Huawei Officials Looking Into Claims of Flaws in Some Routers

Officials at Huawei Technologies say that they’re looking into claims by security researchers made at DEF CON last week that there are a handful of serious security vulnerabilities in some of the company’s routers. Saying it employs “rigorous security strategies and policies” Huawei is trying to...

PHPWIND最新版本SQL注入漏洞

简要描述： phpwind在实现占位符SQL过程中，代码质量出现了一个小黑点。 详细说明： 在 phpwind/lib/utility/querybuilder.class.php parseStatement函数内 在/phpwind/actions/ajax/leaveword.php 的一个引用处 Line 78行 $db-updatepwQuery::buildClause"UPDATE :pwtable SET leaveword=" . S::sqlEscape$atccontent . " $sqladd WHERE pid=:pid AND tid=:tid",...

With the FindBugs code analysis vulnerability-vulnerability warning-the black bar safety net

Static analysis tools promise without developer effort will be able to find out the code has some defects. Of course, if you have years of writing experience, you will know that these promises are not necessarily fulfilled. Nevertheless, a good static analysis tool is still in the Toolbox...

[Full-disclosure] gnupg diff available

Hi! I did a gnupg audit recently. I was, frankly, appalled by the code quality. It is a desert of pointer manipulation, string copying, memcpy and strcpy are used all over the place, and sprintf, too. You can find my diff at http://dl.fefe.de/gnupg.dif Please note that a I might have missed...