Ntpdc version 4.2.6p3 suffers from a local buffer overflow vulnerability.
dfc688a1df19cf25ae360e18efb2e689ec9e974da1249560b0f5d4ea4dcd3424
CMS e107 version 1.0.4 suffers from a reflective cross site scripting vulnerability.
8b5ac684d1274a2687312ff65c5c98c284e60e17e88e72a11b9cceb43c21bb6f
Mandriva Linux Security Advisory 2015-019 - A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack. A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion. Various other issues have also been addressed. The updated packages have been upgraded to the 1.0.0p version where these security flaws has been fixed.
75b27d24d895136eb2a1d5967312d2d37fb9a705931ed4025e1ac7b1b9cb0d74
Debian Linux Security Advisory 3122-1 - Andrey Labunets of Facebook discovered that cURL, an URL transfer library, fails to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to do additional requests in a way that was not intended, or insert additional request headers into the request.
d3f498d62423287cf98e1050abb334473512f390b27d92a81ab8531894c1bc53
This is a simple script to infect images with PHP Backdoors for local file inclusion attacks.
2417fa7ba59a45f47d8610a1495111a59f039bd586605208288ef92ac36d8906
WordPress Shopping Cart plugin version 3.0.4 suffers from a remote unrestricted file upload vulnerability.
03ffee15380538723ae5cfad12dd43da2119095c9012a3d59aa6577b8e1a8c0e
WordPress Slideoptinprox plugin suffers from a cross site scripting vulnerability.
8661c3a0a9f773bcc83a463d9878926cc6c87d2db8c147482e5dcdf578784960
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c
OpenSSL suffers from a DTLS segmentation fault in dtls1_get_record, a DTLS memory leak in dtls1_buffer_record, an issue where no-ssl3 configuration sets method to NULL, ECDHE silently downgrades to ECDH [Client], RSA silently downgrades to EXPORT_RSA [Client], DH client certificates accepted without verification [Server], certificate fingerprints can be modified, and bignum squaring may produce incorrect results.
0b38b2a82a6d39e5f9dee1fb8b137b2fe322c9449cc09a3a8095a48b5a23c2f2
REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. For 2015 it will be held June 19th through the 21st and the Call For Papers has been announced.
09695547b783f1e6eaf7825f0dbd02ce95b7c52091bf5f147761f36e0eebbc5d
CMS BEdita version 3.4.0 suffers from multiple persistent cross site scripting vulnerabilities.
48387c5f4e6c8514f072f876d2cf51e3ce255b1f1c0465a1c343d35b76c92307
Good for Enterprise Android suffers from a html injection vulnerability. A remote attacker is able to send a crafted email with a payload that redirects the user to a target url as soon as he opens the email.
3cedb9d08e08030894233fae2c3c67c075f1d6bba394e2a490ea5814d8b65ad9
This tool provides a client and a server that performs peer-to-peer file transfer using a shared, trusted PIN. The server is capable of handling simultaneous connections and transfers according to limitation set as command line argument when executing the server daemon. Written for Unix/Linux systems. It should be noted that this is still in Beta.
9fca6a0d2ec91f23cc166ee35a0222c2c4fb7a74259bdc7b8540ac6fd0917897