Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
affc3a79919577943f896e64d3e4a4dcc4970c5bf80cc98c7f3a3144745eac27
When you install Comodo Internet Security, by default a new browser called Chromodo is installed and set as the default browser. Additionally, all shortcuts are replaced with Chromodo links and all settings, cookies, etc are imported from Chrome. They also hijack DNS settings, among other shady practices.
bdbaab613e70202de64329e92a0aa11a5a23b6198f82463ba4715fdd151dcb53
There is an overflow in the ui::PlatformCursor WebCursor::GetPlatformCursor method in Google Chrome.
bd224e90b919011fec7fdaac0829c431dedd237dd5c4bc4e9724abccb5fe6fb5
This mp4 file causes stack corruption in Flash. To run the test, load LoadMP42.swf?file=null.mp4 from a remote server.
c1dd8ff07903035208e56e15a5c0096bd3f6903b52739b19bbcb008202a954ab
This jpg file causes an invalid pointer to be freed when media scanning occurs on Samsung Galaxy S6.
c28f5048c94508b781d43243304bf68709181131a5a4fdac2d1d3ce2a45f4842
This proof of concept file causes memory corruption when it is scanned by the face recognition library in android.media.process.
f2ebb31f8a063f8972d6266edc011080f62366d4a268e944ad5de5ed57e2d0c6
The default Samsung email client's email viewer and composer (implemented in SecEmailUI.apk) doesn't sanitize HTML email content for scripts before rendering the data inside a WebView. This allows an attacker to execute arbitrary JavaScript when a user views a HTML email which contains HTML script tags or other events.
cdd3dca1431b631c7893709d3f20baf0ee1737418b177b7b11da853c74127bd8
Mobile Drive Free 1.8 suffers from local file inclusion and remote file upload vulnerabilities.
05155dd1e1a08c3f2e5935876d119490cc719dbdb964d9037411b49135cef67e
ThumbDrive version 1.1 suffers from local file inclusion and remote file upload vulnerabilities.
24b1fbaf67ad57254b1eec0e9fd8d6d7cfb669cede0b24ddaea3ba1bc9fb7183
Norcon 2016 has announced its call for papers. It will be held in Chico, CA, USA from March 26th through the 27th, 2016.
8a4c3ece5ea5746e91beb3957836bfc9ccbda0054339e75fc7b5c7498d2bac3a
Netgear Pro NMS 300 suffers from code execution and arbitrary file download vulnerabilities.
bd8afe526581d0c940240674b8f3e8ad40ed6f11a99c8f7c416c4282267549ff
This one is complicated, but allows an attacker to read any file on the filesystem by clicking a link. You don't even have to know the name or path of the file, because you can also retrieve directory listings using this attack. Additionally, you can send arbitrary authenticated HTTP requests, and read the responses. This allows an attacker to read cookies, email, interact with online banking and so on.
4bad7ddfedceb6f7b409d84aac5aa90382f66d898044ad874bda143180fe3992
MalwareBytes fetches their signature updates over HTTP, permitting a man in the middle attack.
3db7f35f2173b8f4b93e582cd2e3ad38fac889bb0120b08617db5d68d39ac26b
Joomla Pricelist component version 3.2.1 suffers from a remote SQL injection vulnerability.
2fcd7c979b815c8f7b431ccb568f8b2065f52032445e94218b0044d3929612f0
Getdpd suffered from a cross site scripting vulnerability in the filename value.
129d32fa266a43572741cacd313cdcb606e1ce2a30bbe8b8332c7fe439d20f2e
Getdpd suffered from a cross site scripting vulnerability in the id parameter.
418b52aecde43b710e0b2d2862b3a6e5875acb93269be717d6ec8d27e442ea15