Recent Vulnerabilities
This feed is no more! Please see osvdb.org for more info.
OSVDB has completed a major redesign, and this feed has been replaced with more customizable feeds. Please visit osvdb.org for more information on how to use our new services.
Categories: Recent Vulnerabilities
Softalk IMAP Server DoS
IMAP APPEND command handling vulnerability. Applications: Softalk IMAP Server 8.5 (02.09.2008)
Categories: Recent Vulnerabilities
WordNet library multiple buffer overflows
Applications: WordNet 3.0 (02.09.2008)
Categories: Recent Vulnerabilities
Postfix DoS
File descriptor leaks under Linux. Applications: postfix 2.4, postfix 2.5, postfix 2.6 (02.09.2008)
Categories: Recent Vulnerabilities
Postfix mail server hardlinks privilege escalation, updated since 14.08.2008
It's possible to cause Postfix to deliver mail to system file by using hardlinks to symlink (available against standard in Linux, IRIX, Solaris). Applications: Postfix 2.3, postfix 2.4, postfix 2.5, postfix 2.6 (02.09.2008)
Categories: Recent Vulnerabilities
HP OpenView Network Node Manager DoS
Applications: OpenView Network Node Manager 7.01, OpenView Network Node Manager 7.51, OpenView Network Node Manager 7.53 (02.09.2008)
Categories: Recent Vulnerabilities
Netscape / RedHat Directory Server multiple security vulnerabilities
DoS, Crossite scripting. (02.09.2008)
Categories: Recent Vulnerabilities
VMWare multiple applications security vulnerabilities
Multiple ActiveX vulnerabilities, privilege escalation, ISAPI filters DoS, third party components updates. Applications: VMware Workstation 5.5, VMware Player 1.0, VMware Server 1.0, VMware ACE 1.0, VMware Workstation 6.0, VMware Player 2.0, VMware ACE 2.0, VMware ESX 3.0 (02.09.2008)
Categories: Recent Vulnerabilities
Dreambox DM500 DoS
Device crashes on oversized HTTP request. Applications: Dreambox DM500 (02.09.2008)
Categories: Recent Vulnerabilities
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
myPHPNuke: SQL injection. Applications: myPHPNuke 1.8, vtigerCRM 5.0, Plesk 8.6 (02.09.2008)
Categories: Recent Vulnerabilities
libpurple buffer overflow
Buffer overflow on MSN SLP messages parsing. Applications: Pidgin 2.4 (01.09.2008)
Categories: Recent Vulnerabilities
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.
FeedBurner FeedSmith: crossite scripting, information leak.
myPHPNuke: crossite scripting, SQL injection. Applications: myPHPNuke 1.8, Invision Power Board 2.3, FeedBurner FeedSmith 2.3, PHPCart 4.6, PHPCart 3.4 (01.09.2008)
Categories: Recent Vulnerabilities
Mita Scanner File Utility multiple security vulnerabilities
Directory traversal, unauthorized access. Applications: Mita Scanner File Utility 3.3 (01.09.2008)
Categories: Recent Vulnerabilities
Grub, DiskCryptor, LILO, DriveCrypt, TrueCRYPT and Intel, IBM, HP BIOS disk ebcryption utilities information leak, updated since 26.08.2008
Cleartext password is not erased from BIOS data buffer. Applications: DiskCryptor 0.2, Grub Legacy 0.97, lilo 22.6, DriveCrypt 3.9, TrueCrypt 5.0 (01.09.2008)
Categories: Recent Vulnerabilities
ipsec-tools / racoon IPSec DoS
DoS attack with memory exhaustion. (01.09.2008)
Categories: Recent Vulnerabilities
[3/5] Reciprocal Links Manager "site" SQL Injection Vulnerability
Hussin X has discovered a vulnerability in Reciprocal Links Manager, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Categories: Recent Vulnerabilities
[3/5] Web directory "site" SQL Injection Vulnerability
Hussin X has reported a vulnerability in Web directory, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Categories: Recent Vulnerabilities
[3/5] Debian update for wordnet
Debian has issued an update for wordnet. This fixes some vulnerabilities, which can potentially be exploited by malicious, local users to gain escalated privileges, and by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Categories: Recent Vulnerabilities
[2/5] vtiger CRM Multiple Cross-Site Scripting Vulnerabilities
Fabian Fingerle has discovered some vulnerabilities in vtiger CRM, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Categories: Recent Vulnerabilities
[2/5] Kyocera FS-118MFP Command Center Directory Traversal Vulnerability
Francesco Tornieri has reported a vulnerability in Kyocera FS-118MFP, which can be exploited by malicious people to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.
Categories: Recent Vulnerabilities
