Aggregator

CVE-2014-2285 | net-snmp 5.7.3 PERL newSVpv Community String input validation (Nessus ID 73163 / ID 123075)

Vuldb Updates
6 months 1 week ago
A vulnerability, which was classified as problematic, was found in net-snmp 5.7.3. Affected is the function newSVpv of the component PERL Handler. The manipulation as part of Community String leads to improper input validation. This vulnerability is traded as CVE-2014-2285. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-1094 | PostgreSQL up to 13.18/14.15/15.10/16.6/17.2 quoting syntax (Nessus ID 216248 / WID-SEC-2025-0372)

Vuldb Updates
6 months 1 week ago
A vulnerability was found in PostgreSQL up to 13.18/14.15/15.10/16.6/17.2. It has been declared as critical. Affected by this vulnerability is the function PQescapeLiteral/PQescapeIdentifier/PQescapeString/PQescapeStringConn. The manipulation leads to improper neutralization of quoting syntax. This vulnerability is known as CVE-2025-1094. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2014-3565 | net-snmp up to 5.7.0 SNMP Trap Processor -OQ resource management (USN-2711-1 / Nessus ID 77612)

Vuldb Updates
6 months 1 week ago
A vulnerability was found in net-snmp. It has been classified as problematic. Affected is an unknown function of the component SNMP Trap Processor. The manipulation of the argument -OQ leads to improper resource management. This vulnerability is traded as CVE-2014-3565. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2014-3565 | Apple Mac OS X up to 10.11.0 Net-SNMP resource management (HT205375 / Nessus ID 86086)

Vuldb Updates
6 months 1 week ago
A vulnerability has been found in Apple Mac OS X up to 10.11.0 and classified as problematic. This vulnerability affects unknown code of the component Net-SNMP. The manipulation leads to improper resource management. This vulnerability was named CVE-2014-3565. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

BSidesSF 2025: Mapping The SaaS Attack Surface

Security Boulevard
6 months 1 week ago

Creator/Author/Presenter: Jaime Blasco

Our deep appreciation to Security BSides - San Francisco and the Creators/Authors/Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.

Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!

Permalink

The post BSidesSF 2025: Mapping The SaaS Attack Surface appeared first on Security Boulevard.

Marc Handelman

Google 改变关闭 goo.gl 短链接的计划

Solidot
6 months 1 week ago
搜索巨人去年宣布,它将于 2025 年 8 月 25 日关闭 Google URL Shortener 短链接服务(goo.gl/*),届时所有 goo.gl 链接将会停止响应。距离关闭日期不到一个月时间,在依赖于 goo.gl 短链接的开发者、教育工作者和记者等表达担忧之后,Google 改变了主意,采取了更温和的立场:它将只禁用自 2024 年底以来没有任何活动的 goo.gl 链接,如果 goo.gl 链接在活跃使用或点击,这些链接将能继续使用。

CVE-2016-4472 | Apple iTunes up to 12.5 on Windows Expat memory corruption (HT207599 / Nessus ID 91913)

Vuldb Updates
6 months 1 week ago
A vulnerability has been found in Apple iTunes up to 12.5 on Windows and classified as critical. This vulnerability affects unknown code of the component Expat. The manipulation leads to memory corruption. This vulnerability was named CVE-2016-4472. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2017-8806 | Debian postgresql-common prior 181+deb9u1 Symbolic Link link following (USN-3476-1 / Nessus ID 104496)

Vuldb Updates
6 months 1 week ago
A vulnerability was found in Debian postgresql-common. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Symbolic Link Handler. The manipulation leads to link following. This vulnerability is handled as CVE-2017-8806. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2017-15098 | PostgreSQL up to 9.3.19/9.4.14/9.5.9/9.6.5/10.0 jsonb_populate_recordset/jsonb_populate_recordset information disclosure (RHSA-2018:2511 / Nessus ID 104483)

Vuldb Updates
6 months 1 week ago
A vulnerability classified as critical has been found in PostgreSQL up to 9.3.19/9.4.14/9.5.9/9.6.5/10.0. Affected is the function jsonb_populate_recordset/jsonb_populate_recordset. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2017-15098. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2017-15099 | PostgreSQL up to 9.5.9/9.6.5/10.0 INSERT information disclosure (USN-3479-1 / Nessus ID 104569)

Vuldb Updates
6 months 1 week ago
A vulnerability classified as problematic was found in PostgreSQL up to 9.5.9/9.6.5/10.0. Affected by this vulnerability is an unknown functionality of the component INSERT Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2017-15099. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2004-1150 | NullSoft WinAmp up to 5.08c in_cdda.dll stack-based overflow (EDB-25061 / Nessus ID 16152)

Vuldb Updates
6 months 1 week ago
A vulnerability classified as critical was found in NullSoft WinAmp up to 5.08c. This vulnerability affects unknown code in the library in_cdda.dll. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2004-1150. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2004-1150 | NullSoft WinAmp up to 5.08c in_mp4.dll stack-based overflow (EDB-25061 / Nessus ID 16152)

Vuldb Updates
6 months 1 week ago
A vulnerability, which was classified as problematic, has been found in NullSoft WinAmp up to 5.08c. This issue affects some unknown processing in the library in_mp4.dll. The manipulation leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2004-1150. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2004-1150 | NullSoft WinAmp up to 5.08c enc_mp4.dll stack-based overflow (EDB-25061 / Nessus ID 16152)

Vuldb Updates
6 months 1 week ago
A vulnerability, which was classified as problematic, was found in NullSoft WinAmp up to 5.08c. Affected is an unknown function in the library enc_mp4.dll. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2004-1150. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2004-1150 | NullSoft WinAmp up to 5.08c libmp4v2.dll stack-based overflow (EDB-25061 / Nessus ID 16152)

Vuldb Updates
6 months 1 week ago
A vulnerability has been found in NullSoft WinAmp up to 5.08c and classified as problematic. Affected by this vulnerability is an unknown functionality in the library libmp4v2.dll. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2004-1150. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad