Lucene search
K

186 matches found

Vulnerability Lab
Vulnerability Lab
added 2011/06/26 12:0 a.m.14 views

Interview VZ Technocrate - Cyberwar & Activities 2011

Document Title: =============== Interview VZ Technocrate - Cyberwar & Activities 2011 References: =========== View: http://www.youtube.com/watch?v=qNUNZP8Rpfk Download: https://www.vulnerability-lab.com/resources/iv-07-technocrate.mp3 Release Date: ============= 2011-06-26 Vulnerability Laborator...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/06/24 12:0 a.m.35 views

Fedora 15 : subversion-1.6.17-1.fc15 (2011-8352)

This update includes the latest release of Subversion, fixing three security issues : An infinite loop flaw was found in the way the moddavsvn module processed certain data sets. If the SVNPathAuthz directive was set to 'shortcircuit', and path-based access control for files and directories was...

5CVSS7.7AI score0.08483EPSS
Exploits2References5
ThreatPost
ThreatPost
added 2011/01/24 4:24 p.m.8 views

Apple Hires New Security Chief

Apple has hired a software security expert to head up its growing internal security group. The company has hired David Rice, a former National Security Agency analyst and consultant on security issues, according to reports. Rice is currently the director of policy reform at the U.S. Cyber...

6.8AI score
Exploits0References7
securityvulns
securityvulns
added 2010/10/13 12:0 a.m.64 views

[CORE-2010-0624] MS OpenType CFF Parsing Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ MS OpenType CFF Parsing Vulnerability 1. Advisory Information Title: MS OpenType CFF Parsing Vulnerability Advisory Id: CORE-2010-0624 Advisory URL:...

7.2CVSS6AI score0.01792EPSS
Exploits1
securityvulns
securityvulns
added 2010/08/08 12:0 a.m.31 views

ZDI-10-139: Novell iPrint Client Browser Plugin Parameter Name Remote Code Execution

ZDI-10-139: Novell iPrint Client Browser Plugin Parameter Name Remote Code Execution http://www.zerodayinitiative.com/advisories/ZDI-10-139 August 5, 2010 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Novell -- Affected Products: Novell iPrint -- TippingPointTM IPS Customer...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2010/07/06 12:0 a.m.67 views

NTSOFT BBS E-Market Professional Cross Site Scripting

+================================================================================================+ + NTSOFT BBS E-Market Professional & XSS and Remote Execution Evil code + +================================================================================================+ Authors: Ivan Sanchez...

4.3CVSS6.7AI score0.01484EPSS
Exploits2
Exploit DB
Exploit DB
added 2010/06/23 12:0 a.m.30 views

Interscan Web Security 5.0 - Arbitrary File Upload / Privilege Escalation

Advisory Name: Local Privilege Escalation in InterScan Web Security Virtual Apliance 5.0 Internal Cybsec Advisory Id: 2010-0604 Vulnerability Class: Local Privilege Escalation Release Date: 22-06-2010 Affected Applications: InterScan Web Security Virtual Aplliance 5.0. Other versions may be...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2010/03/02 7:38 p.m.7 views

Apple Snags former Mozilla Security Chief

Apple has hired former Microsoft and Mozilla security specialist Window Snyder to help secure its Mac ecosystem. Snyder, who last worked as Mozilla’s security chief, confirmed she is joining Apple as senior product manager for security. At Mozilla, Snyder introduced the concept of threat modeling...

0.6AI score
Exploits0References1
securityvulns
securityvulns
added 2010/02/17 12:0 a.m.121 views

Huawei HG510 CSRF, Auth Bypass, DoS

Hello, Huawei HG510 is a device offered by the Serbian telecom operator, to provide ADSL Internet connection. Administration of settings on this device is allowed only from local LAN network but not only from private IP address eg 192.168.1.1 then You can access with public IP address only from...

1.4AI score
Exploits0
ThreatPost
ThreatPost
added 2010/02/09 3:0 p.m.28 views

Ivan Arce, Core Security

I’m not sure there are too many people around who put more serious thought into their answers in an interview than Ivan does. He doesn’t just throw out a flip sound bite that he knows will make good copy. Instead, he’s much more interested in having a discussion, explaining the reasoning behind h...

1.5AI score
Exploits0
exploitpack
exploitpack
added 2010/01/18 12:0 a.m.22 views

FreePBX 2.5.1 - SQL Injection

FreePBX 2.5.1 - SQL Injection Advisory Name: SQL injection in FreePBX 2.5.1 Internal Cybsec Advisory Id: 2010-0103 Vulnerability Class: SQL injection Release Date: 15/01/2010 Affected Applications: Confirmed in FreePBX 2.5.1. Other versions may also be affected. Affected Platforms: Any running...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/01/18 12:0 a.m.40 views

FreePBX 2.5.1 - SQL Injection

Advisory Name: SQL injection in FreePBX 2.5.1 Internal Cybsec Advisory Id: 2010-0103 Vulnerability Class: SQL injection Release Date: 15/01/2010 Affected Applications: Confirmed in FreePBX 2.5.1. Other versions may also be affected. Affected Platforms: Any running FreePBX 2.5.1 Local / Remote:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/01/18 12:0 a.m.29 views

FreePBX 2.5.x < 2.6.0 - Persistent Cross-Site Scripting

Advisory Name: Permanent Cross-Site Scripting XSS in FreePBX 2.5.x – 2.6.0 Internal Cybsec Advisory Id: 2010-0102 Vulnerability Class: Permanent Cross-Site Scripting XSS Release Date: 15/01/2010 Affected Applications: Confirmed in FreePBX 2.5.x and 2.6.0 - Other versions may also be affected...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2009/12/30 6:59 p.m.14 views

The All-Decade Interview Team

It occurred to me recently that I’ve been covering the security industry for just about 10 years. That’s a long time to be doing anything, and especially to be writing about one topic. But it’s hard to think of something that would have been much more interesting to cover this decade, given the...

Exploits0References2
securityvulns
securityvulns
added 2009/10/14 12:0 a.m.75 views

ZDI-09-069: Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability

ZDI-09-069: Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-069 October 13, 2009 -- CVE ID: CVE-2009-0555 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows Media Player 11 Microsoft...

9.3CVSS1.6AI score0.27086EPSS
Exploits1
securityvulns
securityvulns
added 2009/10/14 12:0 a.m.58 views

ZDI-09-072: Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability

ZDI-09-072: Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-072 October 13, 2009 -- CVE ID: CVE-2009-2503 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows Vista Microsoft Windows XP Microsoft Windows Server...

9.3CVSS0.6AI score0.22205EPSS
Exploits1
OpenSSL
OpenSSL
added 2009/03/25 12:0 a.m.28 views

Vulnerability in OpenSSL CVE-2009-0591

The function CMSverify does not correctly handle an error condition involving malformed signed attributes. This will cause an invalid set of signed attributes to appear valid and content digests will not be checked. Found by Ivan Nestlerode, IBM...

8AI score0.02735EPSS
Exploits0Affected Software1
ThreatPost
ThreatPost
added 2009/02/26 5:10 p.m.9 views

Inside the OLPC security story

One of my favorite talks on computer security is this one by Ivan Krstic, the former head of security development for the ambitious One Laptop per Child project:...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2008/09/10 12:0 a.m.68 views

ZDI-08-056: Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability

ZDI-08-056: Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-056 September 9, 2008 -- CVE ID: CVE-2008-3013 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows Server 2008 Microsoft Windows XP Microsoft Windows...

9.3CVSS1.2AI score0.52065EPSS
Exploits1
Packet Storm
Packet Storm
added 2008/05/23 12:0 a.m.22 views

hordekrono-xss.txt

+==========================================================================+ + Horde & Kronolith Calendar Application & XSS Vulnerabilities + +==========================================================================+ Authors: Ivan Sanchez Product: Kronolith Calendar Application Web:...

7.4AI score
Exploits0
Rows per page
Query Builder