Insomnia Security Vulnerability Advisory - The ODBC service component of IGSS listens on port 20222/tcp by default. The application layer protocol runs over TCP and reads an initial packet that specifies the amount of data to follow. A second read then takes place and the data is copied into a variable length buffer. Next the data is parsed and during this process a buffer overflow occurs on the stack. At minimum this vulnerability leads to denial of service though remote code execution may be possible.
9b00196dabcaf93182f5a536e6c2c63ee2b1c359b79ac0f8472802f7bb57d00f
Onapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a certain type of message, containing a specially-crafted Unicode data packet, is sent to the JDENET Service, the JDENET Kernel executes a system call, using a user-provided value as the time parameter. This causes the service to stop responding for a period of time.
79b3c65811e59b25443d9a05f8600c42cb7d9ecd8b95e729190c1172ccc7e3e8
SE Software Technologies suffers from a remote SQL injection vulnerability.
55e2527e04b3dd937b6c340e1c1d15332b0a0cd8c58364aa23c1e143136b0a4c
libmodplug versions 0.8.8.2 and below .abc stack based buffer overflow proof of concept exploit.
dbfed6a7a58ca7e45c3fb022dda6012d48c3db31b77600aca3592fc6e32e19c4
Onapsis Security Advisory - It has been detected that the SAP Enterprise Portal runtime presents descriptive error messages when special HTTP requests are processed, returning information about the filesystem structure were the component is deployed in the target system.
d62881883bf04e378522bd7017f63f180b0724bc85d732833c2b6efad9db3923
Onapsis Security Advisory - The SAP Web Application Server (WebAS) is the application platform of the SAP NetWeaver, which is the basis for the other NetWeaver components. With the SAP Web Application Server you can implement both server-based and client-based Web applications. It has been detected that the ITS Mobile Start service suffers from input validation vulnerabilities and design weaknesses, which can be exploited to perform XSS and arbitrary redirects attacks.
4973dde1444f7ea1451bf61d92f93f460d71a3e5898a4dae972e180aaafefe31
Onapsis Security Advisory - The SAP Web Application Server (WebAS) is the application platform of the SAP NetWeaver, which is the basis for the other NetWeaver components. With the SAP Web Application Server you can implement both server-based and client-based Web applications. It has been detected that the ITS Mobile Test service suffers from input validation vulnerabilities and design weaknesses, which can be exploited to perform XSS and arbitrary redirects attacks.
b1a16e8fafc41fd2fd523be4fe06a2088738ea8be3c1a1f316e68006cd95226d
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.
b821bac5059a3cdc8beb9a715691a9a412db4947345adb7f88eda2fa93293030
xMatters AlarmPoint Java Web Server API version 3.2.1 suffers from a cross site scripting vulnerability.
4d18669ab73ab6d9de1600f56c01ff07b87a8ca67c7effa5cd907e1b5db3d0a5
CMS Made Simple versions 1.9.4.1 and below remote shell upload exploit.
92049434cb2bd8f6a583baeff7f79abf85cc49fb49fe0162f4718be889ed112e
ClanSphere version 2011.0 suffers from shell upload and local file inclusion vulnerabilities.
4d1a95b9a80050f14fb1622f4741629ba579c1e41dbf79ffe972075e3ddf73e6
Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in InduSoft ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.
7970b7e093607d27d757175767c03080bd3d08df8b6851c188d2805d018cdcf9
Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in InduSoft ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.
7970b7e093607d27d757175767c03080bd3d08df8b6851c188d2805d018cdcf9
Secunia Security Advisory - Ubuntu has issued an update for pcsc-lite. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
3de961338a15c0086a0dc059c9ae0027fbdbb0f21084e28924c47b8191fa3f9c
Secunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct spoofing attacks, and potentially compromise a user's system.
5c56aba1f06ba83ef23a4b1c2183d7e60fb3b5bf39a4240549d045d2437aa3b0
Secunia Security Advisory - Ubuntu has issued an update for rsync. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
4c4d75caeb4ab1fd5582ab3ea46b0da4075755138a24075d5eed807348d7aca4
Secunia Security Advisory - A vulnerability has been reported in the Node Reference URL Widget module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
463f4a3157492be3ed7c80df3c7e7610e387ff68f9f80804eedacae44bf921e3
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system and cause a DoS, and by malicious people to cause a DoS and potentially compromise a vulnerable system.
de9c3b2221db875d98f910a285a45f7e56064c68b216b0c484db1ad8bb6b921b
Secunia Security Advisory - Acidgen has reported a vulnerability in MAGIX Music Maker, which can be exploited by malicious people to compromise a user's system.
a46457fc073ebbde94209c81d4dac707a57a5462cd5dd4db1b10e01a8b4e620a
Secunia Security Advisory - A vulnerability has been discovered in Subtitle Processor, which can be exploited by malicious people to compromise a user's system.
9f9c3c197aa6dd56a59bf421cd5c1bac4d00d552c81fb3cab3bb26b661fbd741
Secunia Security Advisory - A weakness and a vulnerability have been reported in CA Arcot WebFort Versatile Authentication Server, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks.
fc40b866f4dd258b7d2d332feaf3614b3d1fcf7f24d61e260ceadb9d1db09654
Secunia Security Advisory - NetBSD has issued an update for dhclient. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
7898fe4840fdfff9ef75b241e2022402fa4b617340bbef3fecdbdf34ab8e0a94
Secunia Security Advisory - Debian has issued an update for asterisk. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
0dbff8d1287ff9d820a2f26d4c6a97775867021a4e27bf410835f0021588d9af
Secunia Security Advisory - Debian has issued an update for libmodplug. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
c0aa196f16f51df1be0900e57ab990970adc249eb098dad8738ae55a02dbee4c
Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Advantech Studio ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.
0922c1f183edaf0cebd923a4eefed01bf570b184f870700a384f86d073b53906