-
just to add that ClamAV has some known CVEs pre-0.98.7 (http://www.cvedetails.com/vulnerability-list/vendor_id-8871/Clamav.html )
-
"osxlockdown was built to audit, and remediate, security configuration settings on OS X"
As per `commands.json`, "I 'secure' safari by removing javascript and PDF support. Advanced users won't use Sa…
-
Hello CodeIgniter developers,
I noticed a few known security vulnerabilities (CVE-numbers) that apply to the CodeIgniter project (official CPE name cpe:/a:codeigniter:codeigniter).
For **cpe:/a:code…
-
Hi Nathanael, I was alerted to this rather interesting repo via your recent questions about libjpeg-turbo.
One thing that caught my eye was the statement in the readme about "trusted data":
> "...al…
-
I propose removing the 'show' command from msfconsole.
Instead of : 'show options'
It should accept simply 'options'
Removing show eliminates an entire word and makes typing faster and more fluid. T…
-
```
What steps will reproduce the problem?
Headers and banners and code comments leak version information. Currently, not
much is done with this.
What is the expected output? What do you see instead…
-
Hello,
I'm wondering why this vulnerability isn't submitted to the CVE database. Under CPE **cpe:/a:codeigniter:codeigniter**
http://www.cvedetails.com/vulnerability-list/vendor_id-6918/Codeigniter.…
-
Is there anyway to use sqlmap to find this vulnerability?
"The Active Record component in Ruby on Rails before 3.0.14, 3.1.x before 3.1.6, and 3.2.x before 3.2.6 does not properly implement the pas…
-
per #166, to quote @jeremyolliver from what I believe are the relevant comments:
> I also found today some extra sources (http://www.cvedetails.com/version-list/7252/12215/1/Ruby-lang-Ruby.html), whi…
-
I mentionned in #218 that tests are not compatible with PHP 5.3. I thought it didn't matter because we run test in dev environment. However, if we wan't to keep 5.3 compatibility for Shaarli, and avoi…