Fedora 21 : spatialite-tools-4.2.0-10.fc21 / sqlite-3.8.9-1.fc21 (2015-6324)

Update of sqlite to latest upstream version, with spatialite-tools rebuild. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introduci...

Fedora Update for sqlite FEDORA-2015-6324

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 21 Update: sqlite-3.8.9-1.fc21

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL databas...

FreeBSD : sqlite -- multiple vulnerabilities (dec3164f-3121-45ef-af18-bb113ac5082f)

NVD reports : SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact via a crafted COLLATE clause, ...

sqlite -- multiple vulnerabilities

NVD reports: SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact via a crafted COLLATE clause, a...

A text control on your phone! The Android platform SQL injection vulnerability analysis-vulnerability warning-the black bar safety net

0x0 Foreword 1 4 years 1 1 months of the author in the Baidu xteam blog to see the disclosure of the earlier report to Google the CVE-2 0 1 4-8 5 0 7 vulnerability details-the system code in the processing via the SMS carrying the WAP push content is generated when the classicSQL...

[SECURITY] Fedora 20 Update: roundcubemail-1.0.5-1.fc20

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 21 Update: roundcubemail-1.0.5-1.fc21

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

Fedora 20 : php-5.5.21-1.fc20 (2015-1101)

22 Jan 2014, PHP 5.5.21 Core : - Upgraded cryptblowfish to version 1.3. Leigh - Fixed bug 60704 unlink bug with some files path. - Fixed bug 65419 Inside trait, self::class != CLASS. Julien - Fixed bug 65576 Constructor from trait conflicts with inherited constructor. dunglas at gmail dot com -...

X (Formerly Twitter): Insecure Data Storage in Vine Android App

Hi Twitter, - Vulnerability Class:OWASP M2 : Insecure Data Storage Every application needs to store something secret, like a website username,password, cookies etc. , internal storage is the place to do it, android sandbox prevents other applications from accessing this data but,In vine android a...

Hyperfox - HTTP and HTTPs Traffic Interceptor

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly using a root CA certificate and its corresponding key both provided by the user. If the target machine recognizes the root CA as trusted, then...

[SECURITY] Fedora 21 Update: openvas-manager-5.0.7-1.fc21

The OpenVAS Manager is the central service that consolidates plain vulnerab ility scanning into a full vulnerability management solution. The Manager control s the Scanner via OTP and itself offers the XML-based, stateless OpenVAS Manageme nt Protocol OMP. All intelligence is implemented in the...

[SECURITY] Fedora 20 Update: roundcubemail-1.0.4-2.fc20

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 21 Update: roundcubemail-1.0.4-2.fc21

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

DAMM - Differential Analysis of Malware in Memory

An open source memory analysis tool built on top of Volatility. It is meant as a proving ground for interesting new techniques to be made available to the community. These techniques are an attempt to speed up the investigation process through data reduction and codifying some expert knowledge...

Piwigo 2.6.0 - picture.php?rate SQL Injection

Piwigo 2.6.0 - picture.php?rate SQL Injection ============================================= MGC ALERT 2014-001 - Original release date: January 12, 2014 - Last revised: November 12, 2014 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score...

Piwigo 2.6.0 SQL Injection

============================================= MGC ALERT 2014-001 - Original release date: January 12, 2014 - Last revised: November 12, 2014 - Discovered by: Manuel García Cárdenas - Severity: 7,1/10 CVSS Base Score ============================================= I. VULNERABILITY...

PHP/Sqlite under the Common Vulnerability analysis-vulnerability warning-the black bar safety net

0x00 before the bit SQLite as a lightweight database,PHP developers, one set not Mo where students,PHP5,which has the default integrated this lightweight embedded database products. For use with a PHP/Sqlite CMS,also there is one of these common security threats. The author of the following numbe...

Mandriva Linux Security Advisory : mediawiki (MDVSA-2014:153)

Updated mediawiki packages fix security vulnerabilities : MediaWiki before 1.23.2 is vulnerable to JSONP injection in Flash, XSS in mediawiki.page.image.pagination.js, and clickjacking between OutputPage and ParserOutput. This update provides MediaWiki 1.23.2, fixing these and other issues...

Sqlbuddy 1.3.2 / 1.3.3 Cross Site Scripting

Exploit Title : Sqlbuddy 1.3.2 & 1.3.3 Reflected Cross-Site Scripting Author : Govind Singh aka NullPort Vendor : http://sqlbuddy.com/ Download Link : https://github.com/calvinlough/sqlbuddy/raw/gh-pages/sqlbuddy.zip Sqlbuddy 1.3.3 Date : 14/07/2014 Discovered at : IHT Lab 1ND14N H4X0R5 T34M Love...