Mandriva Linux Security Advisory 2011-103 - Stack-based buffer overflow in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. Stack-based buffer overflow in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. Stack-based buffer overflow in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a long Foreground field in a plugin configuration file.
a9707df186667e960fb7bcccb9b44257753c19aac46b92c0e7a54f39a8f4c029
Cotonti versions 0.9.2 and below suffer from a remote blind SQL injection vulnerability in users.php.
8b857580d193e31504d88a424f28241570185469ca0ab375eb935a749fd65e67
Cotonti versions 0.9.2 and below suffer from a remote blind SQL injection vulnerability in forums.php.
bd9910b77c5d99b02082c7bd71375236d0edd0a63a4ff84bccd2a2d2c50821ac
Debian Linux Security Advisory 2246-1 - Several vulnerabilities were discovered in mahara, an electronic portfolio, weblog, and resume builder.
ba3a5abdd8001f5ec154d30befa0306d62a84e4263dc60f203fbe254133a260f
Debian Linux Security Advisory 2245-1 - Several vulnerabilities were discovered in the Chromium browser.
95d73137a834ded9030bb360069113dddf15ccd4c1c7e7324bd1bff59ee266d2
Mandriva Linux Security Advisory 2011-102 - Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a. in a pathname.
e95e4028e63acc2a106410223cc65ea955c645b12d8dd36b9ac2e57235d52189
Gadu-Gadu suffers from a man-in-the-middle vulnerability that allows for remote code execution.
ede23e4dcb6d4a79c96cf3cc1f607fdb0cfd0d9de0378853dca7264cec08c912
Poison Ivy version 2.3.2 remote buffer overflow exploit.
5b3216c88aa8ecb57dc333701bd9328faa889c21e0e43688f483d216b3c65eea
Guru Penny Auction Pro version 3 suffers from a remote blind SQL injection vulnerability.
71ed018cec5ed63cc172174389fdb02cb194955bf0bb7302b198ce5c62130640
Duhok Forum version 1.1 suffers from a remote SQL injection vulnerability.
12c2bd7d2231495101cf8d039cc376e07964ec005f0a39bac308c951521016f0
Joomla JMSFileSeller component version 1.0 suffers from a local file inclusion vulnerability.
e935372257a3e73870aae7652b89def888c1b4e53016c2e5e61a49173d744c35
Call For Papers for the 7th edition of the Ekoparty Security Conference being held from September 19th through the 20th, 2011, in Buenos Aires City, Argentina.
5519d305746aceb7de9f32a8248f9eb33f127d1b4c36c0254c6b1cab2a583b9d
Two shellcodes for FreeBSD/x86 that perform execve('/bin/sh -c "reboot"').
3bd000b32b1f9ee525b704f044dac18d1b44ec62b624c73b1cd4f4a817928fa4
Cotonti versions 0.9.2 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
9d0bcae92d5f817235eadbfd0c19094dca6ee95409e6850dad8195904cfecb5d
HP Data Protector Client remote code execution proof of concept exploit.
951db48f45c071586a2510454c9514403bde6360de72d224a170ce5b8cc143db
Secunia Security Advisory - A vulnerability and a security issue have been reported in Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions.
baea630fbcf85c09b4e4403fe1523e283d1461b0890b664e5b7ab50742dabb4b
Secunia Security Advisory - Fedora has issued an update for systemtap. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
93b02196aa223bc626e9fccb91cfdd1af22b8cac4aee55fe5db953404af0ee61
Secunia Security Advisory - Ubuntu has issued an update for dbus-glib. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security features.
28286e0752f1af2575d13dd78502de0dd65dc4223cead54188ebc464a267f715
Debian Linux Security Advisory 2244-1 - It was discovered that BIND, an implementation of the DNS protocol, does not correctly process certain large RRSIG record sets in DNSSEC responses. The resulting assertion failure causes the name server process to crash, making name resolution unavailable.
1d5d9062a169179cd4ddf94fe0a3ecabc58a694c5253fb7da52827e2d41efd17
Debian Linux Security Advisory 2243-1 - It was discovered that Unbound, a caching DNS resolver, ceases to provide answers for zones signed using DNSSEC after it has processed a crafted query.
e9b7b8f531d7f0bf62453a71f0ee84e29f0c50968fee5a72a1b77af5437f7843
This paper, called Security Implications of IPv6, was published by CPNI and is a collection of security implications to think about while transitioning to IPv6.
c237c137715ec6c6b22b18847817cae159ad2b52af7a8aac8da06ea03c3945fd
Apache Archiva versions 1.3.0 through 1.3.4 suffer from a cross site scripting vulnerability.
5efbf8901967ec7d67fef99169880a4eb9b5f7f796e2016b76d3c042d56f0674
Lil' HTTP Server version 2.2 suffers from a cross site scripting vulnerability in a default CGI script.
1cd00218bbd303ceb7a7c683ad4f9e471fe94b3e8bd6679f9bf4aab7ee9035d7
Proof of concept cross site request forgery code that adds a user for cPanel versions prior to 11.25.
a024c484981bd080759beb56b4616306d09fd3038a7cbfbd27ace111d7c4bed6
This is a brief whitepaper discussing tools and methodologies used by black hat hackers.
99cb5168fe73f25bc8cebea491434ac4136ad39ade7060bd9bca61721ecbea5c