Design/Logic Flaw

The App Store component in Apple iOS before 7.0.4 does not properly enforce an intended transaction-time password requirement, which allows local users to complete a 1 App purchase or 2 In-App purchase by leveraging previous entry of Apple ID credentials...

CVE-2013-5193

The App Store component in Apple iOS before 7.0.4 does not properly enforce an intended transaction-time password requirement, which allows local users to complete a 1 App purchase or 2 In-App purchase by leveraging previous entry of Apple ID credentials...

CVE-2013-5193

The CVE-2013-5193 issue affects Apple iOS up to version 7.0.3, where the App Store component does not properly enforce a required transaction password, allowing a local user to complete (1) App purchases or (2) In‑App purchases by using previously entered Apple ID credentials. The root cause is i...

Threat Outbreak Alert: Fake Visa Card Fraudulent Transaction Notification Email Messages on November 13, 2013

Medium Alert ID: 31754 First Published: 2013 November 13 20:49 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a fraudulent transaction notification for the recipient. The text in the email message attempts to persuade t...

Threat Outbreak Alert: Fake Transaction Processing Notification Email Messages on November 11, 2013

Medium Alert ID: 31718 First Published: 2013 November 12 14:43 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a transaction notification for the recipient. The text in the email message attempts to convince the recipien...

millions stolen in Bitcoin heist

More trouble for Bitcoin this week after an Australian wallet service admitted that attackers broke into their systems and made off with more than $1.2 million worth of the the digital crypto-currency. The theft comes on the coat-tails of a contentious research paper claiming that a...

[ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in BoltWire <= v3.5

============================================= INTERNET SECURITY AUDITORS ALERT 2013-010 - Original release date: March 20th, 2013 - Last revised: March 25th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 CVSS Base Score - CVE-ID: CVE-2013-2651...

Threat Outbreak Alert: Fake Swift Transaction Notification Email Messages on October 3, 2013

Medium Alert ID: 31118 First Published: 2013 October 4 14:27 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a swift transaction notification for the recipient. The text in the email message attempts to convince the...

Threat Outbreak Alert: Fake Transaction Disabled Notification Email Messages on August 6, 2013

Medium Alert ID: 30339 First Published: 2013 August 7 19:54 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain information about a disabled ACH transaction for the recipient. The text in the email message attempts to convin...

Threat Outbreak Alert: Fake Payment Transaction Notification Email Messages on August 1, 2013

Medium Alert ID: 30274 First Published: 2013 August 1 16:01 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a payment transaction notification for the recipient. The text in the email message attempts to convince the...

SAP NetWeaver SOAP RFC SXPG_COMMAND_EXECUTE Command Execution

Added: 07/03/2013 BID: 55084 OSVDB: 93536 Background SAP NetWeaver is a technology platform for building and integrating SAP business applications. Remote Function Call RFC is the standard SAP interface for communication between SAP systems. Transaction SM69 is used to create and maintain externa...

CVE-2013-0509

Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool System Service Monitors SSM and Application Service Monitors ASM 4.0.0 before FP14 allows remote attackers to execute arbitrary code via a SQL transaction with a long table name that is not properly handled by a packet decoder...

Buffer overflow

Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool System Service Monitors SSM and Application Service Monitors ASM 4.0.0 before FP14 allows remote attackers to execute arbitrary code via a SQL transaction with a long table name that is not properly handled by a packet decoder...

CVE-2013-0509

Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool System Service Monitors SSM and Application Service Monitors ASM 4.0.0 before FP14 allows remote attackers to execute arbitrary code via a SQL transaction with a long table name that is not properly handled by a packet decoder...

PHPMyWind CMS v4. 6. 3 Beta 0day-vulnerability warning-the black bar safety net

BUG-1: permission to bypass File location: goodsshow.php Problem code: 2 0 //Do not allow visitors under the single jump landing 2 1 ifempty$COOKIE'username' /just a simple determination of whether or not it is empty 2 2 2 3 header'location:member. php? c=login'; 2 4 exit; 2 5 2 6 Brief...

CVE-2013-3062

The CPRCTRANSACTIONCALLBYSET function in the Engineering Workbench component in SAP Production Planning and Control allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors...

CVE-2013-3061

The ISHMED-PATREDTRANSACTRFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component aka ECC 6, allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors...

Design/Logic Flaw

The ISHMED-PATREDTRANSACTRFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component aka ECC 6, allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors...

Design/Logic Flaw

The CPRCTRANSACTIONCALLBYSET function in the Engineering Workbench component in SAP Production Planning and Control allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors...

CVE-2013-3062

CVE-2013-3062 affects SAP Production Planning and Control, specifically the Engineering Workbench component. The vulnerability lies in the function CP_RC_TRANSACTION_CALL_BY_SET, which can allow remote authenticated users to bypass transaction restrictions. Impact is privilege escalation, with a ...