WordPress WooCommerce plugin version 2.0.17 suffers from a cross site scripting vulnerability.
628ac46d8f1244fad6d04ac0e5152e7eb4159026a41ee343f38ebfe0c886e422
VMware Security Advisory 2013-0012 - VMware has updated vCenter Server, vCenter Server Appliance (vCSA), vSphere Update Manager (VUM), ESXi and ESX to address multiple security vulnerabilities.
f12f7718cd809d06b660ac50220f6d10a650005791eca8e30c22bada4c7bb911
Web-Spa is a Java web knocking tool for sending a single HTTP/S request to your web server in order to authorize the execution of a premeditated operating system (O/S) command on it.
a947eaea9219435522452e5998b2815a6bc802c2c9c0ccc0d1d38e524c6b022e
Debian Linux Security Advisory 2780-1 - This DSA updates the MySQL database to 5.1.72. This fixes multiple unspecified security problems in the Optimizer component.
997866fcbe06e5a0d3d671cad421d631798c370aa8d68534717d905391eee5f0
Mandriva Linux Security Advisory 2013-256 - Apache mod_fcgid before version 2.3.9 fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
d20d575cf387a12cb1f1fe8d514bb5a5a16afb37a8356c7288310330372f7c28
Mandriva Linux Security Advisory 2013-255 - A security flaw was found in the way Clutter, an open source software library for creating rich graphical user interfaces, used to manage translation of hierarchy events in certain circumstances. Physically proximate attackers could use this flaw for example to obtain unauthorized access to gnome-shell session right after system resume.
318c161bad22c9578dac995bb0cc50a71769a4b20ec80a826c602730c6f8d7cc
Mandriva Linux Security Advisory 2013-254 - Remotely exploitable buffer overflow in ospf_api.c and ospfclient.c when processing LSA messages in quagga before 0.99.22.2. Note: We have worked around this vulnerability by disabling the ospf_api and ospfclient features, which did not provide useful functionality.
0eb2cd82b2ff838ef4aa7c6c1c69bfa24d50a5ce038cbd73a1f91cf1c12c3ccd
Mandriva Linux Security Advisory 2013-252 - A non-privileged user who was able to run jobs or login to a node which ran pbs_server or pbs_mom, could submit arbitrary jobs to a pbs_mom daemon to queue and run the job, which would run as root.
87c892b0b1b0a63846d8440441847718da90b4e6dd6559a8e5add5f37afae24d
Mandriva Linux Security Advisory 2013-251 - A buffer overflow vulnerability has been discovered in Aircrack-ng. A remote attacker could entice a user to open a specially crafted dump file using Aircrack-ng, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
9f962c6db1691c45e7d78d3ba814af35373f15b3e5781028fde68b9a4696daab
Mandriva Linux Security Advisory 2013-253 - Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code.
0a2884cd915d053154e7234d410fd1981f2e9addf730ab07f929b35a77ceddd2
Bugzilla Security Advisory - Multiple cross site scripting and cross site request forgery vulnerabilities have been discovered and addressed in various versions of Bugzilla.
943bffbd4c59491956254e396c5dddc10c25b0b775de07d14bd90dac0cbf7118
Elite Graphix ElitCMS versions 1.01 and PRO suffer from cross site scripting and remote SQL injection vulnerabilities.
29a67e3663b1e3c4862f2246b9ede7002b3897ace31e2a0b390b8b8838c2db15
Bluetooth U version 1.2.0 suffers from a directory traversal vulnerability.
ca14296374929c9f6c88571a95a5740d0e443d519a9a0c903df41f3c2bcc8c26
This Metasploit module exploits a command execution vulnerability in WebTester version 5.x. The 'install2.php' file allows unauthenticated users to execute arbitrary commands in the 'cpusername', 'cppassword' and 'cpdomain' parameters.
dfea5435bcc036d47d5c594f95500152ab31c0d3ee607b8a70a2b6f399effb39
LinkedIn suffered from a cross site request forgery vulnerability in the Join Group functionality.
442cba9a0c6a978e69874ca3310a79b3dd238196b467f3e2045742bf6b7bdf18
Zikula CMS version 1.3.5 suffers from multiple cross site scripting vulnerabilities.
69f709f535989b330975f9e777157ccbbe4a049d89e1926d05079fa41e57d717
hwk is an easy-to-use wireless authentication and de-authentication tool. Furthermore, it also supports probe response fuzzing, beacon injection flooding, antenna alignment and various injection testing modes. Information gathering is selected by default and shows the incoming traffic indicating the packet types.
599d4f7ecaaefe8226beca944bc48e8459be941747089d6a88a9ff0beee0cb68
Apache has announced the release of the Struts 2.3.15.3 framework which addresses multiple security issues including a broken access control.
298a85c71d878d7cffa115e7f986c8ab93495c936ad88dded1f9d2a6aa07d358
Adaudit Plus Online Demo suffers from multiple vulnerabilities including cross site request forgery, directory listing, and passwords being passed via a GET method.
65032b7037f6db49f90a134d34c24c4a670cbee2a380df40c787cac1f3f32132
Admanager Plus Online Demo suffers from cross site request forgery, directory listing, clickjacking, and cross site scripting vulnerabilities.
ef8980f8307fd85e258505ff90f13dbeb382094a1fe35e49f7d82febddc5223e
Quick Paypal Payments, the plugin from quick-plugins.com, suffers from a persistent cross site scripting vulnerability.
37a5f2452b362ab7282d84c4e598396e18994f0a1811c1715518b59a076d9641
PHP Point Of Sale versions 10.x, 11.x, and 12.x remote code execution exploit.
2688acc1f96e93d7799ccb3540cbe12f48da9bc32d767bb22ca9db0d45a74255
Drupal Simplenews third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
9e085ec5d3fff92fc140e15a8768710405e8c5e098decc2b36b9fa716fb4ecf2
AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.
86c4d7e1eaf85ab6c6574e5dcda97a1858f09db50694774a7b9bbda97f925c82
HP Security Bulletin HPSBPV02918 2 - Potential security vulnerabilities have been identified with HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM). These vulnerabilities could be exploited remotely to allow SQL injection, remote code execution and session reuse. Revision 2 of this advisory.
81d8b715891741e72a757263197f7d75c3d384c5a407cffd96c491d57658486f