Lucene search
K

644 matches found

Malwarebytes
Malwarebytes
added 2018/12/21 5:30 p.m.119 views

Smart speakers: Christmas treat or lump of coal?

Christmas is nearly upon us, and thoughts are perhaps turning to various digital presents of a “smart” nature. Home security, hubs, speakers, cameras, and mashups of all of those and more besides. With regards to speakers, the most immediate pieces of your home are theoretically at your beck and...

0.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/06/22 5:58 p.m.72 views

The Effects of Iran's Telegram Ban

The Center for Human Rights in Iran has released a report outlining the effect's of that country's ban on Telegram, a secure messaging app used by about half of the country. The ban will disrupt the most important, uncensored platform for information and communication in Iran, one that is used...

6.9AI score
Exploits0
OSV
OSV
added 2018/06/11 9:29 p.m.1 views

DEBIAN-CVE-2017-7752

A use-after-free vulnerability during specific user interactions with the input method editor IME in some languages due to how events are handled. This results in a potentially exploitable crash but would require specific user interaction to trigger. This vulnerability affects Firefox 54, Firefox...

8.8CVSS9.1AI score0.02026EPSS
Exploits0References1
Adobe
Adobe
added 2018/04/10 12:0 a.m.27 views

APSB18-15 Security update available for the Adobe PhoneGap Push plugin

Adobe has released an update for the Adobe PhoneGap Push plugin. This update resolves a Same-Origin Method Execution SOME vulnerability CVE-2018-4943 that exists in PhoneGap apps built with the affected version of the Push plugin. This vulnerability could be exploited to trick users of PhoneGap...

8.8CVSS3.8AI score0.0687EPSS
Exploits0Affected Software1
Kitploit
Kitploit
added 2018/02/04 1:30 p.m.16 views

IDAsec - IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform

IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform Features Decoding an instruction in DBA IR Loading execution traces generated by Pinsec Triggering analyzes on Binsec and retrieving results Dependencies protobuf ZMQ capstone for trace disassembly graphviz to dr...

7.5AI score
Exploits0References1
Schneier on Security
Schneier on Security
added 2017/04/27 11:20 a.m.10 views

Reading Analytics and Privacy

Interesting paper: "The rise of reading analytics and the emerging calculus of reading privacy in the digital world," by Clifford Lynch: Abstract: This paper studies emerging technologies for tracking reading behaviors "reading analytics" and their implications for reader privacy, attempting to...

6.9AI score
Exploits0
Cvelist
Cvelist
added 2017/04/23 5:37 a.m.24 views

CVE-2017-8061

drivers/media/usb/dvb-usb/dvb-usb-firmware.c in the Linux kernel 4.9.x and 4.10.x before 4.10.7 interacts incorrectly with the CONFIGVMAPSTACK option, which allows local users to cause a denial of service system crash or memory corruption or possibly have unspecified other impact by leveraging us...

7.9AI score0.00429EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2017/03/14 6:50 p.m.27 views

CVE-2017-2998

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution...

9.3CVSS6AI score0.0836EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2017/03/14 4:59 p.m.26 views

CVE-2017-2998

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution...

9.3CVSS7.3AI score0.04066EPSS
Exploits0References2
Prion
Prion
added 2017/03/14 4:59 p.m.19 views

Memory corruption

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution...

9.3CVSS8.9AI score0.04066EPSS
Exploits0References5Affected Software2
Cvelist
Cvelist
added 2017/03/14 4:0 p.m.24 views

CVE-2017-2998

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution...

9AI score0.04066EPSS
Exploits0References5
CVE
CVE
added 2017/03/14 4:0 p.m.87 views

CVE-2017-2998

CVE-2017-2998 is a memory corruption vulnerability in Adobe Flash Player ≤ 24.0.0.221, specifically in the Primetime TVSDK API functionality related to timeline interactions that could enable arbitrary code execution. Public postings in multiple advisories confirm a remote, user-triggered risk wi...

9.3CVSS8.9AI score0.04066EPSS
Exploits0References5Affected Software1
n0where
n0where
added 2017/03/04 6:45 p.m.100 views

Android Package Inspector: Inspeckage

Inspeckage is a tool developed to offer dynamic analysis of Android applications. By applying hooks to functions of the Android API, Inspeckage will help you understand what an Android application is doing at runtime. Inspeckage will let you interact with some elements of the app, such as...

7.1AI score
Exploits0References1
CVE
CVE
added 2017/02/17 7:45 a.m.91 views

CVE-2017-5017

CVE-2017-5017 affects Google Chrome on macOS prior to 56.0.2924.76, tied to an uninitialized memory access in WebM video support that could allow an attacker to extract image fragments via a crafted page on systems with GeForce 8600M GPUs. The issue is a concrete, vendor-reported memory vulnerabi...

4.3CVSS5AI score0.01249EPSS
Exploits0References7Affected Software1
Hacker One
Hacker One
added 2017/01/07 12:59 a.m.49 views

Shopify: apps.shopify.com - CSRF token leakage through Google Analytics

Description: When a user tries to send a support a message to an app developer in apps.shopify.com , he will be asked to login and once he is logged in , he will be redirected to apps.shopify.com/appid?authenticitytoken=currentuserauthenticitytoken. Developers can track their app page view in...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2016/08/17 12:0 a.m.78 views

PHP < 5.5.37, 5.6.x < 5.6.23, 7.x < 7.0.8 Multiple Vulnerabilities (Aug 2016) - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

9.8CVSS8.7AI score0.09674EPSS
Exploits8References7
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.4 views

The vulnerability of the Firefox browser, which allows a malicious actor to compromise the integrity and accessibility of protected information

The vulnerability exists in Mozilla Firefox due to an incorrect limitation on event handling, which replaces events related to configuration changes. Exploiting this vulnerability allows malicious actors to remotely alter the positions of icons on the user interface by using specially crafted...

5.8CVSS6.5AI score0.02138EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

The vulnerability in the Firefox ESR software allows a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information.

The use of this feature after release in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox ESR allows malicious actors operating remotely to execute arbitrary code or cause service failures errors when working with dynamic memory through SVG animations that interact with the...

10CVSS7.5AI score0.05801EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/05/14 9:0 p.m.22 views

CVE-2016-1664

The HistoryController::UpdateForCommit function in content/renderer/historycontroller.cc in Google Chrome before 50.0.2661.94 mishandles the interaction between subframe forward navigations and other forward navigations, which allows remote attackers to spoof the address bar via a crafted web sit...

5.8AI score0.0098EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2015/09/09 12:0 a.m.68 views

Microsoft Windows Task Management Privilege Elevation Vulnerabilities (3089657)

This host is missing an important security update according to Microsoft Bulletin MS15-102. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2CVSS5AI score0.32712EPSS
Exploits3References3
Rows per page
Query Builder