b12a93e3de04b1a9d8c06cff1ebed891e2f
Secunia Security Advisory - irk4z has discovered a vulnerability in Joomla!, which can be exploited by malicious people to disclose sensitive information.
ec31297ec28fc70f250870508a37bb802a91737709b1bdf2ff6497cb2df4ee25
Secunia Security Advisory - Red Hat has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.
7687a20a85b68faf290b671ee2948b52686d818c083ed2b25c8f08f1fcf20e6a
Secunia Security Advisory - Red Hat has issued an update for xterm. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
5b0eef7151baf89e39e4f2b032b95ec73d4ee9efdebbf2fd7b11bf36875b2242
Joomla versions 1.5.8 and below local directory traversal exploit.
b373415c4b5b8f47227a38c016f5a75742c255f163420ceba814d87f65e6db17
Cain and Abel version 4.9.25 that outputs a file that must be imported as a configuration file under Cracker -> Cisco IOS-MD5 Hashes. Spawns calc.exe.
dfdf780499b9dafc44404d53c771a9894f588991d4e7ab8053396d28b706cfa8
PollHelper suffers from a remote configuration file disclosure vulnerability.
6773d5edbe7cf8cb506fb664714c0bf356f5423ea81348886da6dec1b066a3e4
BlogHelper suffers from a remote configuration file disclosure vulnerability.
e2915fe34f15fe9495dae55ae6194910ea77c2594a1c900d7ac5397df6c83c17
Debian Security Advisory 1694-2 - The xterm update in DSA-1694-1 disabled font changing as a precaution. However, users reported that they need this feature. The update in this DSA makes font shifting through escape sequences configurable, using a new allowFontOps X resource, and unconditionally enables font changing through keyboard sequences.
bd28e9c06f2e2a1a0f5ffca0f09dbbcde34b410e66ca333d4ea91a8dccfbae12
Ubuntu Security Notice USN-701-2 - Several flaws were discovered in the Thunderbird browser engine. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. Chris Evans discovered that Thunderbird did not properly protect a user's data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Several flaws were discovered in the Javascript engine.
b6cca8b4a0ada9843a17cd60ca12f09f4ce7f003175d38b562b60e18b3b1077d
Ubuntu Security Notice USN-701-1 - Several flaws were discovered in the Thunderbird browser engine. Boris Zbarsky discovered that the same-origin check in Thunderbird could be bypassed by utilizing XBL-bindings. Marius Schilder discovered that Thunderbird did not properly handle redirects to an outside domain when an XMLHttpRequest was made to a same-origin resource. Chris Evans discovered that Thunderbird did not properly protect a user's data when accessing a same-domain Javascript URL that is redirected to an unparsable Javascript off-site resource. Chip Salzenberg, Justin Schuh, Tom Cross, and Peter William discovered Thunderbird did not properly parse URLs when processing certain control characters. Kojima Hajime discovered that Thunderbird did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. Several flaws were discovered in the Javascript engine.
bde8c1eb9e592f8207701c4d7555f829f5c7f296cc697e00576cf9a67ec6ba8c
IP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.
2df257f16e934c0b0ebdd808b921e1439e1440cb8955bf5fae611757f531c71c
Debian GNU/Linux suffers from a XTERM DECRQSS weakness that allows for remote code execution as the user id viewing the content.
2cf126cfa15a92ef06cfb3ec5e1789cbdc1db4514c80b724ea3ff5178539d03d
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
3ddfd63687c1c9b617f2d29e57e312f5f8a39b9163539a30fe13d12a8bac172b
playSMS version 0.9.3 suffers from multiple remote and local file inclusion vulnerabilities.
642b8b764429de1bb2fe7e7cb94f5789dd39e15504435dc2f915b0b7d5711f82
Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL injection exploit that grants DBA access and creates a new user.
7b1b3f8b6e6da4321cb611707efc11a5823a38e94127e1305f135839082efcb6
Oracle 10g SYS.LT.MERGEWORKSPACE SQL injection exploit that grants DBA access and creates a new user.
b65150ef13b30d9109725e159bd6bdfdf6423220d0ca97792f5eb9706fc36b23
Oracle 10g SYS.LT.REMOVEWORKSPACE SQL injection exploit that grants DBA access and creates a new user using the advanced extproc method.
ea61089df359285afd1a484fd49e098b65fabb8415b8d5b2b17a538099bdb2ab
SeaMonkey versions 1.1.14 and below denial of service exploit that leverages a vulnerability found in September of 2008 for version 1.1.11.
145924eb21eb6a75847285f17724c7bbf7cd1e95415ecebf4e4bface10e60fb1
IT!CMS suffers from a remote SQL injection vulnerability that allows for authentication bypass.
92ea90cc0beae1cb44193d88f1242ac0c172d1c6254e69e9b157a29e6bb3b590