Design/Logic Flaw

The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service infinite loop via a crafted public key to a program that uses HTTPS client...

UBUNTU-CVE-2016-3959

The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service infinite loop via a crafted public key to a program that uses HTTPS client...

CVE-2016-3959

CVE-2016-3959 affects Go before 1.5.4 and 1.6.x before 1.6.1. The Verify function in crypto/dsa/dsa.go does not properly validate parameters passed to the big integer library, potentially allowing a remote attacker to cause a denial of service (infinite loop) via a crafted public key in applicati...

khondab.locopoc.com XSS vulnerability

Vulnerable URL: http://khondab.locopoc.com/q-0x524D-'-alertOPENBUGBOUNTY-' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check...

CVE-2016-1842

MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic...

Design/Logic Flaw

MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic...

CVE-2016-1842

MapKit in Apple iOS before 9.3.2, OS X before 10.11.5, and watchOS before 2.2.1 does not use HTTPS for shared links, which allows remote attackers to obtain sensitive information by sniffing the network for HTTP traffic...

CVE-2016-1801

CVE-2016-1801 affects Apple CFNetwork Proxies in iOS (before 9.3.2), OS X (before 10.11.5), and tvOS (before 9.2.1). The vulnerability is an information leak in the handling of HTTP/HTTPS requests, allowing a privileged network-position attacker to obtain sensitive user data through URL handling....

CVE-2016-1842

CVE-2016-1842 affects MapKit in iOS <9.3.2, OS X <10.11.5, watchOS

CVE-2016-0323

The Auto-Scaling agent in Liberty for Java in IBM Bluemix before 2.7-20160321-1358 allows remote authenticated users to disable X.509 certificate validation, and consequently bypass an intended HTTPS trust-management feature, via unspecified vectors...

CVE-2016-0323

The Auto-Scaling agent in Liberty for Java in IBM Bluemix before 2.7-20160321-1358 allows remote authenticated users to disable X.509 certificate validation, and consequently bypass an intended HTTPS trust-management feature, via unspecified vectors...

CVE-2016-0323

The CVE-2016-0323 issue affects Liberty for Java running in IBM Bluemix when bound to the Auto-Scaling for Bluemix service, specifically versions prior to 2.7-20160321-1358. The Auto-Scaling agent can disable SSL certificate validation, bypassing the HTTPS trust-management feature. The IBM Bluemi...

WiFi-Pumpkin v0.7.5 - Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 2.0.5 Python 2.7 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin chmod +x installer.sh ./installer.sh --install refer t...

About the security content of tvOS 9.2.1

About the security content of tvOS 9.2.1 This document describes the security content of tvOS 9.2.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To...

CVE-2016-0341

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 through 1.0.0.4 do not require HTTPS, which might allow remote attackers to obtain sensitive information by sniffing the network...

Design/Logic Flaw

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 through 1.0.0.4 do not require HTTPS, which might allow remote attackers to obtain sensitive information by sniffing the network...

CVE-2016-0341

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 through 1.0.0.4 do not require HTTPS, which might allow remote attackers to obtain sensitive information by sniffing the network...

CVE-2016-0341

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 through 1.0.0.4 do not require HTTPS, which might allow remote attackers to obtain sensitive information by sniffing the network...

Windows Zero-Day Vulnerability, CVE-2 0 1 6-0 1 6 7: the attack Payment Card data-vulnerability warning-the black bar safety net

2 0 1 6 years 3 month, there has been a batch of economic motivation to the retail, Foodservice and hospitality industry as the target of the attack, these attacks, the message contains a large number of with embedded macros of the Microsoft Word document, once downloaded it will execute a named...

SUSE-SU-2016:1301-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - bsc978061: A vulnerability in ImageMagick's 'https' module allowed users to execute arbitrary shell commands on the host performing the image conversion. The issue had the potential for remote command injection. This update mitigates the...