Ntpdc version 4.2.6p3 suffers from a local buffer overflow vulnerability.
dfc688a1df19cf25ae360e18efb2e689ec9e974da1249560b0f5d4ea4dcd3424CMS e107 version 1.0.4 suffers from a reflective cross site scripting vulnerability.
8b5ac684d1274a2687312ff65c5c98c284e60e17e88e72a11b9cceb43c21bb6fMandriva Linux Security Advisory 2015-019 - A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack. A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion. Various other issues have also been addressed. The updated packages have been upgraded to the 1.0.0p version where these security flaws has been fixed.
75b27d24d895136eb2a1d5967312d2d37fb9a705931ed4025e1ac7b1b9cb0d74Debian Linux Security Advisory 3122-1 - Andrey Labunets of Facebook discovered that cURL, an URL transfer library, fails to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to do additional requests in a way that was not intended, or insert additional request headers into the request.
d3f498d62423287cf98e1050abb334473512f390b27d92a81ab8531894c1bc53This is a simple script to infect images with PHP Backdoors for local file inclusion attacks.
2417fa7ba59a45f47d8610a1495111a59f039bd586605208288ef92ac36d8906WordPress Shopping Cart plugin version 3.0.4 suffers from a remote unrestricted file upload vulnerability.
03ffee15380538723ae5cfad12dd43da2119095c9012a3d59aa6577b8e1a8c0eWordPress Slideoptinprox plugin suffers from a cross site scripting vulnerability.
8661c3a0a9f773bcc83a463d9878926cc6c87d2db8c147482e5dcdf578784960OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41cOpenSSL suffers from a DTLS segmentation fault in dtls1_get_record, a DTLS memory leak in dtls1_buffer_record, an issue where no-ssl3 configuration sets method to NULL, ECDHE silently downgrades to ECDH [Client], RSA silently downgrades to EXPORT_RSA [Client], DH client certificates accepted without verification [Server], certificate fingerprints can be modified, and bignum squaring may produce incorrect results.
0b38b2a82a6d39e5f9dee1fb8b137b2fe322c9449cc09a3a8095a48b5a23c2f2REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. For 2015 it will be held June 19th through the 21st and the Call For Papers has been announced.
09695547b783f1e6eaf7825f0dbd02ce95b7c52091bf5f147761f36e0eebbc5dCMS BEdita version 3.4.0 suffers from multiple persistent cross site scripting vulnerabilities.
48387c5f4e6c8514f072f876d2cf51e3ce255b1f1c0465a1c343d35b76c92307Good for Enterprise Android suffers from a html injection vulnerability. A remote attacker is able to send a crafted email with a payload that redirects the user to a target url as soon as he opens the email.
3cedb9d08e08030894233fae2c3c67c075f1d6bba394e2a490ea5814d8b65ad9This tool provides a client and a server that performs peer-to-peer file transfer using a shared, trusted PIN. The server is capable of handling simultaneous connections and transfers according to limitation set as command line argument when executing the server daemon. Written for Unix/Linux systems. It should be noted that this is still in Beta.
9fca6a0d2ec91f23cc166ee35a0222c2c4fb7a74259bdc7b8540ac6fd0917897
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed