Design/Logic Flaw

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p class in OFS/misc.py and the use of Python modules...

PYSEC-2011-26

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p class in OFS/misc.py and the use of Python modules...

PYSEC-2011-26

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p class in OFS/misc.py and the use of Python modules...

CVE-2011-3587

Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p class in OFS/misc.py and the use of Python modules...

CVE-2011-3587

CVE-2011-3587 affects Zope 2.12.x and 2.13.x, as used by Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2. The underlying issue is an unspecified vulnerability in the p_ class in OFS/misc_.py and the use of Python modules that allows a remote attacker to execute arbitrary commands. Affected ...

Exploit Pack - An open source security framework

Exploit Pack - An open source security framework Exploit Pack is an open source security framework developed by Juan Sacco. It combines the benefits of a Java GUI, Python as Engine and well-known exploits on the wild. It has an IDE to make the task of developing new exploits easier, instant searc...

Portable OpenSSH < 3.8p1 Multiple Vulnerabilities

According to its banner, a version of OpenSSH earlier than 3.8p1 is running on the remote host and is affected by the following issues: - There is an issue in the handling of PAM modules in such versions of OpenSSH. As a result, OpenSSH may not correctly handle aborted conversations with PAM...

Information disclosure

HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/HelpCenter/index.php and certain other files...

Information disclosure

CMS Made Simple CMSMS 1.9.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/TinyMCE/TinyMCE.module.php and certain other files. NOTE: this might overlap CVE-2007-5444...

Secure Boot in Windows 8 Worries Researchers

Windows 8, like Windows 7 and Vista before it, is being touted as the most secure version of Windows ever. In past releases, many of the security improvements have come through exploit mitigations such as ASLR and DEP and better software security practices during development. In Windows 8, howeve...

AVCon Buffer Overflow With DEP Bypass

DEP Bypass for OptIn/OptOut all modules used are not aslr aware script produces a text file, copy the contents paste in the input field next to the call button discovered by Dillon Beresford import sys from struct import pack print "\n=====================" print "AVCon H323 DEP Bypass" print "...

FreeBSD Ports: otrs

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

AVCon - DEP Bypass

DEP Bypass for OptIn/OptOut all modules used are not aslr aware script produces a text file, copy the contents paste in the input field next to the call button discovered by Dillon Beresford import sys from struct import pack print "\n=====================" print "AVCon H323 DEP Bypass" print "...

AVCon DEP Bypass

Exploit for windows platform in category local exploits DEP Bypass for OptIn/OptOut all modules used are not aslr aware script produces a text file, copy the contents paste in the input field next to the call button discovered by Dillon Beresford import sys from struct import pack print...

FBPwn : A Cross-Platform Facebook Profile Dumper tool

FBPwn : A Cross-Platform Facebook Profile Dumper tool FBPwn is an open source, cross-platform, Java based Facebook profile dumper. It can send friend requests to a list of Facebook profiles, and poll for their acceptance notification. Once the victim accepts the invitation, it dumps all their...

[SECURITY] Fedora 16 Update: pl-5.10.2-5.fc16

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...

[SECURITY] Fedora 14 Update: pl-5.7.11-7.fc14

ISO/Edinburgh-style Prolog compiler including modules, autoload, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF into...

[SECURITY] Fedora 15 Update: pl-5.10.2-5.fc15

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...

CVE-2010-4833

Untrusted search path vulnerability in modules/engines/ms-windows/xptheme.c in GTK+ before 2.24.0 allows local users to gain privileges via a Trojan horse uxtheme.dll file in the current working directory, a different vulnerability than CVE-2010-4831...

ME Firewall Analyzer v7.1 - Multiple Web Vulnerabilities

Document Title: =============== ME Firewall Analyzer v7.1 - Multiple Web Vulnerabilities Release Date: ============= 2011-09-06 Vulnerability Laboratory ID VL-ID: ==================================== 264 Product & Service Introduction: =============================== ManageEngine Firewall Analyze...