Software and Script Bug Exploits
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Thu, 31 Jan 08
Drupal OpenID Module "claimed_id" Authority Spoofing
http://secunia.com/advisories/28717/
A vulnerability has been reported in the OpenID module for Drupal, which can be exploited by malicious people to spoof OpenID authorities.
Thu, 31 Jan 08
Drupal Comment Upload Module File Upload Vulnerability
http://secunia.com/advisories/28729/
A vulnerability has been reported in the Comment Upload Module for Drupal, which can be exploited by malicious users to compromise a vulnerable system.
Thu, 31 Jan 08
Gnumeric XLS HLINK Opcode Processing Code Execution Vulnerability
http://secunia.com/advisories/28725/
A vulnerability has been reported in Gnumeric, which can be exploited by malicious people to compromise a user's system.
Thu, 31 Jan 08
Drupal Project Issue Tracking Module File Upload and Script Insertion
http://secunia.com/advisories/28731/
Some vulnerabilities have been reported in the Project Issue Tracking module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system.
Thu, 31 Jan 08
OpenBSD bgplg "cmd" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28726/
Alexandr Polyakov and Anton Karpov have reported a vulnerability in OpenBSD bgplg, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 31 Jan 08
PHP Links "id" SQL Injection Vulnerability
http://secunia.com/advisories/28727/
Houssamix has discovered a vulnerability in PHP Links, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 31 Jan 08
Drupal Secure Site Module Security Bypass Vulnerability
http://secunia.com/advisories/28732/
A vulnerability has been reported in the Secure Site module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.
Thu, 31 Jan 08
Drupal Userpoints Module Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/28730/
A vulnerability has been reported in the Userpoints module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Thu, 31 Jan 08
webSPELL Cross-Site Scripting and Request Forgery
http://secunia.com/advisories/28684/
NBBN has discovered two vulnerabilities in webSPELL, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
Thu, 31 Jan 08
Mandriva update for ruby
http://secunia.com/advisories/28645/
Mandriva has issued an update for ruby. This fixes some security issues, which can be exploited by malicious people to conduct spoofing attacks.
Thu, 31 Jan 08
MySpace Uploader Control ActiveX Control "Action" Property Buffer Overflow
http://secunia.com/advisories/28715/
Elazar Broad has discovered a vulnerability in MySpace Uploader Control, which can be exploited by malicious people to compromise a user's system.
Thu, 31 Jan 08
Gentoo update for kazehakase
http://secunia.com/advisories/28720/
Gentoo has issued an update for kazehakase. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, and compromise a user's system.
Thu, 31 Jan 08
Gentoo update for goffice
http://secunia.com/advisories/28714/
Gentoo has issued an update for goffice. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, and compromise a vulnerable system.
Thu, 31 Jan 08
WordPress WassUp Plugin "to_date" SQL Injection Vulnerability
http://secunia.com/advisories/28702/
enter_the_dragon has reported a vulnerability in the WassUp plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 31 Jan 08
Gentoo update for xdg-utils
http://secunia.com/advisories/28728/
Gentoo has issued an update for xdg-utils. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Thu, 31 Jan 08
VirtueMart File Disclosure and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/28722/
Two vulnerabilities have been reported in VirtueMart, which can be exploited by malicious people to conduct cross-site request forgery attacks or to disclose sensitive information.
Thu, 31 Jan 08
Cisco Wireless Control System Apache Tomcat JK Web Server Connector Buffer Overflow
http://secunia.com/advisories/28711/
Cisco has acknowledged a vulnerability in Cisco Wireless Control System (WCS), which can be exploited by malicious people to compromise a vulnerable system.
Thu, 31 Jan 08
Xdg-utils Command Injection Vulnerabilities
http://secunia.com/advisories/28638/
Some vulnerabilities have been reported in Xdg-utils, which can be exploited by malicious people to compromise a user's system.
Thu, 31 Jan 08
SwiftView Viewer ActiveX Control/Plug-in Buffer Overflows
http://secunia.com/advisories/28724/
Will Dormann has reported some vulnerabilities in SwiftView Viewer, which can be exploited by malicious people to compromise a user's system.
Thu, 31 Jan 08
Tripwire Enterprise Login Page Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28687/
Dave Lewis has reported a vulnerability in Tripwire Enterprise, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 31 Jan 08
Gentoo update for peercast
http://secunia.com/advisories/28719/
Gentoo has issued an update for peercast. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system.
Thu, 31 Jan 08
Gentoo update for libxml2
http://secunia.com/advisories/28716/
Gentoo has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 31 Jan 08
rPath update for xorg-x11
http://secunia.com/advisories/28718/
rPath has issued an update for xorg-x11. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Thu, 31 Jan 08
Coppermine Photo Gallery Multiple Vulnerabilities
http://secunia.com/advisories/28682/
Some vulnerabilities have been reported in Coppermine Photo Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks or to compromise a vulnerable system and by malicious users to conduct SQL injection attacks.
Thu, 31 Jan 08
SoftCart Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28675/
Russ McRee has reported some vulnerabilities in SoftCart, which can be exploited by malicious people to conduct cross-site scripting attacks.
Mon, 28 Jan 08
NamoInstaller ActiveX Control NamoInstall Class "Install()" Insecure Method
http://secunia.com/advisories/28649/
plan-s has discovered a vulnerability in NamoInstaller ActiveX Control, which can be exploited by malicious people to compromise a user's system.
Mon, 28 Jan 08
Fedora update for icu
http://secunia.com/advisories/28669/
Fedora has issued an update for icu. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Mon, 28 Jan 08
Proficy HMI/SCADA - CIMPLICITY w32rtr.exe Packet Processing Buffer Overfow
http://secunia.com/advisories/28663/
Eyal Udassin has reported a vulnerability in Proficy HMI/SCADA - CIMPLICITY, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Mon, 28 Jan 08
Proficy Real-Time Information Portal "Add WebSource" File Upload Vulnerability
http://secunia.com/advisories/28678/
Eyal Udassin has reported a vulnerability in Proficy Real-Time Information Portal, which can be exploited by malicious users to compromise a vulnerable system.
Mon, 28 Jan 08
Linux Kernel minix File System Denial of Service Vulnerability
http://secunia.com/advisories/28654/
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Mon, 28 Jan 08
phpIP Management Two SQL Injection Vulnerabilities
http://secunia.com/advisories/28656/
Charles Hooper has discovered two vulnerabilities in phpIP Management, which can be exploited by malicious people and users to conduct SQL injection attacks.
Mon, 28 Jan 08
Debian update for yarssr
http://secunia.com/advisories/28671/
Debian has issued an update for yarssr. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Mon, 28 Jan 08
Gentoo update for xine-lib
http://secunia.com/advisories/28674/
Gentoo has issued an update for xine-lib. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Mon, 28 Jan 08
Gentoo update for ngircd
http://secunia.com/advisories/28673/
Gentoo has issued an update for ngircd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Mon, 28 Jan 08
Gentoo update for blam
http://secunia.com/advisories/28672/
Gentoo has issued an update for blam. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
Mon, 28 Jan 08
Fedora update for cups
http://secunia.com/advisories/28676/
Fedora has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Mon, 28 Jan 08
Firebird "username" Buffer Overflow Vulnerability
http://secunia.com/advisories/28596/
A vulnerability has been reported in Firebird, which can potentially be exploited by malicious people to compromise a vulnerable system.
Mon, 28 Jan 08
Debian update for gforge
http://secunia.com/advisories/28598/
Debian has issued an update for gforge. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
Mon, 28 Jan 08
Gentoo update for cherrypy
http://secunia.com/advisories/28620/
Gentoo has issued an update for cherrypy. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Sat, 26 Jan 08
Docsvault Firebird Service Buffer Overflow Vulnerabilities
http://secunia.com/advisories/28635/
Some vulnerabilities have been reported in Docsvault, which can be exploited by malicious people to compromise a vulnerable system.
Sat, 26 Jan 08
Red Hat update for icu
http://secunia.com/advisories/28615/
Red Hat has issued an update for icu. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Sat, 26 Jan 08
International Components for Unicode Regular Expressions Vulnerabilities
http://secunia.com/advisories/28575/
Will Drewry has reported some vulnerabilities in International Components for Unicode, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Sat, 26 Jan 08
Move Networks Upgrade Manager Upgrade Class ActiveX Control Buffer Overflow
http://secunia.com/advisories/28647/
Elazar Broad has discovered a vulnerability in Move Networks Upgrade Manager, which can be exploited by malicious people to compromise a user's system.
Sat, 26 Jan 08
SUSE Update for Multiple Packages
http://secunia.com/advisories/28636/
SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to bypass certain security restrictions, to cause a DoS, or to compromise a user's system.
Sat, 26 Jan 08
Seagull PHP Framework "files" Information Disclosure
http://secunia.com/advisories/28646/
fuzion has discovered a vulnerability in Seagull PHP Framework, which can be exploited by malicious people to disclose sensitive information.
Sat, 26 Jan 08
phpBB Private Message Deletion Cross-Site Request Forgery
http://secunia.com/advisories/28630/
NBBN has discovered a vulnerability in phpBB, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Sat, 26 Jan 08
Fedora update for hsqldb
http://secunia.com/advisories/28585/
Fedora has issued an update for hsqldb. This fixes a vulnerability, which has unknown impacts.
Sat, 26 Jan 08
ImageShack Toolbar FileUploader Class ActiveX Control "BuildSlideShow()" Insecure Method
http://secunia.com/advisories/28644/
rgod has discovered a weakness in ImageShack Toolbar, which can be exploited by malicious people to potentially disclose sensitive information.
Sat, 26 Jan 08
Tiger Php News System "catid" SQL Injection
http://secunia.com/advisories/28641/
0in has discovered a vulnerability in Tiger Php News System, which can be exploited by malicious people to conduct SQL injection attacks.
Sat, 26 Jan 08
Woltlab Burning Board Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/28634/
NBBN has reported a vulnerability in Woltlab Burning Board, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Sat, 26 Jan 08
Avaya CMS / IR Solaris X Window System PCF Font Handler Vulnerability
http://secunia.com/advisories/28621/
Avaya has acknowledged a vulnerability in Avaya CMS / IR, which can be exploited by malicious, local users to cause a DoS (Denial of Service), or to gain escalated privileges.
Sat, 26 Jan 08
Avaya Products e2fsprogs Integer Overflow Vulnerabilities
http://secunia.com/advisories/28648/
Avaya has acknowledged some vulnerabilities in multiple Avaya products, which potentially can be exploited by malicious people to compromise an application using the library.
Sat, 26 Jan 08
Fedora update for pulseaudio
http://secunia.com/advisories/28623/
Fedora has issued an update for pulseaudio. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Sat, 26 Jan 08
Fedora update for kernel
http://secunia.com/advisories/28628/
Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions and corrupt a file system.
Sat, 26 Jan 08
Fedora update for xorg-x11-server
http://secunia.com/advisories/28627/
Fedora has issued an update for xorg-x11-server. This fixes a security issue, which can be exploited by malicious people with physical access to a system to bypass certain security restrictions.
Sat, 26 Jan 08
rPath update for CherryPy
http://secunia.com/advisories/28611/
rPath has issued an update for CherryPy. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security settings.
Sat, 26 Jan 08
Mandriva update for x11-server
http://secunia.com/advisories/28584/
Mandriva has issued an update for x11-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Sat, 26 Jan 08
rPath update for bind and bind-utils
http://secunia.com/advisories/28429/
rPath has issued an update for bind and bind-utils. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Sat, 26 Jan 08
IBM AIX Multiple Vulnerabilities
http://secunia.com/advisories/28609/
Some vulnerabilities have been reported in IBM AIX, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain files, or gain escalated privileges.
Sat, 26 Jan 08
aconon Mail "template" Information Disclosure
http://secunia.com/advisories/28617/
Arno Töll has reported a vulnerability in aconon Mail, which can be exploited by malicious people to disclose sensitive information.
Sat, 26 Jan 08
Mandriva update for libxfont
http://secunia.com/advisories/28571/
Mandriva has issued an update for libxfont. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
Sat, 26 Jan 08
ManageEngine Applications Manager Multiple Vulnerabilities
http://secunia.com/advisories/28332/
Hector Manuel Escalona Mendoza has discovered some vulnerabilities, a security issue, and a weakness in ManageEngine Applications Manager, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or conduct cross-site scripting attacks.
Sat, 26 Jan 08
Mandriva update for x11-server-xgl
http://secunia.com/advisories/28616/
Mandriva has issued an update for x11-server-xgl. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Sat, 26 Jan 08
HTTP File Server Multiple Vulnerabilities
http://secunia.com/advisories/28631/
Felipe Aragon and Alec Storm have reported some vulnerabilities and security issues in HTTP File Server, which can be exploited by malicious people to disclose system information, conduct spoofing and cross-site scripting attacks, bypass certain security restrictions, manipulate data, and potentially compromise a vulnerable system.
Thu, 24 Jan 08
PHP-Nuke "modules/Search/index.php" SQL Injection
http://secunia.com/advisories/28624/
Foster & 1dt.w0lf have discovered a vulnerability in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 24 Jan 08
aflog SQL Injection and Script Insertion Vulnerabilities
http://secunia.com/advisories/28594/
shinmai has discovered some vulnerabilities in aflog, which can be exploited by malicious users to conduct script insertion attacks, and by malicious people to conduct SQL injection attacks.
Wed, 23 Jan 08
Lycos FileUploader Module File Upload Component ActiveX Control Buffer Overflow
http://secunia.com/advisories/28599/
Elazar Broad has discovered a vulnerability in Lycos FileUploader Module, which can be exploited by malicious people to compromise a user's system.
Wed, 23 Jan 08
Fedora update for clamav
http://secunia.com/advisories/28587/
Fedora has issued an update for clamav. This fixes some vulnerabilities, where one vulnerability has an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Wed, 23 Jan 08
Fedora update for boost
http://secunia.com/advisories/28545/
Fedora has issued an update for boost. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 23 Jan 08
Fedora update for libXfont
http://secunia.com/advisories/28500/
Fedora has issued an update for libXfont. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
Wed, 23 Jan 08
Fedora update for bind
http://secunia.com/advisories/28487/
Fedora has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Wed, 23 Jan 08
Fedora update for xorg-x11-server
http://secunia.com/advisories/28592/
Fedora has issued an update for xorg-x11-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Wed, 23 Jan 08
HP Virtual Rooms Install HPVirtualRooms14 Class ActiveX Control Buffer Overflow
http://secunia.com/advisories/28595/
Elazar Broad has discovered a vulnerability in HP Virtual Rooms Install, which can be exploited by malicious people to compromise a user's system.
Wed, 23 Jan 08
Kayako SupportSuite "syncml/index.php" Information Disclosure
http://secunia.com/advisories/28613/
Janek Vind has reported a vulnerability in Kayako SupportSuite, which can be exploited by malicious people to disclose system information.
Wed, 23 Jan 08
Debian update for scponly
http://secunia.com/advisories/28538/
Debian has issued an update for scponly. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
Wed, 23 Jan 08
ELOG Script Insertion and Denial of Service Vulnerabilities
http://secunia.com/advisories/28589/
Some vulnerabilities have been reported in ELOG, which can be exploited by malicious users to cause a DoS (Denial of Service) and conduct script insertion attacks.
Wed, 23 Jan 08
Citadel SMTP "makeuserkey()" Buffer Overflow Vulnerability
http://secunia.com/advisories/28590/
prdelka has discovered a vulnerability in Citadel, which can be exploited by malicious people to compromise a vulnerable system.
Wed, 23 Jan 08
AlstraSoft Forum Pay Per Post Exchange "catid" SQL Injection Vulnerability
http://secunia.com/advisories/28581/
t0pP8uZz & xprog have reported a vulnerability in AlstraSoft Forum Pay Per Post Exchange, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 23 Jan 08
IBM Tivoli Provisioning Manager for OS Deployment HTTP Server Denial of Service
http://secunia.com/advisories/28604/
A vulnerability has been reported in IBM Tivoli Provisioning Manager for OS Deployment, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 23 Jan 08
IBM WebSphere Business Modeler Repository Deletion Security Issue
http://secunia.com/advisories/28586/
A security issue has been reported in IBM WebSphere Business Modeler, which can be exploited by malicious users to manipulate certain data.
Wed, 23 Jan 08
IBM Tivoli Business Service Manager Password Disclosure
http://secunia.com/advisories/28603/
Some security issues have been reported in IBM Tivoli Business Service Manager, which potentially can be exploited by malicious, local users to disclose sensitive information.
Wed, 23 Jan 08
Lama Software "MY_CONF[classRoot]" File Inclusion Vulnerabilities
http://secunia.com/advisories/28442/
QTRinux has reported some vulnerabilities in Lama Software, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Wed, 23 Jan 08
WebSphere Application Server Two Vulnerabilities
http://secunia.com/advisories/28588/
Some vulnerabilities with unknown impact have been reported in WebSphere Application Server.
Wed, 23 Jan 08
OZJournals "id" Information Disclosure Vulnerability
http://secunia.com/advisories/28582/
shinmai has discovered a vulnerability in OZJournals, which can be exploited by malicious people to disclose potentially sensitive information.
Wed, 23 Jan 08
IDMOS "fileName" Information Disclosure Vulnerability
http://secunia.com/advisories/28436/
MhZ91 has discovered a vulnerability in IDMOS, which can be exploited by malicious people to disclose sensitive information.
Wed, 23 Jan 08
PacerCMS "submit.php" Cross Site Scripting Vulnerability
http://secunia.com/advisories/28605/
A vulnerability has been reported in PacerCMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
Wed, 23 Jan 08
Avaya Products httpd Multiple Vulnerabilities
http://secunia.com/advisories/28607/
Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious people to conduct cross-site scripting attacks.
Wed, 23 Jan 08
Interstage HTTP Server Multiple Vulnerabilities
http://secunia.com/advisories/28606/
Fujitsu has acknowledged some vulnerabilities in Interstage HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or to conduct cross-site scripting attacks.
Wed, 23 Jan 08
Debian update for libvorbis
http://secunia.com/advisories/28614/
Debian has issued an update for libvorbis. This fixes some vulnerabilties, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
Tue, 22 Jan 08
Debian update for xine-lib
http://secunia.com/advisories/28507/
Debian has issued an update for xine-lib. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Tue, 22 Jan 08
Mandriva update for cairo
http://secunia.com/advisories/28555/
Mandriva has issued an update for cairo. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
Tue, 22 Jan 08
WordPress WP-Forum Plugin "user" SQL Injection
http://secunia.com/advisories/28567/
websec Team have discovered a vulnerability in the WP-Forum plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 22 Jan 08
IBM WebSphere Application Server serveServletsByClassnameEnabled Vulnerability
http://secunia.com/advisories/28576/
A vulnerability has been reported in IBM WebSphere Application Server, which has an unknown impact.
Tue, 22 Jan 08
singapore "gallery" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28573/
Rubén Ventura Pińa has discovered a vulnerability in singapore, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 22 Jan 08
AXIGEN Mail Server AXIMilter Format String Vulnerability
http://secunia.com/advisories/28562/
hempel has discovered a vulnerability in the AXIGEN Mail Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Tue, 22 Jan 08
Numara FootPrints Arbitrary Command Execution
http://secunia.com/advisories/28390/
Ricky Zhou has discovered some vulnerabilities in Numara FootPrints, which can be exploited by malicious people to compromise a vulnerable system.
Tue, 22 Jan 08
Omegasoft Insel User Enumeration and Security Bypass
http://secunia.com/advisories/28410/
MC Iglo has reported a weakness and a vulnerability in Omegasoft Insel, which can be exploited by malicious people to determine valid usernames and by malicious users to potentially bypass certain security restrictions.
Tue, 22 Jan 08
MyBB SQL Injection and Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/28572/
Some vulnerabilities have been reported in MyBB, which can be exploited by malicious users to conduct SQL injection or cross-site request forgery attacks.
Tue, 22 Jan 08
bloofoxCMS SQL Injection and Information Disclosure
http://secunia.com/advisories/28415/
AmnPardaz Security Research Team have discovered two vulnerabilities in bloofoxCMS, which can be exploited by malicious people to disclose sensitive information or to conduct SQL injection attacks.
Tue, 22 Jan 08
phpAutoVideo File Inclusion and Cross-Site Scripting
http://secunia.com/advisories/28580/
H-T Team have reported two vulnerabilities in phpAutoVideo, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to compromise a vulnerable system.
Tue, 22 Jan 08
Mantis "Most Active" Script Insertion Vulnerability
http://secunia.com/advisories/28577/
A vulnerability has been reported in Mantis, which can be exploited by malicious users to conduct script insertion attacks.
Tue, 22 Jan 08
Red Hat update for wireshark
http://secunia.com/advisories/28583/
Red Hat has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Tue, 22 Jan 08
BitDefender Update Server HTTP Server Directory Traversal Vulnerability
http://secunia.com/advisories/28578/
Oliver Karow has discovered a vulnerability in BitDefender Update Server, which can be exploited by malicious people to disclose sensitive information.
Tue, 22 Jan 08
Toshiba Surveillix RecordSend Class ActiveX Control Buffer Overflows
http://secunia.com/advisories/28557/
retrogod has discovered two vulnerabilities in the Toshiba Surveillix RecordSend Class ActiveX control, which can be exploited by malicious people to compromise a user's system.
Tue, 22 Jan 08
ISC BIND libbind "inet_network()" Off-By-One Vulnerability
http://secunia.com/advisories/28579/
A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Tue, 22 Jan 08
Apache Tomcat SingleSignOn Information Disclosure
http://secunia.com/advisories/28552/
A security issue has been reported in Apache Tomcat, which can be exploited by malicious people to disclose potentially sensitive information.
Tue, 22 Jan 08
Debian update for tomcat5.5
http://secunia.com/advisories/28549/
Debian has issued an update for tomcat5.5. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks, and a security issue, which can be exploited by malicious people to disclose potentially sensitive information.
Tue, 22 Jan 08
Gentoo update for netscape-flash
http://secunia.com/advisories/28570/
Gentoo has issued an update for netscape-flash. This fixes some vulnerabilities, where one vulnerability has an unknown impact and others can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP request splitting attacks, disclose sensitive information, cause a Denial of Service (DoS), or to potentially compromise a user's system.
http://secunia.com/software_inspector/
Tue, 22 Jan 08
Microsoft Visual Basic ".dsr" File Handling Buffer Overflows
http://secunia.com/advisories/28563/
shinnai has discovered two vulnerabilities in Microsoft Visual Basic, which can be exploited by malicious people to compromise a user's system.
Tue, 22 Jan 08
Small Axe Weblog linkbar.php File Inclusion Vulnerabilities
http://secunia.com/advisories/28568/
Two vulnerabilities have been reported in Small Axe Weblog, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Tue, 22 Jan 08
Debian update for horde3
http://secunia.com/advisories/28546/
Debian has issued an update for horde3. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions and manipulate data.
Mon, 21 Jan 08
Debian update for mantis
http://secunia.com/advisories/28551/
Debian has issued an update for mantis. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks, and a security issue, which can be exploited by malicious people to disclose sensitive information.
Mon, 21 Jan 08
Gentoo update for xorg-server and libxfont
http://secunia.com/advisories/28273/
Gentoo has issued an update for xorg-server and libxfont. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Mon, 21 Jan 08
Ubuntu update for apt-listchanges
http://secunia.com/advisories/28574/
Ubuntu has issued an update for apt-listchanges. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
Mon, 21 Jan 08
Fedora update for syslog-ng
http://secunia.com/advisories/28372/
Fedora has issued an update for syslog-ng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Mon, 21 Jan 08
Debian update for flac
http://secunia.com/advisories/28548/
Debian has issued an update for flac. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Mon, 21 Jan 08
Fedora update for cairo
http://secunia.com/advisories/28529/
Fedora has issued an update for cairo. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
Mon, 21 Jan 08
Fedora update for e2fsprogs
http://secunia.com/advisories/28541/
Fedora has issued an update for e2fsprogs. This fixes a some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
Mon, 21 Jan 08
Gentoo update for libcdio
http://secunia.com/advisories/28569/
Gentoo has issued an update for libcdio. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
Sat, 19 Jan 08
Microsoft Visual FoxPro ActiveX Controls Insecure Methods
http://secunia.com/advisories/28417/
shinnai has reported some vulnerabilities in Microsoft Visual FoxPro, which potentially can be exploited by malicious people to compromise a user's system.
Sat, 19 Jan 08
Mahara HTML File Upload Script Insertion Vulnerability
http://secunia.com/advisories/28484/
A vulnerability has been discovered in Mahara, which can be exploited by malicious users to conduct script insertion attacks.
Sat, 19 Jan 08
Debian update for xorg-server
http://secunia.com/advisories/28539/
Debian has issued an update for xorg-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information or to gain escalated privileges.
Sat, 19 Jan 08
Clever Copy SQL Injection and Cross-Site Scripting
http://secunia.com/advisories/28560/
hadihadi has discovered some vulnerabilities in Clever Copy, which can be exploited by malicious people to conduct cross-site scripting attacks and SQL injection attacks.
Sat, 19 Jan 08
Openfire Jetty Information Disclosure Vulnerability
http://secunia.com/advisories/28547/
A vulnerability has been reported in Openfire, which can be exploited by malicious people to disclose sensitive information.
Sat, 19 Jan 08
8e6 R3000 Internet Filter URL Filter Bypass Vulnerability
http://secunia.com/advisories/28524/
nnposter has reported a vulnerability in 8e6 R3000 Internet Filter, which can be exploited by malicious people to bypass certain security restrictions.
Sat, 19 Jan 08
cPanel Leech Protect "rurl" Cross-Site Scripting
http://secunia.com/advisories/28561/
Aria-Security Team have reported a vulnerability in cPanel, which can be exploited by malicious people to conduct cross-site scripting attacks.
Sat, 19 Jan 08
Red Hat update for XFree86
http://secunia.com/advisories/28542/
Red Hat has issued an update for XFree86. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or gain escalated privileges.
Fri, 18 Jan 08
OKI C5510MFP Configuration Interface Security Issues
http://secunia.com/advisories/28553/
Compass Security AG has reported two security issues in OKI C5510MFP, which can be exploited by malicious people to disclose sensitive information and to bypass certain security restrictions.
Fri, 18 Jan 08
Sun Solaris X Window System and X Server Multiple Vulnerabilities
http://secunia.com/advisories/28550/
Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Fri, 18 Jan 08
Winamp Ultravox Streaming Metadata Parsing Buffer Overflows
http://secunia.com/advisories/27865/
Secunia Research has discovered two vulnerabilities in Winamp, which can be exploited by malicious people to compromise a user's system.
Fri, 18 Jan 08
Famp3 "id" SQL Injection Vulnerability
http://secunia.com/advisories/28566/
IRCRASH has discovered a vulnerability in Famp3, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 18 Jan 08
rPath update for kernel
http://secunia.com/advisories/28558/
rPath has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions and corrupt a file system.
Fri, 18 Jan 08
Red Hat update for libXfont
http://secunia.com/advisories/28544/
Red Hat has issued an update for libXfont. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
Fri, 18 Jan 08
FaPersianHack "id" SQL Injection Vulnerability
http://secunia.com/advisories/28565/
IRCRASH has discovered a vulnerability in FaPersianHack, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 18 Jan 08
SUSE update for Xorg and XFree
http://secunia.com/advisories/28540/
SUSE has issued an update for Xorg and XFree. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or gain escalated privileges.
Fri, 18 Jan 08
F5 BIG-IP "SearchString" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28505/
nnposter has reported a vulnerability in F5 BIG-IP, which can be exploited by malicious people to conduct cross-site scripting attacks.
Fri, 18 Jan 08
Red Hat update for xorg-x11
http://secunia.com/advisories/28536/
Red Hat has issued an update for xorg-x11. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or gain escalated privileges.
Fri, 18 Jan 08
BitTorrent Peer Client Denial of Service Vulnerability
http://secunia.com/advisories/28537/
Luigi Auriemma has discovered a vulnerability in BitTorrent, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 18 Jan 08
uTorrent Peer Client Denial of Service Vulnerability
http://secunia.com/advisories/28533/
Luigi Auriemma has discovered a vulnerability in uTorrent, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 18 Jan 08
Ubuntu update for libxfont and xorg-server
http://secunia.com/advisories/28535/
Ubuntu has issued an update for libxfont and xorg-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information or to gain escalated privileges.
Fri, 18 Jan 08
rPath update for mysql
http://secunia.com/advisories/28559/
rPath has issued an update for mysql. This fixes a vulnerability, which can be exploited by malicious, local users to manipulate certain data.
Fri, 18 Jan 08
RTSP MPEG4 SP Control ActiveX Control "MP4Prefix" Property Buffer Overflow
http://secunia.com/advisories/28492/
rgod has discovered a vulnerability in RTSP MPEG4 SP Control, which can be exploited by malicious people to compromise a user's system.
Fri, 18 Jan 08
Fa Persian Petition "id" SQL Injection Vulnerability
http://secunia.com/advisories/28522/
IRCRASH has discovered a vulnerability in Fa Persian Petition, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 18 Jan 08
Fa Name "id" SQL Injection Vulnerability
http://secunia.com/advisories/28528/
IRCRASH has discovered a vulnerability in Fa Name, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 18 Jan 08
Debian update for apt-listchanges
http://secunia.com/advisories/28513/
Debian has issued an update for apt-listchanges. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
Fri, 18 Jan 08
HP Oracle for OpenView Multiple Vulnerabilities
http://secunia.com/advisories/28556/
HP has acknowledged some vulnerabilities with unknown impacts in HP OfO (Oracle for Openview), which can be exploited by malicious users and malicious people.
Fri, 18 Jan 08
Red Hat update for xorg-x11-server
http://secunia.com/advisories/28543/
Red Hat has issued an update for xorg-x11-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information or to gain escalated privileges.
Fri, 18 Jan 08
X.org X11 Multiple Vulnerabilities
http://secunia.com/advisories/28532/
Some vulnerabilities have been reported in X.org X11, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Fri, 18 Jan 08
aliTalk Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/28515/
tomplixsee has discovered some vulnerabilities in aliTalk, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 18 Jan 08
MyBB PHP Code Execution and SQL Injection Vulnerabilities
http://secunia.com/advisories/28509/
Some vulnerabilities have been reported in MyBB, which can be exploited by malicious users to conduct SQL injection attacks, and by malicious people to compromise a vulnerable system.
Fri, 18 Jan 08
Fedora update for python-paramiko
http://secunia.com/advisories/28488/
Fedora has issued an update for python-paramiko. This fixes a weakness, which can be exploited by malicious people to disclose potentially sensitive information.
Thu, 17 Jan 08
Site2Nite Real Estate Web SQL Injection Vulnerabilities
http://secunia.com/advisories/28531/
Aria-Security.Net has reported some vulnerabilities in Site2Nite Real Estate Web, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 17 Jan 08
Adobe Dreamweaver/Contribute "Insert Flash Video" Cross-Site Scripting
http://secunia.com/advisories/28519/
Some vulnerabilities have been reported in Adobe Dreamweaver and Adobe Contribute, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 17 Jan 08
Adobe Connect Enterprise Server Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28517/
Some vulnerabilities have been reported in Adobe Connect Enterprise Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 17 Jan 08
BLOG:CMS Multiple Vulnerabilities
http://secunia.com/advisories/28523/
Digital Security Research Group has reported some vulnerabilities in BLOG:CMS, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and SQL injection attacks.
Thu, 17 Jan 08
Pixelpost "parent_id" SQL Injection Vulnerability
http://secunia.com/advisories/28499/
Silentz has reported a vulnerability in Pixelpost, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 17 Jan 08
Citrix Presentation Server IMA Service Buffer Overflow Vulnerability
http://secunia.com/advisories/28508/
A vulnerability has been reported in Citrix Presentation Server, which can be exploited by malicious people to compromise a vulnerable system.
Thu, 17 Jan 08
Mini File Host "language" Local File Inclusion
http://secunia.com/advisories/28504/
Scary-Boys and S.W.A.T. have discovered a vulnerability in Mini File Host, which can be exploited by malicious people to disclose sensitive information.
Thu, 17 Jan 08
Cisco VPN Client IPSec Driver Local Denial of Service
http://secunia.com/advisories/28472/
mu-b has reported a vulnerability in Cisco VPN Client, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Thu, 17 Jan 08
Cisco Unified Communications Manager CTL Provider Service Buffer Overflow
http://secunia.com/advisories/28530/
Cody Pierce has reported a vulnerability in Cisco Unified Communications Manager (CUCM), which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Thu, 17 Jan 08
MailBee WebMail Pro File Disclosure Vulnerability
http://secunia.com/advisories/28521/
-=M.o.B=- has reported a vulnerability in MailBee WebMail Pro, which can be exploited by malicious people to disclose sensitive information.
Thu, 17 Jan 08
php-residence "cognome_cerca" SQL Injection Vulnerability
http://secunia.com/advisories/28516/
IRCRASH has discovered a vulnerability in php-residence, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 17 Jan 08
Interstage HTTP Server mod_imap Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28525/
Fujitsu has acknowledged a vulnerability in Interstage HTTP Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 17 Jan 08
Mandriva update for apache
http://secunia.com/advisories/28526/
Mandriva has issued an update for apache. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to cause a DoS (Denial of Service).
Thu, 17 Jan 08
Ubuntu update for boost
http://secunia.com/advisories/28527/
Ubuntu has issued an update for boost. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 17 Jan 08
IBM Informix Dynamic Server Unspecified File Creation Vulnerabilities
http://secunia.com/advisories/28534/
Some vulnerabilities with unknown impact have been reported in Informix Dynamic Server.
Thu, 17 Jan 08
Boost Regular Expressions Denial of Service Vulnerabilities
http://secunia.com/advisories/28511/
Some vulnerabilities have been reported in Boost, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 16 Jan 08
MiniWeb HTTP Server Buffer Overflow and Directory Traversal
http://secunia.com/advisories/28512/
Hamid Ebadi has discovered two vulnerabilities in MiniWeb HTTP Server, which can be exploited by malicious people to disclose sensitive information, to cause a DoS (Denial of Service), or to potentially compromise a vulnerable system.
Wed, 16 Jan 08
ngIRCd "PART" Denial of Service Vulnerability
http://secunia.com/advisories/28425/
A vulnerability has been reported in ngIRCd, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 16 Jan 08
Lotus Sametime Client Script Execution Vulnerability
http://secunia.com/advisories/27942/
Vikas Singhal has reported a vulnerability in IBM Lotus Sametime, which can be exploited by malicious users to execute arbitrary script code.
Wed, 16 Jan 08
Qvod Player QvodCtrl Class ActiveX Control "URL" Property Buffer Overflow
http://secunia.com/advisories/28494/
A vulnerability has been reported in Qvod Player, which can be exploited by malicious people to compromise a user's system.
Wed, 16 Jan 08
X2300 Series Denial of Service Vulnerability
http://secunia.com/advisories/28085/
A vulnerability has been reported in the X2300 series, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 16 Jan 08
Article Dashboard "f_username" SQL Injection Vulnerability
http://secunia.com/advisories/28495/
Xcross87 has discovered a vulnerability in Article Dashboard, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 16 Jan 08
Oracle Products Multiple Vulnerabilities
http://secunia.com/advisories/28518/
Multiple vulnerabilities with unknown impacts have been reported for various Oracle products, which can be exploited by malicious users and malicious people.
Wed, 16 Jan 08
Radiator Denial of Service Vulnerability
http://secunia.com/advisories/28463/
A vulnerability has been reported in Radiator, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 16 Jan 08
Apple iPhone / iPod touch Multiple Vulnerabilities
http://secunia.com/advisories/28497/
Two vulnerabilities and a security issue have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, or to compromise a vulnerable device.
Wed, 16 Jan 08
TIBCO SmartSockets Multiple Vulnerabilities
http://secunia.com/advisories/28490/
Some vulnerabilities have been discovered in TIBCO SmartSockets, which can be exploited by malicious people to compromise a vulnerable system.
Wed, 16 Jan 08
Apple QuickTime Multiple Vulnerabilities
http://secunia.com/advisories/28502/
Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a vulnerable system.
Wed, 16 Jan 08
HP-UX update for xfs
http://secunia.com/advisories/28514/
HP has issued an update for xfs. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Wed, 16 Jan 08
rPath update for cairo
http://secunia.com/advisories/28476/
rPath has issued an update for cairo. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
Wed, 16 Jan 08
LulieBlog Multiple Security Bypass Vulnerabilities
http://secunia.com/advisories/28432/
ka0x has discovered some vulnerabilities in LulieBlog, which can be exploited by malicious people to bypass certain security restrictions.
Wed, 16 Jan 08
Microsoft Excel File Handling Code Execution
http://secunia.com/advisories/28506/
A vulnerability has been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.
Wed, 16 Jan 08
Debian update for syslog-ng
http://secunia.com/advisories/28483/
Debian has issued an update for syslog-ng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 16 Jan 08
Fedora update for xine-lib
http://secunia.com/advisories/28489/
Fedora has issued an update for xine-lib. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Wed, 16 Jan 08
rPath update for postgresql and postgresql-server
http://secunia.com/advisories/28455/
rPath has issued an update for postgresql and postgresql-server. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges or to cause a DoS (Denial of Service).
Wed, 16 Jan 08
rPath update for libxml2
http://secunia.com/advisories/28450/
rPath has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 16 Jan 08
RTS Sentry PTZCamPanelCtrl ActiveX Control Buffer Overflow
http://secunia.com/advisories/28435/
rgod has discovered a vulnerability in the RTS Sentry PTZCamPanelCtrl ActiveX control, which can be exploited by malicious people to compromise a user's system.
Wed, 16 Jan 08
Macrovision FLEXnet Connect ActiveX Controls Insecure Methods
http://secunia.com/advisories/28496/
Elazar Broad has discovered some vulnerabilities in Macrovision FLEXnet Connect, which can be exploited by malicious people to overwrite arbitrary files and compromise a user's system.
Wed, 16 Jan 08
MySQL yaSSL Multiple Vulnerabilities
http://secunia.com/advisories/28419/
Some vulnerabilities have been reported in MySQL, which can be exploited by malicious people to cause a DoS (Denial of Service) and to compromise a vulnerable system.
Wed, 16 Jan 08
RichStrong CMS "cat" SQL Injection Vulnerability
http://secunia.com/advisories/28449/
JosS has reported a vulnerability in RichStrong CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 16 Jan 08
Red Hat update for httpd
http://secunia.com/advisories/28467/
Red Hat has issued an update for httpd. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
Wed, 16 Jan 08
Red Hat update for apache
http://secunia.com/advisories/28471/
Red Hat has issued an update for apache. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 10 Jan 08
Ubuntu update for Net-SNMP
http://secunia.com/advisories/28413/
Ubuntu has issued an update for Net-SNMP. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 10 Jan 08
Gentoo update for squid
http://secunia.com/advisories/28403/
Gentoo has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 10 Jan 08
Mandriva update for libexif
http://secunia.com/advisories/28400/
Mandriva has issued an update for libexif. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library.
Thu, 10 Jan 08
Debian update for fail2ban
http://secunia.com/advisories/28374/
Debian has issued an update for fail2ban. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 10 Jan 08
Ubuntu update for squid
http://secunia.com/advisories/28381/
Ubuntu has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 10 Jan 08
Gentoo update for claws-mail
http://secunia.com/advisories/28402/
Gentoo has issued an update for claws-mail. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Thu, 10 Jan 08
Gentoo update for openafs
http://secunia.com/advisories/28401/
Gentoo has issued an update for openafs. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).
Thu, 10 Jan 08
Mandriva update for postgresql
http://secunia.com/advisories/28376/
Mandriva has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges or to cause a DoS (Denial of Service).
Thu, 10 Jan 08
bitweaver "suck_url" Information Disclosure
http://secunia.com/advisories/28300/
AmnPardaz Security Research Team have discovered a vulnerability in bitweaver, which can be exploited by malicious people to disclose sensitive information.
Thu, 10 Jan 08
Gateway CWebLaunchCtl ActiveX Control "DoWebLaunch()" Vulnerabilities
http://secunia.com/advisories/28379/
Some vulnerabilities have been discovered in Gateway CWebLaunchCtl ActiveX control, which can be exploited by malicious people to compromise a vulnerable system.
Thu, 10 Jan 08
Linksys WRT54GL Cross-Site Request Forgery
http://secunia.com/advisories/28364/
Tomaz Bratusa has reported a vulnerability in Linksys WRT54GL, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Thu, 10 Jan 08
Joomla! Cross-Site Request Forgery and Script Insertion Vulnerabilities
http://secunia.com/advisories/28219/
Some vulnerabilities have been reported in Joomla!, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.
Thu, 10 Jan 08
IBM WebSphere Application Server for z/OS HTTP Server Vulnerability
http://secunia.com/advisories/28375/
IBM has acknowledged a vulnerability in IBM Websphere Application Server for z/OS, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 10 Jan 08
xine-lib "rmff_dump_cont()" Buffer Overflow Vulnerabilities
http://secunia.com/advisories/28384/
Luigi Auriemma has discovered some vulnerabilities in xine-lib, which potentially can be exploited by malicious people to compromise a user's system.
Thu, 10 Jan 08
RunCms newbb_plus "Client-IP" SQL Injection
http://secunia.com/advisories/28340/
gemaglabin and Elekt have discovered a vulnerability in RunCms, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 10 Jan 08
PortalApp Multiple Vulnerabilities
http://secunia.com/advisories/28337/
r3dm0v3 has reported some vulnerabilities in PortalApp, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks or bypass certain security restrictions.
Thu, 10 Jan 08
HP-UX update for Firefox
http://secunia.com/advisories/28398/
HP has issued an update for Firefox. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, conduct phishing and cross-site scripting attacks, manipulate certain data, and potentially compromise a user's system.
Thu, 10 Jan 08
Eggblog "eggblogpassword" SQL Injection Vulnerability
http://secunia.com/advisories/28371/
gemaglabin and Elekt have discovered a vulnerability in eggblog, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 10 Jan 08
HP-UX update for Thunderbird
http://secunia.com/advisories/28363/
HP has issued an update for Thunderbird. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
Thu, 10 Jan 08
Xcms PHP Code Execution and Local File Inclusion
http://secunia.com/advisories/28256/
Some vulnerabilities have been reported in Xcms, which can be exploited by malicious people to disclose sensitive information and to compromise a vulnerable system.
Thu, 10 Jan 08
Debian update for libarchive
http://secunia.com/advisories/28377/
Debian has issued an update for libarchive. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Thu, 10 Jan 08
Gentoo update for unp
http://secunia.com/advisories/28388/
Gentoo has issued an update for unp. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Thu, 10 Jan 08
Mandriva update for clamav
http://secunia.com/advisories/28153/
Mandriva has issued an update for clamav. This fixes some vulnerabilities, where one vulnerability has unknown impacts and others can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Thu, 10 Jan 08
Ubuntu update for cups
http://secunia.com/advisories/28386/
Ubuntu has issued an update for cups. This fixes a vulnerability which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system, and a security issue which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Thu, 10 Jan 08
Ubuntu update for opal
http://secunia.com/advisories/28380/
Ubuntu has issued an update for opal. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library.
Wed, 9 Jan 08
Microsoft Windows TCP/IP Implementation Vulnerabilities
http://secunia.com/advisories/28297/
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Wed, 9 Jan 08
OpenPegasus PAM Module Buffer Overflow Vulnerabilities
http://secunia.com/advisories/28358/
Some vulnerabilities have been reported in OpenPegasus, which can potentially be exploited by malicious people to compromise a vulnerable system.
Wed, 9 Jan 08
FlexBB "flexbb_temp_id" SQL Injection Vulnerability
http://secunia.com/advisories/28373/
Eugene Minaev has discovered a vulnerability in FlexBB, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 9 Jan 08
Layton HelpBox Multiple Vulnerabilities
http://secunia.com/advisories/27699/
Secunia Research has discovered some vulnerabilities and a weakness in Layton HelpBox, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and compromise a vulnerable system, and by malicious people to identify valid user accounts and conduct cross-site scripting, script insertion, and SQL injection attacks.
Wed, 9 Jan 08
TUTOS Command Execution and Information Exposure
http://secunia.com/advisories/28291/
H-T TeaM have discovered two vulnerabilities in TUTOS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Wed, 9 Jan 08
VMware ESX Server Multiple Security Updates
http://secunia.com/advisories/28368/
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform actions with escalated privileges and by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Wed, 9 Jan 08
VMware ESX Server and VirtualCenter Multiple Security Updates
http://secunia.com/advisories/28365/
VMware has issued updates for VMware ESX Server and VirtualCenter. These fix some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, to cause a DoS (Denial of Service) or compromise a vulnerable system.
Wed, 9 Jan 08
Red Hat update for tog-pegasus
http://secunia.com/advisories/28338/
Red Hat has issued an update for tog-pegasus. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Wed, 9 Jan 08
SmallNuke "user_email" SQL Injection Vulnerability
http://secunia.com/advisories/28301/
Eugene Minaev has discovered a vulnerability in SmallNuke, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 9 Jan 08
Red Hat update for e2fsprogs
http://secunia.com/advisories/28360/
Red Hat has issued an update for e2fsprogs. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
Wed, 9 Jan 08
SUSE update for opera
http://secunia.com/advisories/28314/
SUSE has issued an update for opera. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a user's system.
Wed, 9 Jan 08
Debian update for freetype
http://secunia.com/advisories/28333/
Debian has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
Wed, 9 Jan 08
ClipShare "UID" SQL Injection Vulnerability
http://secunia.com/advisories/28313/
A vulnerability has been reported in ClipShare, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 9 Jan 08
unp File Name Handling Command Injection
http://secunia.com/advisories/28282/
A security issue has been reported in unp, which potentially can be exploited by malicious people to compromise a user's system.
Wed, 9 Jan 08
Debian update for tomcat5
http://secunia.com/advisories/28361/
Debian has issued an update for tomcat5. This fixes some vulnerabilities, which can be exploited by malicious people and malicious users to disclose sensitive information.
Tue, 8 Jan 08
Motorola netOctopus Agent nantsys.sys Privilege Escalation
http://secunia.com/advisories/28366/
A vulnerability has been reported in Motorola netOctopus, which can be exploited by malicious, local users to gain escalated privileges.
Tue, 8 Jan 08
Ubuntu update for tomboy
http://secunia.com/advisories/28339/
Ubuntu has issued an update for tomboy. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
Tue, 8 Jan 08
Techsmith Camtasia SWF "csPreloader" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28311/
Rich Cannings has reported a vulnerability in Techsmith Camtasia, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 8 Jan 08
PostgreSQL Multiple Vulnerabilities
http://secunia.com/advisories/28359/
Some vulnerabilities have been reported in PostgreSQL, which can be exploited by malicious users to gain escalated privileges or to cause a DoS (Denial of Service).
Tue, 8 Jan 08
NetRisk Multiple Vulnerabilities
http://secunia.com/advisories/28328/
hadihadi and S.W.A.T. have discovered some vulnerabilities in NetRisk, which can be exploited by malicious people to conduct SQL injection attacks and to compromise a vulnerable system.
Tue, 8 Jan 08
Strawberry "text" PHP Code Execution
http://secunia.com/advisories/28330/
Eugene Minaev has discovered a vulnerability in Strawberry, which can be exploited by malicious people to compromise a vulnerable system.
Tue, 8 Jan 08
NetRisk "page" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28369/
hadihadi has discovered a vulnerability in NetRisk, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 8 Jan 08
IBM AIX Trusted Execution Vulnerability
http://secunia.com/advisories/28257/
A vulnerability with an unknown impact has been reported in IBM AIX.
Tue, 8 Jan 08
Xerox ESS/Network Controller Samba Vulnerabilities
http://secunia.com/advisories/28292/
Some vulnerabilities have been reported in Xerox ESS/Network Controller, which can be exploited by malicious users or malicious people to compromise a vulnerable system.
Tue, 8 Jan 08
Aruba Mobility Controller LDAP User Authentication Security Bypass
http://secunia.com/advisories/28357/
A security issue has been reported in Aruba Mobility Controller, which can be exploited by malicious people to bypass certain security restrictions.
Tue, 8 Jan 08
Sun Solaris FreeType TTF Font Parsing Vulnerability
http://secunia.com/advisories/28298/
Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the FreeType library.
Tue, 8 Jan 08
SAM Broadcaster samPHPweb "commonpath" File Inclusion Vulnerability
http://secunia.com/advisories/28355/
Crackers_Child has discovered a vulnerability in the samPHPweb template included in SAM Broadcaster, which can be exploited by malicious people to compromise a vulnerable system.
Tue, 8 Jan 08
Tribisur "id" and "cat" SQL Injection Vulnerabilities
http://secunia.com/advisories/28362/
x0kster has discovered some vulnerabilities in Tribisur, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 8 Jan 08
RapidShare Database "Arayalim" Cross-Site Scripting
http://secunia.com/advisories/28189/
GeFORC3 has reported a vulnerability in RapidShare Database, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 8 Jan 08
SineCMS "sine[config][index_main]" File Inclusion Vulnerability
http://secunia.com/advisories/28305/
KiNgOfThEwOrLd has reported a vulnerability in SineCMS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Tue, 8 Jan 08
Shareaza Update Notifications Security Issue
http://secunia.com/advisories/28302/
A security issue has been reported in Shareaza, which can be exploited by malicious people to conduct spoofing attacks.
Tue, 8 Jan 08
yaSSL Multiple Vulnerabilities
http://secunia.com/advisories/28324/
Luigi Auriemma has discovered some vulnerabilities in yaSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) and to compromise an application using the library.
Tue, 8 Jan 08
Snitz Forums 2000 "mail" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28284/
Doz has reported a vulnerability in Snitz Forums 2000, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 8 Jan 08
Loudblog "template" Code Execution Vulnerability
http://secunia.com/advisories/28336/
Eugene Minaev has discovered a vulnerability in Loudblog, which can be exploited by malicious people to compromise a vulnerable system.
Tue, 8 Jan 08
Fedora update for python-cherrypy
http://secunia.com/advisories/28353/
Fedora has issued an update for python-cherrypy. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Tue, 8 Jan 08
Foxit WAC Server Telnet Denial of Service
http://secunia.com/advisories/28272/
Luigi Auriemma has discovered a vulnerability in Foxit WAC Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
Tue, 8 Jan 08
CherryPy Session Id Directory Traversal Vulnerability
http://secunia.com/advisories/28354/
A vulnerability has been reported in CherryPy, which can be exploited by malicious people to bypass certain security settings.
Tue, 8 Jan 08
JustSystem Products JSFC.DLL Buffer Overflow Vulnerability
http://secunia.com/advisories/28275/
Hiroshi Ukai has reported a vulnerability in various JustSystem products, which can be exploited by malicious people to compromise a user's system.
Mon, 7 Jan 08
Fedora update for mantis
http://secunia.com/advisories/28352/
Fedora has issued an update for mantis. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.
Mon, 7 Jan 08
Debian update for eggdrop
http://secunia.com/advisories/28347/
Debian has issued an update for eggdrop. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Mon, 7 Jan 08
rPath update for tetex
http://secunia.com/advisories/28345/
rPath has issued an update for tetex, tetex-afm, tetex-dvips, tetex-fonts, tetex-latex, and tetex-xdvi. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Mon, 7 Jan 08
Debian update for wzdftpd
http://secunia.com/advisories/28342/
Debian has issued an update for wzdftpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system.
Mon, 7 Jan 08
Debian update for loop-aes-utils
http://secunia.com/advisories/28349/
Debian has issued an update for loop-aes-utils. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Mon, 7 Jan 08
Debian update for util-linux
http://secunia.com/advisories/28348/
Debian has issued an update for util-linux. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Mon, 7 Jan 08
Debian update for mysql-dfsg-5.0
http://secunia.com/advisories/28343/
Debian has issued an update for mysql-dfsg-5.0. This fixes some security issues and a vulnerability, which can be exploited by malicious users to bypass certain security restrictions, manipulate data, and cause a DoS (Denial of Service).
Mon, 7 Jan 08
Mandriva update for squid
http://secunia.com/advisories/28350/
Mandriva has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Mon, 7 Jan 08
Novell ZENworks Endpoint Security Management Privilege Escalation
http://secunia.com/advisories/28351/
A vulnerability has been reported in Novell ZENworks Endpoint Security Management, which can be exploited by malicious, local users to gain escalated privileges.
Mon, 7 Jan 08
rPath update for cups
http://secunia.com/advisories/28344/
rPath has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Mon, 7 Jan 08
rPath update for libexif
http://secunia.com/advisories/28346/
rPath has issued an update for libexif. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library.
Sat, 5 Jan 08
XOOPS "b_system_comments_show()" Security Bypass
http://secunia.com/advisories/28264/
A weakness has been reported in XOOPS, which can be exploited by malicious users to bypass certain security restrictions.
Sat, 5 Jan 08
Debian update for tomcat5.5
http://secunia.com/advisories/28317/
Debian has issued an update for tomcat5.5. This fixes some vulnerabilities and a security issue, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to disclose sensitive information and conduct cross-site scripting attacks.
Sat, 5 Jan 08
2z project Multiple Vulnerabilities
http://secunia.com/advisories/28244/
Alexandr Polyakov and Stas Svistunovich have reported some vulnerabilities in 2z project, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to conduct script insertion attacks.
Sat, 5 Jan 08
Makale Scripti "ara" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28262/
GeFORC3 has reported a vulnerability in Makale Scripti, which can be exploited by malicious people to conduct cross-site scripting attacks.
Sat, 5 Jan 08
PRO-Search Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28335/
MustLive has reported some vulnerabilities in PRO-Search, which can be exploited by malicious people to conduct cross-site scripting attacks.
Sat, 5 Jan 08
Hot or Not Clone Multiple Vulnerabilities
http://secunia.com/advisories/28261/
RoMaNcYxHaCkEr has reported some vulnerabilities in Hot or Not Clone, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, or to compromise a vulnerable system.
Sat, 5 Jan 08
W3-mSQL Error Page Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28294/
vivek_infosec has reported a vulnerability in W3-mSQL, which can be exploited by malicious people to conduct cross-site scripting attacks.
Sat, 5 Jan 08
Mongrel "DirHandler" Directory Traversal Vulnerability
http://secunia.com/advisories/28323/
A vulnerability has been reported in Mongrel, which can be exploited by malicious people to disclose sensitive information.
Sat, 5 Jan 08
Debian update for php5
http://secunia.com/advisories/28249/
Debian has issued an update for php5. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions.
Sat, 5 Jan 08
rPath update for dovecot
http://secunia.com/advisories/28227/
rPath has issued an update for dovecot. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.
Sat, 5 Jan 08
Debian update for maradns
http://secunia.com/advisories/28334/
Debian has issued an update for maradns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Sat, 5 Jan 08
Debian update for tcpreen
http://secunia.com/advisories/28254/
Debian has issued an update for tcpreen. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Sat, 5 Jan 08
OpenAFS File Server Denial of Service Vulnerability
http://secunia.com/advisories/28327/
A vulnerability has been reported in OpenAFS, which can be exploited by malicious users to cause a DoS (Denial od Service).
Sat, 5 Jan 08
MaraDNS CNAME Record Resource Rotation Denial of Service
http://secunia.com/advisories/28329/
A vulnerability has been reported in MaraDNS, which can be exploited by malicious people to cause a DoS (Denial of Service).
Sat, 5 Jan 08
eTicket "Name" and "Subject" Script Insertion Vulnerabilities
http://secunia.com/advisories/28331/
Omer Singer has discovered two vulnerabilities in eTicket, which can be exploited by malicious people to conduct script insertion attacks.
Sat, 5 Jan 08
Fedora update for asterisk
http://secunia.com/advisories/28299/
Fedora has issued an update for asterisk. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 4 Jan 08
Debian update for wireshark
http://secunia.com/advisories/28315/
Debian has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 4 Jan 08
rPath update for tshark and wireshark
http://secunia.com/advisories/28304/
rPath has issued an update for tshark and wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 4 Jan 08
Kontakt Formular "root_path" File Inclusion Vulnerability
http://secunia.com/advisories/28296/
bd0rk has reported a vulnerability in Kontakt Formular, which can be exploited by malicious people to compromise a vulnerable system.
Fri, 4 Jan 08
libcdio cd-info/iso-info Buffer Overflow Vulnerabilities
http://secunia.com/advisories/28308/
Some vulnerabilities have been reported in the cd-info and iso-info applications of libcdio, which potentially can be be exploited by malicious people to compromise a user's system.
Fri, 4 Jan 08
SeattleLab SLNet RF Telnet Server Denial of Service
http://secunia.com/advisories/28316/
Luigi Auriemma has discovered a vulnerability in SeattleLab SLNet RF Telnet Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 4 Jan 08
Jetty Information Disclosure Vulnerability
http://secunia.com/advisories/28322/
A vulnerability has been reported in Jetty, which can be exploited by malicious people to disclose sensitive information.
Fri, 4 Jan 08
milliscripts Redirection "cat" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28306/
Jose Luis Góngora Fernández has reported a vulnerability in milliscripts Redirection, which can be exploited by malicious people to conduct cross-site scripting attacks.
Fri, 4 Jan 08
SanyBee Gallery "p" Local File Inclusion
http://secunia.com/advisories/28270/
jackal has reported a vulnerability in SanyBee Gallery, which can be exploited by malicious users to disclose sensitive information.
Fri, 4 Jan 08
MyPHP Forum SQL Injection Vulnerabilities
http://secunia.com/advisories/28280/
Some vulnerabilities have been reported in MyPHP Forum, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 4 Jan 08
NoseRub "Username" SQL Injection Vulnerability
http://secunia.com/advisories/28259/
Felix Groebert has reported a vulnerability in NoseRub, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 4 Jan 08
zenphoto "albumnr" SQL Injection
http://secunia.com/advisories/28281/
Silentz has discovered a vulnerability in zenphoto, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 4 Jan 08
InstantSoftwares Dating Site Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/28283/
Some vulnerabilities have been reported in InstantSoftwares Dating Site, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Fri, 4 Jan 08
nicLOR CMS "id" SQL Injection Vulnerability
http://secunia.com/advisories/28222/
x0kster has reported a vulnerability in nicLOR CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 4 Jan 08
PHP Multiple Vulnerabilities
http://secunia.com/advisories/28318/
Some vulnerabilities have been reported in PHP, where some have unknown impact and others can be exploited by malicious users to bypass certain security restrictions.
Fri, 4 Jan 08
PHCDownload "string" Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/28258/
lostmon has discovered some vulnerabilities in PHCDownload, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Fri, 4 Jan 08
Joomla PU Arcade Component "fid" SQL Injection Vulnerability
http://secunia.com/advisories/28295/
HouSSamix has reported a vulnerability in the PU Arcade component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 4 Jan 08
CMS Made Simple "templateid" SQL Injection Vulnerability
http://secunia.com/advisories/28285/
EgiX has reported a vulnerability in CMS Made Simple, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 4 Jan 08
Logaholic Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/28263/
malibu.r has reported some vulnerabilities in Logaholic, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Fri, 4 Jan 08
MODx Content Management System Local File Inclusion Vulnerabilities
http://secunia.com/advisories/28220/
AmnPardaz has reported some vulnerabilities in MODx Content Management System, which can be exploited by malicious people to disclose potentially sensitive information.
Fri, 4 Jan 08
White_dune Format String and Buffer Overflow Vulnerabilities
http://secunia.com/advisories/28287/
Luigi Auriemma has reported some vulnerabilities in White_dune, which can be exploited by malicious people to compromise a user's system.
Fri, 4 Jan 08
phpWebSite "search" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28303/
Audun Larsen has discovered a vulnerability in phpWebSite, which can be exploited by malicious people to conduct cross-site scripting attacks.
Fri, 4 Jan 08
Mandriva update for wireshark
http://secunia.com/advisories/28325/
Mandriva has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 4 Jan 08
RealPlayer Unspecified Buffer Overflow Vulnerability
http://secunia.com/advisories/28276/
Evgeny Legerov has reported a vulnerability in RealPlayer, which can be exploited by malicious people to compromise a user's system.
Fri, 4 Jan 08
eSyndiCat Link Exchange Script "id" SQL Injection Vulnerability
http://secunia.com/advisories/28199/
EgiX has reported a vulnerability in eSyndiCat Link Exchange Script, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 4 Jan 08
Georgia SoftWorks SSH2 Server Multiple Vulnerabilities
http://secunia.com/advisories/28307/
Luigi Auriemma has reported some vulnerabilities in Georgia SoftWorks SSH2 Server, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Thu, 3 Jan 08
Qt QSslSocket Certificate Verification Vulnerability
http://secunia.com/advisories/28228/
A vulnerability has been reported in Qt, which can be exploited by malicious people to bypass certain security restrictions.
Thu, 3 Jan 08
Avaya Products pam Vulnerability and Security Issue
http://secunia.com/advisories/28319/
Avaya has acknowledged a vulnerability and a security issue in various Avaya products, which can be exploited by malicious, local users to disclose sensitive information and by malicious users to inject certain data.
Thu, 3 Jan 08
Avaya Products openssh Multiple Vulnerabilities
http://secunia.com/advisories/28320/
Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious people to disclose certain system information and to inject certain data.
Thu, 3 Jan 08
AGENCY4NET WEBFTP "file" Directory Traversal Vulnerability
http://secunia.com/advisories/28309/
GoLd_M has discovered a vulnerability in AGENCY4NET WEBFTP, which can be exploited by malicious people to disclose sensitive information.
Thu, 3 Jan 08
Gentoo update for clamav
http://secunia.com/advisories/28278/
Gentoo has issued an update for clamav. This fixes some vulnerabilities, where one vulnerability has an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Thu, 3 Jan 08
Gentoo update for mt-daapd
http://secunia.com/advisories/28269/
Gentoo has acknowledged some vulnerabilities mt-daapd, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Thu, 3 Jan 08
Plone LiveSearch Module News Item Script Insertion
http://secunia.com/advisories/28293/
ilmila has discovered a vulnerability in Plone, which can be exploited by malicious users to conduct script insertion attacks.
Thu, 3 Jan 08
LiveCart Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28017/
Doz has reported some vulnerabilities in LiveCart, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 3 Jan 08
ZyXEL P-330W Cross-Site Scripting and Request Forgery Vulnerabilities
http://secunia.com/advisories/28172/
Some vulnerabilities have been reported in ZyXEL P-330W, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
Thu, 3 Jan 08
Gentoo update for wireshark
http://secunia.com/advisories/28288/
Gentoo has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 3 Jan 08
Gentoo update for emul-linux-x86-gtklibs
http://secunia.com/advisories/28289/
Gentoo has issued an update for emul-linux-x86-gtklibs. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
Thu, 3 Jan 08
Atlassian JIRA Enterprise Edition Cross-Site Scripting and Security Bypass
http://secunia.com/advisories/27954/
A vulnerability and two weaknesses have been reported in Atlassian JIRA Enterprise Edition, which can be exploited by malicious users to bypass certain security restrictions and malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
Thu, 3 Jan 08
Gentoo update for opera
http://secunia.com/advisories/28290/
Gentoo has issued an update for opera. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a user's system.
Thu, 3 Jan 08
CoolPlayer OGG Tag Processing Buffer Overflow
http://secunia.com/advisories/28226/
Luigi Auriemma has reported a vulnerability in CoolPlayer, which can be exploited by malicious people to compromise a user's system.
Thu, 3 Jan 08
Dovecot LDAP Auth Cache Security Bypass
http://secunia.com/advisories/28271/
A security issue has been reported in Dovecot, which can be exploited by malicious users to bypass certain security restrictions.
Wed, 2 Jan 08
Gentoo update for openoffice, openoffice-bin, and hsqldb
http://secunia.com/advisories/28286/
Gentoo has issued an update for openoffice, openoffice-bin, and hsqldb. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Wed, 2 Jan 08
Gentoo update for syslog-ng
http://secunia.com/advisories/28279/
Gentoo has issued an update for syslog-ng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 2 Jan 08
Gentoo update for mozilla-firefox/-bin and seamonkey/-bin
http://secunia.com/advisories/28277/
Gentoo has issued an update for mozilla-firefox, mozilla-firefox-bin, seamonkey, and seamonkey-bin. This fixes a security issue and some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks and potentially compromise a user's system.
Wed, 2 Jan 08
Apache Tomcat JULI Logging Component Security Bypass
http://secunia.com/advisories/28274/
A security issue has been reported in Apache Tomcat, which can be exploited by malicious, local users to bypass certain security restrictions.
Wed, 2 Jan 08
Debian update for peercast
http://secunia.com/advisories/28260/
Debian has issued an update for peercast. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system.
Wed, 2 Jan 08
Debian update for libsndfile
http://secunia.com/advisories/28265/
Debian has issued an update for libsndfile. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
Wed, 2 Jan 08
Debian update for tar
http://secunia.com/advisories/28255/
Debian has issued an update for tar. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Wed, 2 Jan 08
Gentoo update for exiftags
http://secunia.com/advisories/28268/
Gentoo has issued an update for exiftags. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Wed, 2 Jan 08
Gentoo update for libexif
http://secunia.com/advisories/28266/
Gentoo has issued an update for libexif. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library.
Wed, 2 Jan 08
Debian update for inotify-tools
http://secunia.com/advisories/28221/
Debian has issued an update for inotify-tools. This fixes a vulnerability, which can potentially be exploited by malicious users to compromise an application using the library.
Wed, 2 Jan 08
Gentoo update for exiv2
http://secunia.com/advisories/28267/
Gentoo has issued an update for exiv2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library.
Wed, 2 Jan 08
Debian update for typo3-src
http://secunia.com/advisories/28243/
Debian has issued an update for typo3-src. This fixes a vulnerability, which can be exploited by malicious users to conduct SQL injection attacks.