Absolute Shopping Cart suffers from a cross site scripting vulnerability.
dee0f5cb61f9ac40aba384ad7f5576ebc85c2d974cbf6d77668c4dd5d072eb06
Mandriva Linux Security Advisory 2010-134 - Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS output driver. Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter. As a precaution ghostscriptc has been rebuilt to link against the system libpng library which was fixed with MDVSA-2010:133.
3d73e4babfd4b5c82e8bde7f78c70aac24ac68d203e10354a9d51ebf133af653
Secunia Research has discovered a vulnerability in GIGABYTE Dldrv2 ActiveX Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by missing input validation of the "item" argument passed to the "SetDLInfo()" method and can be exploited via array-indexing errors to corrupt memory. Successful exploitation allows execution of arbitrary code. GIGABYTE Dldrv2 ActiveX Control version 1.4.206.11 is affected.
5a355eea57a95ebf55598d637130c88c0d5d14102954591e3ec5525966ddd53f
Secunia Research has discovered some vulnerabilities in GIGABYTE Dldrv2 ActiveX Control, which can be exploited by malicious people to compromise a user's system. The unsafe method "dl()" allows automatically downloading and executing an arbitrary file. Combined usage of the unsafe methods "SetDLInfo()" and "Bdl()" allows automatically downloading an arbitrary file to an arbitrary location on the user's system. GIGABYTE Dldrv2 ActiveX Control version 1.4.206.11 is affected.
08c0f290a97fa5c7bda21b8209232dbc8ff81b03dddee78d3ad8e64cdd838050
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running rpc.ttdbserver. The vulnerability could be exploited remotely to execute arbitrary code.
3c35f61d9c53605670ecceddcc3ea9e59ae28b0d0641cbcf19e2d0205f5eaad2
Mandriva Linux Security Advisory 2010-133 - Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file. Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
9dbcdb392f0269d231a9304f120b56317d9400add78640b2d61a8c8ee985f7fc
Oracle Business Process Management suffers from a cross site scripting vulnerability.
bf912910410508689aa486e3ff80bc7660b173926d3a4e50e64cecd7fa49c84a
Mandriva Linux Security Advisory 2010-136 - Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter. As a precaution ghostscriptc has been rebuilt to link against the system libpng library which was fixed with MDVSA-2010:133 The updated packages have been patched to correct this issue.
9fe83cb142b2975efe8bfd4f0a6a6b22652cf1016190aea60be397f92ce3eedd
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
969b91e8ae1584524affb646ad128ef521ce5bf00f9f6f60159e8b58da5d0f07
Mandriva Linux Security Advisory 2010-135 - Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS output driver. The updated packages have been patched to correct this issue.
dbbb7d1d19b0686c9fe07d480902056754e2254f4fda8cce0b3486a5646179bf
Novell Groupwise Webaccess suffers from a remote code execution vulnerability due to a stack overflow.
6bc927bbb103ea68af6dfe0fd79afd57d34dc381ac12eaba2cd72d5a86b363a1
BS Script Directory suffers from a remote SQL injection vulnerability.
a696baaa4461363bbdfb309cbfbe2cf949c7b57d9f355ef4f657a36d38589b12
USBsploit is a proof of concept for dumping files from remote USB drives on multiple targets at the same time. It works through Meterpreter sessions with a light (24MB) modified version of Metasploit. The interface is a modified version of SET. usbsploit.rb can also be used with the original Metasploit Framework.
e92fea9e4a548bffde34146916cb0c63e949368dc79238ba26fd55cf55ebefd4
The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS.
2cc66d02ccbce04e3af3f2eda1456ab508b96f53fd147bf3d51007b1817d9f4c
The Joomla RedShop component version 1.0.23.1 suffers from a remote blind SQL injection vulnerability.
6a410d169270349d16863cca3f0fe83a7b3432240ed1e845fda1b51715882733
Whizzy CMS version 10.01 suffers from a local file inclusion vulnerability.
966b682a7f3367f3eda499decf9119a83e159fe30e13be8d36cf52f8b0a2da96
eXtreme Message Board version 1.9.11 suffers from multiple cross site request forgery vulnerabilities.
1ec13a5785d62586b4ea280109e9cf79c4c6799a19cc94ae3d441317eca7055c
phpwcms version 1.4.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
238c56be1149a2c41b7fe7cceb9e99be0c1302dde6f41931bc36aebbefbea36b
Taggon CMS version 01.07.2010 suffers from a cross site scripting vulnerability.
ad97ce47a7e5d219507b16996ff44446c20e8d44024851fae44eb60fdc4ed35d
Pligg version 1.0.4 suffers from a cross site scripting vulnerability.
0ccea23e91cfc6e8ab73421bd8017b31faabc11de48e7fff06b641f2781adcd5
Gekko Web Builder version 0.90 ALPHA suffers from a cross site scripting vulnerability.
85af3cfd14353783a98a7cfc2080d999b4986ceff50d83d0342674e5b13dcd8a
DSite CMS version 4.81 suffers from a cross site scripting vulnerability.
bc953e49422823dd791c120c04686610e46c46dc850c76d9a77b99f4e871ca3e
FestOS version 2.3b suffers from multiple cross site scripting vulnerabilities.
5072788f0a975e013a92c56a4f477514c864cede4ce09dab59f8f0eee27714d5
Pixie version 1.0.4 suffers from cross site request forgery and cross site scripting vulnerabilities.
dceea5fdc604cfa13b2a99efd6480667ccb25c0ed09befcd91ecdf6106c73483
WebPress version 01.07.2010 suffers from multiple cross site scripting vulnerabilities.
15d63968d4bbaf83b2097e2d73e8bb895a81a7232adf709e79981c250ef3979a