Monocle is a local network host discovery tool. In passive mode, it will listen for ARP request and reply packets. In active mode, it will send ARP requests to the specific IP range. The results are a list of IP and MAC addresses present on the local network. Written to work on both Linux and FreeBSD.
25a26dc029a4950b4607b691903551693d1f8588966942b0fc24280a5f345572
Debian Linux Security Advisory 2205-1 - Sebastian Krahmer discovered that the gdm3, the GNOME Desktop Manager, does not properly drop privileges when manipulating files related to the logged-in user. As a result, local users can gain root privileges.
fd54d56a30cf7567ea53ed3b6cd7635bfef96b45f84c66c859941eb5f71da7a7
Honey Soft suffers from remote SQL injection and cross site scripting vulnerabilities.
8bd7095bc322f26524154e4782051839420bd5523ebbf0a4866dd51452b89641
This Metasploit module exploits remote code execution vulnerabilities in dRuby.
a681602f532ac58f4f6a9e537c9a81e6dec64369d00b6b75f0ed0815a4eb1b33
Turkish Ays Portal version 1.6 suffers from a remote blind SQL injection vulnerability.
18b04c4febc09615167a32d00466382c954f3c32fa911ef43fe56182f011739e
PPP Blog version 0.3.0 suffers from a cross site scripting vulnerability.
a38f2cb311068fd61f1dbd7b1a4746844f9ebea2d843a3d4f9ab569783d81ba6
Zero Day Initiative Advisory 11-113 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Zend Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Zend Java Bridge v3.1 component of the Zend Server framework. The javamw.jar service accepts TCP requests on port 10001 by default. With nothing more than the knowledge of the proprietary communication protocol used by the Zend Server Java Bridge, it is possible to send arbitrary Java code to javamw.jar service and remotely execute these commands under the context of the user running the web server process.
9ff00ca55c520c19871b67b0652dabe5ef5cf5dc7e91eb8cfb94fcdee37c8fb0
Dpayshop suffers from a remote SQL injection vulnerability.
d7daf343b42f1ff74e3c0a3ca4a2fa688b9078d198e8e022bfc23fa4532e30c4
Toon Boom Studio version 4.9946 DLL hijacking exploit.
3f7d398da69ffbf5378c8e7bc89e79b8316bd3ef57ea36762d0e2dc09f0d6fcc
Ulead COOL 3d version 3.5 DLL hijacking exploit.
7b6d9c64b67b37f404a3b6279873a153a56fa9a512c6f9a9deae473a90e16783
OpenCMS versions 7.5.3 and below suffer from cross site scripting vulnerabilities.
4e75fdecc723a1733d9e6ad8aa18826e0fa6f400e236f263c8da2b39e8e6918f
webEdition CMS version 6.1.0.2 suffers from a local file inclusion vulnerability.
be79d960aa2f174f83cee93937a03c3c737fc0cb11cb2cc0881e230578e63a73
HP Security Bulletin HPSBMA02649 SSRT100430 - A potential security vulnerability has been identified in HP Diagnostics. The vulnerability could be exploited remotely resulting in cross site scripting (XSS). Revision 1 of this advisory.
30f631099c7afb1885e2844cf768dbc0de0976041218757bcbc4b9364199d99e
The WordPress BackWPup plugin version 1.6.1 suffers from a vulnerability that allows for local or remote code to be executed.
9d1296daa3ec8fb23564f12b35f8a9259718b647bc906c9344ec6687a2bdcfa6
Mandriva Linux Security Advisory 2011-054 - Multiple vulnerabilities has been identified and fixed in java-1.6.0-openjdk. The JNLP SecurityManager in IcedTea 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader. Unspecified vulnerability in the Java Runtime Environment in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. Various other issues have also been identified and addressed.
904fc941643717491978f0d993636fcedc72d278bb781afe4417e8ff6ceae8fd
SimplisCMS version 1.0.3.0 suffers from a file disclosure vulnerability.
551d75975c8e212930df8c3661f5c088570b475053e136aa5639cb197b280991
SimplisCMS version 1.0.3.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
cc13c1f5f386606b1209f7799db9a7525ebdb0f1da1d0f5d3cb5490af9e26032
Mozilla Firefox crash handler denial of service exploit.
94149b91a0f52f05fa5de71e10e9c94e067fc616309c05238d9e77d44fd18466
Konqueror KDE version 3.5 crash handler denial of service exploit.
c925629751729e139161cdaf18c373ca974113e64a0afa59b8d223f484d36bf7
Onlinecasinoextra.com suffers from a cross site scripting vulnerability.
1e251e6fcb08fb62079c12c7ca6ef630f54ee15e5e39076af47885a445274f2b
Secunia Security Advisory - Xerox has acknowledged a vulnerability in Xerox WorkCentre, which can be exploited by malicious people to potentially compromise a vulnerable system.
2a8bf329abfb520344cbf799fe5b72dfb53af03e66827d5123e1f358fe1ca587
Secunia Security Advisory - Fedora has issued an update for gnash. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
5cb61d63486caa9c81f08d34b7f73f46b1a11571cf4a0fc74cb79cc263750b3a
Secunia Security Advisory - Fedora has issued an update for libcgroup. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges.
8b6bf09c6843e183949e4b443665e32e618a1e28425973f8649be9d0816a7860
Secunia Security Advisory - A vulnerability has been reported in EMC Data Protection Advisor, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
133ea0faa5afec6ac268ad0164e981f1f8cfd30fd40a39610b029a642ffcd96b
Secunia Security Advisory - Debian has issued an update for imp4. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
0e8cc4cea4a585f22416da20cd5b2d3a5994fb5871235d6c016144ff64850030