Kerio Control firewall there are a number of serious vulnerabilities-vulnerability warning-the black bar safety net

! According to the foreign media to the latest reports, security research experts in the Kerio Control firewall found a series of serious security vulnerabilities. Due to these vulnerabilities exist, the external attacker will be able by tricking employees to click on to access a malicious link t...

PentestBox 2.0 - Portable Penetration Testing Distribution for Windows Environments

PentestBox provides all security tools as a software package, eliminating requirement of Virtual machines or dualboot environments on Windows Operating System. It is created because more than 50% of penetration testing distribution users uses windows. Source So it provides an efficient platform f...

Design/Logic Flaw

Unspecified vulnerability in the update feature in Toolbar Uninstaller 1.0.2 allows remote attackers to force the download and execution of arbitrary files via attack vectors related to a "malformed update url and a malformed update website."...

CVE-2009-2963

Unspecified vulnerability in the update feature in Toolbar Uninstaller 1.0.2 allows remote attackers to force the download and execution of arbitrary files via attack vectors related to a "malformed update url and a malformed update website."...

CVE-2009-2963

Technical details about CVE-2009-2963 are not provided in the supplied documents. The records reference the vulnerability description, but no concrete affected products, versions, impact, or fixes are disclosed here. Monitor for updates.

CVE-2008-6532

Multiple cross-site request forgery CSRF vulnerabilities in the update feature in Drupal 5.x before 5.13 and 6.x before 6.7 allow remote attackers to perform unauthorized actions as the superuser via unspecified vectors, as demonstrated by causing the superuser to "execute old updates" that modif...

Cross site scripting

Cross-site scripting XSS vulnerability in the profile update feature in Akiva WebBoard 8.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in the form field. NOTE: the provenance of this information is unknown; the details are obtained solely from...

RealPlayer invalid chunk header heap overflow

Added: 03/31/2006 CVE: CVE-2005-2922 BID: 17202 OSVDB: 24062 Background RealPlayer, RealOne Player, and Helix Player include an embedded player which plays media embedded in a web page. Problem A chunked HTTP response containing an invalid or missing chunk header results in a heap overflow, leadi...

CVE-2005-3899

CVE-2005-3899 concerns Google Talk’s automatic update mechanism. The vulnerability allows remote attackers to trigger a denial of service by poisoning a target’s DNS cache and forcing a large update file to be processed, which consumes CPU and memory during signature verification. The provided do...

Mandrake Linux Security Advisory : dhcp (MDKSA-2002:037)

Fermin J. Serna discovered a problem in the dhcp server and client package from versions 3.0 to 3.0.1rc8, which are affected by a format string vulnerability that can be exploited remotely. By default, these versions of DHCP are compiled with the dns update feature enabled, which allows DHCP to...

SuSE YaST symbolic links problem

Symbolic links problem with YOU/onlineupdate...