D-Link DVG-5402SP with firmware RU_1.01 suffers from brute force and cross site request forgery vulnerabilities.
Monthly Archives: March 2016
Lock Down Your Car From Hackers – Gear Brain
Lock Down Your Car From Hackers – Gear Brain
Bugtraq: [slackware-security] libevent (SSA:2016-085-01)
[slackware-security] libevent (SSA:2016-085-01)
Bugtraq: [slackware-security] mozilla-thunderbird (SSA:2016-085-02)
[slackware-security] mozilla-thunderbird (SSA:2016-085-02)
Bugtraq: [SECURITY] [DSA 3531-1] chromum-browser security update
[SECURITY] [DSA 3531-1] chromum-browser security update
Bugtraq: TrendMicro DDI Cross Site Request Forgerys
TrendMicro DDI Cross Site Request Forgerys
Debian Security Advisory 3531-1
Debian Linux Security Advisory 3531-1 – Several vulnerabilities have been discovered in the chromium web browser.
WAP Music CMS 1.0.2 SQL Injection
WAP Music CMS version 1.0.2 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
SM Soft Tech CMS 1.0 SQL Injection
SM Soft Tech CMS XHTML Mobile version 1.0 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
DSA-3532 quagga – security update
Kostya Kortchinsky discovered a stack-based buffer overflow
vulnerability in the VPNv4 NLRI parser in bgpd in quagga, a BGP/OSPF/RIP
routing daemon. A remote attacker can exploit this flaw to cause a
denial of service (daemon crash), or potentially, execution of arbitrary
code, if bgpd is configured with BGP peers enabled for VPNv4.