Drupal Zero Point third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
6347995ee546668a1cb10c9e6dcb8474565196af6e987f78ce2ca60daf7cdbf0
Drupal Webmail Plus third party module version 6.x suffers from a remote SQL injection vulnerability.
6fa3935c9e1b5fd40c0dc10a06f1425b572bff4c3acc8054a6de33b5695f47a8
Symantec Messaging Gateway version 9.5.3-3 suffers from backdoor account and privilege escalation vulnerabilities.
0037358302ea3ef9e579ea39b29f6aeedaab8ea3fd730436e1fe43363d09f8dc
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
42c54fd5cc5f05e5df909757d62307102a8ff1dfaf5c2626b1cb5f2ecd009e57
SilverStripe version 3.0.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
5cb762b339a330f6095d9df36320aed93b37bcf830588eaba27f260b27da40fb
Oracle OpenSSO version 8.0 suffers from multiple cross site scripting vulnerabilities.
8c808e048c19a6a159ab6b29c16212a38f35d663f13ecf875b211ee928233412
PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
f2967d1fbabc24c6a50c5981c738c7daab7cd761261e64421322bd6010638d47
Ubuntu Security Notice 1642-1 - Dan Rosenberg discovered a heap-based buffer overflow in Lynx. If a user were tricked into opening a specially crafted page, a remote attacker could cause a denial of service via application crash, or possibly execute arbitrary code as the user invoking the program. This issue only affected Ubuntu 10.04 LTS. It was discovered that Lynx did not properly verify that an HTTPS certificate was signed by a trusted certificate authority. This could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. This update changes the behavior of Lynx such that self-signed certificates no longer validate. Users requiring the previous behavior can use the 'FORCE_SSL_PROMPT' option in lynx.cfg. Various other issues were also addressed.
b98e04aa75eae4a1918f485d23f130b118754361f7105d77894ebac142879154
Red Hat Security Advisory 2012-1512-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.
6f7db09dd21f23e1bf77fc46e0f5d364af0871fe611443be9a977f18023d9919
Red Hat Security Advisory 2012-1511-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 6.1 will end on 31st May, 2013.
9605d9da818d0a15e363b5aac249a85541b3999fc84cf8c6acf32264f66b46bd
WordPress Video Lead Form plugin version 0.5 suffers from a cross site scripting vulnerability.
6399d89e41c6f18b870131becc911b8866326d09c8fdc61c3e45091324d5ae69