Drupal's Node Blocks contributed module versions 6.x-1.3 and 5.x-1.1 suffer from a cross site scripting vulnerability.
f68289c50815198eb6810c53c0b4256c3c719ad48903426b5a1dcdac4b55f1b8Zenoss version 2.3.3 suffers from a remote SQL injection vulnerability.
8ae88b4d12441e5901a34796eae64264167b57c8699772ac793843d616c0949eA vulnerability exists within the Forms Data Format (FDF) built into Adobe Acrobat Reader which allows an attacker to inject JavaScript into a Portable Document Format (PDF) file from any domain on the internet. Successful exploitation of this issue results in the potential disclosure of sensitive information or other cross-domain attacks including cross-site scripting. Adobe Reader and Acrobat versions 9.2 and 8.1.7 and earlier versions are affected.
11aefc4cc22cb57b7a9c981675a064416678a375d13937f94dd4c761ccfb4031Secunia Security Advisory - Gentoo has issued an update for aria2. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
5e37bfb9f87a4147bf619f338ae3e16ca162149b915c639b35576c8935517743Secunia Security Advisory - Debian has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
df6aac0bc0d6c17ab4f62c1e07c9e5c1d91c421a8b1efced9958d341f5db49e5Secunia Security Advisory - Gentoo has issued an update for VirtualBox. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to gain escalated privileges.
f48c51b0cb5fecabb25b866b0812caefa41dbdc316a246d7d85c3ebf725ff506Secunia Security Advisory - A security issue has been reported in TYPO3, which can be exploited by malicious people to bypass certain security restrictions.
d59390f052ae8bbb29ecae0c73f809a536d1aa0e356994e963249ea9209f2dcfSecunia Security Advisory - A vulnerability has been reported in WebSphere DataPower, which can be exploited by malicious people to disclose potentially sensitive information.
3b77f92e41f01b20deeb875ae1a7d10782270eba788926eda35a13f2bbd47c34Secunia Security Advisory - A security issue has been reported in E-membres, which can be exploited by malicious people to disclose sensitive information.
51eabb377626aef75797e215f2ea991d506b0cee4f3dd28fffa5d99b64c7e280Secunia Security Advisory - A vulnerability has been reported in ProArcadeScript, which can be exploited by malicious people to conduct SQL injection attacks.
47dcc9a5a80b4f4d67b7d21a7fe5d23cca78ebdb468c722eda5855c8b9a1a13bSecunia Security Advisory - A weakness has been reported in Cherokee, which can be exploited by malicious people to manipulate certain data.
235703afd3223a9b15d1f48a68bf902fad9c1a11218e9979e45635f74bc401d8Secunia Security Advisory - A vulnerability has been reported in D-Link DKVM-IP8, which can be exploited by malicious people to conduct cross-site scripting attacks.
7348f5e95136336a312021bc145ef65266d18f09615da5fe16c51c9413952b83Secunia Security Advisory - A vulnerability has been discovered in Todoo Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.
4466c8adc46c5ddf8cbd9fa9fac8e1cc35386b2b2be2f3b6b28c1594b0c7b514Secunia Security Advisory - A security issue has been reported in multiple Panda products, which can be exploited by malicious, local users to gain escalated privileges.
affac120794de8bde72cc5062675f17656aeee67d94d77b1e133cc337f5f465bSecunia Security Advisory - A vulnerability has been reported in Glitter Central Script, which can be exploited by malicious people to conduct cross-site scripting attacks.
aff5a22e0c08b76639003d27bfad511ee16a09761548d6097d8497506b438938Secunia Security Advisory - MustLive has discovered a vulnerability in the JVClouds3D module for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.
3a7b1825a161b6caf9a005469446bf3d9f489f447730b1375120675a917d3e26Secunia Security Advisory - Some vulnerabilities have been discovered in Active Calendar, which can be exploited by malicious people to conduct cross-site scripting attacks.
82629c11c983c7ac5f2189c7de8e09145a529b26fc10455a4405d2045e87e819Secunia Security Advisory - Some vulnerabilities have been reported in Kerberos KDC, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
bb6fffa33c093364daf963e58bc3fc6132e535e6873dc8d77b9680f1b51efa6bSecunia Security Advisory - SUSE has issued an update for java-1_5_0-ibm. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.
2a50e511023e0de5da36ce71efc484a6f927c3c709680605dd7153edef8513f8Winamp versions 5.05 through 5.13 .ini local stack buffer overflow proof of concept exploit.
e5862cc513ec580a652b913188b7b7c0f4287a97d191bfbe1ada137d8251baf2Mandriva Linux Security Advisory 2010-006 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
9f70ce78c2c0b634beeb98136eb345b2a70b61ec35ea940051ea6afab678304cUbuntu Security Notice 884-1 - It was discovered that OpenSSL did not correctly free unused memory in certain situations. A remote attacker could trigger this flaw in services that used SSL, causing the service to use all available system memory, leading to a denial of service.
a9b05590692d100e7556af1f54431d49557330812290560f6ac4bab969ab8c9bCiviCRM version 3.1 Beta 1 suffers from a cross site scripting vulnerabilities.
9c385dd7f21fa4b7ac3daee61f0efffca14768b60a3f579137854a0c44a87584HP Security Bulletin - Potential security vulnerabilities have been identified with HP Web Jetadmin. The vulnerabilities could be exploited remotely to gain unauthorized access to data or to create a Denial of Service (DoS).
9405aa684a4b478c71642f39a90402728a865d1a300563c907567659daf8576bCore Security Technologies Advisory - Google SketchUp is a 3D modeling program designed for architects, civil engineers, filmmakers, game developers, and related professions. Google SketchUp bundles an old version of 'lib3ds', a library used to process 3DS files. This library is being compiled in a way that leads to improper validation of data when importing 3DS files; this condition can be exploited by remote attackers to trigger a memory corruption vulnerability by enticing an unsuspecting user to open a specially crafted 3DS file, possibly leading to arbitrary code execution.
2f4f0b2f8e854921c30156980745b90a334a85148a9703a687f78ac65ba78572
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed