478 matches found
CVE-2019-9214
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation...
UBUNTU-CVE-2019-9214
In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation...
BlueHat Shanghai 2019 Call for Papers is Now Open!
We know security experts with diverse skills and experiences are found around the world. This year, the BlueHat Security Conference is coming to Shanghai! BlueHat Shanghai 2019 will take place on May 29-30 at W Shanghai - The Bund. We want to provide a venue for security researchers to come...
LayerBB 1.1.1 - Persistent Cross-Site Scripting
LayerBB 1.1.1 - Persistent Cross-Site Scripting Exploit Title: LayerBB 1.1.1 - Cross-Site Scripting Date: 10/4/2018 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=26 Version: 1.1.1 Tested on: Ubuntu 18.04 CVE: CVE-2018-17997...
LayerBB 1.1.1 - Persistent Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: LayerBB 1.1.1 - Cross-Site Scripting Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://forum.layerbb.com/downloads.php?view=file&id=26 Version: 1.1.1 Tested on: Ubuntu 18.04 CVE: CVE-2018-17997 1...
Microsoft Lync for Mac 2011 - Injection Forced BrowsingDownload
Microsoft Lync for Mac 2011 - Injection Forced BrowsingDownload Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download Author: @nyxgeek - TrustedSec Date: 2018-03-20 Vendor Homepage: microsoft.com Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517...
CISO series: Partnering with the C-Suite on cybersecurity
In my last blog, we looked at five communication techniques that can help engage business managers in the work of cybersecurity. This week, well look at how to use those techniques to bring the C-Suite into the conversation. Not too long ago, I was speaking with the CIO of a large company some...
Beers with Talos EP33 - Change the Conversation or the People Having It?
Beers with Talos BWT Podcast Episode 33 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast. Ep. 33 show notes: Recorded July 6, 2018 - This episode is a bit less technical than most, as we discu...
Twitter is Testing End-to-End Encrypted Direct Messages
Twitter has been adopting new trends at a snail's pace. But it's better to be late than never. Since 2013 people were speculating that Twitter will bring end-to-end encryption to its direct messages, and finally almost 5 years after the encryption era began, the company is now testing an end-to-e...
Twitter is Testing End-to-End Encrypted Direct Messages
Twitter has been adopting new trends at a snail's pace. But it's better to be late than never. Since 2013 people were speculating that Twitter will bring end-to-end encryption to its direct messages, and finally almost 5 years after the encryption era began, the company is now testing an end-to-e...
Microsoft Skype Mobile v8.x - Emoticons DoS Vulnerability
Document Title: =============== Microsoft Skype Mobile v8.x - Emoticons DoS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2116 Video: https://www.vulnerability-lab.com/getcontent.php?id=2117 MSRC ID: 43520 CRM:0461036906 Acknowledgements...
Skype Log Viewer - Download and View Skype History Without Skype
Download and View Skype History Without Skype. This program allows you to view all of your skype chat logs and then easily export them as text files. It correctly organizes them by conversation, and makes sure that group conversations do not get jumbled with one on one chats. Features Download...
Quora: IDNs displayed in unicode
Hello Quora, Please refer https://en.wikipedia.org/wiki/Internationalizeddomainname to know more about IDNs. The IDN Internationalized Domain Name : http://ebаy.com/ is a homograph for the latin ebay.com. if you click that first link, you might think that you are going to ebay.com but in fact, yo...
gdm: Crash when holding Escape in log screen
It was found that gdm could crash due to a signal handler dispatched to an invalid conversation. An attacker could crash gdm by holding the escape key when the screen is locked, possibly bypassing the locked screen...
Description of the cumulative update package for Communicator 2007 R2: November 2010
Describes the issues that are fixed in the November, 2010 cumulative update package for Communicator 2007 R2.SummaryThis article describes the Microsoft Office Communicator 2007 R2 issues that are fixed in the update for Communicator 2007 R2 that is dated November 2010.This article describes the...
CVE-2016-9567
The mDNIe system service on Samsung Mobile S7 devices with M6.0 software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The...
Design/Logic Flaw
The mDNIe system service on Samsung Mobile S7 devices with M6.0 software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The...
Learn German Conversation :AR - Dynamic Code Loading, Exported components, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Learn German Conversation :AR published at the 'play' market has multiple vulnerabilities...
Conversation Translator - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Conversation Translator published at the 'play' market has multiple vulnerabilities...
English Conversation Courses - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application English Conversation Courses published at the 'play' market has multiple vulnerabilities...