0.5AI Score
My colleague Jorge Mieres recently found a C&C server of a botnet based on a malicious program called Ice IX. As announced on several user forums, Ice IX is a bot created using the source code of ZeuS 2.0.8.9, which became publicly available in May. The author of the new bot says the program...
-0.1AI Score
-0.7AI Score
0.007EPSS
[SECURITY] Fedora 14 Update: gipfel-0.3.2-7.fc14
gipfel is a tool to find the names of mountains or points of interest on a picture. It uses a database containing names and GPS data. With the given viewpoint (the point from which the picture was taken) and two known mountains on the picture, it can compute all parameters needed to compute the...
2.7AI Score
0.007EPSS
Facebook shuts down dissident Chinese blogger Michael Anti's account
CHINESE blogger and activist Michael Anti wants to know why he is less worthy of a Facebook account than company founder Mark Zuckerberg's dog. Anti, a popular online commentator whose legal name is Zhao Jing, said his Facebook account had been suddenly cancelled in January. Company officials...
6.9AI Score
Threatpost's List of the Top 10 Security Top 10 Lists
Ever since the traditional print industry collapsed in on itself like a decommissioned ‘Vegas casino, replaced with blogs, micro blogs, social networking and other forms of Web based publishing, the end of the year has brought with it a blizzard of retrospective and prospective Top 10 lists from...
-0.5AI Score
iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an...
5.6AI Score
0.002EPSS
iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an...
5.5AI Score
0.002EPSS
iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an...
6AI Score
0.002EPSS
iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an...
5.5AI Score
0.002EPSS
Apple iOS < 4.2 Multiple Vulnerabilities
The remote mobile host is a using a version of Apple iOS earlier than 4.2. Such versions are potentially affected by multiple vulnerabilities. Apple iOS 4.2 contains security fixes for the following components : Configuration Policies CoreGraphics FreeType iAd Content Display ImageIO ...
3.2AI Score
NSA: Our Development Methods Are in the Open Now
WASHINGTON–Despite its reputation for secrecy and technical expertise, the National Security Agency doesn’t have a set of secret coding practices or testing methods that magically make their applications and systems bulletproof. In fact, one of the agency’s top technical experts said that...
-0.2AI Score
AI Score
0.961EPSS
Microsoft Office - HtmlDlgHelper Class Memory Corruption (MS10-071)
Microsoft Office - HtmlDlgHelper Class Memory Corruption...
0.5AI Score
0.961EPSS
CORE-2010-0517 - Microsoft Office HtmlDlgHelper class memory corruption
Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com Microsoft Office HtmlDlgHelper class memory corruption Advisory Information Title: Microsoft Office HtmlDlgHelper class memory corruption Advisory Id: CORE-2010-0517 Advisory URL:...
-0.3AI Score
0.961EPSS
6.4AI Score
EPSS
Microsoft Office HtmlDlgHelper Class Memory Corruption
Exploit for windows platform in category dos /...
7AI Score
0.5AI Score
0.961EPSS
Microsoft Office HtmlDlgHelper class memory corruption
Core Security - CoreLabs Microsoft Office HtmlDlgHelper class memory corruption 1. Advisory Information Title: Microsoft Office HtmlDlgHelper class memory corruption Advisory Id: CORE-2010-0517 Advisory URL: http://www.coresecurity.com/content/MS-Office-HtmlDlgHelper-memory-corruption Date...
7.6AI Score
Microsoft Office Excel PivotTable Cache Data Record Buffer Overflow
Core Security - CoreLabs Microsoft Office Excel PivotTable Cache Data Record Buffer Overflow 1. Advisory Information Title: Microsoft Office Excel PivotTable Cache Data Record Buffer Overflow Advisory Id: CORE-2010-0407 Advisory URL:...
8.4AI Score
-0.1AI Score
0.1AI Score
-0.8AI Score
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to...
8.4AI Score
0.001EPSS
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to...
8.9AI Score
0.001EPSS
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to...
8.2AI Score
0.001EPSS
SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to...
8.2AI Score
0.001EPSS
7.4AI Score
EPSS
0.7AI Score
7.4AI Score
Elgg (XSS/CSRF/Change Password) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web...
7.1AI Score
7.1AI Score
elgg - Cross-Site Scripting Cross-Site Request Forgery Change Password
elgg - Cross-Site Scripting Cross-Site Request Forgery Change...
0.7AI Score
Mercury Audio Player 1.21 (.pls) SEH Overwrite Exploit
Exploit for unknown platform in category local...
6.8AI Score
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook...
6.5AI Score
0.001EPSS
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook...
6.3AI Score
0.001EPSS
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook...
6.8AI Score
0.001EPSS
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook...
6.6AI Score
0.002EPSS
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook...
6.9AI Score
0.002EPSS
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook...
6.4AI Score
0.002EPSS
Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook...
6.3AI Score
0.001EPSS
Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook...
6.4AI Score
0.002EPSS
Unfixed XSS vulnerability at www.edf-bleuciel.fr
Security researcher Mystick, has submitted on 11/10/2008 a cross-site-scripting (XSS) vulnerability affecting www.edf-bleuciel.fr, which at the time of submission ranked 48191 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/10/2008. It is...
AI Score
7.1AI Score
2.7AI Score
0.004EPSS
Joomla Component Alberghi <= 2.1.3 (id) SQL Injection Vulnerability
No description provided by...
7.1AI Score
Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID,...
7.8AI Score
0.163EPSS
Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID,...
8.4AI Score
0.163EPSS
Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID,...
7.8AI Score
0.163EPSS
Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID,...
7.8AI Score
0.163EPSS