March 8, 2016, update for Access 2016 (KB3114850)

March 8, 2016, update for Access 2016 KB3114850 This article describes update KB3114850 for Microsoft Access 2016, which was released on March 8, 2016. This update has a prerequisite. Be aware that the update on the Microsoft Download Center applies to the Microsoft Installer .msi-based edition o...

CVE-2018-14644

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers fo...

CVE-2016-5427

PowerDNS aka pdns Authoritative Server before 3.4.10 does not properly handle a . dot inside labels, which allows remote attackers to cause a denial of service backend CPU consumption via a crafted DNS query...

MGASA-2014-0283 Updated php packages fix multiple vulnerabilities

Updated php packages fix security vulnerabilities: The unserialize function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue related to the SPL ArrayObject and SPLObjectStorage Types CVE-2014-3515. It was discovered that PHP is vulnerable to a heap-based buffer overflow in the DNS TXT...

phptest-sql.txt

Name : phpTest 0.6.3 picture.php imageid Remote SQL Injection Vulnerability Author : cOndemned Dark-Coders Dork : sorry, today no dork ; Greetz : ZaBeaTy, str0ke, GregStar, Voo|doo, ixos, 0in, suN8Hclf, TBH, Avantura : Source code of "picture.php" : 24. ptregister'GET', 'imageid'; 25. 26. if...

CVE-2004-0956

MySQL before 4.0.20 allows remote attackers to cause a denial of service application crash via a MATCH AGAINST query with an opening double quote but no closing double quote...

Mandrake Linux Security Advisory : nss_ldap (MDKSA-2002:075)

A buffer overflow vulnerability exists in nssldap versions prior to 198. When nssldap is configured without a value for the 'host' keyword, it attempts to configure itself using SRV records stored in DNS. nssldap does not check that the data returned by the DNS query will fit into an internal...

nCipher Advisory #8: payShield library may verify bad requests

nCipher Security Advisory No. 8 payShield library may verify bad requests ----------------------------------------- SUMMARY ======= When a command is issued to the payShield SPP library it may return StatusOK regardless of what the real reply status was. ISSUE DESCRIPTION ================= 1...

Cisco Catalist HTTP buffer overflow

Buffer overflow in HTTP interface on oversized query...

Дырка в AdCycle

Недостаточная проверка ввода опльзователя при составлении SQL-запроса...

TWIG SQL query bugs

I can't find the person who really in charge on developing twig, so I mail about this bug to the person who announce new version of twig about two month ago. -------------------------------------------------------------------------- Subject: Unquoted SQL query = potential damage Software package:...

PHP-Nuke 1.02.5 - Administrative Privileges

PHP-Nuke 1.02.5 - Administrative Privileges source: https://www.securityfocus.com/bid/1592/info PHP-Nuke is a website creation/maintainence tool written in PHP3. It is possible to elevate priviliges in this system from normal user to administrator due to a flaw in authentication code. The problem...