144 matches found
Apple iOS webkit memory corruption vulnerability (CNVD-2017-05607)
Apple iOS is an operating system for Apple smart devices. A memory corruption vulnerability exists in Webkit used by Apple iOS, which allows attackers to exploit the vulnerability to build malicious web pages that can be clicked on by users, which can crash the application or execute arbitrary co...
132 Google Play Apps Booted For Having Malicious IFrames
Google removed 132 apps infected with malicious iFrames from its Google Play store after security researchers discovered a development platform used to create the apps was infected with malware and in turn compromised the apps. Palo Alto Networks’ Unit 42 researchers said the apps were infected...
MS15-080: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: August 11, 2015
MS15-080: Description of the security update for the .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2: August 11, 2015 View products that this article applies to. Summary This security update resolves vulnerabilities in the Microsoft .NET Framework and Microsoft Silverlight. These...
MS15-080: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: August 11, 2015
MS15-080: Description of the security update for the .NET Framework 3.5 on Windows 8 and Windows Server 2012: August 11, 2015 View products that this article applies to. Summary This security update resolves vulnerabilities in the Microsoft .NET Framework and Microsoft Silverlight. These...
MS14-036: Description of the security update for Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, and Windows Server 2003: June 10, 2014
MS14-036: Description of the security update for Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista, and Windows Server 2003: June 10, 2014 Introduction This security update resolves vulnerabilities in Windows, Microsoft Office, and Microsoft Lync that could allow remote code...
MiCasa VeraLite Remote Code Execution
Exploit Title: MiCasa VeraLite Remote Code Execution Date: 10-20-2016 Software Link: http://getvera.com/controllers/veralite/ Exploit Author: Jacob Baines Contact: https://twitter.com/JuniorBaines CVE: CVE-2013-4863 & CVE-2016-6255 Platform: Hardware 1. Description A remote attacker can execute...
[SECURITY] Fedora 23 Update: gimp-2.8.16-2.fc23
GIMP GNU Image Manipulation Program is a powerful image composition and editing program, which can be extremely useful for creating logos and other graphics for webpages. GIMP has many of the tools and filters you would exp ect to find in similar commercial offerings, and some interesting extras ...
MS16-039: Description of the security update for Skype for Business 2016: April 12, 2016
None None...
MS16-024: Cumulative security update for Microsoft Edge: March 8, 2016
Resolves a vulnerability in Microsoft Edge that could allow remote code execution if a user views a specially crafted webpage in Microsoft Edge.SummaryThis security update resolves multiple vulnerabilities in Microsoft Edge. The most severe of these vulnerabilities could allow remote code executi...
Linux Embedded Firmware Dynamic Analysis: FIRMADYNE
FIRMADYNE is an automated and scalable system for performing emulation and dynamic analysis of Linux-based embedded firmware. It includes the following components: modified kernels MIPS: v2.6.32 , ARM: v4.1 , v3.10 for instrumentation of firmware execution; a userspace NVRAM library to emulate a...
MS16-001: Cumulative Security Update for Internet Explorer: January 12, 2016
Resolves vulnerabilities in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.SummaryThis security update resolves several reported vulnerabilities in Internet Explorer. These vulnerabilities could allow remote code...
Huawei HG253s V2 Information Disclosure Vulnerability
Huawei HG253s V2 suffers from a remote information disclosure vulnerability. Huawei HG253s v2 Vodafone-Spain is starting to rent a new Huawei HG253v2 router to the spanish costumers. This new router is coming with a new firmware version. This bug has been found by @VicenDominguez Vulnerability...
Hawkeye-G 3.0.1.4912 Cross Site Scripting / Information Leakage
Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-HAWKEYEG0725.txt Vendor: ================================ www.hexiscyber.com Product: ================================ Hawkeye-G v3.0.1.4912 Hawkeye G is an active defense...
Microsoft Internet Explorer CVE-2015-2425 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
CVE-2015-0259
OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...
UBUNTU-CVE-2015-0259
OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...
CVE-2015-0259
OpenStack Compute Nova before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage...
Crumbs - Moderately Critical - Cross Site Scripting (XSS) - SA-CONTRIB-2015-082
This module enables you to add navigation to your webpages colloquially referred to as "breadcrumbs". The module doesn't sufficiently sanitize custom HTML separators for breadcrumbs, thereby exposing a Cross Site Scripting vulnerability. This vulnerability is mitigated by the fact that an attacke...
Microsoft Internet Explorer CVE-2015-0042 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2014-4091 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...