GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
f27d92cdca8a4f4406e58c91e90e9ce1c6f23d1bbeddf864be789b99b0ef7d70
Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers (AES, DES, Blowfish, CAST5, Twofish, and Arcfour), hash algorithms (MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192), MACs (HMAC for all hash algorithms), public key algorithms (RSA, ElGamal, and DSA), large integer functions, random numbers, and a lot of supporting functions.
cc98b1f64c9ae3b0185099cef4ac6c436a849095edf87f34157f0bb10e187990
IDIC Blogs suffers from a remote shell upload vulnerability.
ad459bc9dc2ccd4b884ec45eb321463f3f3eb6e1a2b1676758c7eb846beeae6d
BananaDance Wiki version b2.2 suffers from cross site scripting and remote SQL injection vulnerabilities.
37ff3df19e6aaf91a7a828f64ebd039105f5fd56742cdbfbcbec3d46a36a9fc0
vBulletin vBay versions 1.1.9 and below suffer from an error-based remote SQL injection vulnerability.
6f8ed8daae627a0c41ec335ebfcf80879204f786f34ec40bc271cf7ad90e2ea9
Smadav AntiVirus version 9.1 crash denial of service proof of concept exploit.
6aa58964ac0b9bed4c210d3143a768670633a3140ab74a4cbb42d0ae32b98f05
Sites designed by Infin8 suffer from a remote shell upload vulnerability. Note that this finding houses site-specific data.
586c78ad4fabbf086d403c8eef84b12fdc9608bf23a4f73603525e9f9fcc3a97
DNS 2 GeoIP is a simple python script that brute forces DNS and subsequently geolocates the found subdomains. It is useful for determining which services a company hosts off site or on site during a penetration test.
12f04939eaa592462e7f86a13519994bcc657009b29709b32e4d4208459afcf8
Zoner Photo Studio version 15 build 3 (Zps.exe) registry value parsing local buffer overflow exploit.
c53242a37889f34cff9f519a6c111241471f745688fa36be001c3be8eb171446
CK Finder version 2.3 and FCKEditor version 2.6.8 allow uploads of malicious swf files that can allow for cross site scripting attacks.
d82a591cc39f84f739a5883f7788b375ddde2f6568df00ff6cbe8a116ba4e460
Microsoft Viso 2010 memory corruption proof of concept exploit.
e153bd2eae6932dee637492ff4068b33d6b8c53e89bfca5d0b4b26be2ca9da12
Secunia Security Advisory - Multiple vulnerabilities have been reported in Roundup, which can be exploited by malicious people to conduct cross-site scripting attacks.
f2ccb82e92171d2a991beff0b625497785f88434dca3b44765c829240677a9cf
Secunia Security Advisory - A security issue has been reported in Gajim, which can be exploited by malicious people to conduct spoofing attacks.
af42205b2543aed104576f2fd18abd9aa85b51911c7a55ae34d40642c666188a
Secunia Security Advisory - Debian has issued an update for radsecproxy. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.
8539af893fb748e9d7faa5890341f971d1e8803fb267e088aaf5901938a3f882
Secunia Security Advisory - A vulnerability has been reported in Ruby, which can be exploited by malicious people to cause a DoS (Denial of Service).
ba23ec81a1e456f3111f0f157b44bc5367446ccb9f836220f6f8c649d60e52b9
Secunia Security Advisory - A vulnerability has been reported in WeeChat, which can be exploited by malicious people to potentially compromise a user's system.
e4d93351ca754c4f599625bfdb8fe9406d5eb84b46697ef5b280d174f98eea9b
Secunia Security Advisory - A vulnerability has been discovered in the Ultimate TinyMCE plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
765547a97b83cdf989befd1449f7e088c2acc00b23aa633a4834cf7f67d2c515
Secunia Security Advisory - Attachmate has acknowledged multiple vulnerabilities in some Reflection products, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
0f0e43fe9f065420f9ed951261da456c0c6e28d180993a3f950eb43ac3fbe8a4
Secunia Security Advisory - Attachmate has acknowledged a vulnerability in Reflection for Secure IT, which can be exploited by malicious people to potentially compromise a vulnerable system.
f9369ab9b233523ab71d40bd8bb3899b98737ef62436da54c12254e99bdacd46
Secunia Security Advisory - A vulnerability has been reported in esri ArcGIS, which can be exploited by malicious users to conduct SQL injection attacks.
dd9c156c19c06aa3b70cd0ca81270de54d94b105225d6578e3e716e829ae8300
Secunia Security Advisory - SUSE has issued an update for cgit. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.
3f99e436adac2f1b6b8356d0bac081fb7434c48dc5d439fb055aff5dd6fa65a5
Secunia Security Advisory - Two vulnerabilities have been discovered in the WP125 plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
585ab871b7f70eb543471047ca492f090f21603141995fe7a84a40e61c35c1a5