Secunia Security Advisory 51975
Secunia Security Advisory - Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to compromise an application using the library.
View ArticleSecunia Security Advisory 52002
Secunia Security Advisory - Two security issues and multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass...
View ArticleSecunia Security Advisory 52004
Secunia Security Advisory - Apple has acknowledged a vulnerability in Apple TV, which can be exploited by malicious people to compromise a user's device.
View ArticleSecunia Security Advisory 51993
Secunia Security Advisory - Ubuntu has issued an update for libav. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to compromise...
View ArticleSecunia Security Advisory 51938
Secunia Security Advisory - A vulnerability has been reported in Ruby on Rails, which can be exploited by malicious people to compromise a vulnerable system.
View ArticleAdobe Reader XI Heap Overflow
Adobe Reader XI versions 11.x suffers from a heap overflow vulnerability.
View ArticleRuby on Rails JSON Processor YAML Deserialization Code Execution
This Metasploit module exploits a remote code execution vulnerability in the JSON request processor of the Ruby on Rails application framework. This vulnerability allows an attacker to instantiate a...
View ArticleApple QuickTime Player 7.7.3 Out Of Bounds
Apple QuickTime Player Windows version 7.7.3 suffers from an out of bounds read vulnerability.
View ArticlePFsense UTM Platform 2.0.1 XSS / CSRF
PFsense UTM Platform version 2.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
View ArticleDataLife Engine 9.7 PHP Code Injection
DataLife Engine version 9.7 suffers from a PHP code injection vulnerability in preview.php.
View ArticleElgg Twitter Widget Cross Site Scripting
Elgg versions 1.8.12 and 1.7.16 suffer from a cross site scripting vulnerability in the Twitter Widget module.
View ArticleEncode Shellcode 0.1b
This is an encoding tool for 32-bit x86 shellcode that assists a researcher when dealing with character filter or byte restrictions in a buffer overflow vulnerability or some kind of IDS/IPS/AV...
View ArticleEMC AlphaStor Buffer Overflow
A buffer overflow vulnerability exists in EMC AlphaStor that could potentially be exploited by a malicious user to create a denial of service condition or execute arbitrary code. EMC AlphaStor version...
View ArticleDistributed Access Control System 1.4.28a
DACS is a light-weight single sign-on and role-based access control system providing flexible, modular authentication methods and powerful, transparent rule-based authorization checking for Web...
View ArticleUbuntu Security Notice USN-1709-1
Ubuntu Security Notice 1709-1 - Phil Day discovered that nova-volume did not validate access to volumes. An authenticated attacker could exploit this to bypass intended access controls and boot from...
View ArticleUbuntu Security Notice USN-1710-1
Ubuntu Security Notice 1710-1 - Dan Prince discovered an issue in Glance error reporting. An authenticated attacker could exploit this to expose the Glance operator's Swift credentials for a...
View ArticleRed Hat Security Advisory 2013-0203-01
Red Hat Security Advisory 2013-0203-01 - Ruby on Rails is a model–view–controller framework for web application development. Active Support provides support and utility classes used by the Ruby on...
View ArticleUbuntu Security Notice USN-1708-1
Ubuntu Security Notice 1708-1 - Wenlong Huang discovered that libvirt incorrectly handled certain RPC calls. A remote attacker could exploit this and cause libvirt to crash, resulting in a denial of...
View Article360-FAAR Firewall Analysis Audit And Repair 0.3.8
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in...
View ArticleCisco Security Advisory 20130129-upnp
Cisco Security Advisory - The Portable Software Developer Kit (SDK) for Universal Plug-n-Play (UPnP) devices contain a libupnp library, originally known as the Intel SDK for UPnP Devices, which is...
View ArticleApple Security Advisory 2013-01-28-1
Apple Security Advisory 2013-01-28-1 - iOS 6.1 Software Update is now available and addresses multiple security vulnerabilities.
View ArticleApple Security Advisory 2013-01-28-2
Apple Security Advisory 2013-01-28-2 - Apple TV 5.2 is now available and addresses multiple security vulnerabilities.
View ArticleD-Link DCS Cameras Authentication Bypass / Command Execution
D-Link DCS Cameras suffer from authentication bypass and remote command execution vulnerabilities due to a remote information disclosure of the configuration.
View ArticleBuffalo TeraStation TS-Series Command Execution
Buffalo TeraStation TS-Series with firmware versions 1.5.7 and below suffer from file disclosure and command injection vulnerabilities.
View ArticleOATH Toolkit 2.0.2
OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
View Article