Secunia Security Advisory - Nick Freeman has reported a vulnerability in StoryBoard Quick, which can be exploited by malicious people to compromise a user's system.
52bbe3b70681bb346a9021a49a37ea309a984d29c3bb1dc9ba948ce3434a6b8d
Secunia Security Advisory - A security issue has been reported in various HP LaserJet Printers and HP Digital Senders, which can be exploited by malicious people to bypass certain security restrictions.
a50225563f0e1f88cca6fa9ea77e6fc213008b78948fdfa5694680d48cd49086
Secunia Security Advisory - Debian has issued an update for clearsilver. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
286353dd75898add1bd770f7b6eeff9f5239969f8de093804ef5392695e53413
Secunia Security Advisory - Parallels has acknowledged two vulnerabilities in Parallels Plesk Panel, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to cause a DoS (Denial of Service).
9d188efb4c603546de8b62417f9eb98035504a439a2c8ae4f792bc04dc395821
This archive contains all of the 212 exploits added to Packet Storm in November, 2011.
4ce4dae14067c705b24f6a65f2b6a121fc4cc0c48d373b45b008d48685e82e05
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
77c4522c92b55c60c8ec7a05a516d395b7066545f15280db85bd012105560ea8
XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.
bef3399a296d2bc9f4afa5ff5d431dea9826fc32d8c59e4fc693a7006077308c
Debian Linux Security Advisory 2355-1 - Leo Iannacone and Colin Watson discovered a format string vulnerability in the Python bindings for the Clearsilver HTML template system, which may lead to denial of service or the execution of arbitrary code.
99672fba33fe3030c4f3da44ad329d1f6038fc0105e9bb1b9ef2e529954d11b8
SugarCRM Community Edition version 6.3.0RC1 suffers from a remote SQL injection vulnerability.
7012c653e5b52a57f78f27b30fba5e47686eaa59c62ade18aa36ab1d69d6c4b5
Debian Linux Security Advisory 2354-1 - Petr Sklenar and Tomas Hoger discovered that missing input sanitising in the GIF decoder inside the Cups printing system could lead to denial of service or potentially arbitrary code execution through crafted GIF files.
7f113952be28c42d62a36b7f9cc4415e144cd6c8fe1716bd4b204297ff211d6a
This Metasploit module exploits a stack based buffer overflow in CCMPlayer 1.5. Opening a m3u playlist with a long track name, a SEH exception record can be overwritten with parts of the controllable buffer. SEH execution is triggered after an invalid read of an injectable address, thus allowing arbitrary code execution.
62edddea0f0519c92d9a92f2e69fc9d8e1666dd6111763683d4173038b2a9bca
OrangeHRM version 2.6.11 suffers from cross site scripting and remote SQL injection vulnerabilities.
db3bb5ee19f0abfa33fe45c4307d6fdecdafd598a15f7f8f66c33e8ecbcfe2cd