HP Security Bulletin - A potential security vulnerability has been identified with HP Select Access running on HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited remotely to allow cross site scripting (XSS).
66210de36a27f4b8171aac99c74cad04ede10914a017cf7eb43ecfaf20027a05
Personal Site Manager versions 0.3 and below remote command execution exploit.
372f8d1b42decdc5082a30a955afc5dc085044cd9257dd8eda866dd06344a8ae
Coppermine Photo Gallery version 1.4.19 suffers from a remote PHP file upload vulnerability.
b34c883c7280e4986196f02cc4c43ed2172a37b9cf67b47279be752c4a0556d3
The Oracle Application Server Portal 10g suffers from multiple cross site scripting vulnerabilities.
a2058580468d54d3295d3c90c7ede45a38a5eef3a30cfc9c97d7592c7faa7c26
Internet Explorer 7 clickjacking exploit code.
1e7ddcd6158a18b1a09957183f6b06152f49104e57d017d77e478253b454d6dc
WOW - Web On Windows Active-X control version 2 remote code execution exploit.
8a62e6e8ee1b220696af9d8e99fad8c546353389727e07afaec40abe37633df7
Debian Security Advisory 1715 - It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks (CVE-2009-0260). Another cross-site scripting vulnerability was discovered in the antispam feature (CVE-2009-0312).
6c6e3123163f34ab54bb206a191c80426831bbce34684883ea9df7ee7843b706
Amaya Web Editor versions 11.0 and below remote buffer overflow proof of concept exploit.
3b33c73eda4691c1ee2f13d78db8f910acfc116cfd3dbca78e2ae3296dbd8dd6
Thomson mp3PRO player/encoder denial of service crash exploit that creates a malicious .m3u file.
85516b60f7f668cadd6f353c364e053293a2abb0dbf27a4483fc826d19df8386
Ubuntu Security Notice USN-714-1 - A large amount of Linux 2.6 kernel related vulnerabilities have been addressed on Ubuntu.
56507138453c994fba1b52bdf86cf04f97679de73f738d0893e2f9d69cbcff46
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
b2ef5393184af31230d6e794d28c8389b934bee1b0dc928852b586c40e6fcfe5
Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in Amaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
e3c53c71439ba2e176818f10d81ef6330dfdf6a4d4228df25a4cfc968f1dd010
Secunia Security Advisory - Some vulnerabilities have been reported in htmLawed, which can be exploited by malicious people to conduct cross-site scripting attacks.
07e2bd86e30471e14bebcc7434d5fdf57be42837280ed2814a0d62d1b0a39f5a
Secunia Security Advisory - Debian has issued an update for moin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
e2ef9b004443add50b555ac4b9fe24703315d9ff291e9c2d490a25720edabac3
Secunia Security Advisory - Sun has acknowledged a security issue in Sun Java System Application Server, which can be exploited by malicious people to disclose sensitive information.
4e17996a35c1617a2924561359bbfb0fdd7ace295bec07576c74de6cbe304919
Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).
4901d1dd71d6282649f00498c9ee6c695443283f6d73eb22c02d62603d8a360f
Code that demonstrates the Google Chrome version 1.0.154.43 clickjacking vulnerability.
03574def8d9d7f4c377488d4c1a5b9243ec0d8f75e5d2d7f597a272799ae8201
FFmpeg contains a type conversion vulnerability while parsing malformed 4X movie files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of FFmpeg or an application using the FFmpeg library.
fdcf90835a6517d5d2a479f58cb2df9924557def551619884e79cb3f547d6180
Debian Security Advisory 1714-1 - It was discovered that an integer overflow in the "Probe Request" packet parser of the Ralinktech wireless drivers might lead to remote denial of service or the execution of arbitrary code.
05a5adea0d8ec28c0010e75b95a578fbe74e1759d8175b86d33a04c0cea7878d
Debian Security Advisory 1713-1 - It was discovered that an integer overflow in the "Probe Request" packet parser of the Ralinktech wireless drivers might lead to remote denial of service or the execution of arbitrary code.
68f93e87aeb3723d64ef0ed09181b91f5c6221b04ebdc9900b50af215e4bf67e
Debian Security Advisory 1712-1 - It was discovered that an integer overflow in the "Probe Request" packet parser of the Ralinktech wireless drivers might lead to remote denial of service or the execution of arbitrary code.
806d1b0b94508c455675218ab282784460171f46e59d0aa75263b9520e2dfd97
Core Security Technologies Advisory - Multiple stack buffer overflow vulnerabilities have been discovered in Amaya, which can be exploited by unauthorized people using crafted web pages to compromise a user's system. Versions 11.0 and below are affected.
4f5fe11c68b25a031c852b7dc492461acfaa7a12adbc0ba45ed0651a87ee791a
SmartSiteCMS version 1.0 remote blind SQL injection exploit that uses articles.php.
8dc4d65963b9a2e3ec5485d75b7c08e6c1985ae66c0fe9a9e27eff286bdfcbb5
The Google Chrome browser versions 1.0.154.43 and below suffer from a clickjacking vulnerability.
27dcfcdabbcecce3e8e4b66b1588af2538f343cb247465ef7a0c037215785377
Social Engine suffers from a remote SQL injection vulnerability in blog.php.
250d58cd724dbf96f25515b1811cc40a57dd614cb233d80da00e837194214d87