Software and Script Bug Exploits
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Mon, 30 Jun 08
Philboard Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/30874/
Bl@ckbe@rD has reported some vulnerabilities in Philboard, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 30 Jun 08
S.T.A.L.K.E.R.: Shadow of Chernobyl Multiple Vulnerabilities
http://secunia.com/advisories/30891/
Luigi Auriemma has reported some vulnerabilities in S.T.A.L.K.E.R.: Shadow of Chernobyl, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 30 Jun 08
Sun Java System Access Manager XSLT Stylesheet Processing Vulnerability
http://secunia.com/advisories/30893/
A vulnerability has been reported in Sun Java Access Manager, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 30 Jun 08
Novell Client NWFS.SYS Unspecified Vulnerability
http://secunia.com/advisories/30904/
A vulnerability with an unknown impact has been reported in Novell Client.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 30 Jun 08
Slackware update for ruby
http://secunia.com/advisories/30894/
Slackware has issued an update for ruby. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
Jokes Website "jokeid" SQL Injection Vulnerability
http://secunia.com/advisories/30860/
Cyb3r-1sT has discovered a vulnerability in Jokes Website, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
mask PHP File Manager Configuration Disclosure
http://secunia.com/advisories/30754/
A vulnerability has been reported in mask PHP File Manager (mPFM), which can be exploited by malicious users to bypass certain security restrictions and disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
Cheats Website "itemid" SQL Injection Vulnerability
http://secunia.com/advisories/30838/
Cyb3r-1sT has discovered a vulnerability in Cheats Website, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
CheckInstall Insecure Temporary Files
http://secunia.com/advisories/30873/
Two security issues have been reported in CheckInstall, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
Tips Website "tipid" SQL Injection Vulnerability
http://secunia.com/advisories/30861/
Cyb3r-1sT has discovered a vulnerability in Tips Website, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
AceFTP Directory Download Directory Traversal Vulnerability
http://secunia.com/advisories/30792/
Tan Chew Keong has reported a vulnerability in AceFTP, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
Riddles Website "riddleid" SQL Injection Vulnerability
http://secunia.com/advisories/30862/
Cyb3r-1sT has discovered a vulnerability in Riddles Website, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
Pidgin MSN File Transfer Filename Processing Vulnerability
http://secunia.com/advisories/30881/
Juan Pablo Lopez Yacubian has discovered a vulnerability in Pidgin, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
Drinks Website "drinkid" SQL Injection Vulnerability
http://secunia.com/advisories/30859/
Cyb3r-1sT has discovered a vulnerability in Drinks Website, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
Sun Solaris snmpXdmid Denial of Service
http://secunia.com/advisories/30863/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 28 Jun 08
Yazd Forum Software Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/30760/
kInGoFcHaOs has reported some vulnerabilities in Yazd Forum Software, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
testMaker PHP Code Execution Vulnerability
http://secunia.com/advisories/30870/
A vulnerability has been reported in testMaker, which can be exploited by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Cybozu Products Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/30882/
A vulnerability has been reported in Cybozu products, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Cybozu Garoon Session Fixation and Cross-Site Scripting
http://secunia.com/advisories/30871/
Some vulnerabilities have been reported in Cybozu Garoon, which can be exploited by malicious people to conduct session fixation and cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Commtouch Enterprise Anti-Spam Gateway "PARAMS" Cross-Site Scripting
http://secunia.com/advisories/30876/
Erez Metula has reported a vulnerability in Commtouch Enterprise Anti-Spam Gateway, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
eTicket "pri" SQL Injection Vulnerability
http://secunia.com/advisories/30877/
Omer Singer has reported a vulnerability in eTicket, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Orca Interactive Forum Script "gConf[dir][layouts]" File Inclusion
http://secunia.com/advisories/30855/
Ciph3r has discovered a vulnerability in Orca Interactive Forum Script, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
World in Conflict NULL Pointer Dereference Denial of Service
http://secunia.com/advisories/30817/
Luigi Auriemma has reported a vulnerability in World in Conflict, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
rPath update for ruby
http://secunia.com/advisories/30875/
rPath has issued an update for ruby. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Ubuntu update for openssl
http://secunia.com/advisories/30868/
Ubuntu has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Avaya Communication Manager Input Validation Vulnerabilities
http://secunia.com/advisories/30799/
Some vulnerabilities have been reported in Avaya Communication Manager, which can be exploited by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Ubuntu update for ruby1.8
http://secunia.com/advisories/30867/
Ubuntu has issued an update for ruby1.8. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Debian update for dbus
http://secunia.com/advisories/30869/
Debian has issued an update for dbus. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Avaya SIP Enablement Services Multiple Vulnerabilities
http://secunia.com/advisories/30751/
Some vulnerabilities have been reported in Avaya SIP Enablement Services, which can be exploited by malicious people to disclose sensitive information and by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Avaya Message Storage Server Input Validation Vulnerabilities
http://secunia.com/advisories/30777/
Some vulnerabilities have been reported in Avaya Message Storage Server, which can be exploited by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Internet Explorer 6 Window "location" Handling Vulnerability
http://secunia.com/advisories/30857/
Ph4nt0m Security Team has discovered a vulnerability in Internet Explorer 6, which can be exploited by malicious people to conduct cross-domain scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Internet Explorer 7 Frame Location Handling Vulnerability
http://secunia.com/advisories/30851/
sirdarckcat has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to conduct spoofing attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Nortel SIP Multimedia PC Client Session Handling Denial of Service
http://secunia.com/advisories/30854/
A vulnerability has been reported in Nortel SIP Multimedia PC Client, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Sun Solaris Adobe Reader Multiple Vulnerabilities
http://secunia.com/advisories/30840/
Sun has acknowledged some vulnerabilities in Adobe Reader included in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Ektron CMS400.NET "res" SQL Injection Vulnerability
http://secunia.com/advisories/30824/
DigiTrust Group Vulnerability Research Team has reported a vulnerability in Ektron CMS400.NET, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Ektron CMS400.NET Unspecified Vulnerability
http://secunia.com/advisories/30858/
A vulnerability has been reported in Ektron CMS400.NET, which has an unknown impact.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Perl "File::Path::rmtree" Insecure chmod on Symbolic Links
http://secunia.com/advisories/30790/
A vulnerability has been reported in Perl, which can be exploited by malicious, local user to perform actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Fedora update for perl
http://secunia.com/advisories/30837/
Fedora has issued an update for perl. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 27 Jun 08
Fedora update for nasm
http://secunia.com/advisories/30836/
Fedora has issued an update for nasm. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Nortel Media Processing Server OpenSSL Multiple Vulnerabilities
http://secunia.com/advisories/30852/
Nortel has acknowledged some vulnerabilities in Media Processing Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Nortel Communication Server Command Processing Denial of Service
http://secunia.com/advisories/30844/
A vulnerability has been reported in Nortel Communication Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
SunAge Multiple Denial of Service Vulnerabilities
http://secunia.com/advisories/30823/
Luigi Auriemma has reported some vulnerabilities in SunAge, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Joomla nBill Component "cid" SQL Injection
http://secunia.com/advisories/30752/
His0k4 has discovered a vulnerability in the nBill component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Drupal Suggested Terms Module Script Insertion Vulnerability
http://secunia.com/advisories/30846/
A vulnerability has been reported in the Suggested Terms module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Red Hat update for kernel
http://secunia.com/advisories/30850/
Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Softbiz Jokes and Funny Pictures Script "sbjoke_id" SQL Injection
http://secunia.com/advisories/30810/
Hussin X has reported a vulnerability in Softbiz Jokes and Funny Pictures Script, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Cisco Unified Communications Manager Authentication Bypass and Denial of Service
http://secunia.com/advisories/30848/
A vulnerability and a security issue have been reported in Cisco Unified Communications Manager, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Red Hat update for kernel
http://secunia.com/advisories/30849/
Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information or gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Caucho Resin "file" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30845/
A vulnerability has been reported in Caucho Resin, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Cisco Wide Area Application Services CUPS IPP Tags Memory Corruption
http://secunia.com/advisories/30847/
Cisco has acknowledged a vulnerability in Wide Area Application Services (WAAS), which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
IBM AFP Viewer Plug-In "SRC" Property Buffer Overflow
http://secunia.com/advisories/27995/
Paul Kurczaba has discovered a vulnerability in IBM AFP Viewer Plug-In, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Gentoo update for ibm-jdk-bin and ibm-jre-bin
http://secunia.com/advisories/30780/
Gentoo has issued an update for ibm-jdk-bin and ibm-jre-bin. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, cause a DoS (Denial of Service), or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
CiBlog "id" SQL Injection Vulnerability
http://secunia.com/advisories/30807/
Mr.SQL has reported a vulnerability in CiBlog, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Link ADS 1 "linkid" SQL Injection Vulnerability
http://secunia.com/advisories/30798/
Hussin X has reported a vulnerability in Link ADS 1, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
mask PHP File Manager Cookie Security Bypass
http://secunia.com/advisories/30833/
A vulnerability has been reported in mask PHP File Manager (mPFM), which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
RT Devel::StackTrace Denial of Service Vulnerability
http://secunia.com/advisories/30830/
A vulnerability has been reported in RT, which can exploited by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
WebGUI Collaboration RSS Feed Information Disclosure
http://secunia.com/advisories/30782/
A security issue has been reported in WebGUI, which can be exploited by malicious people to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Viral DX 1 "bannerid" SQL Injection Vulnerability
http://secunia.com/advisories/30793/
Hussin X has reported a vulnerability in Viral DX 1, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Novell Groupwise WebAccess Simple Interface Cross-Site Scripting
http://secunia.com/advisories/30839/
A vulnerability has been reported in Novell Groupwise, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Fedora update for ruby
http://secunia.com/advisories/30831/
Fedora has issued an update for ruby. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Fedora update for horde
http://secunia.com/advisories/30814/
Fedora has issued an update for horde. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
DUware DUcalendar "iEve" SQL Injection Vulnerability
http://secunia.com/advisories/30774/
Bl@ckbe@rD has reported a vulnerability in DUware DUcalendar, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
DC++ NULL Pointer Dereference Denial of Service
http://secunia.com/advisories/30812/
A weakness has been reported in DC++, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 26 Jun 08
Fedora update for phpMyAdmin
http://secunia.com/advisories/30816/
Fedora has issued an update for phpMyAdmin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 23 Jun 08
Call of Duty 4: Modern Warfare Vulnerabilities
http://secunia.com/advisories/30815/
Luigi Auriemma has reported some vulnerabilities in Call of Duty 4: Modern Warfare, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 23 Jun 08
emuCMS "cat_id" SQL Injection Vulnerability
http://secunia.com/advisories/30804/
TurkishWarriorr has discovered a vulnerability in emuCMS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 23 Jun 08
IGSuite "formid" SQL Injection Vulnerability
http://secunia.com/advisories/30756/
k`sOSe has discovered a vulnerability in IGSuite, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 23 Jun 08
Jamroom "jamroom[jm_dir]" File Inclusion Vulnerability
http://secunia.com/advisories/30806/
Some vulnerabilities have been reported in Jamroom, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 23 Jun 08
ODARS "CLASSES_ROOT" File Inclusion Vulnerability
http://secunia.com/advisories/30784/
CraCkEr has discovered a vulnerability in ODARS, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 23 Jun 08
MiGCMS "GLOBALS[application][app_root]" File Inclusion Vulnerabilities
http://secunia.com/advisories/30770/
CraCkEr has reported some vulnerabilities in MiGCMS, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
Red Hat update for freetype
http://secunia.com/advisories/30721/
Red Hat has issued an update for freetype. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
Classic FTP Directory Download Directory Traversal Vulnerability
http://secunia.com/advisories/30708/
Tan Chew Keong has reported a vulnerability in Classic FTP, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
vBulletin MCP Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30755/
A vulnerability has been reported in vBulletin, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
WISE-FTP 4 Directory Download Directory Traversal Vulnerability
http://secunia.com/advisories/30788/
Tan Chew Keong has reported a vulnerability in WISE-FTP, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
WISE-FTP 5 Directory Download Directory Traversal Vulnerability
http://secunia.com/advisories/30663/
Tan Chew Keong has reported a vulnerability in WISE-FTP, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
Samart-CMS "contentsid" SQL Injection Vulnerability
http://secunia.com/advisories/30730/
dun has reported a vulnerability in Samart-CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
XnView Sun TAAC "format" Buffer Overflow Vulnerability
http://secunia.com/advisories/30416/
Secunia Research has discovered a vulnerability in XnView, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
NConvert / GFL SDK Sun TAAC "format" Buffer Overflow Vulnerability
http://secunia.com/advisories/30789/
Secunia Research has discovered a vulnerability in NConvert and GFL SDK, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
Debian update for libtk-img
http://secunia.com/advisories/30783/
Debian has issued an update for libtk-img. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
eLineStudio Site Composer Multiple Vulnerabilities
http://secunia.com/advisories/30762/
AmnPardaz Security Research Team have reported some vulnerabilities in eLineStudio Site Composer, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, or to manipulate certain data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
Xen PVFB Shared Framebuffer Processing Vulnerability
http://secunia.com/advisories/30781/
A vulnerability has been reported in Xen, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 21 Jun 08
Kolab Server ClamAV Petite Processing Denial of Service
http://secunia.com/advisories/30785/
A vulnerability has been reported in Kolab Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
Ubuntu update for kernel
http://secunia.com/advisories/30769/
Ubuntu has issued an update for the kernel. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, disclose potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
Gentoo update for xorg-server
http://secunia.com/advisories/30772/
Gentoo has issued an update for xorg-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
Apple Safari for Windows Multiple Vulnerabilities
http://secunia.com/advisories/30775/
Some vulnerabilities and a security issue have been reported in Apple Safari, which can be exploited by malicious people to disclose sensitive information or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
Various TYPO3 Extensions Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/30737/
Multiple vulnerabilities have been reported in various TYPO3 extensions, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
TYPO3 DCD GoogleMap Extension Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30773/
A vulnerability has been reported in the DCD GoogleMap (dcdgooglemap) extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
Carscripts Classifieds "cat" SQL Injection Vulnerability
http://secunia.com/advisories/30738/
Stack has reported a vulnerability in Carscripts Classifieds, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
Maxtrade AIO "categori" SQL Injection Vulnerability
http://secunia.com/advisories/30722/
HaCker_Egy has reported a vulnerability in Maxtrade AIO, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
CGIWrap Error Message Charset Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30765/
A vulnerability has been reported in CGIWrap, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
DekiWiki Search Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30758/
A vulnerability has been reported in DekiWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
BoatScripts Classifieds "type" SQL Injection Vulnerability
http://secunia.com/advisories/30743/
Stack has reported a vulnerability in BoatScripts Classifieds, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
Sun Solaris FreeType Multiple Vulnerabilities
http://secunia.com/advisories/30766/
Sun has acknowledged some vulnerabilities in Solaris, which can potentially can be exploited by malicious people to compromise an application using the libfreetype library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
S.T.A.L.K.E.R.: Shadow of Chernobyl Long Nickname Denial of Service
http://secunia.com/advisories/30707/
Luigi Auriemma has reported a vulnerability in S.T.A.L.K.E.R.: Shadow of Chernobyl, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
SUSE update for opera
http://secunia.com/advisories/30682/
SUSE has issued an update for opera. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information or to conduct spoofing attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
Easy Webstore "cat_path" SQL Injection Vulnerability
http://secunia.com/advisories/30726/
Mr.SQL has reported a vulnerability in Easy Webstore, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
OFFSystem HTTP Headers Processing Buffer Overflows
http://secunia.com/advisories/30759/
Some vulnerabilities have been reported in OFFSystem, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
doITLive CMS Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/30705/
AmnPardaz Security Research Team has reported a vulnerability in doITLive CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
Drupal TrailScout Module Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/30764/
Some vulnerabilities have been reported in the TrailScout Module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
MyBizz-Classifieds "cat" SQL Injection Vulnerability
http://secunia.com/advisories/30724/
HaCker_Egy has reported a vulnerability in MyBizz-Classifieds, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 20 Jun 08
SurgeMail IMAP Processing Denial of Service Vulnerability
http://secunia.com/advisories/30739/
A vulnerability has been reported in SurgeMail, which can be exploited by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
Cisco Intrusion Prevention System Jumbo Frames Denial of Service
http://secunia.com/advisories/30767/
A vulnerability has been reported in Cisco Intrusion Prevention System, which can be exploited by malicious people to cause a DoS (Denial of Service) or bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
Mozilla Firefox Unspecified Code Execution Vulnerability
http://secunia.com/advisories/30761/
A vulnerability has been reported in Mozilla Firefox, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
Cisco VPN Client Deterministic Network Enhancer Privilege Escalation
http://secunia.com/advisories/30747/
mu-b has reported a vulnerability in Cisco VPN Client, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
Deterministic Network Enhancer Privilege Escalation Vulnerability
http://secunia.com/advisories/30728/
mu-b has reported a vulnerability in Deterministic Network Enhancer, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
Exero CMS "theme" Local File Inclusion Vulnerabilities
http://secunia.com/advisories/30711/
Some vulnerabilities have been reported in Exero CMS, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
IBM HMC Apache Multiple Vulnerabilities
http://secunia.com/advisories/30732/
IBM has acknowledged some vulnerabilities in IBM HMC, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
easyTrade "id" SQL Injection Vulnerability
http://secunia.com/advisories/30673/
A vulnerability has been reported in easyTrade, which can be exploited by malicious people to conduct SQL injection attacks
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
TorrentTrader Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/30565/
Secunia Research has discovered some vulnerabilities in TorrentTrader, which can be exploited by malicious people and malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
Open Azimyt CMS "lang" Local File Inclusion
http://secunia.com/advisories/30691/
Digital Security Research Group have reported a vulnerability in Open Azimyt CMS, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
SafeNet Products Deterministic Network Enhancer Privilege Escalation
http://secunia.com/advisories/30744/
mu-b has reported a vulnerability in SafeNet products, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
BlueCoat WinProxy Deterministic Network Enhancer Privilege Escalation
http://secunia.com/advisories/30753/
mu-b has reported a vulnerability in BlueCoat WinProxy, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
eroCMS "site" SQL Injection Vulnerability
http://secunia.com/advisories/30723/
Mr.SQL has reported a vulnerability in eroCMS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
ManageEngine OpUtils "hostName" Script Insertion Vulnerability
http://secunia.com/advisories/30745/
Jason Rhodes has discovered a vulnerability in ManageEngine OpUtils, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 19 Jun 08
BASIC-CMS "page_id" SQL Injection Vulnerability
http://secunia.com/advisories/30645/
Mr.SQL has reported a vulnerability in BASIC-CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
Comparison Engine Power "id" SQL Injection
http://secunia.com/advisories/30729/
Mr.SQL has reported a vulnerability in Comparison Engine Power, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
Adobe Flex 3 History Management Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30746/
A vulnerability has been reported in Adobe Flex 3, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
Symantec Altiris Notification Server Agent GUI Privilege Escalation
http://secunia.com/advisories/30741/
A vulnerability has been reported in Symantec Altiris Notification Server, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
OpenDocMan Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/30750/
Some vulnerabilities have been discovered in OpenDocMan, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
CRE Loaded "Links" and "Links Submit" Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/30655/
Some vulnerabilities have been reported in CRE Loaded, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
Fedora update for freetype
http://secunia.com/advisories/30740/
Fedora has issued an update for freetype. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
Fetchmail Large Header Processing Denial of Service
http://secunia.com/advisories/30742/
A vulnerability has been reported in Fetchmail, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
Ubuntu update for samba
http://secunia.com/advisories/30736/
Ubuntu has issued an update for samba. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
Novell eDirectory iMonitor Error Message Cross-Site Scripting
http://secunia.com/advisories/30748/
A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
UltraEdit FTP/SFTP Browser Directory Download Directory Traversal Vulnerability
http://secunia.com/advisories/30749/
Tan Chew Keong has reported a vulnerability in UltraEdit, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
BlognPlus Unspecified SQL Injection Vulnerability
http://secunia.com/advisories/30642/
A vulnerability has been reported in BlognPlus, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
MyMarket "id" SQL Injection Vulnerability
http://secunia.com/advisories/30692/
h0yt3r has discovered a vulnerability in MyMarket, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
Sun Java System Calendar Server Denial of Service
http://secunia.com/advisories/30694/
A vulnerability has been reported in Sun Java System Calendar Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
No-IP Windows Dynamic Update Client Information Disclosure
http://secunia.com/advisories/30714/
Charalambous Glafkos and George Nicolaou have discovered a security issue in No-IP Windows Dynamic Update Client (DUC), which can be exploited by malicious, local users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
VMware ESX Server update for Tomcat and Java JRE
http://secunia.com/advisories/30676/
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 18 Jun 08
MediaWiki WikiHiero Extension Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/30698/
Some vulnerabilities have been reported in the WikiHiero extension for MediaWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
ClamAV Petite Processing Denial of Service Vulnerability
http://secunia.com/advisories/30657/
A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Crysis HTTP/XML-RPC Server Denial of Service
http://secunia.com/advisories/30675/
Luigi Auriemma has reported a vulnerability in Crysis, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Skulltag Packet Parsing Denial of Service
http://secunia.com/advisories/30668/
Luigi Auriemma has reported a vulnerability in Skulltag, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Gentoo update for evolution
http://secunia.com/advisories/30702/
Gentoo has issued an update for evolution. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Gentoo update for cbrpager
http://secunia.com/advisories/30701/
Gentoo has issued an update for cbrpager. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
PHP JOBWEBSITE PRO "JobSearch3.php" SQL Injection
http://secunia.com/advisories/30686/
Two vulnerabilities have been reported in PHP JOBWEBSITE PRO, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Linux Kernel "pppol2tp_recvmsg()" Memory Corruption Vulnerability
http://secunia.com/advisories/30719/
A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
devalcms "currentfile" Local File Inclusion
http://secunia.com/advisories/30585/
CWH Underground has discovered a vulnerability in devalcms, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Webmatic Unspecified SQL Injection and Cross-Site Scripting
http://secunia.com/advisories/30656/
Some vulnerabilities have been reported in Webmatic, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
XChat "ircs" URI Handling Vulnerability
http://secunia.com/advisories/30695/
securfrog has discovered a vulnerability in XChat, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Lyris ListManager "words" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30662/
Russ McRee has discovered a vulnerability in Lyris ListManager, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Contenido Cross-Site Scripting and File Inclusion Vulnerabilities
http://secunia.com/advisories/30683/
RoMaNcYxHaCkEr has discovered some vulnerabilities in Contenido, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Clever Copy "searchtype" SQL Injection Vulnerability
http://secunia.com/advisories/30699/
h0yt3r has discovered a vulnerability in Clever Copy, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
WallCity-Server Shoutcast Admin Panel Multiple Vulnerabilities
http://secunia.com/advisories/30678/
Some vulnerabilities have been discovered in Shoutcast Admin Panel, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Cartweaver "prodId" SQL Injection Vulnerability
http://secunia.com/advisories/30677/
h0yt3r has reported a vulnerability in Cartweaver, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
3D-FTP Client Directory Download Directory Traversal Vulnerability
http://secunia.com/advisories/30651/
Tan Chew Keong has reported a vulnerability in 3D-FTP Client, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
EZCMS "page" SQL Injection Vulnerability
http://secunia.com/advisories/30674/
t0pP8uZz has reported a vulnerability in EZCMS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Vim Shell Command Injection Vulnerabilities
http://secunia.com/advisories/30731/
Jan Minar has reported some vulnerabilities in Vim, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
gllcTS2 SQL Injection Vulnerabilities
http://secunia.com/advisories/30688/
Some vulnerabilities have been reported in gllcTS2, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Pre Job Board "JobSearch3.php" SQL Injection Vulnerabilities
http://secunia.com/advisories/30684/
JosS has reported a vulnerability in Pre Job Board, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
Pre ADS Portal SQL Injection Vulnerabilities
http://secunia.com/advisories/30689/
M.Hasran Addahroni has reported a vulnerability in Pre ADS Portal, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
E-SMART CART "category_id" SQL Injection Vulnerability
http://secunia.com/advisories/30687/
JosS has reported a vulnerability in E-SMART CART, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
WebChamado SQL Injection Vulnerabilities
http://secunia.com/advisories/30690/
Some vulnerabilities have been reported in WebChamado, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
PHPMyCart "cat" SQL Injection Vulnerability
http://secunia.com/advisories/30679/
h0yt3r has reported a vulnerability in PHPMyCart, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 17 Jun 08
AlstraSoft AskMe Pro SQL Injection Vulnerabilities
http://secunia.com/advisories/30672/
t0pP8uZz has reported some vulnerabilities in AstraSoft AskMe Pro, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
SUSE update for xorg-x11 and XFree86
http://secunia.com/advisories/30715/
SUSE has issued an update for xorg-x11 and XFree86. This fixes a security issue and some vulnerabilities, which can be exploited by malicious people with physical access to a system to bypass certain security restrictions and by malicious local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
SUSE update for evolution
http://secunia.com/advisories/30716/
SUSE has issued an update for evolution. This fixes a two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
Red Hat update for openoffice.org
http://secunia.com/advisories/30633/
Red Hat has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges or malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
Red Hat update for openoffice.org
http://secunia.com/advisories/30720/
Red Hat has issued an update for openoffice.org. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
Dana IRC Client Buffer Overflow Vulnerability
http://secunia.com/advisories/30681/
t0pP8uZz has discovered a vulnerability in the Dana IRC client, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
Glub Tech Secure FTP Directory Download Directory Traversal Vulnerability
http://secunia.com/advisories/30725/
Tan Chew Keong has reported a vulnerability in Glub Tech Secure FTP, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
Family Connections Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/30680/
CWH Underground has discovered some vulnerabilities in Family Connections, which can be exploited by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
Horde Products Cross-Site Scripting and Script Insertion
http://secunia.com/advisories/30697/
Some vulnerabilities have been reported in various Horde products, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
muvee autoProducer DXTTextOutEffect "FontSetting" Property Buffer Overflow
http://secunia.com/advisories/30696/
Nine:Situations:Group::Trotzkista has discovered a vulnerability in muvee autoProducer, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
Novell iPrint Client Unspecified Vulnerability
http://secunia.com/advisories/30709/
A vulnerability with an unknown impact has been reported in Novell iPrint Client.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
Avaya CMS Solaris "inet_network()" Off-By-One Vulnerability
http://secunia.com/advisories/30718/
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 16 Jun 08
Debian update for imlib2
http://secunia.com/advisories/30727/
Debian has issued an update for imlib2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 14 Jun 08
Ubuntu update for xorg-server
http://secunia.com/advisories/30664/
Ubuntu has issued an update for xorg-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 14 Jun 08
FOG Forum "index.php" Local File Inclusion Vulnerabilities
http://secunia.com/advisories/30613/
CWH Underground has discovered two vulnerabilities in FOG Forum, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Kronos webTA Script Insertion Vulnerability
http://secunia.com/advisories/30588/
Alex Eden has reported a vulnerability in Kronos webTA, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Debian update for mt-daapd
http://secunia.com/advisories/30661/
Debian has issued an update for mt-daapd. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Debian update for typo3
http://secunia.com/advisories/30660/
Debian has issued an update for typo3. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, and by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Debian update for xorg-server
http://secunia.com/advisories/30666/
Debian has issued an update for xorg-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Fedora update for kernel
http://secunia.com/advisories/30658/
Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Xerox WorkCenter Web Services Unspecified Unauthorized Access
http://secunia.com/advisories/30670/
A vulnerability has been reported in Xerox WorkCentre, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Xerox Copier/Printer Products Web Server Unspecified Script Insertion
http://secunia.com/advisories/30639/
A vulnerability has been reported in some Xerox Copier/Printer products, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Fedora update for xorg-x11-server
http://secunia.com/advisories/30659/
Fedora has issued an update for xorg-x11-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Xerox WorkCentre Web Server Unspecified Script Insertion
http://secunia.com/advisories/30669/
A vulnerability has been reported in Xerox WorkCentre, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
yblog SQL Injection and Cross-Site Scripting
http://secunia.com/advisories/30607/
unohope has discovered some vulnerabilities in yblog, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Debian update for xorg-server
http://secunia.com/advisories/30637/
Debian has issued an update for xorg-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Achievo Multiple File Extensions Vulnerability
http://secunia.com/advisories/30597/
EgiX has discovered a vulnerability in Achievo, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
JAMM CMS "id" SQL Injection Vulnerability
http://secunia.com/advisories/30614/
h0yt3r has reported a vulnerability in JAMM CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Sun Java Access Manager Unspecified Security Bypass
http://secunia.com/advisories/30652/
A vulnerability has been reported in Sun Java Access Manager, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Sun Solaris UltraSPARC Kernel Module Local Denial of Service
http://secunia.com/advisories/30654/
A vulnerability has been reported in Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Gallery Multiple Vulnerabilities
http://secunia.com/advisories/30650/
Some vulnerabilities and a weakness have been reported in Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and manipulate data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Opera Multiple Vulnerabilities
http://secunia.com/advisories/30636/
Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to disclose potentially sensitive information or to conduct spoofing attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
DotNetNuke Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/30617/
Some vulnerabilities have been reported in DotNetNuke, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Sun Solaris Event Port Local Denial of Service
http://secunia.com/advisories/30653/
A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Sun StarOffice/StarSuite "rtl_allocateMemory()" Integer Overflow
http://secunia.com/advisories/30635/
Sun has acknowledged a vulnerability in StarOffice/StarSuite, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Absolute News Manager XE Multiple Vulnerabilities
http://secunia.com/advisories/30643/
AmnPardaz Security Research Team has reported some vulnerabilities in Absolute News Manager XE, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Pooya Site Builder SQL Injection Vulnerabilities
http://secunia.com/advisories/30610/
AmnPardaz Security Research Team has reported some vulnerabilities in Pooya Site Builder, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Absolute Banner Manager XE Multiple Vulnerabilities
http://secunia.com/advisories/30641/
AmnPardaz Security Research Team has reported some vulnerabilities in Absolute Banner Manager XE, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 13 Jun 08
Drupal Magic Tabs Module Arbitrary PHP Code Execution
http://secunia.com/advisories/30632/
A vulnerability has been reported in the Magic Tabs module for Drupal, which can be exploited by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
Ingate Firewall and SIParator SNMP HMAC Spoofing
http://secunia.com/advisories/30648/
Ingate has acknowledged a vulnerability in Ingate Firewall and SIParator, which can be exploited by malicious people to spoof authenticated SNMPv3 packets.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
Drupal Aggregation Module Multiple Vulnerabilities
http://secunia.com/advisories/30618/
Some vulnerabilities have been reported in the Aggregation module for Drupal, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, SQL injection attacks, and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
dotProject Privilege Escalation Vulnerability
http://secunia.com/advisories/30470/
Jonathan Parish has reported a vulnerability in dotProject, which can be exploited by malicious users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
Fedora update for net-snmp
http://secunia.com/advisories/30647/
Fedora has issued an update for net-snmp. This fixes some vulnerabilities, which can be exploited by malicious people to spoof authenticated SNMPv3 packets and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
X.org X11 Multiple Vulnerabilities
http://secunia.com/advisories/30627/
Some vulnerabilities have been reported in X.org X11, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
Citect Products ODBC Server Component Buffer Overflow
http://secunia.com/advisories/30638/
Core Security Technologies has reported a vulnerability in CitectSCADA and CitectFacilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
Drupal Node Hierarchy Module Improper Access Check
http://secunia.com/advisories/30622/
A security issue has been reported in the Node Hierarchy module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
Red Hat update for perl
http://secunia.com/advisories/30624/
Red Hat has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
eFiction "list" SQL Injection Vulnerability
http://secunia.com/advisories/30606/
Mr.SQL has discovered a vulnerability in eFiction, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
uTorrent Web UI Malformed HTTP "Range" Header Denial of Service
http://secunia.com/advisories/28703/
Secunia Research has discovered a vulnerability in uTorrent, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
BitTorrent Web UI Malformed HTTP "Range" Header Denial of Service
http://secunia.com/advisories/30605/
Secunia Research has discovered a vulnerability in BitTorrent, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
HP-UX update for Apache and Tomcat with PHP
http://secunia.com/advisories/30616/
HP has issued an update for Apache and Tomcat with PHP. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
net2ftp Unspecified Request Handling Vulnerability
http://secunia.com/advisories/30611/
Tan Chew Keong has reported a vulnerability in net2ftp, which potentially can be exploited by malicious people to disclose sensitive information, delete certain files, and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
SyndeoCMS File Disclosure and Cross-Site Scripting
http://secunia.com/advisories/30602/
CWH Underground has discovered some vulnerabilities in SyndeoCMS, which can be exploited by malicious people to conduct cross-site scripting attacks, and by malicious users to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
Todd Woolums ASP News Management Information Disclosure and SQL Injection
http://secunia.com/advisories/30593/
Some vulnerabilities have been discovered in Todd Woolums ASP News Management, which can be exploited by malicious people to disclose potentially sensitive information and conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
IBM OS/400 Buffer Overflow Vulnerability
http://secunia.com/advisories/30554/
A vulnerability with an unknown impact has been reported in IBM OS/400.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
TYPO3 File Upload and Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/30619/
Two vulnerabilities have been reported in TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks, and by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
NetScout Visualizer / InfiniStream Security Bypass
http://secunia.com/advisories/30514/
A vulnerability has been reported in NetScout Visualizer and InfiniStream, which can be exploited by malicious users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
Juniper Networks Session and Resource Control Appliances SNMP HMAC Spoofing
http://secunia.com/advisories/30626/
A vulnerability has been reported in Juniper Networks Session and Resource Control (SRC) appliances, which can be exploited by malicious people to spoof authenticated SNMPv3 packets.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
TNTforum "modulo" Directory Traversal Vulnerability
http://secunia.com/advisories/30595/
A vulnerability has been discovered in TNTforum, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
NASM "ppscan()" Off-By-One Vulnerability
http://secunia.com/advisories/30594/
A vulnerability has been reported in NASM, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
GlassFish Administration Console Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30604/
Eduardo Neves has discovered a vulnerability in GlassFish, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
Tornado Knowledge Retrieval System "p" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30623/
unohope has reported a vulnerability in Tornado Knowledge Retrieval System, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
BackWeb Lite Install Runner ActiveX Control Unspecified Buffer Overflows
http://secunia.com/advisories/30598/
Will Dormann has reported some vulnerabilities in BackWeb Lite Install Runner ActiveX Control, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 12 Jun 08
Logitech Desktop Messenger BackWeb ActiveX Control Unspecified Buffer Overflows
http://secunia.com/advisories/30625/
Will Dormann has reported some vulnerabilities in Logitech Desktop Messenger, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Cisco Products SNMPv3 Two Vulnerabilities
http://secunia.com/advisories/30612/
Two vulnerabilities have been reported in various Cisco products, which can be exploited by malicious people to spoof authenticated SNMPv3 packets.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Apache mod_proxy Interim Responses Denial of Service
http://secunia.com/advisories/30621/
A vulnerability has been reported in the Apache mod_proxy module, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Black Ice Annotation SDK BiAnno Control "AnnoSaveToTiff()" Buffer Overflow
http://secunia.com/advisories/30603/
shinnai has discovered a vulnerability in Black Ice Annotation SDK, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Red Hat update for net-snmp
http://secunia.com/advisories/30615/
Red Hat has issued an update for net-snmp. This fixes some vulnerabilities, which can be exploited by malicious people to spoof authenticated SNMPv3 packets and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Internet Explorer "substringData()" Memory Corruption Vulnerability
http://secunia.com/advisories/30575/
A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Microsoft DirectX MJPEG/SAMI File Processing Vulnerabilities
http://secunia.com/advisories/30579/
Two vulnerabilities have been reported in Microsoft DirectX, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Microsoft Windows Pragmatic General Multicast Denial of Service
http://secunia.com/advisories/30587/
Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Microsoft Windows Speech Recognition Security Issue
http://secunia.com/advisories/30578/
A security issue has been reported in Microsoft Windows, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Microsoft Windows Active Directory LDAP Request Processing Denial of Service
http://secunia.com/advisories/30586/
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people or malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Microsoft Windows WINS Privilege Escalation Vulnerability
http://secunia.com/advisories/30584/
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Microsoft Windows Bluetooth SDP Packet Processing Vulnerability
http://secunia.com/advisories/30051/
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Motion "read_client()" Off-By-One Vulnerability
http://secunia.com/advisories/30544/
Nico Golde has reported a vulnerability in Motion, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Joomla JoomlaDate Component "user" SQL Injection
http://secunia.com/advisories/30441/
His0k4 has reported a vulnerability in the JoomlaDate component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Net-SNMP HMAC Authentication Spoofing Vulnerability
http://secunia.com/advisories/30574/
A vulnerability has been reported in Net-SNMP, which can be exploited by malicious people to spoof authenticated SNMPv3 packets.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Red Hat update for ucd-snmp
http://secunia.com/advisories/30596/
Red Hat has issued an update for ucd-snmp. This fixes a vulnerability, which can be exploited by malicious people to spoof authenticated SNMPv3 packets.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Pilot Cart "article" SQL Injection Vulnerability
http://secunia.com/advisories/30176/
Bl@ckbe@rD has reported a vulnerability in Pilot Cart, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
IBM Workplace Unspecified Cross-Site Scripting and Request Forgery
http://secunia.com/advisories/30433/
Some vulnerabilities have been reported in IBM Workplace, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Realm CMS Multiple Vulnerabilities
http://secunia.com/advisories/30583/
AmnPardaz Security Research Team has reported some vulnerabilities in Realm CMS, which can be exploited by malicious people to bypass certain security restrictions, to disclose system information, or to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Debian update for linux-2.6
http://secunia.com/advisories/30000/
Debian has issued an update for linux-2.6. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Real-Estate-Website Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/30582/
JosS has reported some vulnerabilities in Real-Estate-Website, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 11 Jun 08
Debian update for tomcat5.5
http://secunia.com/advisories/30592/
Debian has issued an update for tomcat5.5. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
OpenOffice "rtl_allocateMemory()" Integer Overflow Vulnerability
http://secunia.com/advisories/30599/
A vulnerability has been reported in OpenOffice, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
Iconfidant SSH Denial of Service Vulnerabilities
http://secunia.com/advisories/30590/
Some vulnerabilities have been reported in Iconfidant SSH, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
Courier Authentication Library SQL Injection Vulnerability
http://secunia.com/advisories/30591/
A vulnerability has been reported in the Courier Authentication Library, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
PHP Image Gallery "action" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/30573/
Russ McRee has reported a vulnerability in PHP Image Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
Apple QuickTime Multiple Vulnerabilities
http://secunia.com/advisories/29293/
Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
Fujitsu Interstage Management Console Arbitrary File Access
http://secunia.com/advisories/30589/
A vulnerability has been reported in various Fujitsu products, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
Powie pNews "shownews" SQL Injection Vulnerability
http://secunia.com/advisories/30577/
Cr@zy_King has discovered a vulnerability in Powie pNews, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
Linksys WRH54G Denial of Service Vulnerability
http://secunia.com/advisories/30562/
A vulnerability has been reported in Linksys WRH54G, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
openwsman "Content-Length" Processing Vulnerability
http://secunia.com/advisories/30568/
A vulnerability has been reported in openwsman, which can be exploited by malicious users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
SUSE Update for Multiple Packages
http://secunia.com/advisories/30581/
SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, malicious users to gain escalated privileges, and malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
Joomla GameQ Component "category_id" SQL Injection
http://secunia.com/advisories/30570/
His0k4 has discovered a vulnerability in the GameQ component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
Joomla Rapid Recipe Component "recipe_id" SQL Injection
http://secunia.com/advisories/30566/
His0k4 has discovered a vulnerability in the Rapid Recipe component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
Joomla yvComment Component "ArticleID" SQL Injection
http://secunia.com/advisories/30567/
His0k4 has discovered a vulnerability in the yvComment component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
Linux Kernel ASN.1 BER Decoding Vulnerability
http://secunia.com/advisories/30580/
A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 10 Jun 08
VLC Media Player GnuTLS and Libxml2 Vulnerabilities
http://secunia.com/advisories/30560/
Some vulnerabilities have been reported in VLC Media Player, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 9 Jun 08
Novell GroupWise Messenger Client Buffer Overflow Vulnerabilities
http://secunia.com/advisories/30576/
Some vulnerabilities have been reported in Novell GroupWise Messenger, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 9 Jun 08
DB2 Multiple Vulnerabilities
http://secunia.com/advisories/30558/
Some vulnerabilities have been reported in IBM DB2, where some have unknown impact and others can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 9 Jun 08
JiRo's FAQ Manager eXperience "fID" SQL Injection
http://secunia.com/advisories/30569/
Underz0ne Crew have reported a vulnerability in JiRo's FAQ Manager eXperience, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 9 Jun 08
BrowserCRM "bcrm_pub_root" File Inclusion Vulnerabilities
http://secunia.com/advisories/30290/
Some vulnerabilities have been discovered in BrowserCRM, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 9 Jun 08
Ubuntu update for evolution
http://secunia.com/advisories/30571/
Ubuntu has issued an update for evolution. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 9 Jun 08
Gentoo update for imlib2
http://secunia.com/advisories/30572/
Gentoo has issued an update for imlib2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 7 Jun 08
Akamai Red Swoosh Client Cross-Site Request Forgery
http://secunia.com/advisories/30135/
Secunia Research has discovered a vulnerability in Akamai Red Swoosh client, which can be exploited by malicious people to conduct cross-site request forgery attacks and compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 7 Jun 08
Exiv2 Nicon Lens Information Printing Denial of Service
http://secunia.com/advisories/30519/
A vulnerability has been reported in Exiv2, which potentially can be exploited by malicious people to crash an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 7 Jun 08
Joomla EasyBook Component "gbid" SQL Injection
http://secunia.com/advisories/30539/
ZAMUT has reported a vulnerability in the EasyBook component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 7 Jun 08
ALFTP FTP Client Directory Download Directory Traversal Vulnerability
http://secunia.com/advisories/30559/
Tan Chew Keong has reported a vulnerability in ALFTP FTP Client, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 6 Jun 08
1Book "guestbook.php" PHP Code Execution
http://secunia.com/advisories/30146/
jiko has discovered two vulnerabilities in 1Book, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 6 Jun 08
e107 eChat Plugin "nick" SQL Injection
http://secunia.com/advisories/30561/
hadihadi has discovered a vulnerability in the eChat plugin for e107, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 6 Jun 08
GraphicsMagick Multiple Vulnerabilities
http://secunia.com/advisories/30549/
Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 6 Jun 08
StorageCrypt Insecure Disk Encryption Security Issue
http://secunia.com/advisories/30471/
A security issue has been discovered in StorageCrypt, which can potentially be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 6 Jun 08
Fedora update for evolution
http://secunia.com/advisories/30564/
Fedora has issued an update for evolution. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 6 Jun 08
Fedora update for snort
http://secunia.com/advisories/30563/
Fedora has issued an update for snort. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 6 Jun 08
F5 FirePass SSL VPN Appliance Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/30550/
nnposter has reported some vulnerabilities in F5 FirePass, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 6 Jun 08
Black Ice Barcode SDK Multiple Vulnerabilities
http://secunia.com/advisories/30548/
shinnai has discovered some vulnerabilities in Black Ice Barcode SDK, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 6 Jun 08
Joomla Simple Shop Galore Component "catid" SQL Injection
http://secunia.com/advisories/30461/
His0k4 has discovered a vulnerability in the Simple Shop Galore component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 6 Jun 08
Slash Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/30551/
Some vulnerabilities have been reported in Slash, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/