Design/Logic Flaw

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2, and in Oracle Enterprise Manager Grid Control 10.2.0.5 and 11.1.0.1, allows remote attackers to affect integrity via unknown vectors related ...

Design/Logic Flaw

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7, and Oracle Enterprise Manager Grid Control, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

CVE-2012-0520

CVE-2012-0520 affects Oracle EM Base Platform in Oracle Database Server (10.2.0.3–11.2.0.2) and Oracle Enterprise Manager Grid Control (10.2.0.5, 11.1.0.1). The flaw is described as an unspecified vulnerability enabling remote integrity impact via unknown vectors related to Security Framework. No...

CVE-2012-0520

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2, and in Oracle Enterprise Manager Grid Control 10.2.0.5 and 11.1.0.1, allows remote attackers to affect integrity via unknown vectors related ...

CVE-2012-0528

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7, and Oracle Enterprise Manager Grid Control, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security...

OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release

OWASP Mantra - c0c0n 11 and AppSecLatam 11 Release The third beta of OWASP Mantra Security Toolkit has been released. One of the main features of this version is the multi-language support. Mantra now supports Hindi and Spanish, in addition to English. If you can give us a helping hand by...

Exploit Pack - An open source security framework

Exploit Pack - An open source security framework Exploit Pack is an open source security framework developed by Juan Sacco. It combines the benefits of a Java GUI, Python as Engine and well-known exploits on the wild. It has an IDE to make the task of developing new exploits easier, instant searc...

CVE-2011-2244

Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality and integrity v...

Authentication flaw

Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and 11.1.0.1; allows remote attackers to affect confidentiality and integrity v...

Design/Logic Flaw

Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and...

CVE-2011-0848

CVE-2011-0848 involves Oracle Database Server (versions 10.1.0.5, 10.2.0.3–10.2.0.5, 11.1.0.7, 11.2.0.1–11.2.0.2) and Oracle Enterprise Manager Grid Control (10.1.0.6, 10.2.0.5). The vulnerability lies in the Security Framework component and is described as an unspecified issue that allows remote...

CVE-2011-0848

Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and...

PenTBox 1.4 – Penetration Testing Security Suite Download

PenTBox 1.4 – Penetration Testing Security Suite Download PenTBox, a security framework written in Ruby and multiplatform actually working even on iOS and Android!. Tools & Features Updated Technical features - GNU/GPLv3 License. Free in freedom and in price. - Multi-platform Ruby: GNU/Linux,...

CakePHP 1.3.5/1.2.8 - Cache Corruption (Metasploit)

$Id: cakephpcachecorruption.rb 11579 2011-01-14 16:25:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Mantra: A Browser based Security Framework !

Mantra is a dream that came true for the author. It is a collection of free and open source tools integrated into a web browser – Firefox, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, compact and...

Apache Shiro URI Path Security Directory Traversal Information Disclosure

The version of the Apache Shiro open source security framework running on the remote web server is affected by an error in the path-based filter chain mechanism due to a failure to properly normalize URI paths before comparing them with entries in the shiro.ini file. An unauthenticated, remote...

phpsf-multi.txt

Title: PHP Security Framework Beta 1 Multiple Vulnerabilities and Security Bypass Vendor: http://benjilenoob.66ghz.com/projects/ Advisory: http://acid-root.new.fr/?0:16 Author: DarkFig Released on: 2007/12/16 Changelog: 2007/12/16 Summary: HT Remote File Inclusion MT SQL Injection MT SQL Injectio...

PHP Security Framework - Multiple Input Validation Vulnerabilities

PHP Security Framework - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/26898/info PHP Security Framework is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and remote file-include issues. A successful exploit may...

PHP Security Framework - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/26898/info PHP Security Framework is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and remote file-include issues. A successful exploit may allow an attacker to execute malicious code within the context of the...

Apple Mac OS X Security Framework Online Certificate Status Protocol (OCSP) service fails to properly retrieve certificate revocation lists

Overview Apple Mac OS X Security Framework Online Certificate Status Protocol OCSP service is unable to retrieve certificate revocation lists on systems that are configured to use an HTTP proxy. This vulnerability may result in the use of revoked certificates. Description The Online Certificate...