The Unidesk Management Console versions 1.3 and below suffer from a direct access vulnerability that allows an attacker direct access to administrative resources.
0d22cc882b3d6c110e94623b1274d806e3e68239274da8ea4c92fd017f31ea87
Ubuntu Security Notice 1093-1 - Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. Ben Hutchings discovered that the ethtool interface did not correctly check certain sizes. Eric Dumazet discovered that many network functions could leak kernel stack contents. Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A large number of additional vulnerabilities have also been address.
c0782ec52287eab8561329a78cec59713d72aef79fd6b9dd6d11304a47144159
Artefact St. CMS suffers from cross site scripting and path disclosure vulnerabilities.
bd742a848904e41ba30a9ee0514b6c35ea3c4121d94a1515731a52804716edf3
Family Connections CMS version 2.3.2 suffers from stored cross site scripting and XML injection vulnerabilities.
560b3b3d4d08ff3156aae5a09cf91b31f8fe7ef39a5cb6cabff71d7f147a2fbf
Ubuntu Security Notice 1092-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. Dan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. Alan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. A local attacker could exploit this flaw to gain root privileges.
e4e95c3ce708ccee60c69142d9b8f3a021508dda6126580ad7d0f318105c5ded
EMC Data Protection Advisor Collector for Solaris SPARC contains a potential security vulnerability that can be exploited to execute malicious code with elevated privileges on the affected system. EMC Data Protection Advisor Collector for Solaris SPARC versions 5.7 earlier than build 5833 and 5.7.1 earlier than build 5833 are affected.
00472255871cf6439ec8d34024b0182cd32bf08db9cecfa4c6e34e199da974b9
Parallels Plesk versions 7.0 through 8.2 suffer from an open URL redirection vulnerability.
e82c4eede93f6f4c23ff261011ee5bf01469c81b640ce2339d9a14906d8eeeb6
FXRecruiter suffers from a remote shell upload vulnerability.
2e0b852e7bcf48c3e7e34a2e6d42d11674e790de7bf3337b4114e1f2dc06e87a
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted Hostname parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
02e35aef4d2704a877aaa34534a7c31d092c5935e1f8e3a97604db506cae3315
Secunia Security Advisory - AutoSec Tools has discovered multiple vulnerabilities in openC, which can be exploited by malicious users to conduct script insertion attacks.
dbdf55345b6f7d043fd86bb9c83e8552aef403da44194cd00746d9b5c2a94ba3
Secunia Security Advisory - AutoSec Tools has discovered a vulnerability in openC, which can be exploited by malicious users to conduct script insertion attacks.
83ff41efd3e3765dfdb26228900cae6af243e7fba1d8c65f1ea71973f43cff7c
Secunia Security Advisory - Debian has issued an update for pywebdav. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.
8d38d533407bad97f3ba59677b323427ffaa25364ae04c4a17102adb18633657
Secunia Security Advisory - A security issue has been reported in the Spaces module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.
15a088574db579d48412da42b25ef30c5236dbe7cd16605784fe64f715b4db8e
Secunia Security Advisory - AutoSec Tools has discovered multiple vulnerabilities in Support Incident Tracker, which can be exploited by malicious people to conduct cross-site scripting attacks.
8b38d4cbcd0c1eb0938e1a653ca5e9f9111288d8e3f5c04549aaa7a3ec3cb2a9
Turkish Aybulut Portal version 1.3 suffers from a cross site scripting vulnerability.
1ee4d39d0eaac7b5af96215135928732606380a903117bae0ee0cd13696c8564
Ubuntu Security Notice 1091-1 - It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could use these to perform a man-in-the-middle attack. These were placed on the certificate blacklist to prevent their misuse.
9d997fd1dc5b1db8c58570b121a52741aeebed05a884b64d8071a28909e56804
Secunia Security Advisory - Fedora has issued an update for krb5. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.
149eaf22b54b35091085b29f4318a67611268441d85539d480fdda79f328f24b
Secunia Security Advisory - AutoSec Tools has discovered a vulnerability in netjukebox, which can be exploited by malicious people to conduct cross-site scripting attacks.
284f1ddd77704fd02a45f4e032b0cf305a117ae783edb9b13aedc6ba7665ff98
Secunia Security Advisory - Two vulnerabilities have been reported in Mahara, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.
c6dbcc08d5158a7ea6bea6a8b7ee455a8393da447c7d66bd512ac2cac6b52c94
Secunia Security Advisory - AutoSec Tools has discovered a vulnerability in Group-Office, which can be exploited by malicious people to conduct cross-site request forgery attacks.
ff49f8b829b1ec4d8769e44c068fe7afb91da71e49a0518af63d5af4d612d3f5