Software and Script Bug Exploits
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Thu, 28 Feb 08
Wireshark Multiple Denial of Service Vulnerabilities
http://secunia.com/advisories/29156/
Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
Red Hat update for ghostscript
http://secunia.com/advisories/29112/
Red Hat has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
Trend Micro OfficeScan CGI Module and Policy Server Buffer Overflows
http://secunia.com/advisories/29124/
Luigi Auriemma has discovered some vulnerabilities in Trend Micro OfficeScan, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
Ghostscript "zseticcspace()" Buffer Overflow Vulnerability
http://secunia.com/advisories/29103/
Chris Evans has reported a vulnerability in Ghostscript, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
Thecus N5200 Control Panel "name" File Inclusion Vulnerability
http://secunia.com/advisories/29013/
Crackers_Child has reported a vulnerability in Thecus N5200, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
Cisco IP Phone 7921 Insecure PEAP Implementation
http://secunia.com/advisories/29082/
A security issue has been reported in Cisco IP Phone 7921, which potentially can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
Serendipity Script Insertion and Cross-Site Scripting
http://secunia.com/advisories/29128/
Hanno Boeck has discovered two vulnerabilities in Serendipity, which can be exploited by malicious users to conduct cross-site scripting and script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
InterVideo WinDVD Media Center Denial of Service Vulnerabilities
http://secunia.com/advisories/28910/
Parvez Anwar has discovered some vulnerabilities in InterVideo WinDVD Media Center, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
4XEM VatDecoder VatCtrl Class ActiveX Control "Url" Property Buffer Overflow
http://secunia.com/advisories/29146/
rgod has discovered a vulnerability in 4XEM VatDecoder, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
D-Link MPEG4 SHM (Audio) Control ActiveX Control "Url" Property Buffer Overflow
http://secunia.com/advisories/29131/
rgod has discovered a vulnerability in D-Link MPEG4 SHM (Audio) Control, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
Apple Mac OS X "ipcomp6_input()" Denial of Service
http://secunia.com/advisories/29130/
A vulnerability has been reported in Apple Mac OS X, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
Symark PowerBroker Client Binaries Buffer Overflow Vulnerabilities
http://secunia.com/advisories/29111/
Michael Ligh and Greg Sinclair have reported some vulnerabilities in Symark PowerBroker, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
activePDF Server Packet Handling Buffer Overflow Vulnerability
http://secunia.com/advisories/27371/
Secunia Research has discovered a vulnerability in activePDF Server, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
Symantec Products Symantec Decomposer RAR File Handling Vulnerabilities
http://secunia.com/advisories/29140/
Two vulnerabilities have been reported in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
Gentoo update for xine-lib
http://secunia.com/advisories/29141/
Gentoo has issued an update in xine-lib. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 28 Feb 08
NetWin WebMail Format String Vulnerability
http://secunia.com/advisories/29137/
Luigi Auriemma has reported a vulnerability in NetWin WebMail, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
VLC Media Player MP4 Demuxer Arbitrary Memory Overwrite
http://secunia.com/advisories/29122/
A vulnerability has been reported in VLC Media Player, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Mozilla Thunderbird MIME Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/29133/
A vulnerability has been reported in Mozilla Thunderbird, which can be exploited by malicious people to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Gentoo update for asterisk
http://secunia.com/advisories/29051/
Gentoo has issued an update for asterisk. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
ISS Internet Scanner Reporting Engine Script Insertion Vulnerability
http://secunia.com/advisories/29038/
A vulnerability has been reported in ISS Internet Scanner, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
WordPress Sniplets Plugin Multiple Vulnerabilities
http://secunia.com/advisories/29099/
NBBN has discovered some vulnerabilities in the Sniplets plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Plume CMS "dir" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29116/
Omer Singer has discovered a vulnerability in Plume CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
SurgeMail Format String and Buffer Overflow Vulnerabilities
http://secunia.com/advisories/29105/
Luigi Auriemma has discovered some vulnerabilities in SurgeMail, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
H-Sphere SiteStudio Unspecified Vulnerability
http://secunia.com/advisories/29084/
A vulnerability with unknown impact has been reported in H-Sphere SiteStudio.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Debian update for koffice
http://secunia.com/advisories/29104/
Debian has issued an update for koffice. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
DBHcms "extmanager_install" File Inclusion Vulnerability
http://secunia.com/advisories/29110/
Iron has discovered a vulnerability in DBHcms, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
VMware Products Shared Folders Directory Traversal Vulnerability
http://secunia.com/advisories/29117/
Gerardo Richarte has reported a vulnerability in VMware products, which can be exploited by malicious, local users or malicious applications to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Rising Online Virus Scanner Web Scan ActiveX Control "UpdateEngine()" Insecure Method
http://secunia.com/advisories/29109/
John Smith has discovered a vulnerability in Rising Online Virus Scanner, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Move Media Player Quantum Streaming IE Player "UploadLogs()" Buffer Overflow
http://secunia.com/advisories/29108/
Elazar Broad has discovered a vulnerability in Move Media Player, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
KVM Block Device Backend Security Bypass
http://secunia.com/advisories/29129/
A vulnerability has been reported in KVM, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Fedora update for qemu
http://secunia.com/advisories/29081/
Fedora has issued an update for qemu. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Fedora update for kvm
http://secunia.com/advisories/29136/
Fedora has issued an update for kvm. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
SurgeFTP "Content-Length" Denial of Service Vulnerability
http://secunia.com/advisories/29096/
Luigi Auriemma has discovered a vulnerability in SurgeFTP, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
DNSSEC-Tools libval Validation Algorithm Security Issue
http://secunia.com/advisories/29127/
A security issue has been reported in DNSSEC-Tools, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Fedora update for sword
http://secunia.com/advisories/29115/
Fedora has issued an update for sword. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Fedora update for dnssec-tools
http://secunia.com/advisories/29095/
Fedora has issued an update for dnssec-tools. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Fedora update for cups
http://secunia.com/advisories/29120/
Fedora has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Fedora update for wyrd
http://secunia.com/advisories/29113/
Fedora has issued an update for wyrd. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 27 Feb 08
Porar Webboard question.asp SQL Injection Vulnerability
http://secunia.com/advisories/29102/
xcorpitx has reported a vulnerability in Porar Webboard, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Debian update for diatheke
http://secunia.com/advisories/25400/
Debian has issued an update for diatheke. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Mandriva update for nss_ldap
http://secunia.com/advisories/29083/
Mandriva has issued an update for nss_ldap. This fixes a security issue, which can be exploited by malicious people to manipulate certain data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Aeries Browser Interface Script Insertion and SQL Injection
http://secunia.com/advisories/29053/
Arsalan Emamjomehkashan has reported some vulnerabilities in Aeries Browser Interface, which can be exploited by malicious users to conduct SQL injection and script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Red Hat update for cups
http://secunia.com/advisories/29087/
Red Hat has issued an update for cups. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Xoops XM-Memberstats Module "letter" and "sortby" SQL Injection
http://secunia.com/advisories/29107/
Two vulnerabilities have been discovered in the XM-Memberstats module for Xoops, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Joomla! "mosConfig_absolute_path" File Inclusion
http://secunia.com/advisories/29106/
Hendrik-Jan Verheij has discovered a vulnerability in Joomla!, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
ZyXEL Products Multiple Vulnerabilities
http://secunia.com/advisories/29036/
Adrian Pastor has reported some vulnerabilities in ZyXEL products, which can be exploited by malicious users to gain escalated privileges and by malicious people to bypass certain security restrictions or to hijack user sessions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
phpQLAdmin "_SESSION[path]" File Inclusion Vulnerabilities
http://secunia.com/advisories/29076/
RoMaNcYxHaCkEr has reported two vulnerabilities in phpQLAdmin, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Sun Solaris Firewall Security Bypass and Denial of Service
http://secunia.com/advisories/29100/
Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
php Download Manager "content" File Inclusion Vulnerability
http://secunia.com/advisories/29089/
BeyazKurt has discovered a vulnerability in php Download Manager, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
GraphicsMagick Multiple Vulnerabilities
http://secunia.com/advisories/29094/
Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to conduct DoS (Denial of Service) attacks or compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Snom 320 SIP Phone Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/28938/
.mario has reported a vulnerability in Snom 320 SIP Phone, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Matt's Whois "domain" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29093/
Ivan Sanchez and Maximiliano Soler have reported a vulnerability in Matt's Whois, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Debian update for kernel
http://secunia.com/advisories/29058/
Debian has issued an update for kernel-2.4.27 and kernel-2.6.8. This fixes some weaknesses, security issues, and vulnerabilities, where one has an unknown impact, and others can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, bypass certain security restrictions, and gain escalated privileges, and by malicious people to cause a DoS.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Joomla! Gary's Cookbook Component "id" SQL Injection
http://secunia.com/advisories/29090/
S@BUN has discovered a vulnerability in the Gary's Cookbook component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Net Activity Viewer Privilege Escalation Security Issue
http://secunia.com/advisories/29097/
A security issue has been reported in Net Activity Viewer, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
TikiWiki "tiki-edit_article.php" Script Insertion Vulnerability
http://secunia.com/advisories/29092/
A vulnerability has been reported in TikiWiki, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Debian update for iceape
http://secunia.com/advisories/29086/
Debian has issued an update for iceape. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Quantum Star "CONFIG[gameroot]" File Inclusion Vulnerabilities
http://secunia.com/advisories/29077/
RoMaNcYxHaCkEr has discovered two vulnerabilities in Quantum Star: Generations, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Interstage Application Server Single Sign-On Buffer Overflow
http://secunia.com/advisories/29088/
A vulnerability has been reported in Interstage Application Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 26 Feb 08
Debian update for turba2
http://secunia.com/advisories/29071/
Debian has issued an update for turba2. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 25 Feb 08
Double-Take for Windows Information Disclosure and Denial of Service
http://secunia.com/advisories/29075/
Luigi Auriemma has reported some vulnerabilities in Double-Take for Windows, which can be exploited by malicious people to disclose system information and cause a DoS (Denial of Service)
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 25 Feb 08
OpenBSD Two Denial of Service Vulnerabilities
http://secunia.com/advisories/29078/
Two vulnerabilities have been reported in OpenBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 25 Feb 08
Gentoo update for python
http://secunia.com/advisories/29085/
Gentoo has issued an update for python. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 25 Feb 08
SUSE Update for Multiple Packages
http://secunia.com/advisories/29048/
SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 25 Feb 08
Red Hat update for acroread
http://secunia.com/advisories/29065/
Red Hat has issued an update for acroread. This fixes some vulnerabilities, some of which have unknown impacts, while others can be exploited by malicious people to conduct cross-site request forgery attacks, cause a DoS (Denial of Service), or compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 25 Feb 08
Debian update for alsa-driver
http://secunia.com/advisories/29054/
Debian has issued an update for alsa-driver. This fixes a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 25 Feb 08
IBM Lotus Quickr/QuickPlace Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29072/
Nir Goldshlager (Avnet) has reported a vulnerability in IBM Lotus Quickr/QuickPlace, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
OSSIM Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/29046/
Marcin Kopec has discovered some vulnerabilities in OSSIM, which can be exploited by malicious people to conduct cross-site scripting attacks, and by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
XOOPS Tiny Event Module "id" SQL Injection
http://secunia.com/advisories/29073/
S@BUN has discovered a vulnerability in the Tiny Event module for XOOPS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Red Hat update for tcltk
http://secunia.com/advisories/29070/
Red Hat has issued an update for tcltk. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Red Hat update for openldap
http://secunia.com/advisories/29068/
Red Hat has issued an update for openldap. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Red Hat update for tk
http://secunia.com/advisories/29069/
Red Hat has issued an update for tk. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Red Hat update for cups
http://secunia.com/advisories/29067/
Red Hat has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
lighttpd File Descriptor Array Denial of Service Vulnerability
http://secunia.com/advisories/29066/
A vulnerability has been reported in lighttpd, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
XOOPS Prayer List Module "cid" SQL Injection
http://secunia.com/advisories/29063/
S@BUN has discovered a vulnerability in the Prayer List module for XOOPS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
beContent "id" SQL Injection Vulnerability
http://secunia.com/advisories/29061/
Cr@zy_King has reported a vulnerability in beContent, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Debian update for splitvt
http://secunia.com/advisories/29064/
Debian has issued an update for splitvt. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Zilab Chat and Instant Messaging Server Multiple Vulnerabilities
http://secunia.com/advisories/29062/
Luigi Auriemma has discovered some vulnerabilities in Zilab Chat and Instant Messaging (ZIM) Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Solaris 10 Perl Regular Expressions Unicode Data Buffer Overflow
http://secunia.com/advisories/29074/
Sun has acknowledged a vulnerability in Solaris, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Sun Solaris 10 DTrace Dynamic Tracing Framework Information Disclosure
http://secunia.com/advisories/29037/
A vulnerability has been reported in Solaris 10, which can be exploited by malicious, local users to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Sun Solaris CPU Performance Counters Sub-System Local Denial of Service
http://secunia.com/advisories/29052/
Two vulnerabilities have been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Gentoo udpate for clamav
http://secunia.com/advisories/29060/
Gentoo has issued an update for clamav. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Debian update for dspam
http://secunia.com/advisories/29059/
Debian has issued an update for dspam. This fixes a security issue, which can be exploited by malicious, local users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
SplitVT "xprop" Privilege Escalation Security Issue
http://secunia.com/advisories/29080/
A security issue has been reported in SplitVT, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Novell iPrint Client iPrint Control "ExecuteRequest()" Buffer Overflow
http://secunia.com/advisories/27994/
Paul Kurczaba has discovered a vulnerability in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
IBM AIX Pegasus CIM Server for Director Vulnerabilities
http://secunia.com/advisories/29056/
IBM has acknowledged some vulnerabilities in AIX, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
VMware ESX Server Multiple Updates
http://secunia.com/advisories/29032/
VMware has issued updates for VMware ESX Server. These fix some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Ubuntu update for pcre3
http://secunia.com/advisories/29027/
Ubuntu has issued an update for pcre3. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Debian update for wordpress
http://secunia.com/advisories/29014/
Debian has issued an update for wordpress. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information or to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Ubuntu update for libcdio
http://secunia.com/advisories/28970/
Ubuntu has issued an update for libcdio. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 23 Feb 08
Ubuntu update for qt
http://secunia.com/advisories/28999/
Ubuntu has issued an update for qt. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
Joomla astatsPRO Component "id" SQL Injection Vulnerability
http://secunia.com/advisories/29008/
A vulnerability has been reported in the astatsPRO component for Joomla, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
Joomla hwdVideoShare Component "cat_id" SQL Injection
http://secunia.com/advisories/29044/
S@BUN has discovered a vulnerability in the hwdVideoShare component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
Globsy "globsy_edit.php" Vulnerability
http://secunia.com/advisories/29047/
A vulnerability has been discovered an Globsy, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
Netscape Multiple Vulnerabilities
http://secunia.com/advisories/29049/
Netscape has acknowledged some weaknesses, a security issue, and some vulnerabilities in Netscape Navigator, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
HP Tru64 UNIX Perl Regular Expressions Vulnerability
http://secunia.com/advisories/28993/
HP has acknowledged a vulnerability in HP Tru64 UNIX, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
EMC RepliStor Data Decompression Buffer Overflows
http://secunia.com/advisories/29011/
Some vulnerabilities have been reported in EMC RepliStor, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
iScripts MultiCart "productid" SQL Injection Vulnerability
http://secunia.com/advisories/29018/
t0pP8uZz and xprog have reported a vulnerability in iScripts MultiCart, which can be exploited by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
Invision Power Board BBCodes Script Insertion Vulnerability
http://secunia.com/advisories/29055/
A vulnerability has been reported in Invision Power Board, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
Fedora update for moin
http://secunia.com/advisories/28987/
Fedora has issued an update for moin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
Tor World CGI Scripts Multiple Unspecified Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29039/
Some vulnerabilities have been reported in various Tor World CGI Scripts, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
Symantec Veritas Storage Foundation Scheduler Service Denial of Service
http://secunia.com/advisories/29033/
A vulnerability has been reported in Symantec Veritas Storage Foundation, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
Symantec Veritas Storage Foundation Administrator Service Buffer Overflow
http://secunia.com/advisories/29050/
A vulnerability has been reported in Symantec Veritas Storage Foundation, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
Sybase SQL Anywhere MobiLink Buffer Overflow Vulnerability
http://secunia.com/advisories/29045/
Luigi Auriemma has discovered a vulnerability in Sybase MobiLink, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 22 Feb 08
PunBB Password Change and Cross-Site Scripting
http://secunia.com/advisories/29043/
A vulnerability and a weakness have been discovered in PunBB, which can be exploited by malicious users to manipulate data and by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
Debian update for libimager-perl
http://secunia.com/advisories/28868/
Debian has issued an update for libimager-perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
CUPS "process_browse_data()" Double Free Vulnerability
http://secunia.com/advisories/28994/
A vulnerability has been discovered in CUPS, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
IPdiva SSL VPN Server Weakness and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28963/
Ha.ckers.fr Team has reported a weakness and some vulnerabilities in IPdiva SSL VPN Server, which can be exploited by malicious people to conduct brute force and cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
MoinMoin Multiple Vulnerabilities
http://secunia.com/advisories/29010/
Some vulnerabilities have been reported in MoinMoin, which can be exploited by malicious people to conduct cross-site scripting attacks, to manipulate certain data, or potentially to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
Philips VOIP841 Multiple Vulnerabilities
http://secunia.com/advisories/28978/
Luca "ikki" Carettoni has reported a security issue and some vulnerabilities in Philips VOIP841, which can be exploited by malicious people to disclose sensitive information, conduct cross-site scripting attacks, and to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
WoltLab Burning Board "sortOrder" SQL Injection
http://secunia.com/advisories/29020/
NBBN has reported a vulnerability in WoltLab Burning Board, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
Schoolwires Academic Portal browse.asp Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/29034/
Russ McRee has reported two vulnerabilities in Schoolwires Academic Portal, which can be exploited by malicious people to conduct cross-site scripting or SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
Opera Multiple Vulnerabilities
http://secunia.com/advisories/29029/
Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
SmarterMail Subject Script Insertion Vulnerability
http://secunia.com/advisories/29024/
Juan Pablo Lopez Yacubian has discovered a vulnerability in SmarterMail, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
Hitachi EUR Print Manager Unspecified Denial of Service Vulnerability
http://secunia.com/advisories/29030/
A vulnerability has been reported in Hitachi EUR Print Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
Hitachi SEWB3/PLATFORM Unspecified Denial of Service
http://secunia.com/advisories/29028/
A vulnerability has been reported in Hitachi SEWB3/PLATFORM, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
BEA WebLogic Products Multiple Vulnerabilities
http://secunia.com/advisories/29041/
Some vulnerabilities, security issues, and a weakness have been reported in various BEA WebLogic products, which can be exploited by malicious users to conduct script insertion attacks, and by malicious people to conduct session fixation, cross-site scripting, or brute force attacks, disclose sensitive information, or to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
BEA Products "name" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29040/
Jan Fry and Adrian Pastor have reported a vulnerability in BEA AquaLogic Interaction and BEA Plumtree Foundation, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
BEA Products Information Disclosure Vulnerability
http://secunia.com/advisories/28991/
A vulnerability has been reported in some BEA Plumtree Collaboration and BEA AquaLogic Interaction, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
BEA JRockit Multiple Vulnerabilities
http://secunia.com/advisories/29042/
Some vulnerabilities have been reported in BEA JRockit, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
WordPress WP Photo Album Plugin "photo" SQL Injection
http://secunia.com/advisories/28988/
A vulnerability has been reported in the WP Photo Album (WPPA) plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
IBM Lotus Notes Java Plug-in Sandbox Security Bypass
http://secunia.com/advisories/29035/
A vulnerability has been reported in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
IBM Lotus Notes Java Applet Signature Execution Control List Security Bypass
http://secunia.com/advisories/29031/
A security issue has been reported in IBM Lotus Notes, which can be exploited by malicious people to bypass certain security mechanisms.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
Debian update for pcre3
http://secunia.com/advisories/28957/
Debian has issued an update for pcre3. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
Now SMS/MMS Gateway HTTP/SMPP Handling Buffer Overflows
http://secunia.com/advisories/29003/
Luigi Auriemma has discovered some vulnerabilities in Now SMS/MMS Gateway, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 21 Feb 08
Jinzora Multiple Vulnerabilities
http://secunia.com/advisories/29023/
Alexandr Polyakov and Stas Svistunovich have discovered some vulnerabilities in Jinzora, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
Lyris ListManager Security Bypass Vulnerabilities
http://secunia.com/advisories/29019/
Tyler Shields has reported some vulnerabilities in Lyris ListManager, which can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
webcamXP Denial of Service and Information Disclosure
http://secunia.com/advisories/29007/
Luigi Auriemma has discovered a vulnerability in webcamXP, which can be exploited by malicious people to cause a DoS (Denial of Service) or to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
SWORD diatheke.pl Shell Command Injection Vulnerability
http://secunia.com/advisories/29012/
A vulnerability has been discovered in SWORD, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
DESlock+ DLMFDISK.sys/DLMFENC.sys Privilege Escalation Vulnerabilities
http://secunia.com/advisories/29005/
mu-b has reported some vulnerabilities in DESlock+, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
IBM DB2 Multiple Vulnerabilities
http://secunia.com/advisories/29022/
Some vulnerabilities have been reported in IBM DB2, some of which have unknown impacts, while one can potentially be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
Kolab Server ClamAV Multiple Vulnerabilities
http://secunia.com/advisories/29026/
Some vulnerabilities have been reported in Kolab Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
ProjectPier Multiple Vulnerabilities
http://secunia.com/advisories/29016/
L4teral has reported some vulnerabilities in ProjectPier, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks, and by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
ATutor Script Insertion Vulnerabilities
http://secunia.com/advisories/29015/
L4teral has discovered some vulnerabilities in ATutor, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
Kerio MailServer Multiple Vulnerabilities
http://secunia.com/advisories/29021/
Some vulnerabilities have been reported in Kerio MailServer, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
LightBlog "username" Local File Inclusion
http://secunia.com/advisories/29017/
muuratsalo has discovered a vulnerability in LightBlog, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
SUSE update for acroread
http://secunia.com/advisories/28983/
SUSE has issued an update for acroread. This fixes some vulnerabilities, some of which have unknown impacts while others can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
Linux Kernel Multiple Vulnerabilities
http://secunia.com/advisories/28995/
Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
Fedora update for pcre
http://secunia.com/advisories/28996/
Fedora has issued an update for pcre. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
Avaya CMS Solaris X Window System Information Disclosure
http://secunia.com/advisories/28997/
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
WebGUI User Name Script Insertion Vulnerability
http://secunia.com/advisories/28967/
A vulnerability has been reported in WebGUI, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
GNOME GLib PCRE Character Class Buffer Overflow
http://secunia.com/advisories/28985/
A vulnerability has been reported in GNOME GLib, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
wyrd Insecure Temporary File
http://secunia.com/advisories/29009/
A vulnerability has been discovered in wyrd, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
Hosting Controller Multiple Vulnerabilities
http://secunia.com/advisories/28973/
Some vulnerabilities have been reported in Hosting Controller, which can be exploited by malicious users to disclose sensitive information and manipulate certain data, and by malicious people to manipulate certain data, disclose sensitive information, conduct SQL injection attacks, and potentially to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
Joomla! Quran Component "surano" SQL Injection
http://secunia.com/advisories/28986/
breaker_unit and Don have discovered a vulnerability in the Quran component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
Joomla! jooget Component "id" SQL Injection
http://secunia.com/advisories/28998/
S@BUN has discovered a vulnerability in the jooget component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
StatCounteX "admin.asp" Security Bypass
http://secunia.com/advisories/28984/
SekoMirza has discovered a security issue in StatCounteX, which can be exploited by malicious people to bypass certain security restrictions and to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
SUSE update for MozillaFirefox and seamonkey
http://secunia.com/advisories/28958/
SUSE has issued an update for MozillaFirefox and seamonkey. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
XPWeb "Download.php" Arbitrary File Download
http://secunia.com/advisories/29006/
GoLd_M has discovered a vulnerability in XPWeb, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
freeSSHd SSH Server Denial of Service Vulnerability
http://secunia.com/advisories/29002/
Luigi Auriemma has discovered a vulnerability in freeSSHd, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 20 Feb 08
SUSE update for clamav
http://secunia.com/advisories/29001/
SUSE has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Joomla! Quiz Component "tid" SQL Injection
http://secunia.com/advisories/28980/
S@BUN has discovered a vulnerability in the Quiz component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Joomla! McQuiz Component "tid" SQL Injection
http://secunia.com/advisories/28940/
S@BUN has discovered a vulnerability in the McQuiz component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Joomla! mediaslide Component "albumnum" SQL Injection
http://secunia.com/advisories/28962/
inphex has discovered a vulnerability in the mediaslide component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
WordPress Search Unleashed Plugin "s" Script Insertion Vulnerability
http://secunia.com/advisories/28968/
Krzysztof Burghardt has discovered a vulnerability in the Search Unleashed plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Claroline Multiple Vulnerabilities
http://secunia.com/advisories/28942/
Some vulnerabilities have been reported in Claroline, where one has an unknown impact, and others can be exploited by malicious people to conduct cross-site scripting or SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Dokeos Multiple Vulnerabilities
http://secunia.com/advisories/28974/
Some vulnerabilities have been reported in Dokeos, which can be exploited by malicious people to conduct cross-site scripting, script insertion, and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Red Hat update for java-1.4.2-ibm
http://secunia.com/advisories/28880/
Red Hat has issued an update for java-1.4.2-ibm. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Slackware update for apache
http://secunia.com/advisories/28922/
Slackware has issued an update for apache. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Etomite "$_SERVER['PHP_INFO'] " Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28964/
Michael Brooks has discovered a vulnerability in Etomite, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Mandriva update for mplayer
http://secunia.com/advisories/28955/
Mandriva has issued an update for mplayer. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Gentoo update for boost
http://secunia.com/advisories/28943/
Gentoo has issued an update for boost. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
freePHPgallery "lang" Local File Inclusion
http://secunia.com/advisories/28972/
MhZ91 has discovered some vulnerabilities in freePHPgallery, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
Slackware update for php4
http://secunia.com/advisories/28936/
Slackware has issued an update for php4. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
FreeBSD update for ipsec
http://secunia.com/advisories/28979/
FreeBSD has issued an update for ipsec. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
FreeBSD "sendfile" Information Disclosure Security Issue
http://secunia.com/advisories/28928/
A security issue has been reported in FreeBSD, which potentially can be exploited by malicious, local users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 15 Feb 08
OpenCA Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/28951/
Alexander Klink has reported a vulnerability in OpenCA, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
PHParanoid Cross-Site Request Forgery and Security Bypass
http://secunia.com/advisories/28847/
Some vulnerabilities have been reported in PHParanoid, which can be exploited by malicious people to conduct cross-site request forgery attacks and to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
iTheora "url" Disclosure of Sensitive Information
http://secunia.com/advisories/28929/
A vulnerability has been reported in iTheora, which can be exploited by malicious people to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
JSPWiki Multiple Vulnerabilities
http://secunia.com/advisories/28969/
Moshe BA has discovered some vulnerabilities in JSPWiki, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose potentially sensitive information, and by malicious users to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Ubuntu update for kernel
http://secunia.com/advisories/28971/
Ubuntu has issued an update for the kernel. This fixes a security issue and some vulnerabilities, where one has an unknown impact and others can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), bypass certain security restrictions, and corrupt a file system, and by malicious people to cause a DoS.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Fedora update for glib2
http://secunia.com/advisories/28960/
Fedora has released an update for glib2. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
HP-UX update for Apache
http://secunia.com/advisories/28965/
HP-UX has issued an update for Apache. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
PCRE Character Class Buffer Overflow
http://secunia.com/advisories/28923/
A vulnerability has been reported in PCRE, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Cisco Unified IP Phone Multiple Vulnerabilities
http://secunia.com/advisories/28935/
Some vulnerabilities have been reported in Cisco Unified IP Phone models, which can be exploited by malicious users to compromise a vulnerable device or by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable device.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Gentoo update for pulseaudio
http://secunia.com/advisories/28952/
Gentoo has issued an update for pulseaudio. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Cisco Unified Communications Manager "key" SQL Injection
http://secunia.com/advisories/28932/
A vulnerability has been reported in Cisco Unified Communications Manager, which can be exploited by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Drupal Header Image Module Security Bypass Vulnerability
http://secunia.com/advisories/28876/
A vulnerability has been reported in the Header Image module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Avaya CMS Sun Solaris X Window System and X Server Vulnerabilities
http://secunia.com/advisories/28941/
Avaya has acknowledged some vulnerabilities in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
rPath update for SDL_image
http://secunia.com/advisories/28869/
rPath has issued an update for SDL_image. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Fortinet FortiClient Privilege Escalation Vulnerability
http://secunia.com/advisories/28975/
Ruben Santamarta has reported a vulnerability in Fortinet FortiClient, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
rPath update for boost
http://secunia.com/advisories/28860/
rPath has issued an update for boost. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Fedora update for firefox, seamonkey, gtkmozembedmm, and Miro
http://secunia.com/advisories/28924/
Fedora has issued an update for firefox, seamonkey, gtkmozembedmm, and Miro. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
artmedic weblog Multiple Vulnerabilities
http://secunia.com/advisories/28927/
muuratsalo has discovered some vulnerabilities in artmedic weblog, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Fedora update for mailman
http://secunia.com/advisories/28916/
Fedora has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
AuraCMS "albums" SQL Injection Vulnerability
http://secunia.com/advisories/28950/
DNX has discovered a vulnerability in AuraCMS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Sun Solaris USB Mouse STREAMS Module Local Denial of Service
http://secunia.com/advisories/28921/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
F-Secure Products CAB and RAR Archives Security Bypass
http://secunia.com/advisories/28919/
A vulnerability has been reported in various F-Secure products, which can be exploited by malware to bypass the scanning functionality.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Ubuntu update for kernel
http://secunia.com/advisories/28933/
Ubuntu has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
rPath update for kernel
http://secunia.com/advisories/28925/
rPath has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Sun Solaris 10 Language Input Methods Security Issue
http://secunia.com/advisories/28931/
A security issue has been reported in Sun Solaris, which can be exploited by malicious, local users to modify certain files or directories.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 14 Feb 08
Tendenci CMS search.asp Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28882/
Russ McRee has reported some vulnerabilities in Tendenci CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Microsoft Internet Information Services Code Execution Vulnerability
http://secunia.com/advisories/28893/
A vulnerability has been reported in Microsoft Internet Information Services (IIS), which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Microsoft Internet Information Services Privilege Escalation
http://secunia.com/advisories/28849/
A vulnerability has been reported in Microsoft Internet Information Services (IIS), which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Windows Vista DHCP Packet Handling Denial of Service
http://secunia.com/advisories/28828/
A vulnerability has been reported in Windows Vista, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Microsoft Office Publisher File Parsing Vulnerabilities
http://secunia.com/advisories/28906/
Some vulnerabilities have been reported in Microsoft Office Publisher, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Microsoft Active Directory Denial of Service Vulnerability
http://secunia.com/advisories/28764/
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Microsoft Office Object Parsing Memory Corruption Vulnerability
http://secunia.com/advisories/28909/
A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Microsoft Works File Converter File Parsing Vulnerabilities
http://secunia.com/advisories/28904/
Some vulnerabilities have been reported in Microsoft Office and Microsoft Works, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Microsoft Word Unspecified Memory Corruption Vulnerability
http://secunia.com/advisories/28901/
A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Microsoft Windows OLE Automation Memory Corruption
http://secunia.com/advisories/28902/
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Cacti Multiple Vulnerabilities
http://secunia.com/advisories/28872/
Some vulnerabilities have been reported in Cacti, which can be exploited by malicious people to conduct HTTP response splitting, cross-site scripting, and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
SUSE update for kernel
http://secunia.com/advisories/28889/
SUSE has issued an update for the kernel. This fixes a security issue an a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information or gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
ClamAV Multiple Vulnerabilities
http://secunia.com/advisories/28907/
Some vulnerabilities have been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
ikiwiki Two Script Insertion Vulnerabilities
http://secunia.com/advisories/28911/
Two vulnerabilities have been reported in ikiwiki, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Joomla! Rapid Recipe Component Two SQL Injection Vulnerabilities
http://secunia.com/advisories/28883/
breaker_unit has discovered two vulnerabilities in the Rapid Recipe component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Simple Machines Forum SMF Shoutbox Mod Script Insertion
http://secunia.com/advisories/28900/
enterth3dragon has discovered a vulnerability in the SMF Shoutbox mod for Simple Machines Forum, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
SafeNet Sentinel Protection Server/Key Server Directory Traversal Vulnerability
http://secunia.com/advisories/28863/
Luigi Auriemma has discovered a vulnerability in SafeNet Sentinel Protection Server and Key Server, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Larson Network Print Server Format String and Buffer Overflow Vulnerabilities
http://secunia.com/advisories/28890/
Luigi Auriemma has discovered two vulnerabilities in Larson Network Print Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
RPM Remote Print Manager Service "Receive data file" Buffer Overflow
http://secunia.com/advisories/28905/
Luigi Auriemma has discovered a vulnerability in RPM Remote Print Manager, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Debian update for linux-2.6
http://secunia.com/advisories/28875/
Debian has issued an update for linux-2.6. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
MercuryBoard "message" Cross-Site Scripting
http://secunia.com/advisories/28899/
Aria-Security Team have discovered a vulnerability in MercuryBoard, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Ajax Simple Chat Script Insertion Vulnerability
http://secunia.com/advisories/28892/
Aria-Security Team has reported a vulnerability in Ajax Simple Chat, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Red Hat update for java-1.5.0-sun
http://secunia.com/advisories/28888/
Red Hat has issued an update for java-1.5.0-sun. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 12 Feb 08
Beyond! Job Board "FKeywords" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28908/
Ivan Sanchez and Maximiliano Soler have reported a vulnerability in Beyond! Job Board, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Open-Realty "last_module" PHP Code Execution
http://secunia.com/advisories/28874/
Iron has discovered a vulnerability in Open-Realty, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Debian update for wml
http://secunia.com/advisories/28829/
Debian has issued an update for wml. This fixes some security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
ITechBids "item_id" SQL Injection Vulnerability
http://secunia.com/advisories/28887/
SoSo H H has reported a vulnerability in ITechBids, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Linux Kernel "vmsplice()" System Call Vulnerabilities
http://secunia.com/advisories/28835/
Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Joomla! XML-RPC / Blogger API Vulnerability
http://secunia.com/advisories/28861/
A vulnerability has been reported in Joomla!, which can be exploited by malicious people to manipulate certain data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
PacerCMS "last_module" PHP Code Execution
http://secunia.com/advisories/28859/
GoLd_M has discovered a vulnerability in PacerCMS, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Apache Tomcat Cookie Handling Session ID Disclosure
http://secunia.com/advisories/28884/
Two vulnerabilities have been reported in Apache Tomcat, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Apache Tomcat Multiple Vulnerabilities
http://secunia.com/advisories/28878/
Some vulnerabilities have been reported in Apache Tomcat, which can be exploited by malicious people to manipulate certain data or to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
jetAudio ASX Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/28855/
Laurent Gaffie has discovered a vulnerability in jetAudio, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
ExtremeZ-IP File and Print Server Multiple Vulnerabilities
http://secunia.com/advisories/28862/
Luigi Auriemma has discovered some vulnerabilities in ExtremeZ-IP File and Print Server, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Journalness "last_module" PHP Code Execution
http://secunia.com/advisories/28873/
Iron has discovered a vulnerability in Journalness, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Debian update for tk8.4
http://secunia.com/advisories/28867/
Debian has issued an update for tk8.4. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Debian update for tk8.3
http://secunia.com/advisories/28857/
Debian has issued an update for tk8.3. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Debian update for xulrunner
http://secunia.com/advisories/28879/
Debian has issued an update for xulrunner. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
rPath update for firefox
http://secunia.com/advisories/28877/
rPath has issued an update for firefox. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Debian update for iceweasel
http://secunia.com/advisories/28864/
Debian has issued an update for iceweasel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Debian update for phpbb2
http://secunia.com/advisories/28871/
Debian has issued an update for phpbb2. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Sony ImageStation AxRUploadControl ActiveX Control "SetLogging()" Buffer Overflow
http://secunia.com/advisories/28854/
david130490 has discovered a vulnerability in Sony ImageStation AxRUploadControl Object ActiveX control, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Debian update for sdl-image1.2
http://secunia.com/advisories/28837/
Debian has issued an update for sdl-image1.2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Husrev BlackBoard "forumid" SQL Injection Vulnerability
http://secunia.com/advisories/28842/
Cr@zy_King has discovered a vulnerability in Husrev BlackBoard, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
IEA Products Management Web Server Memory Corruption Vulnerability
http://secunia.com/advisories/28846/
Luigi Auriemma has discovered a vulnerability in various IEA Products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Debian update for libexif
http://secunia.com/advisories/28776/
Debian has issued an update for libexif. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
Debian update for icedove
http://secunia.com/advisories/28865/
Debian has issued an update for icedove. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or potentially to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 11 Feb 08
rPath update for kernel
http://secunia.com/advisories/28826/
rPath has issued an update for the kernel. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information or gain escalated privileges and by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sun, 10 Feb 08
MODx Cross-Site Scripting and Cross-Site Request Forgery
http://secunia.com/advisories/28840/
Alexandr Polyakov and Stas Svistunovich have discovered some vulnerabilities in MODx, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sun, 10 Feb 08
VPN-1 SecuRemote/SecureClient NGX R60 and NGAI R56 Information Disclosure
http://secunia.com/advisories/28820/
A vulnerability has been reported in VPN-1 SecuRemote/SecureClient NGX R60 and NGAI R56, which can be exploited by malicious, local users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sun, 10 Feb 08
SUSE Update for Multiple Packages
http://secunia.com/advisories/28838/
SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and cause a DoS (Denial of Service), by malicious users to manipulate data, gain escalated privileges, and cause a DoS, and by malicious people to manipulate data, bypass certain security restrictions, cause a DoS, and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Sun, 10 Feb 08
UltraVNC vncviewer Multiple Buffer Overflow Vulnerabilities
http://secunia.com/advisories/28804/
Some vulnerabilities have been reported in UltraVNC, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sun, 10 Feb 08
Symantec Ghost Solution Suite Client Command Execution Vulnerability
http://secunia.com/advisories/28853/
A vulnerability has been reported in Symantec Ghost Solution Suite, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sun, 10 Feb 08
Ipswitch Instant Messaging IMServer Denial of Service
http://secunia.com/advisories/28824/
Luigi Auriemma has discovered a vulnerability in Ipswitch Instant Messaging, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Red Hat update for seamonkey
http://secunia.com/advisories/28766/
Red Hat has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or potentially to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Red Hat update for firefox
http://secunia.com/advisories/28818/
Red Hat has issued an update for firefox. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Red Hat update for thunderbird
http://secunia.com/advisories/28754/
Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or potentially to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Ubuntu update for firefox
http://secunia.com/advisories/28839/
Ubuntu has issued an update for firefox. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Mozilla Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/28808/
Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or potentially to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
rPath update for gd
http://secunia.com/advisories/28768/
rPath has issued an update for gd. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Website META Language Insecure Temporary Files
http://secunia.com/advisories/28856/
Two security issues have been reported in Website META Language, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Mandriva update for gd
http://secunia.com/advisories/28845/
Mandriva has issued an update for gd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Mozilla SeaMonkey Multiple Vulnerabilities
http://secunia.com/advisories/28815/
Some vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or potentially to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Mozilla Firefox Multiple Vulnerabilities
http://secunia.com/advisories/28758/
Some vulnerabilities and weaknesses have been reported Mozilla Firefox, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Fedora update for openldap
http://secunia.com/advisories/28817/
Fedora has issued an update for openldap. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Sift Unity "qt" Cross-Site Scripting
http://secunia.com/advisories/28841/
Russ McRee has reported a vulnerability in Sift Unity, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
HP Select Identity Multiple Unspecified Vulnerabilities
http://secunia.com/advisories/28844/
Some vulnerabilities have been reported in HP Select Identity, which can be exploited by malicious users to bypass certain security restrictions or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Adobe Reader/Acrobat 7 Multiple Vulnerabilities
http://secunia.com/advisories/28851/
Some vulnerabilities have been reported in Adobe Reader/Acrobat, some of which have unknown impacts while others can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
SUSE update for kernel
http://secunia.com/advisories/28806/
SUSE has issued an update for the kernel. This fixes some security issues and vulnerabilities, where some have unknown impacts and others can be exploited by malicious, local users to disclose potentially sensitive information, bypass certain security restrictions, corrupt a file system, and gain escalated privileges, or by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Fri, 8 Feb 08
Fedora update for tk and perl-Tk
http://secunia.com/advisories/28807/
Fedora has issued an update for tk and perl-Tk. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Mandriva update for tk
http://secunia.com/advisories/28848/
Mandriva has issued an update for tk. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Mandriva update for SDL_image
http://secunia.com/advisories/28850/
Mandriva has issued an update for SDL_image. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
OpenBSD update for X.Org
http://secunia.com/advisories/28843/
OpenBSD has issued an update for X.Org.This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Fedora update for gnumeric
http://secunia.com/advisories/28799/
Fedora has issued an update for gnumeric. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
Mandriva update for libcdio
http://secunia.com/advisories/28796/
Mandriva has issued an update for libcdio. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 8 Feb 08
WordPress XML-RPC Post Edit Vulnerability
http://secunia.com/advisories/28823/
A vulnerability has been reported in WordPress, which can be exploited by malicious users to