The NASA Orion (Mars) website suffers from filter bypass and persistent cross site scripting vulnerabilities.
780fe0e9d786b9ebe87bba1055ddc287151bb8b151048562a794573d68616a8e
OpenEMR versions 4.1.2(7) and below suffer from multiple remote SQL injection vulnerabilities.
4de926af3b89e3942d0921fa00d1c8a989396aa79190f2ae6420dd84beedb669
VMware Security Advisory 2014-0012 - VMware vSphere product updates address a Cross Site Scripting issue, a certificate validation issue and security vulnerabilities in third-party libraries.
7ae55e0d099a866f9060eaf2dd855d5f0aec675081fb0bc4925cd992333a41a6
HP Security Bulletin HPSBGN03205 1 - A potential security vulnerability has been identified with HP Insight Remote Support Clients running SSLv3 which may impact WBEM, WS-MAN and WMI connections from monitored devices to a HP Insight Remote Support Central Management Server (CMS). This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. SSLv3 is enabled by default in all version 5 HP Insight Remote Support Clients. Revision 1 of this advisory.
759b4cf70cdf55e2f6b5d1c8a665cb2c28dace386b3fec0c198ca6114f44878b
HP Security Bulletin HPSBUX03218 SSRT101770 1 - Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.
94ebf6c705c710f905d053f25be0e44fcdc1195480870f11c988e8209853cf74
The release of this advisory provides exploitation details in relation a weakness in the Linux ASLR implementation. The problem appears when the executable is PIE compiled and it has an address leak belonging to the executable. These details were obtained through the Packet Storm Bug Bounty program and are being released to the community.
57833cb6d2c4d2d145ba4e56f348f6182a247930713b65de664031a38287a959
Proof of concept code that demonstrates an ASLR bypass of PIE compiled 64bit Linux.
af29e970411b02a4faa3410f217a6f31cf2be6b21d710ee65c2ff859aa9a0426