WordPress SuperStoreFinder and SuperInteractiveMaps plugins version 6.3 and below suffer from a remote SQL injection vulnerability.
73a1694918d5a2f9d941387ce01f030c65fcad3ffe2a24915402f7cf37671609
Mandriva Linux Security Advisory 2012-132 - Multiple cross-site request forgery and cross-site scripting flaws has been found and corrected in GLPI. This advisory provides the latest version of GLPI which are not vulnerable to these issues. Additionally the latest versions of the corresponding plugins are also being provided.
278fcab2d1ab2e4d4ef8819f221aff25448777d5df0d2fe452abe0b3a7049fea
Secunia Security Advisory - Two vulnerabilities have been reported in the PoodLL plugins for Moodle, which can be exploited by malicious people to conduct cross-site scripting attacks.
7f928e1ef9d46da2dadab131054e85fcc473662c2453689b842054730301fedd
This Metasploit module exploits a stack-based buffer overflow in Photodex ProShow Producer version 5.0.3256 in the handling of the plugins load list file. An attacker must send the crafted "load" file to victim, who must store it in the installation directory. The vulnerability will be triggered the next time ProShow is opened. The module has been tested successfully on Windows XP SP3 and Windows 7 SP1.
bf2514d474a7b08d3b8119c8f11509c92a1414014f2de791e9a5e94b2b9e0c03
Ubuntu Security Notice 1512-1 - It was discovered that KDE PIM html renderer incorrectly enabled JavaScript, Java and Plugins. A remote attacker could use this flaw to send an email with embedded JavaScript that possibly executes when opened.
0eb443866af01d8f0bed2a8e0d40c11f7d181c581505d2a58166201be1c354b9
This Metasploit module exploits an arbitrary PHP File Upload and Code Execution flaw in some WordPress blog software plugins. The vulnerability allows for arbitrary file upload and remote code execution POST Data to Vulnerable Script/File in the plugin.
b0f467c2f9513aea9fd89d25f94d00be23be09c42cfc54f3bbc14d023bf918cf
strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
1a7ed98015df32e7412caf37391105af25a9dc66a0e357a1c92ccd5a9f180298
IrfanView Formats PlugIn is prone to an overflow condition. The JLS Plugin (jpeg_ls.dll) library fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, a context-dependent attacker could potentially execute arbitrary code. Proof of concept included. Irfanview Plugins version 4.33 is affected.
cd8bb7da17eb6fd5c44d2f4ceac57a18c44aca435eea690d9247652a97f176d8
Secunia Security Advisory - A vulnerability has been reported in the Gliffy and Tempo plugins for JIRA, which can be exploited by malicious users to cause a DoS (Denial of Service).
960518f7fea3db76660f198f35b9e7021f7b3fc341992676b9d1b0bc71941ac7
strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
62dd46bdfa66e997cd07479c448ce5a5cb3748cb495d58074a7a737dbbe93fc4
Gentoo Linux Security Advisory 201203-14 - Multiple vulnerabilities in Audacious Plugins could result in execution of arbitrary code or Denial of Service. Versions below 3.1 are affected.
f6076cf29eba79c3ee0f14372a4e07c2f8ffddd7174f4c76e8c208325347c26c
Secunia Security Advisory - Gentoo has issued an update for audacious-plugins. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.
c6d765f7a238ec6c731f85c42b64fff31e9b28c7927f80f5fc41c9c8ee71cdf4
This tool is for fuzzing different protocols such as FTP, HTTP, IMAP, and more. It also has no-protocol plugins like a file fuzzer. Written in Python.
874583a408997ba23522c16d137b1b132dcb40cc56646b50321f388166592a45
strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
8ab2371ba0c70cd010f0736839a0737dec95b197325b98505c1c69dd55e6964f
Secunia Security Advisory - Carlos Pantelides has discovered a vulnerability in multiple NetBeans plugins, which can be exploited by malicious people to conduct spoofing attacks.
75e27f8390b861aafa4fdf93a4bed8049e16aacc409f19e1cf885617c59fd004
Mandriva Linux Security Advisory 2012-014 - The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request. This advisory provides the latest version of GLPI which are not vulnerable to this issue. Additionally the latest versions of the corresponding plugins are also being provided.
f4875e63cc28c3d7e1d8921a612952ad0ff1970d34cc76aaf7e34342f3c7f682
Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in IrfanView PlugIns, which can be exploited by malicious people to compromise a user's system.
4be452173132d2488810a10d149c25ba71aa23cc5982353371097ae927f0a0c5
Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.
9b5abd2dad2b6df91658086ceed6962a6b985ac25de8fa38f0195d68639ba55b
Secunia Security Advisory - Fedora has issued an update for audacious-plugins. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
7a1d086b9d6e5a5982cee97d376af6bc93002aa8403f3a2f5c2fda2b3941dabe
Secunia Security Advisory - Audacious has acknowledged some vulnerabilities in Audacious Plugins, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
436bc60bd00465ad97241e59d8bce215a9ae5ff96b168bb4bbe118075c57d8ea
strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
d750ec16bc32c3d7f41fdbc7ac376defb1acde9f4d95d32052cdb15488ca3c34
Mandriva Linux Security Advisory 2011-171 - GNOME NetworkManager before version 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors. Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.
b0497990b7cd3f0be96a104f99d44c5413f36998cce68cf0d2fd1763c43b2bbc
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more.
0bf3cec513931b9bf20e6f753dedeaab57b5cad303489ab9ff365786c04d9444
strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
a602d73869f6d31e7e39021d3ac0b4d659de65348c0b42292785a6497ce28edc
SAP DIAG Plugin extends the basic functionality of the WireShark network packet analyzer and provides additional features of SAP DIAG protocol analysis. This extension allows one to collect and decompress SAP DIAG packets in the course of interaction between SAP Front-end client software and SAP application servers. To install you must copy plugin pt_sap_diag_wireshark_plugin.dll in folder %WiresharkInstallDir%/plugins/%version%.
71b7091784b0e766fa93438f71e44dfd4531729520e52c51315fc46a5cd26b60
Secunia Security Advisory - Two vulnerabilities have been reported in the A-Form plugins for Movable Type, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
8c25a039b38ee8df5bb34464877aada52739c121b3c405d51065917f6935a217