Secunia Security Advisory - A vulnerability has been discovered in SilverStripe, which can be exploited by malicious users to conduct script insertion attacks.
a8268e92b9312c35348527a1901f408b693fc8d24bec22c1fa9ac30a41e69b41
Secunia Security Advisory - A vulnerability has been reported in HostBill, which can be exploited by malicious people to compromise a vulnerable system.
6fccf7e5b285f05dce10f3f9bcd190e032697bf0784daa5975fe2d127827d0ec
Secunia Security Advisory - VMware has acknowledged multiple vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to disclose potentially sensitive and system information, bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges, by malicious people with physical access to disclose certain system information, and by malicious people to disclose sensitive information, conduct spoofing and cross-site scripting attacks, cause a DoS, and compromise a vulnerable system.
03fbde2e7108e3c8addca33faa8e098d26cb7c4463d354eba5bfd504ec948830
Secunia Security Advisory - A vulnerability has been reported in FishEye and Crucible, which can be exploited by malicious users to compromise a vulnerable system.
966795fd9012d35c0a7d2f37aba66c2b02af685e23347e8e37d2f2bef5e6afa0
Zero Day Initiative Advisory 12-020 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SaveDoc and PrintFile functions exposed by the VsVIEW6.ocx ActiveX control. The SaveDoc function causes a file to be created at an arbitrary path specified by the first argument (FileName). The file contents can be controlled by setting the 'Header' member and calling PrintFile() with the same path argument. These behaviors can be exploited by a remote attacker to execute arbitrary code on the target system.
0e61a6e226350f291abb2c1d035a02dd7b420e246ac20734c7e602223f151f77
Zero Day Initiative Advisory 12-019 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within SetLicenseInfoEx() method exposed by the mraboutb.dll ActiveX Control. String data supplied to the first parameter (strInstallDir) of SetLicenseInfoEx() is copied into a 256 byte global buffer without first checking the string length. This overflow can be exploited to remotely execute arbitrary code on the target system.
854bc2e262fff88ef741e78bf82fffb4832ad1b7eb87f4f13c662b94e8d6c14e
Mandriva Linux Security Advisory 2012-011 - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. The updated packages have been patched to correct this issue. The openssl0.9.8 packages for 2010.2 have been upgraded to the 0.9.8t version which is not vulnerable to this issue.
35b11032bcc6ae21446636fb990652ffe9762c98d3d9d0030aaed125ce61a84d
Win32/XP Pro SP3 (EN) 32-bit beep beep shellcode.
6e94bfb9d2b94082ecd1a9d972bdb0de79297cda77b7484f32f0b7fbafb9b244
Campaign Enterprise version 11.0.421 suffers from a remote SQL injection vulnerability.
a6e7c8d4760e5b9abb987effc8b747e80986605d0bf70dbc3709453031e5931f
This Metasploit module exploits a vulnerability in the 'proc_deutf()' function defined in /includes/functions_vbseocp_abstract.php in vBSEO versions 3.6.0 and below. User input passed through 'char_repl' POST parameter is not properly sanitized before being used in a call to preg_replace() function which uses the 'e' modifier. This can be exploited to inject and execute arbitrary code leveraging the PHP's complex curly syntax.
b234422868d75376b871ce3713cf474fa00f5083853c55303eeb65ebd679721a
The Joomla CRHotels component suffers from a remote SQL injection vulnerability.
a5210a9d170a3d58dedb14ef2753a0bd0a19beb2c575d1b8fbee04bc2d2dde88
Debian Linux Security Advisory 2398-1 - Several vulnerabilities have been discovered in Curl, an URL transfer library.
affc00b6775ce7bca3c3607be8f46595ea437e93d99e80f5874d29cbbc9e4d89
TWiki suffers from a cross site scripting vulnerability.
20fa13f95c0cbab3ce12b40327deb0594b221c8360e43b8dd5b2b43d7b2db51d
Gentoo Linux Security Advisory 201201-19 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.4.7 are affected.
baad128edffc63cf96f6415bcd8ed20845d4c2166743c0cf07a2e6869a63d515
Gentoo Linux Security Advisory 201201-18 - Multiple vulnerabilities in bip might allow remote unauthenticated attackers to cause a Denial of Service or possibly execute arbitrary code. Versions less than 0.8.8-r1 are affected.
e549809610bc17b343128bb8db5c084ec972795ac311e48c37fed0d3767d72fc