Vuln: Apache Struts CVE-2016-2162 Cross Site Scripting Vulnerability
Apache Struts CVE-2016-2162 Cross Site Scripting Vulnerability
View ArticleAnalyze of a Linux botnet client source code, (Wed, Jul 27th)
I like to play active-defense. Every day, I extract attackers IP addresses from my SSH honeypots and performa quick Nmap scan against them. The goal is to gain more knowledge about the compromised...
View ArticleBugtraq: VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability
VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability
View ArticleCritical Xen PV guests vulnerabilities, (Wed, Jul 27th)
Xen released a patch to fix a critical vulnerability affecting x86 PV[1] guests. A malicious administrator on a vulnerable guest could escalate his privileges to that of the host. All versions of Xen...
View ArticleBugtraq: Nusiorung CMS 2016 - (Login) Auth Bypass Vulnerability
Nusiorung CMS 2016 - (Login) Auth Bypass Vulnerability
View ArticleBugtraq: DornCMS v1.4 - (FileManager) Persistent Cross Site Scripting...
DornCMS v1.4 - (FileManager) Persistent Cross Site Scripting Vulnerability
View ArticleBugtraq: VUPlayer 2.49 - (.pls) Buffer Overflow Vulnerability
VUPlayer 2.49 - (.pls) Buffer Overflow Vulnerability
View ArticleClik here to view.
How DNC, Clinton campaign attacks fit into Russia’s cyber-war strategy
An attendee at the first day of the Democratic National Convention protests the DNC's treatment of Bernie Sanders, as hinted at by e-mails exposed by an alleged Russian hack. (credit: Chip Somodevilla...
View ArticleBugtraq: RE: VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability
RE: VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability
View ArticleClik here to view.
Telegram app vuln recorded anything macOS users pasted—even in secret
(credit: amalthya) A bug in the Telegram Messager app logged anything its users pasted into their chats in its syslog on macOS, even if they had opted for the end-to-end encrypted "secret" mode. The...
View ArticleBugtraq: [SECURITY] [DSA 3632-1] mariadb-10.0 security update
[SECURITY] [DSA 3632-1] mariadb-10.0 security update
View ArticleRealizing the Potential of Quantum Information Science and Advancing...
The White House announced today a new report from the National Science and Technology Council on challenges, opportunities and the path forward in quantum information science, including a plan for...
View ArticleVuln: DBD::mysql 'my_login()' Function Use After Free Remote Code Execution...
DBD::mysql 'my_login()' Function Use After Free Remote Code Execution Vulnerability
View ArticleVuln: gdk-pixbuf 'OneLine32' Out Of Bounds Write Denial of Service Vulnerability
gdk-pixbuf 'OneLine32' Out Of Bounds Write Denial of Service Vulnerability
View ArticleClik here to view.
Tor inquiry: “Many people” reported being “humiliated” by Appelbaum
Jacob Appelbaum is a former Tor staffer. (credit: SHAREconference) The Tor Project said Wednesday that its internal investigation has been completed into allegations of sexual misconduct allegedly...
View ArticleCritics blast Trump calls for Russia to locate missing Hillary Clinton e-mails
In comments that appeared to condone the hacking of sensitive US correspondence, Republican presidential nominee Donald Trump on Wednesday said he hoped Russia locates missing e-mails sent by Hillary...
View ArticleBugtraq: CVE-2016-2783 - Avaya VOSS/VSP Release 4.1.0.0 Vulnerable to SPB...
CVE-2016-2783 - Avaya VOSS/VSP Release 4.1.0.0 Vulnerable to SPB Traffic traversal
View ArticleVuln: QEMU 'hw/scsi/esp.c' Remote Code Execution Vulnerability
QEMU 'hw/scsi/esp.c' Remote Code Execution Vulnerability
View ArticleVuln: Xen CVE-2016-6258 Privilege Escalation Vulnerability
Xen CVE-2016-6258 Privilege Escalation Vulnerability
View ArticleVuln: Xen CVE-2016-6259 Denial of Service Vulnerability
Xen CVE-2016-6259 Denial of Service Vulnerability
View Article