wtmpClean is a tool for Unix which clears a given user from the wtmp database.
10f1c941b82e5c32941825b7f59e6704592032f477faeac4c08b3c40729717cb
BlackCat CMS version 1.0.3 suffers from a cross site scripting vulnerability.
fafc7f992e0efbd75e5e5533c4fb06f99f20b956f59f1d75cf78cda120736a55
MyWebSQL version 3.4 suffers from a cross site scripting vulnerability.
c326b1b1c6e29b10557668743504e265316bd636ca6c9186e0599a9ec5f36b8b
WordPress Advanced Access Manager plugin version 2.8.2 suffers from arbitrary file write and code execution vulnerabilities.
003e5940849ab6a302ac199a8b2d726fb390bc112f79728c3bd20e043f321df8
Mpay24 Payment Module versions 1.5 and below suffer from information disclosure and remote SQL injection vulnerabilities.
d66f449493790a1e98ef90672f5ab7b9b5deff6e10cb67a05b35be7af45b6a95
Jenkins version 1.578 suffers from cross site request forgery and command execution vulnerabilities.
6363635fc4f8f8d1c6bf9fa96800d6fbc994b86e1aa1c70cb35bf5039f8becd3
HP Security Bulletin HPSBGN03099 - A potential security vulnerability has been identified with HP IceWall SSO Dfw, SSO Agent and MCRP running OpenSSL. The vulnerability could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
1db2c455fdf69b059f5b562b7718ecf7c607a40347a536b4ca82d10b18abfb32
Mandriva Linux Security Advisory 2014-172 - The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service via a crafted color table in an XPM file. file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service via a crafted file that triggers backtracking during processing of an awk rule. Various other issues have also been addressed. The updated php packages have been upgraded to the 5.5.16 version resolve these security flaws. Additionally, php-apc has been rebuilt against the updated php packages and the php-timezonedb packages has been upgraded to the 2014.6 version.
b9ec681569fac685bfa6d31a9d2c25e37d33a1ade655ac8cb434db2d31a3b86d
Mandriva Linux Security Advisory 2014-173 - An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker. Busybox bundles part of the liblzo code, containing the lzo1x_decompress_safe function, which is affected by this issue.
fcc34020e34e26f76b502247b86cf085a924a4ece4f9f27fb43b914bf781dc0b
Ubuntu Security Notice 2339-2 - Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys.
af710e3a425b8f1c589dca591ed48217ca6b1b8d1215d50f09cc6edcc8c3e10e
Ubuntu Security Notice 2339-1 - Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys.
4e60bdc46e0904e8a9e4971ee29d0296c4c6e8a01e589be8af695bfcee0875ba
Gentoo Linux Security Advisory 201409-3 - A vulnerability in dhcpcd can lead to a Denial of Service condition. Versions less than 6.4.3 are affected.
9f8b7f79c1b29c58f8e5a9236074b6a2d86cc261cc470e1909ab69421f55a638
Ubuntu Security Notice 2338-1 - It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
742386c70e5001c109ed1b9fd23764fe2289037eeb35b4ae341694d1484682de
Debian Linux Security Advisory 3018-1 - Multiple security issues have been found in Iceweasel, Debian's version use-after-frees may lead to the execution of arbitrary code or denial of service.
5e18bc92d20bfd76066eb3563739f7d1aff2f7637b2c0014c4bd952fd7436099
Automated SQL injection exploit for vBulletin versions 4.0.x through 4.1.2 that makes use of a vulnerability originally disclosed in May of 2011.
691b034516fcf7b0dc620cf1bbe0d96a66eb11f10db88c4bdbdcd15c897165c9
vtiger.com suffers from a persistent cross site scripting vulnerability.
1b9a321cd6f74e699037983b2c238616b8c4bb11438d63766de2df5e758a9107
The recent release of Firefox 32 fixes another interesting image parsing issue found by afl. Following a refactoring of memory management code, the past few versions of the browser ended up using uninitialized memory for certain types of truncated images, which is easily measurable with a simple <canvas> + toDataURL() harness that examines all the fuzzer-generated test cases. Depending on a variety of factors, problems like that may leak secrets across web origins, or more prosaically, may help attackers bypass security measures such as ASLR. This code is a proof of concept for versions prior to 32.
7c5c90b2004b180e2ba9b417077aadeb4d76b33775e460d93cce1e056c3e1b29
Olat suffers from a persistent cross site scripting vulnerability.
a476d049a0c6d30f4f69fbe42db9b48cb8ad35e811be5397349505a7b9f6aacb