OpenSSL CVE-2015-3194 Denial of Service Vulnerability
Monthly Archives: December 2015
Vuln: Multiple Kaspersky Products Local Security Bypass Vulnerability
Multiple Kaspersky Products Local Security Bypass Vulnerability
Vuln: Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
Vuln: Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
DSA-3417 bouncycastle – security update
Tibor Jager, Jörg Schwenk, and Juraj Somorovsky, from Horst Görtz
Institute for IT Security, published a paper in ESORICS 2015 where they
describe an invalid curve attack in Bouncy Castle Crypto, a Java library
for cryptography. An attacker is able to recover private Elliptic Curve
keys from different applications, for example, TLS servers.
Bugtraq: COM+ Services DLL side loading vulnerability
COM+ Services DLL side loading vulnerability
Bugtraq: Windows Authentication UI DLL side loading vulnerability
Windows Authentication UI DLL side loading vulnerability
Bugtraq: XSS Vulnerability in Synnefo Client for Synnefo IMS 2015 – CVE-2015-8247
XSS Vulnerability in Synnefo Client for Synnefo IMS 2015 – CVE-2015-8247
[CVE-2015-8377] Cacti graphs_new.php SQL Injection Vulnerability
Posted by xiaotian.wang () dbappsecurity com cn on Dec 13
Symphony 2.6.3 – Multiple Persistent Cross-Site Scripting Vulnerabilities
Posted by CSW Research Lab on Dec 13
================================================================
Symphony 2.6.3 – Multiple Persistent Cross-Site Scripting Vulnerabilities
================================================================
Information
**********************
Vulnerability Type : Multiple Persistent Cross Site Scripting
Vulnerabilities
Vulnerable Version : 2.6.3
Severity: Medium
Author – Arjun Basnet
CVE-ID: N/A
Homepage: *http://www.getsymphony.com/ <…