Apache httpd remote denial of service memory exhaustion exploit.
5fdda8b150aea034561a2b99bc1c71da2c6f225ee078695da41e6e725f0e4a7dMicrosoft Patch Analysis presentation slides from Confidence 2010.
7ec969f7ce7dd6a082eb350a5cc69296faf9cf9787d943e97bba72f29e1d3c0aTotalShopUK version 1.7.2 suffers from a remote SQL injection vulnerability.
bf93d69ca9557818c6db657e70f42d62430acb2c031b9601dc0fbc9ba3674a9fAxis Commerce versions 0.8.1 and below suffer from a cross site scripting vulnerability.
b949d754fb0fa2badd831fc7a620abbd08322c6d64c91d1d4382257f0690234ePandora FMS version 3.2.1 suffers from a cross site scripting vulnerability.
1d8cd29c9db357fc7f3f9f3b93b48c16cfa60f5c242b1bc2adc2312ecb503d857 Layer Labs suffers from a remote SQL injection vulnerability.
efe8b9adc66054db06792e61f2213a1d96e0b6b0216dac0af4f2ed918750a54dVirtues suffers from a remote SQL injection vulnerability.
4f362162197234a8f8beb4ae27f8381cba7abee5de73c0f33b24c5c0896a0b81Work In Progress suffers from a remote SQL injection vulnerability.
e700a55b726722f07cd58dfa56b0b57ab19bce9e196633c9931a9aeca97e1d78Hampshire suffers from a remote SQL injection vulnerability.
fed1b028d2ea63ec39d4b16b79e8237fd45b91c97b798b27aa7beb7210031627ValtNet suffers from a remote SQL injection vulnerability.
95176fa3064c7ef5c96783a4dc84a6a335f227073ebebc81a0d1d52bf84b573cOpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.
e3cb85774a1a3756fa45f09495e2b4613acce66fef854c0693a9635f6f1bbf9aThis Metasploit module exploits a buffer overflow in the PASV command in Solarftp 2.1.2. You must have valid credentials to trigger this vulnerability and you only get one chance.
48e6ec02c83b7e289337c4907fdee6bb90e7e963aee8b24c4e38c9dae8549b16This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions < 2.2.0. This issue is caused by a failure to properly handle unicode characters in OGNL extensive expressions passed to the web server. By sending a specially crafted request to the Struts application it is possible to bypass the "#" restriction on ParameterInterceptors by using OGNL context variables. Bypassing this restriction allows for the execution of arbitrary Java code.
f3dc9c6ae8fc8270cc4ef71f82c223ad04ea9e8725f94ee4894465c9a0bfbc4bNetwork Tracker version 0.95 suffers from a cross site scripting vulnerability.
55428001d31703e91972afbaa8ee75333d7092017719bc72a0cd08efdca16078Whitepaper called Trends in Circumventing Web-Malware Detection. This paper studies the resulting arms race between detection and evasion from the point of view of Google's Safe Browsing infrastructure, an operational web-malware detection system that serves hundreds of millions of users.
cf9f181577c7f297701970d222eb7481558208e956470e4b2215d69e78cf2bdcWhitepaper called Biclique Cryptanalysis of the Full AES. Since Rijndael was chosen as the Advanced Encryption Standard, improving upon 7-round attacks on the 128-bit key variant or upon 8-round attacks on the 192/256-bit key variants has been one of the most difficult challenges in the cryptanalysis of block ciphers for more than a decade. This paper discusses shortcut attacks on AES.
892f69df7711f607a712c9642c0b94ef2229b7c62e1af9495c6c69a8dfd8fb59PHP version 5.3.6 suffers from a null pointer dereference vulnerability.
672214ec2b4f3ce287d074bc3902a7b5444150b28b017759356019be4b764565PHP version 5.3.6 ZipArchive suffers from an invalid use of glob(3) vulnerability.
196fc8b1e8e78154b27529d826ddba5612219a4930d20d90583377eb0fb3ae3cUbuntu Security Notice 1184-1 - Gary Kwong, Igor Bukanov, and Bob Clary discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. It was discovered that a vulnerability in event management code could permit JavaScript to be run in the wrong context. This could potentially allow a malicious website to run code as another website or with escalated privileges within the browser. Various other issues were also addressed.
68d9b382506952648bd218d1ae83ec8905473437b4d223001330b9f822868ae1Dzwonki Loga suffers from a remote SQL injection vulnerability.
b2d70aa28179ddcfe7bce0f34cc2389d2cc7608be21a5d869c063371cdfa007eWW Design suffers from a remote SQL injection vulnerability.
69d16ef6c1a1a985d0246f32456a124d00a56c29549e391a676755b846161dc3Ipho2010 suffers from a remote SQL injection vulnerability.
9089e926638c69b3de62cbb39257595b5b29109aaacd54fa2e74c36a3bfe9bddContext discovered two memory corruption issues related to Firefox code that processes WebGL, that could result in remote code execution via a malicious web page. Heap overflows make use of the WebGL shader compiler and the ANGLE library. Versions 4.0.1 and 5 are affected.
e2a6dbc735d5a7f645b6a0736a8b929cdad5127974443db6a2057209e4c009f7Calourette suffers from a remote SQL injection vulnerability.
d65dd0f737e0a1fcda4cc8dcd1c078825b8f7ae0224728bf42f348f303bd9375GILE Internet Solutions suffers from a remote SQL injection vulnerability.
d65ffe80f683157d0a420fede148e7bee69165920681280daf191ae3347c36d7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed