Horde Framework unserialize PHP code execution exploit ported from Metasploit.
04bad0cd117b528d51842d12d0392390ff0e881a1fefd2c2400c4065f7fcbcbe
Nagios Plugins versions 2.0.2 suffer from a race condition in check_dhcp.
34515f9830172588d1778328a6fadb3d5847b8aa2cf072dc6aece33dec8c2b8e
Flussonic Media Server version 4.3.3 suffers from arbitrary file read and directory listing disclosure vulnerabilities.
323b1fc3337a1dd3bd64a5229229ef28f3d15ffc3c6d97910cf8661a9869059b
This module logs in to an Oracle GlassFish Server version 3.1 (Open Source or Commercial) instance using a default credential, uploads, and executes commands via deploying a malicious WAR.
6851a13991f49b0af3c5d0392bce666a0aa6af8ebe6ee9b821d2b10ab549425e
WordPress Blogstand Smart Banner plugin version 1.0 suffers from a cross site scripting vulnerability.
cea022d55ffed5b68965595427bf03deda620745cdb218ae892f0b98c6916a58
WordPress Easy Banners plugin version 1.4 suffers from a cross site scripting vulnerability.
028ce6555feac11a21c6a4c716b8bef856667894d5c2bd4171b89e010e8711c5
WordPress Random Banner plugin version 1.1.2.1 suffers from a cross site scripting vulnerability.
e8a222f00b2cb3c827d697cdf2819d9c4faa1ca71c06198bca0754f355c5833d
WordPress Custom Banners plugin version 1.2.2.2 suffers from a cross site scripting vulnerability.
c1385a981071b663fed344d722eddf7f5c270733c32e580c19f7c1ec13361380
Wordpress Bannerman plugin version 0.2.4 suffers from a cross site scripting vulnerability.
bf0c15829a7d36b2a5e96affd7487c23503c5a385af93312ea99b95382b97ddd
openSIS versions 4.5 through 5.3 suffer from a cross site request forgery vulnerability.
96832a560f3345db5869ead3d9a4399ba56b10f031249cff0743758a495d3da1
openSIS versions 4.5 through 5.3 suffer from a remote SQL injection vulnerability.
8567a5a673df813aeb01e01a3d9699bcd77e17a5d47d74efa6189141886beb0c
All versions of Reportico prior to version 4.0 leak administrative credentials.
bd1450f20357956964a7bd5ecdd048add4ad38d1adb05a2e8bd7b0372ebd710a
Wordpress ml-slider plugin version 2.5 suffers from a cross site scripting vulnerability.
139a4937e131843a2e87109d4a988f4dbfef2b7b634e0ffe77c5a422ab9d0b2a
Wordpress wp-construction-mode plugin version 1.8 suffers from a cross site scripting vulnerability.
7f6290f0e295a7d51dfcfc01cc96547945dc28fd594a0d36af609195dfa4d121
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
09b24f75d2aed6e357578f44cf60eb8a08fc54e819aa84e768648ea4559cb539
HP Security Bulletin HPSBMU03056 - Potential security vulnerabilities have been identified with HP Version Control Repository Manager (HP VCRM) running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
b614877919ffd8acdaa97393db4294d3cac0f62dcd1d3c07cbb31e1f020b0139
HP Security Bulletin HPSBMU03057 - Potential security vulnerabilities have been identified with HP Version Control Agent (HP VCA) running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
d2900fe18279864e2d174ab252466414338a67aafa6110a5ff22a7ed7b064f41
HP Security Bulletin HPSBMU03061 - A potential security vulnerability has been identified with HP Release Control. The vulnerability could be exploited remotely to allow disclosure of privileged information and elevation of privilege. Revision 1 of this advisory.
c70eb870381013491398bee0005e8a0260fd303241d869b858908d47530e5385
Debian Linux Security Advisory 2969-1 - Bastian Blank reported a denial of service vulnerability in Email::Address, a Perl module for RFC 2822 address parsing and creation. Email::Address::parse used significant time on parsing empty quoted strings. A remote attacker able to supply specifically crafted input to an application using Email::Address for parsing, could use this flaw to mount a denial of service attack against the application.
a83f23287604c42c60b88d579639ae305d020bfe95bbe0985afe821df9d5acaa
ZeroCMS version 1.0 suffers from a cross site scripting vulnerability.
feb6f6569634fb81cbb6803d7135c6a39dc36b0b93cab1a91415bc1bedadc704
The International Conference on Information Systems Security and Privacy (ICISSP) 2015 has announced its call for papers. It will take place in Loire Valley, France February 9th through the 11th, 2015.
8322efe361013b279e0f833cfde2680b2947455298e6bd5cf805ffc9527c91b8
HP Security Bulletin HPSBMU03058 - A potential security vulnerability has been identified with HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL. This vulnerability could be exploited remotely to allow the disclosure of information. Revision 1 of this advisory.
5a8ab459e9c0801f07c313e0141eb38d3964109dce9b296244e7e197b23ecbc0
Ubuntu Security Notice 2263-1 - Salva discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. A remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.
c1756759393556e7f3f5ea6151c39cb7d4f78aee5b448f98be9b3580b90bbe19
Ubuntu Security Notice 2262-1 - A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. A remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions.
e114f0a79df2dc184f86e4e1f8e322df6730085883dcbe31affbebb324233371
Ubuntu Security Notice 2261-1 - Salva discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. A remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.
05bf0bde4d4865f155ffc5c349bcbc021cacad831e176b70b78ef8aa1290dd14