|
|
| Advisories | Vulnerabilities | About SecurityWatch | Beta Version - |
|
Advisories -
30 days archive
06/21/05: GLSA 200506-19 (Low): squirrelmail SquirrelMail: Several XSS vulnerabilities 06/21/05: GLSA 200506-18 (Low): tor Tor: Information disclosure 06/21/05: NanoBlogger Plugins Shell Command Injection Vulnerability A vulnerability has been reported in NanoBlogger, which potentially can be exploited by malicious people to compromise a user's system. 06/21/05: Enterasys Vertical Horizon Switches Two Security Issues Jacek Lipkowski has reported two security issues in various Enterasys Vertical Horizon switches, which can be exploited by malicious people to gain access to a debugging account, and by malicious users to bypass certain security restrictions. 06/21/05: OpenBSD update for sudo OpenBSD has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to execute arbitrary commands with escalated privileges. 06/21/05: Fortibus CMS "username" and "ID" SQL Injection Vulnerabilities Tamer Mohamed Hassan has discovered some vulnerabilities in Fortibus CMS, which can be exploited by malicious people to conduct SQL injection attacks. 06/21/05: Cisco VPN Concentrator Group Name Enumeration Weakness NTA Monitor has reported a weakness in Cisco VPN 3000 Concentrator, which can be exploited by malicious people to gain knowledge of certain information. 06/21/05: Sudo Arbitrary Command Execution Vulnerability A vulnerability has been reported in sudo, which can be exploited by malicious, local users to execute arbitrary commands. 06/21/05: i-Gallery "folder" Cross-Site Scripting and Directory Traversal Seyed Hamid Kashfi has discovered a vulnerability in i-Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose system information. 06/21/05: Novell NetMail File Ownership Security Issue A security issue has been reported in NetMail, which can be exploited by malicious, local users to delete or replace the NetMail binaries. |
Vulnerabilities -
30 days archive
06/22/05: Mozilla Camino Lets Remote Users Spoof Javascript Dialog Boxes 06/22/05: Mozilla Firefox Lets Remote Users Spoof Javascript Dialog Boxes 06/22/05: Mozilla Browser Lets Remote Users Spoof Javascript Dialog Boxes 06/21/05: Ruby XMLRPC Security Control Flaw May Let Remote Users Execute Arbitrary Commands 06/21/05: Cacti Input Validation Holes Let Remote Users Inject SQL Commands and Execute Arbitrary Commands 06/21/05: Novell NetMail for Linux Access Permissions May Let Local Users Modify the Binaries 06/21/05: Enterasys Vertical Horizon Common Default Password Grants Access to Remote Users 06/21/05: paFAQ Flaws Let Remote Users Download the Database, Inject SQL Commands, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code 06/21/05: Novell GroupWise Client Discloses Password to Local Users 06/21/05: Cisco VPN 3000 Lets Remote Users Determine Valid Groupnames 06/21/05: Ublog Reload Input Validation Holes in 'index.asp' Permit SQL Injection and in 'trackback.asp' Permit Cross-Site Scripting Attacks 06/21/05: Heimdal telnetd Buffer Overflow in getterminaltype() Lets Remote Users Execute Arbitrary Code 06/20/05: ATutor subscribe_forum.php us Variable XSS 06/20/05: ATutor tile.php Mutliple Variable XSS 06/20/05: ATutor inbox/index.php view Variable XSS 06/20/05: ATutor send_message.php l Variable XSS 06/20/05: ATutor search.php Multiple Variable XSS 06/20/05: ATutor contact.php subject Variable XSS 06/20/05: ATutor browse.php show_course Variable XSS 06/20/05: ATutor content.php cid Variable XSS |
Updated automatically every 10 minutes, 24x7.
 SecurityWatch is looking for sponsors in order to help us to maintain and improve the service. Please contact for further information. |
SecurityWatch is powered by eBCVG © eBCVG IT Security 2000 - 2005 |
||