December 2010
[3/5] CA ARCserve D2D Axis2 Default Account...
rgod has discovered a security issue in CA ARCserve D2D, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.
http://secunia.com/advisories/42763/
[2/5] TorrentTrader Cross-Site Scripting and SQL...
Some vulnerabilities have been discovered in TorrentTrader, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/42774/
[2/5] Streber Multiple Cross-Site Scripting...
Multiple vulnerabilities have been discovered in Streber, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/42628/
[2/5] PHP-addressbook "group_name" SQL Injection...
A vulnerability has been discovered in PHP-addressbook, which can be exploited by malicious users to conduct SQL injection attacks.
http://secunia.com/advisories/42781/
[2/5] Academic Web Tools "a_code" Cross-Site...
A vulnerability has been reported in Academic Web Tools, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/42785/
[2/5] Debian update for wordpress
Debian has issued an update for wordpress. This fixes a vulnerability, which can be exploited by malicious users to conduct SQL injection attacks.
http://secunia.com/advisories/42753/
[4/5] Fedora update for tor
Fedora has issued an update for tor. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
http://secunia.com/advisories/42783/
[2/5] WordPress KSES Library Script Insertion...
A vulnerability has been reported in WordPress, which can be exploited by malicious users to conduct script insertion attacks.
http://secunia.com/advisories/42755/
[2/5] DD-WRT "Info.live.htm" Information...
Craig Heffner has reported a security issue in DD-WRT, which can be exploited by malicious people to disclose system information.
http://secunia.com/advisories/42737/
[2/5] Fedora update for Ajaxterm
Fedora has issued an update for Ajaxterm. This fixes a security issue, which can be exploited by malicious people to conduct hijacking attacks.
http://secunia.com/advisories/42784/
[4/5] Chilkat FTP-2 ActiveX Component Insecure...
rgod has discovered some vulnerabilities in the Chilkat FTP-2 ActiveX component, which can be exploited by malicious people to disclose sensitive information and compromise a user’s system.
http://secunia.com/advisories/42749/
[3/5] Techphoebe QuickShare File Server Directory...
John Leitch has discovered a vulnerability in Techphoebe QuickShare File Server, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system.
http://secunia.com/advisories/42752/
[3/5] KaiBB Script Insertion and SQL Injection...
High-Tech Bridge SA has discovered some vulnerabilities in KaiBB, which can be exploited by malicious users to conduct script insertion attacks and SQL injection attacks and by malicious people to conduct SQL injection attacks..
http://secunia.com/advisories/42766/
[2/5] LiveZilla "livezilla" Cross-Site Scripting...
A vulnerability has been reported in LiveZilla, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/42748/
[3/5] Ideh Pardaz Easy Portal "id" SQL Injection...
A vulnerability has been reported in Ideh Pardaz Easy Portal, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/advisories/42756/
[2/5] Coppermine Photo Gallery Cross-Site...
Janek Vind has discovered some vulnerabilities in Coppermine Photo Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/42751/
[4/5] SocialEngine Music Sharing Plugin Arbitrary...
A vulnerability has been discovered in SocialEngine Music Sharing Plugin, which can be exploited by malicious users to compromise a vulnerable system.
http://secunia.com/advisories/42754/
[3/5] httpdASM Directory Traversal Vulnerability
John Leitch has discovered a vulnerability in httpdASM, which can be exploited by malicious people to disclose system information.
http://secunia.com/advisories/42750/
[3/5] Square CMS "id" SQL Injection Vulnerability
A vulnerability has been discovered in Square CMS, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/advisories/42702/
[2/5] OpenEMR Script Insertion and SQL Injection...
Multiple vulnerabilities have been discovered in OpenEMR, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.
http://secunia.com/advisories/42738/
[3/5] Fedora update for perl-IO-Socket-SSL
Fedora has issued an update for perl-IO-Socket-SSL. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
http://secunia.com/advisories/42757/
[3/5] IBM Lotus Mobile Connect Multiple...
A weakness and two vulnerabilities have been reported in IBM Lotus Mobile Connect, which can be exploited by malicious people with physical access to bypass certain security restrictions and malicious people to cause a DoS (Denial of Service)
http://secunia.com/advisories/42703/
[2/5] IBM WebSphere Service Registry and...
A vulnerability has been reported in IBM WebSphere Service Registry and Repository, which can be exploited by malicious people to bypass certain security restrictions.
http://secunia.com/advisories/42742/
[4/5] Microsoft Windows Fax Cover Page Editor...
rgod has discovered a vulnerability in Microsoft Windows Server 2003, which can be exploited by malicious people to compromise a vulnerable system.
http://secunia.com/advisories/42747/
[3/5] IBM Tivoli Access Manager for e-business...
A vulnerability has been reported in IBM Tivoli Access Manager for e-business, which can be exploited by malicious people to disclose system information.
http://secunia.com/advisories/42727/
[2/5] ENOVIA "emxFramework.FilterParameterPattern"...
A vulnerability has been reported in ENOVIA, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/42668/
[2/5] PECL phar Extension Format String...
Some vulnerabilities have been reported in the PECL phar extension, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
http://secunia.com/advisories/42726/
[2/5] web@all Cross-Site Request Forgery...
A vulnerability has been discovered in web@all, which can be exploited by malicious people to conduct cross-site request forgery attacks.
http://secunia.com/advisories/42736/
[2/5] Pligg Multiple Cross-Site Scripting...
Some vulnerabilities have been reported in Pligg, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/42740/
[3/5] CubeCart Cross-Site Request Forgery...
A vulnerability has been discovered in CubeCart, which can be exploited by malicious people to conduct cross-site request forgery attacks.
http://secunia.com/advisories/42728/
[4/5] Debian update for libxml2
Debian has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
http://secunia.com/advisories/42762/
[1/5] Pidgin MSN Direct Connection Denial of...
A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/42732/
[4/5] Libxml2 XPath Double Free Vulnerability
A vulnerability has been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
http://secunia.com/advisories/42721/
[1/5] Fedora update for dbus
Fedora has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
http://secunia.com/advisories/42760/
[2/5] Fedora update for eclipse
Fedora has issued an update for eclipse. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/42761/
[4/5] SUSE update for Multiple Packages
SUSE has issued an update for multiple packages. This fixes a security issue and some vulnerabilities where some have an unknown impact and others can be exploited by malicious users to conduct spoofing and script insertion attacks and cause a DoS (Denial of Service) and by malicious people conduct spoofing attacks, bypass certain security restrictions, disclose potentially sensitive information,...
[2/5] Fedora update for git
Fedora has issued an update for git. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/42743/
[3/5] Rocket U2 UniVerse / UniData Uni RPC Service...
A vulnerability has been reported in Rocket U2 UniVerse and UniData, which can be exploited by malicious people to compromise a vulnerable system.
http://secunia.com/advisories/42699/
[4/5] Redmine Multiple Vulnerabilities
Some vulnerabilities have been reported in Redmine, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct script insertion attacks and compromise a vulnerable system.
http://secunia.com/advisories/42741/
[2/5] Slackware update for php
Slackware has issued an update for php. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/42729/
[1/5] Fedora update for ImageMagick
Fedora has issued an update for ImageMagick. This fixes a weakness, which can be exploited by malicious, local users to gain escalated privileges.
http://secunia.com/advisories/42744/
[2/5] Embedthis Appweb Cross-Site Scripting...
Gjoko Krstic has reported a vulnerability in Embedthis Appweb, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/42739/
[2/5] Django Two Security Issues
Two security issues have been reported in Django, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/42715/
[3/5] Fedora update for kernel
Fedora has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS.
http://secunia.com/advisories/42745/
[2/5] IBM Lotus Notes Traveler Multiple...
Some vulnerabilities have been reported in IBM Lotus Notes Traveler, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
http://secunia.com/advisories/39880/
[4/5] Fedora update for seamonkey
Fedora has issued an update for seamonkey. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user’s system.
http://secunia.com/advisories/42716/
[2/5] TheHostingTool "updateResource()" SQL...
Russ McRee has discovered a vulnerability in TheHostingTool, which can be exploited by malicious users to conduct SQL injection attacks.
http://secunia.com/advisories/42369/
[3/5] Built2Go PHP Shopping "cat" SQL Injection...
A vulnerability has been reported in Built2Go PHP Shopping, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/advisories/42717/
[3/5] YPNinc Realty Classifieds "id" SQL Injection...
A vulnerability has been reported in YPNinc Realty Classifieds, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/advisories/42687/
[4/5] Debian update for tor
Debian has issued an update for tor. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
http://secunia.com/advisories/42667/