CVE-2011-0848

Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5; allows remote attackers to affect confidentiality, integrity, and...

CVE-2011-0848

CVE-2011-0848 involves Oracle Database Server (versions 10.1.0.5, 10.2.0.3–10.2.0.5, 11.1.0.7, 11.2.0.1–11.2.0.2) and Oracle Enterprise Manager Grid Control (10.1.0.6, 10.2.0.5). The vulnerability lies in the Security Framework component and is described as an unspecified issue that allows remote...

PenTBox 1.4 – Penetration Testing Security Suite Download

PenTBox 1.4 – Penetration Testing Security Suite Download PenTBox, a security framework written in Ruby and multiplatform actually working even on iOS and Android!. Tools & Features Updated Technical features - GNU/GPLv3 License. Free in freedom and in price. - Multi-platform Ruby: GNU/Linux,...

CakePHP 1.3.5/1.2.8 - Cache Corruption (Metasploit)

$Id: cakephpcachecorruption.rb 11579 2011-01-14 16:25:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Mantra: A Browser based Security Framework !

Mantra is a dream that came true for the author. It is a collection of free and open source tools integrated into a web browser – Firefox, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, compact and...

Apache Shiro URI Path Security Directory Traversal Information Disclosure

The version of the Apache Shiro open source security framework running on the remote web server is affected by an error in the path-based filter chain mechanism due to a failure to properly normalize URI paths before comparing them with entries in the shiro.ini file. An unauthenticated, remote...

phpsf-multi.txt

Title: PHP Security Framework Beta 1 Multiple Vulnerabilities and Security Bypass Vendor: http://benjilenoob.66ghz.com/projects/ Advisory: http://acid-root.new.fr/?0:16 Author: DarkFig Released on: 2007/12/16 Changelog: 2007/12/16 Summary: HT Remote File Inclusion MT SQL Injection MT SQL Injectio...

PHP Security Framework - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/26898/info PHP Security Framework is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and remote file-include issues. A successful exploit may allow an attacker to execute malicious code within the context of the...

PHP Security Framework - Multiple Input Validation Vulnerabilities

PHP Security Framework - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/26898/info PHP Security Framework is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and remote file-include issues. A successful exploit may...

Apple Mac OS X Security Framework Online Certificate Status Protocol (OCSP) service fails to properly retrieve certificate revocation lists

Overview Apple Mac OS X Security Framework Online Certificate Status Protocol OCSP service is unable to retrieve certificate revocation lists on systems that are configured to use an HTTP proxy. This vulnerability may result in the use of revoked certificates. Description The Online Certificate...

CVE-2006-4410

The Security Framework in Apple Mac OS X 10.3.9, and 10.4.x before 10.4.7, does not properly search certificate revocation lists CRL, which allows remote attackers to access systems by using revoked certificates...

CVE-2006-4409

The Online Certificate Status Protocol OCSP service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists CRL when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked...

CVE-2006-4410

The CVE-2006-4410 entry affects Apple Mac OS X where the Security Framework in 10.3.9 and 10.4.x (before 10.4.7) does not properly search certificate revocation lists (CRLs). This allows remote attackers to authenticate with revoked certificates, potentially compromising system access. Public ref...

CVE-2006-4409

The Online Certificate Status Protocol OCSP service in the Security Framework in Apple Mac OS X 10.4 through 10.4.8 retrieve certificate revocation lists CRL when an HTTP proxy is in use, which could cause the system to accept certificates that have been revoked...

CVE-2006-4408

CVE-2006-4408 : Apple Mac OS X 10.4–10.4.8 contains a vulnerability in the Security Framework that allows remote attackers to cause a denial of service (resource consumption) by using certain public key values in an X.509 certificate that require extra resources during signature verification. The...

CVE-2006-4407

CVE-2006-4407 affects Apple Mac OS X Security Framework Secure Transport. The issue arises when negotiating the strongest shared cipher: due to an incorrect priority order, Secure Transport may choose a weaker cipher, potentially enabling a remote attacker to decrypt traffic. Documents consistent...

CVE-2006-4410

The Security Framework in Apple Mac OS X 10.3.9, and 10.4.x before 10.4.7, does not properly search certificate revocation lists CRL, which allows remote attackers to access systems by using revoked certificates...

Apple Mac OS X Security Framework Secure Transport may not negotiate the best cipher available

Overview Apple Mac OS X Security Framework Secure Transport may not negotiate the best cipher available. This vulnerability may allow traffic to be weakly encrypted. Description Secure Transport refers to Apple’s implementation of SSL and TLS that is used by Mac OS X to create secure connections...

Mac OS X Multiple Vulnerabilities (Security Update 2006-007)

The remote host is running a version of Mac OS X which does not have the security update 2006-007 applied. Security Update 2006-007 contains several security fixes for the following programs : - AirPort - ATS - CFNetwork - Finder - Font Book - Font Importer - Installer - OpenSSL - PHP - PPP - Sam...

CVE-2024-5781

...