Debian Linux Security Advisory 3179-1 - Multiple security issues have been found in Icedove, Debian's version of errors and implementation errors may lead to the execution of arbitrary code or information disclosure.
cfb682b4cf985d57f50b3113248d1b066250081979f86277514df22174a600be
This is a general-purpose module for exploiting conditions where a DLL can be loaded from an specified SMB share. This Metasploit module serves payloads as DLLs over an SMB service.
aa75d9a0bba7262b8da60d2a895a26ef088b4c19238a4ab8a840bc09863ca240
Mandriva Linux Security Advisory 2015-054 - Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker.
a34207981a886a158577856e030851948b7a3f3e331735b3a69d0f3f55895e6f
This is a general-purpose module for exploiting conditions where a HTTP request triggers a DLL load from an specified SMB share. This Metasploit module serves payloads as DLLs over an SMB service and allows an arbitrary HTTP URL to be called that would trigger the load of the DLL.
a573762660008870b62d9b2185839f0e1170cdf2de7200693235f52be52f8d35
Webshop Hun version 1.062S suffers from a directory traversal vulnerability.
ea69ff28954bd9d952da1e6e8e89da2db7d153663d3c643010ca939e68dfe741
Ubuntu Security Notice 2516-3 - USN-2516-1 fixed vulnerabilities in the Linux kernel, and the fix in USN-2516-2 was incomplete. There was an unrelated regression in the use of the virtual counter (CNTVCT) on arm64 architectures. This update fixes the problem. Various other issues were also addressed.
1a88ef9adcc3ea7c2604f0479fa1730a550192db416be0a49b7d6ed0f176098a
Mandriva Linux Security Advisory 2015-055 - The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font. The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted TrueType font. The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted TrueType font. Various other issues have also been addressed.
ea5afe2e065748087b3505058fe600ae5ebe2dc2de3a8f9bd97dc15a6efff7e7
Webshop Hun version 1.062S suffers from a cross site scripting vulnerability.
23eb961c8225c2611a1d5a664074eca6ab6bed2a01f1f0aab836dd07678c592a
Webshop Hun version 1.062S suffers from a remote SQL injection vulnerability.
67ccd6d878de7bbf1e846e7515278f550b36ed0aa1980d7ea0f3d7089c236574
WordPress Newsletter plugin versions 2.6.x and 2.5.x suffer from an open redirect vulnerability.
f781b147aa12aea3e4a5f9c70a57f6e4527e09fb0021c626152f74ced66aa36d
WordPress Max Banner Ads plugin versions 1.09 through 1.9 suffer from a cross site scripting vulnerability.
cd2d5cd17f8c06b083629266151d367c1a392344d3dfbd865c39eedb1cb95158
WordPress Ya'aburnee theme version 1.0.7 and Dignitas theme 1.1.9 suffer from a privilege escalation vulnerability.
37ce88880aa5688e3b5d1d56ea6f15647fe379e279c550ce24f8011e752eea85
WordPress Contact Form DB plugin version 2.8.29 suffers from a cross site request forgery vulnerability.
17c045c565a5964067be268befbffcced1479a51cc769949b62b5c8feece37c7
Whitepaper discussing penetration and security testing against Microsoft SQL Server. Written in Turkish.
dc6404d93aa87f8467a2c37aca466c0c947bae3530334eb4dd8b112aa3850d18
Netcat CMS version 5.5 suffers from a stored cross site scripting vulnerability.
7db891e9d6e061e7b3ce302a37ebff05e74417fb865a9bca35e0cc06380d2d20
Source Boston 2015 has announced its Call For Papers.
4c02f4b3476a4b075a82b920ed9e372705c821790cbe5137aa134dcabb878dcf