The Top Reason Not to Ditch an iPhone for Android? WhatsApp

It should be simple to transfer your chat history from iOS to Android, but it's really not...

CVE-2020-8013 permissions: chkstat sets unintended setuid/capabilities for mrsh and wodim

A UNIX Symbolic Link Symlink Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can't be...

Nasty old Android malware with new capabilities gets difficult to remove

By Sudais Asif This Android malware was identified in 2016 but in 2020 the malware is back with new capabilities including... This is a post from HackRead.com Read the original post: Nasty old Android malware with new capabilities gets difficult to remove...

Denial Of Service (Dos)

mysql is vulnerable to denial of service. A difficult to exploit vulnerability allows a high privileged attacker to crash the server...

Denial Of Service (Dos)

mysql is vulnerable to denial of service. A difficult to exploit vulnerability allows a high privileged attacker to crash the server...

Solaris 10 (sparc) : 150400-51

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...

Solaris 10 (sparc) : 119783-40

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Bind/Postinstall script for Bind package. The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component o...

Solaris 10 (sparc) : 119783-32

Vulnerability in the Solaris component of Oracle Sun Products Suite subcomponent: Bind/Postinstall script for Bind package. The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System plus additional login/authentication to component o...

Design/Logic Flaw

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...

F5 Networks BIG-IP : OpenSSL vulnerability (K44512851)

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed...

DracOS - Lightweight and Powerful Penetration Testing OS

Dracos Linux www.dracos-linux.org is the Linux operating system from Indonesian , open source is built based on the Linux From Scratch under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testin...

Vulnerability in OpenSSL - BN_mod_exp may produce incorrect results on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible...

Protection Against Port Scanners: Portspoof

The portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure. The general goal of the program is to...

Potential persistent xss in fixCaseInNotifications.jsp

There is a difficult to exploit XSS in fixCaseInNotifications.jsp. We could not get it to trigger, but there are some scenarios where unescaped data can be displayed through fix method correctName, userNameToFix. The relevant code is as follows: code NotificationCaseFixer caseFixer = new...

F5 Device Default Support Password

This F5 Networks system still has the default password set for the support user account. This account normally provides read/write access to the web configuration utility. An attacker could take advantage of this to reconfigure your systems and possibly gain shell access to the system with...