Secunia Security Advisory - Two vulnerabilities have been reported in BIND, which can be exploited by malicious people to bypass certain restrictions or cause a DoS (Denial of Service).
62b94c34d6ffbaa06866933758ac362f4b013d48aaa5d7c26f7f51c5fca8f9fd
Secunia Security Advisory - Oracle has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise a user's system.
ce0673150dbfe61c6a1375ccecd19e50a9f27b777ea8c8506493957f7f13460d
Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM WebSphere Application Server Community Edition, which can be exploited by malicious people to disclose certain system information and cause a DoS (Denial of Service).
258613449e6da85aa2954bf9f91cf19cfaced40393cb889b98fc3db21c03599b
Secunia Security Advisory - NetBSD has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
daa00d6d3e5a8ef3c9f7dd74484efaf688e42d3eeb4476abedbf907972dcc99a
Secunia Security Advisory - Multiple vulnerabilities have been reported in phpMyFAQ, which can be exploited by malicious people to conduct cross-site scripting attacks.
7498a49f97a797cece60261cc8eb86ac0c02fe198e3a660bcc5711fe85f5a9f5
Secunia Security Advisory - A vulnerability has been reported in Horde DIMP, which can be exploited by malicious people to conduct cross-site scripting attacks.
f05a69f7c184d7bb0d1e69d5d43150a4a02eb9e8d55aa1115fb39809ac68aa38
Secunia Security Advisory - Multiple vulnerabilities have been reported in MPlayer, which can be exploited by malicious people to compromise a user's system.
708a72540ed31c81a0d389cac73a833da3a281cbf451e694913db8755a95a1aa
Secunia Security Advisory - John Leitch has discovered some vulnerabilities in MODx, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
e581748749c20a7c360f9e8fcdd578c39de31b264eb68c42b2dbce38cf5b5e58
Secunia Security Advisory - A vulnerability has been reported in Horde Gollem, which can be exploited by malicious people to conduct cross-site scripting attacks.
7cdabf10e86cf44991639cdee37bc564fa45b5e9919928752857943e90afebc7
The libavcodec library, an open source video encoding/decoding library part of the FFmpeg project, suffers from an arbitrary offset dereference vulnerability. The vulnerability affects the flic file format parser, insufficient restrictions on a writable buffer can be exploited to execute arbitrary code via the heap memory. A specific flic file can be crafted to trigger the vulnerability. Versions 0.6 and below are affected.
91eb4e7bc98d45207f87d7999b2a67a127df42b8c0587aab9c0f0d5d54643137
These are slides from the Practical Padding Oracle Attack presentation given at BlackHat Europe 2010.
44d6bd6f34982348a4af9f4bd0fe7a99db3855f3ff6cb55230636fab6a2bbf7b
Micro CMS version 1.0 b1 suffers from a persistent cross site scripting vulnerability.
b0260c84437612099c38be3ddf9f0df6f04364d1941270c9ccb41aaa51af14f4
Whitepaper called Exploiting Capabilities - Parcel Root Power, The Dark Side Of Capabilities. It dives into the dangers linked to POSIX file capabilities supported in Linux kernel versions greater than 2.6.26.
21d1099e6762feb810c2eaf486c7b8a5ecb81544dbea93148c03858a9d0eaf08
CYBSEC Security Advisory - Achievo version 1.4.3 suffers from cross site request forgery vulnerabilities. Proof of concept code included.
b1268f4588bf8624992f44b5afcaa988c5878f47e8ecc166ac8e422edd7f7b61
CYBSEC Security Advisory - Achievo version 1.4.3 suffers from multiple authorization flaws. Proof of concept code included.
cd5cb1d76d9e89fa6154492e110753b987ddf99ca35a468d254db45f337f8d14
Month Of Abysssec Undisclosed Bugs - AtomatiCMS suffers from an arbitrary file upload vulnerability.
d28562311c44508cd04e6a2d947d769787e7775c8b7ae31cc30fa84dc5f502f3
Month Of Abysssec Undisclosed Bugs - AtomatiCMS suffers from an arbitrary file upload vulnerability.
03ab291bf641d30568d780acd938d6bdb67d57bacf257281de4b95ecc8542208
Month Of Abysssec Undisclosed Bugs - JE CMS version 1.0.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
8ff1c794c6ca8b9cc3919b71a881993f309698b518ba50acb5801225179daaad
Month Of Abysssec Undisclosed Bugs - JE CMS version 1.0.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
24a8b84dfdb9146940e4293b16fbe2a2f0ce1c2394f0d532cd9e82bb69f7e65f
Aleza Portal version 1.6 suffers from an insecure cookie handling vulnerability that allows for SQL injection.
a95f06d8fa58fb952b1208409090aa5f0b7810e7d7346b1d7177e46aeeba780a