Micro Focus Rumba 9.4 - Local Denial of Service

Exploit Title: Micro Focus Rumba 9.4 Multiple Local Stack-overflow Date: 29-10-2016 Exploit Author: Umit Aksu Vendor Homepage: http://www.microfocus.com/ Software Link: http://nadownloads.microfocus.com/epd/productdownloadrequest.aspx?type=eval&transid=2179441&last4=2179441&code=40231 Version: 9....

Micro Focus Rumba 9.4 - Local Denial of Service

Micro Focus Rumba 9.4 - Local Denial of Service Exploit Title: Micro Focus Rumba 9.4 Multiple Local Stack-overflow Date: 29-10-2016 Exploit Author: Umit Aksu Vendor Homepage: http://www.microfocus.com/ Software Link:...

[SECURITY] [DSA 3698-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3698-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 24, 2016 https://www.debian.org/security/faq -...

RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:2088)

An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which give...

Unspecified Vulnerability in Oracle Supply Chain Products Suite (CNVD-2016-10120)

Oracle Supply Chain Products Suite is a set of supply chain solutions from Oracle, which provides value chain planning, value chain execution, product lifecycle management, etc. Oracle Agile PLM Product Lifecycle Management is one of the lifecycle management components. Oracle Agile PLM Product...

Critical: Red Hat Security Advisory: java-1.8.0-openjdk security update

An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

java security update

CentOS Errata and Security Advisory CESA-2016:2079 An update for java-1.8.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS ba...

TrickBot Banking Trojan Could Be Dyre Rewrite

Despite the fact that the criminals allegedly behind the creation and distribution of the Dyre banking Trojan are in a Russian jail, a new piece of malware in the wild has enough similarities to Dyre that researchers are wondering whether there’s a connection. The new malware is called TrickBot a...

Brave Software: Access to local file system using javascript

Hey, The browser can access the local files using iframes with a local html file. this is very normal and often used for local web development but javascript shouldn't be able to get the content of that iframe because this can be used to post the contents to the attackers server. something else I...

[SECURITY] Fedora 23 Update: python-pillow-3.0.0-6.fc23

Python image processing library, fork of the Python Imaging Library PIL This library provides extensive file format support, an efficient internal representation, and powerful image processing capabilities. There are four subpackages: tk tk interface, qt PIL image wrapper for Qt , devel developme...

Gary McGraw on BSIMM7 and Secure Software Development

Mike Mimoso talks to Cigital CTO and software security pioneer Gary McGraw about the latest results pulled from the Building Security In Maturity Model BSIMM. The framework measures the secure development activities of some of the world’s largest software companies and enterprises and can be used...

[SECURITY] Fedora 23 Update: python-django-1.8.15-1.fc23

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 24 Update: python-django-1.9.10-1.fc24

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 25 Update: python-django-1.9.10-1.fc25

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...

[SECURITY] Fedora 25 Update: mojarra-2.2.13-1.fc25

JvaServerTM Faces technology simplifies building user interfaces for JavaServer applications. Developers of various skill levels can quickly bui ld web applications by: assembling reusable UI components in a page; connecting these components to an application data source; and wiring...

[SECURITY] [DSA 3689-1] php5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3689-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 08, 2016 https://www.debian.org/security/faq -...

Pavian Systems CMS SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title : Pavian Systems CMS SQL injection Vulnerability Exploit Author : xBADGIRL21 Vendor Homepage : http://paviansystems.com/ Dork : All Rights Reserved. Design by paviansystems. Tested on: WINDOWS 7 MyBlog :...

Cloud, IoT Big Factors in Annual BSIMM 7 Report

Bad software equals insecure software, and companies don’t have to accept this status quo. That’s both the takeaway and goal of Cigital’s seventh annual Building Security in Maturity Model report released Tuesday. The report reveals that the cloud, application containers, and agile software...

One Click Symbolic Execution: Ponce

Ponce pronounced ‘poN θe pon-they is an IDA Pro plugin that provides users the ability to perform taint analysis and symbolic execution over binaries in an easy and intuitive fashion. With Ponce you are one click away from getting all the power from cutting edge symbolic execution. Entirely writt...

Moderate: Red Hat Security Advisory: rh-ror41-rubygem-actionview security update

An update for rh-ror41-rubygem-actionview is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...