Design/Logic Flaw

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service assertion failure via an X.509 certificate containing certificate-extension data associated with 1 IP address blocks or 2 Autonomous System AS identifiers...

DEBIAN-CVE-2011-4577

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service assertion failure via an X.509 certificate containing certificate-extension data associated with 1 IP address blocks or 2 Autonomous System AS identifiers...

CVE-2011-4577

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service assertion failure via an X.509 certificate containing certificate-extension data associated with 1 IP address blocks or 2 Autonomous System AS identifiers...

CVE-2011-4577

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service assertion failure via an X.509 certificate containing certificate-extension data associated with 1 IP address blocks or 2 Autonomous System AS identifiers...

CVE-2011-4577

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service assertion failure via an X.509 certificate containing certificate-extension data associated with 1 IP address blocks or 2 Autonomous System AS identifiers...

CVE-2011-4577

OpenSSL before 0.9.8s and 1.x before 1.0.0f, when RFC 3779 support is enabled, allows remote attackers to cause a denial of service assertion failure via an X.509 certificate containing certificate-extension data associated with 1 IP address blocks or 2 Autonomous System AS identifiers...

Manx cms.xml 1.0.1 Multiple HTTP Response Splitting Vulnerabilities

Summary Manx is a Content Management System that uses xml text files to store the page contents, instead of a mysql database. Description Input passed to the POST parameter 'editorChoice' in 'adminblocks.php' and 'adminpages.php' and the POST parameter 'theme' in 'admincss.php', 'adminjs.php' and...

GLSA-201111-01 : Chromium, V8: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201111-01 Chromium, V8: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact : A local attacker could...

bitcoinrpc-info NSE Script

Obtains information from a Bitcoin server by calling getinfo on its JSON-RPC interface. Script Arguments creds.global http credentials used for the query user:pass slaxml.debug See the documentation for the slaxml library. creds.service See the documentation for the creds library. http.host,...

[SECURITY] Fedora 16 Update: maniadrive-1.2-32.fc16

ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nerv ous gameplay tracks almost never exceed one minute. Features: Complex car physics, Challenging "story mode", LAN and Internet mode, Live scores, Track editor, Dedicated server with HTTP interface and More than 30 blocks...

WordPress Global Content Blocks 1.2 SQL Injection

Exploit Title: WordPress Global Content Blocks plugin 0 // intval"1a" = 1 : $entry = $wpdb-getrow"select from ".$wpdb-prefix."gcb where id=".$id; $finaltext = base64encode$entry-name."". base64encode$entry-description."". base64encode$entry-value."". base64encode$entry-type;...

WordPress Global Content Blocks Plugin <= 1.2 - SQL Injection

This WordPress Global Content Blocks plugin is prone to an SQL injection. This vulnerability allows an attacker to modify data, compromise the access and application or exploit hidden vulnerabilities in the underlying database. Solution Upgrade the plugin...

WordPress Global Content Blocks plugin <= 1.2 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Global Content Blocks plugin 0 // intval"1a" = 1 : $entry = $wpdb-getrow"select from ".$wpdb-prefix."gcb where id=".$id; $finaltext = base64encode$entry-name."". base64encode$entry-description.""...

WordPress Global Content Blocks plugin &lt;= 1.2 SQL Injection Vulnerability

No description provided by source. Exploit Title: WordPress Global Content Blocks plugin = 1.2 SQL Injection Vulnerability Date: 2011-08-18 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/global-content-blocks.1.2.zip Version: 1....

WordPress Plugin Global Content Blocks 1.2 - SQL Injection

WordPress Plugin Global Content Blocks 1.2 - SQL Injection Exploit Title: WordPress Global Content Blocks plugin 0 // intval"1a" = 1 : $entry = $wpdb-getrow"select from ".$wpdb-prefix."gcb where id=".$id; $finaltext = base64encode$entry-name."". base64encode$entry-description.""...

WordPress Plugin Global Content Blocks 1.2 - SQL Injection

Exploit Title: WordPress Global Content Blocks plugin 0 // intval"1a" = 1 : $entry = $wpdb-getrow"select from ".$wpdb-prefix."gcb where id=".$id; $finaltext = base64encode$entry-name."". base64encode$entry-description."". base64encode$entry-value."". base64encode$entry-type;...

DEBIAN-CVE-2009-5065

Cross-site scripting XSS vulnerability in feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas...

SA-CONTRIB-2011-013 - Tagadelic - Cross Site Scripting (XSS)

Tagadelic module offers various ways to display terms and vocabularies in a tag cloud on a page or in a block. The module does not sanitize the taxonomy vocabulary names and descriptions when displayed on listing pages or blocks, leading to a Cross-Site Scripting XSS vulnerability that may lead t...

Apple Webkit Font Glyph Layout Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way th...

Debian DSA-2166-1 : chromium-browser - several vulnerabilities

Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-0777 Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly ha...