Secunia Security Advisory - Multiple vulnerabilities have been reported in Hitachi Groupmax, which can be exploited by malicious people to manipulate certain data or cause a DoS (Denial of Service).
e50ee42314731105cd487cc96352a93bcd8c7424df8446f752db96ca2b340187
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and bypass certain security restrictions, by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system, and by malicious people to bypass certain security restrictions, manipulate certain data, disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
c2a983151e4616dd426024311fd36e148c2ad1dbe5e8427114eeddbc9d5c9169
Secunia Security Advisory - A vulnerability has been discovered in Qt, which can be exploited by malicious people to compromise a user's system.
c15becd7ca77e0a82695529c0f24d1f407f7830086dee4f957f9305d8b517cf2
Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
618e5414178d60f5b3f18d23918259949b933785d4f2e549521ba178f5615913
Secunia Security Advisory - A vulnerability has been discovered in Digital Workroom, which can be exploited by malicious people to conduct cross-site scripting attacks.
09e1512c5cef649a590250c1c213ea6f8d3423ec19eb636cd40cf8b53ffcc4fe
Technical Cyber Security Alert 2010-263A - According to Adobe Security Bulletin APSB10-22 there are vulnerabilities in Adobe Flash. These vulnerabilities affect Flash Player, Reader, and possibly other products that support Flash. A remote attacker could exploit these vulnerabilities to execute arbitrary code.
b34faf923bf9ea6db2f455ecf92f2dbd3b5c40882ce8a4c9b3868686a46e0ea2
Mandriva Linux Security Advisory 2010-185 - An integer overflow has been found and corrected in bzip2 which could be exploited by using a specially crafted bz2 file and cause a denial of service attack. Additionally clamav has been upgraded to 0.96.2 and has been patched for this issue. perl-Compress-Bzip2 in MES5 has been linked against the system bzip2 library to resolve this issue.
9ad342dd4d695ddad458b7a2cc4f336d10b370149f577db868f677cc76eed3e5
Ubuntu Security Notice 989-1 - Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests. It was discovered that the pseudorandom number generator in PHP did not provide the expected entropy. It was discovered that PHP did not properly handle directory pathnames that lacked a trailing slash character. Grzegorz Stachowiak discovered that the PHP session extension did not properly handle semicolon characters. Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked encoding streams. Various other issues were also addressed.
39223359acd2eea854bfefcc60f483e06e1a0cd1e0a9f2252a3448603f64be5c
Ubuntu Security Notice 986-3 - USN-986-1 fixed vulnerabilities in bzip2. dpkg statically links against libbz2 and needed to be rebuilt to use the updated libbz2. An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.
c868b777cefbeba465a6705ca695c799632111d84efe15571f31b09656bf8e76
The Blizzard Entertainment Battle.net mobile authenticator application that is used as part of an optional two factor authentication scheme to safeguard accounts is vulnerable to a passive eavesdropper during the initialization process which occurs once per the lifetime of a given device.
ff52a124839a7f603a896555e76fb5b7fa360afc8d52e23722e9d6822df419cf
Part of the Alcatel Omnivista 4760 administration software of the Alcatel 4400 PBX is an HTTP proxy. It is used to tunnel ssh-connections to the ssh-ports of the PBX within the internal network. This proxy is vulnerable to a remote buffer overflow.
5cd45b1c09ebec546267dae931c9ff29744617b38e2df6f7e0ab905d89d90e04
The Alcatel CTI Solution is completely broken by design and performs authentication validation client-side.
7e2e7e0578b17ca41d5ca1c3b86de59225fa2219cbd660340684ccbe44384690
IB Promotion Advanced Business Web Suite suffers from a cross site scripting vulnerability.
c927a9219535e082bca5e4c5a41033fb4fc4ee71b14b0c90c7efba52b0f43935
FreeBSD Security Advisory - The bzip2/bunzip2 utilities and the libbz2 library compress and decompress files using an algorithm based on the Burrows-Wheeler transform. They are generally slower than Lempel-Ziv compressors such as gzip, but usually provide a greater compression ratio. When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow.
59a1711bf6d2510506a512b7a40dbb7b7d40b51b3a4d4e1f1d1ab65852dec64e
Debian Linux Security Advisory 2113-1 - Several vulnerabilities have been discovered in drupal6 a fully-featured content management framework.
5db748de714e469dadc2869ecc44a0406ff01a60ef572385059e9b43f4710623
TrendMicro versions prior to 2010-09-07 have vulnerable third party DLLs.
714c4a4a9b34ce3bd5f0c43e363fb65b8f51c199756fe9c5e1dd50ec1d1d49e7
BifrosT DLL hijacking exploit.
607cc6bc82b870a5ed60b2b91f2f96ec7ae3a8e64fa720c5accb0a0e82d9c837
Ubuntu Security Notice 986-2 - USN-986-1 fixed a vulnerability in bzip2. This update provides the corresponding update for ClamAV. An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.
469cb32cd15547aa3ce4d3d5ff9cc514314d8e826a8cd0be6e1890e4826d2835
Ubuntu Security Notice 986-1 - An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.
76303896b97cb2b9efd591512a1804d52d2c3df08a31055a4824cab1f39e5033
Debian Linux Security Advisory 2112-1 - Mikolaj Izdebski has discovered an integer overflow flaw in the BZ2_decompress function in bzip2/libbz2. An attacker could use a crafted bz2 file to cause a denial of service (application crash) or potentially to execute arbitrary code.
a2d893684f3238f877e8037d50bc8f645067431b0a451bb7eaf502f28d6e7acb
Local proof of concept exploit that demonstrates a vulnerability with mountall where a udev rule is created with world-writable permissions.
95f63d2111ca90c6da50b7e49d184cf2899ee68f2456828ad69df093da8a181d
The Joomla Spain component suffers from a remote SQL injection vulnerability.
79f0a2567545814aed4309cb69d1f2eeb9f174e1b64b6bbf00d2f4180af673ab
e107 version 0.7.23 suffers from multiple remote SQL injection vulnerabilities.
2153a7a292547e7be2a5e14f91d61548b9533cfc29cbe79a79406a848d0ce368
SWiSHmax DLL hijacking exploit that leverages swishmaxres.dll.
8ddad476588571c382b5b9cd81370195bbf2cf9cfd945faa48d869eceb8e82f3
Basic Web Server version 1.0 suffers from a directory traversal vulnerability.
264ceb0ab7930d455a52d8d4c378129c0cd0a7bbb3537eba8178169c8d3e4bfb