Brought to you by:
Suppliers of:
|
|
|
|
|
| |
Remote exploitation of an integer overflow vulnerability in Real Networks Inc.'s RealPlayer version 11 could allow an attacker to execute arbitrary code More ››› |
|
|
|
| |
Remote exploitation of an integer overflow vulnerability in RealNetworks Inc.'s Real Player could allow an attacker to execute arbitrary code with the privileges of the current user More ››› |
|
|
|
| |
A Stored Cross-Site Scripting (XSS) vulnerability was found within SugarCRM. The vulnerability is exploited through the online Documents section of the application More ››› |
|
|
|
| |
This vulnerability allows remote attackers to remove arbitrary XML files on vulnerable installations of Skype More ››› |
|
|
|
| |
This vulnerability allows remote attackers to glean authentication credential from vulnerable installations of Skype More ››› |
|
|
|
| |
It has been brought to our attention that a number of security vulnerabilities have been noted in SQL-Ledger. Several of these affect earlier versions of LedgerSMB, and three hotfixes have been released for problems that continue to affect the LedgerSMB codebase More ››› |
|
|
|
| |
Insecure permissions have been detected in the multiple Kaspersky Lab antivirus products More ››› |
|
|
|
| |
Piwik unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized utilizes Piwik's classes to upload arbitrary files or execute arbitrary PHP code More ››› |
|
|
|
| |
Invision Power Board has a PHP file inclusion vulnerability that is trivial to exploit with a web browser and a known location of a php file residing on the target system. Authorisation is not required. The SQL injection vulnerability is somewhat tricky to exploit as there are quite a few restrictions that make creating a successful sql attack vector difficult. Nevertheless a crafty attacker might issue a series of requests that might allow him to gain some information about the target system or even read files from the disk depending on permissions granted to the db account that is used by the forum More ››› |
|
|
|
| |
The U.S. Defense Information Systems Agency (DISA) publishes Security Readiness Review scripts (SRRs) to ensure systems and software meet security baselines required by the Department of Defense. Unprivileged local users can obtain root access on Unix systems where the DISA SRR scripts are run More ››› |
|
|
|
|
Security News Archive ...
|
Security News -
Security Reviews -
Exploits -
Tools -
UNIX Focus -
Windows Focus
|
|
|
