Secunia Security Advisory - Two vulnerabilities have been reported in Cybozu Office, which can be exploited by malicious people to conduct cross-site scripting attacks.
89706c334f6caba2f50393608e01ecb759181a94bcf901eb57c5d91a73da5306Secunia Security Advisory - A vulnerability has been reported in two Cybozu products, which can be exploited by malicious people to conduct cross-site scripting attacks.
f6a8545f1ccb1a26f7c69600813714b7591f9bd59106066dae97e6d72bef7726Secunia Security Advisory - Ubuntu has issued an update for curl. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks and to cause a DoS (Denial of Service) or compromise an application using the library.
7ee5fab97db03228ea9c9fa5adf187783821fee19a9d33bed4f9eb3395d3190aSecunia Security Advisory - Two vulnerabilities have been reported in Cybozu Office, which can be exploited by malicious people to conduct cross-site scripting attacks.
2fbe3e2c29ee260f01660eb3b116c67da960314ae7c0835a8f732c6ad494b854Secunia Security Advisory - A vulnerability has been reported in multiple Cybozu products, which can be exploited by malicious people to conduct cross-site scripting attacks.
33de3954fa870426f9e38dd58efee3a14e3ec1e3faae0e2f5f060ce1e165190fSecunia Security Advisory - Keith Lee has reported a vulnerability in ManageEngine ServiceDesk Plus, which can be exploited by malicious users to disclose sensitive information.
b40e0e913d9d82e387b0e3b316260a71c80735f914f4d973d948758f342911ebSecunia Security Advisory - Two vulnerabilities have been reported in Avactis Shopping Cart, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct script insertion attacks.
25660b46d29a2555c4426cd16297ab0addc685d634a79a00be05ddbddb53776bSecunia Security Advisory - Multiple vulnerabilities have been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service).
51038f37cea0f04f48bf2abe626c2a4b6f769c893a4484b70c29755e5fd22e9eSecunia Security Advisory - A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service).
fd0b42c3f1a4074aaa53e950f402f861445e8d8ce3d067f99e20a4d498d35c3acreepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown, accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation.
cbcdfa86cad0e2d10b1463a31bc5be6fd31f44a1019369eac203b1b90e166a5aMobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
ae4c4870abd2448a6b13abf48ccd5a20979836ce7e17d787686ee96f246a8762PRE-CERT Security Advisory - The tftp-hpa daemon contains a buffer overflow vulnerability in the function for setting the utimeout option. As the daemon accepts the option from clients, the vulnerability can be remotely exploited. Versions 0.30 through 5.0 are affected.
0a46a4e113dabe89a5380ccddb1dda0c299749eccc3f07ddbd3134e705cf6484Ubuntu Security Notice 1158-1 - Richard Silverman discovered that when doing GSSAPI authentication, libcurl unconditionally performs credential delegation, handing the server a copy of the client's security credential. Wesley Miaw discovered that when zlib is enabled, libcurl does not properly restrict the amount of callback data sent to an application that requests automatic decompression. This might allow an attacker to cause a denial of service via an application crash or possibly execute arbitrary code with the privilege of the application. This issue only affected Ubuntu 8.04 LTS and Ubuntu 10.04 LTS. Various other issues were also addressed.
c6a6ac23fe38bdd0c63b14ef095dd1d9c4d3b33b67d83ea20586c5d3c3440d08Ubuntu Security Notice 1157-3 - USN-1157-1 fixed vulnerabilities in Firefox. Unfortunately, this update produced the side effect of pulling in Firefox on some systems that did not have it installed during a dist-upgrade due to changes in the Ubuntu language packs. This update fixes the problem.
1f06eaaf0e9e4c10be161a5015eab74c9ebe632a8a649a51c954db744e7eed54Red Hat Security Advisory 2011-0897-01 - JBoss Enterprise Web Server has been updated to mitigate multiple vulnerabilities such as cross site scripting, information leaks, and more.
7aecf3731e5d7ec16a49db4e8573debf3eeae784616883cd4920d2dccde550dexAurora Web Browser version 10.00 DLL hijacking exploit.
d929090da8a51d38c072431d98fc0afdcdb7c6a41f94bdecc58abaf851fd5ea9John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.
12f4307602b9a8f0d3f82daf28e0f59de21aa82c9dcccd16819b288ec83ab559Whitepaper called A Simpler Way of Finding 0day.
4859d724b26948f29e04d81656d4e0314359c0100667a845bd0c4eb59191af45ManageEngine Support Center Plus versions 7801 and below of the 7.8 build suffer from a directory traversal vulnerability.
8743cb951897ee9699667263f90fad9d4a903b39178ae4eaf8b7ff565eb920ee143 bytes small Linux/SuperH sh4 add root user with password shellcode.
9dfaa19c7c70387a951fecf63dda0dc5cbf3d6994790436ec8af033e25311bdfNodesforum version 1.059 suffers from a remote file inclusion vulnerability.
9982b3fded51a54a8365d8145cca7363066bdd567b8f2dee8c61fa301a380c472Point Solutions suffers from a remote SQL injection vulnerability in cmspages.php.
705d196f44fe1e6985eaf26b5b115b8e47e5115be4863af928c438d1cc038a0bvBseo version 3.1.0 remote command execution exploit that leverages injecting code into log files.
19b8a6ac5706e93e61241b70693fd6e52dc685575d2effbb762400818c1a8185NetServe Web Server version 1.0.58 suffers from denial of service, cross site scripting, various inclusion vulnerabilities and more.
57730836287f5775bff301c266cccc018712462def19a33875a91e36190e4b13Demonstration DLL hijacking code for Avira AntiVir Personal version 10.00.12, Free YouTube Download version 2.10, HTTrack Website Copier version 3.44, and Remote Desktop Connection.
def38d921bc8a88a0559e9f2a9b6862a70f8ccfe01d99bded4e903c9f6bb8987
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed