The Cisco Linksys Wireless G Broadband Router WRT54G with firmware version 4.21.1 suffers from a cross site scripting vulnerability.
33023e6063d14ffdaada37d384498349e1d019e88d22a6bd58eef458b22376b7
xMatters AlarmPoint APClient version 3.2.0 suffers from a heap buffer overflow vulnerability.
dfe1f17a4b315b9eb567317dec5b4f68396be1e0dc312bac7ad5cb3869ad68fa
NetOp Remote Control versions 8.0, 9.1, 9.2, and 9.5 buffer overflow exploit.
51071e988c3edf11b4a9923524b79005ace98aab816f01362592f4042d07a58c
VMware Security Advisory 2011-0007 - VMware ESXi and ESX could encounter a socket exhaustion situation which may lead to a denial of service. Updates to Likewise components and to the ESX Service Console address security vulnerabilities.
5f83afe772b762282a93600a631d74790ef776e16da02e857f1d10bca8105619
The Hacktivity 2011 call for paper has been announced. It will be held from September 17th through the 18th, 2011 in Budapest, Hungary.
2c1e1fe6fe9327b182690003bec0c07dad861e0ec6ac451d8a920f342386e60e
Kusaba X versions 0.9.1 and below suffers from a cross site scripting vulnerability and a cross site request forgery vulnerability that allows for arbitrary SQL statement execution.
64e2bd26377186de93fea5e171b4925473cc45a08142ff4fd3e932681827e225
Zero Day Initiative Advisory 11-143 - This vulnerability allows remote attackers to inject arbitrary SQL into the backend database on vulnerable installations of Cisco Unified CM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Call Manager component. The system exposes an Apache webserver which contains a JSP script vulnerable to SQL injection. The xmldirectorylist.jsp file does not properly validate the f, l, and n parameters before passing them to the database. A remote attacker can abuse this to inject SQL statements to be evaluated by the underlying database.
fa308914464bf01926e9a4d4ac3410d95c29f7cd0ee2f39af6da943a997c5e67
Secunia Security Advisory - Red Hat has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
1c6787b2aad7dcc287b2e748379d1a9ab2ccbab299c5b0152f0272de2a7c8f3e
Secunia Security Advisory - Red Hat has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
1c6787b2aad7dcc287b2e748379d1a9ab2ccbab299c5b0152f0272de2a7c8f3e
This Metasploit module exploits a directory traversal and remote code execution flaw in EMC HomeBase Server 6.3.0. Note: This Metasploit module has only been tested against Windows XP SP3 and Windows 2003 SP2.
e1157c518d84a4ffe3868bae4edb8772e80255a4824a34ca07799e7a7f517728
This Metasploit module exploits a vulnerability found in Subtitle Processor 7. By supplying a long string of data as a .m3u file, Subtitle Processor first converts this input in Unicode, which expands the string size, and then attempts to copy it inline on the stack. This results a buffer overflow with SEH overwritten, allowing arbitrary code execution.
26d612333618be29098a0672577a27e3c6d14fed9fd3745d7b80c96b8ea7a1fe
Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially crafted packet is sent to the JDENet service, and access violation is raised. As the process fails to process this exception, this results in a crash that would render the system unavailable.
fb00b7dfd1a4bfaaa317b021b77e77953255278969e2ee8cefab09d76246d5df
Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially-crafted UDP packet is sent to the JDENet port, the JDENET service creates a TCP connection to the provided IP and PORT parameters. This connection could be used to access the JDENET and all ERP functionality provided through that callback connection.
0c98a162b3edfa493fb0a51d4bc92e4a10f6c96764005f2ec2eaeeb63450c32e
Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a packet of a specific size is sent to the JDENet Service, a heap based buffer overflow condition is raised.
76921f4b4c1e91a19323ad91b682d4affa71e1a792efd459b4fefd21fe6aa43e
Cook Media Web Development Group suffers from a remote SQL injection vulnerability.
5753e094098a7bd0379bc7e35773a8de8aea4d191a595d330ac7d23d48640417
Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. Several ways remotely deactivate the kernel processes logging have been detected. If specifically crafted messages are sent to the JDENET Service, the JDENET Kernel will stop logging for the kernel processes activities.
6c0cc09e84bd9e005ca7c9ae97cdf041b999375c2808d37a4e86b78a4569c0fd
Daily Maui Photo Widget WordPress plugin version 0.2 suffers from a cross site scripting vulnerability.
3ce415536de4b96ee4985b66cd8380f457622bc1f8badc312859ee148a0f2531
WP Photo Album WordPress plugin version 1.5.1 suffers from a cross site scripting vulnerability.
a8836eafacba3a9faa51ea0de462b5618a7fb80f46ff27f72fde7b2339bd4e16
Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. It is possible for a remote and unauthenticated attacker to retrieve passwords of users that are allowed to login to the SAW Kernel (System Administration Workbench Kernel) in default installations of JD Edwards EnterpriseOne servers. As SAW users are allowed to, among other things, remotely execute commands on the server, the exploitation of this vulnerability leads to a full compromise of the server.
f5e070e8139c15730f71e2ea443c613b4a3d3b03b82fa0971259148856bc1535
Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially crafted message is sent to the JD Edwards server, running processes of XMLCallObject Kernel, then arbitrary commands can be executed through the JD Edwards CallObject Kernel process.
34c7ee07435c2ddc8c251c76a97e1bc8cc1efd0ab34980d34fa7d069d940abff
Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a specially-crafted message is sent to the JDENET Service, the JDENET Kernel performs a shutdown of the service.
495c315fad1554eb899346d39c9206a1fa99d8f13c9027b4c25f296d62c0b440
PixelGems remote file disclosure exploit that leverages a local file inclusion vulnerability.
2e7facf90aaaa0bcdd0ef29248ec91a52c246136d5645ad8eaf30961b54ddecf
eyeOS versions 1.9.0.2 and below suffer from a stored cross site scripting vulnerability.
7d4a4e68d121c5860bc7375739b43d9371bb170bdaea8915ae59210fcafb7f60
Shackleton Rollin suffers from a remote file disclosure vulnerability.
8a4b30a459bf89489b49464052951aba45564c8d22f8d0c574a62823ada4d336
BackupPC version 3.1.0 suffers from a cross site scripting vulnerability.
94caa59ee7f687031cb378f80893959ed9e17654456f0bc3c46700cb4648a125