Secunia Security Advisory - Ubuntu has issued an update for libthai. This fixes multiple vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
ac851adb2b33382ce748e4e09409a6156190db6ba2a8745ff7adc1a31987000f
Secunia Security Advisory - Red Hat has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
92cddde63a35882d5caf46c5176786da0ee0b9ece7b3a2a0f0b6d0619c6ba593
Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
b0b58b74b11a5ad7b69164755ba8de684098739460d138d9e30cef1eed03b8a5
Secunia Security Advisory - SUSE has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service) and by malicious people to potentially compromise a vulnerable system.
fd8d4350b221518320e04a5fb523db414183f43fda244be9021698fdc99dcb28
Secunia Security Advisory - A vulnerability has been reported in PHP MySpace Gold Edition, which can be exploited by malicious users to conduct SQL injection attacks.
2cd5aa392bdf3325f09ac18cfb2accfec153aec31e4209d96d97569b10a16757
RM Downloader version 3.0.2.1 .m3u related buffer overflow exploit.
6b2ea67c4211eb6bac7bb8273aad0a5657e969abff8952686471f7f72660f2fc
SAP WebAS Integrated ITS suffers from a remote command execution vulnerability.
6235e661b3b9fe406aecbd27c564491890152c26c55f0577cd6fc7e05d2762ae
S.O.M.PL. aka Simple Open Music Player suffers from a buffer overflow vulnerability. Proof of concept included.
49c43c6a08970bf5d2ba90f05fbace520df46cf05783346936b3a3b9032389c1
Mandriva Linux Security Advisory 2010-016 - This advisory updates wireshark to the latest 1.2.5 version, fixing several bugs and two security issues.
ac25f65056b0e137705c0ef7752892866b7c332f607a352d00ee00a16e7b86e9
Microsoft Windows suffers from an user mode to ring 0 escalation vulnerability.
7279c4aa557c7c62c2276ce4f89e53e2f9c65e8ca3f46f95eeaf08402da40da1
Blaze Apps versions 1.4.0.051909 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
78710e3daf90732f6475fb0288c6563d5ec21f8b3e5b4b8278c2e04ac7dcdaa1
This program acts as a web server that generates an exploit to target a vulnerability in Internet Explorer. The exploit was tested using Internet Explorer 6 on Windows XP SP3. The exploit's payload spawns the reverse shell on port 4321.
ab2a1d87629817552f759eb513f5d1a6f9f28b09bbba227396d4eff7c17afd14
Mandriva Linux Security Advisory 2010-018 - libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors. libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors. scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. This update provides phpMyAdmin 2.11.10, which is not vulnerable to these issues.
465d04ba76b44a7e66d801bf38cc94126b1c5b15996fd17727056b7716222fff
Pidgin MSN versions 2.6.4 and below file download proof of concept exploit.
5533dee79bd4ed67416ec233d6b4b1a39fb1cdcc74e36f834c33a8f43ae553a7
HP Security Bulletin - Potential security vulnerabilities have been identified with HP Power Manager. The vulnerabilities could be exploited remotely to execute arbitrary code.
75dc8a05f116b4ff10d5280b49741f919e170bd154f9b188374109751a2eeee9
Microsoft Windows Defender Active-X heap overflow proof of concept exploit. Version 2 of this exploit.
417678d83da68079f21ccf2b6eec2685f677ead666201a5756a283e0aacadcd4
Microsoft Windows Defender Active-X heap overflow proof of concept exploit. Version 1 of this exploit.
2708df7f823d1b63b5cf97623c36b7194467a52b812f8f3560d7bbb34e6650a9
CYBSEC Security Advisory - FreePBX version 2.5.1 suffers from a remote SQL injection vulnerability.
026a6ed661d4917cd101f28c3c89107f8112ab835545d2385cac3dd86544ac06
C99Shell version 1.0 pre-release build 16 suffers from cross site scripting vulnerabilities.
d6ff6b592e75b1cb28edb40514da0aa5a1b8801f3471fa8f86cfd0ba3edbb773
Whitepaper called SynFlood DDoS Attacks and Prevention. Written in Turkish.
74424321135e53f97b0c3e9902e60c9c432956017d99843bffe771c6fbad10d4
PHPMySpace Gold Edition version 8.0 suffers from a remote SQL injection vulnerability.
fb05033daa78029df328af4881f326213f1199f0a16979cf31b81a9ae2ef3cfd
Mandriva Linux Security Advisory 2010-017 - WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
5b4843eb8fd87e50c463fed2a1697b702750dfd1be042b47462472371bd6e626
Al3jeb Script suffers from a remote SQL injection vulnerability that allows for authentication bypass.
65fcf686b7607a621afc107157d11cc0aa179c8c45c150521131adbaf1e7065a
Mini-Stream Ripper version 3.0.1.1 .smi local buffer overflow proof of concept exploit.
bf344bc7af1ca776d404dd1c845118504cddaeaed9306d2d680001f386b5e466
MP3 Studio version 1.x local stack overflow exploit that creates a malicious .m3u file.
6db61c7814a176520bc3b4ee1e05ce7261fc648b6afe336a133c29396317603f