Double free

Double free vulnerability in the getchunkheader function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted TiVo TY file...

CVE-2011-5214

CVE-2011-5214 concerns multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM, affecting version 5.100.01 and earlier. The issue allows remote attackers to inject arbitrary script or HTML via: (1) PATH_INFO to index.php, (2) modules/admin/admin_module_index.php, (3) modules/calendar/cu...

Ubuntu 8.04 LTS : python2.5 vulnerabilities (USN-1613-1)

It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...

USN-1613-2: Python 2.4 vulnerabilities

USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. Original advisory details: It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working...

[SECURITY] Fedora 17 Update: dracut-018-105.git20120927.fc17

Dracut contains tools to create a bootable initramfs for 2.6 Linux kernels. Unlike existing implementations, dracut does hard-code as little as possible into the initramfs. Dracut contains various modules which are driven by the event-based udev. Having root on MD, DM, LVM2, LUKS is supported as...

Novell File Reporter NFRAgent.exe VOL tag buffer overflow

Added: 10/12/2012 BID: 55268 OSVDB: 85503 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to 1 autocomplete.php, 2 search/ajax/autosuggest.php, 3 livesuggest.php, or 4 save.php in frontend/modules/search/ajax...

CVE-2012-5164

Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to 1 autocomplete.php, 2 search/ajax/autosuggest.php, 3 livesuggest.php, or 4 save.php in frontend/modules/search/ajax...

SpiceWorks 6.0.00993 - Multiple Script Injection Vulnerabilities

!-- Title: Spiceworks 6.0.00993 Multiple Script Injection Vulnerabilities Vendor: Spiceworks Inc. Product web page: http://www.spiceworks.com Affected version: 6.0.00993 and 6.0.00966 Summary: The Spiceworks IT Desktop delivers nearly everything you need to simplify your IT job. Available in a...

CVE-2011-5174

Buffer overflow in Intel Trusted Execution Technology TXT SINIT Authenticated Code Modules ACM in Intel Q67 Express, C202, C204, C206 Chipsets, and Mobile Intel QM67, and QS67 Chipset before 2ndgeni5i7SINIT51.BIN Express; Intel Q57, 3450 Chipsets and Mobile Intel QM57 and QS57 Express Chipset...

CVE-2011-5174

Buffer overflow in Intel Trusted Execution Technology TXT SINIT Authenticated Code Modules ACM in Intel Q67 Express, C202, C204, C206 Chipsets, and Mobile Intel QM67, and QS67 Chipset before 2ndgeni5i7SINIT51.BIN Express; Intel Q57, 3450 Chipsets and Mobile Intel QM57 and QS57 Express Chipset...

Cisco Software Encryption Library Information Disclosure Vulnerability

Cisco software contains a vulnerability that could allow an unauthenticated, remote attacker to access sensitive information on a targeted system. The vulnerability is in the encryption library used by the vulnerable software. This library allows a portion of an encrypted packet to be sent...

Slackware Advisory SSA:2004-119-01 kernel security updates

The remote host is missing an update as announced via advisory SSA:2004-119-01. OpenVAS Vulnerability Test $Id: esoftslkssa200411901.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

CVE-2011-5111

Multiple SQL injection vulnerabilities in Kajian Website CMS Balitbang 3.x allow remote attackers to execute arbitrary SQL commands via the hal parameter to 1 the data module in alumni.php; or the 2 lihbuku, 3 artikel, 4 album, or 5 berita module in index.php...

CVE-2012-4260

Multiple SQL injection vulnerabilities in myCare2x allow remote attackers to execute arbitrary SQL commands via the 1 aktion or 2 callurl parameter to modules/patient/mycare2xpatinfo.php; 3 deptnr or 4 pid parameter to modules/importer/mycare2ximporter.php; 5 myOpsEintrag or 6 keyword parameter i...

Sql injection

Multiple SQL injection vulnerabilities in myCare2x allow remote attackers to execute arbitrary SQL commands via the 1 aktion or 2 callurl parameter to modules/patient/mycare2xpatinfo.php; 3 deptnr or 4 pid parameter to modules/importer/mycare2ximporter.php; 5 myOpsEintrag or 6 keyword parameter i...

Scientific Linux Security Update : kvm on SL5.x x86_64

A data structure field in kvmvcpuioctlx86getvcpuevents in QEMU-KVM was not initialized properly before being copied to user-space. A privileged host user with access to '/dev/kvm' could use this flaw to leak kernel stack memory to user-space. CVE-2010-4525 These updated packages also fix several...

Scientific Linux Security Update : ndiswrapper on SL5.x i386/x86_64

This release is corresponding with the first kernel security update with the new 2.6.18-92 kernel. We have built new kernel modules for all the kernels we have released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...

Scientific Linux Security Update : ndiswrapper on SL5.x i386/x86_64

This release is corresponding with the kernel security update with the new 2.6.18-164 kernel. We have build new kernel modules for all the kernels we have released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'deprecatednasllevel.inc';...

Scientific Linux Security Update : openafs on SL5.x i386/x86_64

This release is corresponding with the kernel security update with the new 2.6.18-164 kernel. We have build new kernel modules for all the kernels we have released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'deprecatednasllevel.inc';...