Browse via Tor
Cynet 360 Uses Insecure Control Channels
23 April 2020
Spamhaus still parties like it's 1999
16 October 2019
Twitter Screws Up With Data It Shouldn't Hold
09 October 2019
The Curious Case of BitFi and Secret Persistence
16 July 2019
A guide to designing Account Security Mechanisms
26 March 2017
Don't Use Web2Tor/Tor2Web (especially Onion.cab)
04 March 2017
The State of Mobile Banking (in the UK)
21 June 2016
The DVLA is routinely sending sensitive details via email
28 December 2014
Understanding Password Storage
22 June 2014
My Own Little HeartBleed Headache
19 April 2014
Page 1 of 3
Return to listing
Bad cast in CSS in Google Chrome prior to 188.8.131.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Insufficient policy enforcement in V8 in Google Chrome prior to 184.108.40.206 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
FarLinX X25 Gateway through 2014-09-25 allows command injection via shell metacharacters to sysSaveMonitorData.php, fsx25MonProxy.php, syseditdate.php, iframeupload.php, or sysRestoreX25Cplt.php.
FarLinX X25 Gateway through 2014-09-25 allows directory traversal via the log-handling feature.
FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbitrary data to fsUI.xyz via fsSaveUIPersistence.php.
Lexiglot through 2014-11-20 allows denial of service because api/update.php launches svn update operations that use a great deal of resources.
Lexiglot through 2014-11-20 allows local users to obtain sensitive information by listing a process because the username and password are on the command line.
Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path) via an include/smarty/plugins/modifier.date_format.php request if PHP has a non-recommended configuration that produces warning messages.
Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (names and details of projects) by visiting the /update.log URI.
Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin.php?page=history&limit= URI.
Based on a template by JoomSpirit, customised by
About this template