DBMS_XMLSTORE As An Auxiliary SQL Injection Function In Oracle 12c
The ability to execute arbitrary SQL on Oracle via a SQL injection flaw is hampered by the fact that the Oracle RDBMS will not batch multiple queries. Typically, a low privileged attacker with say only...
View ArticleDjVuLibre 3.5.25.3 Out Of Bounds Access Violation
DjVuLibre versions 3.5.25.3 and below suffer from an out of bounds access violation vulnerability.
View ArticleSum Technologies SQL Injection
Sites powered by Sum Technologies suffer from a remote SQL injection vulnerability.
View ArticleApache 2.4.x mod_proxy Denial Of Service
Apache versions 2.4.x prior to 2.4.10 suffer from a denial of service condition when mod_proxy is in use.
View ArticleBarracuda Networks Spam And Virus Firewall 6.0.2 XSS
Barracuda Networks Spam and Virus Firewall version 6.0.2 suffers from a client-side cross site scripting vulnerability.
View ArticleSymantec Endpoint Protection Manager 12.1.4023.4080 Login Bruteforce
Symantec Endpoint Protection Manager version 12.1.4023.4080 suffers from a login bruteforcing vulnerability.
View ArticleSGMiner / CGMiner / BFGMiner Heap Overflow
SGMiner versions prior to 4.2.2, CGMiner versions prior to 4.3.5, and BFGMinter versions prior to 3.3.0 suffer from a heap overflow vulnerability.
View ArticleISACA Ireland Call For Papers
ISACA Ireland is seeking innovated session proposals that will engage an audience of information security, assurance. The conference will be held October 3rd, 2014 in Dublin, Ireland.
View ArticleSGMiner / CGMiner / BFGMiner Stack Overflow
SGMiner versions prior to 4.2.2, CGMiner versions prior to 4.3.5, and BFGMinter versions prior to 3.3.0 suffer from a stack overflow vulnerability.
View ArticleSGMiner / CGMiner Denial Of Service
SGMiner versions prior to 4.2.2 and CGMiner versions 3.3.0 through 4.0.1 suffer from a denial of service vulnerability.
View ArticleLinux Kernel ptrace/sysret Local Privilege Escalation
Linux Kernel ptrace/sysret local privilege escalation proof of concept exploit.
View ArticleUbuntu Security Notice USN-2294-1
Ubuntu Security Notice 2294-1 - It was discovered that Libtasn1 incorrectly handled certain ASN.1 data structures. An attacker could exploit this with specially crafted ASN.1 data and cause...
View ArticleUbuntu Security Notice USN-2297-1
Ubuntu Security Notice 2297-1 - CESG discovered that acpi-support incorrectly handled certain privileged operations when checking for power management daemons. A local attacker could use this flaw to...
View ArticleRed Hat Security Advisory 2014-0913-01
Red Hat Security Advisory 2014-0913-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled...
View ArticleRed Hat Security Advisory 2014-0914-01
Red Hat Security Advisory 2014-0914-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt...
View ArticleRed Hat Security Advisory 2014-0916-01
Red Hat Security Advisory 2014-0916-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape...
View ArticleRed Hat Security Advisory 2014-0915-01
Red Hat Security Advisory 2014-0915-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A race...
View ArticleRed Hat Security Advisory 2014-0917-01
Red Hat Security Advisory 2014-0917-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape...
View ArticleRed Hat Security Advisory 2014-0918-01
Red Hat Security Advisory 2014-0918-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing...
View ArticleUbuntu Security Notice USN-2295-1
Ubuntu Security Notice 2295-1 - Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these...
View ArticleUbuntu Security Notice USN-2296-1
Ubuntu Security Notice 2296-1 - Christian Holler, David Keeler and Byron Campen discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message...
View ArticleEventLog Analyzer 9.0 Build #9000 Cross Site Scripting
EventLog Analyzer version 9.0 build #9000 suffers from a cross site scripting vulnerability.
View ArticleHP Security Bulletin HPSBMU03071
HP Security Bulletin HPSBMU03071 - A potential security vulnerability has been identified with HP Autonomy IDOL. The vulnerability could be exploited to allow remote unauthorized access and disclosure...
View ArticleSonicWALL GMS 7.2 Build 7221.1701 Cross Site Scripting
DELL SonicWALL GMS version 7.2 build 7221.1701 suffers from multiple reflective cross site scripting vulnerabilities.
View ArticleAnsible 1.6.6 Arbitrary Code Execution
The Ansible platform suffers from input sanitization errors that allow arbitrary code execution as well as information leak, in case an attacker is able to control certain playbook variables. Versions...
View Article