Whitepaper called Bypassing Oracle DBMS_ASSERT (in certain situations). Originally written in July of 2008 but is just being released now.
e6e1d68c71f6151caeb0c9cf0b475ad6bbf96d0a3d4464eca34740718a6b39f8
Oracle suffers from a PL/SQL injection vulnerability in REPCAT_RPC.VALIDATE_REMOTE_RC.
5d4b4629c0dfdd25f1e4105dfc3bdb283c7a29ba838e5cb3f49d18e230721815
iDefense Security Advisory 08.11.09 - Remote exploitation of an integer overflow vulnerability in Autonomy's KeyView SDK allows attackers to execute arbitrary code with the privileges of the targeted application. The vulnerability occurs when parsing a Shared String Table (SST) record inside of an Excel file. This record is used to hold a table of strings that are used inside of the document. One of the fields in this record is a 32-bit integer that represents the number of strings in the table. This value is used in a calculation that controls the number of bytes to allocate for a dynamic heap buffer. The value is not properly sanitized, which leads to an integer overflow in the calculation. This results in a heap based buffer overflow vulnerability.
91a37e71adf284b1c3c01485dd1c4380ba48759365687481f5d2f29106412bf4
EMO Breader Manager suffers from a remote SQL injection vulnerability in video.php.
aff56de46a1cdfda7f78aea3a970ddfb533de7f3e99d162f009b1e83073552d2
Replicator is a NKE for Mac OS X that enables you to remotely sniff/snoop on outbound TCP/IP traffic.
b888a867b5951df6ebd7f99ce33fce042cb4fa3d574df32fc69c9c0c27c466b5
Turnkey Arcade Script suffers from a remote SQL injection vulnerability.
c572d8ab2aaef43158e36da6ae5b124442a3515141087af416403a6987d2cc86
Debian Security Advisory 1833-2 - The previous dhcp3 update (DSA-1833-1) did not properly apply the required changes to the stable (lenny) version. The old stable (etch) version is not affected by this problem.
d37dd1774bcb143ebca48d1d6561dd56f75caa2f740d1cadcd4ec7160c9f147f
HyperVM suffers from plain text password storage vulnerability.
e6ae6e05e329701b7e81b10c08b5703c7b82d7dd66c744a76a81080935b2bc42
The Lotus Notes Connector for Blackberry Manager version 5.0.0.11 suffers from an Active-X related denial of service vulnerability.
f7ed6fad892291b9a8319e5f6bd49470c7a5d426470ed7390d20ec215f8b5560
The Novell Client for Windows 2000/XP suffers from an Active-X related denial of service vulnerability.
6b2739a9db7704872d86b66181824c0121e5a437149a5d3e68ed9a65d0d2deae
This Metasploit module demonstrates a denial of service vulnerability in Cerberus FTP version 3.0.1.
621add859617c0ef4bfb5e79dc73602f8b35eaa7a0388641e11446fcb5ebbb55
The Joomla Siirler component version 1.2 suffers from a remote SQL injection vulnerability.
c8a8be68de0e64f96e44e68f1421d598f3bbc55567a667e8d48d1c5e5f7be8f0
Linux kernel versions 2.6.31-rc7 and below AF_LLC getsockname 5-byte stack disclosure exploit.
b0e4c47e044db1a597742e8115493357309acc15b1e7785990b678662b54fbb2
EasySec Personal Firewall remote buffer overflow exploit that binds a shell to port 4444.
ea5ccddb3f04e0bd4d9e4a73953fd97ec72929814dd3160044d0587e1bdb2ad9
Call for papers for the 6th edition of CONFIdence 2009 2.0 which is taking place in Warsaw November 19th through the 20th, 2009.
77b400a644de29855ae75cd3c138a03373d2af70e296d695e07fa07fc65605c2
Xerox WorkCentre suffers from a remote denial of service vulnerability. Proof of concept code included.
33438081fe6818b1c602e03ef3120162b1a9d5858a35e67505ec2ea842103eb2
Camfrog.com suffers from a remote SQL injection vulnerability.
a23e65e42645121a1f75437553feaa5fe8e2e7269b1c872b5574ed8e249d9200
TCPDB version 3.8 suffers from a remote contents change vulnerability.
0bcb2ec23073812e02464aa4db5a1aba8d5062c9de3c4c0ff17a9e279deb0e16
Media Jukebox version 8 universal buffer overflow exploit that creates a malicious .m3u file.
eef6ee8612187e64c899b068f7b2ae5f9e5d9a127b376449c46d2e794cd1c2bb
This Metasploit module exploits a buffer overflow in the ProFTP 2.9 client that is triggered through an excessively long welcome message.
c33c4e4704cbe8d199f4eb59ea735d850afa48916f3f2703544acd42fdd4e42d
Secunia Security Advisory - Mr.tro0oqy has reported a vulnerability in Arcade Trade Script, which can be exploited by malicious people to bypass certain security restrictions.
a9d75c05d095eba601c34f5567cb1df746965a094ea5e2ac699faa0f1d1dd33c
Secunia Security Advisory - Fedora has issued an update for ctorrent. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
5ec877ba691e6d01d7a3cfd52fef89f442e4029b2921951af7d8f02f28b246b5
Secunia Security Advisory - Heurs has reported a vulnerability in avast! Home/Professional, which can be exploited by malicious, local users to gain escalated privileges.
13857edad377a27fbe2d4bd426f41abd333a54018cfb7bafd83e5ca24114d1cd
Secunia Security Advisory - Fedora has issued an update for xerces-c27. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
a43ba5c9012c1c714d22030a752934884a855c726fc75a6278a56f67ce2f486a
Secunia Security Advisory - Fedora has issued an update for xerces-c. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
19eaaba0238c0e2e9e101ed6362419eb9185472104978f0c8384622602f2abd8