Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.
9f4f888b00af392a0cb4c91631bf5c14467e061cd8cc8392a2df226676b22670
Zero Day Initiative Advisory 10-133 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling of references to external font resources. A value is used as a 16 bit integer in an array allocation and later as 32 bit when iterating over and then populating these fields. By creating enough references, a remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
f5d8dd7c32a2a623a1ab483ff4c3cbdf23d8f651924b0f2d64ef43b07770a0c8
Zero Day Initiative Advisory 10-132 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the browser's method for parsing child elements out of a particular tag. The application will use a 32-bit index to enumerate them, but will store it in a 16-bit signed integer and then use it to allocate space for a cache. When populating the cache a buffer overflow will occur. This can lead to code execution under the context of the application.
2f022db95e09d8dc7b6ebe9ff4057ff19bb3e24cc6ac32fe5ebbdcdd17274899
Mayasan Portal version 2.0 suffers from a remote SQL injection vulnerability.
867fa8a1aa0b853d5d2bf51b8bf346b4e0a4ec2001db21d91b777342879cd2b8
Whitepaper called Simple Technique for SQL Injection Form Login Bypass. Written in Indonesian.
a0c126771c4a0c2267245b25df94a2fb32bec29ea8a480fdc954aad92f0b5f5a
libpng versions 1.4.2 and below denial of service exploit.
931618b16e3c9673a23c5b0e8ddfbea6cba73ec0d2a99d3d42b0cc17cb7cb77b
Onapsis Security Advisory - The SAP J2EE Engine contains a Web Services Navigator interface, which enables the interaction with the deployed Web Services in the server. This interface suffers from a Cross-Site Scripting vulnerability, which may enable malicious parties to perform different kind of attacks over SAP users.
8dc2a56391e65f55d9d9b2fedc38db6025320a0ec26c72f748583efc85727820
Zero Day Initiative Advisory 10-131 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of XUL <tree> element's "selection" attribute. There is an integer overflow when calculating the bounds of a new selection range. When calling adjustSelection on this manged range both ranges are deleted leaving a dangling reference. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
010284d7af17bbb1cb31c4f81196ce20998a307bacdd100723e6a9f36e76bf1c
Zero Day Initiative Advisory 10-130 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the victim must visit a malicious page or open a malicious file. The specific flaw exists within the application's implementation of the NodeIterator interface for traversal of the Document Object Model. Due to the implementation requiring a javascript callback, an attacker can utilize the callback in order to manipulate the contents of the page. By doing so in an unexpected manner, an attacker can cause the process to corrupt memory. Successful exploitation will lead to code execution under the context of the application.
1b40559321186043ad05f4d45e0c16676ef562c2a6e7ae3b2e3e825f4fcb5032
Unreal Tournament III suffers from an uninitialized pointer vulnerability.
4f03ee16d11664440497200a3044e2b1c74ba81bb6fd7c59fec78d672f1e22b5
ezAPPAREL suffers from backup related, file disclosure and shell upload vulnerabilities.
17f4c00d9115d21a6da254be8fb6fb9a4a2dfaa8f427848166e2afdfb59d8da3
ASP Resources Forum suffers from a database disclosure vulnerability.
cfa1555f06212d3054dbc2262cf32775aa9cd2d7c0bf152083f2f3b44e613aaf
The Lithtech engine in F.E.A.R and F.E.A.R. 2 Project Origin suffers from a memory corruption vulnerability. Exploit included.
34287796cabe7c93695c0dc48cdfbec8df8c736277f0b7f0ea6e0911536a1625
DirectPlay8 suffers from NULL pointer and access violation / freeze vulnerabilities. Exploit included.
1059213ca6067595a354e83762de856ece3e7b9ef12c97d4dfcd58d11a74000f
Ubuntu Security Notice 963-1 - Robert Swiecki discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.
fc0f18e5fd93c5ab92a7d2edfd7e45781d6ca70eb6dee9fcb787abfdffb4f18e
Internet Explorer 7.0 denial of service proof of concept exploit that leverages the Microsoft Clip Organizer Active-X control.
49f9619da3ce2ea53067cd8c7effa6b01672de52c0783bfe87a1b1a15560398e
Solaris wbem suffers from an unsafe use of temporary files vulnerability.
e25695c184c89f651bdda342eaad990a889f8c8d85453a12ab23d8db36072c2b
Solaris nfslogd suffers from an unsafe use of temporary files vulnerability.
31a014d3634838be4d7686ca8bc19552353af446fcbb382d3cb0180cd390db98
Solaris flar suffers from an unsafe use of temporary files vulnerability.
41138e9f4024ae9ce4907ba49bfb51b1831d03d76f597aaae4bc06f17d1bd299
Mayasan Portal version 2.0 suffers from a remote SQL injection vulnerability.
780abbcfcdb8dcf89b11d72da444ee275e837692c70fdc2730601184709ee8a4
Caner Hikaye Scripti suffers from a remote SQL injection vulnerability.
45446cb600e69d40f15d1b8e4e627926ed5a3d3bd9968d45caf6b00893e2c610
EZ-Oscommerce version 3.1 suffers from a shell upload vulnerability.
97bff752283ac167760e89134e3cd8bdf6f71593482b9bc0055191321a1e7dc1
This Metasploit module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This Metasploit module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.
02b7a4d416053d7ead37976f6d7d16df09d4d947e59b569a8c904c94108c01af