MP3 Studio version 1.0 .mpf file buffer overflow exploit.
fe32a2b2325bf452931bd210be4ce906bf7c5a1b388efcfbdcd54eb34c078b0e
Exim 4 suffers from local symlink and race condition vulnerabilites.
d894d9ac3680893c4de1df8deea0bb09c3c5f18e99348ec10bb3351fafdf3e38
Simple SQL Injection Vulnerability Scanner is a tool that helps you find SQL injection vulnerabilities within your website. Simply provide an URL and let the tool do all the work. Written in Python.
96063e29053ad04993390a1466220d3646a0934ad8abc17d8811741f2145659a
Ubuntu Security Notice 948-1 - It was discovered that GnuTLS did not always properly verify the hash algorithm of X.509 certificates. If an application linked against GnuTLS processed a crafted certificate, an attacker could make GnuTLS dereference a NULL pointer and cause a DoS via application crash.
3f89a7e58b25d0ca2a69b8e7a813850ba5ef4abfa22b63427cdbf7a34299646a
Gentoo Linux Security Advisory 201006-20 - Multiple vulnerabilities in Asterisk might allow remote attackers to cause a Denial of Service condition, or conduct other attacks. Versions less than 1.2.37 are affected.
c4933913b3f7de08c2c9cdd1eaa67457d52f479496c2830a647cc345b7604953
Gentoo Linux Security Advisory 201006-19 - Bugzilla is prone to multiple medium severity vulnerabilities. Multiple vulnerabilities have been reported in Bugzilla. Please review the CVE identifiers referenced below for details. Versions less than 3.2.6 are affected.
8bc8d5d14b76f0df7073a6835b0a2ff5f2bd13db23acc400fb9646c1ca17bcc2
Gentoo Linux Security Advisory 201006-18 - The Oracle JDK and JRE are vulnerable to multiple unspecified vulnerabilities. Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below and the associated Oracle Critical Patch Update Advisory for details. Versions less than 1.6.0.20 are affected.
4af5cb5d0d925742eafb92ddd1aea2ad44ba2c08dad8357f9cdf1509b1f55dc5
DDL CMS 2.1 suffers from a remote file inclusion vulnerability.
6de1a42b8d03606b4f4058cd5affeecc3b09a6ff25dd105d4131b42e5a74c91c
RSA Key Manager version 1.5.x suffers from a remote SQL injection vulnerability.
4b9c25669930914a9bfdbf4c094a8295e378a8eaa3f8d14fdfa1c8959bb50242
VUPEN Web Vulnerability Research Team discovered multiple vulnerabilities in eFront. These issues are caused by input validation errors when processing the "remote_theme", "name", "system_email", "password_length", "math_server", "site_motto" and "site_name" parameters, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site. Versions prior to 3.6.3 build 7400 are affected.
1104801d6660f352341d2255e224ec704f33018e832b6a8a32964aa0a77e692e
The Joomla Lead component suffers from a remote SQL injection vulnerability.
3488faef86d16f75e9d45ac8c03e01634034ed2fee824de2534bf033b786e631
HP Security Bulletin - HP Security Bulletin - A potential security vulnerability has been identified with HP ServiceCenter running on AIX, HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited remotely to allow cross site scripting (XSS).
6a47c3a6581bc13261acad4b6a1c5b73ae62c609aca4e687a965f06999787d06
The Motorola SURFBoard cable modem suffers from a directory traversal vulnerability.
5c07009c0f30c859702d6704922a47dd4e158dda1eabb9073711e4e0d78deda8
K9 Kreativity Design suffers from a remote SQL injection vulnerability.
ca9de72191267989ecadbc49ef47a6abf4f4635a70711c50d5aa81a5e3cc60b7
ClickArtWeb Design suffers from a remote SQL injection vulnerability.
c9e13ab1569c4e77b7ebcd20cd3561b9558690ecbced93d0a5d602c255f53666
39 bytes small Solaris / x86 System-V killall command shellcode.
4cd6049a4a3017fb6f91c14fe3f6708294aa747f1774b2e8e88ebcd7f06afbae
phpBazar version 2.1.1 suffers from a remote file inclusion vulnerability.
929583e27d1b46b5b61c3306d04478de276377bfaa87c9eaec8a528e29cd83f5
Spiderpig is a PDF fuzzing utility written in python.
eb4561c3095ec8870ccb83e8a9d8b30853581c6d9f25f9ca1d5c4ef9db399fda
HP Security Bulletin - A potential security vulnerability has been identified with HP StorageWorks Storage Mirroring. This vulnerability could be exploited remotely to gain unauthorized access.
04e3ff047f7fc77294406ef7e7b7db8b6231401fc400e30f764e9d4c36b19b5c
Secunia Research has discovered a vulnerability in TomatoCMS, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused by an error in the validation of uploaded image files while adding a new article. This can be exploited to upload arbitrary files inside the webroot and e.g. execute arbitrary PHP code. Successful exploitation requires "Add new article", "Upload file to server", and "Browse uploaded files" permissions. Version 2.0.6 is affected.
5e6a7845dcce13483a097aa6b25b598b7ced6a5132b245b40d780046872c4bdd
Gentoo Linux Security Advisory 201006-17 - A processing error in lighttpd might result in a Denial of Service condition. Li Ming reported that lighttpd does not properly process packets that are sent overly slow. Versions less than 1.4.25-r1 are affected.
b2e132b9a332e4addc4cc5c950b02a9ac12e11a4cbb8b90dddeac80c341ad61b
Gentoo Linux Security Advisory 201006-16 - The GD library is prone to a buffer overflow vulnerability. Tomas Hoger reported that the _gdGetColors() function in gd_gd.c does not properly verify the colorsTotal struct member, possibly leading to a buffer overflow. Versions less than 2.0.35-r1 are affected.
f15e70e876491f7bf8e23cee721cf1c166d52c93737ac4c893872594c0c94ea4
Secunia Research has discovered some vulnerabilities in TomatoCMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "keyword" and "article-id" parameters to index.php/admin/news/article/list, the "keyword" parameter to index.php/admin/multimedia/set/list, the "keyword" and "fileId" parameters to index.php/admin/multimedia/file/list, and the "name", "email", and "address" parameters to index.php/admin/ad/client/list is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in the users browser in context of the affected site.
b08aeb40643c7328f71315e0658ec49b7c143d96320d7228e2baa16637965e20
PHP SETI@Home Web Monitor suffers from local file inclusion and remote file inclusion vulnerabilities.
57cb167db3c7de71923a458570488b65ab3fcc4696682ad723d7d1a95a234a14
Gentoo Linux Security Advisory 201006-15 - Multiple integer overflow errors in XEmacs might allow remote, user-assisted attackers to execute arbitrary code. Tielei Wang reported multiple integer overflow vulnerabilities in the tiff_instantiate(), png_instantiate() and jpeg_instantiate() functions in glyphs-eimage.c, all possibly leading to heap-based buffer overflows. Versions less than 21.4.22-r1 are affected.
b21c8c449d9386faf4e7a6161f56e55833b7d9fa29a25a4f472765a70cb7a5e9