[FD] PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability

Document Title: === PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1509 EIBBP-31983 (P2) Video: http://www.vulnerability-lab.com/get_content.php?id=1615 Vulnerability Magazin

[FD] Freemake Video Downloader 3.7.1 - Code Execution Vulnerability

Document Title: === Freemake Video Downloader 3.7.1 - Code Execution Vulnerability References (Source): http://www.vulnerability-lab.com/get_content.php?id=1617 Release Date: = 2015-10-12 Vulnerability Laboratory ID (VL-ID): ===

[FD] Unicorn CPU Emulator Framework is out!

Greetings, Two months after our Blackhat USA talk, we are excited to announce the first release, version 0.9, of Unicorn Engine, the multi-arch, multi-platform CPU emulator framework you are all longing for! Unicorn CPU emulator offers some unparalleled features: - Multi-architectures: Arm, Arm6

[FD] hackercon berlin: hack4 the year is 2015

Hi folks and gentlehackers, as this year is almost over, what could be nicer than spending some time in Berlin and listening to the packets? We are happy to announce the 2015 hack4 in Berlin. What are we looking for? Basically for practical technical talks and cool people. Topics we want to cove

[FD] netis RealTek wireless router / ADSL modem Multiple Vulnerabilities

# Exploit Title: [netis RealTek wireless router / ADSL modem Multiple Vulnerabilities] # Discovered by: Karn Ganeshen # Reported on: [October 13, 2015] # Vendor Response: [Vulnerability? What's this?] # Vendor Homepage: [www.netis-systems.com] # Version Affected: [Firmware version RTK v2.1.1] **V

[FD] PROLiNK H5004NK ADSL Wireless Modem Multiple Vulnerabilities

# Exploit Title: [PROLiNK H5004NK ADSL Wireless Modem Multiple Vulnerabilities] # Discovered by: Karn Ganeshen # Reported on: [October 13, 2015] # Vendor Response: [No process to handle vuln reports] # Vendor Homepage: [ http://www.prolink2u.com/newtemp/datacom/adsl-modem-router/381-h5004nk.html] #

[FD] UISGCON11 CFP

Hello On behalf of UISGCON11 Organization Committee I would like to invite all persons who want to participate in our annual Ukrainian InfoSec conference, CFP is open for submission. UISGCON11 will be held on December, 4 in Kyiv, Ukraine, Hotel Bratislava . Website of the event - https://11.ui

[FD] CakePHP Xml class SSRF Vulnerability

= Title : CakePHP Xml class SSRF Vulnerability CVE Number : N/A (not assigned) Affected Software : Confirmed on CakePHP v3.0.5 (prior versions may also be affected) Credit : Takeshi Terada of Mitsui Bussan Secure Directions

[FD] APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 are now available which address the following: Keynote, Pages, and Numbers Available for: OS X Yosemite v1

Re: [FD] Watch your Downloads: the risk of the "auto-download" feature on Microsoft Edge and Google Chrome

On Mon, Oct 12, 2015 at 7:20 AM, Stefan Kanthak wrote: > > > Right. > And that's why it's ABSOLUTELY necessary to educate EVERY Windows user: Any solution that requires personally talking to 7 billion people and achieving 100% understanding and compliance is not even in theory workable. Oops, 7

[FD] Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334)

Qualys Security Advisory LibreSSL (CVE-2015-5333 and CVE-2015-5334) Contents Summary Memory Leak (CVE-2015-5333) Buffer Overflow (CVE-2015-5334) Ack