Collaborate Disseminate
ReadyDesk,version 9.1 and possibly others,contains SQL injection,path traversal,hard-coded cryptographic key,and arbitrary file upload vulnerabilities that may be leveraged to expose sensitive data and execute arbitrary code in the context of the vulnerable software. Continue reading VU#294272: ReadyDesk contains multiple vulnerabilities
Misys FusionCapital Opics Plus is used by regional and local financial institutions to manage treasuries. FusionCapital Opics Plus contains several vulnerabilities. Continue reading VU#682704: Misys FusionCapital Opics Plus contains multiple vulnerabilities
The Accellion File Transfer Appliance(FTA)contains multiple vulnerabilites that can allow a remote,unauthenticated attacker to execute arbitrary code on a vulnerable system. Continue reading VU#505560: Accellion File Transfer Appliance (FTA) contains multiple vulnerabilities
“Buffer overflows Injection attacks DoS attacks Memory leakage Information disclosure Compromised systems” What is the common factor between all of those vulnerability classes? If you have heard advice on how to prevent or fix them, chances are that advice prescribed input validation. It’s a glib and common answer, especially to address most web application vulnerabilities: […] Continue reading Stop doing input validation