Secunia Security Advisory - kaMtiEz has discovered a vulnerability in the Survey Manger Component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
96c6214858b2872849bb0c546232cac74ccb4d5ff1b534b2575625200e7215d7
Secunia Security Advisory - kaMtiEz has discovered a vulnerability in the SportFusion component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
eee46ebd9175f37a2ea3b804d615bf6f35277cfd8260b08db7934b637e1bf1ec
Secunia Security Advisory - reza masouri has reported a vulnerability in HBcms, which can be exploited by malicious people to conduct SQL injection attacks.
a7c6d9af15ad34d6d492c9003b2667f63485d022fa938ca526687f270d994b10
Secunia Security Advisory - A vulnerability has been reported in Vastal I-Tech Agent Zone, which can be exploited by malicious people to conduct SQL injection attacks.
bacf34900bec90956c3dff4fd48956a0c3ac454ce445ab893437bb50cbdddff3
Secunia Security Advisory - Check Point has acknowledged some vulnerabilities in various Check Point products, which can be exploited by malicious people to cause a DoS (Denial of Service).
556b4e6e354415bfe496472f3fb45143de887133292a8811ffc3d67891cc2505
Cisco Security Advisory - Cisco devices running affected versions of Cisco IOS Software are vulnerable to a denial of service (DoS) attack if configured for IP tunnels and Cisco Express Forwarding.
9e326ad4235077e196ba35b36642b5446a77b16443666083c36c9916f9d78bf5
Cisco Security Advisory - Cisco IOS Software configured with Authentication Proxy for HTTP(S), Web Authentication or the consent feature, contains a vulnerability that may allow an unauthenticated session to bypass the authentication proxy server or bypass the consent webpage.
4002d01a35771ade6caa02a688d26d25aebc7170ff471379b3985e35296e1c62
Cisco Security Advisory - Cisco IOS Software contains a vulnerability that could allow an attacker to cause a Cisco IOS device to reload by remotely sending a crafted encryption packet.
47fb9886ecf23cc2946737fdbbc5ac24730c9ed39bd65b68920dcc2b3ea83e38
Cisco Security Advisory - Cisco IOS devices that are configured for Internet Key Exchange (IKE) protocol and certificate based authentication are vulnerable to a resource exhaustion attack. Successful exploitation of this vulnerability may result in the allocation of all available Phase 1 security associations (SA) and prevent the establishment of new IPsec sessions.
93d087add2aa98f48f99754533defda84b08580dde2959168180d6a433e49f89
Cisco Security Advisory - A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that could allow an unauthenticated attacker to cause a denial of service (DoS) condition on an affected device when the Cisco Unified Border Element feature is enabled.
065a92c26a6605d9ff9f0e11fdcfaa85bf19fd667cac88187468442d78171de1
Cisco Security Advisory - Cisco IOS Software with support for Network Time Protocol (NTP) version (v4) contains a vulnerability processing specific NTP packets that will result in a reload of the device. This results in a remote denial of service (DoS) condition on the affected device.
7dcf81a0b70851d07a4f95d21ebd6857527bc394afd37d611315476aa87e1eb6
Cisco Security Advisory - Cisco IOS devices that are configured with Cisco IOS Zone-Based Policy Firewall Session Initiation Protocol (SIP) inspection are vulnerable to denial of service (DoS) attacks when processing a specific SIP transit packet. Exploitation of the vulnerability could result in a reload of the affected device.
98453d38f122d517a73239baf333efa68ec75dce025696b1b20815da28f63a23
Cisco Security Advisory - The H.323 implementation in Cisco IOS Software contains a vulnerability that can be exploited remotely to cause a device that is running Cisco IOS Software to reload. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate the vulnerability apart from disabling H.323 if the device that is running Cisco IOS Software does not need to run H.323 for VoIP services.
fef6fe9655ec47690f1d265dbcbb3aaf9639ded34cf31a1756d57b9d3957f567
Cisco Security Advisory - Cisco IOS devices that are configured for Cisco Unified Communications Manager Express (CME) and the Extension Mobility feature are vulnerable to a buffer overflow vulnerability. Successful exploitation of this vulnerability may result in the execution of arbitrary code or a Denial of Service (DoS) condition on an affected device.
9f61f0eeb85ad149cf4c19fd8ab49f6492572d1cd08f15fb49460eb1c44b98ad
Cisco Security Advisory - A vulnerability exists in Cisco IOS? software where an unauthenticated attacker could bypass access control policies when the Object Groups for Access Control Lists (ACLs) feature is used. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability other than disabling the Object Groups for ACLs feature.
2cda9babc6ab98cfea35753b08b4e5bd44364d003c1fa20bd5d02df2d405f936
Cisco Security Advisory - Cisco Unified Communications Manager, which was formerly Cisco Unified CallManager, contains a denial of service (DoS) vulnerability in the Session Initiation Protocol (SIP) service. An exploit of this vulnerability may cause an interruption in voice services.
d80f694eb047ded890bd9cfbe2f849b7b861c36f747f0c16c3a86f34786a1078
DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.
bef4666115dc841aa9261669119e5ee6e78da744fd55f10e95aa28b5d07cc1d8
Ubuntu Security Notice USN-836-1 - It was discovered that WebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. Several flaws were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that WebKit did not prevent the loading of local Java applets. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.
1c9bed36021cbb768ac65baaec91d4ccb8ffeca2322f4d7bc8d1f4e47ece30dd
OSSIM version 2.1 suffers from remote SQL injection and cross site scripting vulnerabilities.
31590c2bdf308af37cb1e4d83e40a201d400d27d16605f39f61005f27bfd5f6e
nginx version 0.7.61 suffers from a WebDAV copy/move method directory traversal vulnerability.
7b4a38163573c74eaf582034e58861d28cafc0a15ba48b2128977ec6ff7ac759
Cour Supreme suffers from a remote SQL injection vulnerability.
b850d605bbd952e9eb6e5efa3cba3086d3cdca6fdca0cc67644897923553ba8d
Zero Day Initiative Advisory 09-066 - This vulnerability allows remote attackers to execute arbitrary code on vulnerability installations of Adobe RoboHelp Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the management web server listening by default on port 8080. The Java Servlet handling POST requests to the server does not properly sanitize user input. A specially crafted request can bypass authentication allowing an attacker to upload and execute arbitrary files. Successful exploitation can result in complete system compromise under SYSTEM credentials.
b4bfe8551f748ba77ce6c817e898a70259d1e837a4f4396c5a11a5187a80c79e
Avast Antivirus version 4.8.1351.0 suffers from local denial of service and privilege escalation vulnerabilities.
d6451933802d3df89f2a5ce8ca47d3117537e0d2be76920dab7aa891534c3619
Debian Security Advisory 1893-1 - It was discovered that the SIEVE component of cyrus-imapd and kolab-cyrus-imapd, the Cyrus mail system, is vulnerable to a buffer overflow when processing SIEVE scripts. This can be used to elevate privileges to the cyrus system user. An attacker who is able to install SIEVE scripts executed by the server is therefore able to read and modify arbitrary email messages on the system. The update introduced by DSA 1881-1 was incomplete and the issue has been given an additional CVE id due to its complexity.
7cc84f9d81089816b231888b54423e78094c839d60a333567463949319d07201
Debian Security Advisory 1892-1 - It was discovered that the SIEVE component of dovecot, a mail server that supports mbox and maildir mailboxes, is vulnerable to a buffer overflow when processing SIEVE scripts. This can be used to elevate privileges to the dovecot system user. An attacker who is able to install SIEVE scripts executed by the server is therefore able to read and modify arbitrary email messages on the system.
1e397e9152a659f46c090079c2cfa537c94c26a24228f0d5373aa8bb6b50bc9a