SQLite is probably the most popular embedded database in use today; it
is also known for being very well-tested and robust.
Because of its versatility, SQLite sometimes finds use as the
mechanism behind SQL-style query APIs that are exposed between
privileged execution contexts and less-trusted co
Michal Zalewski wrote:
> ...
> Because of its versatility, SQLite sometimes finds use as the
> mechanism behind SQL-style query APIs that are exposed between
> privileged execution contexts and less-trusted code. One example of
> this is the WebDB / WebSQL mechanism available in some browsers; in
Hello list members,
We released a new technical whitepaper titled:
"Identifier based XSSI attacks"
CVE numbers:
CVE-2014-6345, CVE-2014-7939
URL:
http://www.mbsd.jp/Whitepaper/xssi.pdf
Introduction:
---
Cross Site Script Inclusion (XSSI) is an attack technique (or a
Hello, this is CVE-2015-1318 and CVE-2015-1862 (essentially the same bugs in
two different implementations, apport and abrt respectively). These were
discussed on the vendors list last week.
If the first character of kern.core_pattern sysctl is a pipe, the kernel
will invoke the specified program,
*NetCat CMS 3.12 Multiple Directory Traversal Security Vulnerabilities*
Exploit Title: NetCat CMS 3.12 Multiple Directory Traversal Security
Vulnerabilities
Product: NetCat CMS (Content Management System)
Vendor: NetCat
Vulnerable Versions: 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
Tested Ve
*NetCat CMS 3.12 HTML Injection Security Vulnerabilities*
Exploit Title: NetCat CMS 3.12 /catalog/search.php? q Parameter HTML
Injection Security Vulnerabilities
Product: NetCat CMS (Content Management System)
Vendor: NetCat
Vulnerable Versions: 3.12 3.0 2.4 2.3 2.2 2.1 2.0 1.1
Test
