Core Security Technologies Advisory - Openfire is a real time collaboration (RTC) server licensed under the Open Source GPL. It uses the widely adopted open protocol for instant messaging XMPP, also called Jabber. Multiple cross-site scripting vulnerabilities have been found, which may lead to arbitrary remote code execution on the server running the application due to unauthorized upload of Java plugin code. Openfire version 3.6.2 is affected.
f46e4ca282bdf252d717639700d9ca97890a7cb9bfe96a0c6f0efb09b2ca85f0
GOM Player version 2.0.12 stack overflow exploit that creates a malicious .ASX file which will spawn calc.exe.
2648e1de1d28a8ed1637ad2f8caa8a5a386c4c2ea4085a2316ea64e39b6184da
Pizzis CMS versions 1.5.1 and below blind SQL injection exploit.
62b48dc28768505760d261f48e5730d64d7cffdf04f9662fb0440b64cfb4ff90
LayerOne 2009 Information Technology Conference Call for Papers - The sixth annual LayerOne security conference is now accepting submissions for topic and speaker selection.This conference will be held May 23 and 24, 2009 in Anaheim, California.
a2306086e0eb952784ad950e4b25d06684e8ca7a8e6ffb50eb044f5dc08163f1
XOOPS version 2.3.2 remote php code execution exploit.
15217ac9595740e295f7e7cc9aba9dc3b24baf8832c212343ae0c7bf2418d2a9
IntelliTamper versions 2.07 and 2.08 Language Catalog SEH overflow exploit.
bb4fc74610b73533bc64a6dd2b224001fc3c046a0a09dd1c3ef84a7a1104cc63
Ubuntu Security Notice USN-705-1 - It was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature.
d433be9481ba7c4b533df5af3d86a31d25305815815233f66d94e668897e6dee
The PHP-Fusion vArcade module version 1.8 suffers from a remote SQL injection vulnerability.
a7624b882079817144ff7e079b7b2e20d633e652ad19ae84bbade30811865171
CuteNews versions 1.4.6 and below remote cross site scripting and remote command execution exploit.
47dc340b58d3dbb45286e904177789782043fd553a7083666a189192b10bc118
Secunia Security Advisory - A vulnerability has been discovered in Symantec Mail Security for SMTP, which can be exploited by malicious people to cause a DoS (Denial of Service).
617117238160b32f2adad3a6cf29a16209d80ec0c92cd7c55105bab85ed54e03
Secunia Security Advisory - Some vulnerabilities have been discovered in RiotPix, which can be exploited by malicious people to conduct SQL injection attacks.
0a1671d62e3ff997cebd345296f43ec6e487779dd35fedfb5920ad417abe4d97
Secunia Security Advisory - Fedora has issued an update for am-utils. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
55a328731934ddcd7a69036036b807550b8863bf54b0652f8ed45f5ac2927e5a
Secunia Security Advisory - Fedora has issued an update for xterm. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
93e91f83ec38df5783622f79da5272c67d02ead2260c0cb025d65532500e3761