Source
Packet Storm
WinterCMS versions prior to 1.2.3 suffer from a persistent cross site scripting vulnerability.
Montage version 1.0 suffers from a persistent cross site scripting vulnerability.
Wedding Wonders version 1.0 suffers from a persistent cross site scripting vulnerability.
Admidio version 4.2.10 suffers from a remote code execution vulnerability.
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
Ubuntu Security Notice 6230-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor.
Ubuntu Security Notice 6229-1 - It was discovered that LibTIFF was not properly handling variables used to perform memory management operations when processing an image through tiffcrop, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that LibTIFF was not properly processing numerical values when dealing with little-endian input data, which could lead to the execution of an invalid operation. An attacker could possibly use this issue to cause a denial of service
BloodBank version 1.0 suffers from a cross site scripting vulnerability.
Blogator version 0.93 suffers from a cross site scripting vulnerability.
Bigware Shop version 2.3 suffers from a cross site scripting vulnerability.