Software Alerts
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Wed, 18 Jun 08
netwide_assembler, NASM
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2719
Off-by-one error in the ppscan function (preproc.c) in Netwide Assembler (NASM) 2.02 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow.
Sat, 25 Oct 08
coast
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4735
PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter.
Fri, 18 Apr 08
EsContacts "msg" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29877/
Some vulnerabilities have been discovered in EsContacts, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Mar 08
Joomla Acajoom PRO Component "mailingid" SQL Injection
http://secunia.com/advisories/29429/
fataku has reported a vulnerability in the Acajoom PRO component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
MySQL
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6304
The federated engine in MySQL 5.0.x before 5.0.52, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, does not properly handle a response with a small number of columns, which allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns.
Wed, 28 Nov 07
SafeNet Sentinel Protection Server/Key Server Directory Traversal Vulnerability
http://secunia.com/advisories/27811/
A vulnerability has been reported in SafeNet Sentinel Protection Server and Key Server, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
DivX Player Subtitle Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/29780/
securfrog has discovered a vulnerability in DivX Player, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 22 May 08
Sun Solaris STREAMS Administrative Driver Denial of Service
http://secunia.com/advisories/30357/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Nov 08
catos, ios
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-4963
Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet.
Thu, 24 Jan 08
Mantis
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0404
Cross-site scripting (XSS) vulnerability in Mantis before 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the "Most active bugs" summary.
Sat, 15 Nov 08
kmita_catalogue
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5067
Cross-site scripting (XSS) vulnerability in search.php in Kmita Catalogue 2.x allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Sat, 15 Nov 08
Fedora update for clamav
http://secunia.com/Advisories/32699/
Fedora has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.="http://secunia.com/advisories/business_solutions/">http://secunia.com/advisories/business_solutions/
Mon, 12 May 08
SUSE Update for Multiple Packages
http://secunia.com/advisories/30202/
SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious, local users to disclose and manipulate sensitive information, cause a DoS (Denial of Service), and gain escalated privileges, malicious users to cause a DoS and compromise a vulnerable system, and malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, cause a DoS, and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Sat, 12 Jul 08
Linux Kernel Multiple Vulnerabilities
http://secunia.com/advisories/31048/
Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Solaris 10 Perl Regular Expressions Unicode Data Buffer Overflow
http://secunia.com/advisories/29074/
Sun has acknowledged a vulnerability in Solaris, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/