Google Releases Security Update for Chrome

Google has released Chrome version 49.0.2623.75 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases...

Redaxo CMS SQL Injection Vulnerability

Redaxo CMS is an open source Web portal content management system CMS. The system supports custom modules , plug-in extensions , project backup and so on. SQL injection vulnerabilities exist in Redaxo CMS. Allows attackers to exploit these vulnerabilities to steal cookie-based authentication, tak...

GNU glibc Vulnerability

GNU glibc contains a buffer overflow vulnerability in the DNS resolver. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Vulnerability Note VU457759 and the glibc Project Notification for...

Mozilla Releases Security Updates

The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 44.0.2 Firefox ESR 38.6.1 US-CERT encourag...

Microsoft Releases February 2016 Security Bulletin

Microsoft has released 13 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Microsoft Security Bulletins MS16-009 through...

Apple Mac OSX / iOS - NECP System Control Socket Packet Parsing Kernel Code Execution Integer Overfl

Exploit for multiple platform in category dos / poc / Source: https://code.google.com/p/google-security-research/issues/detail?id=543 NKE control sockets are documented here: https://developer.apple.com/library/mac/documentation/Darwin/Conceptual/NKEConceptual/control/control.html By default ther...

“Very destructive”of the Kerberos Protocol vulnerability that can lead to system is completely controlled-vulnerability warning-the black bar safety net

Recently, a security expert in the Windows of the Kerberos authentication system found a“very destructive”vulnerability. Last year had exposed the system in a similar vulnerability, the attacker controls the entire network, including the installation of the program, and delete data. The Kerberos...

Mozilla Releases Security Updates for Firefox and Firefox ESR

The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 43 Firefox ESR 38.5 US-CERT encourages...

Microsoft Windows Library Loading Remote Code Execution Vulnerability (CNVD-2015-08040)

Microsoft Windows is a series of operating systems released by the American company Microsoft. A remote code execution vulnerability exists in Microsoft Windows that originates from a program failing to properly validate input before loading a library. An attacker could exploit the vulnerability ...

Google Releases Security Update for Chrome

Google has released Chrome version 47.0.2526.80 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases pa...

Oracle Releases Security Bulletin

Oracle has released its Critical Patch Update for October 2015 to address 154 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Oracle...

Flash Player < 19.0.0.226 RCE (APSB15-27) (Pawn Storm)

Binary data 8991.prm...

Adobe Flash Player Unspecified Vulnerability (Oct 2015) - Linux

Adobe Flash Player is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Releases October 2015 Security Bulletin

Microsoft has released six updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-106 through...

VMware Releases Security Advisory

VMware has released security updates to address security vulnerabilities in vCenter and ESXi. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review VMware Security Advisory VMSA-2015-0007 a...

Mozilla Releases Security Updates for Firefox

The Mozilla Foundation has released security updates to address critical vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 41 Firefox ESR 38.3 US-CERT...

Adobe Releases Security Updates for Flash Player

Adobe has released security updates to address multiple vulnerabilities in Flash Player for Windows, Macintosh, ChromeOS, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review...

Microsoft Windows Font Driver Elevation of Privilege Vulnerability (CNVD-2015-05948)

Microsoft Windows is a series of operating systems released by the American company Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows when the Adobe Type Manager library does not properly handle objects in memory. An attacker could exploit this vulnerability to execut...

CVE-2015-5699 - Cumulus Linux&#39;s Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation

Title =================== Cumulus Linux's Switch Configuration Tools Backend, clcmdserver, Vulnerable to Local Privilege Escalation Summary =================== Cumulus Linux's Switch Configuration Tools Backend, clcmdserver, is vulnerable to local privilege escalation via Command Injection. Cumul...

Microsoft .NET Framework Elevation of Privilege Vulnerability (CNVD-2015-05323)

Microsoft .NET Framework is a comprehensive and consistent programming model developed by Microsoft Corporation USA and a development platform for building Windows, Windows Store, Windows Phone, Windows Server and Microsoft Azure Windows Store, Windows Phone, Windows Server, and Microsoft Azure...