Secunia Security Advisory - A vulnerability and a security issue have been reported in IBM WebSphere Portal. The security issue has an unknown impact and the vulnerability can be exploited by malicious people to conduct cross-site scripting attacks.
8c3a8e5994450df00d4ecad23eace2c92f4dac1012e84da8d670da587f4b4dad
Secunia Security Advisory - Fedora has issued an update for php-pear-Mail. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
bc235b91f178b19a5162931630d3b1972835ee10823fd03074a25dce4f7a1414
Secunia Security Advisory - Some vulnerabilities have been reported in ActivePerl, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the affected modules.
c38fd643354e41e9131eab38c6052034373f53260ed82861722e4ef7d6d2c619
Secunia Security Advisory - Red Hat has issued an update for dstat. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
6327412b51a95848ead716c0f8c03925d92cf9090d61b761222aabe35e1c2224
Secunia Security Advisory - Red Hat has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
b561c8728f3d32536dc7d5441113f4ce1e3d814b8a2e74a3957f0c6dfe39cc21
Secunia Security Advisory - A vulnerability has been reported in the kk_downloader for TYPO3, which can be exploited by malicious people to disclose sensitive information.
c8b56627edf7c2fcadf606618058282528da6535a0699039381f97985f3abd25
Secunia Security Advisory - A vulnerability has been reported in the Direct Mail extension for TYPO3, which can be exploited by malicious users to conduct script insertion attacks.
e35fb2be4910a569ce685cf2f3acfea7443df66526b734d59e49d01fe868e5bb
Secunia Security Advisory - A vulnerability has been reported in the Calendar Base extension for TYPO3, which can be exploited by malicious users to conduct SQL injection attacks.
7048fd02571e33d195526fb7410baa8affdb40f820e6e6fea97b2bfc943f86b5
XOOPS Smart Media version 0.85 suffers from a cross site scripting vulnerability.
00a4fd8b408b9b70eec892d43f5da1954be274c02f09aeb8a69337f9d0815e86
Asterisk Project Security Advisory - An attacker sending a valid RTP comfort noise payload containing a data length of 24 bytes or greater can remotely crash Asterisk.
36b56a28380039e2532e434853000794f007a636a0fa262cd6df0be8b4ee65e2
The XOOPS Content module version 0.5 suffers from a remote SQL injection vulnerability.
6a3c780e5b15c44056830f86ea4916c3f0b771ff609d59977a4a92ac0e43aa83
The Joomla Quick News component suffers from a remote SQL injection vulnerability.
94977fd302be8430e7859418de9bb67452a6cc29aa6c8956ac606b61ef60e574
The Microsoft Technet site suffers from a cross site scripting vulnerability.
d61673fd02d0875267fc7592faee93f0a7f9c3cd8d3dcfa9858b0dc274aae5d5
Mandriva Linux Security Advisory 2009-307 - All versions of libtool prior to 2.2.6b suffers from a local privilege escalation vulnerability that could be exploited under certain conditions to load arbitrary code. This advisory fixes this issue. Additionally, all applications embedding the libtool code were patched in order to avoid possible future exploitations of this issue.
6c3e5ccdc7414fb4d4e6692818c8d281fa7ac0bbdff3d1e65a37dd79454965f7
Eshopbuilde CMS suffers from a remote SQL injection vulnerability.
27b2848106f13ff7ea954f9050f364ebfc31aadfd109c859364af9796ab15707
dotDefender version 3.8-5 suffers from a remote command execution vulnerability.
b2caedab654ce37fb62c98601f2d827db89737d65074e93793a5959a729977b9
Robert Zimmerman PHP / MYSQL scripts suffer from an administrative bypass vulnerability.
f97e8b6d7bd606394614f991e7664683e84a7164e22ac24e33ad050e5d9624a0
The Micronet SP1910 Data Access Controller user interface suffers from a cross site scripting vulnerability.
d9a503a1a44bc6820fc8f86e8b2b7ae1e36618ab80bf1fa010e025b5d6b5f8aa
Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data.
323714ac23e242993c3ed269a2ac3ea0e9a36a33c94920c34418a988026a7d84
Millenium MP3 Studio version 2.0 buffer overflow exploit that creates a malicious .pls file.
e777809927f07ccd2f0c5846a11163475182240e4045503e5029a91ecad6140a
This paper explains the TLS / SSLv3 vulnerability for a broader audience and summarizes the information that is currently available. This is an update to the original release.
e3248ace7a5b9361f7b718d101f566a149375092c32ee63eca3bad0a84efdc31
pyForum version 1.0.3 suffers from a password reset vulnerability.
d4c51007d1f2103630400efe143135d7e436daa28dfba32fe67b2407b31b4981
sudosh3 is an auditing shell and filter based on sudosh2. It aims to improve file management and terminal emulation. Passwords are not recorded.
8a1099da9a6115db2cf70112aa48600bd056c868e98ac27e80b07bfab4b7b362
Adapt CMS Lite version 1.5 suffers from a remote file inclusion vulnerability. This is the same issue that affected 1.4.
e384170c61a5c1eed2a7f02d3005c5fd7504a982219eea0e849ff276da4a1704
Sugar CRM versions 5.5.0.RC2 and 5.2.0j suffer from remote SQL injection, unauthorized access, remote file inclusion, and code execution vulnerabilities.
c370b50f7ecb557a73820f6d5a6ebce4eff9879ae4443b4683dfaf0d5cfee27b