HP/H3C and Huawei networking equipment suffers from a serious weakness in regards to their handling of SNMP requests for protected h3c-user.mib and hh3c-user.mib objects.
0c92a17dfa2d3087a38c6352ee5709ac2ed2aa953819313542b7ecc6ef5659a8
Hook Analyser is a hook tool which can be potentially helpful in reversing applications and analysing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.
1b439ebab261ffcbe48d003f00d7836149ded3ebcbcc7d200890b3f7876a0fd1
Grandstream GXP1405 Executive IP Phone version 1.0.1.110 suffers from a cross site scripting vulnerability.
085dd412ff4de4befbb77fa720a29fb16c6c26df27da5d00fb6ba4c0bf04c0dd
SMF version 2.0.2 suffers from a cross site scripting vulnerability.
74d4decd753f1592c3a98103c597afba293523b48477c9e68958e14f7a8a4bc1
Secunia Security Advisory - SySS has reported a security issue in Palo Alto Networks GlobalProtect, which can be exploited by malicious people to conduct spoofing attacks.
6f7e887e6aa0c50c0b501fdda7a2e6ac09f44b085fb08130e4e707a7cc58f235
Secunia Security Advisory - SEC Consult has reported a vulnerability in the Unirgy uStoreLocator extension for Magento, which can be exploited by malicious people to conduct SQL injection attacks.
e0566a8bec4e52c582fd0b91d6de3024c82bf5176eaadd554565f4e89046ac1e
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in Apache OFBiz.
d2cd7268bddf7356fcb85c3525c7b2ef45b3badad0f59ec60ab26e3debe8a4df
Secunia Security Advisory - HTTPCS has discovered two vulnerabilities in Dolibarr ERP/CRM, which can be exploited by malicious people to conduct cross-site scripting attacks.
0e8002d56d3f0652391c5b00efd5db29110678b5fa276fc5381642b840c67d6a
Secunia Security Advisory - A weakness and a vulnerability has been reported in F5 FirePass, which can be exploited by malicious people to conduct spoofing and SQL injection attacks.
cc01059372de95a8320a754a43be0d1c1bd0e3dc54ace9a2c71c7986e8a0cad5
Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the Thank You Counter Button plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
be407d9f233bc4947f029bfad8717afa95fe7b16c5b41fcc2d1bfd566cf80b0c
Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the UnGallery plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
c1b2776df77c3d447c16c083e8fb650fdb2db79517b6e5019eadb719ce924e91
Secunia Security Advisory - Some vulnerabilities have been reported in multiple HP products, which can be exploited by malicious people to disclose potentially sensitive information.
076f170e24d44a3761554e8694387afe31a991add75155663c46e4351b68ac5c
Secunia Security Advisory - Avaya has acknowledged a weakness and some vulnerabilities in Avaya Aura Presence Services, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and to disclose system information and by malicious people to cause a DoS.
a6823ff82ab0570dc4b51ba1578fe5b0e04bee02f3d967376cb782d403e389d6
Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the Zingiri Bookings plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
8fb0b67c1a9b6d7187216f46baab5726827c240169997a192e126ae8466a90e2
Secunia Security Advisory - MustLive has reported a vulnerability in Bitrix Site Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.
bbe9ed896ef45d31c9632332efda9fae1820ba23ad02e48004a37cbf01a6b96b
Secunia Security Advisory - Two vulnerabilities have been discovered in ManageEngine Security Manager Plus, which can be exploited by malicious people to disclose potentially sensitive system information and conduct SQL injection attacks.
33e39abd068a55c6857399f99607f562688e415216422c07a6e72ba0c41001cf
Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the Zingiri Form Builder plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
929cf4f1880e2b8678b41f4a10791dac17f4b2432ee24dadc901df4b554b10b7
Secunia Security Advisory - A vulnerability has been reported in ViewVC, which can be exploited by malicious users to conduct script insertion attacks.
f5e26a08bf9c7fb2e8a09dade1c2f8ee948f9894f9986284a43b20c6d4fcc4f7
Mandriva Linux Security Advisory 2012-168 - hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials. Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service via a small TLS Message Length value in an EAP-TLS message with the More Fragments flag set. The updated packages have been patched to correct these issues.
512fb097516dbb480fe020de0a49132ae96ea386174115292dd9ee3c594eebc8
Ubuntu Security Notice 1614-1 - Tyler Hicks and Shugo Maeda discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. USN-1602-1 fixed these vulnerabilities in other Ubuntu releases. This update provides the corresponding updates for Ubuntu 12.10. Peter Bex discovered that Ruby incorrectly handled file path strings when opening files. An attacker could use this flaw to open or create unexpected files. Various other issues were also addressed.
1b5e74f2ed8b901db297280f3947aec4380fd1ce36dce847e819c5fdf738002f
Ubuntu Security Notice 1603-2 - USN-1603-1 fixed vulnerabilities in Ruby. This update provides the corresponding updates for Ubuntu 12.10. Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. Various other issues were also addressed.
d9a385c73d2d95b101e82ca39b2cd7b1993b771ddbdebb4d7ed4d39b33fc8108