jetlib.sec » SecuriTeam

Feeds

167783 items (5212 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db) (718 unread)
• OSVDB Vulnerabilities
• Exploit-DB (374 unread)
• SecurityFocus Vulnerabilities (1673 unread)
• Bugtraq (545 unread)
• Full Disclosure (907 unread)
• XSSed (3 unread)
• Packet Storm Security Headlines (531 unread)
• Packet Storm Security Advisories (323 unread)
• Packet Storm Security Exploits (115 unread)
• Packet Storm Security Recent Files (2 unread)
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing (11 unread)
• SecuriTeam (10 unread)
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

SecuriTeam (10 unread)

• December 30, 2013
• 16:00

  ELinks Security Bypass Vulnerability

   » ‎ SecuriTeam
  ELinks is prone to a security-bypass vulnerability that may allow attackers to perform actions without proper authorization.

  Tags:  vulnerability elinks security proper-authorization attackers  

• 16:00

  QuickShare File Share Directory Traversal Vulnerability

   » ‎ SecuriTeam
  QuickShare File Share 1.2.1 suffers from directory traversal vulnerability

  Tags:  share file quickshare directory-traversal-vulnerability share-directory file-share  

• December 10, 2013
• 16:00

  BlazeDVD PLF Exploit DEP/ASLR Bypass (MSF) Vulnerability

   » ‎ SecuriTeam
  BlazeDVD 6.1 PLF Exploit DEP/ASLR suffers from bypass (MSF) vulnerability.

  Tags:  plf blazedvd exploit vulnerability aslr  

• February 17, 2013
• 16:00

  Microsoft IE COmWindowProxy Use-After-Free Arbitrary Code Execution Vulnerability

   » ‎ SecuriTeam
  Microsoft IE comwindowproxy use-after-free suffers from arbitrary code execution vulnerability

  Tags:   

• January 29, 2013
• 16:00

  GPSMapEdit v1.1.73.2 (.lst) Local Denial of Service Exploit

   » ‎ SecuriTeam
  GPSMapEdit v1.1.73.2 (.lst) suffers from local denial of service vulnerability.

  Tags:   

• 16:00

  Jaow CMS CSRF Exploit

   » ‎ SecuriTeam
  Jaow CMS v2.3 suffers from CSRF vulnerability.

  Tags:   

• 16:00

  KMPlayer Multiple Exploit

   » ‎ SecuriTeam
  KM Player suffers from multiple vulnerabilities

  Tags:   

• 16:00

  Mobipocket Reader Build 608 Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  Mobipocket Reader 6.2 Build 608 is prone to a buffer overflow

  Tags:   

• 16:00

  Joomla FireBoard Component (com_fireboard) SQL Injection Vulnerability

   » ‎ SecuriTeam
  The Laboratory Researcher (Nafsh) Ehram Shahmohamadi (sec-lab.ir) discovered a SQL Injection Vulnerability in the com_fireboard module of the joomla CMS.

  Tags:   

• 16:00

  Nagios Core 'process_cgivars()' Function Stack Based Buffer Overflow Exploit

   » ‎ SecuriTeam
  Nagios Core is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.

  Tags:   

• 16:00

  OfficeSIP Server Denial Of Service Vulnerability

   » ‎ SecuriTeam
  OfficeSIP Server 3.1 suffers from denial of service vulnerability

  Tags:   

• 16:00

  Red Hat Enterprise Virtualization Manager Multiple Security Vulnerabilities

   » ‎ SecuriTeam
  Red Hat Enterprise Virtualization Manager is prone to multiple security vulnerabilities including: 1. A privilege-escalation vulnerability 2. Multiple security-bypass vulnerabilities 3. An information-disclosure vulnerability

  Tags:   

• 16:00

  Sleuth Kit Detection Evasion Security Bypass Weakness

   » ‎ SecuriTeam
  Sleuth Kit is prone to a security-bypass weakness.

  Tags:   

• January 03, 2013
• 16:00

  IBM Lotus Quickr 'qp2.cab' ActiveX Control Stack Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  IBM Lotus Quickr is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds check user-supplied input.

  Tags:  quickr lotus ibm buffer-overflow-vulnerability based-buffer-overflow control-stack  

• 16:00

  BulletProof FTP Client 2010 - Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  A Vulnerability Laboratory Researcher discovered a Local Buffer Overflow vulnerability on BulletProof FTP Client.

  Tags:  bulletproof vulnerability ftp buffer-overflow-vulnerability local-buffer-overflow laboratory-researcher  

• 16:00

  Dell SonicWALL Scrutinizer(StatusFilter.php Q Parameter) SQL Injection Vulnerability

   » ‎ SecuriTeam
  Dell SonicWALL Scrutinizer 9.0.1 (statusFilter.php q parameter) suffers from SQL Injection vulnerability

  Tags:  statusfilter php scrutinizer q-parameter dell-sonicwall sonicwall vulnerability  

• 16:00

  Ezhometech EzServer Remote Heap Corruption Vulnerability

   » ‎ SecuriTeam
  Ezhometech EzServer 7.0 suffers from remote heap corruption vulnerability.

  Tags:  ezserver ezhometech heap heap-corruption vulnerability  

• 16:00

  GOM Media Player Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  The Vulnerability Laboratory Research Team discovered a Buffer Overflow Vulnerability on GOM Media Player v. 2.1.37

  Tags:  gom vulnerability media buffer-overflow-vulnerability laboratory-research-team gom-media-player  

• 16:00

  iAuto Mobile Application 2012 Multiple Vulnerabilities

   » ‎ SecuriTeam
  The Vulnerability Laboratory Research Team discovered multiple cross site vulnerabilities in the iAuto Mobile APP for Android, iOS & Blackberry.

  Tags:  mobile application iauto laboratory-research-team mobile-application android  

• 16:00

  Astium VoIP PBX Build 25399 Multiple Vulnerability

   » ‎ SecuriTeam
  Astium VoIP PBX

  Tags:  voip pbx astium vulnerability  

• 16:00

  Joomla joomgalaxy Multiple Vulnerabilities

   » ‎ SecuriTeam
  Joomla joomgalaxy 1.2.0.4 suffers from multiple vulnerabilities.

  Tags:  multiple joomgalaxy joomla vulnerabilities  

• 16:00

  ManageEngine Application Manager Multiple Vulnerabilities

   » ‎ SecuriTeam
  The Vulnerability Laboratory Research Team discovered multiple Vulnerabilities in Manage Engines Application Manager v10 b10500.

  Tags:  vulnerabilities manageengine application manager-multiple laboratory-research-team application-manager vulnerability  

• 16:00

  PHP spl_autoload() Local Denial of Service Vulnerability

   » ‎ SecuriTeam
  PHP 5.3.10 spl_autoload() Local suffers from denial of service vulnerability.

  Tags:  autoload php spl service-vulnerability denial-of-service  

• 16:00

  Smartfren Connex EC 1261-2 UI OUC Local Privilege Escalation Vulnerability

   » ‎ SecuriTeam
  Smartfren Connex EC 1261-2 UI OUC is part of Smartfren Connex EC USB EVDO Modem files.Smartfren Connex EC 1261-2 UI OUC is a daemon for updating the USB EVDO Modem files of Smartfren Connex.

  Tags:  connex smartfren ouc modem-files privilege-escalation-vulnerability local-privilege-escalation  

• 16:00

  Sumatra / MuPDF Integer Overflow Vulnerability

   » ‎ SecuriTeam
  Sumatra 2.1.1/MuPDF 1.0 suffers from Integer Overflow Vulnerability.

  Tags:  mupdf integer sumatra integer-overflow-vulnerability  

• 16:00

  Tiny Server Arbitrary File Disclosure Vulnerability

   » ‎ SecuriTeam
  Tiny Server v1.1.5 Arbitrary suffers from file disclosure vulnerability.

  Tags:  server arbitrary tiny tiny-server server-v1 vulnerability  

• January 02, 2013
• 16:00

  Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  Adobe Flash Player MP4 SequenceParameterSetNALUnit suffers from buffer overflow vulnerability.

  Tags:  player adobe flash buffer-overflow-vulnerability adobe-flash-player  

• 16:00

  BuyClassifiedScript PHP Code Injection Vulnerability

   » ‎ SecuriTeam
  BuyClassifiedScript suffers from PHP code injection vulnerability

  Tags:  code php buyclassifiedscript php-code vulnerability  

• 16:00

  AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  AOL Products downloadUpdater2 Plugin SRC Parameter is prone to a remote code execution vulnerability.

  Tags:  plugin aol downloadupdater src-parameter code-execution vulnerability  

• 16:00

  ACDSee PRO CUR Image Processing Heap Overflow Vulnerability

   » ‎ SecuriTeam
  ACDSee PRO 5.1 CUR Image Processing suffers from heap overflow vulnerability

  Tags:  cur acdsee image overflow-vulnerability image-processing  

• 16:00

  DAMN Hash Calculator v1.5.1 Local Heap Overflow PoC Vulnerability

   » ‎ SecuriTeam
  DAMN Hash Calculator v1.5.1 Local suffers from heap overflow vulnerability

  Tags:  damn calculator hash overflow-vulnerability calculator-v1 heap  

• 16:00

  Edraw Diagram Component 5 ActiveX Buffer Overflow DoS Vulnerability

   » ‎ SecuriTeam
  Edraw Diagram Component 5 ActiveX suffers from buffer overflow DoS vulnerability

  Tags:  edraw diagram component activex-buffer-overflow dos-vulnerability  

• 16:00

  Epson EventManager Denial of Service Vulnerability

   » ‎ SecuriTeam
  Epson EventManager

  Tags:  epson denial eventmanager service-vulnerability denial-of-service  

• 16:00

  FL Studio Producer Edition SEH Based Buffer Overflow Vulnerabilty

   » ‎ SecuriTeam
  FL Studio 10 Producer Edition SEH Based suffers from buffer overflow vulnerabilty

  Tags:  producer edition studio based-buffer-overflow studio-producer  

• 16:00

  GIMP script-fu Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  GIMP 2.6 script-fu

  Tags:  buffer overflow gimp buffer-overflow-vulnerability  

• 16:00

  Havalite CMS 'data/havalite.db3' File Database Information Disclosure Vulnerability

   » ‎ SecuriTeam
  Havalite CMS is prone to an information-disclosure vulnerability.

  Tags:  havalite vulnerability cms information-disclosure-vulnerability file-database  

• 16:00

  HP VSA Remote Command Execution Vulnerability

   » ‎ SecuriTeam
  HP VSA Remote suffers from command execution vulnerability.

  Tags:  vsa remote command command-execution vulnerability  

• 16:00

  IBM Lotus Notes Client URL Handler Command Injection Vulnerability

   » ‎ SecuriTeam
  IBM Lotus Notes Client URL Handler suffers from command injection vulnerability

  Tags:  lotus-notes-client vulnerability lotus  

• 16:00

  IlohaMail Webmail Stored XSS Vulnerability

   » ‎ SecuriTeam
  IlohaMail Webmail suffers from stored XSS vulnerability.

  Tags:  xss ilohamail webmail vulnerability  

• 16:00

  IrfanView DJVU Image Processing Heap Overflow Vulnerability

   » ‎ SecuriTeam
  IrfanView 4.33 DJVU Image Processing is prone to a heap overflow vulnerability

  Tags:  djvu irfanview image overflow-vulnerability image-processing heap  

• 16:00

  Java AtomicReferenceArray Type Violation Vulnerability

   » ‎ SecuriTeam
  Java AtomicReferenceArray suffers from type violation vulnerability.

  Tags:  java type atomicreferencearray vulnerability  

• 16:00

  MailTraq Stored XSS Vulnerability

   » ‎ SecuriTeam
  MailTraq 2.17.3.3150 suffers from stored XSS vulnerability

  Tags:  xss vulnerability mailtraq  

• December 30, 2012
• 16:00

  Able2Extract and Able2Extract Server Memory Corruption Vulnerability

   » ‎ SecuriTeam
  Able2Extract and Able2Extract Server v 6.0 suffers from memory corruption vulnerability

  Tags:  extract server able memory-corruption able2extract server-memory  

• 16:00

  AhnLab V3 Internet Security Privilege Escalation Vulnerability

   » ‎ SecuriTeam
  AhnLab V3 Internet Security 8.0

  Tags:  internet ahnlab security security-privilege privilege-escalation-vulnerability  

• 16:00

  Computer Associates XCOM Data Transport Remote Arbitrary Command Execution Vulnerability

   » ‎ SecuriTeam
  Computer Associates XCOM Data Transport is prone to a remote arbitrary command-execution vulnerability because it fails to properly validate user-supplied input.

  Tags:  xcom computer data command-execution arbitrary-command data-transport  

• 16:00

  Free Mp3 Player Local Denial of Service Vulnerability

   » ‎ SecuriTeam
  Free Mp3 Player 1.0 suffers from local denial of service Vulnerability

  Tags:  denial free player free-mp3-player service-vulnerability denial-of-service  

• 16:00

  IBM eDiscovery Manager Unspecified Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  IBM eDiscovery Manager is prone to an unspecified cross-site scripting vulnerability because it fails to sanitize user-supplied input.

  Tags:  manager ibm ediscovery vulnerability  

• 16:00

  IrfanView JLS Formats PlugIn Heap Overflow Vulnerability

   » ‎ SecuriTeam
  IrfanView JLS Formats PlugIn is prone to a heap overflow vulnerability

  Tags:  irfanview jls formats overflow-vulnerability heap  

• 16:00

  Kordil EDMS SQL Injection Vulnerability

   » ‎ SecuriTeam
  Kordil EDMS v2.2.60rc3 suffers from SQL injection vulnerability

  Tags:  kordil sql edms sql-injection vulnerability  

• 16:00

  Microsoft Internet Explorer Remote Code Execution Exploit (DEP and ASLR Bypass)

   » ‎ SecuriTeam
  Microsoft Internet Explorer prone to remote code execution vulnerability

  Tags:  internet microsoft explorer code-execution internet-explorer vulnerability  

• 16:00

  Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Novell Netware XNFS.NLM STAT Notify suffers from remote code execution vulnerability.

  Tags:  novell netware xnfs novell-netware code-execution nlm  

• 16:00

  MyBB HM My Country Flags SQL Injection Vulnerability

   » ‎ SecuriTeam
  City Directory Review and Rating Script (search.php) suffers from SQL injection vulnerability

  Tags:  mybb injection sql vulnerability city script-search city-directory  

• 16:00

  Oracle MySQL Server Username Enumeration Weakness Remote Vulnerability

   » ‎ SecuriTeam
  Oracle MySQL Server is prone to a username-enumeration weakness because it responds differently to login attempts, depending on whether or not the username exists.

  Tags:  server oracle mysql server-username mysql-server vulnerability  

• 16:00

  Photodex ProShow Producer Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  Photodex ProShow Producer v5.0.3256 suffers from buffer overflow vulnerability

  Tags:  photodex producer proshow buffer-overflow-vulnerability proshow-producer  

• 16:00

  Siemens SIMATIC WinCC Flexible (Runtime) Multiple Vulnerabilities

   » ‎ SecuriTeam
  Siemens SIMATIC WinCC Flexible (Runtime) suffers from multiple vulnerabilities.

  Tags:  siemens runtime simatic siemens-simatic wincc vulnerabilities  

• 16:00

  Socusoft Photo 2 Video Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  A Vulnerability Laboratory Researcher discovered a Local Buffer Overflow vulnerability on Socusofts Photo to Video Converter Free and Professional v8.05.

  Tags:  video photo vulnerability buffer-overflow-vulnerability local-buffer-overflow laboratory-researcher  

• 16:00

  Symantec Web Gateway LFI Remote ROOT RCE Exploit Vulnerability

   » ‎ SecuriTeam
  Symantec's Web Gateway management console is susceptible to multiple security issues that include remote command execution, local file inclusion, arbitrary password change and SQL injection security issues.

  Tags:  gateway symantec web command-execution web-gateway security-issues  

• 16:00

  TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities

   » ‎ SecuriTeam
  TVMOBiLi is prone to multiple buffer-overflow vulnerabilities because it fails to properly bounds check user-supplied input.

  Tags:  server media tvmobili buffer-overflow-vulnerabilities multiple-buffer-overflow media-server  

• 16:00

  WireShark Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  WireShark 1.8.2 & 1.6.0 suffers from buffer overflow vulnerability

  Tags:  buffer wireshark overflow buffer-overflow-vulnerability  

• December 27, 2012
• 16:00

  Adobe Flash Player and AIR Remote Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  Adobe Flash Player and AIR are prone to a remote buffer-overflow vulnerability due to a failure to properly bounds check user-supplied input.

  Tags:  player adobe flash buffer-overflow-vulnerability remote-buffer-overflow-vulnerability remote-buffer-overflow  

• 16:00

  Apache Tomcat Denial Of Dervice Vulnerability

   » ‎ SecuriTeam
  Apache Tomcat is prone to a denial of service Vulnerability.

  Tags:  tomcat denial apache apache-tomcat service-vulnerability denial-of-service  

• 16:00

  Banana Dance Multiple vulnerabilities

   » ‎ SecuriTeam
  High-There are multiple vulnerabilities in Banana Dance, which can be exploited to gain access to sensitive information, perform SQL injection attacks and compromise vulnerable system.

  Tags:  multiple banana dance compromise  

• 16:00

  Cerberus FTP Server Web Admin Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  Cerberus FTP Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize certain user-supplied input.

  Tags:  server ftp cerberus web-admin server-web ftp-server  

• 16:00

  Clockstone and other CMSMasters Theme File Upload Vulnerabilities

   » ‎ SecuriTeam
  Clockstone and other CMSMasters Theme suffers from File Upload Vulnerabilities

  Tags:  cmsmasters clockstone theme file-upload  

• 16:00

  FOOT Gestion 'id' Parameter SQL Injection Vulnerability

   » ‎ SecuriTeam
  FOOT Gestion is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input before using it in an SQL query.

  Tags:  foot sql gestion sql-query vulnerability  

• 16:00

  HP Multiple LaserJet Printers Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  Multiple HP printers are prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

  Tags:  multiple vulnerability laserjet hp-printers laserjet-printers  

• 16:00

  IrfanView IMXCF PlugIn Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  The IMXCF PlugIn for IrfanView is prone to a remote code-execution vulnerability.

  Tags:  irfanview plugin imxcf code-execution vulnerability  

• 16:00

  Joomla! JooProperty Component SQL Injection and Cross Site Scripting Vulnerabilities

   » ‎ SecuriTeam
  The JooProperty component for Joomla! is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  jooproperty component joomla cross-site-scripting vulnerability  

• 16:00

  ManageEngine MSPCentral Multiple Security Vulnerabilities

   » ‎ SecuriTeam
  ManageEngine MSPCentral is prone to the following multiple security vulnerabilities. 1. A cross-site scripting vulnerability 2. An HTML-injection vulnerability 3. A cross-site request-forgery vulnerability

  Tags:  manageengine vulnerability mspcentral security-vulnerabilities forgery  

• 16:00

  Microsoft Internet Explorer Mouse Cursor Location Information Disclosure Vulnerability

   » ‎ SecuriTeam
  Microsoft Internet Explorer is prone to an information-disclosure vulnerability.

  Tags:  information-disclosure-vulnerability cursor-location mouse-cursor  

• 16:00

  MyBB Bank v3 Plugin 'r_username' Parameter SQL Injection Vulnerability

   » ‎ SecuriTeam
  The Bank v3 plugin for MyBB is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

  Tags:  mybb plugin bank username-parameter sql-query  

• 16:00

  Guru Auction Multiple SQL Injection Vulnerabilities

   » ‎ SecuriTeam
  Guru Auction suffers from multiple SQL injection vulnerabilities.

  Tags:  guru auction sql sql-injection  

• 16:00

  MySQL (Linux) Database Privilege Elevation Zeroday Exploit

   » ‎ SecuriTeam
  MySQL (Linux) Database suffers from Privilege Elevation Zeroday Exploit .

  Tags:  exploit elevation mysql privilege-elevation linux-database linux  

• 16:00

  MyYoutube MyBB Plugin SQL Injection Vulnerability

   » ‎ SecuriTeam
  MyYoutube MyBB Plugin 1.0 SQL injection vulnerability

  Tags:  mybb plugin myyoutube vulnerability  

• 16:00

  OpenStack Keystone Insecure File Permissions Vulnerability

   » ‎ SecuriTeam
  Keystone is prone to an insecure file-permission vulnerability.

  Tags:  vulnerability openstack keystone file-permissions  

• 16:00

  Sumatra PDF and MuPDF 'lex_number()' Function Remote Integer Overflow Vulnerability

   » ‎ SecuriTeam
  Sumatra PDF and MuPDF are prone to an integer-overflow vulnerability because they fail to properly validate user-supplied input.

  Tags:  mupdf pdf sumatra integer-overflow-vulnerability sumatra-pdf lex  

• 16:00

  VBulletin ajaxReg Module SQL Injection Vulnerability

   » ‎ SecuriTeam
  The ajaxReg module for vBulletin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  module vbulletin ajaxreg sql-query vulnerability  

• December 26, 2012
• 16:00

  Adobe Flash Player and AIR Remote Integer Overflow Vulnerability

   » ‎ SecuriTeam
  Adobe Flash Player and AIR are prone to a remote integer-overflow vulnerability.

  Tags:  player adobe flash integer-overflow-vulnerability adobe-flash-player  

• 16:00

  Apache Tomcat Security Bypass Vulnerability

   » ‎ SecuriTeam
  Apache Tomcat is prone to a security-bypass vulnerability.

  Tags:  vulnerability tomcat apache apache-tomcat  

• 16:00

  Cerberus FTP Server Multiple XSS vulnerabilities

   » ‎ SecuriTeam
  Cerberus FTP Server is prone to a Multiple Cross-site Scripting vulnerabilities

  Tags:  server ftp cerberus xss ftp-server  

• 16:00

  Dell SonicWall SonicOS WAF - POST Inject Vulnerability

   » ‎ SecuriTeam
  The Vulnerability Laboratory Research Team discovered a web vulnerability in the official DELL Sonicwall SonicOS v5.8.1.8 Firewall Series Appliance Application.

  Tags:  waf vulnerability sonicos dell-sonicwall laboratory-research-team sonicwall  

• 16:00

  Ekiga UTF-8 Parsing Denial of Service Vulnerability

   » ‎ SecuriTeam
  Ekiga is prone to a denial-of-service vulnerability because it fails to properly validate user-supplied input.

  Tags:  ekiga vulnerability utf service-vulnerability denial-of-service utf-8  

• 16:00

  Facebook Profile MyBB Plugin Persistant XSS Vulnerability

   » ‎ SecuriTeam
  Facebook Profile MyBB Plugin 2.4 suffers from persistant cross-site scripting vulnerability.

  Tags:  mybb facebook profile vulnerability  

• 16:00

  Firefly MediaServer Multiple Remote DoS Vulnerabilities

   » ‎ SecuriTeam
  High-Tech Bridge Security Research Lab has discovered multiple remote denial of service (DoS) vulnerabilities in FireFly MediaServer, which could be exploited by a malicious person to crash a remote server.

  Tags:  mediaserver firefly dos denial-of-service-dos malicious-person denial-of-service  

• 16:00

  FreeVimager GIF File Remote Denial of Service Vulnerability

   » ‎ SecuriTeam
  FreeVimager is prone to a remote denial-of-service vulnerability.

  Tags:  vulnerability gif freevimager service-vulnerability denial-of-service  

• 16:00

  HP OpenVMS Multiple Denial of Service Vulnerabilities

   » ‎ SecuriTeam
  HP OpenVMS is prone to multiple denial-of-service vulnerabilities

  Tags:  openvms multiple denial denial-of-service  

• 16:00

  M0n0wall Multiple Cross Site Request Forgery Vulnerabilities

   » ‎ SecuriTeam
  m0n0wall is prone to multiple cross-site request-forgery vulnerabilities because it fails to properly validate POST requests.

  Tags:  wall cross multiple forgery m0n0wall  

• 16:00

  Microsoft Internet Explorer Improper Ref Counting Use-After-Free Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Microsoft Internet Explorer is prone to a remote code-execution vulnerability.

  Tags:  internet microsoft explorer code-execution internet-explorer vulnerability  

• 16:00

  Multiple Rockwell Automation Products Remote Denial of Service Vulnerability

   » ‎ SecuriTeam
  Multiple Rockwell Automation products are prone to a remote denial-of-service vulnerability.

  Tags:  rockwell multiple automation rockwell-automation service-vulnerability automation-products  

• 16:00

  Qualcomm Android kernel Remote Code Execution and Denial of Service Vulnerabilities

   » ‎ SecuriTeam
  Android kernels running on Qualcomm are prone to multiple remote code-execution vulnerabilities and a denial-of-service vulnerability.

  Tags:  qualcomm kernel android service-vulnerability code-execution denial-of-service  

• 16:00

  SmarterMail 'txtDisplayAs_SettingText' Parameter HTML Injection Vulnerability

   » ‎ SecuriTeam
  SmarterMail is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  vulnerability settingtext smartermail  

• 16:00

  Snare Linux Cross-Site Scripting via Log Injection Vulnerability

   » ‎ SecuriTeam
  Snare for Linux Cross-Site Scripting via Log Injection Vulnerability

  Tags:  site snare linux cross-site-scripting vulnerability  

• 16:00

  Sourcefabric Newscoop 'f_email' Parameter SQL Injection Vulnerability

   » ‎ SecuriTeam
  Newscoop is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  vulnerability newscoop sql sql-query email  

• 16:00

  VMware View Connection Server Directory Traversal Vulnerability

   » ‎ SecuriTeam
  VMware View releases address a critical directory traversal vulnerability in the View Connection Server and View Security Server.

  Tags:  vmware server view directory-traversal-vulnerability connection-server server-directory  

• December 20, 2012
• 16:00

  Adobe Flash Player and AIR Memory Corruption Vulnerability

   » ‎ SecuriTeam
  Adobe Flash Player and AIR are prone to a remote memory-corruption vulnerability.

  Tags:  player adobe flash memory-corruption adobe-flash-player vulnerability  

• 16:00

  Apache Tomcat Denial of Service Vulnerability

   » ‎ SecuriTeam
  Apache Tomcat is prone to a denial-of-service vulnerability.

  Tags:  vulnerability tomcat apache apache-tomcat service-vulnerability denial-of-service  

• 16:00

  Axis Multiple HTML Injection Vulnerabilities

   » ‎ SecuriTeam
  Axis is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input.

  Tags:  multiple html axis  

• 16:00

  Citrix XenApp XML Service Interface Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Citrix XenApp is prone to a remote code-execution vulnerability.

  Tags:  citrix vulnerability xenapp interface-remote-code-execution service-interface  

• 16:00

  ClipBucket Multiple SQL Injection vulnerabilities

   » ‎ SecuriTeam
  ClipBucket is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query.

  Tags:  multiple clipbucket sql sql-injection sql-query  

• 16:00

  ConcourseConnect HTML Injection and Cross Site Request Forgery Vulnerabilities

   » ‎ SecuriTeam
  ConcourseConnect is prone to multiple HTML-injection vulnerabilities and a cross-site request forgery vulnerability.

  Tags:  forgery concourseconnect request vulnerability  

• 16:00

  FirePass SSL VPN 'sessionId' Parameter Local File Include Vulnerability

   » ‎ SecuriTeam
  FirePass SSL VPN is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

  Tags:  firepass vpn ssl ssl-vpn vulnerability  

• 16:00

  Google Chrome Prior to 23.0.1271.97 Multiple Security Vulnerabilities

   » ‎ SecuriTeam
  Google Chrome Prior to 23.0.1271.97 is prone to multiple security vulnerabilities.

  Tags:  chrome google prior security-vulnerabilities  

• 16:00

  IBM Director CIM Server Privilege Escalation Vulnerability

   » ‎ SecuriTeam
  IBM Director is prone to a privilege-escalation vulnerability that affects the CIM server.

  Tags:  director cim ibm privilege-escalation-vulnerability escalation  

• 16:00

  Kent Web Access Report Unspecified Cross-Site Scripting Vulnerability

   » ‎ SecuriTeam
  Kent Web Access Report is prone to an unspecified cross-site scripting vulnerability because it fails to sanitize user-supplied input.

  Tags:  access report web kent kent-web access-report web-access  

• 16:00

  Microsoft Word RTF File 'listoverridecount' Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Microsoft Word is prone to a remote code-execution vulnerability.

  Tags:  vulnerability microsoft word code-execution microsoft-word  

• 16:00

  MyBB kingchat Plugin 'kingchat.php' Script HTML Injection Vulnerability

   » ‎ SecuriTeam
  The kingchat plugin for MyBB is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  mybb plugin kingchat script-html php-script  

• 16:00

  NVIDIA Install Application 'AddPackages()' Function Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  NVIDIA Install Application is prone to a buffer-overflow vulnerability because it fails to properly bound check user-supplied input.

  Tags:  application install nvidia buffer-overflow-vulnerability function-buffer-overflow  

• 16:00

  Opera Web Browser Memory Corruption Denial of Service Vulnerability

   » ‎ SecuriTeam
  Opera Web Browser is prone to a remote memory-corruption vulnerability.

  Tags:  web opera browser opera-web-browser memory-corruption service-vulnerability  

• 16:00

  Oracle MySQL and MariaDB Insecure Salt Generation Security Bypass Weakness

   » ‎ SecuriTeam
  MySQL and MariaDB are prone to a security-bypass weakness.

  Tags:  mariadb mysql weakness oracle  

• 16:00

  Red Hat OpenShift Enterprise Cross Site Request Forgery Vulnerability

   » ‎ SecuriTeam
  Red Hat OpenShift Enterprise is prone to a cross-site request-forgery vulnerability.

  Tags:  openshift hat red forgery vulnerability red-hat  

• 16:00

  Symantec Network Access Control Local Privilege Escalation Vulnerability

   » ‎ SecuriTeam
  Symantec Network Access Control is prone to a local privilege-escalation vulnerability.

  Tags:  access symantec network network-access-control privilege-escalation-vulnerability local-privilege-escalation  

• 16:00

  Wordpress URL Video Lead Form Plugin Cross-Site Scripting Vulnerabilities

   » ‎ SecuriTeam
  The Video Lead Form Plugin in Wordpress http://wordpress.org/extend/plugins/video-lead-form/ has a Reflective XSS vulnerability in the browser URL which affects Wordpress 3.4.2 (Platform Used).

  Tags:  video url wordpress cross-site-scripting vulnerability  

• December 19, 2012
• 16:00

  Adobe ColdFusion Security Bypass Vulnerability

   » ‎ SecuriTeam
  Adobe ColdFusion is prone to a local security-bypass vulnerability.

  Tags:  vulnerability coldfusion adobe local-security  

• 16:00

  Apache Tomcat Cross-Site Request Forgery Vulnerability

   » ‎ SecuriTeam
  Apache Tomcat is prone to a cross-site request forgery vulnerability.

  Tags:  request tomcat apache apache-tomcat forgery vulnerability  

• 16:00

  HP Network Node Manager i Remote Unspecified Unauthorized Access Vulnerability

   » ‎ SecuriTeam
  HP Network Node Manager i is prone to an unspecified unauthorized-access vulnerability.

  Tags:  vulnerability node network manager-i network-node-manager hp-network unauthorized-access  

• 16:00

  Freefloat FTP Server 'WMI' Service Arbitrary File Upload Vulnerability

   » ‎ SecuriTeam
  Freefloat FTP Server is prone to an arbitrary file-upload vulnerability because it fails to adequately validate files before uploading them.

  Tags:  server ftp freefloat file-upload ftp-server vulnerability  

• 16:00

  IBM Flex System CMM and IMM2 Modules Information Disclosure Vulnerability

   » ‎ SecuriTeam
  IBM Flex System is prone to an information-disclosure vulnerability.

  Tags:  system ibm flex information-disclosure-vulnerability flex-system cmm  

• 16:00

  Kordil EDMS 'Password' Parameter SQL Injection Vulnerability

   » ‎ SecuriTeam
  Kordil EDMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  kordil sql edms sql-query vulnerability  

• 16:00

  Microsoft DirectX DirectPlay Heap Overflow Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Microsoft DirectX is prone to a remote code-execution vulnerability.

  Tags:  directx vulnerability microsoft microsoft-directx code-execution directplay  

• 16:00

  Microsoft Windows OpenType Font (OTF) Driver Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Microsoft Windows is prone to a remote code-execution vulnerability.

  Tags:  vulnerability microsoft windows code-execution microsoft-windows  

• 16:00

  MyBB Profile Blog Plugin SQL Injection and HTML Injection Vulnerabilities

   » ‎ SecuriTeam
  The Profile Blog Plugin for MyBB is prone to an SQL-injection vulnerability and an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input.

  Tags:  blog mybb profile sql-injection vulnerability  

• 16:00

  OpenStack Nova Local Information Disclosure Vulnerability

   » ‎ SecuriTeam
  OpenStack Nova is prone to a local information-disclosure vulnerability.

  Tags:  vulnerability openstack information nova--local nova information-disclosure-vulnerability local-information  

• 16:00

  Red Hat Certificate System Multiple Cross-Site Scripting and Denial of Service Vulnerabilities

   » ‎ SecuriTeam
  Red Hat Certificate System is prone to multiple cross-site scripting and denial-of-service vulnerabilities.

  Tags:  certificate hat red cross-site-scripting denial-of-service red-hat  

• 16:00

  Smartphone Pentest Framework Multiple Remote Command Execution Vulnerabilities

   » ‎ SecuriTeam
  Smartphone Pentest Framework is prone to multiple remote command-execution vulnerabilities.

  Tags:  smartphone framework pentest command-execution  

• 16:00

  Symantec Messaging Gateway Arbitrary File Download Vulnerabilities

   » ‎ SecuriTeam
  Symantec Messaging Gateway is prone to multiple arbitrary file-download vulnerabilities because the application fails to sufficiently sanitize user-supplied input.

  Tags:  gateway symantec messaging  

• 16:00

  Wordpress Simple Gmail Login Plugin Stack Trace Information Disclosure Vulnerability

   » ‎ SecuriTeam
  The Simple Gmail Login plugin for Wordpress is prone to an information-disclosure vulnerability.

  Tags:  wordpress gmail simple information-disclosure-vulnerability stack-trace  

• 16:00

  Xen 'XENMEM_exchange' Local Privilege Escalation Vulnerability

   » ‎ SecuriTeam
  Xen is prone to a local privilege-escalation vulnerability.

  Tags:  vulnerability xen xenmem privilege-escalation-vulnerability local-privilege-escalation  

• 16:00

  SimpleInvoices 2011.1 Cross-Site-Scripting (XSS) Vulnerabilities

   » ‎ SecuriTeam
  SimpleInvoices 2011.1 is prone to a Cross-Site-Scripting (XSS) Vulnerabilities

  Tags:  xss scripting simpleinvoices vulnerabilities  

• December 18, 2012
• 16:00

  Buffalo LinkStation Information Disclosure and Security Bypass Vulnerabilities

   » ‎ SecuriTeam
  The LinkStation is prone to an information-disclosure vulnerability and a security-bypass vulnerability.

  Tags:  vulnerability linkstation information buffalo buffalo-linkstation information-disclosure-vulnerability  

• 16:00

  HP LaserJet Pro 400 Multi Function Printers Remote Unspecified Unauthorized Access Vulnerability

   » ‎ SecuriTeam
  HP LaserJet Pro 400 Multi Function Printers is prone to an unspecified unauthorized-access vulnerability.

  Tags:  function laserjet multi multi-function-printers hp-laserjet unauthorized-access  

• 16:00

  IBM Tivoli Monitoring HTTP Monitoring Console Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  IBM Tivoli Monitoring is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input.

  Tags:  monitoring ibm tivoli vulnerability  

• 16:00

  ManageEngine AssetExplore Multiple HTML Injection Vulnerabilities

   » ‎ SecuriTeam
  ManageEngine AssetExplore is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.

  Tags:  assetexplore multiple manageengine  

• 16:00

  Microsoft Exchange Server RSS Feed Remote Denial of Service Vulnerability

   » ‎ SecuriTeam
  Microsoft Exchange Server is prone to a remote denial-of-service vulnerability.

  Tags:  server microsoft exchange microsoft-exchange-server service-vulnerability denial-of-service  

• 16:00

  Microsoft Windows TrueType Font Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Microsoft Windows is prone to a remote code-execution vulnerability.

  Tags:  vulnerability microsoft windows code-execution microsoft-windows  

• 16:00

  Mozilla Firefox/Thunderbird/SeaMonkey Heap Buffer Function Overflow Vulnerability

   » ‎ SecuriTeam
  Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a heap-based buffer-overflow vulnerability.

  Tags:  mozilla firefox thunderbird buffer-overflow-vulnerability based-buffer-overflow mozilla-firefox  

• 16:00

  MyBB kingchat Plugin 'username' Parameter SQL Injection Vulnerability

   » ‎ SecuriTeam
  The kingchat plugin for MyBB is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

  Tags:  mybb plugin kingchat sql-query vulnerability  

• 16:00

  Oracle Fusion Middleware Reports Developer Remote Security Vulnerability

   » ‎ SecuriTeam
  Oracle Fusion Middleware is prone to a remote vulnerability in Oracle Reports Developer.

  Tags:  oracle middleware fusion oracle-fusion-middleware oracle-reports security-vulnerability  

• 16:00

  Oracle MySQL Server Privilege Escalation Vulnerability

   » ‎ SecuriTeam
  Oracle MySQL Server is prone to a privilege-escalation vulnerability.

  Tags:  server oracle mysql privilege-escalation-vulnerability mysql-server escalation  

• 16:00

  Red Hat CloudForms Multiple Insecure File Permissions and Security Bypass Vulnerabilities

   » ‎ SecuriTeam
  Red Hat CloudForms is prone to multiple insecure file-permission vulnerabilities and a security-bypass vulnerability.

  Tags:  cloudforms hat red file-permissions red-hat vulnerability  

• 16:00

  SafeNet Privilege 'PrivAgent.ocx' ActiveX Controls Multiple Buffer Overflow Vulnerabilities

   » ‎ SecuriTeam
  SafeNet Privilege is prone to multiple buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied input.

  Tags:  safenet privagent privilege multiple-buffer-overflow buffer-overflow-vulnerabilities activex  

• 16:00

  Symantec Endpoint Protection Manager Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Symantec Endpoint Protection (SEP) Manager is prone to a remote code-execution vulnerability.

  Tags:  endpoint protection symantec code-execution vulnerability  

• 16:00

  WordPress GRAND Flash Album Gallery Plugin Multiple Remote Vulnerabilities

   » ‎ SecuriTeam
  GRAND Flash Album Gallery for WordPress is prone to following multiple vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple directory-traversal vulnerabilities 3. Multiple arbitrary file-overwrite vulnerabilities.

  Tags:  multiple wordpress grand sql-injection directory-traversal album-gallery  

• 16:00

  WordPress Nest Theme 'codigo' Parameter SQL Injection Vulnerability

   » ‎ SecuriTeam
  The Nest theme for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  vulnerability wordpress sql nest nest-theme sql-injection sql-query  

• 16:00

  Xen 'get_page_from_gfn()' Function Local Denial of Service Vulnerability

   » ‎ SecuriTeam
  Xen is prone to a local denial-of-service vulnerability.

  Tags:  vulnerability xen page service-vulnerability denial-of-service  

• 16:00

  BlackBerry PlayBook Unspecified Information Disclosure Vulnerability

   » ‎ SecuriTeam
  Blackberry Playbook is prone to an information disclosure vulnerability that affects the web browser component.

  Tags:  playbook blackberry information information-disclosure-vulnerability  

• 16:00

  Citrix XenDesktop Virtual Desktop Agent Local Security Bypass Vulnerability

   » ‎ SecuriTeam
  Citrix XenDesktop is prone to a local security-bypass vulnerability.

  Tags:  citrix vulnerability xendesktop desktop-agent local-security virtual-desktop  

• 16:00

  Ektron CMS 'XslCompiledTransform' Class Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Ektron CMS is prone to a remote code-execution vulnerability.

  Tags:  ektron vulnerability cms code-execution  

• December 17, 2012
• 16:00

  Joomla! 'language search' Component Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  Joomla! is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  language vulnerability joomla search-component language-search cross-site-scripting  

• 16:00

  AWStats Unspecified Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  AWStats is prone to an unspecified cross-site scripting vulnerability.

  Tags:  vulnerability awstats unspecified  

• 16:00

  Broadcom BCM4325 and BCM4329 Wireless Chipset Out of Bound Read Denial of Service Vulnerability

   » ‎ SecuriTeam
  Broadcom BCM4325 and BCM4329 Wireless Chipsets are prone to a denial-of-service vulnerability.

  Tags:  bcm Wireless broadcom read-denial service-vulnerability denial-of-service  

• 16:00

  Drupal Organic Groups SA-CONTRIB-2012-148 Security Bypass Vulnerability

   » ‎ SecuriTeam
  The Organic Groups module for Drupal is prone to a security-bypass vulnerability that may allow attackers to perform actions without proper authorization.

  Tags:  vulnerability organic drupal proper-authorization attackers  

• 16:00

  Drupal Twitter Pull Module Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  The Twitter Pull module for Drupal is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  twitter module drupal vulnerability  

• 16:00

  Gajim '_ssl_verify_callback()' Function SSL Certificate Validation Spoofing Vulnerability

   » ‎ SecuriTeam
  Gajim is prone to a security vulnerability that may allow attackers to conduct spoofing attacks.

  Tags:  vulnerability ssl gajim security-vulnerability attackers validation  

• 16:00

  KMPlayer '.avi' File Local Denial of Service Vulnerability

   » ‎ SecuriTeam
  KMPlayer is prone to a local denial-of-service vulnerability.

  Tags:  avi vulnerability kmplayer service-vulnerability denial-of-service  

• 16:00

  Ruby 'error.c' Multiple Security Bypass Vulnerabilities

   » ‎ SecuriTeam
  Ruby is prone to multiple security-bypass vulnerabilities.

  Tags:  multiple error security ruby error-c vulnerabilities  

• 16:00

  Sysax FTP Automation Local Privilege Escalation Vulnerability

   » ‎ SecuriTeam
  Sysax FTP Automation is prone to a local privilege-escalation vulnerability.

  Tags:  automation sysax ftp privilege-escalation-vulnerability local-privilege-escalation  

• 16:00

  Trillian SSL Certificate Validation Security Bypass Vulnerability

   » ‎ SecuriTeam
  Trillian is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from a server.

  Tags:  trillian vulnerability ssl ssl-certificates ssl-certificate  

• 16:00

  UMPlayer 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability

   » ‎ SecuriTeam
  UMPlayer is prone to a vulnerability that lets attackers execute arbitrary code.

  Tags:  umplayer code dll arbitrary-code-execution attackers vulnerability  

• 16:00

  VicBlog Multiple SQL Injection Vulnerabilities

   » ‎ SecuriTeam
  VicBlog is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query.

  Tags:  multiple vicblog sql sql-injection sql-query  

• 16:00

  VLC Media Player Read Access Violation Arbitrary Code Execution Vulnerability

   » ‎ SecuriTeam
  VLC Media Player is prone to an arbitrary code-execution vulnerability.

  Tags:  player vlc media read-access arbitrary-code-execution vlc-media-player access-violation  

• 16:00

  Winmail Server Multiple HTML Injection Vulnerabilities

   » ‎ SecuriTeam
  Winmail Server is prone to multiple HTML-injection vulnerabilities because the application fails to properly sanitize user-supplied input.

  Tags:  server multiple winmail  

• 16:00

  WordPress Spider Calendar Plugin 'many_sp_calendar' Parameter Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  The Spider Calendar plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  calendar wordpress spider cross-site-scripting vulnerability  

• 16:00

  Linux Kernel 'taskstats' Local Denial of Service Vulnerability

   » ‎ SecuriTeam
  The Linux kernel is prone to a local denial-of-service vulnerability.

  Tags:  vulnerability kernel linux service-vulnerability denial-of-service linux-kernel  

• December 16, 2012
• 16:00

  Cisco Unified MeetingPlace Web Conferencing Buffer Overflow Vulnerability Updated

   » ‎ SecuriTeam
  Cisco Unified MeetingPlace Web Conferencing is prone to a buffer overflow vulnerability.

  Tags:  web meetingplace conferencing cisco-unified buffer-overflow-vulnerability web-conferencing cisco  

• 16:00

  Check Point UTM-1 Edge and Safe Multiple Security Vulnerabilities Updated

   » ‎ SecuriTeam
  Check Point UTM-1 Edge and Safe are prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities 2. Multiple HTML-injection vulnerabilities 3. Multiple cross-site request forgery vulnerabilities 4. Multiple URI-redirection vulnerabilities 5. An information-disclosure vulnerability

  Tags:  point multiple edge uri information-disclosure-vulnerability security-vulnerabilities forgery  

• 16:00

  EasyITSP 'customers_edit.php' Authentication Security Bypass Vulnerability

   » ‎ SecuriTeam
  EasyITSP is prone to a security-bypass vulnerability.

  Tags:  easyitsp vulnerability php authentication  

• 16:00

  Greenstone Multiple Security Vulnerabilities

   » ‎ SecuriTeam
  Greenstone is prone to the following security vulnerabilities: 1. A file-disclosure vulnerability 2. A cross-site scripting vulnerability 3. A security weakness 4. A security-bypass vulnerability

  Tags:  greenstone vulnerability security security-weakness security-vulnerabilities  

• 16:00

  Inventory Multiple Cross Site Scripting and SQL Injection Vulnerabilities

   » ‎ SecuriTeam
  Inventory is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data.

  Tags:  cross multiple inventory cross-site-scripting  

• 16:00

  ModSecurity POST Parameters Security Bypass Vulnerability

   » ‎ SecuriTeam
  ModSecurity is prone to a security-bypass vulnerability because it fails to sufficiently sanitize user-supplied input.

  Tags:  vulnerability modsecurity post parameters  

• 16:00

  Multiple Horde Products Multiple Unspecified HTML Injection Vulnerabilities

   » ‎ SecuriTeam
  Multiple Horde products including Groupware Webmail Edition, Groupware, and Kronolith are prone to multiple unspecified HTML-injection vulnerabilities because they fail to properly sanitize user-supplied input.

  Tags:  groupware multiple horde  

• 16:00

  Oracle E-Business Suite Remote Oracle iRecruitment Vulnerability

   » ‎ SecuriTeam
  Oracle E-Business Suite is prone to a remote vulnerability in Oracle iRecruitment.

  Tags:  e-business oracle suite oracle-irecruitment business-suite vulnerability  

• 16:00

  Perl Heap-Based Memory Corruption Vulnerability

   » ‎ SecuriTeam
  Perl is prone to a heap-based memory-corruption vulnerability.

  Tags:  perl vulnerability heap memory-corruption  

• 16:00

  Plone and Zope Unspecified Security Bypass and Code Execution Vulnerabilities

   » ‎ SecuriTeam
  Plone and Zope are prone to the following multiple security vulnerabilities: 1. A command-execution vulnerability 2. An HTTP header injection Vulnerability 3. Multiple security-bypass vulnerabilities 4. Multiple cross-site scripting vulnerabilities 5. A denial-of-service vulnerability 6. Multiple information-disclosure vulnerabilities 7. An arbitrary file-download vulnerability 8. Multiple HTML-injection vulnerabilities

  Tags:  plone multiple vulnerability service-vulnerability command-execution code-execution  

• 16:00

  ProjectPier 'upload.php' Arbitrary File Upload Vulnerability

   » ‎ SecuriTeam
  ProjectPier is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input.

  Tags:  upload vulnerability projectpier upload-php arbitrary-files file-upload  

• 16:00

  Samsung Kies Multiple Security Vulnerabilities

   » ‎ SecuriTeam
  Samsung Kies is prone to multiple security vulnerabilities.

  Tags:  samsung kies security security-vulnerabilities  

• 16:00

  Steam 'vgui2_s.dll' Heap Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  Steam is prone to a remote heap-based buffer-overflow vulnerability.

  Tags:  vgui vulnerability steam buffer-overflow-vulnerability based-buffer-overflow heap  

• 16:00

  WebCalendar Multiple HTML Injection Vulnerabilities

   » ‎ SecuriTeam
  WebCalendar is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input

  Tags:  multiple webcalendar html  

• 16:00

  WeeChat Color Decoding Heap Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  WeeChat is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

  Tags:  weechat vulnerability buffer buffer-overflow-vulnerability based-buffer-overflow memory-buffer  

• 16:00

  WordPress FireStorm Professional Real Estate Plugin Multiple SQL Injection Vulnerabilities

   » ‎ SecuriTeam
  The FireStorm Professional Real Estate plugin for WordPress is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  firestorm wordpress professional professional-real-estate sql-injection sql-query  

• 16:00

  WordPress Pretty Link Lite Plugin 'search' Parameter Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  The Pretty Link Lite plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  pretty wordpress link search-parameter cross-site-scripting vulnerability  

• December 13, 2012
• 16:00

  DCForum 'auth_user_file.txt' File Multiple Information Disclosure Vulnerabilities

   » ‎ SecuriTeam
  DCForum is prone to multiple information-disclosure vulnerabilities.

  Tags:  auth dcforum file information-disclosure  

• 16:00

  Drupal Announcements Module Access Bypass Vulnerability

   » ‎ SecuriTeam
  The Announcements module for Drupal is prone to an access-bypass vulnerability.

  Tags:  module announcements drupal vulnerability  

• 16:00

  FleetCommander Multiple Remote Security Vulnerabilities

   » ‎ SecuriTeam
  FleetCommander is prone to multiple remote security vulnerabilities, including: 1. A cross-site request forgery vulnerability 2. Multiple HTML-injection vulnerabilities 3. Multiple SQL-injection vulnerabilities 4. Multiple command-injection vulnerabilities 5. Multiple information-disclosure vulnerabilities 6. A password encryption weakness 7. Multiple arbitrary file-upload vulnerabilities

  Tags:  multiple fleetcommander security information-disclosure remote-security password-encryption  

• 16:00

  OpenStack Glance Arbitrary File Deletion Vulnerability

   » ‎ SecuriTeam
  OpenStack Glance is prone to an arbitrary file-deletion vulnerability.

  Tags:  vulnerability glance openstack file-deletion  

• 16:00

  OrangeHRM 'sortField' Parameter SQL Injection Vulnerability

   » ‎ SecuriTeam
  OrangeHRM is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  vulnerability orangehrm sql sql-query  

• 16:00

  SolarWinds Orion IP Address Manager (IPAM) 'search.aspx' Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  SolarWinds Orion IP Address Manager (IPAM) is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  address manager solarwinds orion-ip address-manager ipam vulnerability  

• 16:00

  TLS Protocol Information Disclosure Vulnerability

   » ‎ SecuriTeam
  TLS protocol is prone to an information-disclosure vulnerability.

  Tags:  protocol vulnerability tls information-disclosure-vulnerability  

• 16:00

  WordPress 'doing_wp_cron' Parameter Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  vulnerability wordpress cron cross-site-scripting  

• 16:00

  Wordpress Facebook Survey SQL Injection Vulnerability

   » ‎ SecuriTeam
  A critical remote SQL Injection vulnerability in the Wordpress Facebook Survey Pro Plugin.

  Tags:  facebook wordpress sql vulnerability  

• 16:00

  WordPress UnGallery Plugin 'search' Parameter Remote Arbitrary Command Execution Vulnerability

   » ‎ SecuriTeam
  The UnGallery plugin for WordPress is prone to a remote arbitrary command-execution vulnerability because it fails to properly validate user-supplied input.

  Tags:  plugin wordpress ungallery command-execution arbitrary-command search-parameter  

• 16:00

  WordPress Zingiri Web Shop Plugin 'path' Parameter Arbitrary File Upload Vulnerability

   » ‎ SecuriTeam
  The Zingiri Web Shop plugin for WordPress is prone to an arbitrary file-upload vulnerability because it fails to adequately validate files before uploading them.

  Tags:  wordpress web zingiri path-parameter file-upload web-shop  

• 16:00

  World of Phaos SQL Injection and Cross Site Scripting Vulnerabilities

   » ‎ SecuriTeam
  World of Phaos is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

  Tags:  world vulnerability phaos sql-injection  

• December 12, 2012
• 16:00

  Apache OFBiz Unspecified Security Vulnerability

   » ‎ SecuriTeam
  Apache OFBiz is prone to an unspecified vulnerability.

  Tags:  ofbiz vulnerability apache security-vulnerability  

• 16:00

  BSW Gallery 'uploadpic.php' Arbitrary File Upload Vulnerability

   » ‎ SecuriTeam
  BSW Gallery is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input.

  Tags:  gallery upload bsw arbitrary-files file-upload attackers  

• 16:00

  Google Chrome Multiple Security Vulnerabilities Updated

   » ‎ SecuriTeam
  Google Chrome is prone to a use-after-free vulnerability and an arbitrary-file-write vulnerability.

  Tags:  chrome google vulnerability  

• 16:00

  HP Intelligent Management Centre 'uam.exe' Stack Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  The HP Intelligent Management is prone to a stack-based buffer-overflow vulnerability.

  Tags:  vulnerability management intelligent buffer-overflow-vulnerability based-buffer-overflow stack-buffer  

• 16:00

  Kunena 'search' Parameter SQL Injection and Cross Site Scripting Vulnerabilities

   » ‎ SecuriTeam
  Kunena is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

  Tags:  vulnerability search kunena search-parameter  

• 16:00

  Mahara Multiple Cross Site Scripting Vulnerabilities

   » ‎ SecuriTeam
  Mahara is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input.

  Tags:  mahara cross multiple  

• 16:00

  MantisBT 'Delete Attachments Threshold()' Function Security Bypass Vulnerability

   » ‎ SecuriTeam
  MantisBT is prone to a security-bypass vulnerability that may allow attackers to perform actions without proper authorization.

  Tags:  delete vulnerability mantisbt threshold-function proper-authorization attackers  

• 16:00

  Monkey HTTP Daemon '/var/run/monkey.pid' Symlink Attack Local Privilege Escalation Vulnerability

   » ‎ SecuriTeam
  Monkey HTTP Daemon is prone to a local privilege-escalation vulnerability.

  Tags:  monkey daemon http privilege-escalation-vulnerability local-privilege-escalation  

• 16:00

  Mozilla Firefox/Thunderbird/SeaMonkey Heap Buffer Overflow Vulnerability

   » ‎ SecuriTeam
  Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a heap-based buffer-overflow vulnerability.

  Tags:  mozilla firefox thunderbird buffer-overflow-vulnerability based-buffer-overflow mozilla-firefox  

• 16:00

  Multiple IBM products GSKit Client Hello Message Remote Denial of Service Vulnerability

   » ‎ SecuriTeam
  Multiple IBM products are prone to a remote denial-of-service vulnerability because of an error in the Global Secure ToolKit (GSKit).

  Tags:  multiple vulnerability ibm service-vulnerability denial-of-service toolkit  

• 16:00

  Mutiny Command Injection Vulnerability

   » ‎ SecuriTeam
  Mutiny is prone to a command-injection vulnerability.

  Tags:  vulnerability command mutiny  

• 16:00

  PrestaShop 'message' Field HTML Injection Vulnerability

   » ‎ SecuriTeam
  PrestaShop is prone to an HTML-injection vulnerability because it fails to sanitize user-supplied input.

  Tags:  vulnerability message prestashop message-field  

• 16:00

  Apple iOS Multiple Local Security Bypass Vulnerability

   » ‎ SecuriTeam
  Apple iOS for the iPhone, the iPod touch, and the iPad is prone to a local security-bypass vulnerability.

  Tags:  multiple vulnerability local apple-ios ipad local-security iphone  

• December 11, 2012
• 16:00

  Apache Axis and Axis2/Java SSL Certificate Validation Security Bypass Vulnerability

   » ‎ SecuriTeam
  Apache Axis and Axis2/Java are prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from the server.

  Tags:  java axis apache apache-axis java-ssl ssl-certificates  

• 16:00

  ClanSphere 'cs_lang' Cookie Parameter Local File Include Vulnerability

   » ‎ SecuriTeam
  ClanSphere is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

  Tags:  lang vulnerability clansphere  

• 16:00

  F5 FirePass Remote SQL Injection Vulnerability

   » ‎ SecuriTeam
  FirePass is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  sql-injection sql-query vulnerability  

• 16:00

  HelpBox Multiple Security Vulnerabilities

   » ‎ SecuriTeam
  HelpBox is prone to multiple security vulnerabilities including: 1. Multiple SQL-injection vulnerabilities 2. Multiple HTML-injection vulnerabilities 3. A cross-site scripting vulnerability 4. A password-disclosure vulnerability 5. A security-bypass vulnerability 6. Multiple authentication-bypass vulnerabilities

  Tags:  multiple vulnerability helpbox password-disclosure security-vulnerabilities sql-injection  

• 16:00

  Joomla! Freestyle Testimonials Component Unspecified SQL Injection Vulnerability

   » ‎ SecuriTeam
  Freestyle Testimonials component is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  testimonials component freestyle sql-injection sql-query vulnerability  

• 16:00

  Mozilla Firefox, SeaMonkey, and Thunderbird HZ-GB-2312 Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a cross-site scripting vulnerability.

  Tags:  seamonkey mozilla firefox mozilla-firefox thunderbird  

• 16:00

  Novell ZENWorks Asset Management Information Disclosure Vulnerability

   » ‎ SecuriTeam
  Novell ZENWorks Asset Management is prone to an information-disclosure vulnerability.

  Tags:  novell asset zenworks novell-zenworks-asset-management information-disclosure-vulnerability management-information  

• 16:00

  Oracle PeopleSoft Enterprise PeopleTools Remote Security Vulnerability

   » ‎ SecuriTeam
  Oracle PeopleSoft Enterprise PeopleTools is prone to a remote vulnerability

  Tags:  peoplesoft oracle enterprise oracle-peoplesoft peoplesoft-enterprise security-vulnerability  

• 16:00

  RT and RT RTFM Extension Security Bypass Vulnerability

   » ‎ SecuriTeam
  RT and RT RTFM Extension are prone to a security-bypass vulnerability.

  Tags:  rtfm vulnerability extension  

• 16:00

  Tiki Wiki CMS Groupware 'unserialize()' PHP Code Execution Vulnerability

   » ‎ SecuriTeam
  Tiki Wiki CMS Groupware is prone to a remote PHP code-execution vulnerability.

  Tags:  tiki wiki cms tiki-wiki code-execution php-code  

• 16:00

  VBulletin ChangUonDyU - Advanced Statistics SQL Injection Vulnerability

   » ‎ SecuriTeam
  VBulletin ChangUonDyU - Advanced Statistics is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  changuondyu vbulletin advanced advanced-statistics sql-query vulnerability  

• 16:00

  WordPress AJAX Post Search Plugin 'srch_txt' Parameter SQL Injection Vulnerability

   » ‎ SecuriTeam
  The AJAX Post Search Plugin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  post search ajax search-plugin sql-query  

• 16:00

  Wordpress Plugin Catalog HTML Code Injection and Cross-site Scripting Vulnerability

   » ‎ SecuriTeam
  The Spider Catalog plugin for WordPress is prone to multiple HTML injection vulnerabilities because it fails to properly sanitize user-supplied input.

  Tags:  catalog wordpress plugin spider-catalog catalog-html vulnerabilities  

• 16:00

  XiVO Cross-Site Request Forgery Vulnerability

   » ‎ SecuriTeam
  XiVO is prone to a cross-site request-forgery vulnerability.

  Tags:  xivo cross vulnerability forgery  

• December 10, 2012
• 16:00

  Twitter App 5.0 Eavesdropping Vulnerability

   » ‎ SecuriTeam
  The Twitter 5.0 app for the iPhone is vulnerable to eavesdropping via [Man In The Middle][1], this vulnerability can lead an attacker on the same local area network (LAN) to capture and/or modify pictures the victim is seeing on the Twitter app.

  Tags:  twitter eavesdropping app lan local-area-network iphone  

• 16:00

  Amateur Photographer's Image Gallery Multiple Security Vulnerabilities

   » ‎ SecuriTeam
  Amateur Photographer's Image Gallery is prone to multiple SQL injection vulnerabilities, a cross-site scripting vulnerability, and an arbitrary file-disclosure vulnerability because the application fails to sufficiently sanitize user-supplied data.

  Tags:  gallery image photographer s-image-gallery amateur-photographer sql-injection  

• 16:00

  Drupal Core Arbitrary PHP Code Execution and Information Disclosure Vulnerabilities

   » ‎ SecuriTeam
  Drupal is prone to an arbitrary PHP code-execution and an information-disclosure vulnerability.

  Tags:  drupal core php information-disclosure-vulnerability code-execution php-code  

• 16:00

  FreeBSD Linux Compatibility Layer Local Privilege Escalation Vulnerabiity

   » ‎ SecuriTeam
  FreeBSD is prone to a local privilege-escalation vulnerability.

  Tags:  compatibility freebsd linux linux-compatibility privilege-escalation-vulnerability compatibility-layer  

• 16:00

  Inout Article Base 'ViewController.class.php' SQL Injection Vulnerability

   » ‎ SecuriTeam
  Inout Article Base Ultimate is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

  Tags:  inout vulnerability sql article-base sql-query  

• 16:00

  Liferay Portal Security Bypass and HTML Injection Vulnerabilities

   » ‎ SecuriTeam
  Liferay Portal is prone to multiple security-bypass vulnerabilities and an HTML-injection vulnerability.

  Tags:  portal liferay security vulnerability  

• 16:00

  Mozilla Firefox/Thunderbird/SeaMonkey Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a cross-site scripting vulnerability.

  Tags:  mozilla firefox thunderbird mozilla-firefox seamonkey  

• 16:00

  Mozilla Firefox/Thunderbird/SeaMonkey Heap Based Use After Free Denial Of Service Vulnerability

   » ‎ SecuriTeam
  Mozilla Firefox, SeaMonkey, and Thunderbird are prone to a heap-based memory-corruption vulnerability.

  Tags:  mozilla firefox thunderbird memory-corruption mozilla-firefox service-vulnerability  

• 16:00

  Oracle Fusion Middleware Sites Remote Security Vulnerability

   » ‎ SecuriTeam
  Oracle Fusion Middleware is prone to a remote security vulnerability.

  Tags:  oracle middleware fusion security-vulnerability oracle-fusion-middleware remote-security  

• 16:00

  Ruby '#to_s' Method Incomplete Fix Security Bypass Vulnerability

   » ‎ SecuriTeam
  Ruby is prone to a security-bypass vulnerability.

  Tags:  vulnerability incomplete method ruby  

• 16:00

  SMF 'view' Parameter Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  SMF is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input.

  Tags:  view vulnerability smf cross-site-scripting  

• 16:00

  WordPress Bookings Plugin 'error' Parameter Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  The Bookings plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  vulnerability plugin wordpress cross-site-scripting bookings  

• 16:00

  WordPress Simple Slider Plugin Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  The Simple Slider plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  slider wordpress simple vulnerability  

• 16:00

  WordPress Wordfence Security Plugin Cross Site Scripting Vulnerability

   » ‎ SecuriTeam
  The Wordfence Security plugin for WordPress is prone to a cross-site-scripting vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  wordfence wordpress security vulnerability  

• 16:00

  Zoner AntiVirus Free for Android X.509 Certificate Security Bypass Vulnerability

   » ‎ SecuriTeam
  Zoner AntiVirus Free for Android is prone to a security-bypass vulnerability because of an error related to X.509 certificates..

  Tags:  free zoner antivirus x-509 vulnerability certificates  

• December 09, 2012
• 16:00

  Amazon Web Services SDK SSL Certificate Validation Security Bypass Vulnerability

   » ‎ SecuriTeam
  Amazon Web Services SDK is prone to a security-bypass vulnerability because the application fails to properly validate SSL certificates from a server.

  Tags:  sdk amazon web amazon-web ssl-certificates vulnerability  

• 16:00

  Bitweaver Multiple Cross Site Scripting and Local File Include Vulnerabilities

   » ‎ SecuriTeam
  Bitweaver is prone to multiple cross-site scripting vulnerabilities and a local file include vulnerability.

  Tags:  multiple bitweaver file cross-site-scripting vulnerability  

• 16:00

  Empire CMS Template Parser Remote PHP Code Execution Vulnerability

   » ‎ SecuriTeam
  Empire CMS is prone to a remote PHP code-execution vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  empire php cms code-execution php-code vulnerability  

• 16:00

  Grandstream GXP1405 Multiple HTML Injection Vulnerabilities

   » ‎ SecuriTeam
  Grandstream GXP1405 is prone to multiple HTML-injection vulnerabilities because the device fails to properly sanitize user-supplied input.

  Tags:  multiple grandstream gxp  

• 16:00

  IBM WebSphere DataPower XC10 Denial of Service and Security Bypass Vulnerabilities

   » ‎ SecuriTeam
  IBM WebSphere DataPower XC10 is prone to a denial-of-service vulnerability, a security-bypass weakness, and a security-bypass vulnerability.

  Tags:  websphere ibm datapower service-vulnerability denial-of-service ibm-websphere  

• 16:00

  libdbus 'DBUS_SYSTEM_BUS_ADDRESS' Variable Local Privilege Escalation Vulnerability Updated

   » ‎ SecuriTeam
  libdbus is prone to a local privilege-escalation vulnerability.

  Tags:  vulnerability system dbus privilege-escalation-vulnerability local-privilege-escalation system-bus  

• 16:00

  Mozilla Firefox Arbitrary Code Execution Vulnerability

   » ‎ SecuriTeam
  Mozilla Firefox is prone to a vulnerability that lets attackers execute arbitrary code.

  Tags:  code mozilla firefox arbitrary-code-execution attackers vulnerability  

• 16:00

  Oracle Agile PLM Framework Remote Security Vulnerability

   » ‎ SecuriTeam
  Oracle Agile PLM Framework is prone to a remote security vulnerability.

  Tags:  framework oracle plm security-vulnerability remote-security  

• 16:00

  Oracle Identity Manageme Remote Security Vulnerability

   » ‎ SecuriTeam
  Oracle Identity Management is prone to a remote security vulnerability in Application Server Single Sign-On compoenent.

  Tags:  oracle identity security security-vulnerability remote-security application-server  

• 16:00

  PHP Server Monitor HTML Injection Vulnerability

   » ‎ SecuriTeam
  PHP Server Monitor is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content.

  Tags:  server monitor php vulnerability  

• 16:00

  Ruby Local File Creation Vulnerability

   » ‎ SecuriTeam
  Ruby is prone to a security vulnerability that may allow attackers to create unintended files.

  Tags:  vulnerability file local ruby creation-vulnerability security-vulnerability attackers  

• 16:00

  SilverStripe 'Title' Parameter Multiple HTML Injection Vulnerabilities

   » ‎ SecuriTeam
  SilverStripe is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.

  Tags:  title parameter silverstripe  

• 16:00

  Ubuntu 'unity-firefox-extension' Package Denial of Service Vulnerability

   » ‎ SecuriTeam
  Ubuntu unity-firefox-extension package is prone to a denial-of-service vulnerability.

  Tags:  vulnerability package ubuntu service-vulnerability denial-of-service unity  

• 16:00

  WordPress Crayon Syntax Highlighter Plugin 'wp_load' Parameter Remote File Include Vulnerabilities

   » ‎ SecuriTeam
  The Crayon Syntax Highlighter plug-in for WordPress is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input.

  Tags:  wordpress crayon syntax syntax-highlighter  

• 16:00

  Wordpress Simple Slider Plugin Cross-Site Scripting Vulnerabilities

   » ‎ SecuriTeam
  Wordpress Simple Slider Plugin is prone to a cross-site scripting Vulnerability.

  Tags:  slider wordpress simple vulnerability  

• 16:00

  WordPress Zarzadzonie Kontem Plugin 'ajaxfilemanager.php' Script Arbitrary File Upload Vulnerability

   » ‎ SecuriTeam
  The Zarzadzonie Kontem plugin for WordPress is prone to an arbitrary file-upload vulnerability because it fails to adequately validate files before uploading them.

  Tags:  wordpress kontem zarzadzonie file-upload php-script vulnerability