Software and Script Bug Exploits
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Sat, 14 Feb 09
UniversalIndentGUI "SettingsPaths::init()" Insecure Temporary Files
http://secunia.com/Advisories/33932/
A security issue has been reported in UniversalIndentGUI, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Sat, 14 Feb 09
PHP Krazy Image Host Script "id" SQL Injection Vulnerability
http://secunia.com/Advisories/33930/
x0r has discovered a vulnerability in PHP Krazy Image Host Script, which can be exploited by malicious people to conduct SQL injection attacks.
Sat, 14 Feb 09
Free Joke Script Multiple SQL Injection Vulnerabilities
http://secunia.com/Advisories/33929/
MuhaciR has reported some vulnerabilities in Free Joke Script, which can be exploited by malicious people to conduct SQL injection attacks.
Sat, 14 Feb 09
Swann DVR4-SecuraNet Directory Traversal Vulnerability
http://secunia.com/Advisories/33861/
Terry Froy has reported a vulnerability in Swann DVR4-SecuraNet, which can be exploited by malicious people to disclose sensitive information.
Sat, 14 Feb 09
Sun Java System Directory Server Directory Proxy Server Denial of Service
http://secunia.com/Advisories/33923/
A vulnerability has been reported in Sun Java System Directory Server, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).
Sat, 14 Feb 09
Sun Solaris / SEAM Kerberos PAM Module Privilege Escalation
http://secunia.com/Advisories/33921/
Sun has acknowledged a vulnerability in Solaris and Sun Enterprise Authentication Mechanism (SEAM), which can be exploited by malicious, local users to gain escalated privileges.
Sat, 14 Feb 09
IBM WebSphere Application Server "PerfServlet" Information Disclosure
http://secunia.com/Advisories/33934/
A vulnerability has been reported in IBM WebSphere Application Server, which can be exploited by malicious people to disclose potentially sensitive information.
Sat, 14 Feb 09
IBM HTTP Server "mod_proxy_ftp" Cross-Site Scripting Vulnerability
http://secunia.com/Advisories/33933/
A vulnerability has been reported in IBM HTTP Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Sat, 14 Feb 09
Gentoo update for openssl
http://secunia.com/Advisories/33916/
Gentoo has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.
Sat, 14 Feb 09
Gentoo update for xterm
http://secunia.com/Advisories/33889/
Gentoo has issued an update for xterm. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Fri, 13 Feb 09
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
http://secunia.com/Advisories/33937/
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
Fri, 13 Feb 09
Ubuntu update for php5
http://secunia.com/Advisories/33939/
Ubuntu has issued an update for php5. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system.
Fri, 13 Feb 09
Fedora update for moodle
http://secunia.com/Advisories/33946/
Fedora has issued an update for moodle. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to disclose sensitive information or conduct cross-site request forgery or cross-site scripting attacks.
Fri, 13 Feb 09
Fedora update for lighttpd
http://secunia.com/Advisories/33948/
Fedora has issued an update for lighttpd. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).
Fri, 13 Feb 09
Ubuntu update for pam-krb5
http://secunia.com/Advisories/33940/
Ubuntu has issued an update for pam-krb5. This fixes some vulnerabilities, which can be exploited by malicious, local users to overwrite files and to gain escalated privileges.
Fri, 13 Feb 09
Mac OS X update for Java
http://secunia.com/Advisories/33935/
Apple has issued an update for Java for Mac OS X. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, or compromise a vulnerable system.
Fri, 13 Feb 09
Fedora update for asterisk and dahdi-tools
http://secunia.com/Advisories/33944/
Fedora has issued an update for asterisk and dahdi-tools. This fixes a weakness, which can be exploited by malicious people to identify valid user accounts.
Fri, 13 Feb 09
Fedora update for squid
http://secunia.com/Advisories/33949/
Fedora has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Fri, 13 Feb 09
Fedora update for python-fedora
http://secunia.com/Advisories/33950/
Fedora has issued an update for python-fedora. This fixes a security issue, which can potentially be exploited by malicious people to bypass certain security restrictions.
Fri, 13 Feb 09
Net-snmp TCP Wrapper Information Disclosure Vulnerability
http://secunia.com/Advisories/33884/
A vulnerability has been reported in Net-snmp, which can be exploited by malicious people to disclose sensitive information.
Fri, 13 Feb 09
Drupal "Administer Content Types" Permission Security Issue
http://secunia.com/Advisories/33898/
A security issue has been reported in Drupal, which can lead to unauthorised users performing actions with escalated privileges.
Fri, 13 Feb 09
Drupal Advertisement Module Script Insertion Vulnerability
http://secunia.com/Advisories/33919/
Justin C. Klein Keane has reported a vulnerability in the Advertisement module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
Fri, 13 Feb 09
Debian update for phpmyadmin
http://secunia.com/Advisories/33912/
Debian has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Fri, 13 Feb 09
Graugon Gallery Security Bypass and SQL Injection
http://secunia.com/Advisories/33922/
x0r has discovered some vulnerabilities in Graugon Gallery, which can be exploited by malicious people to bypass certain security restrictions and conduct SQL injection attacks.
Fri, 13 Feb 09
Den Dating Website Script "txtlookgender" SQL Injection
http://secunia.com/Advisories/33920/
nuclear has reported a vulnerability in Den Dating Website Script, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 12 Feb 09
Debian update for libpam-heimdal
http://secunia.com/Advisories/33918/
Debian has issued an update for libpam-heimdal. This fixes a vulnerability, which can be exploited by malicious, local users to overwrite files and potentially to gain escalated privileges.
Thu, 12 Feb 09
Debian update for libpam-krb5
http://secunia.com/Advisories/33917/
Debian has issued an update for libpam-krb5. This fixes some vulnerabilities, which can be exploited by malicious, local users to overwrite files and to gain escalated privileges.
Thu, 12 Feb 09
pam-krb5 File Overwrite and Privilege Escalation
http://secunia.com/Advisories/33914/
Some vulnerabilities have been reported in pam-krb5, which can be exploited by malicious, local users to overwrite files and to gain escalated privileges.
Thu, 12 Feb 09
Poppler Two Denial of Service Vulnerabilities
http://secunia.com/Advisories/33853/
Two vulnerabilities have been reported in Poppler, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 12 Feb 09
Bahar Download Script "kid" SQL Injection Vulnerability
http://secunia.com/Advisories/33873/
CyberGrup Lojistik has reported a vulnerability in Bahar Download Script, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 12 Feb 09
Red Hat update for netpbm
http://secunia.com/Advisories/33864/
Red Hat has issued an update for netpbm. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
Thu, 12 Feb 09
Red Hat update for mod_auth_mysql
http://secunia.com/Advisories/33910/
Red Hat has issued an update for mod_auth_mysql. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 12 Feb 09
Red Hat update for vnc
http://secunia.com/Advisories/33859/
Red Hat has issued an update for vnc. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
Thu, 12 Feb 09
Zeroboard XE "content" Script Insertion Vulnerability
http://secunia.com/Advisories/33863/
make0day has discovered a vulnerability in Zeroboard XE, which can be exploited by malicious people to conduct script insertion attacks.
Thu, 12 Feb 09
w3b|cms Multiple SQL Injection Vulnerabilities
http://secunia.com/Advisories/33877/
DNX has reported some vulnerabilities in w3b|cms, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 12 Feb 09
Sun Java System Directory Server Denial of Service
http://secunia.com/Advisories/33850/
A vulnerability has been reported in Sun Java System Directory Server, which can be exploited by malicious, local users or by malicious people to cause a DoS (Denial of Service).
Thu, 12 Feb 09
Auth PHP "username" SQL Injection Vulnerability
http://secunia.com/Advisories/33908/
x0r has discovered a vulnerability in Auth PHP, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 12 Feb 09
Craft Silicon Banking@Home "LoginName" SQL Injection
http://secunia.com/Advisories/33907/
Francesco Bianchino has reported a vulnerability in Craft Silicon Banking@Home, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 12 Feb 09
Netgear SSL312 Web Interface Denial of Service Vulnerability
http://secunia.com/Advisories/33896/
Rembrandt has reported a vulnerability in Netgear SSL312, which can be exploited by malicious people to cause a DoS (Denial of Service).
Thu, 12 Feb 09
Fail2ban "wuftpd.conf" Denial of Service Vulnerability
http://secunia.com/Advisories/33890/
A vulnerability has been reported in Fail2ban, which can be exploited by malicious people to cause a DoS (Denial of Service).
Wed, 11 Feb 09
Papoo CMS "pfadhier" Local File Inclusion Vulnerability
http://secunia.com/Advisories/33911/
SirGod has discovered a vulnerability in Papoo CMS, which can be exploited by malicious people to disclose sensitive information.
Wed, 11 Feb 09
Red Hat update for kernel
http://secunia.com/Advisories/33858/
Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), and by malicious people to cause a DoS or to potentially compromise a vulnerable system.
Wed, 11 Feb 09
Evolution S/MIME Signed Message Integrity Vulnerability
http://secunia.com/Advisories/33848/
A vulnerability has been reported in Evolution, which can be exploited by malicious people to conduct spoofing attacks.
Wed, 11 Feb 09
IBM AIX "at" Command Privilege Escalation Vulnerability
http://secunia.com/Advisories/33915/
A vulnerability has been reported in AIX, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Wed, 11 Feb 09
Debian update for typo3-src
http://secunia.com/Advisories/33871/
Debian has issued an update for typo3-src. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
Wed, 11 Feb 09
Thyme "phpinfo.php" Information Disclosure
http://secunia.com/Advisories/33856/
cheverok has discovered a security issue in Thyme, which can be exploited by malicious people to disclose sensitive information.
Wed, 11 Feb 09
Exchange Server TNEF Decoding and MAPI Command Processing Vulnerabilities
http://secunia.com/Advisories/33838/
Some vulnerabilities have been reported in Microsoft Exchange Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Wed, 11 Feb 09
Microsoft Internet Explorer Two Code Execution Vulnerabilities
http://secunia.com/Advisories/33845/
Two vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.
Wed, 11 Feb 09
Microsoft Office Visio Multiple Vulnerabilities
http://secunia.com/Advisories/33833/
Some vulnerabilities have been reported in Microsoft Office Visio, which can be exploited by malicious people to compromise a user's system.
Wed, 11 Feb 09
BlackBerry Application Web Loader ActiveX Control Buffer Overflow
http://secunia.com/Advisories/33847/
A vulnerability has been reported in BlackBerry Application Web Loader, which can be exploited by malicious people to compromise a user's system.
Wed, 11 Feb 09
SnippetMaster File Inclusion and Cross-Site Scripting Vulnerabilities
http://secunia.com/Advisories/33865/
RoMaNcYxHaCkEr has discovered some vulnerabilities in SnippetMaster, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
Wed, 11 Feb 09
Yet Another NOCC "lang" Local File Inclusion Vulnerability
http://secunia.com/Advisories/33862/
Kacper has discovered a vulnerability in Yet Another NOCC, which can be exploited by malicious people to disclose sensitive information.
Wed, 11 Feb 09
Typo3 Cross-Site Scripting and Information Disclosure
http://secunia.com/Advisories/33829/
Some vulnerabilities have been reported in Typo3, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
Wed, 11 Feb 09
AdaptCMS Lite File Inclusion and Cross-Site Scripting
http://secunia.com/Advisories/33866/
RoMaNcYxHaCkEr has discovered some vulnerabilities in AdaptCMS Lite, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
Wed, 11 Feb 09
A Better Member-Based ASP Photo Gallery "entry" SQL Injection
http://secunia.com/Advisories/33874/
BackDoor has discovered a vulnerability in A Better Member-Based ASP Photo Gallery, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 10 Feb 09
Sajax "sajax_get_common_js()" Cross-Site Scripting Vulnerability
http://secunia.com/Advisories/33894/
Daniel Toma has discovered a vulnerability in Sajax, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 10 Feb 09
Varnish Denial of Service Vulnerability
http://secunia.com/Advisories/33852/
A vulnerability has been reported in Varnish, which can be exploited by malicious people to cause a DoS (Denial of Service).
Tue, 10 Feb 09
If-CMS "id" SQL Injection Vulnerability
http://secunia.com/Advisories/33883/
darkjoker has discovered a vulnerability in If-CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 10 Feb 09
Avaya DECT Products Information Disclosure Security Issue
http://secunia.com/Advisories/33798/
Avaya has acknowledged a security issue in various products, which can be exploited by malicious people to disclose potentially sensitive information.
Tue, 10 Feb 09
Debian update for gnutls13
http://secunia.com/Advisories/33694/
Debian has issued an update for gnutls13. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
Tue, 10 Feb 09
Wireshark NetScreen Snoop Capture File Buffer Overflow Vulnerability
http://secunia.com/Advisories/33872/
A vulnerability has been reported in Wireshark, which can be exploited by malicious people to potentially compromise a user's system.
Tue, 10 Feb 09
SilverNews "section" Local File Inclusion Vulnerability
http://secunia.com/Advisories/33887/
x0r has discovered a vulnerability in SilverNews, which can be exploited by malicious users to disclose sensitive information.
Tue, 10 Feb 09
PHP-Calendar Two Information Disclosure Security Issues
http://secunia.com/Advisories/33899/
Two security issues have been reported in PHP-Calendar, which can be exploited by malicious people to disclose sensitive information.
Tue, 10 Feb 09
glFusion "username" Script Insertion Vulnerability
http://secunia.com/Advisories/33878/
A vulnerability has been reported in glFusion, which can be exploited by malicious people to conduct script insertion attacks.
Tue, 10 Feb 09
ilchClan "X-Forwarded-For" SQL Injection Vulnerability
http://secunia.com/Advisories/33893/
Gizmore has discovered a vulnerability in ilchClan, which can be exploited by malicious people to conduct SQL Injection attacks.
Tue, 10 Feb 09
Wicd D-Bus Configuration Information Disclosure Security Issue
http://secunia.com/Advisories/33870/
A security issue has been reported in Wicd, which can be exploited by malicious, local users to disclose sensitive information.
Tue, 10 Feb 09
FotoWeb "s" Cross-Site Scripting Vulnerability
http://secunia.com/Advisories/33879/
A vulnerability has been reported in FotoWeb, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 10 Feb 09
Trend Micro InterScan Web Security Suite Security Bypass
http://secunia.com/Advisories/33867/
Julien Cayssol has reported a vulnerability in Trend Micro InterScan Web Security Suite, which can be exploited by malicious users to bypass certain security restrictions.
Tue, 10 Feb 09
Google Chrome URI Handler Registration Vulnerability
http://secunia.com/Advisories/33800/
A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system.
Tue, 10 Feb 09
Avaya CMS BIND "EVP_VerifyFinal()" and "DSA_do_verify()" Spoofing Vulnerability
http://secunia.com/Advisories/33882/
Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious people to conduct spoofing attacks.
Sat, 7 Feb 09
Red Hat update for gstreamer-plugins
http://secunia.com/Advisories/33830/
Red Hat has issued an update for gstreamer-plugins. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.
Sat, 7 Feb 09
Red Hat update for gstreamer-plugins-good
http://secunia.com/Advisories/33815/
Red Hat has issued an update for gstreamer-plugins-good. This fixes some vulnerabilities, which can potentially be exploited by malicious people to compromise a vulnerable system.
Sat, 7 Feb 09
Drupal Link Module "description" Script Insertion Vulnerability
http://secunia.com/Advisories/33835/
A vulnerability has been discovered in the Link module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
Sat, 7 Feb 09
Ninja Designs Mailist Security Issue and Vulnerability
http://secunia.com/Advisories/33682/
SirGod has discovered a security issue and a vulnerability in Ninja Designs Mailist, which can be exploited by malicious people to disclose sensitive information.
Sat, 7 Feb 09
Simple PHP News Code Execution Vulnerabilities
http://secunia.com/Advisories/33814/
Some vulnerabilities have been discovered in Simple PHP News, which can be exploited by malicious people to compromise a vulnerable system.
Fri, 6 Feb 09
Avaya Products Mozilla Firefox Multiple Vulnerabilities
http://secunia.com/Advisories/33846/
Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious, local users to potentially disclose sensitive information, and by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose sensitive information, or potentially to compromise a user's system.
Fri, 6 Feb 09
Red Hat update for sudo
http://secunia.com/Advisories/33840/
Red Hat has issued an update for sudo, which can be exploited by malicious, local users to gain escalated privileges.
Fri, 6 Feb 09
Fedora update for xulrunner
http://secunia.com/Advisories/33841/
Fedora has issue an update for xulrunner. This fixes some vulnerabilities, which can be exploited by malicious, local users to potentially disclose sensitive information, and by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose sensitive information, or potentially to compromise a user's system.
Fri, 6 Feb 09
Fedora update for firefox
http://secunia.com/Advisories/33831/
Fedora has issue an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious, local users to potentially disclose sensitive information, and by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose sensitive information, or potentially to compromise a user's system.
Fri, 6 Feb 09
HP-UX NFS Denial of Service Vulnerability
http://secunia.com/Advisories/33860/
A vulnerability has been reported in HP-UX, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Fri, 6 Feb 09
HP OpenView Network Node Manager Arbitrary Code Execution
http://secunia.com/Advisories/33857/
A vulnerability has been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system.
Fri, 6 Feb 09
Cisco IOS Cross-Site Scripting and Cross-Site Request Forgery
http://secunia.com/Advisories/33844/
Zloss has reported some vulnerabilities in Cisco IOS, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
Fri, 6 Feb 09
AREVA e-terrahabitat Multiple Vulnerabilities
http://secunia.com/Advisories/33837/
Some vulnerabilities have been reported in AREVA e-terrahabitat, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
Fri, 6 Feb 09
Kipper Multiple Vulnerabilities
http://secunia.com/Advisories/33832/
RoMaNcYxHaCkEr has discovered some vulnerabilities in Kipper, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
Fri, 6 Feb 09
ControlLogix 1756-ENTB/A Ethernet/IP Bridge Vulnerabilities
http://secunia.com/Advisories/33783/
Some vulnerabilities and a weakness have been reported in ControlLogix 1756-ENTB/A Ethernet/IP Bridge, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose potentially sensitive information.
Fri, 6 Feb 09
ProFTPD Character Encoding SQL Injection Vulnerability
http://secunia.com/Advisories/33842/
A vulnerability has been reported in ProFTPD, which can be exploited by malicious people to conduct SQL injection attacks.
Fri, 6 Feb 09
Debian update for devil
http://secunia.com/Advisories/33801/
Debian has issued an update devil. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
Fri, 6 Feb 09
GR Blog Security Bypass Security Issue
http://secunia.com/Advisories/33780/
JosS has discovered a security issue in GR Blog, which can be exploited by malicious people to bypass certain security restrictions.
Fri, 6 Feb 09
sblim-sfcb "genSslCert.sh" Insecure Temporary Files
http://secunia.com/Advisories/33795/
A security issue has been reported in sblim-sfcb, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Fri, 6 Feb 09
Fedora update for boinc-client
http://secunia.com/Advisories/33828/
Fedora has issued an update for boinc-client. This fixes a vulnerability, which can potentially be exploited by malicious people to conduct spoofing attacks.
Thu, 5 Feb 09
Fedora update for nss
http://secunia.com/Advisories/33826/
Fedora has issued an update for nss. This fixes a security issue, which potentially can be exploited by malicious people to conduct spoofing attacks.
Thu, 5 Feb 09
Drupal Views Bulk Operations Module Script Insertion
http://secunia.com/Advisories/33836/
A vulnerability has been reported in the Views Bulk Operations module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
Thu, 5 Feb 09
htmLawed Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/Advisories/33834/
A vulnerability has been reported in htmLawed, which can be exploited by malicious people to conduct cross-site scripting attacks.
Thu, 5 Feb 09
HP LaserJet / Digital Sender Directory Traversal Vulnerability
http://secunia.com/Advisories/33779/
A vulnerability has been reported in HP LaserJet and Digital Sender products, which can be exploited by malicious people to disclose sensitive information.
Thu, 5 Feb 09
Fedora update for roundcubemail
http://secunia.com/Advisories/33827/
Fedora has issued an update for roundcubemail. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks.
Thu, 5 Feb 09
Fedora update for libcdaudio
http://secunia.com/Advisories/33824/
Fedora has issued an update for libcdaudio. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
Thu, 5 Feb 09
Red Hat update for kernel
http://secunia.com/Advisories/33854/
Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), and by malicious people to potentially cause a DoS.
Thu, 5 Feb 09
Fedora update for gpsdrive
http://secunia.com/Advisories/33825/
Fedora has issued an update for gpsdrive. This fixes some security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Thu, 5 Feb 09
Cisco Products Denial of Service and Security Bypass Vulnerabilities
http://secunia.com/Advisories/33749/
Some vulnerabilities have been reported in multiple Cisco Products, which can be exploited by malicious people to cause a DoS (Denial of Service) and by malicious users to bypass certain security restrictions.
Thu, 5 Feb 09
4Site CMS Multiple SQL Injection Vulnerabilities
http://secunia.com/Advisories/33733/
D.Mortalov has reported some vulnerabilities in 4Site CMS, which can be exploited by malicious people to conduct SQL injection attacks.
Thu, 5 Feb 09
Simple Machines Forum "[url]" Script Insertion Vulnerability
http://secunia.com/Advisories/33790/
Xianur0 has discovered a vulnerability in Simple Machines Forum, which can be exploited by malicious users to conduct script insertion attacks.
Thu, 5 Feb 09
Linux Kernel Denial of Service Vulnerabilities
http://secunia.com/Advisories/33785/
Some vulnerabilities have been reported in the Linux Kernel, which potentially can be exploited by malicious, local users to cause a DoS (Denial of Service).
Thu, 5 Feb 09
Moodle Multiple Vulnerabilities
http://secunia.com/Advisories/33775/
Some vulnerabilities have been reported in Moodle, which can potentially be exploited by malicious, local users to perform certain actions with escalated privileges, by malicious users to conduct script insertion attacks or to compromise a vulnerable system, and by malicious people to conduct cross-site scripting attacks or to disclose sensitive information.
Thu, 5 Feb 09
FlatnuX CMS "_FNROOTPATH" File Inclusion Vulnerabilities
http://secunia.com/Advisories/33721/
Alfons Luja has discovered some vulnerabilities in FlatnuX CMS, which can be exploited by malicious people to compromise a vulnerable system.
Thu, 5 Feb 09
SUSE update for moodle and phpMyAdmin
http://secunia.com/Advisories/33822/
SUSE has issued an update for moodle and phpMyAdmin. This fixes some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, conduct cross-site scripting attacks, and compromise a vulnerable system, and malicious people to conduct SQL injection, cross-site scripting, and cross-site request forgery attacks.
Wed, 4 Feb 09
Mozilla SeaMonkey Multiple Vulnerabilities
http://secunia.com/Advisories/33808/
Some vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to bypass certain security restrictions or potentially to compromise a user's system.
Wed, 4 Feb 09
Mozilla Thunderbird Memory Corruption Vulnerabilities
http://secunia.com/Advisories/33802/
Some vulnerabilities have been reported in Mozilla Thunderbird, which can potentially be exploited by malicious people to compromise a user's system.
Wed, 4 Feb 09
Mozilla Firefox Multiple Vulnerabilities
http://secunia.com/Advisories/33799/
Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious, local users to potentially disclose sensitive information, and by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose sensitive information, or potentially to compromise a user's system.
Wed, 4 Feb 09
MyDesign Sayac "user" and "pass" SQL Injection Vulnerabilities
http://secunia.com/Advisories/33771/
Kacak has discovered two vulnerabilities in MyDesign Sayac, which can be exploited by malicious people to conduct SQL injection attacks.
Wed, 4 Feb 09
D-Link DVG-2001S Cross-Site Scripting and Cross-Site Request Forgery
http://secunia.com/Advisories/33738/
Some vulnerabilities have been reported in D-Link DVG-2001S, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
Wed, 4 Feb 09
CMS from Scratch File Upload Vulnerability
http://secunia.com/Advisories/33778/
StAkeR has discovered a vulnerability in CMS from Scratch, which can be exploited by malicious people to bypass certain security restrictions.
Wed, 4 Feb 09
Kaspersky Products klim5.sys Privilege Escalation Vulnerability
http://secunia.com/Advisories/33788/
Ruben Santamarta has reported a vulnerability in multiple Kaspersky products, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.
Wed, 4 Feb 09
SMA-DB "startpage.php" Cross-Site Scripting Vulnerability
http://secunia.com/Advisories/33763/
A vulnerability has been discovered in SMA-DB, which can be exploited by malicious people to conduct cross-site scripting attacks.
Wed, 4 Feb 09
Vivvo CMS "404 Page Not Found" Cross-Site Scripting Vulnerability
http://secunia.com/Advisories/33368/
Ivan Markovic has discovered a vulnerability in Vivvo CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
Wed, 4 Feb 09
Bugzilla Script Insertion and Cross-Site Request Forgery
http://secunia.com/Advisories/33789/
Some vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to conduct script insertion attacks and malicious people to conduct cross-site request forgery attacks.
Wed, 4 Feb 09
Bugzilla Cross-Site Request Forgery Vulnerability
http://secunia.com/Advisories/33782/
A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Wed, 4 Feb 09
Bugzilla Multiple Vulnerabilities
http://secunia.com/Advisories/33781/
Some vulnerabilities and a security issue have been reported in Bugzilla, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to potentially disclose sensitive information or to conduct cross-site request forgery attacks.
Wed, 4 Feb 09
phpSlash "generic()" PHP Code Injection Vulnerability
http://secunia.com/Advisories/33717/
DarkFig has discovered a vulnerability in phpSlash, which can be exploited by malicious people to compromise a vulnerable system.
Wed, 4 Feb 09
AJA "currentlang" and "module_name" Local File Inclusion Vulnerabilities
http://secunia.com/Advisories/33735/
Some vulnerabilities have been discovered in AJA, which can be exploited by malicious people to disclose potentially sensitive information.
Wed, 4 Feb 09
HP NonStop Server DNS Cache Poisoning Vulnerability
http://secunia.com/Advisories/33786/
HP has acknowledged a vulnerability in HP NonStop Server, which can be exploited by malicious people to poison the DNS cache.
Tue, 3 Feb 09
HP-UX IPv6 Neighbor Discovery Protocol Neighbor Solicitation Vulnerability
http://secunia.com/Advisories/33787/
A vulnerability has been reported in HP-UX, which can be exploited by malicious people to conduct spoofing attacks, disclose potentially sensitive information, or to cause a DoS (Denial of Service).
Tue, 3 Feb 09
ClickCart "txtEmail" and "txtPassword" SQL Injection
http://secunia.com/Advisories/33774/
R3d D3v!L has reported some vulnerabilities in ClickCart, which can be exploited by malicious people to conduct SQL injection attacks.
Tue, 3 Feb 09
GBook "abspath" File Inclusion Vulnerability
http://secunia.com/Advisories/33768/
A vulnerability has been discovered in GBook, which can be exploited by malicious people to compromise a vulnerable system.
Tue, 3 Feb 09
Elecard AVC HD Player Playlist Processing Buffer Overflow
http://secunia.com/Advisories/33742/
AlpHaNiX has discovered a vulnerability in Elecard AVC HD Player, which can be exploited by malicious people to compromise a user's system.
Tue, 3 Feb 09
Oracle Forms Cross-Site Scripting Vulnerabilities
http://secunia.com/Advisories/33762/
Some vulnerabilities have been reported in Oracle Forms, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 3 Feb 09
Oracle Application Server Cross-Site Scripting Vulnerabilities
http://secunia.com/Advisories/33761/
Some vulnerabilities have been reported in Oracle Application Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Tue, 3 Feb 09
PerlSoft Gästebuch "loginname1" Code Execution Vulnerability
http://secunia.com/Advisories/33772/
Perforin has reported a vulnerability in PerlSoft Gästebuch, which can be exploited by malicious users to compromise a vulnerable system.
Tue, 3 Feb 09
PSCS VPOP3 Email Server Script Insertion Vulnerability
http://secunia.com/Advisories/33571/
Nenad Vijatov has discovered a vulnerability in PSCS VPOP3 Email Server, which can be exploited by malicious people to conduct script insertion attacks.
Tue, 3 Feb 09
D-Link DIR-300 Multiple Vulnerabilities
http://secunia.com/Advisories/33692/
Muhaimin Dzulfakar has reported some vulnerabilities and a security issue in D-Link DIR-300, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks, or to bypass certain security restrictions.
Tue, 3 Feb 09
ReVou Twitter Clone Script Insertion and SQL Injection
http://secunia.com/Advisories/33741/
nuclear has reported some vulnerabilities in ReVou Twitter Clone, which can be exploited by malicious people to conduct SQL injection attacks and malicious users to conduct script insertion attacks.
Tue, 3 Feb 09
BPAutoSales SQL Injection and Cross-Site Scripting
http://secunia.com/Advisories/33734/
xoron has reported some vulnerabilities in BPAutoSales, which can be exploited by malicious people to conduct SQL injection and cross-site scripting attacks.
Tue, 3 Feb 09
Xerox WorkCentre Web Server Unspecified Command Injection
http://secunia.com/Advisories/33770/
A vulnerability has been reported in Xerox WorkCentre, which can be exploited by malicious people to compromise a vulnerable system.
Tue, 3 Feb 09
Free Download Manager Multiple Vulnerabilities
http://secunia.com/Advisories/33524/
Secunia Research has discovered some vulnerabilities in Free Download Manager, which can be exploited by malicious people to compromise a user's system.
Tue, 3 Feb 09
Novell GroupWise Multiple Vulnerabilities
http://secunia.com/Advisories/33744/
Some vulnerabilities have been reported in Novell GroupWise, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, and script insertion attacks, bypass certain security restrictions, or compromise a vulnerable system.
Tue, 3 Feb 09
Google Chrome Cross-Site Scripting and Information Disclosure
http://secunia.com/Advisories/33754/
Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose sensitive information.
Mon, 2 Feb 09
E-Php B2B Trading Marketplace Script "errmsg" Cross-Site Scripting
http://secunia.com/Advisories/33764/
SaiedHacker has reported two vulnerabilities in E-Php B2B Trading Marketplace Script, which can be exploited by malicious people to conduct cross-site scripting attacks.
Mon, 2 Feb 09
Drupal ImageField Module File Upload and Script Insertion
http://secunia.com/Advisories/33757/
Some vulnerabilities have been discovered in the ImageField module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system.
Mon, 2 Feb 09
VMware ESX / ESXi VMDK Delta Disk Denial of Service Weakness
http://secunia.com/Advisories/33776/
A weakness has been reported in VMware ESX / ESXi, which can be exploited by malicious people to cause a DoS (Denial of Service).
Mon, 2 Feb 09
VMware ESX Server update for net-snmp and libxml2
http://secunia.com/Advisories/33746/
VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Mon, 2 Feb 09
Sun Solaris IP Minor Numbers Denial of Service Vulnerability
http://secunia.com/Advisories/33751/
Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Mon, 2 Feb 09
Debian update for vnc4
http://secunia.com/Advisories/33745/
Debian has issued an update for vnc4. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
Mon, 2 Feb 09
SalesCart "name" and "code" SQL Injection Vulnerabilities
http://secunia.com/Advisories/33743/
ByALBAYX has reported some vulnerabilities in SalesCart, which can be exploited by malicious people to conduct SQL injection attacks.
Mon, 2 Feb 09
Synactis ALL In-The-Box ActiveX Control "SaveDoc()" Arbitrary File Overwrite
http://secunia.com/Advisories/33728/
A vulnerability has been discovered in the Synactis ALL In-The-Box ActiveX control, which can be exploited by malicious people to compromise a user's system.
Mon, 2 Feb 09
Enomaly ECP Insecure Temporary File
http://secunia.com/Advisories/33724/
A vulnerability has been reported in Enomaly ECP, which can be exploited by malicious, local users to perform certain actions with escalated privileges.