McAfee Email and Web Security Appliance versions prior to 5.5 Patch 6, Email and Web Security 5.6 Patch 3, and McAfee Email Gateway 7.0 Patch 1 suffer from a password cracking vulnerability.
83b1fca33c08846e197daa065fc717ff51f5a94766c6b9b25ceeac7ca984be29
The Better Security Wordpress Plugin suffers from a stored cross site scripting vulnerability, which can be exploited by a remote unauthenticated attacker to steal cookies or gain privileged access to the affected site. Bit51 Better WP Security Plugin versions 3.4.8, 3.4.9, 3.4.10, 3.5.2, and 3.5.3 are affected.
851d1befb1d83e0151c831c6884961f17e3e980ac4ed6716207a81c4fd790e09
Oracle Hyperion 11 suffers from a directory traversal vulnerability. Versions 11.1.1.3, 11.1.1.4.107 and earlier, 11.1.2.1.129 and earlier, and 11.1.2.2.305 and earlier are affected.
a63ebab32dfca1c676f5478d4507e5cb9958e376a21f14bd4a427db0035dea98
Oracle Database 11g suffers from a null pointer denial of service vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
7366e77f697aca2ecdba7bfb457e1fe1dfc05c93aea874d256f1f2686baea2f7
Oracle Database 11g suffers from a denial of service vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
60d5de1a200f206f295e52a01fff891d50942ff110a36d295495ac71804abc8b
Oracle Retail Integration Bus versions 13.0, 13.1, and 13.2 suffer from a directory traversal vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
6f8a1120d684841ffb90bdd49168f11bb340737bbffc7f5797135391c8ec0273
Oracle Retail Central Office versions 13.1, 13.2, 13.3, and 13.4 suffer from a remote SQL injection vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
2c7f0ba82ee179931a11ce83af0f1a97529fbc3be8c23d3c8637508876d2767a
NCC Group has discovered multiple SQL injection vulnerabilities in Virtual Access Monitor. Unfortunately, as usual, the NCC group are withholding any details for three months.
936fbe2a15d567292c6f111a3e024b35c22de77119e739eda6031b3184566fcf
NCC Group has discovered a USB RNDIS driver kernel pool overflow in Microsoft Windows. Unfortunately, as usual, the NCC group are withholding any details for three months.
b67f78c8f27b85aad58afde12e4da95467a1c87bf89d8c723683988c3105422c
Symantec Enterprise Security Management versions 10.x and below suffer from a privilege escalation vulnerability.
c443df4d121433a3485da2ff9539b52207d42460b04ff347a8310a636a91ccbc
Symantec Network Access Control versions 12.1 and below suffer from a privilege escalation vulnerability.
bc4b02b6cf1503ad7e787cb5dfa879912224f4fa3c21df82d20411b4bc1df961
Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability.
dc05d05741d0032ca22015833dc4041ed1ca3c2d65c591c24b1938667377ebc9
Symantec Messaging Gateway version 9.5.3-3 suffers from an authenticated arbitrary file download vulnerability.
02e19ca0a225fdcd1f0c1e586751901daa77b8a2d4f8ed03598a1e686d6ea790
SysAid Helpdesk version 8.5 Pro suffers from multiple remote blind SQL injection vulnerabilities.
6b32da064f8d6d2d434491a60fd914b8e9cf99d9ceab79f915c421782d761761
Squiz CMS version 11654 suffers from a directory traversal vulnerability.
9aad92b935f5ad7c893786de544430c0d9cb211b6cbbaed9edeef9c1a0e15cce
Nagios XI Network Monitor version 2011R1.9 suffers from a remote blind SQL injection vulnerability.
2cf56eed695230c853b7b3b4f90eb894c8c6fc9ed6af1f23249a37152923da76
Nagios XI Network Monitor version 2011R1.9 suffers from OS command injection vulnerabilities.
cefe812c8837b8e434b4ea93fe2c8a19e990a7fdd85084570601625036f225c8
Oracle Gridengine's sgepasswd suffers from a buffer overflow vulnerability.
27c545a1cda033f55904dc6058b6be0f7c4252cea190bf6782a8be65bf19b66d
DataArmor and DriveArmor versions prior to 3.0.12.861 suffer from restricted environment breakout, privilege escalation, and full disk decryption vulnerabilities.
0fc5ee98ad7150597b23a730a459a04feb859a6daba3aacc92a056f31d04b665
Symantec Messaging Gateway version 9.5.3-3 suffers from backdoor account and privilege escalation vulnerabilities.
0037358302ea3ef9e579ea39b29f6aeedaab8ea3fd730436e1fe43363d09f8dc
Andy Davis of NCC Group has discovered an arbitrary code execution vulnerability in Apple OS X Lion versions 10.7 to 10.7.4 and OS X Lion Server versions 10.7 to 10.7.4.
4d92bdc3d4a04a081d6ffd6f55afa9423679f106f5b331ef53e98497ba57edae
Symantec Messaging Gateway version 9.5.3-3 suffers from an out-of-band stored cross site scripting vulnerability via email. Unfortunately, as usual, the NCC group are withholding any details for three months.
efc556b14d7eaaab1ee4e073431e2ec92e2cb39a2d25ac6dc8ece93acb4541eb
Symantec Messaging Gateway version 9.5.3-3 suffers from an authenticated arbitrary file download vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
25af61338564cb5ac5945690d75e3ef01177fd3439ed35b0b88b7b650a1c8240
Symantec Messaging Gateway version 9.5.3-3 suffers from an unauthorized ssh access vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
c0fb665289612f001a3b0b55edd4149f5142e0dc932b0d8e4991ffd2e0c26fc2
Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
378f303f72289da19ddbd813812ef932bf32812e90d735f95783481de4d04b58
Symantec Messaging Gateway version 9.5.3-3 suffers from an unauthenticated detailed version disclosure vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.
bbb4709841e4fe0d02dc171408f915bd1b98a01e969446b1da6b82f3608fa832