Software and Script Bug Exploits
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Wed, 30 Apr 08
FluentCMS "sid" SQL Injection Vulnerability
http://secunia.com/advisories/29970/
cO2 has reported a vulnerability in FluentCMS, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 30 Apr 08
Fedora update for poppler
http://secunia.com/advisories/30033/
Fedora has issued an update for poppler. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Wed, 30 Apr 08
Fedora update for squid
http://secunia.com/advisories/30032/
Fedora has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 30 Apr 08
rPath update for libpng
http://secunia.com/advisories/29992/
rPath has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
Wed, 30 Apr 08
PeerCast "HTTP::getAuthUserPass()" Buffer Overflow Vulnerability
http://secunia.com/advisories/29962/
Nico Golde has reported a vulnerability in PeerCast, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Wed, 30 Apr 08
Fedora update for perl-Imager
http://secunia.com/advisories/30030/
Fedora has issued an update for perl-Imager. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
Wed, 30 Apr 08
Motorola Surfboard Cable Modem Web Interface Cross-Site Request Forgery
http://secunia.com/advisories/30026/
Rook Security has reported a vulnerability in Motorola Surfboard Cable Modem, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Wed, 30 Apr 08
Fedora update for dbmail
http://secunia.com/advisories/29984/
Fedora has issued an update for dbmail. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Wed, 30 Apr 08
Fedora update for moin
http://secunia.com/advisories/30031/
Fedora has issued an update for moin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
Wed, 30 Apr 08
Fedora update for lighttpd
http://secunia.com/advisories/30023/
Fedora has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 30 Apr 08
Fedora update for asterisk
http://secunia.com/advisories/30010/
Fedora has issued an update for asterisk. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 30 Apr 08
IBM Lotus Expeditor Client for Desktop "cai" URI Handler Code Execution
http://secunia.com/advisories/29958/
Thomas Pollet has reported a vulnerability in IBM Lotus Expeditor, which can be exploited by malicious people to compromise a user's system.
Wed, 30 Apr 08
Fedora update for perl
http://secunia.com/advisories/30025/
Fedora has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
Wed, 30 Apr 08
Fedora update for KDE4
http://secunia.com/advisories/30001/
Fedora has issued an update for KDE4. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Wed, 30 Apr 08
Fedora update for xine-lib
http://secunia.com/advisories/30021/
Fedora has issued an update for xine-lib. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Wed, 30 Apr 08
Fedora update for wordpress
http://secunia.com/advisories/29994/
Fedora has issued an update for wordpress. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and to compromise a vulnerable system.
Wed, 30 Apr 08
HP-UX WBEM Services OpenPegasus PAM Module Buffer Overflows
http://secunia.com/advisories/29986/
HP has acknowledged some vulnerabilities in HP-UX, which can potentially be exploited by malicious people to compromise a vulnerable system.
Wed, 30 Apr 08
Fedora update for clamav
http://secunia.com/advisories/29975/
Fedora has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), or to compromise a vulnerable system.
Wed, 30 Apr 08
Softbiz Web Host Directory Script "host_id" SQL Injection
http://secunia.com/advisories/29983/
M.Hasran Addahroni has reported a vulnerability in Softbiz Web Host Directory Script, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 30 Apr 08
Fedora update for util-linux-ng
http://secunia.com/advisories/29982/
Fedora has issued an update for util-linux-ng. This fixes a weakness, which can be exploited by malicious people to manipulate certain data.
Tue, 29 Apr 08
Prozilla Hosting Index "cat_id" SQL Injection Vulnerability
http://secunia.com/advisories/29936/
M.Hasran Addahroni has reported a vulnerability in Prozilla Hosting Index, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 29 Apr 08
Gentoo update for kde
http://secunia.com/advisories/29977/
Gentoo has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges.
Tue, 29 Apr 08
Slackware update for libpng
http://secunia.com/advisories/30009/
Slackware has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
Tue, 29 Apr 08
util-linux-ng "login" Audit Log Injection Weakness
http://secunia.com/advisories/30014/
A weakness has been reported in util-linux-ng, which can be exploited by malicious people to manipulate certain data.
Tue, 29 Apr 08
Jokes Site Script "catagorie" SQL Injection Vulnerability
http://secunia.com/advisories/29981/
ProgenTR has reported a vulnerability in Jokes Site Script, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 29 Apr 08
Imager Image-Based Fill Buffer Overflow Vulnerability
http://secunia.com/advisories/30011/
A vulnerability has been reported in Imager, which potentially can be exploited by malicious people to compromise an application using the library.
Tue, 29 Apr 08
Sugar Community Edition RSS Module Information Disclosure Vulnerability
http://secunia.com/advisories/30002/
Roberto Suggi Liverani has reported a vulnerability in Sugar Community Edition, which can be exploited by malicious users to disclose sensitive information.
Tue, 29 Apr 08
PhpGedView Unspecified Vulnerability
http://secunia.com/advisories/29989/
A vulnerability has been reported in PhpGedView, which can be exploited by malicious people to compromise a vulnerable system.
Tue, 29 Apr 08
Joovili "category" SQL Injection Vulnerability
http://secunia.com/advisories/29991/
HaCkeR-EgY has reported a vulnerability in Joovili, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 29 Apr 08
Debian update for ldm
http://secunia.com/advisories/29959/
Debian has issued an update for ldm. This fixes a security issue, which can be exploited by malicious people to disclose sensitive information.
Tue, 29 Apr 08
Debian update for iceape
http://secunia.com/advisories/30012/
Debian has issued an update for iceape. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Tue, 29 Apr 08
Comodo Firewall Pro Hooked Functions Denial of Service
http://secunia.com/advisories/30006/
Core Security Technologies has reported some vulnerabilities in Comodo Firewall Pro, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Tue, 29 Apr 08
BitDefender Antivirus 2008 "NtOpenProcess()" Hooked Function Denial of Service
http://secunia.com/advisories/30005/
Core Security Technologies has reported a vulnerability in BitDefender Antivirus 2008, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Tue, 29 Apr 08
Rising Antivirus "NtOpenProcess()" Hooked Function Denial of Service
http://secunia.com/advisories/30007/
Core Security Technologies has reported a vulnerability in Rising Antivirus, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Tue, 29 Apr 08
Debian update for kronolith
http://secunia.com/advisories/29945/
Debian has issued an update for kronolith. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 29 Apr 08
Sophos Anti-Virus "NtCreateKey()" Hooked Function Denial of Service
http://secunia.com/advisories/29996/
Core Security Technologies has reported a vulnerability in Sophos Anti-Virus, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Tue, 29 Apr 08
miniBB "whatus" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30004/
IRCRASH has discovered a vulnerability in miniBB, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 29 Apr 08
miniBB Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/29997/
__GiReX__ has reported some vulnerabilities in miniBB, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Tue, 29 Apr 08
ZoneMinder Unspecified Code Execution Vulnerabilities
http://secunia.com/advisories/29995/
Some vulnerabilities have been reported in ZoneMinder, which potentially can be exploited by malicious users to compromise a vulnerable system.
Tue, 29 Apr 08
XOOPS Various Bluemoon inc. Modules Cross-Site Scripting
http://secunia.com/advisories/29993/
Some vulnerabilities have been reported in various Bluemoon inc. modules for XOOPS, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 29 Apr 08
F5 FirePass 4100 SSL VPN installControl.php3 Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29931/
Alberto Cuesta Partida has reported a vulnerability in F5 FirePass 4100 SSL VPN, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 29 Apr 08
VicFTPS LIST Command Processing Denial of Service
http://secunia.com/advisories/29943/
Neelima Premsankar has discovered a vulnerability in VicFTPS, which can be exploited by malicious users to cause a DoS (Denial of Service).
Tue, 29 Apr 08
Acritum Femitter Server FTP Server Denial of Service
http://secunia.com/advisories/29967/
Neelima Premsankar has discovered a vulnerability in Acritum Femitter Server, which can be exploited by malicious users to cause a DoS (Denial of Service).
Tue, 29 Apr 08
MegaBBS SQL Injection and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29979/
AmnPardaz Security Research Team have reported some vulnerabilities in MegaBBS, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
Tue, 29 Apr 08
WordPress PHP Code Execution and Cross-Site Scripting
http://secunia.com/advisories/29965/
Two vulnerabilities have been reported in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and to compromise a vulnerable system.
Mon, 28 Apr 08
Sun Solaris Apache Modules Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29988/
Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious people to conduct cross-site scripting attacks.
Mon, 28 Apr 08
E-Post Mail Server POP3 Password Disclosure Vulnerability
http://secunia.com/advisories/29990/
Tan Chew Keong has reported a vulnerability in E-Post Mail Server, which can be exploited by malicious people to disclose sensitive information.
Mon, 28 Apr 08
Sun StarOffice/StarSuite Multiple Vulnerabilities
http://secunia.com/advisories/29987/
Sun has acknowledged some vulnerabilities in Sun StarOffice and StarSuite, which can be exploited by malicious people to compromise a user's system.
Mon, 28 Apr 08
KDE KHTML PNG Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/29980/
A vulnerability has been reported in KDE, which potentially can be exploited by malicious people to compromise a user's system.
Mon, 28 Apr 08
Lhaplus ZOO Archive Processing Buffer Overflow
http://secunia.com/advisories/29972/
Fourteenforty Research has reported a vulnerability in Lhaplus, which can be exploited by malicious people to compromise a user's system.
Mon, 28 Apr 08
Kantaris Multiple Vulnerabilities
http://secunia.com/advisories/29974/
Some vulnerabilities have been reported in Kantaris, which can be exploited by malicious people to compromise a user's system.
Mon, 28 Apr 08
SUSE Update for Multiple Packages
http://secunia.com/advisories/29957/
SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, malicious users to cause a DoS (Denial of Service), and malicious people to bypass certain security restrictions, disclose potentially sensitive information, cause a DoS, and compromise a vulnerable system.
Mon, 28 Apr 08
Gentoo update for comix
http://secunia.com/advisories/29956/
Gentoo has issued an update for comix. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), and by malicious people to compromise a user's system.
Mon, 28 Apr 08
rPath update for idle and python
http://secunia.com/advisories/29955/
rPath has issued an update for idle and python. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service), or to compromise a vulnerable system.
Mon, 28 Apr 08
SUSE update for IBM Java
http://secunia.com/advisories/29897/
SUSE has issued an update for IBM Java. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), bypass certain security restrictions, manipulate data, disclose sensitive information, or compromise a vulnerable system.
Mon, 28 Apr 08
Debian update for phpgedview
http://secunia.com/advisories/29954/
Debian has issued an update for phpgedview. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
Mon, 28 Apr 08
KDE start_kdeinit Privilege Escalation Vulnerability
http://secunia.com/advisories/29951/
A vulnerability has been reported in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges.
Sat, 26 Apr 08
Debian update for perl
http://secunia.com/advisories/29948/
Debian has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
Sat, 26 Apr 08
LightNEasy Multiple Vulnerabilities
http://secunia.com/advisories/29833/
Some vulnerabilities have been reported in LightNEasy, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, disclose sensitive information, manipulate data, or to compromise a vulnerable system.
Sat, 26 Apr 08
RedDot CMS "LngId" SQL Injection Vulnerability
http://secunia.com/advisories/29843/
Mark Crowther and Rodrigo Marcos have reported a vulnerability in RedDot CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Sat, 26 Apr 08
WordPress "cat" Directory Traversal Vulnerability
http://secunia.com/advisories/29949/
Sandor Attila Gerendi has discovered a vulnerability in WordPress, which can potentially be exploited by malicious users to compromise a vulnerable system.
Sat, 26 Apr 08
Trillian Display Name Processing Memory Corruption
http://secunia.com/advisories/29952/
Juan Pablo Lopez Yacubian has discovered a vulnerability in Trillian, which potentially can be exploited by malicious people to compromise a user's system.
Sat, 26 Apr 08
WordPress Spreadsheet Plugin "ss_id" SQL Injection Vulnerability
http://secunia.com/advisories/29938/
1ten0.0net1 has reported a vulnerability in the WordPress Spreadsheet Plugin (wpSS), which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 25 Apr 08
Debian update for phpmyadmin
http://secunia.com/advisories/29964/
Debian has issued an update for phpmyadmin.This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks, and by malicious users to disclose sensitive information.
Fri, 25 Apr 08
Gentoo update for jrockit-jdk-bin
http://secunia.com/advisories/29925/
Gentoo has issued an update for jrockit-jdk-bin. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Fri, 25 Apr 08
SUSE update for clamav
http://secunia.com/advisories/29891/
SUSE has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, to cause a DoS (Denial of Service), or to compromise a vulnerable system.
Fri, 25 Apr 08
Debian update for xulrunner
http://secunia.com/advisories/29947/
Debian has issued an update for xulrunner. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Fri, 25 Apr 08
Gentoo update for silc
http://secunia.com/advisories/29946/
Gentoo has issued an update for silc. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Fri, 25 Apr 08
HP Software Update HPeDiag ActiveX Control Vulnerabilities
http://secunia.com/advisories/29966/
Some vulnerabilities have been reported in HP Software Update, which can be exploited by malicious people to disclose certain information or compromise a vulnerable system.
Fri, 25 Apr 08
Advanced Electron Forum "beg" Cross-Site Scripting
http://secunia.com/advisories/29923/
ZoRLu has discovered a vulnerability in Advanced Electron Forum (AEF), which can be exploited by malicious people to conduct cross-site scripting attacks.
Fri, 25 Apr 08
CA Secure Content Manager eCSqdmn Denial of Service Vulnerabilities
http://secunia.com/advisories/29895/
Luigi Auriemma has reported two vulnerabilities in CA Secure Content Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 25 Apr 08
CA ARCserve Backup Discovery Service Denial of Service
http://secunia.com/advisories/29855/
Luigi Auriemma has reported a vulnerability in CA ARCserve Backup, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 25 Apr 08
Safari Address Bar URL Spoofing Security Issue
http://secunia.com/advisories/29900/
Juan Pablo Lopez Yacubian has discovered a security issue in Safari, which can be exploited by malicious people to display a fake URL in the address bar.
Fri, 25 Apr 08
Drupal Internationalization and Localizer Cross-Site Scripting and Request Forgery
http://secunia.com/advisories/29961/
Some vulnerabilities have been reported in the Internationalization and Localizer modules for Drupal, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
Fri, 25 Apr 08
Drupal Ubercart Module Script Insertion Vulnerability
http://secunia.com/advisories/29950/
A vulnerability has been reported in the Ubercart module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
Fri, 25 Apr 08
Drupal E-Publish Module Cross-Site Scripting and Request Forgery
http://secunia.com/advisories/29960/
Some vulnerabilities have been reported in the E-Publish module for Drupal, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
Thu, 24 Apr 08
E-RESERV "ID_loc" SQL Injection
http://secunia.com/advisories/29914/
JIKI Team has reported a vulnerability in E-RESERV, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 24 Apr 08
Debian update for iceweasel
http://secunia.com/advisories/29911/
Debian has issued an update for iceweasel. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Thu, 24 Apr 08
Gentoo update for vlc
http://secunia.com/advisories/29800/
Gentoo has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Thu, 24 Apr 08
Gentoo update for openfire
http://secunia.com/advisories/29901/
Gentoo has issued an update for openfire. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 24 Apr 08
Flip4Mac WMV Processing Unspecified Vulnerability
http://secunia.com/advisories/29922/
A vulnerability has been reported in Flip4Mac, which can potentially be exploited by malicious people to compromise a user's system.
Thu, 24 Apr 08
Kronolith "addevent.php" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29920/
Aria-Security Team has discovered a vulnerability in Kronolith, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 24 Apr 08
Realtek HD Audio Codec Driver Vulnerabilities
http://secunia.com/advisories/29953/
Ruben Santamarta has reported some vulnerabilities in Realtek HD Audio Codec drivers, which can be exploited by malicious, local users to disclose certain information, manipulate certain data, or gain escalated privileges.
Thu, 24 Apr 08
Sony Mylo COM-2 SSL Certificate Validation Security Issue
http://secunia.com/advisories/29928/
A security issue has been reported in Sony Mylo COM-2, which can be exploited by malicious people to conduct spoofing attacks.
Thu, 24 Apr 08
TorrentFlux Cross-Site Request Forgery and PHP Code Execution
http://secunia.com/advisories/29935/
Rook Security has reported some vulnerabilities in TorrentFlux, which can be exploited by malicious people to conduct cross-site request forgery attacks and by malicious people or users to potentially compromise a vulnerable system.
Thu, 24 Apr 08
Web Calendar Pro "user_id" SQL Injection
http://secunia.com/advisories/29933/
t0pP8uZz has reported a vulnerability in Web Calendar Pro, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 23 Apr 08
phpMyAdmin Shared Host Information Disclosure
http://secunia.com/advisories/29944/
A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious users to disclose sensitive information.
Wed, 23 Apr 08
Ubuntu update for firefox
http://secunia.com/advisories/29912/
Ubuntu has issued an update for firefox. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Wed, 23 Apr 08
Ubuntu update for gnumeric
http://secunia.com/advisories/29896/
Ubuntu has issued an update for gnumeric. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Wed, 23 Apr 08
Foxit Reader PDF XObject Processing Memory Corruption
http://secunia.com/advisories/29934/
Javier Vicente Vallejo has discovered a vulnerability in Foxit Reader, which potentially can be exploited by malicious people to compromise a user's system.
Wed, 23 Apr 08
Magnolia Enterprise Edition Sitedesigner "query" Cross-Site Scripting
http://secunia.com/advisories/29918/
Russ McRee has reported a vulnerability in Magnolia Enterprise Edition, which can be exploited by malicious people to conduct cross-site scripting attacks.
Wed, 23 Apr 08
Avaya CMS Solaris Self Encapsulated IP Packets Vulnerability
http://secunia.com/advisories/29817/
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 23 Apr 08
Serendipity Top Referrers Plugin Script Insertion Vulnerability
http://secunia.com/advisories/29942/
Hanno Böck has reported a vulnerability in Serendipity, which can be exploited by malicious people to conduct script insertion attacks.
Wed, 23 Apr 08
Akiva WebBoard Script Insertion Vulnerability
http://secunia.com/advisories/29091/
Joren McReynolds has discovered some vulnerabilities in Akiva WebBoard, which can be exploited by malicious users to conduct script insertion attacks.
Wed, 23 Apr 08
Fedora update for WebKit
http://secunia.com/advisories/29924/
Fedora has issued an update for WebKit. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise an application using the library.
Wed, 23 Apr 08
Fedora update for firefox
http://secunia.com/advisories/29906/
Fedora has issued an update for firefox. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Wed, 23 Apr 08
Sun Solaris MySQL Multiple Vulnerabilities
http://secunia.com/advisories/29847/
Sun has acknowledged some vulnerabilities in the MySQL package bundled with Solaris, which can be exploited by malicious people to disclose potentially sensitive information, and by malicious users to potentially compromise a vulnerable system.
Wed, 23 Apr 08
Debian update for roundup
http://secunia.com/advisories/29848/
Debian has issued an update for roundup. This fixes some vulnerabilities, which have unknown impacts.
Wed, 23 Apr 08
Fedora update for openoffice.org
http://secunia.com/advisories/29913/
Fedora has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
Wed, 23 Apr 08
Fedora update for mt-daapd
http://secunia.com/advisories/29917/
Fedora has issued an update for mt-daapd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS or to potentially compromise a vulnerable system.
Wed, 23 Apr 08
Fedora update for seamonkey
http://secunia.com/advisories/29908/
Fedora has issued an update for seamonkey. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Wed, 23 Apr 08
Asterisk IAX2 Handshake Denial of Service
http://secunia.com/advisories/29927/
A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 23 Apr 08
grsecurity RBAC User Transition Security Issue
http://secunia.com/advisories/29899/
A security issue has been reported in grsecurity, which can be exploited by malicious, local users to bypass certain security restrictions.
Wed, 23 Apr 08
KwsPHP "action" Local File Inclusion and Code Execution
http://secunia.com/advisories/29802/
TsukasaGenesis and Ajax have reported a vulnerability in KwsPHP, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to disclose sensitive information.
Wed, 23 Apr 08
Acidcat CMS Multiple Vulnerabilities
http://secunia.com/advisories/29916/
AmnPardaz Security Research Team have reported some vulnerabilities and a security issue in Acidcat CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, or to bypass certain security restrictions.
Wed, 23 Apr 08
ContRay "search.cgi" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29888/
Russ McRee has reported a vulnerability in ContRay, which can be exploited by malicious people to conduct cross-site scripting attacks.
Wed, 23 Apr 08
BlogWorx "view.asp" SQL Injection Vulnerability
http://secunia.com/advisories/29879/
U238 has discovered a vulnerability in BlogWorx, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 23 Apr 08
Adobe Products BMP Handling Buffer Overflow Vulnerability
http://secunia.com/advisories/29838/
A vulnerability has been reported in multiple Adobe products, which potentially can be exploited by malicious people to compromise a user's system.
Wed, 23 Apr 08
SIPp "get_remote_video_port_media()" Buffer Overflow Vulnerability
http://secunia.com/advisories/29890/
A vulnerability has been reported in SIPp, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Wed, 23 Apr 08
EncapsGallery Cross-Site Scripting and File Upload
http://secunia.com/advisories/29824/
Thomas Pollet has discovered a vulnerability and a security issue in EncapsGallery, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to compromise a vulnerable system.
Wed, 23 Apr 08
TR News SQL Injection and File Upload Vulnerabilities
http://secunia.com/advisories/29814/
His0k4 has discovered two vulnerabilities in TR News, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to conduct SQL injection attacks.
Tue, 22 Apr 08
Slackware update for xine-lib
http://secunia.com/advisories/29898/
Slackware has issued an update for xine-lib. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
Tue, 22 Apr 08
NetBSD update for OpenSSH
http://secunia.com/advisories/29939/
NetBSD has issued an update for OpenSSH. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions and to disclose sensitive information.
Tue, 22 Apr 08
NetBSD update for bzip2
http://secunia.com/advisories/29940/
NetBSD has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Tue, 22 Apr 08
Fedora update for fedora-ds-admin
http://secunia.com/advisories/29826/
Fedora has issued an update for fedora-ds-admin. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions.
Tue, 22 Apr 08
Gentoo update for dbmail
http://secunia.com/advisories/29937/
Gentoo has issued an update for dbmail. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Tue, 22 Apr 08
PHP-Fusion "submit_info[]" SQL Injection Vulnerability
http://secunia.com/advisories/29930/
The:Paradox has discovered a vulnerability in PHP-Fusion, which can be exploited by malicious users to conduct SQL injection attacks.
Tue, 22 Apr 08
Blender "imb_loadhdr()" Buffer Overflow Vulnerability
http://secunia.com/advisories/29818/
Secunia Research has discovered a vulnerability in Blender, which can be exploited by malicious people to compromise a vulnerable system.
Tue, 22 Apr 08
DBMail Empty LDAP Passwords Authentication Bypass
http://secunia.com/advisories/29903/
A vulnerability has been reported in DBMail, which can be exploited by malicious people to bypass certain security restrictions.
Tue, 22 Apr 08
phShoutBox "phadmin" Security Bypass Vulnerability
http://secunia.com/advisories/29892/
t0pP8uZz has discovered a vulnerability in phShoutBox, which can be exploited by malicious people to bypass certain security restrictions.
Tue, 22 Apr 08
5th Avenue "category_ID" SQL Injection Vulnerability
http://secunia.com/advisories/29887/
Aria-Security Team have discovered a vulnerability in 5th Avenue, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 22 Apr 08
Apartment Search Script "r" SQL Injection Vulnerability
http://secunia.com/advisories/29929/
Crackers_Child has reported a vulnerability in Apartment Search Script, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 22 Apr 08
Acon Multiple Buffer Overflow Vulnerabilities
http://secunia.com/advisories/29909/
Some vulnerabilities have been reported in Acon, which can be exploited by malicious, local users to gain escalated privileges.
Tue, 22 Apr 08
MoinMoin Security Bypass Vulnerabilities
http://secunia.com/advisories/29894/
Some vulnerabilities have been reported in MoinMoin, which can be exploited by malicious users to bypass certain security restrictions.
Tue, 22 Apr 08
Firefly Media Server "Content-Length" Buffer Overflow
http://secunia.com/advisories/29919/
A vulnerability has been reported in Firefly Media Server, which can be exploited by malicious people to cause a DoS or to potentially compromise a vulnerable system.
Tue, 22 Apr 08
swfdec Untrusted Sandboxes Local File Disclosure Vulnerability
http://secunia.com/advisories/29915/
A vulnerability has been reported in swfdec, which can be exploited by malicious people to disclose sensitive information.
Tue, 22 Apr 08
ICQ Personal Status Processing Buffer Overflow
http://secunia.com/advisories/29821/
Leon Juranic has reported a vulnerability in ICQ, which can be exploited by malicious people to compromise another user's system.
Tue, 22 Apr 08
Linksys SPA2102 Phone Adapter Denial of Service
http://secunia.com/advisories/29523/
sipher has reported a vulnerability in Linksys SPA2102 Phone Adapter, which can be exploited by malicious people to cause a DoS (Denial of Service).
Tue, 22 Apr 08
SubEdit Player Subtitle File Processing Buffer Overflow
http://secunia.com/advisories/29904/
grzdyl has discovered a vulnerability in SubEdit Player, which can be exploited by malicious people to compromise a vulnerable system.
Tue, 22 Apr 08
Debian update for mplayer
http://secunia.com/advisories/29921/
Debian has issued an update for mplayer. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Tue, 22 Apr 08
Debian update for ikiwiki
http://secunia.com/advisories/29932/
Debian has issued an update for ikiwiki. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Tue, 22 Apr 08
ikiwiki Cross-Site Request Forgery Vulnerabilities
http://secunia.com/advisories/29907/
Some vulnerabilities have been reported in ikiwiki, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Mon, 21 Apr 08
GNU Emacs vcdiff Insecure Temporary Files
http://secunia.com/advisories/29905/
Some security issues have been reported in GNU Emacs, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Mon, 21 Apr 08
XEmacs vcdiff Insecure Temporary Files
http://secunia.com/advisories/29926/
Some security issues have been reported in XEmacs, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Mon, 21 Apr 08
Debian update for python
http://secunia.com/advisories/29889/
Debian has issued an update for python. This fixes some security issues, which can potentially be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Mon, 21 Apr 08
Gentoo update for netscape-flash
http://secunia.com/advisories/29865/
Gentoo has issued an update for netscape-flash. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user's system.
Mon, 21 Apr 08
Gentoo update for pdns-recursor
http://secunia.com/advisories/29830/
Gentoo has issued an update for pdns-recursor. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
Mon, 21 Apr 08
Slackware update for mozilla-firefox
http://secunia.com/advisories/29883/
Slackware has issued an update for mozilla-firefox. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Mon, 21 Apr 08
muCommander "credentials.xml" Information Disclosure
http://secunia.com/advisories/29893/
A security issue has been reported in muCommander, which can be exploited by malicious, local users to disclose sensitive information.
Mon, 21 Apr 08
Gentoo update for cups
http://secunia.com/advisories/29902/
Gentoo has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Mon, 21 Apr 08
SUSE update for OpenOffice_org
http://secunia.com/advisories/29910/
SUSE has issued an update for OpenOffice_org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
Mon, 21 Apr 08
Gentoo update for sun-jdk, sun-jre-bin, and emul-linux-x86-java
http://secunia.com/advisories/29858/
Gentoo has issued an update for sun-jdk, sun-jre-bin, and emul-linux-x86-java. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Mon, 21 Apr 08
Gentoo update for poppler
http://secunia.com/advisories/29853/
Gentoo has issued an update for poppler. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Sat, 19 Apr 08
Exponent CMS User Registration Script Insertion
http://secunia.com/advisories/29875/
Some vulnerabilities have been discovered in Exponent CMS, which can be exploited by malicious people to conduct script insertion attacks.
Sat, 19 Apr 08
Red Hat update for ImageMagick
http://secunia.com/advisories/29786/
Red Hat has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Sat, 19 Apr 08
VLC Speex Header Processing Vulnerability
http://secunia.com/advisories/29878/
A vulnerability has been reported in VLC, which can potentially be exploited by malicious people to compromise a user's system.
Sat, 19 Apr 08
Red Hat update for ImageMagick
http://secunia.com/advisories/29857/
Red Hat has issued an update for ImageMagick. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
Sat, 19 Apr 08
vorbis-tools Speex Header Processing Vulnerability
http://secunia.com/advisories/29882/
A vulnerability has been reported in vorbis-tools, which can potentially be exploited by malicious people to compromise a user's system.
Sat, 19 Apr 08
e107 Chat Module "e107path" File Inclusion
http://secunia.com/advisories/29870/
by_casper41 has discovered a vulnerability in the Chat module for e107 (e107 Chat Module For 123 Flash Chat Server), which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Sat, 19 Apr 08
Debian update for suphp
http://secunia.com/advisories/29872/
Debian has issued an update for suphp. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
Sat, 19 Apr 08
Debian update for clamav
http://secunia.com/advisories/29886/
Debian has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Sat, 19 Apr 08
SDL_sound Speex Header Processing Vulnerability
http://secunia.com/advisories/29880/
A vulnerability has been reported in SDL_sound, which can potentially be exploited by malicious people to compromise a vulnerable system.
Fri, 18 Apr 08
Sweep Speex Header Processing Vulnerability
http://secunia.com/advisories/29881/
A vulnerability has been reported in Sweep, which can potentially be exploited by malicious people to compromise a user's system.
Fri, 18 Apr 08
Gentoo update for speex
http://secunia.com/advisories/29866/
Gentoo has issued an update for speex. This fixes a security issue, which can potentially be exploited by malicious people to compromise an application using the library.
Fri, 18 Apr 08
Red Hat update for kdegraphics
http://secunia.com/advisories/29834/
Red Hat has issued an update for kdegraphics. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Fri, 18 Apr 08
Red Hat update for xpdf
http://secunia.com/advisories/29868/
Red Hat has issued an update for xpdf. This fixes a vulnerability, which can potentially be exploited to compromise a user's system.
Fri, 18 Apr 08
Debian update for xpdf
http://secunia.com/advisories/29885/
Debian has issued an update for xpdf. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Fri, 18 Apr 08
Ubuntu update for KOffice
http://secunia.com/advisories/29851/
Ubuntu has issued an update for KOffice. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Fri, 18 Apr 08
Ubuntu update for poppler
http://secunia.com/advisories/29884/
Ubuntu has issued an update for poppler. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Fri, 18 Apr 08
Red Hat update for poppler
http://secunia.com/advisories/29869/
Red Hat has issued an update for poppler. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Fri, 18 Apr 08
Poppler Embedded Fonts Processing Vulnerability
http://secunia.com/advisories/29836/
A vulnerability has been reported in Poppler, which can potentially be exploited by malicious people to compromise a vulnerable system.
Fri, 18 Apr 08
Xpdf Embedded Fonts Processing Vulnerability
http://secunia.com/advisories/29816/
A vulnerability has been reported in Xpdf, which can potentially be exploited by malicious people to compromise a user's system.
Fri, 18 Apr 08
Red Hat update for openoffice.org
http://secunia.com/advisories/29871/
Red Hat has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
Fri, 18 Apr 08
Red Hat update for openoffice.org
http://secunia.com/advisories/29844/
Red Hat has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
Fri, 18 Apr 08
Microsoft Windows Privilege Escalation Vulnerability
http://secunia.com/advisories/29867/
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system.
Fri, 18 Apr 08
FreeBSD update for OpenSSH
http://secunia.com/advisories/29873/
FreeBSD has issued an update for OpenSSH. This fixes a vulnerability, which can be exploited by malicious, local users to disclose sensitive information.
Fri, 18 Apr 08
HP Oracle for OpenView Multiple Vulnerabilities
http://secunia.com/advisories/29874/
HP has acknowledged some vulnerabilities in HP OfO (Oracle for Openview). Some vulnerabilities have unknown impacts while others can be exploited by malicious users to bypass certain security restrictions, conduct SQL injection attacks, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Fri, 18 Apr 08
EsContacts "msg" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29877/
Some vulnerabilities have been discovered in EsContacts, which can be exploited by malicious people to conduct cross-site scripting attacks.
Fri, 18 Apr 08
SunShop Shopping Cart "adminindex.php" SQL Injection
http://secunia.com/advisories/29811/
mrzayas.es has reported two vulnerabilities in SunShop Shopping Cart, which can be exploited by malicious users to conduct SQL injection attacks.
Fri, 18 Apr 08
BusinessObjects XI "cms" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/29804/
Sebastien gioria has reported a vulnerability in BusinessObjects XI, which can be exploited by malicious people to conduct cross-site scripting attacks.
Fri, 18 Apr 08
Carbon Communities Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/29827/
AmnPardaz Security Research Team have reported a vulnerability in Carbon Communities, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Fri, 18 Apr 08
Debian update for openoffice.org
http://secunia.com/advisories/29864/
Debian has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
Fri, 18 Apr 08
Gentoo update for rsync
http://secunia.com/advisories/29861/
Gentoo has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Fri, 18 Apr 08
Koobi "poll_id" SQL Injection Vulnerability
http://secunia.com/advisories/29789/
S@BUN has reported a vulnerability in Koobi, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 18 Apr 08
Fedora update for gallery2
http://secunia.com/advisories/29839/
Fedora has issued an update for gallery2. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Fri, 18 Apr 08
Kolab Server ClamAV Multiple Vulnerabilities
http://secunia.com/advisories/29863/
Some vulnerabilities have been reported in Kolab Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Fri, 18 Apr 08
OpenOffice Multiple Vulnerabilities
http://secunia.com/advisories/29852/
Some vulnerabilities have been reported in OpenOffice, which can be exploited by malicious people to potentially compromise a user's system.
Thu, 17 Apr 08
Fedora update for nagios / nagios-plugins
http://secunia.com/advisories/29862/
Fedora has issued an update for nagios and nagios-plugins. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Thu, 17 Apr 08
Safari Multiple Vulnerabilities
http://secunia.com/advisories/29846/
Some vulnerabilities have been reported in Safari, which can be exploited by malicious people to conduct cross-site scripting attacks or potentially to compromise a user's system.
Thu, 17 Apr 08
Red Hat update for seamonkey
http://secunia.com/advisories/29828/
Red Hat has issued an update for seamonkey. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Thu, 17 Apr 08
Mozilla Firefox Javascript Garbage Collector Vulnerability
http://secunia.com/advisories/29787/
A vulnerability has been reported in Mozilla Firefox, which can potentially be exploited by malicious people to compromise a user's system.
Thu, 17 Apr 08
Red Hat update for firefox
http://secunia.com/advisories/29793/
Red Hat has issued an update for firefox. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Thu, 17 Apr 08
AutoTutorials "id" SQL Injection Vulnerability
http://secunia.com/advisories/29840/
cO2 has discovered a vulnerability in AutoTutorials, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 17 Apr 08
Mozilla SeaMonkey Javascript Garbage Collector Vulnerability
http://secunia.com/advisories/29860/
A vulnerability has been reported in Mozilla SeaMonkey, which can potentially be exploited by malicious people to compromise a user's system.
Thu, 17 Apr 08
BEA JRockit Multiple Vulnerabilities
http://secunia.com/advisories/29841/
Some vulnerabilities have been reported in BEA JRockit, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.
Thu, 17 Apr 08
Fedora update for rsync
http://secunia.com/advisories/29856/
Fedora has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Thu, 17 Apr 08
xine-lib NSF Demuxer Buffer Overflow Vulnerability
http://secunia.com/advisories/29850/
Guido Landi has discovered a vulnerability in xine-lib, which can be exploited by malicious people to compromise a user's system.
Thu, 17 Apr 08
Cisco Network Admission Control Information Disclosure Security Issue
http://secunia.com/advisories/29822/
A security issue has been reported in Cisco Network Admission Control (NAC), which can be exploited by malicious people to disclose sensitive information.
Thu, 17 Apr 08
HP OpenView Network Node Manager Multiple Vulnerabilities
http://secunia.com/advisories/29849/
HP has acknowledged some vulnerabilities in OpenView Network Node Manager, which can be exploited by malicious people to conduct cross-site scripting attacks, cause a DoS (Denial of Service), or compromise a vulnerable system.
Thu, 17 Apr 08
eGroupWare File Upload Vulnerability
http://secunia.com/advisories/29790/
A vulnerability has been reported in eGroupWare, which can be exploited by malicious people to compromise a vulnerable system.
Thu, 17 Apr 08
CA Products DSM gui_cm_ctrls ActiveX Control Code Execution
http://secunia.com/advisories/29837/
A vulnerability has been reported in various CA products, which can be exploited by malicious people to compromise a vulnerable system.
Thu, 17 Apr 08
Oracle Products Multiple Vulnerabilities
http://secunia.com/advisories/29829/
Multiple vulnerabilities have been reported for various Oracle products. Some vulnerabilities have unknown impacts while others can be exploited by malicious users to bypass certain security restrictions, conduct SQL injection attacks, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Thu, 17 Apr 08
Ruby WEBrick Information Disclosure
http://secunia.com/advisories/29794/
Luigi Auriemma has reported a vulnerability in Ruby, which can be exploited by malicious people to disclose sensitive information.
Thu, 17 Apr 08
DotClear "ecrire/images.php" File Upload Vulnerability
http://secunia.com/advisories/29819/
Morgan ARMAND has discovered a vulnerability in DotClear, which can be exploited by malicious users to compromise a vulnerable system.
Thu, 17 Apr 08
Cecilia "/tmp/csvers" Insecure Temporary File Handling
http://secunia.com/advisories/29832/
Felipe Sateler has discovered a security issue in Cecilia, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Thu, 17 Apr 08
DivX Player Subtitle Parsing Buffer Overflow Vulnerability
http://secunia.com/advisories/29780/
securfrog has discovered a vulnerability in DivX Player, which can potentially be exploited by malicious people to compromise a user's system.
Thu, 17 Apr 08
IBM DB2 db2dasrrm File Creation and Privilege Escalation Vulnerabilities
http://secunia.com/advisories/29784/
Two vulnerabilities have been reported in IBM DB2, which can be exploited by malicious, local users to perform certain actions with escalated privileges or gain escalated privileges.
Thu, 17 Apr 08
Lasernet CMS "new" SQL Injection Vulnerability
http://secunia.com/advisories/29734/
cO2 has discovered a vulnerability in Lasernet CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 17 Apr 08
BigAnt Messenger AntServer Module HTTP Request Buffer Overflow
http://secunia.com/advisories/29831/
Matteo Memelli has discovered a vulnerability in BigAnt Messenger, which can be exploited by malicious people to compromise a vulnerable system.
Thu, 17 Apr 08
VMware ESX Server Multiple Security Updates
http://secunia.com/advisories/29785/
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise a vulnerable system.
Thu, 17 Apr 08
Red Hat update for redhat-ds-admin
http://secunia.com/advisories/29761/
Red Hat has issued an update for redhat-ds-admin. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions.
Thu, 17 Apr 08
OSI Affiliate "login.php" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29779/
José Luís Zayas has reported some vulnerabilities in OSI Affiliate, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 15 Apr 08
WORK system e-commerce main.php Cross-Site Scripting
http://secunia.com/advisories/29823/
Russ McRee has discovered some vulnerabilities in WORK system e-commerce, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 15 Apr 08
BosClassifieds Classified Ads System "cat" SQL Injection
http://secunia.com/advisories/29799/
SoSo H H has reported a vulnerability in BosClassifieds Classified Ads System, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 15 Apr 08
CUPS PNG Filter Integer Overflow Vulnerability
http://secunia.com/advisories/29809/
Thomas Pollet has reported a vulnerability in CUPS, which potentially can be exploited by malicious people to compromise a vulnerable system.
Tue, 15 Apr 08
Gentoo update for asterisk
http://secunia.com/advisories/29782/
Gentoo has issued an update for asterisk. This fixes a security issue and some vulnerabilities, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to bypass certain security restrictions.
Tue, 15 Apr 08
xine-lib Speex Header Processing Vulnerability
http://secunia.com/advisories/29672/
A vulnerability has been reported in xine-lib, which can potentially be exploited by malicious people to compromise a vulnerable system.
Tue, 15 Apr 08
Ubuntu update for squid
http://secunia.com/advisories/29813/
Ubuntu has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Tue, 15 Apr 08
Gentoo update for libpng
http://secunia.com/advisories/29678/
Gentoo has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
Tue, 15 Apr 08
Gentoo update for opera
http://secunia.com/advisories/29679/
Gentoo has issued an update for opera. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
Tue, 15 Apr 08
Coppermine Photo Gallery "bridge/coppermine.inc.php" SQL Injection
http://secunia.com/advisories/29741/
A vulnerability has been reported in Coppermine Photo Gallery, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 15 Apr 08
cpCommerce Multiple Vulnerabilities
http://secunia.com/advisories/29807/
AmnPardaz Security Research Team have discovered some vulnerabilities in cpCommerce, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and to disclose sensitive information.
Tue, 15 Apr 08
1024 CMS SQL Injection and File Inclusion
http://secunia.com/advisories/29810/
__GiReX__ has discovered some vulnerabilities in 1024 CMS, which can be exploited by malicious people to conduct SQL injection attacks or to disclose sensitive information.
Tue, 15 Apr 08
phpkb Knowledge Base "ID" SQL Injection Vulnerability
http://secunia.com/advisories/29791/
parad0x has reported a vulnerability in phpkb Knowledge Base, which can be exploited by malicious people to conduct SQL injection attacks.
Mon, 14 Apr 08
NewsOffice "newsoffice_directory" File Inclusion Vulnerability
http://secunia.com/advisories/29797/
RoMaNcYxHaCkEr has discovered a vulnerability in NewsOffice, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Mon, 14 Apr 08
Coppermine Photo Gallery "upload.php" SQL Injection
http://secunia.com/advisories/29795/
A vulnerability has been discovered in Coppermine Photo Gallery, which can be exploited by malicious users to conduct SQL injection attacks.
Mon, 14 Apr 08
Nero MediaHome Denial of Service Vulnerability
http://secunia.com/advisories/29808/
Luigi Auriemma has discovered a vulnerability in Nero MediaHome, which can be exploited by malicious people to cause a DoS (Denial of Service).
Mon, 14 Apr 08
HP OpenView Network Node Manager Multiple Vulnerabilities
http://secunia.com/advisories/29796/
Some vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to disclose certain information or cause a DoS (Denial of Service).
Mon, 14 Apr 08
OmniPCX Office Information Disclosure Vulnerability
http://secunia.com/advisories/29798/
A vulnerability has been reported in OmniPCX Office, which can be exploited by malicious people to disclose sensitive information.
Mon, 14 Apr 08
libpng Unknown Chunk Processing Uninitialized Memory Access
http://secunia.com/advisories/29792/
Tavis Ormandy has reported a vulnerability in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
Mon, 14 Apr 08
Novell eDirectory "Connection" HTTP Header Processing Denial of Service
http://secunia.com/advisories/29805/
A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to cause a DoS (Denial of Service).
Mon, 14 Apr 08
CcMail "this_cookie" Security Bypass Vulnerability
http://secunia.com/advisories/29812/
t0pP8uZz has discovered a vulnerability in CcMail, which can be exploited by malicious people to bypass certain security restrictions.
Mon, 14 Apr 08
MirBSD Korn Shell TTY Attachment Privilege Escalation
http://secunia.com/advisories/29803/
A vulnerability has been reported in MirBSD Korn Shell, which can be exploited by malicious, local users to gain escalated privileges.
Mon, 14 Apr 08
ClamAV Upack Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/29000/
Secunia Research has discovered a vulnerability in ClamAV, which can be exploited by malicious people to compromise a vulnerable system.
Mon, 14 Apr 08
SUSE update for openssh and opera
http://secunia.com/advisories/29735/
SUSE has issued an update for openssh and opera. This fixes some vulnerabilities and a weakness, which can be exploited by malicious, local users to disclose potentially sensitive information and bypass certain security restrictions, and potentially by malicious people to compromise a user's system.
Mon, 14 Apr 08
IBM HTTP Server mod_imap and mod_status Cross-Site Scripting
http://secunia.com/advisories/29806/
IBM has acknowledged some vulnerabilities in IBM HTTP Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Mon, 14 Apr 08
Mandriva update for rsync
http://secunia.com/advisories/29770/
Mandriva has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Mon, 14 Apr 08
Gentoo update for policyd-weight
http://secunia.com/advisories/29738/
Gentoo has issued an update for policyd-weight. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Mon, 14 Apr 08
KwsPHP JeuxFlash Module "cat" SQL Injection
http://secunia.com/advisories/29625/
HouSSamix has reported a vulnerability in the JeuxFlash module for KwsPHP, which can be exploited by malicious people to conduct SQL injection attacks.
Mon, 14 Apr 08
cwRsync "xattr" Integer Overflow Vulnerability
http://secunia.com/advisories/29788/
A vulnerability has been reported in cwRsync, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Mon, 14 Apr 08
SUSE update for flash-player
http://secunia.com/advisories/29763/
SUSE has issued an update for flash-player. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user's system.
Mon, 14 Apr 08
Gentoo update for gnome-screensaver
http://secunia.com/advisories/29759/
Gentoo has issued an update for gnome-screensaver. This fixes a security issue, which can be exploited by malicious people with physical access to bypass certain security restrictions.
Fri, 11 Apr 08
KwsPHP ConcoursPhoto Module "C_ID" SQL Injection
http://secunia.com/advisories/29664/
Stack-Terrorist has reported a vulnerability in the ConcoursPhoto module for KwsPHP, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 11 Apr 08
Nortel Networks Communication Server Multiple Vulnerabilities
http://secunia.com/advisories/29747/
Some security issues and vulnerabilities have been reported in Nortel Communication Server, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Fri, 11 Apr 08
LiveCart "id" SQL Injection Vulnerability
http://secunia.com/advisories/29765/
irvian has discovered a vulnerability in LiveCart, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 11 Apr 08
ezRADIUS Information Disclosure Security Issue
http://secunia.com/advisories/29769/
A security issue has been reported in ezRADIUS, which can be exploited by malicious people to disclose sensitive information.
Fri, 11 Apr 08
Symantec Altiris Deployment Solution AClient Password Disclosure
http://secunia.com/advisories/29771/
A security issue has been reported in Symantec Altiris Deployment Solution, which can be exploited by malicious, local users to disclose sensitive information and potentially gain escalated privileges.
Fri, 11 Apr 08
Sun Solaris Floating Point Context Switch Vulnerability
http://secunia.com/advisories/29728/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to manipulate certain data.
Fri, 11 Apr 08
Sun Solaris Quagga Multiple Denial of Service Vulnerabilities
http://secunia.com/advisories/29743/
Sun has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service).
Fri, 11 Apr 08
Sun Solaris Trusted Extensions Network Labeling Security Bypass
http://secunia.com/advisories/29730/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to bypass certain security restrictions.
Fri, 11 Apr 08
LightNEasy Administrator Password Hash Disclosure
http://secunia.com/advisories/29757/
__GiReX__ has reported a security issue in LightNEasy, which can be exploited by malicious people to disclose sensitive information.
Fri, 11 Apr 08
Sun Solaris Self Encapsulated IP Packets Denial of Service
http://secunia.com/advisories/29783/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 11 Apr 08
Parallels Power Panel Cross-Site Request Forgeries
http://secunia.com/advisories/29675/
poplix has reported some vulnerabilities in Parallels VZPP, which can be exploited by malicious people to conduct cross-site request forgery attacks and potentially compromise a vulnerable system.
Fri, 11 Apr 08
Debian update for rsync
http://secunia.com/advisories/29777/
Debian has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Fri, 11 Apr 08
rsync "xattr" Integer Overflow Vulnerability
http://secunia.com/advisories/29668/
A vulnerability has been reported in rsync, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Fri, 11 Apr 08
Ubuntu update for rsync
http://secunia.com/advisories/29781/
Ubuntu has issued an update for rsync. This fixes a vulnerability, which can potentially be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Fri, 11 Apr 08
EMC DiskXtender Multiple Vulnerabilities
http://secunia.com/advisories/29778/
Some vulnerabilities have been reported in EMC DiskXtender, which can be exploited by malicious people to bypass certain security restrictions or by malicious users to compromise a vulnerable system.
Fri, 11 Apr 08
Ksemail "language" Local File Inclusion Vulnerability
http://secunia.com/advisories/29776/
dun has reported a vulnerability in Ksemail, which can be exploited by malicious people to disclose sensitive information.
Fri, 11 Apr 08
Sun Grid Engine Qmaster Daemon Denial of Service
http://secunia.com/advisories/29753/
A vulnerability has been reported in Sun Grid Engine, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Fri, 11 Apr 08
Debian update for gnumeric
http://secunia.com/advisories/29702/
Debian has issued an update for gnumeric. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Fri, 11 Apr 08
Gentoo update for tomcat
http://secunia.com/advisories/29711/
Gentoo has issued an update for tomcat. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, by malicious users to disclose potentially sensitive information, and by malicious people to manipulate certain data or to disclose sensitive information.
Fri, 11 Apr 08
Gentoo update for am-utils
http://secunia.com/advisories/29694/
Gentoo has issued an update for am-utils. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
Fri, 11 Apr 08
Gentoo update for lighttpd
http://secunia.com/advisories/29636/
Gentoo has issued an update for lighttpd. This fixes a security issue and a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
Thu, 10 Apr 08
Drupal Simple Access Module Security Bypass
http://secunia.com/advisories/29772/
A security issue has been reported in the Simple Access module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.
Thu, 10 Apr 08
Openfire Unspecified Denial of Service
http://secunia.com/advisories/29751/
A vulnerability has been reported in Openfire, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 10 Apr 08
iScripts SocialWare SQL Injection and File Upload Vulnerabilities
http://secunia.com/advisories/29725/
t0pP8uZz has reported two vulnerabilities in iScripts SocialWare, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to conduct SQL injection attacks.
Thu, 10 Apr 08
CDNetworks Nefficient Download NeffyLauncher ActiveX Control Directory Traversal
http://secunia.com/advisories/29692/
Simon Ryeo has reported a vulnerability in CDNetworks Nefficient Download, which can be exploited by malicious people to compromise a user's system.
Thu, 10 Apr 08
Tumbleweed SecureTransport FileTransfer ActiveX Control "TransferFile()" Buffer Overflow
http://secunia.com/advisories/29717/
Patrick Webster has reported a vulnerability in Tumbleweed SecureTransport, which can be exploited by malicious people to compromise a user's system.
Thu, 10 Apr 08
KnowledgeQuest SQL Injection and Security Bypass
http://secunia.com/advisories/29716/
Some vulnerabilities have been discovered in KnowledgeQuest, which can be exploited by malicious people to conduct SQL injection attacks or to bypass certain security restrictions.
Thu, 10 Apr 08
TIBCO Enterprise Message Service Buffer Overflow Vulnerabilities
http://secunia.com/advisories/29775/
Some vulnerabilities have been reported in TIBCO products, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Thu, 10 Apr 08
TIBCO Rendezvous Multiple Buffer Overflow Vulnerabilities
http://secunia.com/advisories/29774/
Some vulnerabilities have been reported in multiple TIBCO products, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Thu, 10 Apr 08
Gallery Script Lite "path" Information Disclosure Vulnerability
http://secunia.com/advisories/29746/
jiko has discovered a vulnerability in Gallery Script Lite, which can be exploited by malicious people to disclose potentially sensitive information.
Thu, 10 Apr 08
Debian update for pdns-recursor
http://secunia.com/advisories/29764/
Debian has issued an update for pdns-recursor. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
Thu, 10 Apr 08
Debian update for libcairo
http://secunia.com/advisories/29767/
Debian has issued an update for libcairo. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
Thu, 10 Apr 08
Ubuntu update for ghostscript
http://secunia.com/advisories/29768/
Ubuntu has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Thu, 10 Apr 08
Drupal Menu System Security Bypass Vulnerabilities
http://secunia.com/advisories/29762/
Some vulnerabilities have been reported in Drupal, which can be exploited by malicious users to bypass certain security restrictions.
Thu, 10 Apr 08
IBiz E-Banking Integrator ActiveX Control "WriteOFXDataFile()" Insecure Method
http://secunia.com/advisories/29758/
shinnai has discovered a vulnerability in IBiz E-Banking Integrator, which can be exploited by malicious people to overwrite arbitrary files.
Thu, 10 Apr 08
Debian update for vlc
http://secunia.com/advisories/29766/
Debian has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Thu, 10 Apr 08
Prozilla Reviews "DeleteUser.php" Security Bypass
http://secunia.com/advisories/29722/
t0pP8uZz has reported a vulnerability in Prozilla Reviews, which can be exploited by malicious people to bypass certain security restrictions.
Thu, 10 Apr 08
Gentoo update for pecl-apc
http://secunia.com/advisories/29745/
Gentoo has issued an update for pecl-apc. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions and potentially by malicious people to compromise a vulnerable system.
Wed, 9 Apr 08
HP OpenView Network Node Manager ovspmd.exe Buffer Overflow
http://secunia.com/advisories/29713/
Luigi Auriemma has discovered a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Wed, 9 Apr 08
ExBB Italia "modules/threadstop/threadstop.php" File Inclusion
http://secunia.com/advisories/29739/
The:Paradox has discovered some vulnerabilities in ExBB Italia, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Wed, 9 Apr 08
Fedora update for PolicyKit
http://secunia.com/advisories/29755/
Fedora has issued an update for PolicyKit. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to bypass certain security restrictions.
Wed, 9 Apr 08
Fedora update for pdns-recursor
http://secunia.com/advisories/29737/
Fedora has issued an update for pdns-recursor. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
Wed, 9 Apr 08
Fedora update for gnome-screensaver
http://secunia.com/advisories/29742/
Fedora has issued an update for gnome-screensaver. This fixes a security issue, which can be exploited by malicious people with physical access to bypass certain security restrictions.
Wed, 9 Apr 08
Red Hat update for squid
http://secunia.com/advisories/27477/
Red Hat has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 9 Apr 08
Fedora update for comix
http://secunia.com/advisories/29731/
Fedora has issued an update for comix. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Wed, 9 Apr 08
Fedora update for audit
http://secunia.com/advisories/29754/
Fedora has issued an update for audit. This fixes a vulnerability, which potentially can be exploited by malicious, local users to gain escalated privileges.
Wed, 9 Apr 08
Adobe Flash Player Multiple Vulnerabilities
http://secunia.com/advisories/28083/
Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user's system.
Wed, 9 Apr 08
Red Hat update for flash-plugin
http://secunia.com/advisories/27567/
Red Hat has issued an update for flash-plugin. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user's system.
Wed, 9 Apr 08
LokiCMS "default" PHP Code Execution Vulnerability
http://secunia.com/advisories/29749/
__GiReX__ has discovered a vulnerability in LokiCMS, which can be exploited by malicious people to compromise a vulnerable system.
Wed, 9 Apr 08
Adobe ColdFusion CFC Methods Access Security Bypass
http://secunia.com/advisories/29748/
A security issue has been reported in Adobe ColdFusion 8, which can be exploited by malicious people to bypass certain security restrictions.
Wed, 9 Apr 08
Fedora update for xine-lib
http://secunia.com/advisories/29740/
Fedora has issued an update for xine-lib. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Wed, 9 Apr 08
Fedora update for cups
http://secunia.com/advisories/29750/
Fedora has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Wed, 9 Apr 08
Fedora update for konversation
http://secunia.com/advisories/29752/
Fedora has issued an update for konversation. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Wed, 9 Apr 08
Prozilla Entertainers "cat" SQL Injection Vulnerability
http://secunia.com/advisories/29715/
t0pP8uZz and xprog have reported a vulnerability in Prozilla Entertainers, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 9 Apr 08
Prozilla Topsites Security Bypass Vulnerabilities
http://secunia.com/advisories/29689/
t0pP8uZz has reported some vulnerabilities in Prozilla Topsites, which can be exploited by malicious people to bypass certain security restrictions.
Wed, 9 Apr 08
Fedora update for xine-lib
http://secunia.com/advisories/29756/
Fedora has issued an update for xine-lib. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Wed, 9 Apr 08
Fedora update for bzip2
http://secunia.com/advisories/29698/
Fedora has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 9 Apr 08
HP Storage Essentials Software Directory Traversal Vulnerability
http://secunia.com/advisories/29726/
HP has acknowledged a vulnerability in HP Storage Essentials Software, which can be exploited by malicious users to disclose sensitive information, manipulate data, or potentially to compromise a vulnerable system.
Wed, 9 Apr 08
Prozilla Freelancers "project" SQL Injection Vulnerability
http://secunia.com/advisories/29723/
t0pP8uZz has reported a vulnerability in Prozilla Freelancers, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 9 Apr 08
Prozilla Cheats "id" SQL Injection Vulnerability
http://secunia.com/advisories/29701/
t0pP8uZz has reported a vulnerability in Prozilla Cheats, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 9 Apr 08
Avaya SIP Enablement Services Multiple Vulnerabilities
http://secunia.com/advisories/29744/
Some vulnerabilities have been reported in Avaya SIP Enablement Services, which can be exploited by malicious users and malicious people to conduct SQL injection attacks, bypass certain security restrictions, and potentially to compromise a vulnerable system.
Wed, 9 Apr 08
Fedora update for wireshark
http://secunia.com/advisories/29736/
Fedora has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 9 Apr 08
Debian update for openldap2.3
http://secunia.com/advisories/29682/
Debian has issued an update for openldap2.3. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service).
Tue, 8 Apr 08
SmarterMail Web Server Denial of Service Vulnerability
http://secunia.com/advisories/29732/
Matteo Memelli has reported a vulnerability in SmarterMail, which can be exploited by malicious people to cause a DoS (Denial of Service).
Tue, 8 Apr 08
libfishsound Speex Header Processing Vulnerability
http://secunia.com/advisories/29727/
A vulnerability has been reported in libfishsound, which can potentially be exploited by malicious people to compromise an application using the library.
Tue, 8 Apr 08
Wikepage "wiki" Information Disclosure Vulnerability
http://secunia.com/advisories/29699/
A.Nosrati has discovered a vulnerability in Wikepage, which can be exploited by malicious people to disclose sensitive information.
Tue, 8 Apr 08
WoltLab Burning Board WCF Error Printing Vulnerability
http://secunia.com/advisories/29719/
Jessica Hope has reported a vulnerability in WoltLab Burning Board, which can be exploited by malicious people to disclose potentially sensitive information or to conduct cross-site scripting attacks.
Tue, 8 Apr 08
Aztech ADSL2/2+ Shell Command Injection
http://secunia.com/advisories/29551/
sipher has reported a vulnerability in Aztech ADSL2/2+, which can be exploited by malicious people to compromise a vulnerable system.
Tue, 8 Apr 08
Interwoven WorkSite Web TransferCtrl Class ActiveX Control Double-Free Vulnerability
http://secunia.com/advisories/29733/
J Fitzpatrick has reported a vulnerability in Interwoven WorkSite, which can be exploited by malicious people to compromise a user's system.
Tue, 8 Apr 08
LinPHA "maps_type" Local File Inclusion Vulnerability
http://secunia.com/advisories/29724/
A vulnerability has been discovered in LinPHA, which can be exploited by malicious people to disclose sensitive information.
Tue, 8 Apr 08
Slackware update for m4
http://secunia.com/advisories/29729/
Slackware has issued an update for m4. This fixes a security issue and a vulnerability, which can be exploited by malicious people to manipulate certain data or to potentially compromise a user's system.
Tue, 8 Apr 08
GNU M4 Format String Vulnerability and Security Issue
http://secunia.com/advisories/29671/
A vulnerability and a security issue have been reported in GNU M4, which can be exploited by malicious people to manipulate certain data or to potentially compromise a user's system.
Tue, 8 Apr 08
IBM WebSphere Application Server serveServletsByClassnameEnabled Information Disclosure
http://secunia.com/advisories/29687/
A weakness has been reported in IBM WebSphere Application Server, which can be exploited by malicious people to disclose system information.
Tue, 8 Apr 08
Mole "viewsource.php" Information Disclosure Vulnerabilities
http://secunia.com/advisories/29685/
GoLd_M has discovered two vulnerabilities in Mole (Make Our Life Easy), which can be exploited by malicious people to disclose sensitive information.
Tue, 8 Apr 08
Slackware update for bzip2
http://secunia.com/advisories/29677/
Slackware has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Tue, 8 Apr 08
Debian update for lighttpd
http://secunia.com/advisories/29505/
Debian has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Tue, 8 Apr 08
WatchGuard Firebox Products User Enumeration Weakness
http://secunia.com/advisories/29708/
Luke Jennings has reported a weakness in some WatchGuard Firebox products, which can be exploited by malicious people to determine valid usernames.
Tue, 8 Apr 08
HP Integrity Servers iLO-2 Management Processors Denial of Service
http://secunia.com/advisories/29718/
A vulnerability has been reported in HP Integrity Servers, which can be exploited by malicious people to cause a DoS (Denial of Service).
Tue, 8 Apr 08
Blogator-script "incl_page" File Inclusion Vulnerabilities
http://secunia.com/advisories/29684/
jiko has discovered some vulnerabilities in Blogator-script, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Tue, 8 Apr 08
Links Directory "cat_id" SQL Injection Vulnerability
http://secunia.com/advisories/29710/
t0pP8uZz and xprog have reported a vulnerability in Links Directory, which can be exploited by malicious people to conduct SQL Injection attacks.
Tue, 8 Apr 08
Comdev News Publisher "arcmonth" SQL Injection
http://secunia.com/advisories/29697/
t0pP8uZz & xprog have discovered a vulnerability in Comdev News Publisher, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 8 Apr 08
Site Sift Listings "id" SQL Injection
http://secunia.com/advisories/29705/
S@BUN has reported a vulnerability in Site Sift Listings, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 8 Apr 08
PIGMy-SQL "id" SQL Injection Vulnerability
http://secunia.com/advisories/29703/
t0pP8uZz has reported a vulnerability in PIGMy-SQL, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 8 Apr 08
Software Index Script "cid" SQL Injection Vulnerability
http://secunia.com/advisories/29709/
t0pP8uZz and xprog have reported a vulnerability in Software Index Script, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 8 Apr 08
Xpoze "reed" SQL Injection Vulnerability
http://secunia.com/advisories/29700/
t0pP8uZz has reported a vulnerability in Xpoze, which can be exploited by malicious users to conduct SQL injection attacks.
Mon, 7 Apr 08
Globus Toolkit GSI-OpenSSH Information Disclosure
http://secunia.com/advisories/29721/
Globus has acknowledged a vulnerability in GSI-OpenSSH, which can be exploited by malicious, local users to disclose potentially sensitive information.
Mon, 7 Apr 08
Slackware update for openssh
http://secunia.com/advisories/29676/
Slackware has issued an update for openssh. This fixes a vulnerability, which can be exploited by malicious, local users to disclose sensitive information.
Mon, 7 Apr 08
Gentoo update for mysql
http://secunia.com/advisories/29706/
Gentoo has issued an update for mysql. This fixes a security issue and two vulnerabilities, which can be exploited by malicious users to gain escalated privileges, manipulate certain data, or to cause a DoS (Denial of Service).
Mon, 7 Apr 08
Gentoo update for nxnode and nx
http://secunia.com/advisories/29707/
Gentoo has issued an update for nxnode and nx. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Mon, 7 Apr 08
rPath update for wireshark
http://secunia.com/advisories/29695/
rPath has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Mon, 7 Apr 08
Debian update for alsaplayer
http://secunia.com/advisories/29680/
Debian has issued an update for alsaplayer. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Mon, 7 Apr 08
Debian update for mapserver
http://secunia.com/advisories/29688/
Debian has issued an update for mapserver. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or to potentially compromise a vulnerable system.
Mon, 7 Apr 08
McAfee Common Management Agent Framework Service Denial of Service
http://secunia.com/advisories/29637/
Mati Aharoni has reported a vulnerability in McAfee Common Management Agent (CMA), which can be exploited by malicious people to cause a DoS (Denial of Service).
Mon, 7 Apr 08
Gentoo update for openssh
http://secunia.com/advisories/29683/
Gentoo has issued an update for openssh. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions or to disclose sensitive information.
Mon, 7 Apr 08
SUSE update for cups
http://secunia.com/advisories/29659/
SUSE has issued an update for cups. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system.
Mon, 7 Apr 08
SUSE Updates for Multiple Packages
http://secunia.com/advisories/29622/
SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges, and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS, or potentially to compromise a vulnerable system.
http://secunia.com/software_inspector/
Mon, 7 Apr 08
SUSE update for apache and apache2
http://secunia.com/advisories/29640/
SUSE has issued an update for apache and apache2. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and malicious users to cause a DoS (Denial of Service).
Mon, 7 Apr 08
OTRS SOAP Interface Security Bypass
http://secunia.com/advisories/29585/
A vulnerability has been reported in OTRS, which can be exploited by malicious people to bypass certain security restrictions.
Mon, 7 Apr 08
Gentoo update for unzip
http://secunia.com/advisories/29681/
Gentoo has issued an update for unzip. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Mon, 7 Apr 08
PHP Photo Gallery "photo_id" SQL Injection
http://secunia.com/advisories/29667/
t0pP8uZz & xprog have reported a vulnerability in PHP Photo Gallery (Advanced Web Photo Gallery), which can be exploited by malicious people to conduct SQL injection attacks.
Mon, 7 Apr 08
cwRsync OpenSSH Security Bypass and Information Disclosure
http://secunia.com/advisories/29686/
A vulnerability and a weakness have been reported in cwRsync, which can be exploited by malicious, local users to bypass certain security restrictions or to disclose sensitive information.
Mon, 7 Apr 08
rPath update for cups
http://secunia.com/advisories/29661/
rPath has issued an update for cups. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
Mon, 7 Apr 08
rPath update for OpenSSH
http://secunia.com/advisories/29693/
rPath has issued an update for OpenSSH. This fixes a weakness, which can be exploited by malicious, local users to bypass certain security restrictions.
Mon, 7 Apr 08
CA Products Alert Notification Server Multiple Vulnerabilities
http://secunia.com/advisories/29665/
Some vulnerabilities have been reported in various CA products, which can be exploited by malicious users to cause a DoS (Denial of Service) or to compromise a vulnerable system.
Mon, 7 Apr 08
e-Classifieds Corporate Edition "db" Cross-Site Scripting
http://secunia.com/advisories/29673/
Russ McRee has reported a vulnerability in e-Classifieds, which can be exploited by malicious people to conduct cross-site scripting attacks.
Mon, 7 Apr 08
SUSE update for MozillaFirefox
http://secunia.com/advisories/29645/
SUSE has issued an update for MozillaFirefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system.
Mon, 7 Apr 08
Nuke ET "mensaje" Script Insertion Vulnerability
http://secunia.com/advisories/29651/
mrzayas.es has discovered a vulnerability in Nuke ET, which can be exploited by malicious users to conduct script insertion attacks.
Mon, 7 Apr 08
Novell Kerberos KDC Multiple Vulnerabilities
http://secunia.com/advisories/29663/
Novell has acknowledged some vulnerabilities in Novell Kerberos KDC, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Mon, 7 Apr 08
Cisco Unified Communications Disaster Recovery Framework Command Execution
http://secunia.com/advisories/29670/
A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to compromise a vulnerable system.
Mon, 7 Apr 08
Webwasher URL Processing Denial of Service Vulnerability
http://secunia.com/advisories/29674/
A vulnerability has been reported in Webwasher, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 4 Apr 08
Red Hat update for java-1.5.0-ibm
http://secunia.com/advisories/29498/
Red Hat has issued an update for java-1.5.0-ibm. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), to bypass certain security restrictions, or to compromise a vulnerable system.
Fri, 4 Apr 08
SCO UnixWare "pkgadd" Directory Traversal Privilege Escalation
http://secunia.com/advisories/29657/
A vulnerability has been reported in SCO UnixWare, which can be exploited by malicious, local users to gain escalated privileges.
Fri, 4 Apr 08
Borland CaliberRM StarTeam Multicast Service Buffer Overflow
http://secunia.com/advisories/29631/
A vulnerability has been reported in Borland CaliberRM, which can be exploited by malicious people to compromise a vulnerable system.
Fri, 4 Apr 08
ManageEngine Firewall Analyzer "displayName" Cross-Site Scripting
http://secunia.com/advisories/29632/
Jason Rhodes has reported a vulnerability in ManageEngine Firewall Analyzer, which can be exploited by malicious people to conduct cross-site scripting attacks.
Fri, 4 Apr 08
Orbit Downloader URL Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/29669/
Diego Juarez has reported a vulnerability in Orbit Downloader, which potentially can be exploited by malicious people to compromise a user's system.
Fri, 4 Apr 08
Red Hat update for thunderbird
http://secunia.com/advisories/29607/
Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or potentially compromise a user's system.
Fri, 4 Apr 08
Debian update for xpdf
http://secunia.com/advisories/29604/
Debian has issued an update for xpdf. This fixes some vulnerabilities, which can be exploited by malicious people to compromse a vulnerable system.
Fri, 4 Apr 08
Symantec Products AutoFix Support Tool ActiveX Control Two Vulnerabilities
http://secunia.com/advisories/29660/
Two vulnerabilities have been reported in various Symantec products, which can be exploited by malicious people to compromise a user's system.
Fri, 4 Apr 08
Blackboard Academic Suite "searchText" Cross-Site Scripting
http://secunia.com/advisories/29543/
Duong Thanh has reported a vulnerability in Blackboard Academic Suite, which can be exploited by malicious people to conduct cross-site scripting attacks.
Fri, 4 Apr 08
gnome-screensaver Information Disclosure and Security Bypass
http://secunia.com/advisories/29595/
A weakness and a security issue have been reported in gnome-screensaver, which can be exploited by malicious people with physical access to disclose potentially sensitive information or bypass certain security restrictions.
Fri, 4 Apr 08
Red Hat update for gnome-screensaver
http://secunia.com/advisories/29606/
Red Hat has issued an update for gnome-screensaver. This fixes a security issue, which can be exploited by malicious people with physical access to bypass certain security restrictions.
Fri, 4 Apr 08
Fedora update for gnome-screensaver
http://secunia.com/advisories/29666/
Fedora has issued an update for gnome-screensaver. This fixes a weakness, which can be exploited by malicious people with physical access to disclose potentially sensitive information.
Fri, 4 Apr 08
Novell eDirectory Host Environment HTTP Request Processing Denial of Service
http://secunia.com/advisories/29639/
Mati Aharoni has discovered a vulnerability in Novell eDirectory, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 4 Apr 08
Drupal Webform Module Unspecified Script Insertion
http://secunia.com/advisories/29633/
Some vulnerabilities have been reported in the Webform module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
Fri, 4 Apr 08
Simple Gallery "album" Cross-Site Scripting
http://secunia.com/advisories/29646/
Russ McRee has discovered a vulnerability in Simple Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks.
Fri, 4 Apr 08
HP OpenView Network Node Manager Buffer Overflow Vulnerability
http://secunia.com/advisories/29641/
Mati Aharoni has discovered a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system.
Fri, 4 Apr 08
Smart Classified / Photo ADS Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29623/
Russ McRee has reported some vulnerabilities in Smart Classified ADS and Smart Photo ADS, which can be exploited by malicious people to conduct cross-site scripting attacks.
Fri, 4 Apr 08
Opera Multiple Vulnerabilities
http://secunia.com/advisories/29662/
Some vulnerabilities have been reported in Opera, which potentially can be exploited by malicious people to compromise a user's system.
Fri, 4 Apr 08
Writer’s Block CMS "PostID" SQL Injection Vulnerability
http://secunia.com/advisories/29652/
katharsis has discovered a vulnerability in Writer's Block CMS, which can be exploited by malicious people to conduct SQL injection attacks
Fri, 4 Apr 08
Solaris inetd Debug Logging Symlink Security Issue
http://secunia.com/advisories/29654/
Sun has acknowledged a security issue in Solaris, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Fri, 4 Apr 08
DaZPHPNews "prefixdir" Local File Inclusion Vulnerability
http://secunia.com/advisories/29653/
w0cker has discovered a vulnerability in DaZPHPNews, which can be exploited by malicious people to disclose sensitive information.
Fri, 4 Apr 08
OpenBSD update for OpenSSH
http://secunia.com/advisories/29627/
OpenBSD has issued an update for OpenSSH. This fixes a vulnerability, which can be exploited by malicious, local users to disclose sensitive information.
Fri, 4 Apr 08
Drupal Flickr Module Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/29658/
Some vulnerabilities have been reported in the Flickr module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 3 Apr 08
Apple QuickTime Multiple Vulnerabilities
http://secunia.com/advisories/29650/
Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to disclose potentially sensitive information or compromise a vulnerable system.
Thu, 3 Apr 08
Apache-SSL Environment Variables Manipulation Vulnerability
http://secunia.com/advisories/29644/
Alexander Klink has reported a vulnerability in Apache-SSL, which can be exploited by malicious people to manipulate certain data or to disclose potentially sensitive information.
Thu, 3 Apr 08
Gentoo update for bzip2
http://secunia.com/advisories/29656/
Gentoo has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 3 Apr 08
Mandriva update for cups
http://secunia.com/advisories/29655/
Mandriva has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Thu, 3 Apr 08
SUSE update for Sun Java
http://secunia.com/advisories/29582/
SUSE has issued an update for Sun Java. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), to bypass certain security restrictions, or to compromise a vulnerable system.
Thu, 3 Apr 08
Ubuntu update for cups
http://secunia.com/advisories/29603/
Ubuntu has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Thu, 3 Apr 08
EasyNews Multiple Vulnerabilities
http://secunia.com/advisories/29624/
Dr.Crash has discovered some vulnerabilities in EasyNews, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and to disclose sensitive information.
Wed, 2 Apr 08
Novell NetWare iPrint Request Denial of Service
http://secunia.com/advisories/29587/
A vulnerability has been reported in Novell NetWare, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 2 Apr 08
NoticeWare Email Server IMAP Packet Handling Denial of Service
http://secunia.com/advisories/29629/
Ray has discovered a vulnerability in NoticeWare Email Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 2 Apr 08
AuraCMS "country" SQL Injection Vulnerability
http://secunia.com/advisories/29593/
NTOS-Team have discovered a vulnerability in AuraCMS, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 2 Apr 08
lighttpd OpenSSL Error Queue Denial of Service Vulnerability
http://secunia.com/advisories/29544/
A vulnerability has been reported in lighttpd, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 2 Apr 08
rPath update for lighttpd
http://secunia.com/advisories/29649/
rPath has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 2 Apr 08
Red Hat update for cups
http://secunia.com/advisories/29630/
Red Hat has issued an update for cups. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system.
Wed, 2 Apr 08
Red Hat update for cups
http://secunia.com/advisories/29573/
Red Hat has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Wed, 2 Apr 08
HP Select Identity Unspecified Unauthorised Access Vulnerability
http://secunia.com/advisories/29643/
A vulnerability has been reported in HP Select Identity, which can be exploited by malicious users to bypass certain security restrictions.
Wed, 2 Apr 08
IBM DB2 Content Manager AllowedTrustedLogin Security Issue
http://secunia.com/advisories/29647/
A security issue with an unknown impact has been reported in IBM DB2 Content Manager.
Wed, 2 Apr 08
Faphoto "id" SQL Injection Vulnerability
http://secunia.com/advisories/29628/
IRCRASH has discovered a vulnerability in Faphoto, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 2 Apr 08
Fedora update for mod_suphp
http://secunia.com/advisories/29648/
Fedora has issued an update for mod_suphp. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
Wed, 2 Apr 08
HP Internet Express for Tru64 UNIX Multiple PostgreSQL Vulnerabilities
http://secunia.com/advisories/29638/
HP has acknowledged some vulnerabilities in PostgreSQL, which can be exploited by malicious users to to gain escalated privileges or to cause a DoS (Denial of Service).
Wed, 2 Apr 08
Ubuntu update for openssh
http://secunia.com/advisories/29626/
Ubuntu has issued an update for openssh. This fixes a vulnerability, which can be exploited by malicious, local users to disclose sensitive information.
Wed, 2 Apr 08
suPHP Race Condition Vulnerabilities
http://secunia.com/advisories/29615/
Some vulnerabilities have been reported in suPHP, which can be exploited by malicious, local users to gain escalated privileges.
Wed, 2 Apr 08
Red Hat lspp-eal4-config-ibm / capp-lspp-eal4-config-hp Privilege Escalation
http://secunia.com/advisories/29642/
Red Hat has acknowledged a security issue in the lspp-eal4-config-ibm and capp-lspp-eal4-config-hp packages, which can be exploited by malicious, local users to gain escalated privileges.
Wed, 2 Apr 08
Gentoo update for cups
http://secunia.com/advisories/29634/
Gentoo has issued an update for cups. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Wed, 2 Apr 08
Fedora update for centerim
http://secunia.com/advisories/29597/
Fedora has issued an update for centerim. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Wed, 2 Apr 08
Fedora update for seamonkey
http://secunia.com/advisories/29618/
Fedora has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system.
Wed, 2 Apr 08
Slackware update for xine-lib
http://secunia.com/advisories/29600/
Slackware has issued an update for xine-lib. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
Wed, 2 Apr 08
Fedora update for phpMyAdmin
http://secunia.com/advisories/29588/
Fedora has issued an update for phpMyAdmin. This fixes a vulnerability, which can potentially be exploited by malicious users to disclose sensitive information.
Wed, 2 Apr 08
LANDesk Management Suite PXE TFTP Service Directory Traversal
http://secunia.com/advisories/29324/
Parvez Anwar has discovered a vulnerability in LANDesk Management Suite, which can be exploited by malicious people to disclose sensitive information.
Wed, 2 Apr 08
GnuPG Duplicated IDs Memory Corruption
http://secunia.com/advisories/29568/
A vulnerability has been reported in GnuPG, which can potentially be exploited to compromise a vulnerable system.
Wed, 2 Apr 08
Phorum Non-Fulltext Search SQL Injection Vulnerability
http://secunia.com/advisories/29519/
A vulnerability has been reported in Phorum, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 2 Apr 08
Comix Arbitrary Shell Command Execution Vulnerability
http://secunia.com/advisories/29621/
A vulnerability has been reported in Comix, which can be exploited by malicious people to compromise a user's sytem.
Wed, 2 Apr 08
WordPress WP-Download Plugin "dl_id" SQL Injection
http://secunia.com/advisories/29608/
BL4CK has reported a vulnerability in the WP-Download plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.