The Cisco Linksys Wireless G Broadband Router WRT54G with firmware version 4.21.1 suffers from a cross site scripting vulnerability.
33023e6063d14ffdaada37d384498349e1d019e88d22a6bd58eef458b22376b7xMatters AlarmPoint APClient version 3.2.0 suffers from a heap buffer overflow vulnerability.
dfe1f17a4b315b9eb567317dec5b4f68396be1e0dc312bac7ad5cb3869ad68faNetOp Remote Control versions 8.0, 9.1, 9.2, and 9.5 buffer overflow exploit.
51071e988c3edf11b4a9923524b79005ace98aab816f01362592f4042d07a58cVMware Security Advisory 2011-0007 - VMware ESXi and ESX could encounter a socket exhaustion situation which may lead to a denial of service. Updates to Likewise components and to the ESX Service Console address security vulnerabilities.
5f83afe772b762282a93600a631d74790ef776e16da02e857f1d10bca8105619The Hacktivity 2011 call for paper has been announced. It will be held from September 17th through the 18th, 2011 in Budapest, Hungary.
2c1e1fe6fe9327b182690003bec0c07dad861e0ec6ac451d8a920f342386e60eKusaba X versions 0.9.1 and below suffers from a cross site scripting vulnerability and a cross site request forgery vulnerability that allows for arbitrary SQL statement execution.
64e2bd26377186de93fea5e171b4925473cc45a08142ff4fd3e932681827e225Zero Day Initiative Advisory 11-143 - This vulnerability allows remote attackers to inject arbitrary SQL into the backend database on vulnerable installations of Cisco Unified CM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Call Manager component. The system exposes an Apache webserver which contains a JSP script vulnerable to SQL injection. The xmldirectorylist.jsp file does not properly validate the f, l, and n parameters before passing them to the database. A remote attacker can abuse this to inject SQL statements to be evaluated by the underlying database.
fa308914464bf01926e9a4d4ac3410d95c29f7cd0ee2f39af6da943a997c5e67Secunia Security Advisory - Red Hat has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
1c6787b2aad7dcc287b2e748379d1a9ab2ccbab299c5b0152f0272de2a7c8f3eSecunia Security Advisory - Red Hat has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
1c6787b2aad7dcc287b2e748379d1a9ab2ccbab299c5b0152f0272de2a7c8f3eThis Metasploit module exploits a directory traversal and remote code execution flaw in EMC HomeBase Server 6.3.0. Note: This Metasploit module has only been tested against Windows XP SP3 and Windows 2003 SP2.
e1157c518d84a4ffe3868bae4edb8772e80255a4824a34ca07799e7a7f517728This Metasploit module exploits a vulnerability found in Subtitle Processor 7. By supplying a long string of data as a .m3u file, Subtitle Processor first converts this input in Unicode, which expands the string size, and then attempts to copy it inline on the stack. This results a buffer overflow with SEH overwritten, allowing arbitrary code execution.
26d612333618be29098a0672577a27e3c6d14fed9fd3745d7b80c96b8ea7a1feOnapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially crafted packet is sent to the JDENet service, and access violation is raised. As the process fails to process this exception, this results in a crash that would render the system unavailable.
fb00b7dfd1a4bfaaa317b021b77e77953255278969e2ee8cefab09d76246d5dfOnapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially-crafted UDP packet is sent to the JDENet port, the JDENET service creates a TCP connection to the provided IP and PORT parameters. This connection could be used to access the JDENET and all ERP functionality provided through that callback connection.
0c98a162b3edfa493fb0a51d4bc92e4a10f6c96764005f2ec2eaeeb63450c32eOnapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a packet of a specific size is sent to the JDENet Service, a heap based buffer overflow condition is raised.
76921f4b4c1e91a19323ad91b682d4affa71e1a792efd459b4fefd21fe6aa43eCook Media Web Development Group suffers from a remote SQL injection vulnerability.
5753e094098a7bd0379bc7e35773a8de8aea4d191a595d330ac7d23d48640417Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. Several ways remotely deactivate the kernel processes logging have been detected. If specifically crafted messages are sent to the JDENET Service, the JDENET Kernel will stop logging for the kernel processes activities.
6c0cc09e84bd9e005ca7c9ae97cdf041b999375c2808d37a4e86b78a4569c0fdDaily Maui Photo Widget WordPress plugin version 0.2 suffers from a cross site scripting vulnerability.
3ce415536de4b96ee4985b66cd8380f457622bc1f8badc312859ee148a0f2531WP Photo Album WordPress plugin version 1.5.1 suffers from a cross site scripting vulnerability.
a8836eafacba3a9faa51ea0de462b5618a7fb80f46ff27f72fde7b2339bd4e16Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. It is possible for a remote and unauthenticated attacker to retrieve passwords of users that are allowed to login to the SAW Kernel (System Administration Workbench Kernel) in default installations of JD Edwards EnterpriseOne servers. As SAW users are allowed to, among other things, remotely execute commands on the server, the exploitation of this vulnerability leads to a full compromise of the server.
f5e070e8139c15730f71e2ea443c613b4a3d3b03b82fa0971259148856bc1535Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially crafted message is sent to the JD Edwards server, running processes of XMLCallObject Kernel, then arbitrary commands can be executed through the JD Edwards CallObject Kernel process.
34c7ee07435c2ddc8c251c76a97e1bc8cc1efd0ab34980d34fa7d069d940abffOnapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially-crafted message is sent to the JDENET Service, the JDENET Kernel performs a shutdown of the service.
495c315fad1554eb899346d39c9206a1fa99d8f13c9027b4c25f296d62c0b440PixelGems remote file disclosure exploit that leverages a local file inclusion vulnerability.
2e7facf90aaaa0bcdd0ef29248ec91a52c246136d5645ad8eaf30961b54ddecfeyeOS versions 1.9.0.2 and below suffer from a stored cross site scripting vulnerability.
7d4a4e68d121c5860bc7375739b43d9371bb170bdaea8915ae59210fcafb7f60Shackleton Rollin suffers from a remote file disclosure vulnerability.
8a4b30a459bf89489b49464052951aba45564c8d22f8d0c574a62823ada4d336BackupPC version 3.1.0 suffers from a cross site scripting vulnerability.
94caa59ee7f687031cb378f80893959ed9e17654456f0bc3c46700cb4648a125
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed