Sync Breeze Enterprise 9.1.16 Buffer Overflow
Sync Breeze Enterprise version 9.1.16 suffers from a buffer overflow vulnerability.
View ArticleMicrosoft Internet Explorer MSHTML DOMImplementation Type Confusion
A specially crafted web-page can cause a type confusion vulnerability in Microsoft Internet Explorer 8 through to 11. An attacker can cause code to be executed with a stack layout it does not expect,...
View ArticleSchoolhos CMS 2.29 SQL Injection
Schoolhos CMS version 2.29 suffers from a remote SQL injection vulnerability.
View ArticleTenda / D-Link / TP-Link DHCP Cross Site Scripting
Tenda, D-Link, and TP-Link routers suffer from a DHCP-related cross site scripting vulnerability.
View ArticleDebian Security Advisory 3725-1
Debian Linux Security Advisory 3725-1 - Several vulnerabilities were discovered in the International Components for Unicode (ICU) library.
View ArticleUbuntu Security Notice USN-3135-2
Ubuntu Security Notice 3135-2 - USN-3135-1 fixed a vulnerability in GStreamer Good Plugins. The original security fix was incomplete. This update fixes the problem. Chris Evans discovered that...
View ArticleUbuntu Security Notice USN-3138-1
Ubuntu Security Notice 3138-1 - Markus Doering discovered that python-cryptography incorrectly handled certain HKDF lengths. This could result in python-cryptography returning an empty string instead...
View ArticleRed Hat Security Advisory 2016-2824-01
Red Hat Security Advisory 2016-2824-01 - Expat is a C library for parsing XML documents. Security Fix: An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker...
View ArticleBiesta Billing 4.0 Beta Cross Site Request Forgery / Traversal
Biesta Billing version 4.0 Beta suffers from cross site request forgery and directory traversal vulnerabilities.
View ArticleBloomCON 2017 Call For Papers
The BloomCON 2017 Forensics and Security conference will be held March 24th through the 25th, 2017 in Bloomsburg, PA, USA.
View ArticleEnCase Forensic Imager 7.10 Denial Of Service / Heap Buffer Overflow
EnCase Forensic Imager versions 7.10 and below suffer from denial of service and heap-based buffer overflow vulnerabilities.
View ArticleNuit Du Hack 2017 Call For Papers
The Nuit Du Hack Call For Papers for 2017 has been announced. It will be held June 24th through the 25th, 2017 in Paris, France.
View ArticleEagle Speed USB Modem Software Privilege Escalation
Eagle Speed USB modem software suffers from a privilege escalation vulnerability.
View ArticleUbuntu Security Notice USN-3139-1
Ubuntu Security Notice 3139-1 - Florian Larysch discovered that the Vim text editor did not properly validate values for the 'filetype', 'syntax', and 'keymap' options. An attacker could trick a user...
View ArticleBotan C++ Crypto Algorithms Library 1.10.14
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate...
View ArticleEvilgrade - The Update Exploitation Framework 2.0.8
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. This framework comes into play when the attacker is able to make...
View ArticleGoogle Chrome Accessibility blink::Node Corruption
A specially crafted web-page can trigger an unknown memory corruption vulnerability in Google Chrome Accessibility code. An attacker can cause code to attempt to execute a method of an object using a...
View ArticleRed Hat Security Advisory 2016-2822-01
Red Hat Security Advisory 2016-2822-01 - This release of Red Hat JBoss BPM Suite 6.4.0 serves as a replacement for Red Hat JBoss BPM Suite 6.3.4, and includes bug fixes and enhancements, which are...
View ArticleRed Hat Security Advisory 2016-2825-01
Red Hat Security Advisory 2016-2825-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.5.0. Security Fix: Multiple flaws were found in...
View ArticleRed Hat Security Advisory 2016-2823-01
Red Hat Security Advisory 2016-2823-01 - This release of Red Hat JBoss BRMS 6.4.0 serves as a replacement for Red Hat JBoss BRMS 6.3.4, and includes bug fixes and enhancements, which are documented in...
View ArticleWordPress Insert Html Snippet 1.2 Cross Site Request Forgery
WordPress Insert Html Snippet plugin version 1.2 suffers from a cross site request forgery vulnerability.
View ArticleZurb Foundation 5.5.3 / 5.5.1 Cross Site Scripting
Zurb Foundation versions 5.5.1 and 5.5.3 suffer from a cross site scripting vulnerability.
View ArticleWinPower 4.9.0.4 Privilege Escalation
WinPower version 4.9.0.4 suffers from a privilege escalation vulnerability. Proof of concept code included.
View ArticlePeplink NGxxx/LCxxx VPN-Firewall Open Redirect
Input passed via the '_redirect' GET parameter via 'service.cgi' script on various Peplink VPN-Firewall devices is not properly verified before being used to redirect users. This can be exploited to...
View ArticleFireHOL 3.1.0
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of...
View Article
