Secunia Security Advisory - Debian has issued an update for apache2. This fixes some vulnerabilities, which can be exploited by malicious people to gain access to potentially sensitive information and cause a DoS (Denial of Service).
c4ce7eec0616d3488541e67050dc5be3be50de1c73c602792c5e7ee4c2485016
Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in e107, which can be exploited by malicious users to conduct script insertion attacks or to compromise a vulnerable system.
49123e7fcfbdcd34b94ca961d9f0a69034aea1dae73cf1ad362a5eb21c9371fc
Secunia Security Advisory - Debian has issued an update for kdm. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
b2a2990e78ed5573402f8f6828864c1ddac30c8dc2bcd70e826bf151b2d29de2
Secunia Security Advisory - Some vulnerabilities have been discovered in openMairie openScrutin, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.
56330adf544fc5a9b4ed5fe33b48767eb92532da489d18694b848a423043efb9
Secunia Security Advisory - Debian has issued an update for pidgin. This fixes some weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service).
7eb5576a3be0f85defad90eee90369257be958aab1ad079f0c1a53e5a63a033e
Secunia Security Advisory - Fedora has issued an update for openssl. This fixes some vulnerabilities, where one has unknown impacts while others can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service).
804c6e13bb3ec5f95274898d3e2f75ee6075546f4b342cbd3ef1852b4d21a247
Secunia Security Advisory - Two vulnerabilities have been reported in AgentX++, which can be exploited by malicious people to compromise a vulnerable system.
fb34f14423a0eb13479ff52b8773e9b0b8ac3836fe1de3f6c8ad439d49765773
Secunia Security Advisory - Fedora has issued an update for kdebase. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
7502eb06b99d0dfeb6bcb0e3bca59f762deb77442376149b4a7cb26cbea8e54c
Secunia Security Advisory - Valentin Hoebel has reported a vulnerability in the JoltCard component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
e3400a155f888100f9955b1def61e3da44a2009028631e406fed277d74913a95
The Joomla GBU Facebook component version 1.0.5 suffers from a remote SQL injection vulnerability.
d9cfb90388cc56dba60fd7eb6a09c8b3e44303637719ffe14aaf5f340b3812ac
sudoedit as found in sudo versions 1.7.2p5 and below fails to verify the path of the executable and therefore allows for an easy to exploit local privilege escalation vulnerability.
a12883304c4dce1e37de911cb644e89a0c117cf64d9679955b98211211bdd18a
Ubuntu Security Notice 932-1 - Sebastian Krahmer discovered a race condition in the KDE Display Manager (KDM). A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation.
4372a4aff4c5766652268cb33f145075be19e371399eba24f8aed1555bfe6f26
TweakFS version 1.0 stack buffer overflow exploit that creates a malicious .zip file.
905ad02a613f983dda9eaae9bab76456411f4e51d7ef6ac4c81902c6d115408a
ReFrameworker is a general purpose Framework modifier, used to reconstruct framework Runtimes by creating modified versions from the original implementation that was provided by the framework vendor. ReFrameworker performs the required steps of runtime manipulation by tampering with the binaries containing the framework's classes, in order to produce modified binaries that can replace the original ones. This tarball includes both the binary and source code releases.
0150edfe2da9666ab255444c54509fb5f54575c6e51ee5e18f42df461e8bee05
Secunia Research has discovered a vulnerability in e107, which can be exploited by malicious users to compromise a vulnerable system. An error exists in the handling of file uploads for avatar and photograph images. This can be exploited to upload and execute arbitrary PHP code via a specially crafted image file with a ".php.filetypesphp" extension. Successful exploitation requires that "Public Uploads" are disabled (default), but uploads for avatar or photograph images for users are enabled, and a certain server configuration (e.g. an Apache server with the "mod_mime" module installed).e107 version 0.7.19 is affected.
45428821d57d683fe1349074f3b121de28a05956ea85e81aa8b952bc93652c39
The Joomla iF surfALERT component version 1.2 suffers from a local file inclusion vulnerability.
8991125b0c29e0b5e4fffbc1226069b29359aab85e2b985e261fc55240e30f52
Mandriva Linux Security Advisory 2010-082 - ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities. The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka.Q) compression format. NOTE: some of these details are obtained from third party information. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides clamav 0.96, which is not vulnerable to these issues.
eb840d0860c67dd281facb646f931facd1346a2f4f7d2636f450384c9134a3b0
Mandriva Linux Security Advisory 2010-081 - A race condition was found in the way mod_auth_shadow used an external helper binary to validate user credentials (username / password pairs). A remote attacker could use this flaw to bypass intended access restrictions, resulting in ability to view and potentially alter resources, which should be otherwise protected by authentication. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
9728cb8ba5f7338d78acd40572d815abe86c8eecb05818ae0a772387c321b136