Secunia Security Advisory - Ubuntu has issued an update for evince. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
b81c27efc167bcb955ccb8f8e8f07e66d1d4c48c04784edad9ff0e583934ac57
Secunia Security Advisory - A vulnerability has been discovered in the JE Story Submit component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.
1c10ba265b194ec64d791bd6492297de5a70a74de829d3dfb133db5460bfe8ad
Secunia Security Advisory - SUSE has issued an update for java-1_4_2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
c9e508130a90a4df683b23de67f61bf813a5bf005025041bf0eeb0abf2690b87
Secunia Security Advisory - Two vulnerabilities have been reported in the Managesite module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
13e366fb3da49bc8955f6d5fc482babdc1f1e1887f0c1f138b34a916300be357
Secunia Security Advisory - Ubuntu has issued an update for libicu. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
84859922e682f066635bc3b9f3c3d4e9e01d243c0b81ec3f3f32b5c55222a2d0
Secunia Security Advisory - Oracle has acknowledged a weakness in Sun GlassFish Enterprise Server and Sun Java System Application Server, which can be exploited by malicious people to disclose potentially sensitive information and hijack a user's session.
4b92d05eb53386db041cf0ecbba416798cb55f8f1006430e79912311333bdfa3
Secunia Security Advisory - A security issue has been reported in RSA enVision, which can be exploited by malicious people to disclose certain sensitive information.
ff786ab32aba0322a89d6f677c149528c710ca9d53ceae702696da39f7c203e0
Secunia Security Advisory - A vulnerability has been reported in EMC NetWorker Server, which can be exploited by malicious people to compromise a vulnerable system.
bcfda0a2ea3b333d9bab0c34c361d4c285077cecb5d983dc7fed7e98c6c4ebbe
Secunia Security Advisory - Cisco has acknowledged a vulnerability in some Cisco IronPort Appliances, which can be exploited by malicious people to compromise a vulnerable system.
d785dc9e631d3b1120e86c0a4c91b7392356cb1707ba6a18f9fed6ae9d90f317
Secunia Security Advisory - A vulnerability has been discovered in phplist, which can be exploited by malicious people to conduct cross-site scripting attacks.
756347e6ae4e0380d5214c9cad7d782778b1f91f44f5813e50b277496f5cdddb
Secunia Security Advisory - A vulnerability has been discovered in VR GPub, which can be exploited by malicious people to conduct cross-site request forgery attacks.
370c1ae6c58c38942e6ea98bf162bb1f6a53c0bea894aead1ab8287fc4263bd5
Secunia Security Advisory - Oracle has acknowledged a weakness, a security issue and two vulnerabilities in Apache Tomcat included in Solaris, which can be exploited by malicious, local users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information and bypass certain security restrictions.
78b2751c14d8168006330dad1b74702f424aa948d207cbecdf9c85ea1d15fa4f
Secunia Security Advisory - Debian has issued an update for libxml2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
432c0d05660dd1d95db13ec425e4e282d9d47c6f30d4dbf5cf23380ba37d0c8e
Secunia Security Advisory - A vulnerability has been reported in Syneto UTM, which can be exploited by malicious people to conduct cross-site request forgery attacks.
4ff6577c6c8233f8315218f40e8c257036d33e31a89ea3a32278be889ef1b995
Peel SHOPPING versions 2.8 and 2.9 suffer from cross site scripting and remote SQL injection vulnerabilities.
17013c953a7f95786dfb2ecad6a020c83079109d6d36eb30367f8a13d03dee28
RSA has announced security fixes to address an environmental variable disclosure vulnerability in RSA enVision 4.x.
97f7dbd3b90747a39a85bb786df93e20edc32f71fe20d64447b9568be6609ee7
EMC NetWorker Server 7.5.x and 7.6.x contain a buffer overflow vulnerability which may possibly be exploited to cause a denial of service or, possibly, arbitrary code execution.
0c2f16df9895b9a9de4b10982e56916be916e3bb0dc120e8232b516c0554f882
xClick Cart versions 1.0.1 and 1.0.2 suffer from a cross site scripting vulnerability.
bcdba6e1a2a10dc5c0b8b5f306c9a121c7949bd1b52de3780b73383a3a2e6c07
Register Plus versions 3.5.1 and below for WordPress suffer from code execution, cross site scripting and path disclosure vulnerabilities.
8af0748bb44a2d219bb2dab50499ab80ee471af807d2e71af2be053afca0860d
This Metasploit module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.50. This issue was fixed in 5.52. You must have valid credentials to trigger the vulnerability. Your credentials must also have the create folder permission and the HTTP option has to be enabled. This Metasploit module will log into the server, get your a SID token and then proceed to exploit the server. Successful exploits result in LOCALSYSTEM access. This exploit works on XP and 2003.
9c89a9721eaaf34e5b28601af5c5497ccf1f5855860d05b1399eb663bcde037c
Cisco Security Advisory - Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Security Management Appliances (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Workarounds that mitigate this vulnerability are available.
4864f4e17fe47b8f6178a603e1cc20bb9f967ec80c223712f14bfa2e367c5c8c
Ubuntu Security Notice 1349-1 - It was discovered that the X wrapper incorrectly checked certain console permissions when launched by unprivileged users. An attacker connected remotely could use this flaw to start X, bypassing the console permissions check.
1c42f23752a398bf3b5d5ac117d5bd2075e69736a4ce1f6e67c0f2e952f6da84
PHPList version 2.10.9 suffers from cross site request forgery and cross site scripting vulnerabilities.
156406175499db29e968856e912ccff0b2c4c1aa66ff94fd3a2977ec74379288
VR GPub version 4.0 suffers from a cross site request forgery vulnerability.
5c3013cdb2082412cf2d8ba5b3215c6f53bd60379f3fd0b3342da270893d0d0d
Ubuntu Security Notice 1348-1 - It was discovered that ICU did not properly handle invalid locale data during Unicode conversion. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.
ed1d39bd80eff20f1ebd24a942fc58795fee0111ae68d13afad8db1b3fdbc5a0