Microsoft Office Publisher 2010 crash proof of concept denial of service exploit.
b2596f036e91036b1d9c5e75fe931fc3789cd3a28a5f811d1c8bdfe17aa40c79Microsoft Paint version 5.1 memory corruption proof of concept exploit.
15e5373002cdf14b6c92cf97696861304cc35f3a4bceeadf2a2995e5a4c4daa2Red Hat Security Advisory 2012-1407-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Multiple flaws were found in the location object implementation in Firefox. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or cause Firefox to execute arbitrary code.
54436dae5beb0912b3a2a377f2312001f8c667f6f7718587d2dfcebdb9306761Microsoft Office Excel 2010 memory corruption proof of concept exploit.
0df178e45417b53cde74b1e1ad25ed1e46b1b3da0052271a76eb500b5cd88c18Arora version 0.10.0 suffers from a DLL hijacking vulnerability.
3b16421b250afbbb93f4a541254be6b109d4ed90df6048ae29bec103bef5afa1Secunia Security Advisory - Ubuntu has issued an update for webkit. This fixes multiple vulnerabilities, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
91a7ce0445107d5f462fb1551c9fe975a814e7d312267d974704b49c1e584ffdSecunia Security Advisory - A vulnerability has been discovered in the FireStorm Professional Real Estate plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
2fdad89e43d8b395cfc5233c5480a9fd0cb9f6798fedec2b60888bbffa564bc4Secunia Security Advisory - Some vulnerabilities have been reported in IBM InfoSphere Streams, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks.
385e675397c6877b3aac6b330b9931123d10b66eee684f826709ec815d6c127bSecunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM WebSphere MQ, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
ffe404a7b31923783712ca6b3aa1d7ffdf8f8eefb66cabc9cee175cf5a81958eSecunia Security Advisory - ERPScan has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to disclose potentially sensitive information.
241360c888678b80bc2b5a39d4847e49f21d843126a1078b894bb106ea7818dcSecunia Security Advisory - A vulnerability has been reported in RT RTFM Extension, which can be exploited by malicious users to bypass certain security restrictions.
81d7aa86c118c3f7298ef8d60b5c4c20347aad16c1f49278e808a083d9fdc779Secunia Security Advisory - Janek Vind has discovered multiple vulnerabilities in the GRAND FlAGallery plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to disclose sensitive information.
1fbf169b8dc118f3cad30d489c978f932ba2a941753fb2352d930d1ce15a54d5Gramophone version 0.01b1 suffers from a cross site scripting vulnerability.
9a5b7f1d75d39c8243db9196336bba6a28809e6f294600da4c464d019c5081b3Allscripts Homecare client versions 6.1.0 and 7.0.1 suffer from a local memory corruption vulnerability.
e61dd63f1038ddb7e663470bfe50f0750075133ada0a3baaf17a8d05dad3e126WordPress Easy Webinar plugin suffers from a remote blind SQL injection vulnerability.
884e037eaaa98050d5cebdeb809fb4c19fbe143bc3984a65c51407480dd6f4e2The Perl 5 interpreter is vulnerable to a memory corruption vulnerability which results in memory disclosure and potentially arbitrary code execution when large values are supplied to the x operator.
553cb435fb55599355ceae80210dcc60509e0f1a51cae7259ce1394e8ef9ac7bUbuntu Security Notice 1619-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. Various other issues were also addressed.
01b5a462284182fc91534e669d352b638efb552e7d0ebbc4836b839b09d8b4eeUbuntu Security Notice 1620-1 - Mariusz Mlynski and others discovered several flaws in Firefox that allowed a remote attacker to conduct cross-site scripting (XSS) attacks. Antoine Delignat-Lavaud discovered a flaw in the way Firefox handled the Location object. If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections and perform cross-origin reading of the Location object. Various other issues were also addressed.
dda37aac7e4f09cf08bbf332ed3e4ea5af41338c9b0d4844e593b51407a8855eDebian Linux Security Advisory 2568-1 - IT was discovered that RTFM, the FAQ manager for Request Tracker, allows authenticated users to create articles in any class.
9adcac62f75ed2cb43a6178756a2a6591f34492c0a947b3c737340c90a27cb2dDebian Linux Security Advisory 2567-1 - Several vulnerabilities were discovered in Request Tracker, an issue tracking system.
fe75ccba30dc437622f4300ae97b720f84a232cc4b02fbbf0e8325a67254945eWAF-FLE is a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle. The dashboard shows a graphical view of events, and when combined with the powerful drill-down filter allows quick searching for relevant events. Events can be viewed in detail, whether sent by one or many sensors.
1550bffec9e3d6456c3b17a48dc90408f06301e18f7cfd1ef8ca41662b56f587The Tri-Agency Climate Education (TrACE) Catalog provides search and browse access to a catalog of educational products and resources. TrACE focuses on climate education resources that have been developed by initiatives funded through NASA, NOAA, and NSF, comprising a tri-agency collaboration around climate education. The application suffers from an SQL Injection vulnerabilities when input is passed to the 'product_id' and 'grade' GET parameters in 'trace_results.php' script which is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Version 1.0 is affected.
e1146a5b942521c7537f27d1e9e6daf8576dafc19293f31ca192b5c83d4684a8The Tri-Agency Climate Education (TrACE) Catalog provides search and browse access to a catalog of educational products and resources. TrACE focuses on climate education resources that have been developed by initiatives funded through NASA, NOAA, and NSF, comprising a tri-agency collaboration around climate education. The application suffers from a reflected cross site scripting vulnerability when input is passed to the 'product_id', 'pi', 'project_id' and 'funder' GET parameters in 'trace_results.php' script which is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Version 1.0 is affected.
a8958302bb602beff4ebb5517ad18454b487ae666d4353e85526aec09144e0a6Realplayer version 15.0.5.109 is vulnerable to a stack buffer overflow vulnerability in the 'Watch Folders' facility.
4574d497f5b7de99ddcba37f9338d21972b688102da3b115f156e7604e82c00bLayton Helpbox version 4.4.0 suffers from a reflective cross site scripting vulnerability.
3827c1464b24bc29ab3e651ff29501dbfd6b5cd47b535b390f6cad47d2082994
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed