Skip to main content

Xavier Santolaria's Library tagged vulnerability   View Popular, Search in Google

May 19, 11

"To date, a major gap exists in vulnerability standardization: there is no standard framework for the creation of vulnerability report documentation."

Apr 19, 11

"OMG, today is The Breach Day, an official security holiday. Verizon Business has just released their super-famous “2011 Data Breach Investigations Report”"

Apr 07, 11

"The Internet Systems Consortium (ISC), a non-profit company which develops BIND and dhcpd/dhclient, has announced a new remote code execution vulnerability present in its dhclient software."

Mar 30, 11

A massive SQL Injection campaign, similar to ones seen in the past, has hit nearly 50,000 domains across the Web, including a handful of iTunes URLs. The attacking domain,, is currently offline but the server hosting it remains active. Before it disappeared, the injected domain was pointing users to Rogue anti-Virus applications.

Mar 29, 11

Today, as every ordinary Monday, I went to my e-mail box and checked messages from the security community in Full-Disclosure. As usual I came across an advisory pointing out some web security vulnerabilities that differently from usual certainly had my attention.

Feb 15, 11

This post documents an XSS vulnerability that I discovered in the default Gmail app (v1.3) provided by Google in Android 2.1 and prior.

Jan 18, 11

Some people asked me for a simple way to check shell extensions for their ASLR support. You can do this with Process Explorer.

Jan 06, 11

"By some accounts, Microsoft and Google are at each other's throats over the disclosure of vulnerabilities.

Summarising what seems to have happened in fewer than 100 words is a challenging exercise, but here goes:"

1 - 8 of 8
20 items/page

Diigo is about better ways to research, share and collaborate on information. Learn more »

Join Diigo