Skip to main content

Xavier Santolaria's Library tagged vulnerability   View Popular, Search in Google

19 May 11

"To date, a major gap exists in vulnerability standardization: there is no standard framework for the creation of vulnerability report documentation."

19 Apr 11

"OMG, today is The Breach Day, an official security holiday. Verizon Business has just released their super-famous “2011 Data Breach Investigations Report”"

07 Apr 11

"The Internet Systems Consortium (ISC), a non-profit company which develops BIND and dhcpd/dhclient, has announced a new remote code execution vulnerability present in its dhclient software."

30 Mar 11

A massive SQL Injection campaign, similar to ones seen in the past, has hit nearly 50,000 domains across the Web, including a handful of iTunes URLs. The attacking domain, lizamoon.com, is currently offline but the server hosting it remains active. Before it disappeared, the injected domain was pointing users to Rogue anti-Virus applications.

29 Mar 11

Today, as every ordinary Monday, I went to my e-mail box and checked messages from the security community in Full-Disclosure. As usual I came across an advisory pointing out some web security vulnerabilities that differently from usual certainly had my attention.

15 Feb 11

This post documents an XSS vulnerability that I discovered in the default Gmail app (v1.3) provided by Google in Android 2.1 and prior.

18 Jan 11

Some people asked me for a simple way to check shell extensions for their ASLR support. You can do this with Process Explorer.

06 Jan 11

"By some accounts, Microsoft and Google are at each other's throats over the disclosure of vulnerabilities.

Summarising what seems to have happened in fewer than 100 words is a challenging exercise, but here goes:"

1 - 8 of 8
20 items/page

Highlighter, Sticky notes, Tagging, Groups and Network: integrated suite dramatically boosting research productivity. Learn more »

Join Diigo