1155 matches found
Microsoft Releases January 2016 Security Bulletin
Microsoft has released nine updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS16-001...
Adobe Releases Security Updates for Acrobat and Reader
Adobe has released security updates to address multiple vulnerabilities in Acrobat and Reader. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB16-02 and...
devex.com Open Redirect vulnerability
Vulnerable URL: https://www.devex.com/jobs/international-project-manager-397755/applyexternally?redirect=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alex...
December 2015 Security Update Release Summary
Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-32 and apply t...
prospects.ac.uk vulnerability
Vulnerable URL: http://www.prospects.ac.uk/cms/ShowPage/Homepage/Findcoursesandresearch/ApplyOnline/p!ecjXi;jsessionid=6630115c3cc9$3F$0D0$?isWhiteLabel=true=ApplyHeino=31718=https://www.xssposed.org/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerabili...
Adobe Releases Security Updates for ColdFusion, LiveCycle Data Services, and Adobe Premiere Clip
Adobe has released security updates to address multiple vulnerabilities in ColdFusion, LiveCycle Data Services, and Adobe Premiere Clip. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to revi...
Google Releases Security Updates for Chrome and Chrome OS
Google has released security updates to address vulnerabilities in Chrome and Chrome OS. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. Updates available include: Chrome 46.0.2490.86 for Windows, Mac and Linux Chrome 46.0.2490.82 fo...
Adobe Releases Security Updates for Flash Player
Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-28 and apply t...
Microsoft Releases November 2015 Security Bulletin
Microsoft has released 12 updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-112 through...
Mozilla Releases Security Updates for Firefox and Firefox ESR
The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 42 Firefox ESR 38.4 US-CERT encourages...
The vulnerabilities of PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, as well as PDF viewing programs like Adobe Reader and Adobe Reader Document Cloud, allow attackers to circumvent JavaScript restrictions.
The vulnerability in the implementation of the Function apply in PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, as well as in PDF viewing programs like Adobe Reader and Adobe Reader Document Cloud, is related to deficiencies in access control for certain functions...
Apple Releases Multiple Security Updates
Apple has released several security updates to address critical vulnerabilities in multiple Apple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: OS X Server 5.0.15 for OS X Yosemite v10.10.5 and...
Microsoft Releases September 2015 Security Bulletin
Microsoft has released 12 updates to address vulnerabilities in Microsoft Windows. Exploitation of some of these vulnerabilities could allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-094 through...
Out-of-band release for Security Bulletin MS15-078
Today, we released a security bulletin to provide an update for Microsoft Windows. Customers who have automatic updates enabled or apply the update, will be protected. We recommend customers apply the update as soon as possible, following the directions in the security bulletin. More information...
Thetis vulnerable to SQL injection
Overview Thetis provided by Sysphonic Co., Ltd. is an open source groupware and SNS. Thetis contains a SQL injection CWE-89 vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attack...
VMware Releases Security Advisory
VMware has released security updates to address a host privilege escalation vulnerability in VMware Workstation, Player and Horizon View Client for Windows. Exploitation of this vulnerability may allow an attacker to escalate privileges on an affected VMware system. Updates available include:...
Ubuntu Releases Security Update
Ubuntu has released 10 security updates to address multiple vulnerabilities affecting Ubuntu 15.04, 14.10, 14.04 LTS, and 12.04 LTS. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of the affected system. US-CERT encourages users and administrators to revi...
NetFlow Analyzer vulnerable to cross-site scripting
Overview NetFlow Analyzer provided by Zoho Corporation contains a cross-site scripting vulnerability. Tomoshige Hasegawa, Akihito Mukai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may...
Google Releases Security Update for Chrome
Google has released Chrome version 42.0.2311.135 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review the Google Chrome...