Secunia Security Advisory - Two vulnerabilities have been reported in Cybozu Office, which can be exploited by malicious people to conduct cross-site scripting attacks.
89706c334f6caba2f50393608e01ecb759181a94bcf901eb57c5d91a73da5306
Secunia Security Advisory - A vulnerability has been reported in two Cybozu products, which can be exploited by malicious people to conduct cross-site scripting attacks.
f6a8545f1ccb1a26f7c69600813714b7591f9bd59106066dae97e6d72bef7726
Secunia Security Advisory - Ubuntu has issued an update for curl. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks and to cause a DoS (Denial of Service) or compromise an application using the library.
7ee5fab97db03228ea9c9fa5adf187783821fee19a9d33bed4f9eb3395d3190a
Secunia Security Advisory - Two vulnerabilities have been reported in Cybozu Office, which can be exploited by malicious people to conduct cross-site scripting attacks.
2fbe3e2c29ee260f01660eb3b116c67da960314ae7c0835a8f732c6ad494b854
Secunia Security Advisory - A vulnerability has been reported in multiple Cybozu products, which can be exploited by malicious people to conduct cross-site scripting attacks.
33de3954fa870426f9e38dd58efee3a14e3ec1e3faae0e2f5f060ce1e165190f
Secunia Security Advisory - Keith Lee has reported a vulnerability in ManageEngine ServiceDesk Plus, which can be exploited by malicious users to disclose sensitive information.
b40e0e913d9d82e387b0e3b316260a71c80735f914f4d973d948758f342911eb
Secunia Security Advisory - Two vulnerabilities have been reported in Avactis Shopping Cart, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct script insertion attacks.
25660b46d29a2555c4426cd16297ab0addc685d634a79a00be05ddbddb53776b
Secunia Security Advisory - Multiple vulnerabilities have been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service).
51038f37cea0f04f48bf2abe626c2a4b6f769c893a4484b70c29755e5fd22e9e
Secunia Security Advisory - A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service).
fd0b42c3f1a4074aaa53e950f402f861445e8d8ce3d067f99e20a4d498d35c3a
creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown, accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation.
cbcdfa86cad0e2d10b1463a31bc5be6fd31f44a1019369eac203b1b90e166a5a
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
ae4c4870abd2448a6b13abf48ccd5a20979836ce7e17d787686ee96f246a8762
PRE-CERT Security Advisory - The tftp-hpa daemon contains a buffer overflow vulnerability in the function for setting the utimeout option. As the daemon accepts the option from clients, the vulnerability can be remotely exploited. Versions 0.30 through 5.0 are affected.
0a46a4e113dabe89a5380ccddb1dda0c299749eccc3f07ddbd3134e705cf6484
Ubuntu Security Notice 1158-1 - Richard Silverman discovered that when doing GSSAPI authentication, libcurl unconditionally performs credential delegation, handing the server a copy of the client's security credential. Wesley Miaw discovered that when zlib is enabled, libcurl does not properly restrict the amount of callback data sent to an application that requests automatic decompression. This might allow an attacker to cause a denial of service via an application crash or possibly execute arbitrary code with the privilege of the application. This issue only affected Ubuntu 8.04 LTS and Ubuntu 10.04 LTS. Various other issues were also addressed.
c6a6ac23fe38bdd0c63b14ef095dd1d9c4d3b33b67d83ea20586c5d3c3440d08
Ubuntu Security Notice 1157-3 - USN-1157-1 fixed vulnerabilities in Firefox. Unfortunately, this update produced the side effect of pulling in Firefox on some systems that did not have it installed during a dist-upgrade due to changes in the Ubuntu language packs. This update fixes the problem.
1f06eaaf0e9e4c10be161a5015eab74c9ebe632a8a649a51c954db744e7eed54
Red Hat Security Advisory 2011-0897-01 - JBoss Enterprise Web Server has been updated to mitigate multiple vulnerabilities such as cross site scripting, information leaks, and more.
7aecf3731e5d7ec16a49db4e8573debf3eeae784616883cd4920d2dccde550de
xAurora Web Browser version 10.00 DLL hijacking exploit.
d929090da8a51d38c072431d98fc0afdcdb7c6a41f94bdecc58abaf851fd5ea9
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro.
12f4307602b9a8f0d3f82daf28e0f59de21aa82c9dcccd16819b288ec83ab559
Whitepaper called A Simpler Way of Finding 0day.
4859d724b26948f29e04d81656d4e0314359c0100667a845bd0c4eb59191af45
ManageEngine Support Center Plus versions 7801 and below of the 7.8 build suffer from a directory traversal vulnerability.
8743cb951897ee9699667263f90fad9d4a903b39178ae4eaf8b7ff565eb920ee
143 bytes small Linux/SuperH sh4 add root user with password shellcode.
9dfaa19c7c70387a951fecf63dda0dc5cbf3d6994790436ec8af033e25311bdf
Nodesforum version 1.059 suffers from a remote file inclusion vulnerability.
9982b3fded51a54a8365d8145cca7363066bdd567b8f2dee8c61fa301a380c47
2Point Solutions suffers from a remote SQL injection vulnerability in cmspages.php.
705d196f44fe1e6985eaf26b5b115b8e47e5115be4863af928c438d1cc038a0b
vBseo version 3.1.0 remote command execution exploit that leverages injecting code into log files.
19b8a6ac5706e93e61241b70693fd6e52dc685575d2effbb762400818c1a8185
NetServe Web Server version 1.0.58 suffers from denial of service, cross site scripting, various inclusion vulnerabilities and more.
57730836287f5775bff301c266cccc018712462def19a33875a91e36190e4b13
Demonstration DLL hijacking code for Avira AntiVir Personal version 10.00.12, Free YouTube Download version 2.10, HTTrack Website Copier version 3.44, and Remote Desktop Connection.
def38d921bc8a88a0559e9f2a9b6862a70f8ccfe01d99bded4e903c9f6bb8987