Software and Script Bug Exploits
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Wed, 30 Apr 08
FluentCMS "sid" SQL Injection Vulnerability
http://secunia.com/advisories/29970/
cO2 has reported a vulnerability in FluentCMS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for poppler
http://secunia.com/advisories/30033/
Fedora has issued an update for poppler. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for squid
http://secunia.com/advisories/30032/
Fedora has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
rPath update for libpng
http://secunia.com/advisories/29992/
rPath has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
PeerCast "HTTP::getAuthUserPass()" Buffer Overflow Vulnerability
http://secunia.com/advisories/29962/
Nico Golde has reported a vulnerability in PeerCast, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for perl-Imager
http://secunia.com/advisories/30030/
Fedora has issued an update for perl-Imager. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Motorola Surfboard Cable Modem Web Interface Cross-Site Request Forgery
http://secunia.com/advisories/30026/
Rook Security has reported a vulnerability in Motorola Surfboard Cable Modem, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for dbmail
http://secunia.com/advisories/29984/
Fedora has issued an update for dbmail. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for moin
http://secunia.com/advisories/30031/
Fedora has issued an update for moin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for lighttpd
http://secunia.com/advisories/30023/
Fedora has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for asterisk
http://secunia.com/advisories/30010/
Fedora has issued an update for asterisk. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
IBM Lotus Expeditor Client for Desktop "cai" URI Handler Code Execution
http://secunia.com/advisories/29958/
Thomas Pollet has reported a vulnerability in IBM Lotus Expeditor, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for perl
http://secunia.com/advisories/30025/
Fedora has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for KDE4
http://secunia.com/advisories/30001/
Fedora has issued an update for KDE4. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for xine-lib
http://secunia.com/advisories/30021/
Fedora has issued an update for xine-lib. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for wordpress
http://secunia.com/advisories/29994/
Fedora has issued an update for wordpress. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
HP-UX WBEM Services OpenPegasus PAM Module Buffer Overflows
http://secunia.com/advisories/29986/
HP has acknowledged some vulnerabilities in HP-UX, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for clamav
http://secunia.com/advisories/29975/
Fedora has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Softbiz Web Host Directory Script "host_id" SQL Injection
http://secunia.com/advisories/29983/
M.Hasran Addahroni has reported a vulnerability in Softbiz Web Host Directory Script, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 30 Apr 08
Fedora update for util-linux-ng
http://secunia.com/advisories/29982/
Fedora has issued an update for util-linux-ng. This fixes a weakness, which can be exploited by malicious people to manipulate certain data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Prozilla Hosting Index "cat_id" SQL Injection Vulnerability
http://secunia.com/advisories/29936/
M.Hasran Addahroni has reported a vulnerability in Prozilla Hosting Index, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Gentoo update for kde
http://secunia.com/advisories/29977/
Gentoo has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Slackware update for libpng
http://secunia.com/advisories/30009/
Slackware has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
util-linux-ng "login" Audit Log Injection Weakness
http://secunia.com/advisories/30014/
A weakness has been reported in util-linux-ng, which can be exploited by malicious people to manipulate certain data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Jokes Site Script "catagorie" SQL Injection Vulnerability
http://secunia.com/advisories/29981/
ProgenTR has reported a vulnerability in Jokes Site Script, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Imager Image-Based Fill Buffer Overflow Vulnerability
http://secunia.com/advisories/30011/
A vulnerability has been reported in Imager, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Sugar Community Edition RSS Module Information Disclosure Vulnerability
http://secunia.com/advisories/30002/
Roberto Suggi Liverani has reported a vulnerability in Sugar Community Edition, which can be exploited by malicious users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
PhpGedView Unspecified Vulnerability
http://secunia.com/advisories/29989/
A vulnerability has been reported in PhpGedView, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Joovili "category" SQL Injection Vulnerability
http://secunia.com/advisories/29991/
HaCkeR-EgY has reported a vulnerability in Joovili, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Debian update for ldm
http://secunia.com/advisories/29959/
Debian has issued an update for ldm. This fixes a security issue, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Debian update for iceape
http://secunia.com/advisories/30012/
Debian has issued an update for iceape. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Comodo Firewall Pro Hooked Functions Denial of Service
http://secunia.com/advisories/30006/
Core Security Technologies has reported some vulnerabilities in Comodo Firewall Pro, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
BitDefender Antivirus 2008 "NtOpenProcess()" Hooked Function Denial of Service
http://secunia.com/advisories/30005/
Core Security Technologies has reported a vulnerability in BitDefender Antivirus 2008, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Rising Antivirus "NtOpenProcess()" Hooked Function Denial of Service
http://secunia.com/advisories/30007/
Core Security Technologies has reported a vulnerability in Rising Antivirus, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Debian update for kronolith
http://secunia.com/advisories/29945/
Debian has issued an update for kronolith. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Sophos Anti-Virus "NtCreateKey()" Hooked Function Denial of Service
http://secunia.com/advisories/29996/
Core Security Technologies has reported a vulnerability in Sophos Anti-Virus, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
miniBB "whatus" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30004/
IRCRASH has discovered a vulnerability in miniBB, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
miniBB Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/29997/
__GiReX__ has reported some vulnerabilities in miniBB, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
ZoneMinder Unspecified Code Execution Vulnerabilities
http://secunia.com/advisories/29995/
Some vulnerabilities have been reported in ZoneMinder, which potentially can be exploited by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
XOOPS Various Bluemoon inc. Modules Cross-Site Scripting
http://secunia.com/advisories/29993/
Some vulnerabilities have been reported in various Bluemoon inc. modules for XOOPS, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
F5 FirePass 4100 SSL VPN installControl.php3 Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29931/
Alberto Cuesta Partida has reported a vulnerability in F5 FirePass 4100 SSL VPN, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
VicFTPS LIST Command Processing Denial of Service
http://secunia.com/advisories/29943/
Neelima Premsankar has discovered a vulnerability in VicFTPS, which can be exploited by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
Acritum Femitter Server FTP Server Denial of Service
http://secunia.com/advisories/29967/
Neelima Premsankar has discovered a vulnerability in Acritum Femitter Server, which can be exploited by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
MegaBBS SQL Injection and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29979/
AmnPardaz Security Research Team have reported some vulnerabilities in MegaBBS, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 29 Apr 08
WordPress PHP Code Execution and Cross-Site Scripting
http://secunia.com/advisories/29965/
Two vulnerabilities have been reported in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
Sun Solaris Apache Modules Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29988/
Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
E-Post Mail Server POP3 Password Disclosure Vulnerability
http://secunia.com/advisories/29990/
Tan Chew Keong has reported a vulnerability in E-Post Mail Server, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
Sun StarOffice/StarSuite Multiple Vulnerabilities
http://secunia.com/advisories/29987/
Sun has acknowledged some vulnerabilities in Sun StarOffice and StarSuite, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
KDE KHTML PNG Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/29980/
A vulnerability has been reported in KDE, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
Lhaplus ZOO Archive Processing Buffer Overflow
http://secunia.com/advisories/29972/
Fourteenforty Research has reported a vulnerability in Lhaplus, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
Kantaris Multiple Vulnerabilities
http://secunia.com/advisories/29974/
Some vulnerabilities have been reported in Kantaris, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
SUSE Update for Multiple Packages
http://secunia.com/advisories/29957/
SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, malicious users to cause a DoS (Denial of Service), and malicious people to bypass certain security restrictions, disclose potentially sensitive information, cause a DoS, and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
Gentoo update for comix
http://secunia.com/advisories/29956/
Gentoo has issued an update for comix. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), and by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
rPath update for idle and python
http://secunia.com/advisories/29955/
rPath has issued an update for idle and python. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service), or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
SUSE update for IBM Java
http://secunia.com/advisories/29897/
SUSE has issued an update for IBM Java. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), bypass certain security restrictions, manipulate data, disclose sensitive information, or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
Debian update for phpgedview
http://secunia.com/advisories/29954/
Debian has issued an update for phpgedview. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 28 Apr 08
KDE start_kdeinit Privilege Escalation Vulnerability
http://secunia.com/advisories/29951/
A vulnerability has been reported in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 26 Apr 08
Debian update for perl
http://secunia.com/advisories/29948/
Debian has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 26 Apr 08
LightNEasy Multiple Vulnerabilities
http://secunia.com/advisories/29833/
Some vulnerabilities have been reported in LightNEasy, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, disclose sensitive information, manipulate data, or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 26 Apr 08
RedDot CMS "LngId" SQL Injection Vulnerability
http://secunia.com/advisories/29843/
Mark Crowther and Rodrigo Marcos have reported a vulnerability in RedDot CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 26 Apr 08
WordPress "cat" Directory Traversal Vulnerability
http://secunia.com/advisories/29949/
Sandor Attila Gerendi has discovered a vulnerability in WordPress, which can potentially be exploited by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 26 Apr 08
Trillian Display Name Processing Memory Corruption
http://secunia.com/advisories/29952/
Juan Pablo Lopez Yacubian has discovered a vulnerability in Trillian, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 26 Apr 08
WordPress Spreadsheet Plugin "ss_id" SQL Injection Vulnerability
http://secunia.com/advisories/29938/
1ten0.0net1 has reported a vulnerability in the WordPress Spreadsheet Plugin (wpSS), which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
Debian update for phpmyadmin
http://secunia.com/advisories/29964/
Debian has issued an update for phpmyadmin.This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks, and by malicious users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
Gentoo update for jrockit-jdk-bin
http://secunia.com/advisories/29925/
Gentoo has issued an update for jrockit-jdk-bin. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
SUSE update for clamav
http://secunia.com/advisories/29891/
SUSE has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, to cause a DoS (Denial of Service), or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
Debian update for xulrunner
http://secunia.com/advisories/29947/
Debian has issued an update for xulrunner. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
Gentoo update for silc
http://secunia.com/advisories/29946/
Gentoo has issued an update for silc. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
HP Software Update HPeDiag ActiveX Control Vulnerabilities
http://secunia.com/advisories/29966/
Some vulnerabilities have been reported in HP Software Update, which can be exploited by malicious people to disclose certain information or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
Advanced Electron Forum "beg" Cross-Site Scripting
http://secunia.com/advisories/29923/
ZoRLu has discovered a vulnerability in Advanced Electron Forum (AEF), which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
CA Secure Content Manager eCSqdmn Denial of Service Vulnerabilities
http://secunia.com/advisories/29895/
Luigi Auriemma has reported two vulnerabilities in CA Secure Content Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
CA ARCserve Backup Discovery Service Denial of Service
http://secunia.com/advisories/29855/
Luigi Auriemma has reported a vulnerability in CA ARCserve Backup, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
Safari Address Bar URL Spoofing Security Issue
http://secunia.com/advisories/29900/
Juan Pablo Lopez Yacubian has discovered a security issue in Safari, which can be exploited by malicious people to display a fake URL in the address bar.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
Drupal Internationalization and Localizer Cross-Site Scripting and Request Forgery
http://secunia.com/advisories/29961/
Some vulnerabilities have been reported in the Internationalization and Localizer modules for Drupal, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
Drupal Ubercart Module Script Insertion Vulnerability
http://secunia.com/advisories/29950/
A vulnerability has been reported in the Ubercart module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 25 Apr 08
Drupal E-Publish Module Cross-Site Scripting and Request Forgery
http://secunia.com/advisories/29960/
Some vulnerabilities have been reported in the E-Publish module for Drupal, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 24 Apr 08
E-RESERV "ID_loc" SQL Injection
http://secunia.com/advisories/29914/
JIKI Team has reported a vulnerability in E-RESERV, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 24 Apr 08
Debian update for iceweasel
http://secunia.com/advisories/29911/
Debian has issued an update for iceweasel. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 24 Apr 08
Gentoo update for vlc
http://secunia.com/advisories/29800/
Gentoo has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 24 Apr 08
Gentoo update for openfire
http://secunia.com/advisories/29901/
Gentoo has issued an update for openfire. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 24 Apr 08
Flip4Mac WMV Processing Unspecified Vulnerability
http://secunia.com/advisories/29922/
A vulnerability has been reported in Flip4Mac, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 24 Apr 08
Kronolith "addevent.php" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29920/
Aria-Security Team has discovered a vulnerability in Kronolith, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 24 Apr 08
Realtek HD Audio Codec Driver Vulnerabilities
http://secunia.com/advisories/29953/
Ruben Santamarta has reported some vulnerabilities in Realtek HD Audio Codec drivers, which can be exploited by malicious, local users to disclose certain information, manipulate certain data, or gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 24 Apr 08
Sony Mylo COM-2 SSL Certificate Validation Security Issue
http://secunia.com/advisories/29928/
A security issue has been reported in Sony Mylo COM-2, which can be exploited by malicious people to conduct spoofing attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 24 Apr 08
TorrentFlux Cross-Site Request Forgery and PHP Code Execution
http://secunia.com/advisories/29935/
Rook Security has reported some vulnerabilities in TorrentFlux, which can be exploited by malicious people to conduct cross-site request forgery attacks and by malicious people or users to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 24 Apr 08
Web Calendar Pro "user_id" SQL Injection
http://secunia.com/advisories/29933/
t0pP8uZz has reported a vulnerability in Web Calendar Pro, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
phpMyAdmin Shared Host Information Disclosure
http://secunia.com/advisories/29944/
A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Ubuntu update for firefox
http://secunia.com/advisories/29912/
Ubuntu has issued an update for firefox. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Ubuntu update for gnumeric
http://secunia.com/advisories/29896/
Ubuntu has issued an update for gnumeric. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Foxit Reader PDF XObject Processing Memory Corruption
http://secunia.com/advisories/29934/
Javier Vicente Vallejo has discovered a vulnerability in Foxit Reader, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Magnolia Enterprise Edition Sitedesigner "query" Cross-Site Scripting
http://secunia.com/advisories/29918/
Russ McRee has reported a vulnerability in Magnolia Enterprise Edition, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Avaya CMS Solaris Self Encapsulated IP Packets Vulnerability
http://secunia.com/advisories/29817/
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Serendipity Top Referrers Plugin Script Insertion Vulnerability
http://secunia.com/advisories/29942/
Hanno Böck has reported a vulnerability in Serendipity, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Akiva WebBoard Script Insertion Vulnerability
http://secunia.com/advisories/29091/
Joren McReynolds has discovered some vulnerabilities in Akiva WebBoard, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Fedora update for WebKit
http://secunia.com/advisories/29924/
Fedora has issued an update for WebKit. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Fedora update for firefox
http://secunia.com/advisories/29906/
Fedora has issued an update for firefox. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Sun Solaris MySQL Multiple Vulnerabilities
http://secunia.com/advisories/29847/
Sun has acknowledged some vulnerabilities in the MySQL package bundled with Solaris, which can be exploited by malicious people to disclose potentially sensitive information, and by malicious users to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Debian update for roundup
http://secunia.com/advisories/29848/
Debian has issued an update for roundup. This fixes some vulnerabilities, which have unknown impacts.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Fedora update for openoffice.org
http://secunia.com/advisories/29913/
Fedora has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Fedora update for mt-daapd
http://secunia.com/advisories/29917/
Fedora has issued an update for mt-daapd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Fedora update for seamonkey
http://secunia.com/advisories/29908/
Fedora has issued an update for seamonkey. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Asterisk IAX2 Handshake Denial of Service
http://secunia.com/advisories/29927/
A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
grsecurity RBAC User Transition Security Issue
http://secunia.com/advisories/29899/
A security issue has been reported in grsecurity, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
KwsPHP "action" Local File Inclusion and Code Execution
http://secunia.com/advisories/29802/
TsukasaGenesis and Ajax have reported a vulnerability in KwsPHP, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Acidcat CMS Multiple Vulnerabilities
http://secunia.com/advisories/29916/
AmnPardaz Security Research Team have reported some vulnerabilities and a security issue in Acidcat CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, or to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
ContRay "search.cgi" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29888/
Russ McRee has reported a vulnerability in ContRay, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
BlogWorx "view.asp" SQL Injection Vulnerability
http://secunia.com/advisories/29879/
U238 has discovered a vulnerability in BlogWorx, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
Adobe Products BMP Handling Buffer Overflow Vulnerability
http://secunia.com/advisories/29838/
A vulnerability has been reported in multiple Adobe products, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
SIPp "get_remote_video_port_media()" Buffer Overflow Vulnerability
http://secunia.com/advisories/29890/
A vulnerability has been reported in SIPp, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
EncapsGallery Cross-Site Scripting and File Upload
http://secunia.com/advisories/29824/
Thomas Pollet has discovered a vulnerability and a security issue in EncapsGallery, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 23 Apr 08
TR News SQL Injection and File Upload Vulnerabilities
http://secunia.com/advisories/29814/
His0k4 has discovered two vulnerabilities in TR News, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
Slackware update for xine-lib
http://secunia.com/advisories/29898/
Slackware has issued an update for xine-lib. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
NetBSD update for OpenSSH
http://secunia.com/advisories/29939/
NetBSD has issued an update for OpenSSH. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions and to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
NetBSD update for bzip2
http://secunia.com/advisories/29940/
NetBSD has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
Fedora update for fedora-ds-admin
http://secunia.com/advisories/29826/
Fedora has issued an update for fedora-ds-admin. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
Gentoo update for dbmail
http://secunia.com/advisories/29937/
Gentoo has issued an update for dbmail. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
PHP-Fusion "submit_info[]" SQL Injection Vulnerability
http://secunia.com/advisories/29930/
The:Paradox has discovered a vulnerability in PHP-Fusion, which can be exploited by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
Blender "imb_loadhdr()" Buffer Overflow Vulnerability
http://secunia.com/advisories/29818/
Secunia Research has discovered a vulnerability in Blender, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
DBMail Empty LDAP Passwords Authentication Bypass
http://secunia.com/advisories/29903/
A vulnerability has been reported in DBMail, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
phShoutBox "phadmin" Security Bypass Vulnerability
http://secunia.com/advisories/29892/
t0pP8uZz has discovered a vulnerability in phShoutBox, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
5th Avenue "category_ID" SQL Injection Vulnerability
http://secunia.com/advisories/29887/
Aria-Security Team have discovered a vulnerability in 5th Avenue, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
Apartment Search Script "r" SQL Injection Vulnerability
http://secunia.com/advisories/29929/
Crackers_Child has reported a vulnerability in Apartment Search Script, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
Acon Multiple Buffer Overflow Vulnerabilities
http://secunia.com/advisories/29909/
Some vulnerabilities have been reported in Acon, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
MoinMoin Security Bypass Vulnerabilities
http://secunia.com/advisories/29894/
Some vulnerabilities have been reported in MoinMoin, which can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
Firefly Media Server "Content-Length" Buffer Overflow
http://secunia.com/advisories/29919/
A vulnerability has been reported in Firefly Media Server, which can be exploited by malicious people to cause a DoS or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
swfdec Untrusted Sandboxes Local File Disclosure Vulnerability
http://secunia.com/advisories/29915/
A vulnerability has been reported in swfdec, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
ICQ Personal Status Processing Buffer Overflow
http://secunia.com/advisories/29821/
Leon Juranic has reported a vulnerability in ICQ, which can be exploited by malicious people to compromise another user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
Linksys SPA2102 Phone Adapter Denial of Service
http://secunia.com/advisories/29523/
sipher has reported a vulnerability in Linksys SPA2102 Phone Adapter, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
SubEdit Player Subtitle File Processing Buffer Overflow
http://secunia.com/advisories/29904/
grzdyl has discovered a vulnerability in SubEdit Player, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
Debian update for mplayer
http://secunia.com/advisories/29921/
Debian has issued an update for mplayer. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
Debian update for ikiwiki
http://secunia.com/advisories/29932/
Debian has issued an update for ikiwiki. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 22 Apr 08
ikiwiki Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/29907/
Some vulnerabilities have been reported in ikiwiki, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
GNU Emacs vcdiff Insecure Temporary Files
http://secunia.com/advisories/29905/
Some security issues have been reported in GNU Emacs, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
XEmacs vcdiff Insecure Temporary Files
http://secunia.com/advisories/29926/
Some security issues have been reported in XEmacs, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
Debian update for python
http://secunia.com/advisories/29889/
Debian has issued an update for python. This fixes some security issues, which can potentially be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
Gentoo update for netscape-flash
http://secunia.com/advisories/29865/
Gentoo has issued an update for netscape-flash. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
Gentoo update for pdns-recursor
http://secunia.com/advisories/29830/
Gentoo has issued an update for pdns-recursor. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
Slackware update for mozilla-firefox
http://secunia.com/advisories/29883/
Slackware has issued an update for mozilla-firefox. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
muCommander "credentials.xml" Information Disclosure
http://secunia.com/advisories/29893/
A security issue has been reported in muCommander, which can be exploited by malicious, local users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
Gentoo update for cups
http://secunia.com/advisories/29902/
Gentoo has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
SUSE update for OpenOffice_org
http://secunia.com/advisories/29910/
SUSE has issued an update for OpenOffice_org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
Gentoo update for sun-jdk, sun-jre-bin, and emul-linux-x86-java
http://secunia.com/advisories/29858/
Gentoo has issued an update for sun-jdk, sun-jre-bin, and emul-linux-x86-java. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 21 Apr 08
Gentoo update for poppler
http://secunia.com/advisories/29853/
Gentoo has issued an update for poppler. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 19 Apr 08
Exponent CMS User Registration Script Insertion
http://secunia.com/advisories/29875/
Some vulnerabilities have been discovered in Exponent CMS, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 19 Apr 08
Red Hat update for ImageMagick
http://secunia.com/advisories/29786/
Red Hat has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 19 Apr 08
VLC Speex Header Processing Vulnerability
http://secunia.com/advisories/29878/
A vulnerability has been reported in VLC, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 19 Apr 08
Red Hat update for ImageMagick
http://secunia.com/advisories/29857/
Red Hat has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 19 Apr 08
vorbis-tools Speex Header Processing Vulnerability
http://secunia.com/advisories/29882/
A vulnerability has been reported in vorbis-tools, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 19 Apr 08
e107 Chat Module "e107path" File Inclusion
http://secunia.com/advisories/29870/
by_casper41 has discovered a vulnerability in the Chat module for e107 (e107 Chat Module For 123 Flash Chat Server), which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 19 Apr 08
Debian update for suphp
http://secunia.com/advisories/29872/
Debian has issued an update for suphp. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 19 Apr 08
Debian update for clamav
http://secunia.com/advisories/29886/
Debian has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 19 Apr 08
SDL_sound Speex Header Processing Vulnerability
http://secunia.com/advisories/29880/
A vulnerability has been reported in SDL_sound, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Sweep Speex Header Processing Vulnerability
http://secunia.com/advisories/29881/
A vulnerability has been reported in Sweep, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Gentoo update for speex
http://secunia.com/advisories/29866/
Gentoo has issued an update for speex. This fixes a security issue, which can potentially be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Red Hat update for kdegraphics
http://secunia.com/advisories/29834/
Red Hat has issued an update for kdegraphics. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Red Hat update for xpdf
http://secunia.com/advisories/29868/
Red Hat has issued an update for xpdf. This fixes a vulnerability, which can potentially be exploited to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Debian update for xpdf
http://secunia.com/advisories/29885/
Debian has issued an update for xpdf. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Ubuntu update for KOffice
http://secunia.com/advisories/29851/
Ubuntu has issued an update for KOffice. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Ubuntu update for poppler
http://secunia.com/advisories/29884/
Ubuntu has issued an update for poppler. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Red Hat update for poppler
http://secunia.com/advisories/29869/
Red Hat has issued an update for poppler. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Poppler Embedded Fonts Processing Vulnerability
http://secunia.com/advisories/29836/
A vulnerability has been reported in Poppler, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Xpdf Embedded Fonts Processing Vulnerability
http://secunia.com/advisories/29816/
A vulnerability has been reported in Xpdf, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Red Hat update for openoffice.org
http://secunia.com/advisories/29871/
Red Hat has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Red Hat update for openoffice.org
http://secunia.com/advisories/29844/
Red Hat has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Microsoft Windows Privilege Escalation Vulnerability
http://secunia.com/advisories/29867/
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
FreeBSD update for OpenSSH
http://secunia.com/advisories/29873/
FreeBSD has issued an update for OpenSSH. This fixes a vulnerability, which can be exploited by malicious, local users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
HP Oracle for OpenView Multiple Vulnerabilities
http://secunia.com/advisories/29874/
HP has acknowledged some vulnerabilities in HP OfO (Oracle for Openview). Some vulnerabilities have unknown impacts while others can be exploited by malicious users to bypass certain security restrictions, conduct SQL injection attacks, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
EsContacts "msg" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29877/
Some vulnerabilities have been discovered in EsContacts, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
SunShop Shopping Cart "adminindex.php" SQL Injection
http://secunia.com/advisories/29811/
mrzayas.es has reported two vulnerabilities in SunShop Shopping Cart, which can be exploited by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
BusinessObjects XI "cms" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29804/
Sebastien gioria has reported a vulnerability in BusinessObjects XI, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Carbon Communities Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/29827/
AmnPardaz Security Research Team have reported a vulnerability in Carbon Communities, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Debian update for openoffice.org
http://secunia.com/advisories/29864/
Debian has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Gentoo update for rsync
http://secunia.com/advisories/29861/
Gentoo has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Koobi "poll_id" SQL Injection Vulnerability
http://secunia.com/advisories/29789/
S@BUN has reported a vulnerability in Koobi, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Fedora update for gallery2
http://secunia.com/advisories/29839/
Fedora has issued an update for gallery2. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
Kolab Server ClamAV Multiple Vulnerabilities
http://secunia.com/advisories/29863/
Some vulnerabilities have been reported in Kolab Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 18 Apr 08
OpenOffice Multiple Vulnerabilities
http://secunia.com/advisories/29852/
Some vulnerabilities have been reported in OpenOffice, which can be exploited by malicious people to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Fedora update for nagios / nagios-plugins
http://secunia.com/advisories/29862/
Fedora has issued an update for nagios and nagios-plugins. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Safari Multiple Vulnerabilities
http://secunia.com/advisories/29846/
Some vulnerabilities have been reported in Safari, which can be exploited by malicious people to conduct cross-site scripting attacks or potentially to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Red Hat update for seamonkey
http://secunia.com/advisories/29828/
Red Hat has issued an update for seamonkey. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Mozilla Firefox Javascript Garbage Collector Vulnerability
http://secunia.com/advisories/29787/
A vulnerability has been reported in Mozilla Firefox, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Red Hat update for firefox
http://secunia.com/advisories/29793/
Red Hat has issued an update for firefox. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
AutoTutorials "id" SQL Injection Vulnerability
http://secunia.com/advisories/29840/
cO2 has discovered a vulnerability in AutoTutorials, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Mozilla SeaMonkey Javascript Garbage Collector Vulnerability
http://secunia.com/advisories/29860/
A vulnerability has been reported in Mozilla SeaMonkey, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
BEA JRockit Multiple Vulnerabilities
http://secunia.com/advisories/29841/
Some vulnerabilities have been reported in BEA JRockit, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Fedora update for rsync
http://secunia.com/advisories/29856/
Fedora has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
xine-lib NSF Demuxer Buffer Overflow Vulnerability
http://secunia.com/advisories/29850/
Guido Landi has discovered a vulnerability in xine-lib, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Cisco Network Admission Control Information Disclosure Security Issue
http://secunia.com/advisories/29822/
A security issue has been reported in Cisco Network Admission Control (NAC), which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
HP OpenView Network Node Manager Multiple Vulnerabilities
http://secunia.com/advisories/29849/
HP has acknowledged some vulnerabilities in OpenView Network Node Manager, which can be exploited by malicious people to conduct cross-site scripting attacks, cause a DoS (Denial of Service), or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
eGroupWare File Upload Vulnerability
http://secunia.com/advisories/29790/
A vulnerability has been reported in eGroupWare, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
CA Products DSM gui_cm_ctrls ActiveX Control Code Execution
http://secunia.com/advisories/29837/
A vulnerability has been reported in various CA products, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Oracle Products Multiple Vulnerabilities
http://secunia.com/advisories/29829/
Multiple vulnerabilities have been reported for various Oracle products. Some vulnerabilities have unknown impacts while others can be exploited by malicious users to bypass certain security restrictions, conduct SQL injection attacks, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Ruby WEBrick Information Disclosure
http://secunia.com/advisories/29794/
Luigi Auriemma has reported a vulnerability in Ruby, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
DotClear "ecrire/images.php" File Upload Vulnerability
http://secunia.com/advisories/29819/
Morgan ARMAND has discovered a vulnerability in DotClear, which can be exploited by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Cecilia "/tmp/csvers" Insecure Temporary File Handling
http://secunia.com/advisories/29832/
Felipe Sateler has discovered a security issue in Cecilia, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
DivX Player Subtitle Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/29780/
securfrog has discovered a vulnerability in DivX Player, which can potentially be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
IBM DB2 db2dasrrm File Creation and Privilege Escalation Vulnerabilities
http://secunia.com/advisories/29784/
Two vulnerabilities have been reported in IBM DB2, which can be exploited by malicious, local users to perform certain actions with escalated privileges or gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Lasernet CMS "new" SQL Injection Vulnerability
http://secunia.com/advisories/29734/
cO2 has discovered a vulnerability in Lasernet CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
BigAnt Messenger AntServer Module HTTP Request Buffer Overflow
http://secunia.com/advisories/29831/
Matteo Memelli has discovered a vulnerability in BigAnt Messenger, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
VMware ESX Server Multiple Security Updates
http://secunia.com/advisories/29785/
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
Red Hat update for redhat-ds-admin
http://secunia.com/advisories/29761/
Red Hat has issued an update for redhat-ds-admin. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 17 Apr 08
OSI Affiliate "login.php" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29779/
José Luís Zayas has reported some vulnerabilities in OSI Affiliate, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
WORK system e-commerce main.php Cross-Site Scripting
http://secunia.com/advisories/29823/
Russ McRee has discovered some vulnerabilities in WORK system e-commerce, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
BosClassifieds Classified Ads System "cat" SQL Injection
http://secunia.com/advisories/29799/
SoSo H H has reported a vulnerability in BosClassifieds Classified Ads System, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
CUPS PNG Filter Integer Overflow Vulnerability
http://secunia.com/advisories/29809/
Thomas Pollet has reported a vulnerability in CUPS, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
Gentoo update for asterisk
http://secunia.com/advisories/29782/
Gentoo has issued an update for asterisk. This fixes a security issue and some vulnerabilities, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
xine-lib Speex Header Processing Vulnerability
http://secunia.com/advisories/29672/
A vulnerability has been reported in xine-lib, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
Ubuntu update for squid
http://secunia.com/advisories/29813/
Ubuntu has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
Gentoo update for libpng
http://secunia.com/advisories/29678/
Gentoo has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
Gentoo update for opera
http://secunia.com/advisories/29679/
Gentoo has issued an update for opera. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
Coppermine Photo Gallery "bridge/coppermine.inc.php" SQL Injection
http://secunia.com/advisories/29741/
A vulnerability has been reported in Coppermine Photo Gallery, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
cpCommerce Multiple Vulnerabilities
http://secunia.com/advisories/29807/
AmnPardaz Security Research Team have discovered some vulnerabilities in cpCommerce, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
1024 CMS SQL Injection and File Inclusion
http://secunia.com/advisories/29810/
__GiReX__ has discovered some vulnerabilities in 1024 CMS, which can be exploited by malicious people to conduct SQL injection attacks or to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 15 Apr 08
phpkb Knowledge Base "ID" SQL Injection Vulnerability
http://secunia.com/advisories/29791/
parad0x has reported a vulnerability in phpkb Knowledge Base, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
NewsOffice "newsoffice_directory" File Inclusion Vulnerability
http://secunia.com/advisories/29797/
RoMaNcYxHaCkEr has discovered a vulnerability in NewsOffice, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
Coppermine Photo Gallery "upload.php" SQL Injection
http://secunia.com/advisories/29795/
A vulnerability has been discovered in Coppermine Photo Gallery, which can be exploited by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
Nero MediaHome Denial of Service Vulnerability
http://secunia.com/advisories/29808/
Luigi Auriemma has discovered a vulnerability in Nero MediaHome, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
HP OpenView Network Node Manager Multiple Vulnerabilities
http://secunia.com/advisories/29796/
Some vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to disclose certain information or cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
OmniPCX Office Information Disclosure Vulnerability
http://secunia.com/advisories/29798/
A vulnerability has been reported in OmniPCX Office, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
libpng Unknown Chunk Processing Uninitialized Memory Access
http://secunia.com/advisories/29792/
Tavis Ormandy has reported a vulnerability in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
Novell eDirectory "Connection" HTTP Header Processing Denial of Service
http://secunia.com/advisories/29805/
A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
CcMail "this_cookie" Security Bypass Vulnerability
http://secunia.com/advisories/29812/
t0pP8uZz has discovered a vulnerability in CcMail, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
MirBSD Korn Shell TTY Attachment Privilege Escalation
http://secunia.com/advisories/29803/
A vulnerability has been reported in MirBSD Korn Shell, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
ClamAV Upack Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/29000/
Secunia Research has discovered a vulnerability in ClamAV, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
SUSE update for openssh and opera
http://secunia.com/advisories/29735/
SUSE has issued an update for openssh and opera. This fixes some vulnerabilities and a weakness, which can be exploited by malicious, local users to disclose potentially sensitive information and bypass certain security restrictions, and potentially by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
IBM HTTP Server mod_imap and mod_status Cross-Site Scripting
http://secunia.com/advisories/29806/
IBM has acknowledged some vulnerabilities in IBM HTTP Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
Mandriva update for rsync
http://secunia.com/advisories/29770/
Mandriva has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
Gentoo update for policyd-weight
http://secunia.com/advisories/29738/
Gentoo has issued an update for policyd-weight. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
KwsPHP JeuxFlash Module "cat" SQL Injection
http://secunia.com/advisories/29625/
HouSSamix has reported a vulnerability in the JeuxFlash module for KwsPHP, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
cwRsync "xattr" Integer Overflow Vulnerability
http://secunia.com/advisories/29788/
A vulnerability has been reported in cwRsync, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
SUSE update for flash-player
http://secunia.com/advisories/29763/
SUSE has issued an update for flash-player. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 14 Apr 08
Gentoo update for gnome-screensaver
http://secunia.com/advisories/29759/
Gentoo has issued an update for gnome-screensaver. This fixes a security issue, which can be exploited by malicious people with physical access to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
KwsPHP ConcoursPhoto Module "C_ID" SQL Injection
http://secunia.com/advisories/29664/
Stack-Terrorist has reported a vulnerability in the ConcoursPhoto module for KwsPHP, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Nortel Networks Communication Server Multiple Vulnerabilities
http://secunia.com/advisories/29747/
Some security issues and vulnerabilities have been reported in Nortel Communication Server, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
LiveCart "id" SQL Injection Vulnerability
http://secunia.com/advisories/29765/
irvian has discovered a vulnerability in LiveCart, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
ezRADIUS Information Disclosure Security Issue
http://secunia.com/advisories/29769/
A security issue has been reported in ezRADIUS, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Symantec Altiris Deployment Solution AClient Password Disclosure
http://secunia.com/advisories/29771/
A security issue has been reported in Symantec Altiris Deployment Solution, which can be exploited by malicious, local users to disclose sensitive information and potentially gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Sun Solaris Floating Point Context Switch Vulnerability
http://secunia.com/advisories/29728/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to manipulate certain data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Sun Solaris Quagga Multiple Denial of Service Vulnerabilities
http://secunia.com/advisories/29743/
Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Sun Solaris Trusted Extensions Network Labeling Security Bypass
http://secunia.com/advisories/29730/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
LightNEasy Administrator Password Hash Disclosure
http://secunia.com/advisories/29757/
__GiReX__ has reported a security issue in LightNEasy, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Sun Solaris Self Encapsulated IP Packets Denial of Service
http://secunia.com/advisories/29783/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Parallels Power Panel Cross-Site Request Forgeries
http://secunia.com/advisories/29675/
poplix has reported some vulnerabilities in Parallels VZPP, which can be exploited by malicious people to conduct cross-site request forgery attacks and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Debian update for rsync
http://secunia.com/advisories/29777/
Debian has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
rsync "xattr" Integer Overflow Vulnerability
http://secunia.com/advisories/29668/
A vulnerability has been reported in rsync, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Ubuntu update for rsync
http://secunia.com/advisories/29781/
Ubuntu has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
EMC DiskXtender Multiple Vulnerabilities
http://secunia.com/advisories/29778/
Some vulnerabilities have been reported in EMC DiskXtender, which can be exploited by malicious people to bypass certain security restrictions or by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Ksemail "language" Local File Inclusion Vulnerability
http://secunia.com/advisories/29776/
dun has reported a vulnerability in Ksemail, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Sun Grid Engine Qmaster Daemon Denial of Service
http://secunia.com/advisories/29753/
A vulnerability has been reported in Sun Grid Engine, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Debian update for gnumeric
http://secunia.com/advisories/29702/
Debian has issued an update for gnumeric. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Gentoo update for tomcat
http://secunia.com/advisories/29711/
Gentoo has issued an update for tomcat. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, by malicious users to disclose potentially sensitive information, and by malicious people to manipulate certain data or to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Gentoo update for am-utils
http://secunia.com/advisories/29694/
Gentoo has issued an update for am-utils. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 11 Apr 08
Gentoo update for lighttpd
http://secunia.com/advisories/29636/
Gentoo has issued an update for lighttpd. This fixes a security issue and a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Drupal Simple Access Module Security Bypass
http://secunia.com/advisories/29772/
A security issue has been reported in the Simple Access module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Openfire Unspecified Denial of Service
http://secunia.com/advisories/29751/
A vulnerability has been reported in Openfire, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
iScripts SocialWare SQL Injection and File Upload Vulnerabilities
http://secunia.com/advisories/29725/
t0pP8uZz has reported two vulnerabilities in iScripts SocialWare, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
CDNetworks Nefficient Download NeffyLauncher ActiveX Control Directory Traversal
http://secunia.com/advisories/29692/
Simon Ryeo has reported a vulnerability in CDNetworks Nefficient Download, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Tumbleweed SecureTransport FileTransfer ActiveX Control "TransferFile()" Buffer Overflow
http://secunia.com/advisories/29717/
Patrick Webster has reported a vulnerability in Tumbleweed SecureTransport, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
KnowledgeQuest SQL Injection and Security Bypass
http://secunia.com/advisories/29716/
Some vulnerabilities have been discovered in KnowledgeQuest, which can be exploited by malicious people to conduct SQL injection attacks or to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
TIBCO Enterprise Message Service Buffer Overflow Vulnerabilities
http://secunia.com/advisories/29775/
Some vulnerabilities have been reported in TIBCO products, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
TIBCO Rendezvous Multiple Buffer Overflow Vulnerabilities
http://secunia.com/advisories/29774/
Some vulnerabilities have been reported in multiple TIBCO products, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Gallery Script Lite "path" Information Disclosure Vulnerability
http://secunia.com/advisories/29746/
jiko has discovered a vulnerability in Gallery Script Lite, which can be exploited by malicious people to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Debian update for pdns-recursor
http://secunia.com/advisories/29764/
Debian has issued an update for pdns-recursor. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Debian update for libcairo
http://secunia.com/advisories/29767/
Debian has issued an update for libcairo. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Ubuntu update for ghostscript
http://secunia.com/advisories/29768/
Ubuntu has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Drupal Menu System Security Bypass Vulnerabilities
http://secunia.com/advisories/29762/
Some vulnerabilities have been reported in Drupal, which can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
IBiz E-Banking Integrator ActiveX Control "WriteOFXDataFile()" Insecure Method
http://secunia.com/advisories/29758/
shinnai has discovered a vulnerability in IBiz E-Banking Integrator, which can be exploited by malicious people to overwrite arbitrary files.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Debian update for vlc
http://secunia.com/advisories/29766/
Debian has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Prozilla Reviews "DeleteUser.php" Security Bypass
http://secunia.com/advisories/29722/
t0pP8uZz has reported a vulnerability in Prozilla Reviews, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 10 Apr 08
Gentoo update for pecl-apc
http://secunia.com/advisories/29745/
Gentoo has issued an update for pecl-apc. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions and potentially by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 9 Apr 08
HP OpenView Network Node Manager ovspmd.exe Buffer Overflow
http://secunia.com/advisories/29713/
Luigi Auriemma has discovered a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 9 Apr 08
ExBB Italia "modules/threadstop/threadstop.php" File Inclusion
http://secunia.com/advisories/29739/
The:Paradox has discovered some vulnerabilities in ExBB Italia, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 9 Apr 08
Fedora update for PolicyKit
http://secunia.com/advisories/29755/
Fedora has issued an update for PolicyKit. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 9 Apr 08
Fedora update for pdns-recursor
http://secunia.com/advisories/29737/
Fedora has issued an update for pdns-recursor. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
Be sure to check if your system is missing securi