Secunia Security Advisory - Multiple vulnerabilities have been discovered in FreeRealty, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery and SQL injection attacks.
7e8eaca90e480d8a0679e92d711b9a76Debian Linux Security Advisory 2471-1 - Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV, files could lead to the execution of arbitrary code.
6c97de18208b7f4f350a8691117a2fb1Secunia Security Advisory - Debian has issued an update for wordpress. This fixes a security issue and some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks, bypass certain security restrictions, and compromise a vulnerable system and by malicious people to conduct script insertion and cross-site scripting attacks, disclose sensitive information, and cause a DoS (Denial of Service).
28dec65e0b5298f0fb9dfee700680e7dSecunia Security Advisory - Multiple vulnerabilities have been reported in Kronolith, which can be exploited by malicious people to conduct cross-site scripting attacks.
8031a01f95cabd1ad659a9ee2270e98eSecunia Security Advisory - Multiple vulnerabilities have been reported in Sympa, which can be exploited by malicious people to bypass certain security restrictions.
75dffcd6aae796808ced392286abe2f9Secunia Security Advisory - Debian has issued an update for ffmpeg. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.
21ac0745a82f6e5efd5550a795853a99Secunia Security Advisory - Two vulnerabilities have been reported in Hitachi IT Operations Director, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
e56c6eace967506095855f6701f00000Wonderware Archestra SuiteLink suffers from resource consumption and denial of service vulnerabilities.
27b4027a8182b544cdd344d135d4a53bPro-face Pro-Server EX versions 1.30.000 and PCRuntime versions 3.1.00 suffer from memory related and integer overflow vulnerabilities. Proof of concept included.
17c2b2e4755b2b85a4fed0a5a84f3273NetBill Billing System version 1.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
fecfe35d4ae958f2f63561abae3a462fTravelon Express CMS version 6.2.2 suffers from cross site scripting, shell upload, and remote SQL injection vulnerabilities.
1862cfb5af1f9c7deba80fea4ff3383fProman Xpress version 5.0.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
d78b451201d85c93cc9c1dd3128f0818Viscacha Forum CMS version 0.8.1.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
30be4ec67c4f0d0366089c49b0a36cd3Free Reality version 3.1-0.6 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
0606d4d84cc44dda399e603cbd9a2433GENU CMS version 2012.4 suffers from cross site request forgery and remote SQL injection vulnerabilities.
8c643d459b4fe2bd6ea09d4054fae0b5GetSimple CMS version 3.1 suffers from multiple cross site scripting vulnerabilities.
608740f77d14a71f453bf57c86ebf126Secunia Security Advisory - SUSE has issued an update for puppet. This fixes two security issues and two vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and perform certain actions with escalated privileges and by malicious users to cause a DoS (Denial of Service).
3725ff823958de063fcbfde5b40f419aDebian Linux Security Advisory 2670-1 - Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from release announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches.
05a792cd9219f8a8c8f7b06ee4bad19dDebian Linux Security Advisory 2469-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
3f1dcfb71fe565dd57795656e6ce3a4eEMC Information Rights Management (IRM) contains vulnerabilities that can potentially be exploited by malicious users to cause denial of service.
c6a77cc1f6bd959f4ead540f87d6397aQNX phrelay/phindows/phditto suffer from bpe_decompress stack overflow and Photon Session buffer overflow vulnerabilities. Proof of concept test code included.
8bdbe35c922a2d77f278a277d57eda29eLearning Server version 4G suffers from remote file inclusion and remote SQL injection vulnerabilities.
8af6a94c9baae2224603bb83e9f117b9The WordPress Bad Behavior plugin suffers from multiple cross site scripting vulnerabilities.
f0c5562e696b901aa51c618be2710f59The WordPress Custom Contact Forms suffer from multiple cross site scripting vulnerabilities.
a87fa4c3207c8d7c6d5daabbd235929dApple Security Advisory 2012-05-09-2 - Safari 5.1.7 is now available and addresses multiple WebKit related vulnerabilities.
e3c8d877a6f6c73bc4f2f1f2ff79350f
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed