If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. Solution is to...
Read MoreIBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended...
Read MoreNginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted...
Read MoreHeimdal before 7.4 allows remote attackers to impersonate services with Orpheus’ Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In...
Read More[This is third guest diary by Dr.Ali Dehghantanha. You can find his first diaryhereand second here. If you would like to propose a guest diary, please let us know] Continuing my earlier posts on investigation of BitTorrent Sync...
Read More