Apple’s Developer Center Offline for 32 Hours; Compromised ?

It’s been over a day now since Apple’s online Dev Center went offline, and latest message can be seen in the screenshot, which explains that the current maintenance has took a lot longer than they expected. "We apologize that maintenance is taking longer than expected. If your program membership...

Android Vulnerability Bypasses App's Digital Signature

A vulnerability exists in the Android code base that would allow a hacker to modify a legitimate, digitally signed Android application package file APK and not break the app’s cryptographic signature—an action that would normally set off a red flag that something is amiss. Researchers at startup...

k2, 2.6.6, Open Folder Permissions

k2, Open folder permissions developer notice http:/getk2.org/blog/1432-k2-v267-released-akismet-integrated-new-acl-option-improved-php-54-support...

EC-CUBE vulnerable to directory traversal

Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a directory traversal vulnerability. Note that this vulnerability is different from JVN04161229. Gen Sato reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

JVN#34900750: EC-CUBE vulnerable to code injection

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a code injection vulnerability. Impact Arbitrary PHP code may be executed with the privilege of the application on the server where it resides. Solution Apply the update or patch Apply the updat...

JVN#04161229: EC-CUBE vulnerable to directory traversal

EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a directory traversal vulnerability. Note that this vulnerability is different from JVN43886811. Impact A remote attacker may obtain arbitrary image files on the server. Solution Apply the updat...

Motion 3.2.12 XSS / CSRF / Buffer Overflow / SQL Injection

Title: Motion 3.2.12 Multiple Vulnerabilities Author: xistence - xistenceat0x90.nl Date: 26/06/2013 Vendor page: http://www.lavrsen.dk/foswiki/bin/view/Motion Software link: http://www.lavrsen.dk/foswiki/bin/view/Motion/DownloadFiles Software description: Motion is a program that monitors the vid...

JVN#63428218: Cybozu Live for Android vulnerable to arbitrary Java method execution

Cybozu Live for Android is a client software for Cybozu Live. Cybozu Live for Android contains an arbitrary Java method execution vulnerability. Note that this vulnerability is a regression in version 2.0.0 of the issue in JVN23009798. Impact When opening a specially crafted website, an attacker...

Fedora Update for perl-Dancer FEDORA-2013-9961

Check for the Version of perl-Dancer OpenVAS Vulnerability Test Fedora Update for perl-Dancer FEDORA-2013-9961 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

[SECURITY] Fedora 17 Update: perl-Dancer-1.3093-3.fc17

Dancer is a web application framework designed to be as effortless as possible for the developer, taking care of the boring bits as easily as possible, yet staying out of your way and letting you get on with writing your code...

[SECURITY] Fedora 18 Update: kdesdk-4.10.4-1.fc18

A metapackage/collection of applications and tools used by developers, incl uding: cervisia: a CVS frontend kate: advanced text editor kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays designer's UI files lokalize: computer-aided...

Debian DSA-2706-1 : chromium-browser - several vulnerabilities

Several vulnerabilities have been discovered in the Chromium web browser. - CVE-2013-2855 The Developer Tools API in Chromium before 27.0.1453.110 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors. - CVE-2013-2856...

Twitter Vine app hacked by 16 year old Web developer

Recently Twitter has rolled out Vine app for Android, A new way to share video on twitter. The free app, which enables people to record and share clips of up to six seconds with other Vine users as well as on Twitter and Facebook. But on the very next day, Twitter's video-sharing application Vine...

Twitter Vine app hacked by 16 year old Web developer

Recently Twitter has rolled out Vine app for Android, A new way to share video on twitter. The free app, which enables people to record and share clips of up to six seconds with other Vine users as well as on Twitter and Facebook. But on the very next day, Twitter’s video-sharing application Vine...

CVE-2013-2855

The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

CVE-2013-2855

The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

Memory corruption

The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

CVE-2013-2855

CVE-2013-2855 affects Chromium/Google Chrome via the Developer Tools API. The flaw allows remote attackers to trigger memory corruption, resulting in a denial of service or potentially other impact, using unknown vectors. Affected products/versions: Chromium before 27.0.1453.110 (Chrome prior to ...

CVE-2013-2855

The Developer Tools API in Google Chrome before 27.0.1453.110 allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

CVE-2013-2855

Removed by vendor...