Brought to you by:
Suppliers of:
|
|
|
|
|
| |
It has been brought to our attention that a number of security vulnerabilities have been noted in SQL-Ledger. Several of these affect earlier versions of LedgerSMB, and three hotfixes have been released for problems that continue to affect the LedgerSMB codebase More ››› |
|
|
|
| |
Insecure permissions have been detected in the multiple Kaspersky Lab antivirus products More ››› |
|
|
|
| |
Piwik unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized utilizes Piwik's classes to upload arbitrary files or execute arbitrary PHP code More ››› |
|
|
|
| |
Invision Power Board has a PHP file inclusion vulnerability that is trivial to exploit with a web browser and a known location of a php file residing on the target system. Authorisation is not required. The SQL injection vulnerability is somewhat tricky to exploit as there are quite a few restrictions that make creating a successful sql attack vector difficult. Nevertheless a crafty attacker might issue a series of requests that might allow him to gain some information about the target system or even read files from the disk depending on permissions granted to the db account that is used by the forum More ››› |
|
|
|
| |
The U.S. Defense Information Systems Agency (DISA) publishes Security Readiness Review scripts (SRRs) to ensure systems and software meet security baselines required by the Department of Defense. Unprivileged local users can obtain root access on Unix systems where the DISA SRR scripts are run More ››› |
|
|
|
| |
A vulnerability in DevIL DICOM "GetUID()" can be exploited by a malicious party to compromise an application using the library More ››› |
|
|
|
| |
The wireless drivers in some Wi-Fi access points (such as the MARVELL-based Linksys WAP4400N) do not correctly parse information elements included in association requests More ››› |
|
|
|
| |
A potential security vulnerability has been identified with HP Data Protector Express 3.x and 4.x and HP Data Protector Express Single Server Edition (SSE) 3.x and 4.x running on supported Microsoft Windows, Linux, and NetWare versions. The vulnerability could be exploited locally to create a Denial of Service (DoS) or to execute arbitrary code More ››› |
|
|
|
| |
A potential security vulnerability has been identified with certain HP Color LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to data or to create a Denial of Service (DoS) More ››› |
|
|
|
| |
KDELibs is a collection of libraries built on top of Qt that provides the framework and functionality for developers of KDE-compatible software. The main problem exists in dtoa implementation. KDE has a very similar dtoa algorithm to BSD, Chrome and Mozilla More ››› |
|
|
|
|
Security News Archive ...
|
Security News -
Security Reviews -
Exploits -
Tools -
UNIX Focus -
Windows Focus
|
|
|
