Call for Papers: USENIX Workshop on Offensive Technologies (WOOT '18)

Dear all, We are pleased to announce the Call for Papers for the 12th USENIX Workshop on Offensive Technologies! WOOT '18 will be held on August 13–14, 2018, in conjunction with USENIX Security in Baltimore, MD, USA. WOOT provides a forum for high-quality, peer-reviewed work discussing tools and

secuvera-SA-2017-04: SQL-Injection Vulnerability in OCS Inventory NG ocsreports Web application

Affected Products OCS Inventory NG ocsreports 2.4 OCS Inventory NG ocsreports 2.3.1 (older/other releases have not been tested) References https://www.secuvera.de/advisories/secuvera-SA-2017-04.txt (used for updates)

[SECURITY] [DSA 4170-1] pjproject security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-4170-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff April 09, 2018

Defense in depth -- the Microsoft way (part 53): our MSRC doesn't know how Windows handles PATH

Hi @ll, on their "Security Research & Defense" blog, members of Microsoft's Security Response Center recently posted This blog post but clearly shows that the MSRC doesn't know how Windows handles the

secuvera-SA-2017-03: Reflected Cross-Site-Scripting Vulnerabilities in OCS Inventory NG ocsreports Web application

Affected Products OCSInventory-ocsreports 2.4 (older releases have not been tested) References https://www.secuvera.de/advisories/secuvera-SA-2017-03.txt (used for updates) https://www.ocsinventory-ng.org/en/ocs-inventory-server-2-4-1-has-been-released/ (Release announcement of OCS