Simea CMS suffers from a remote SQL injection vulnerability.
a73c9169eef361a0e7116fbf4e07c7b02a1ed6296b19811ac982cd9bc28a4e9e
Phreebird is a DNSSEC proxy that operates in front of an existing DNS server (such as BIND, Unbound, PowerDNS, Microsoft DNS, or QIP) and supplements its records with DNSSEC responses. Features of Phreebird include automatic key generation, realtime record signing, support for arbitrary responses, zero configuration, NSEC3 "White Lies", caching and rate limiting to deter DoS attacks, and experimental support for both Coarse Time over DNS and HTTP Virtual Channels. The suite also contains a large amount of sample code, including support for federated identity over OpenSSH. Finally, "Phreeload" enhances existing OpenSSL applications with DNSSEC support.
851f74625841584a432de6c57ae431f0553eb5bb5633b06087be46e51e44f01b
Mandriva Linux Security Advisory 2010-234 - Cross-site request forgery vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings. The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted file. The web interface in CUPS, reads uninitialized memory during handling of form variables, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via unspecified vectors. The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the /var/cache/cups/job.cache file. ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. The updated packages have been upgraded to cups 1.3.10 and patched to correct these issues.
0dab4ef60a555b01565c5907cb2d99a63df8c8d71c529e3b72fcfb550aa56f4c
The Joomla Alfurqan15x component suffers from a remote SQL injection vulnerability.
7991552912198c9d5b238d147b28e3ea93e1d025de1ba497b70605c0fc7d227d
AbleDating Script 2010 suffers from a cross site scripting vulnerability.
f22d2f87ea80aa4b9b215606e87249984e76fe497819fde95ebdab010de52303
The Nuked-Klan Boutique module suffers from a remote blind SQL injection vulnerability.
ae2d25413ad0448009faf70893c6a483d295d4f302b8e43e69fe9b97909f3b68
Mandriva Linux Security Advisory 2010-233 - Cross-site request forgery vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings. ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request. The updated packages have been patched to correct these issues.
4429a0ea4f7a712c583880adb10367e54b0ebca555534e9ce7b942a78300259e
Raised Eyebrow CMS suffers from a remote SQL injection vulnerability.
d38e7bb1bb4a16716aac2827dc2d0a5190ab53172965eac2f19383d0a82de8f3
Spiraleye CMS suffers from a remote SQL injection vulnerability.
0cb957208799dd31d4880dc388a441de6322c9c9e5a08436ae01d2247c00c6a5
Mandriva Linux Security Advisory 2010-232 - Cross-site request forgery vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings. The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted file. The web interface in CUPS, reads uninitialized memory during handling of form variables, which allows context-dependent attackers to obtain sensitive information from cupsd process memory via unspecified vectors. The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary files via a symlink attack on the /var/cache/cups/job.cache file. ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.
04e93c19aeb95affc703012416b9a127b061954e7f95f0664a38bba985b44c89
Gentoo Linux Security Advisory 201011-1 - Multiple vulnerabilities were found in glibc, the worst of which allowing local attackers to execute arbitrary code as root. Multiple vulnerabilities were found in glibc, amongst others the widely-known recent LD_AUDIT and $ORIGIN issues. For further information please consult the CVE entries referenced below. Versions less than 2.11.2-r3 are affected.
e7fd1080a732debd69f8864702d36b5571373a61bee34c47c11be74bc1e37420
Android versions 2.0 and 2.1 use-after-free remote code execution on webkit exploit.
3a158fa65b67817ab860792bf9c8a91e63d6eff5a881daecfe0f045cc87710f4
Foxit Reader version 4.1.1 stack overflow exploit with egghunter shellcode.
9780b51aa733813b396e6fc1a53431ca2e325e1962af0b5c9d51ca76f2250eef
vBulletin version 4.0.8 suffers from a persistent cross site scripting vulnerability.
532b77cbe0f670822b9ca72b962634967c91c6ebf944208f42852cd4e2b6da83
CakePHP versions 1.3.5 and below and 1.2.8 and below unserialize() cache corruption exploit.
65a2b440d4696ecb893de017fe9da620c3ac3cbfb1083146551fa48a1d51dc2a