/.
• Mississippi Makes Caller ID Spoofing Illegal
• Japanese Researchers Develop World’s Fastest Book Scanner
• Firmware Hack Allows Video Analysis On a Canon Camera
• Android 2.1 Finally Makes It To Droid
• The Movie Studios’ Big 3D Scam
• Aussie Gamers Dress As Zombies To Raise R18+ Awareness
• Cisco’s New Router — Trouble For Hollywood
• Planck Mission Releases Images of Galactic Dust
• The Death of the US-Mexico Virtual Fence
• ACLU Sues Over Legality of “Targeted Killing” By Drones
• Scientists Demonstrate Mammalian Tissue Regeneration
• Is Microsoft About To Declare Patent War On Linux?
• Toshiba Ends Incandescent Bulb Production After 120 Years
• Facebook Attracting More Visitors Than Google.com
• How Students Use Wikipedia
• The Problems With Video Game Voice Acting
• The Bloodhound Will Stay On the Ground At 1,000 mph
• Study Finds That Video Games Hinder Learning In Young Boys
• The State of Robotic Surgery
• Japanese Researchers Develop World’s Fastest Book Scanner
• Firmware Hack Allows Video Analysis On a Canon Camera
• Android 2.1 Finally Makes It To Droid
• The Movie Studios’ Big 3D Scam
• Aussie Gamers Dress As Zombies To Raise R18+ Awareness
• Cisco’s New Router — Trouble For Hollywood
• Planck Mission Releases Images of Galactic Dust
• The Death of the US-Mexico Virtual Fence
• ACLU Sues Over Legality of “Targeted Killing” By Drones
• Scientists Demonstrate Mammalian Tissue Regeneration
• Is Microsoft About To Declare Patent War On Linux?
• Toshiba Ends Incandescent Bulb Production After 120 Years
• Facebook Attracting More Visitors Than Google.com
• How Students Use Wikipedia
• The Problems With Video Game Voice Acting
• The Bloodhound Will Stay On the Ground At 1,000 mph
• Study Finds That Video Games Hinder Learning In Young Boys
• The State of Robotic Surgery
Гелерия
NewsForge
Bugtraq
• Vuln: ActiveCampaign 1-2-All Broadcast Email Admin Control Panel Username SQL Injection Vulnerability
• Vuln: TYPO3 myDashboard (mydashboard) Extension Unspecified Cross Site Scripting Vulnerability
• Vuln: Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
• Vuln: Mozilla Firefox CVE-2009-3979 Multiple Remote Memory Corruption Vulnerabilities
• Bugtraq: Sahana 0.6.2.2 Authentication Bypass
• Bugtraq: Secunia Research: Quicksilver Forums Cross-Site Request Forgery Vulnerability
• Bugtraq: Secunia Research: Quicksilver Forums Backup Information Disclosure
• Bugtraq: Secunia Research: Quicksilver Forums "mysqldump" Password Disclosure
• More rss feeds from SecurityFocus
• Vuln: TYPO3 myDashboard (mydashboard) Extension Unspecified Cross Site Scripting Vulnerability
• Vuln: Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
• Vuln: Mozilla Firefox CVE-2009-3979 Multiple Remote Memory Corruption Vulnerabilities
• Bugtraq: Sahana 0.6.2.2 Authentication Bypass
• Bugtraq: Secunia Research: Quicksilver Forums Cross-Site Request Forgery Vulnerability
• Bugtraq: Secunia Research: Quicksilver Forums Backup Information Disclosure
• Bugtraq: Secunia Research: Quicksilver Forums "mysqldump" Password Disclosure
• More rss feeds from SecurityFocus
PacketStormSecurity
• USN-913-1.txt - Ubuntu Security Notice 913-1 - It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. It was discovered that libpng did not properly handle certain excessively compressed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service.
• argosoft-traversal.txt - ArGoSoft FTP Server .NET version 1.0.2.1 suffers from a directory traversal vulnerability.
• dff-0.5.0-src.tar.gz - DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.
• CORE-2009-0803.txt - Core Security Technologies Advisory - A vulnerability found in the memory management of the Virtual Machine Monitor makes memory pages mapped above the 2GB available with read or read/write access to user-space programs running in a Guest operating system.
• CORELAN-10-013.txt - Windisc version 1.3 suffers from a stack buffer overflow vulnerability. Full exploit code included.
• fckeditor-shell.txt - FCKEditor version 2.0 RC3 suffers from a shell upload vulnerability.
• USN-912-1.txt - Ubuntu Security Notice 912-1 - It was discovered that Audio File Library contained a heap-based buffer overflow. If a user or automated system processed a crafted WAV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. The default compiler options for Ubuntu should reduce this vulnerability to a denial of service.
• ZDI-10-032.txt - Zero Day Initiative Advisory 10-032 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP MaxDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the serv.exe process which listens by default on TCP port 7210. The process trusts a value from a handshake packet and uses it as a length when copying data to the stack. If provided a malicious value and packet data, this can be leveraged to execute arbitrary code under the context of the SYSTEM user.
• clantigercms-xsrf.txt - Clan Tiger CMS suffers from a cross site request forgery vulnerability.
• chillycms-xss.txt - Chilly CMS suffers from a persistent cross site scripting vulnerability.
• chillycms-xsrf.txt - Chilly CMS suffers from a cross site request forgery vulnerability.
• wftpdkill.py.txt - WFTPD version 3.3 remote unhandled exception denial of service exploit.
• sugarcrm-xss.txt - SugarCRM versions prior to 5.5.0a and 5.2.0l suffer from a cross site scripting vulnerability.
• ZDI-10-031.txt - Zero Day Initiative Advisory 10-031 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable software utilizing Apple's WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to a failure to unregister a callback pointer during the destruction of a particular type of element when embedded inside a 'blink' container. The application dereferences the original resource which can can be leveraged by an attacker to execute arbitrary code under the context of the current user.
• ossim22-exec.pdf - CYBSEC Security Advisory - OSSIM version 2.2 suffers from a remote command execution vulnerability.
...
• argosoft-traversal.txt - ArGoSoft FTP Server .NET version 1.0.2.1 suffers from a directory traversal vulnerability.
• dff-0.5.0-src.tar.gz - DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.
• CORE-2009-0803.txt - Core Security Technologies Advisory - A vulnerability found in the memory management of the Virtual Machine Monitor makes memory pages mapped above the 2GB available with read or read/write access to user-space programs running in a Guest operating system.
• CORELAN-10-013.txt - Windisc version 1.3 suffers from a stack buffer overflow vulnerability. Full exploit code included.
• fckeditor-shell.txt - FCKEditor version 2.0 RC3 suffers from a shell upload vulnerability.
• USN-912-1.txt - Ubuntu Security Notice 912-1 - It was discovered that Audio File Library contained a heap-based buffer overflow. If a user or automated system processed a crafted WAV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. The default compiler options for Ubuntu should reduce this vulnerability to a denial of service.
• ZDI-10-032.txt - Zero Day Initiative Advisory 10-032 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP MaxDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the serv.exe process which listens by default on TCP port 7210. The process trusts a value from a handshake packet and uses it as a length when copying data to the stack. If provided a malicious value and packet data, this can be leveraged to execute arbitrary code under the context of the SYSTEM user.
• clantigercms-xsrf.txt - Clan Tiger CMS suffers from a cross site request forgery vulnerability.
• chillycms-xss.txt - Chilly CMS suffers from a persistent cross site scripting vulnerability.
• chillycms-xsrf.txt - Chilly CMS suffers from a cross site request forgery vulnerability.
• wftpdkill.py.txt - WFTPD version 3.3 remote unhandled exception denial of service exploit.
• sugarcrm-xss.txt - SugarCRM versions prior to 5.5.0a and 5.2.0l suffer from a cross site scripting vulnerability.
• ZDI-10-031.txt - Zero Day Initiative Advisory 10-031 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable software utilizing Apple's WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to a failure to unregister a callback pointer during the destruction of a particular type of element when embedded inside a 'blink' container. The application dereferences the original resource which can can be leveraged by an attacker to execute arbitrary code under the context of the current user.
• ossim22-exec.pdf - CYBSEC Security Advisory - OSSIM version 2.2 suffers from a remote command execution vulnerability.
...
-
Език / Language
-
Меню
-
За връзка
-
Други
Български
english
16785168