December 2011
[3/5] Winn Guestbook "name" Script Insertion...
A vulnerability has been discovered in Winn Guestbook, which can be exploited by malicious people to conduct script insertion attacks. http://secunia.com/advisories/47391/
Dec 30th
[3/5] DiY-CMS Blog Module Multiple SQL Injection...
Multiple vulnerabilities have been discovered in the Blog module for DiY-CMS, which can be exploited by malicious people to conduct SQL injection attacks. http://secunia.com/advisories/47337/
Dec 30th
[2/5] Bugzilla Cross-Site Request Forgery...
A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to conduct cross-site request forgery attacks. http://secunia.com/advisories/47368/
Dec 30th
[2/5] Bugzilla Cross-Site Request Forgery...
A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to conduct cross-site request forgery attacks. http://secunia.com/advisories/47369/
Dec 30th
[2/5] Bugzilla Multiple Vulnerabilities
A weakness and two vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. http://secunia.com/advisories/47365/
Dec 30th
[3/5] Akiva WebBoard "name" SQL Injection...
Alexander Fuchs has reported a vulnerability in Akiva WebBoard, which can be exploited by malicious people to conduct SQL injection attacks. http://secunia.com/advisories/47318/
Dec 30th
[3/5] op5 Appliance Two Command Execution...
Two vulnerabilities have been reported in op5 Appliance, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47417/
Dec 30th
[2/5] Neturf eCommerce Shopping Cart "SearchFor"...
A vulnerability has been reported in Neturf eCommerce Shopping Cart, which can be exploited by malicious people to conduct cross-site scripting attacks. http://secunia.com/advisories/47354/
Dec 30th
[2/5] op5 Monitor Two Vulnerabilities
Two vulnerabilities have been reported in op5 Monitor, where one has an unknown impact and the other can be exploited by malicious users to disclose certain sensitive information. http://secunia.com/advisories/47344/
Dec 30th
[1/5] Oracle iPlanet Web Server SSL/TLS...
Oracle has acknowledged a weakness in Oracle iPlanet Web Server, which can be exploited by malicious people to disclose potentially sensitive information and hijack a user’s session. http://secunia.com/advisories/47358/
Dec 30th
[3/5] WordPress Connections Plugin Unspecified...
A vulnerability with unknown impact has been reported in the Connections plugin for WordPress. http://secunia.com/advisories/47390/
Dec 29th
[2/5] Rubinius Web Form Hash Collision Denial of...
A vulnerability has been reported in Rubinius, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47415/
Dec 29th
[2/5] Rack Web Form Hash Collision Denial of...
A vulnerability has been reported in Rack, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47414/
Dec 29th
[2/5] Oracle GlassFish Server Web Form Hash...
A vulnerability has been reported in Oracle GlassFish Server, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47413/
Dec 29th
[2/5] Apache Tomcat Web Form Hash Collision Denial...
A vulnerability has been reported in Apache Tomcat, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47411/
Dec 29th
[2/5] Jetty Web Form Hash Collision Denial of...
A vulnerability has been reported in Jetty, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47408/
Dec 29th
[2/5] Plone Web Form Hash Collision Denial of...
A vulnerability has been reported in Plone, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47406/
Dec 29th
[2/5] JRuby Web Form Hash Collision Denial of...
A vulnerability has been reported in JRuby, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47407/
Dec 29th
[2/5] Ruby Web Form Hash Collision Denial of...
A vulnerability has been reported in Ruby, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47405/
Dec 29th
[2/5] PHP Web Form Hash Collision Denial of...
A vulnerability has been reported in PHP, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47404/
Dec 29th
[2/5] Microsoft ASP.NET Web Form Processing Denial...
A vulnerability has been reported in Microsoft .NET Framework, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47323/
Dec 29th
[2/5] e107 Multiple Vulnerabilities
mghack has discovered multiple vulnerabilities in e107, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site scripting attacks. http://secunia.com/advisories/46706/
Dec 28th
[3/5] WordPress WP Symposium Plugin Two Arbitrary...
Secunia Research has discovered two vulnerabilities in the WP Symposium plugin for WordPress, which can be exploited by malicious users to compromise a vulnerable system. http://secunia.com/advisories/46097/
Dec 28th
[2/5] F5 Enterprise Manager Multiple...
F5 has acknowledged two security issues and multiple vulnerabilities in F5 Enterprise Manager, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to cause a DoS (Denial of Service), and by malicious people to bypass certain security restrictions. http://secunia.com/advisories/47305/
Dec 28th
[3/5] CoCSoft Stream Down Response Processing...
A vulnerability has been discovered in CoCSoft Stream Down, which can be exploited by malicious people to compromise a user’s system. http://secunia.com/advisories/47343/
Dec 28th
[3/5] HP Database Archiving Software Multiple...
Multiple vulnerabilities have been reported in HP Database Archiving Software, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47361/
Dec 28th
[4/5] Red Hat update for krb5
Red Hat has issued an update for krb5. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47359/
Dec 28th
[4/5] Red Hat update for krb5-appl
Red Hat has issued an update for krb5-appl. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47357/
Dec 28th
[3/5] vtiger CRM Database Backup Authentication...
Francois Harvey has discovered a vulnerability in vtiger CRM, which can be exploited by malicious people to bypass certain security restrictions. http://secunia.com/advisories/47367/
Dec 27th
[3/5] WordPress Mailing List Plugin Arbitrary File...
A vulnerability has been discovered in the Mailing List plugin for WordPress, which can be exploited by malicious people to disclose sensitive information. http://secunia.com/advisories/47328/
Dec 27th
[3/5] AirOS Authentication Bypass Vulnerability
A vulnerability has been reported in AirOS, which can be exploited by malicious people to bypass certain security features. http://secunia.com/advisories/47403/
Dec 27th
[3/5] AirOS Authentication Bypass Vulnerability
A vulnerability has been reported in AirOS, which can be exploited by malicious people to bypass certain security features. http://secunia.com/advisories/47375/
Dec 27th
[2/5] Debian update for openswan
Debian has issued an update for openswan. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). http://secunia.com/advisories/47342/
Dec 27th
[4/5] Debian update for krb5 and krb5-appl
Debian has issued an update for krb5 and krb5-appl. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47341/
Dec 27th
[4/5] Kerberos telnetd Buffer Overflow...
A vulnerability has been reported in Kerberos, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47348/
Dec 27th
[4/5] Debian update for heimdal
Debian has issued an update for heimdal. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47374/
Dec 26th
[4/5] Heimdal telnetd Buffer Overflow...
A vulnerability has been reported in Heimdal, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47399/
Dec 26th
[4/5] Debian update for inetutils
Debian has issued an update for inetutils. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47373/
Dec 26th
[4/5] GNU inetutils telnetd Buffer Overflow...
A vulnerability has been discovered in GNU inetutils, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/46239/
Dec 26th
[4/5] FreeBSD update for telnetd
FreeBSD has acknowledged a vulnerability in telnetd, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/47397/
Dec 26th
[3/5] FreeBSD pam_ssh Unencrypted Private Key...
A security issue has been reported in FreeBSD, which can be exploited by malicious people to bypass certain security restrictions. http://secunia.com/advisories/47401/
Dec 26th
[3/5] FreeBSD update for bind
FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). http://secunia.com/advisories/47395/
Dec 26th
[2/5] PukiWiki Plus! Unspecified Cross-Site...
A vulnerability has been reported in PukiWiki Plus!, which can be exploited by malicious people to conduct cross-site scripting attacks. http://secunia.com/advisories/47394/
Dec 26th
[4/5] Debian update for jasper
Debian has issued an update for jasper. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library. http://secunia.com/advisories/47353/
Dec 26th
[3/5] Public Knowledge Project Products Cross-Site...
A vulnerability has been discovered in Public Knowledge Project Open Journal Systems and Open Conference Systems, which can be exploited by malicious people to conduct cross-site request forgery attacks. http://secunia.com/advisories/47330/
Dec 23rd
[2/5] IBM DB2 / DB2 Connect Tivoli Monitoring...
A vulnerability has been reported in IBM DB2 and IBM DB2 Connect, which can be exploited by malicious, local users to gain escalated privileges. http://secunia.com/advisories/47346/
Dec 23rd
[4/5] IBM Rational Rhapsody BB FlashBack SDK...
Multiple vulnerabilities have been reported in IBM Rational Rhapsody, which can be exploited by malicious people to compromise a user’s system. http://secunia.com/advisories/47310/
Dec 23rd
[4/5] BB FlashBack SDK FBRecorder ActiveX Control...
Multiple vulnerabilities have been reported in BB FlashBack SDK, which can be exploited by malicious people to compromise a user’s system. http://secunia.com/advisories/47286/
Dec 23rd
[2/5] Android Browser Certificate Spoofing...
MustLive has discovered a vulnerability in Android, which can be exploited by malicious people to conduct spoofing attacks. http://secunia.com/advisories/47315/
Dec 23rd
[3/5] Open Business Management Multiple...
High-Tech Bridge SA has discovered multiple vulnerabilities in Open Business Management, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to disclose potentially sensitive information and conduct cross-site scripting and SQL injection attacks. http://secunia.com/advisories/47139/
Dec 23rd