Secunia Security Advisory - A vulnerability has been reported in op5 Monitor, which can be exploited by malicious users to conduct SQL injection attacks.
0485f06a813c37cbb5dc852244afcef98298fd67b16bc0513883a8073ed5b246
Secunia Security Advisory - A vulnerability has been reported in EMC Cloud Tiering Appliance, which can be exploited by malicious people to bypass certain security restrictions.
7f16ed01887ae3346d872da26fa70d8f408f7bcf5e17ba521e9f75cd53ee3550
Secunia Security Advisory - A security issue and a vulnerability have been reported in IBM Infosphere Guardium, which can be exploited by malicious users to disclose certain sensitive information and by malicious people to conduct cross-site request forgery attacks.
ccfcc6388b06b880b7f984079e000353bb576824868a7338ba7252e0ca071e21
Secunia Security Advisory - BalaBit has acknowledged two vulnerabilities in syslog-ng Premium Edition, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
fa866a8756a19b8868b55b73dbf6d8cc79b5be27f5984754219b3a81fc1347ea
Secunia Security Advisory - Some vulnerabilities have been reported in PrestaShop, which can be exploited by malicious people to conduct cross-site scripting attacks.
5a461073c6ad18dc7498c4abd4e3bfd310f7707f119d26217e013e21eafcda17
Secunia Security Advisory - Some vulnerabilities have been reported in Phorum, which can be exploited by malicious people to conduct cross-site scripting attacks.
b7b95f2768a2c94096dbd106b71034dcb42b6467ec91752f6a2c606c6178066b
A vulnerability in EMC Cloud Tiering Appliance aka CTA (formerly EMC FMA) could allow an unauthorized user to log in to the affected system as a GUI user with full administrative privileges by providing a specifically crafted malicious file during authentication process.
2c43c7c48281d37bb99bd411cd0836d97db5bdcfd9ed523346b4148742d663fb
ActFax version 4.31 local privilege escalation exploit that spawns cmd.exe.
697ffa7fdf16ff3683bbf980a8167a2982f5b6f043569821203b066d92d2311c
Mandriva Linux Security Advisory 2012-144 - Multiple vulnerabilities has been found and corrected in tetex. The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption. Various other issues have also been addressed. The updated packages have been patched to correct these issues.
5c8b23cd2ecf83077e06d18f8f80cd038b4b0c331dd6a9baa869678d5a8dcadf
IMF 2013 Call For Papers - The International Conference on IT-Incident Management and IT-Forensics invites submissions for IMF 2013 being held from March 12th through the 14th in Nuremberg, Germany.
3f1a5a8af64e46622c5319345fb88724f70e4fc883c274b14b9cfe566f4f58d6
Plogger version 1.0 RC1 suffers from multiple cross site scripting vulnerabilities.
b08982a7f4aad0a11297e5e0c3ee78eaa61fcc4a4f0ce5989b79efb7476686ef
Technical Cyber Security Alert 2012-240A - A vulnerability in the way Java 7 restricts the permissions of Java applets could allow an attacker to execute arbitrary commands on a vulnerable system.
a18e5c8d7e2b18824197224cbd232de96e1cff9aaf7438a07a6214ebff4c15da
RV Shopping Cart suffers from a cross site request forgery vulnerability.
ab31b6821553d20ce09762d09990530537d2efbdc776a58973ce3b6e2051bfdb
RV Article Publisher suffers from a cross site request forgery vulnerability.
02a459cfd58a5abb7e58a15a6e14c09b22eaccd57bd2a75287901667e70ad6f3
Simple Web Server version 2.2-rc2 remote code execution exploit with egghunting and ASLR bypass.
d1a0e8222f1406b84f1faec89add1e2b2f68a199e3ffad7936a87cb2222ae326
HP Security Bulletin HPSBUX02805 SSRT100919 3 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. Revision 3 of this advisory.
bb8883ca5152edd3963ac91485a78dc0ea7160add1badcaa980ff233f9ff15cf
WordPress Cloudsafe365 third party plugin suffers from a local file inclusion vulnerability.
bd5a56f7a933bc5955131ed5397be43665b68251d1ad3b374a4d6b79d858d3f5
When OpenOffice reads an ODF document, it first loads and processes an XML stream within the file called the manifest. Apache OpenOffice 3.4.0 has logic errors that allows a carefully crafted manifest to cause reads and writes beyond allocated buffers.
493c97b0d9779ff425aec7f71289318f69ad4df12dd5f0dbdc14075fa27d8e32
Ubuntu Security Notice 1547-1 - Vreixo Formoso discovered that the libGData library, as used by Evolution and other applications, did not properly verify SSL certificates. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter data transmitted via the GData protocol.
a4ab1606db51fda6b3872f4eb812e94c816f2b0d3a0230277fcb0126b714fb2a
Ubuntu Security Notice 1546-1 - It was discovered that multiple integer overflows existed in the malloc and calloc implementations in the Boehm-Demers-Weiser garbage collecting memory allocator (libgc). These could allow an attacker to cause a denial of service or possibly execute arbitrary code.
58991ae1377d34f2cb65a2637dac82551f96bcf8a96f7a256a0430749a93efad
Arihant Infotech CMS suffers from a cross site scripting vulnerability.
e943e1e25984a03df8bf7e03c6a9dd90872d10256c23e6fbcd489ae15cdc9ee6
MTV.com suffers from a cross site scripting vulnerability.
a92d3f773cdd8d8a76b2589b80e5361799f19b825300a3476f09b03c016fa039
JQuery Tooltip suffers from a cross site scripting vulnerability.
088a62925514da2dffb93c28a026cbae071b0c06e7a4b5e8e1b290742bd24e07
Mieric AddressBook 1.0 suffers from a remote SQL injection vulnerability.
c96a18bbe493f7a2a6510549f9120ba123f913dc9c34eaceac64db2c62b35479
ANGLER Technologies CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
22dfeff7a30a7f4a403d2e876f9680a35fb0be68ca5c87a03a2d93e83c2d9ccf