Lucene search
K

112 matches found

OSV
OSV
added 2018/12/04 4:27 p.m.8 views

SUSE-SU-2018:3973-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use...

9.8CVSS8.1AI score0.06169EPSS
Exploits2References13
Malwarebytes
Malwarebytes
added 2018/10/30 4:0 p.m.58 views

Removing the jam in your printer security

Printers are an important, invisible—albeit sometimes loud—component of the office. But all too often they’re filled with mystery meat icons, peculiar blinking lights, or error messages with no instruction manual to hand. No problem, you can just print at the next station! Wrong. Printers also...

6.8AI score
Exploits0
Oracle linux
Oracle linux
added 2018/10/01 12:0 a.m.121 views

kernel security update

kernel 2.6.18-419.0.0.0.12 - x86 mm/dumppagetables: Add a checkl1tf debugfs file Chris von Recklinghausen 1593378 CVE-2018-3620 - x86 cpu: Make flushl1d visible in /proc/cpuinfo Chris von Recklinghausen 1593378 - x86 cpufeatures: Add detection of L1D cache flush support. Chris von Recklinghausen...

5.6CVSS0.4AI score0.60631EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2018/07/12 12:0 a.m.78 views

OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0236)

The remote OracleVM system is missing necessary patches to address critical security updates : - block: update integrity interval after queue limits change Ritika Srivastava Orabug: 27586756 - dccp: check sk for closed state in dccpsendmsg Alexey Kodanev Orabug: 28001529 CVE-2017-8824 CVE-2018-11...

10CVSS6.4AI score0.52841EPSS
Exploits7References9
Talos Blog
Talos Blog
added 2018/01/03 9:26 a.m.194 views

Tutorial: Mutiny Fuzzing Framework and Decept Proxy

Here's a basic demo video for our new opensource tools, Decept and Mutiny. Happy New Year ^^ Lilith Recently, Talos released new tools to assist in the monumental task of finding vulnerabilities in network applications. Mutiny and Decept work together to help researchers fuzz quickly and...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2017/10/15 11:21 p.m.234 views

KRACK Demo: Critical Key Reinstallation Attack Against Widely-Used WPA2 Wi-Fi Protocol

Do you think your wireless network is secure because you're using WPA2 encryption? If yes, think again! Security researchers have discovered several key management vulnerabilities in the core of Wi-Fi Protected Access II WPA2 protocol that could allow an attacker to hack into your Wi-Fi network a...

5.8CVSS7.5AI score0.04575EPSS
Exploits1
Trend Micro Simply Security
Trend Micro Simply Security
added 2017/09/20 3:16 p.m.18 views

IoT Device Security At Home

My girlfriend read something that worried her about the security risks posed by Internet of Things IoT devices at home. She had recently purchased a new TV, and she has an older home security system. She asked if her privacy might be at risk. We talked about the kinds of problems an unprotected...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2016/10/04 2:32 p.m.12 views

Cloud, IoT Big Factors in Annual BSIMM 7 Report

Bad software equals insecure software, and companies don’t have to accept this status quo. That’s both the takeaway and goal of Cigital’s seventh annual Building Security in Maturity Model report released Tuesday. The report reveals that the cloud, application containers, and agile software...

7.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2016/03/14 3:33 p.m.12 views

Typosquatters Target Mac Users With New .OM Domain Scam

Typosquatters are targeting Apple computer users with malware in a recent campaign that snares clumsy web surfers who mistakenly type .om instead of .com when surfing the web. According to Endgame security researchers, the top level domain for Middle Eastern country Oman .om is being exploited by...

0.1AI score
Exploits0References2
Debian
Debian
added 2015/09/21 9:7 p.m.107 views

[SECURITY] [DLA 310-1] linux-2.6 security update

Package : linux-2.6 Version : 2.6.32-48squeeze14 CVE ID : CVE-2015-0272 CVE-2015-5156 CVE-2015-5364 CVE-2015-5366 CVE-2015-5697 CVE-2015-5707 CVE-2015-6937 This update fixes the CVEs described below. CVE-2015-0272 It was discovered that NetworkManager would set IPv6 MTUs based on the values...

7.8CVSS7.2AI score0.06267EPSS
Exploits0
Packet Storm
Packet Storm
added 2014/02/03 12:0 a.m.33 views

LedgerSMB Improper Logout

Security Advisory: LedgerSMB 1.3.36, Improper Logout on Some Browsers Severity: Low cvssv2 base score: 3.6, total 0.5 Remotely Exploitable: No Complexity of Attack: High Impact: Relatively low. Prerequisite for Attack: Physical Access to Previously Logged In Browser, so high complexity in most...

7.4AI score
Exploits0
Ubuntu
Ubuntu
added 2013/07/16 5:51 p.m.70 views

USN-1907-2: IcedTea Web update

USN-1907-1 fixed vulnerabilities in OpenJDK 7. Due to upstream changes, IcedTea Web needed an update to work with the new OpenJDK 7. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploi...

7.7AI score
Exploits0References1
myhack58
myhack58
added 2013/03/23 12:0 a.m.27 views

New network vulnerabilities continue to hijack all the new network domain name of the state is forbidden to modify the exception-vulnerability warning-the black bar safety net

Brief description: New network vulnerabilities continue to hijack all the new network domain name of the state is forbidden to modify, except Statement: I talked to the new network really didn't hate Detailed description: How to obtain the domain administrative password of the MD5 value will not...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2013/01/14 11:49 p.m.103 views

Operation Red October : Cyber Espionage campaign against many Governments

A new sensational discovered has been announced by Kaspersky Lab’s Global Research & Analysis Team result of an investigation after several attacks hit computer networks of various international diplomatic service agencies. A new large scale cyber-espionage operation has been discovered, named Re...

9.3CVSS0.7AI score0.99966EPSS
Exploits35
myhack58
myhack58
added 2012/11/12 12:0 a.m.24 views

Japanese Dating compensated Dating CMS injection vulnerability-vulnerability warning-the black bar safety net

Find mining on the network vulnerabilities is not what is the problem with the light thing, but because of the political issues to the invasion of Japan website, nor what glorious things will only become cannon fodder. You think you're out of breath, in fact you and I have what difference. Front...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/09/22 12:0 a.m.34 views

USN-1212-1 : linux-ti-omap4 vulnerabilities

Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file holes. A local attacker could exploit this to read uninitialized data from the disk, leading to a loss of privacy. CVE-2011-0463 Timo Warns discovered that the LDM disk partition handli...

9.8CVSS7AI score0.05679EPSS
Exploits21References35
Tenable Nessus
Tenable Nessus
added 2011/06/27 12:0 a.m.15 views

Asterisk Multiple Channel Drivers Denial of Service (AST-2011-008/AST-2011-009/AST-2011-010)

Binary data 5969.prm...

5CVSS7.3AI score0.04612EPSS
Exploits0References5
ThreatPost
ThreatPost
added 2010/05/06 6:36 p.m.12 views

Have We Lost the Desktop Security Battle?

For years, security experts, analysts and even users have been lamenting the state of desktop security. Viruses, spam, Trojans and rootkits have added up to create an ugly picture. But, the good news is that the desktop security battle may be over. The less-than-good news, however, is that we may...

0.5AI score
Exploits0References2
Packet Storm
Packet Storm
added 2010/05/06 12:0 a.m.56 views

Alien Technology ALR-9900 Default Passwords

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tested: www.alientechnology.com/readers/alr9900.php Background: Alien Technology is a major rfid-reader designer and manufacturer. Alien's products are sold to many corporations and the military. Alien's readers can be interfaced with in several ways...

0.7AI score
Exploits0
myhack58
myhack58
added 2009/08/04 12:0 a.m.17 views

A network of popular campus web CMS system vulnerabilities-vulnerability warning-the black bar safety net

Today inadvertently browsing to the home of a high school's website, casually turn to turn. The bottom of the page directly to have“admin”, and click directly into the Background address for http://www.xxxxx.net/xyadmin/login.asp Guess a bit of the database, found at: http://www. xxxxx...

6.8AI score
Exploits0
Rows per page
Query Builder