Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Business Availability Center, which can be exploited by malicious users to hijack a user's session and by malicious people to conduct cross-site scripting and request forgery attacks.
23add80c152d2b92dce50f67e233c66f349d3fba13c7339e198947861a805f31Secunia Security Advisory - A security issue and a vulnerability have been reported in WordPress, where one has an unknown impact and the other can be exploited by malicious users to bypass certain security restrictions.
d7feede464b8142c89822bbdfbbed228af998c711708395a6c38e2cee0216641Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
960cb4b02c3b7b44b31b0f319e9713b04951ada88bbb02c64e22e341036668d1Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.
788a12ef11b105308bdc8354ff869e70780e5e49a5bb7506734316a64229ced4Secunia Security Advisory - SUSE has issued an update for xen. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges.
c2200b71062ebc88ba60f3f602169bab5507a49874d89bbca92492257728b2ddSecunia Security Advisory - Andrea Fabrizi has reported some vulnerabilities in Turbo NAS Firmware, which can be exploited by malicious users to disclose sensitive data and manipulate certain data.
cc0aa40722d9ed7efd92ad9546b5c86dcbf0d9fc6114969ba9911eae2d83751dSecunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Java, which can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
f62d9235151410fc2ff80ebd48505c4f8aa5da1ad0977a01e24303bf6dd25983Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
a402bb95d485f01e3d0167722d5d7b168cb98d9560f09d3b9240aeb01c15ad00Secunia Security Advisory - Markus Pieton has discovered a weakness and multiple vulnerabilities in LimeSurvey, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct spoofing attacks.
c71699c05b6d1a3b6477ddc6b450cefeb5ddb6204993b7cb74489379fd7d9096Secunia Security Advisory - Multiple vulnerabilities have been reported in Webmin, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to disclose certain sensitive information.
a3bc839370d27d6268ff958da0b2f456823580fdc1aae6756a439c3d22b1ea08Secunia Security Advisory - A vulnerability has been reported in Apache Wicket, which can be exploited by malicious people to conduct cross-site scripting attacks.
4a0896886b4887bdff8aa86c4185da977d94075b074f29c9d856ea03c27d20d2Secunia Security Advisory - A vulnerability has been reported in Cybozu KUNAI for Android, which can be exploited by malicious people to compromise a user's device.
731b6c69319c99af91db994a980b60a46bfd9c3a5c68e5716926de2631a388fbSecunia Security Advisory - Benjamin Kunz Mejri has reported three vulnerabilities in eFront, which can be exploited by malicious users to conduct script insertion attacks.
3c22bb1acc08529052d232cefe77e1cad1440e8d62b8ab64d8353ce5362573e1Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
ba1974545ef68e719eb307637c12e60302b523c75b789b85ace3b5fae2934a58Secunia Security Advisory - Some vulnerabilities have been reported in MariaDB, which can be exploited by malicious users to cause a DoS (Denial of Service).
42b1a630e71daf838c4ad8d41f7fdaa5a11bcdab0fb8d3e27a7846e3bea36cd5Secunia Security Advisory - A vulnerability has been reported in Clipster, which can be exploited by malicious people to conduct script insertion attacks.
2642797425f58d0a95fc81624c1354bb6feffa28a312be901c850880b65385feThis Metasploit module exploits a vulnerability in ActiveFax Server. The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax Server. The module has been tested successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.
c647f83637014a447ae0a445b73bc78e1347958b1328e0f0cc2af4bc0585b90aThis Metasploit module exploits multiple design flaws in Sflog 1.0. By default, the CMS has a default admin credential of "admin:secret", which can be abused to access administrative features such as blogs management. Through the management interface, we can upload a backdoor that's accessible by any remote user, and then gain arbitrary code execution.
df8a3a625895eb3faaf98942ef2a7cf7f43469012acc9d053eb309172b671640PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
73113323b7ab29f5e27abbb243890fa72310b37ec31392cf995909f28e935facCannonbolt Portfolio Manager version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
af2cde757b80b6edd1399f05f7e047043779fc2585e5a29ad412edf13cf12f21The SonicWall UTM ES WAF suffers from an input filter bypass vulnerability.
134825eef33bfebc96402f88d2c8325711a5d529f7ff561ab516ac5b3a6fe422HP Security Bulletin HPSBMU02811 SSRT100937 - Potential security vulnerabilities have been identified with HP Business Availability Center (BAC). The vulnerabilities could be remotely exploited to allow cross site scripting (XSS), cross site request forgery (CSRF), and web session hijacking. Revision 1 of this advisory.
1f9cf178cddb06073346037698e56533887ec6038bad65dde6c385f70a0e1a01OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
27a83b2cdde60d0c606b9cda61ffcb1f5e3124c7874e52e5b20113ffe2c76b84WordPress NextGEN Gallery third party plugin version 1.9.5 suffers from multiple cross site scripting vulnerabilities.
06cb3ce18ca24b3bbd8e13460c0e145afb69e78f73cfeaba77cfc8a38fc6801fThe vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.
b4b1af1414616836794ade27cea928934b749ebd739b732498a4491702561254
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed