Lucene search
K

184 matches found

The Hacker News
The Hacker News
added 2013/08/04 11:21 p.m.29 views

Firefox Zero-Day Exploit used by FBI to shutdown Child porn on Tor Network hosting; Tor Mail Compromised

TOR is the dark side of the Internet, the so-called dark web, which provides a safe haven to privacy advocates but is also where drugs, child pornography, assassins for hire and other weird and illegal activities can allegedly be traded. A claimed zero-day vulnerability in Firefox 17 was used by...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2013/05/06 2:42 p.m.10 views

Internet Explorer zero-day exploit targets U.S. nuke researchers

Security researchers revealed that series of "Watering Hole" has been conducted exploiting a IE8 zero-day vulnerability to target U.S. Government experts working on nuclear weapons research. The news is not surprising but it is very concerning, the principal targets of the attacks are various...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/05/06 3:42 a.m.22 views

Internet Explorer zero-day exploit targets U.S. nuke researchers

Security researchers revealed that series of "Watering Hole" has been conducted exploiting a IE8 zero-day vulnerability to target U.S. Government experts working on nuclear weapons research. The news is not surprising but it is very concerning, the principal targets of the attacks are various...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/03/01 4:34 p.m.67 views

The Java Zero-Day Procession Continues

After a glorious 72-hour stretch without one, security researchers confirmed yesterday that they found yet another zero-day vulnerability in Oracle’s thoroughly troubled Java platform. With a little help from Hermes Bojaxhi and his team at Cyber Engineering Services, researchers from the security...

10CVSS0.9AI score0.86151EPSS
Exploits10References4
ThreatPost
ThreatPost
added 2013/01/11 8:18 p.m.8 views

Incomplete Java Patch Paved Way for Latest Zero Day Mess

The exploit targeting the latest zero-day vulnerability in the Java platform is dropping ransomware, and has been found in another exploit kit. Security experts, including U.S.-CERT last night, advise users and IT managers to disable Java on endpoints and browsers. Meanwhile, Polish security...

7.1AI score
Exploits0References8
Saint
Saint
added 2013/01/04 12:0 a.m.43 views

Internet Explorer CButton Use After Free Vulnerability

Added: 01/04/2013 CVE: CVE-2012-4792 BID: 57070 OSVDB: 88774 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem All references to DOM button objects are not properly removed when a DOM buttom object is deleted. If the stale reference...

9.3CVSS7.1AI score0.78823EPSS
Exploits12
ThreatPost
ThreatPost
added 2012/11/01 3:3 p.m.26 views

VUPEN Researchers Say They Have Zero-Day Windows 8 Exploit

Controversial bug hunters and exploit sellers VUPEN claimed to have cracked the low-level security enhancements featured in Windows 8, Microsoft’s latest operating system. VUPEN CEO and head of research Chaouki Bekrar sent out a pair of ominous Tweets yesterday claiming to have developed the firs...

1.9AI score
Exploits0References5
The Hacker News
The Hacker News
added 2012/10/19 11:43 p.m.19 views

Zero-Day Exploit released for Vulnerability in Novell ZENworks

Rapid7 researcher Juan Vazquez recently uncovered a zero-day security flaw in Novell ZENworks Asset Management 7.5. This Vulnerability CVE-2012-4933 gives access to any files with system privileges and could also allow an attacker to grab configuration parameters, including the backend credential...

7.8CVSS6.8AI score0.44012EPSS
Exploits5
The Hacker News
The Hacker News
added 2012/10/19 1:6 p.m.7 views

Apple update removes Java plugin from OS X browsers

Apple has discontinued its own Java plugin, issuing an 'update' that removes it from MacOS and encourages users to instead download Oracle's version of the software. Its another step by Apple towards making OS X safer on the web. Mac users may have noticed that Java-based websites are displaying ...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2012/09/19 8:8 p.m.28 views

Exploit Released for Internet Explorer zero-day attacks : CVE-2012-4969

Microsoft has confirmed reports that a zero-day vulnerability in its Internet Explorer browser is being actively attacked in the wild. Four active exploits of a zero-day vulnerability in the browser exists. Microsoft will push out an out-of-cycle Windows patch to temporarily fix the critical...

9.3CVSS7.3AI score0.81716EPSS
Exploits8
The Hacker News
The Hacker News
added 2012/07/10 9:18 p.m.12 views

Plesk Zero Day Exploit in the Wild, Thousands of sites got Hacked

Sucuri Malware Labs notify that some zero-day exploits are available to Hackers which are being used to Hack into Parallels' Plesk Panel Port Number 8443. These attacks was keep on raising from last few months as you can see in the Graph: At least 4000 new websites were infected each day, Sucuri...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2012/05/01 11:30 p.m.28 views

Oracle Database new zero day exploit put users at risk

Oracle Database new zero day exploit put users at risk Oracle has recommended workarounds for a zero-day Oracle Database flaw that was not fixed in the company's April critical patch update. Oracle issued a security alert for Oracle TNS Poison, the vulnerability, disclosed by researcher Joxean...

7.5CVSS6.8AI score0.77633EPSS
Exploits3
ThreatPost
ThreatPost
added 2012/01/04 4:57 p.m.13 views

Updated: IE6 Market Share Dips Below 1% in US. Microsoft Celebrates

Recent data shows that the share of Web traffic in the U.S. that’s being viewed on the troubled Internet Explorer Version 6 browser has finally dropped beneath 1%, and nobody is happier about it than parent company, Microsoft, which launched a program to eradicate IE6 back in March, 2011. In a bl...

7.4AI score
Exploits0References8
ThreatPost
ThreatPost
added 2011/11/01 6:33 p.m.8 views

Duqu Installer Contains Windows Kernel Zero Day

A newly discovered installer for the Duqu malware includes an exploit for a previously unknown vulnerability in the Windows kernel that allows remote code execution. Microsoft is working on a fix for the kernel vulnerability right now. The exact location and nature of the flaw isn’t clear right...

0.4AI score
Exploits0References6
The Hacker News
The Hacker News
added 2011/08/07 12:30 p.m.4 views

10 year old girl hacker CyFi reveal her first zero-day in Game at #DefCon 19

10 year old girl hacker CyFi reveal her first zero-day in Game at DefCon 19 Another awesome day at DefCon 19 . Today a 10 year old Girl hacker - pseudonym CyFi revealed her zero-day exploit in games on iOS and Android devices that independent researchers have confirmed as a new class of...

6.8AI score
Exploits0
Saint
Saint
added 2011/02/03 12:0 a.m.24 views

Symantec Alert Management System PIN number buffer overflow

Added: 02/03/2011 CVE: CVE-2010-0110 BID: 45936 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager, which listens on po...

7.9CVSS7.7AI score0.0513EPSS
Exploits12
Packet Storm
Packet Storm
added 2010/06/18 12:0 a.m.37 views

Gmail Checker Plus Chrome Extension Cross Site Scripting / Cross Site Request Forgery

Gmail Checker plus Chrome extension XSS/CSRF II extension: https://chrome.google.com/extensions/detail/gffjhibehnempbkeheiccaincokdjbfe advisore:http://lostmon.blogspot.com/2010/06/gmail-checker-plus-chrome-extension.html Exploit available:yes vendor notify: NO So in this case "Google Mail Checke...

0.2AI score
Exploits0
ThreatPost
ThreatPost
added 2010/03/24 3:41 p.m.8 views

TJX Browser Exploit Accomplice Gets Probation

A computer security professional who sold Internet Explorer exploit code to credit card hacker Albert Gonzalez was sentenced Tuesday to three years probation and a $10,000 fine. Jeremy Jethro, 29, was paid $60,000 by Gonzalez for a zero-day exploit against Microsoft’s browser, “the purpose and...

2.2AI score
Exploits0References3
Samba
Samba
added 2010/02/02 12:0 a.m.106 views

Change parameter "wide links" to default to "no";

Description The problem comes from a combination of two features in Samba, each of which on their own are useful to Administrators, but in combination allow users to access any file on the system that their logged in username has permissions to read this is not a privilege escalation problem. By...

3.5CVSS7.4AI score0.3053EPSS
Exploits6
securityvulns
securityvulns
added 2009/10/19 12:0 a.m.61 views

In-depth research on the recent PDF zero-day exploit (CVE-2009-3459)

Hi there, Just want to let you know, the Fortinet's FortiGuard Global Security Research Team has provided an in-depth research on the recent PDF zero-day exploit CVE-2009-3459. http://www.fortiguard.com/analysis/pdfanalysis.html "Taking a look back over this 0-day attack as a whole, each single...

9.3CVSS0.86468EPSS
Exploits12
Rows per page
Query Builder