Use-after-free vulnerability in the Safe Browsing feature in Google Chrome before 16.0.912.75 allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via vectors related to...
Use-after-free vulnerability in Google Chrome before 16.0.912.77 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to DOM selections. Date published : 2012-01-23 http://lists.apple.com/archives/security-announce/2012/Jul/msg00000.html http://lists.apple.com/archives/security-announce/2012/Sep/msg00001.html
Cross-site scripting (XSS) vulnerability in glucose 2 before stage 6.2 allows remote attackers to inject arbitrary web script or HTML via an RSS feed. Date published : 2012-01-23 http://jvn.jp/en/jp/JVN65869891/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000008
Multiple integer overflows in vclmi.dll in the visual class library module in IBM Lotus Symphony before 3.0.1 might allow remote attackers to execute arbitrary code via an embedded (1) JPEG or (2) PNG image...
Directory traversal vulnerability in the web player in NeoAxis NeoAxis web player 1.4 and earlier allows user-assisted remote attackers to write arbitrary files via a .. (dot dot) in a filename in the neoaxis_web_application_win32.zip...
SQL injection vulnerability in the Moviebase addon for deV!L’z Clanportal (DZCP) 1.5.5 allows remote attackers to execute arbitrary SQL commands via the id parameter in a showkat action to index.php. Date published : 2012-01-20...
SQL injection vulnerability in deV!L’z Clanportal (DZCP) Gamebase addon allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a detail action to index.php. Date published : 2012-01-20 http://www.exploit-db.com/exploits/18385 http://secunia.com/advisories/47563
VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file. Date published : 2012-01-20 http://www.securityfocus.com/bid/51255 http://archives.neohapsis.com/archives/bugtraq/2012-01/0033.html
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop 7.1.2 b10978 allow remote attackers to inject arbitrary web script or HTML via the (1) Username or (2) MailBox Name. Date published : 2012-01-20 http://www.securityfocus.com/bid/51436 http://seclists.org/fulldisclosure/2012/Jan/244
AirTies Air 4450 1.1.2.18 allows remote attackers to cause a denial of service (reboot) via a direct request to cgi-bin/loader. Date published : 2012-01-20 http://www.securityfocus.com/bid/51320 http://www.exploit-db.com/exploits/18336
Cross-site scripting (XSS) vulnerability in yousaytoo.php in YouSayToo auto-publishing plugin 1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the submit parameter. Date published : 2012-01-20 http://packetstormsecurity.org/files/view/108470/wpystap-xss.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/72271
Multiple cross-site scripting (XSS) vulnerabilities in Beehive Forum 1.0.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) forum/register.php or (2) forum/logon.php. Date published : 2012-01-20 http://www.securityfocus.com/bid/51424 http://archives.neohapsis.com/archives/bugtraq/2012-01/0103.html
Cross-site scripting (XSS) vulnerability in referencement/sites_inscription.php in Annuaire PHP allows remote attackers to inject arbitrary web script or HTML via the url parameter and possibly the nom parameter. Date published : 2012-01-20 http://www.securityfocus.com/bid/51434 http://packetstormsecurity.org/files/view/108719/annuaire-xss.txt
Directory traversal vulnerability in meb_download.php in the myEASYbackup plugin 1.0.8.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dwn_file parameter. Date published : 2012-01-20 http://packetstormsecurity.org/files/view/108711/wpmyeasybackup-traversal.txt http://secunia.com/advisories/47594