[webapps] – Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability
Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability
Secunia Security Advisory 50058
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple Safari for Mac OS X, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose sensitive information, bypass certain security restrictions, and compromise a user's system.
Secunia Security Advisory 50068
Secunia Security Advisory - A weakness and a vulnerability have been reported in Apple Xcode, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, and bypass certain security restrictions.
iOS SSL Kill Switch
This is a MobileSubstrate extension to disable certificate validation within NSURLConnection in order to facilitate black-box testing of iOS Apps. Once installed on a jailbroken device, iOS SSL Kill Switch patches NSURLConnection to override and disable the system's default certificate validation as well as any kind of custom certificate validation (such as certificate pinning).
Apple Security Advisory 2012-07-25-2
Apple Security Advisory 2012-07-25-2 - Xcode 4.4 is now available and addresses SSL and keychain access vulnerabilities.
[papers] – Bypassing Spam Filters Using Homographs
Bypassing Spam Filters Using Homographs
Apple Security Advisory 2012-07-25-1
Apple Security Advisory 2012-07-25-1 - A cross-site scripting issue existed in the handling of feed:// URLs in Safari.
[webapps] – SpiceWorks 5.3.75941 Stored XSS and Post-Auth SQL Injection
SpiceWorks 5.3.75941 Stored XSS and Post-Auth SQL Injection
[webapps] – AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection
AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection
[webapps] – Ipswitch WhatsUp Gold 15.02 Stored XSS – Blind SQLi – RCE
Ipswitch WhatsUp Gold 15.02 Stored XSS - Blind SQLi - RCE