06 November 2009

• Multiple Vendors IPv6 Implementation Remote Denial of Service
• Achievo "debugger.php" Remote File Include
• Drupal Userpoints Module "userpoint" Information Disclosure
• Joomla! JD-WordPress Component "wp-feed.php" Remote File Include
• RunCMS "forum" Parameter SQL Injection
• OpenDocMan Cross-Site Scripting and SQL Injection
• Websense Email Security Cross-Site Scripting and HTML Injection Vulnerabilities
• Cybozu Multiple Products Unspecified Cross-Site Scripting Vulnerabilities
• McAfee Products TAR and PDF Files Scan Evasion Vulnerabilities
• nginx "ngx_http_process_request_headers()" Remote Buffer Overflow
• Perl UTF-8 Regular Expression Processing Remote Denial of Service
• Adobe Reader and Acrobat Certificate Modification
• GD Graphics Library "_gdGetColors" Remote Buffer Overflow
• Adobe Reader and Acrobat Buffer Overflow
• Adobe Reader and Acrobat U3D File Pointer Overwrite Remote
• Bftpd Unspecified Remote Denial of Service Vulnerability
• Sun Solaris ZFS Filesystem Security Bypass
• Linux Kernel KVM "update_cr8_intercept()" Local Denial of Service
• Linux Kernel "get_random_int" Random Number Generation Weakness
• Gpg4win Remote Denial of Service
• Websense Email Security and Email Manager "STEMWADM.EXE" Remote Denial of Service

05 November 2009

• Aruba Mobility Controller 802.11 Association Request Frame Remote Denial of Service
• Cisco Unified Presence TimesTenD Process Denial of Service
• TYPO3 Core Multiple Security Vulnerabilities
• Vivvo CMS "files.php" Directory Traversal
• Drupal Webform Module HTML Injection and Information Disclosure Vulnerabilities
• RunCMS "pid" Parameter SQL Injection
• Dream Poll Cross-Site Scripting and SQL Injection
• IBM Rational AppScan Help Pages Unspecified Cross-Site Scripting
• Zainu "searchSongKeyword" Parameter Cross-Site Scripting
• Wireshark 1.2.2 and 1.0.9 Multiple Vulnerabilities
• python-markdown2 Multiple Security Vulnerabilities
• HTML-Parser Invalid HTML Entity Remote Denial of Service
• McKesson Horizon Clinical Infrastructure (HCI) Password Disclosure
• Adobe Reader and Acrobat ActiveX Control Denial of Service
• Adobe Reader and Acrobat Unspecified Integer Overflow Memory Corruption
• Adobe Acrobat Reader Firefox Plugin Memory Corruption Remote Code Execution
• Adobe Reader and Acrobat for Unix Debug Mode Remote Code Execution
• Linux Kernel Netlink Packets Security Bypass
• Linux Kernel KVM "kvm_dev_ioctl_get_supported_cpuid()" Integer Overflow
• SystemTap Unprivileged Mode Multiple Denial of Service
• Linux Kernel "/drivers/net/r8169.c" Out-of-IOMMU Error Local Denial of Service
• Pegasus Mail POP3 Response Remote Buffer Overflow
• EMC RepliStor Server "rep_serv.exe" Remote Denial of Service

04 November 2009

• Overland Storage Snap Server 410
• TFTgallery "album" Parameter Cross-Site Scripting Vulnerability
• DM Albums Multiple File Deletion Vulnerabilities
• TYPO3 freeCap CAPTCHA Module Unspecified Unauthorized Access Vulnerability
• Drupal Printer, e-mail and PDF version Module Security Bypass and HTML Injection Vulnerabilities
• Joomla! "com_photoblog" Component "category" Parameter SQL Injection
• Drupal Abuse Module Cross-Site Scripting
• TBmnetCMS "content" Parameter Cross-Site Scripting
• bloofoxCMS "search" Parameter Cross-Site Scripting
• OpenLDAP X.509 Certificate NULL Character Certificate Validation Security Bypass
• Asterisk Missing ACL Check Remote Security Bypass
• MapServer HTTP Request Processing Integer Overflow
• squidGuard Multiple Security Bypass Vulnerabilities
• Poppler "create_surface_from_thumbnail_data()" Integer Overflow Memory Corruption
• Adobe Acrobat Integer Overflow Denial Of Service Vulnerability
• Adobe Reader and Acrobat XMP-XML Entity Expansion Denial of Service
• Adobe Reader and Acrobat "annots.api" Denial of Service
• Adobe Reader and Acrobat COM Objects Memory Corruption Remote Code Execution
• Sun Solaris Trusted Extensions Policy Configuration Remote Privilege Escalation Weakness
• Linux Kernel 2.4 and 2.6 Local Information Disclosure
• Linux Kernel "unix_stream_connect()" Local Denial of Service
• Multiple Rising Products Insecure Program File Permissions Local Privilege Escalation
• EMC Documentum ApplicationXtender Admin Agent Multiple Vulnerabilities
• AOL AIM "sipXtapi.dll" Multiple Buffer Overflow Vulnerabilities

03 November 2009

• 3Com OfficeConnect ADSL Wireless 11g Firewall Router Authentication Multiple Remote Vulnerabilities
• Cisco Unified Presence Track Network Connection Denial of Service
• IBM Lotus Connections Mobile Activities Pages Cross-Site Scripting
• Drupal FileField Module Information Disclosure
• Joomla! com_booklibrary Component "releasenote.php" Remote File Include
• Drupal Organic Groups Vocabulary Module Unauthorized Access
• Joomla! "com_jshop" Component "pid" Parameter SQL Injection
• Drupal vCard Module Cross-Site Scripting
• IBM Rational RequisitePro ReqWebHelp Multiple Cross-Site Scripting Vulnerabilities
• Eclipse BIRT "run?__report" Parameter Cross-Site Scripting
• VMware Products Directory Traversal
• Novell eDirectory "/dhost/modules?L:" Buffer Overflow Vulnerability
• Adobe Reader and Acrobat File Extension Controls Remote Security Bypass
• CamlImages JPEG Handling Remote Buffer Overflow
• Adobe Acrobat Image Decoder Remote Code Execution
• Adobe Reader and Acrobat "AcroPDF.dll" ActiveX Control Denial of Service
• Adobe Reader and Acrobat Compact Font Format Heap Memory Corruption
• Sun OpenSolaris Unspecified Local Security
• Linux Kernel "proc" World Writeable File Security Bypass
• Linux Kernel NFSV4 CallbackClient NULL Pointer Dereference Local Denial of Service
• Cherokee Web Server Malformed Packet Remote Denial of Service
• DWebPro "file" Parameter Remote Command Execution
• Avast! Insecure Program File Permissions Local Privilege Escalation