GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
8f5ab28d2f9a943a9dfc50307c5daaf56b714386bbe85c9e2477e3573ce613f4Huawei E587 3G Mobile Hotspot version 11.203.27 is prone to a cross site scripting vulnerability in the Web UI. A specially crafted SMS can bypass the function used to sanitize incoming SMS messages.
373b9c30f4352d098058d5cab005e87b017ca30d8f579978bd5c62448923b344Red Hat Security Advisory 2013-1061-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially-crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. All php users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
5649f8d1a6bbb799e0689f0f8ad3951fe8945c13a70835c68bd55a51babba44bSaurus CMS version 4.7.1 suffers from cross site scripting, remote file inclusion, local file inclusion, information disclosure, remote SQL injection, HTTP response splitting, cross site request forgery, and directory traversal vulnerabilities.
b52a1c3cfedd7ec254223b0a31cf381969950ec828d4cd8eca7bea868182a7f5Huawei E587 3G Mobile Hotspot version 11.203.27 is prone to a command injection vulnerability in the Web UI. Successful exploitation allows unauthenticated attackers to execute arbitrary commands with root privileges.
a1277a086994c77c5b27fe6d4cf723c3ea4f7b25c8d585ca62eb686634443540SilverStripe CMS decidedly to quietly fix multiple persistent cross site scripting vulnerabilities without informing the public. Fail.
ba424faa00595576e5473a7a215b946162b069fd5671798ba3d039f2833caee3Mandriva Linux Security Advisory 2013-195 - A heap corruption vulnerability has been discovered and corrected in PHP.
41d22962d3e847be882f55fdf4b1b3e582c6f09ece79764dfde346402e48e90eRed Hat Security Advisory 2013-1060-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
ee8d21bf3d250b22758d57658b44d4417db7b174c40cba149fa6427c16058940Red Hat Security Advisory 2013-1059-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
9f6a228046040127622a514b9f1dee514c668e2a2a86fe840ff251b81e09159dZedLog is a robust cross-platform input logging tool (or key logger). It is based on a flexible data logging system which makes it easy to get the required data. It captures all keyboard and mouse events, has a full GUI, and supports logging to a file and basic hiding.
5d9fae666c4c3b1766ded0091b34c028a22a82014e46262f83cb0c4832f5ab19Zoho suffers from information disclosure due to a lack of a content-type being specified and also appears to use mixed content.
d57f3ea5e158c04a53db6f3c8f8158fa024c8439b78c89b7ef0eedc2e2627082Dell.com suffers from an open redirection vulnerability.
baf412e7889b650aa9f5b020cf6998f1fa9728459107af98d8386dc1f2c2e57cTinyMCE Image Manager versions 1.1 and below suffer from a cross site scripting and content spoofing vulnerabilities.
e55aa3aa8b2c3f02ed3a4e8d382c5d7f6b8a8782e1f5c69b053233d74a800737This is a brief summary of how a security researcher discovered a use-after-free vulnerability in Microsoft Internet Explorer versions 6 and 7.
fed4dfb70fc3fa7c23bed757145fad40571994fdcfece3bbf1de6eeb343e3a5bPatator is a multi-purpose brute-forcer, with a modular design and a flexible usage. When Medusa, Hydra or other brute-force tools fail to do what you want, Patator might be what you need.
83ed9230b0eb3bcbc05184ecf515ede05d72dd38b3943757d59abf5c2518d4a8DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
5afe9bc74e4908a316df00183a39a9d6eb436d2a53e45c241750e2cbdc3b77ee
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed