Secunia Research has discovered vulnerabilities in Trend Micro Network Security Component (NSC) modules as bundled with various products. These can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.
5b5de053e6d625822504987e45ced7ca8fde5c1b4c6de316295e4d04a0d56dbdDodo's Quiz Script version 1.1 suffers from a local file inclusion vulnerability in dodosquiz.php.
ab94a979e7893e7229ec8d733242d1bc73edc9ee00fccbe569470ca1dd5cc570openAcunetic is an open source java-based web application vulnerability scanner.
0f54c34b400f277378cf94969b4343cb6d90574f229786adbbf0ec2258d03503The Oracle Containers For Java (OC4J) in the Oracle Application Server 10g suffers from a directory traversal vulnerability.
d382fb99ab02805477ef1961d910f2d0495189ba45d6a79eff38e57289168967A directory traversal vulnerability exists in the OBEX FTP service in the Microsoft Bluetooth stack as implemented in Windows Mobile 5.0 / 6 devices.
95339cb6c88198101aa58c039084a0716173bceced5f132981d0c227944e0d77Cybershade CMS suffers from a remote file inclusion vulnerability.
3bdba5ddbca7ba90f12773df5588a7df5b410963c0ed960cde912ddace38f3a7Joomla com_waticketsystem blind remote SQL injection exploit.
b4287e62ebd235d30e03f752d31e3b312572a164fd4f8641cc7327ea7919efcfafick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
c3070a5715957e2d8f94273a98bc4f922f8d2077847b1e2c87f41ca241e65b61Mandriva Linux Security Advisory 2009-019 - A vulnerability has been discovered in the load function of the XPM loader for imlib2, which allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XPM file. The updated packages have been patched to prevent this.
73a97dd51e4154a413d606b62ec901993627719aee7635186cba2f5e5ab6e85aThe AXIS 70U Network Document Server suffers from privilege escalation and cross site scripting vulnerabilities.
325620ec912bf03a65d863de04d8f8b613d58c9041732106c5d7777d8abe765ePHPAds version 2.0 suffers from administrative bypass and cross site scripting vulnerabilities.
c12bcdb2388d348913cec836ab01dc0db9ea270c2b7fe5435a04997858b9eb93RCBlog version 1.03 suffers from a remote authentication bypass vulnerability.
da5417acc6ca4dc1f2a03a7e2dcad56f2148ebabd28197a5fa86f28d560a7513Wintercore Advisory - PXEService.exe is prone to a remote buffer overflow due to improper bounds checking when handling PXE requests. A remote unauthenticated malicious attacker can take advantage of this flaw to execute arbitrary code by sending a specially crafted UDP packet. SystemcastWizard Lite versions 2.0 and below are affected.
1e4e1fc447fa7a1d81f5dee9dc92ca06a9dc682581918bf7809c0defad38df4bDebian Security Advisory 1708-1 - It was discovered that gitweb, the web interface for the Git version control system, contained several vulnerabilities.
a85d54391b9a0dec2fa27e6fd569312f862e2f7682c8ac9d941e8370225058fbAJAuctionPro OOPD version 2.3 suffers from a remote SQL injection vulnerability.
95042fe624dabfa3be6821a96f183cf6c7564603b8547f201f4c23fc62df7bd7This file documents recent incidents that have been reported to the Web Hacking Incidents Database (WHID).
ff37a59381e965e20aa2bf1ee57101c6ce54502a13d33c97989767eabd92f9ffBrowser Fuzzer 2 (bf2) is a comprehensive web browser fuzzer that fuzzes CSS, DOM, HTML and JavaScript.
9c0853e1720bef8ed4d5727782ddb76c3ffde6981e51439d0fe5e1c930239e27Max.Blog version 1.0.6 arbitrary post deletion exploit.
21810211c2c035878884e489b8b21bcf5bdaf6b13e0721544b781c41b40d960853KF Web Instant Messenger suffers from cross site scripting vulnerabilities.
4bc97a975505c79d3be2ad3a4be1d64fec853f8c95472df5a857306e86911555Ninja Blog version 4.8 suffers from cross site request forgery and cross site scripting vulnerabilities.
5fbe07eb78e8f607da18b753d206d57a195804171d49b6c8158f3636bfdc2b5eNinja Blog version 4.8 suffers from a remote information disclosure vulnerability.
1ac8fb81127a7b04e575118d9675250f9a679afb9faf5e72a948f869c9a46498Gentoo Linux Security Advisory GLSA 200901-12 - A buffer overflow in noip-updater can lead to arbitrary code execution. xenomuta found out that the GetNextLine() function in noip2.c misses a length check, leading to a stack-based buffer overflow. Versions less than 2.1.9 are affected.
f1bcd3a344d56136356bfd4a55b9b152edc291fc676accc64c95aac9747954d5Various Ralinktech wireless card drivers suffer from an integer overflow vulnerability when receiving malformed probe request packets.
ae16ac53a7a29c00f338e19e014d2ed2d63c217b91173699758d476c2704fb44The Joomla News component suffers from a remote SQL injection vulnerability.
2833670d93b8335ecf34fa7255003169ff76b189ee490bebbca5674965cf9adfJoomla com_pccookbook blind remote SQL injection exploit.
05e8e1cbd1abf9c196f6f1c5072a1dfb2a5f0d8c81ea7a2e82a777c78d1e6f41
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed