[SECURITY] Fedora 20 Update: ReviewBoard-1.7.14-1.fc20

Review Board is a powerful web-based code review tool that offers developers an easy way to handle code reviews. It scales well from small projects to large companies and offers a variety of tools to take much of the stress and time out of the code review process...

Joomla! VirtueMart component <= 2.0.22a - SQL Injection

------------------------------------------------------------ Joomla! VirtueMart component = 2.0.22a - SQL Injection ------------------------------------------------------------ == Description == - Software link: http://www.virtuemart.net/ - Affected versions: All versions between 2.0.8 and 2.0.22...

Joomla! Component com_virtuemart 2.0.22a - SQL Injection

------------------------------------------------------------ Joomla! VirtueMart component = 2.0.22a - SQL Injection ------------------------------------------------------------ == Description == - Software link: http://www.virtuemart.net/ - Affected versions: All versions between 2.0.8 and 2.0.22...

Facebook Send Messages From Anyone 0day

This Exploit allowed you to send messages from any person to any one on facebook. Оld vulnerabilities shows a yellow triangle after receiving the message. User notices that something was wrong, way is DETECTED by facebook. This exploit goes unnoticed. YELLOW TRIANGLE is not present, the user is...

[SECURITY] Fedora 18 Update: libtomcrypt-1.17-20.fc18

A comprehensive, modular and portable cryptographic toolkit that provides developers with a vast array of well known published block ciphers, one-way hash functions, chaining modes, pseudo-random number generators, public key cryptography and a plethora of other routines. Designed from the ground...

[SECURITY] Fedora 18 Update: ReviewBoard-1.7.12-1.fc18

Review Board is a powerful web-based code review tool that offers developers an easy way to handle code reviews. It scales well from small projects to large companies and offers a variety of tools to take much of the stress and time out of the code review process...

Apple Developer Site Compromised

Several days after taking its developer Web site down without a mention of the reason, Apple has revealed that attackers had breached the site. The company said that while it can’t rule out the theft of developers’ data, all of the sensitive personal information was encrypted. Apple posted a noti...

Apple's Developer Center Offline for 32 Hours; Compromised ?

It's been over a day now since Apple's online Dev Center went offline, and latest message can be seen in the screenshot, which explains that the current maintenance has took a lot longer than they expected. "We apologize that maintenance is taking longer than expected. If your program membership...

[DLL Finder v1.5] Tool to quickly find the matching DLL in all running Processes

DLL Finder is the command-line tool to quickly find the matching DLL in all running Processes. For each discovered DLL in a process it displays, Target Process Name Process ID Full DLL Name DLL Base Address DLL Load Count DLL File Path On 64 bit system, 32-bit processes are shown with suffix "32"...

[SECURITY] Fedora 18 Update: ReviewBoard-1.7.11-1.fc18

Review Board is a powerful web-based code review tool that offers developers an easy way to handle code reviews. It scales well from small projects to large companies and offers a variety of tools to take much of the stress and time out of the code review process...

Firefox Adds Mixed Content Blocking by Default

The proliferation of SSL-protected sites has been a boon for security conscious Web users in the last couple of years, as more and more sites have taken the step of offering encrypted connections for sensitive sessions. But one of the problems that’s cropped up is that the dynamic nature of today...

Google Adds Feature to Keep Malware Out of Chrome Web Store

Google is adding more security controls to its browser-based Chrome Web Store by adding a new application-vetting feature called ‘Enhanced Item Validation.’ For all intents and purposes, the search giant claims that the new policy will only impact application developers in that they will have to...

Fedora Update for kdesdk FEDORA-2013-10182

Check for the Version of kdesdk OpenVAS Vulnerability Test Fedora Update for kdesdk FEDORA-2013-10182 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

CSP 1.0 Added to Firefox to Block XSS Attacks

After years of discussion and waiting, Mozilla has finally added Content Security Policy 1.0, a defense against some common attacks such as XSS, to its Firefox browser. CSP already has been implemented in Google Chrome and Internet Explorer and there was a limited implementation of it in Firefox...

[DLL Magic] Tool to Hide DLL in any Windows Process

DLL Magic is the simple command-line tool to Hide DLL in any Windows Process. Every Process maintains internal database of loaded Modules/DLLs in the form of three linked lists. Each of these linked list represents the order in which DLLs are loaded, here are they Load Order Memory Order...

[SECURITY] Fedora 19 Update: kdesdk-4.10.4-1.fc19

A metapackage/collection of applications and tools used by developers, incl uding: cervisia: a CVS frontend kate: advanced text editor kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays designer's UI files lokalize: computer-aided...

Amazon Joins Authentication Game

As attackers continue to target large databases of passwords and users grow wearier by the day of creating new accounts and login credentials on each site they visit, the larger Web players are positioning themselves as not just social networking or retail hubs, but also as authentication...

Sandcat Browser 4.0 released, new tools added for Pen-Testers

Sandcat Browser, The fastest web browser with many useful security and developer oriented tools updated to version 4.0 with the fastest scripting language packed with features for pen-testers. Sandcat 4 adds a large number of enhancements, new features, extensions and bug fixes, and provides a...

[DEP Process Scanner] Tool to scan and show all the DEP enabled Processes

DEP Process Scanner is the free command-line tool to scan and show all the DEP enabled Processes. Data Execution Prevention DEP is a security feature introduced since Windows XP SP2 onwards and designed to prevent an application executing code from a non-executable memory regions such as Stack or...

OpenDocMan 1.2.6.5 - Persistent Cross-Site Scripting

Exploit Title: OpenDocMan 1.2.6.5 Stored/Reflective XSS Date: 05/04/2013 Exploit Author: drone @dronesec More Exploit Information: Vendor Homepage: http://www.opendocman.com/ Software Link: http://sourceforge.net/projects/opendocman/files/opendocman/1.2.6.5/opendocman-1.2.6.5.zip/download Version...