Avaya Patches Remote Code Execution Flaw in Aura

Internet telephony company Avaya has patched a high-severity vulnerability in its Aura Application Enablement Services product that put phone call and API data running through the server at risk for interception. Researchers at Digital Defense found a vulnerability where an attacker could, withou...

U.S. Dept Of Defense: Insecure Direct Object Reference on in-scope .mil website

Summary: A web form in a .mil website doesn't implement restriction against multiple failed attempts to place an ID in order to obtain users information or cancel an ongoing process. Description: Websites https://█████████/appointment/lookup.aspx?a=f and...

Arbitrary User Registration Vulnerability in BBCBuilder E-Commerce System

BBCBuilder is a b2b2c model developed by Yuanfeng Company, which supports the e-commerce system of platform self-supporting and supplier store coexistence mode. Version 2.6.1 of the BBCBuilder e-commerce system contains an arbitrary user registration vulnerability that allows an attacker to...

The vulnerability of the software system for managing enterprise assets in IBM Maximo Asset Management allows a perpetrator to gain access to another user’s session.

The vulnerability of the session identifier of the IBM Maximo Asset Management software management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to intercept a session or gain access to another user’s...

Panda Mobile Security for iOS Man-in-the-Middle Attack Vulnerability

Panda Mobile Security for iOS is a mobile antivirus product for iOS developed by the Spanish company Panda Security. The product protects mobile networks from viruses, spyware, hackers and other Internet threats. A security vulnerability exists in version 1.1 of Panda Mobile Security for iOS. An...

Atlassian Hipchat for iOS Man-in-the-Middle Attack Vulnerability

Atlassian Hipchat for iOS is a suite of team chat tools for iOS from the Australian company Atlassian that supports group and 1-to-1 voice and video chat with screen sharing. A security vulnerability exists in Atlassian HipChat for iOS versions prior to 3.16.2. An attacker can exploit the...

CVE-2017-8059

Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information username/password, in addition to the static authentication token if t...

CVE-2017-8058

Acceptance of invalid/self-signed TLS certificates in Atlassian HipChat before 3.16.2 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call...

Authentication flaw

Acceptance of invalid/self-signed TLS certificates in "Foxit PDF - PDF reader, editor, form, signature" before 5.4 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept login information username/password, in addition to the static authentication token if t...

CVE-2017-5901

The State Bank of India State Bank Anywhere app 5.1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2017-8059

Foxit PDF (iOS) before version 5.4 is vulnerable to accepting invalid/self-signed TLS certificates, enabling a passive or proximity attacker to perform a MITM and silently intercept login credentials (username/password) and an existing authentication token. Root cause: improper TLS certificate va...

Unpatched WordPress Password Reset Vulnerability Lingers

A zero-day vulnerability exists in WordPress Core that in some instances could allow an attacker to reset a user’s password and gain access to their account. Researcher Dawid Golunski of Legal Hackers disclosed the vulnerability on Wednesday via his new ExploitBox service. All versions of...

EulerOS 2.0 SP1 : squid (EulerOS-SA-2016-1025)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility ...

Starscream 2.0.3 SSL Pinning Bypass Vulnerability

WebSocket.swift in Starscream versions 2.0.3 and below allows an SSL Pinning bypass because of incorrect management of the certValidated variable it can be set to true but cannot be set to false. An attacker can achieve traffic interception from a man-in-the-middle position, first by resetting th...

Schneider Electric Modicon PLC Multiple Authentication Bypass Vulnerability (CNVD-2017-04918)

Modicon PLCs are programmable controller products used in industries such as dams, energy, food and agriculture, and more. A multiple authentication bypass vulnerability exists in the Schneider Electric Modicon PLC, where an attacker accessing the OT network could intercept traffic to the target...

Huawei HiSuite Man-in-the-Middle Attack Vulnerability

Huawei HiSuite is a set of cell phone assistant software for PC from Huawei, China. A security vulnerability exists in Huawei HiSuite version 4.0.5.300OVE due to the program using unencrypted HTTP to download upgrade packages and failing to check the integrity of the packages before installation...

The vulnerability of the Kernel Samepage Merging (KSM) component in the Linux operating system allows a hacker to influence the confidentiality of information.

The vulnerability of the Linux operating system’s Kernel Samepage Merging KSM component is related to the lack of protection for service data when the ASLR mechanism is used. Exploiting this vulnerability allows a local attacker to partially compromise the confidentiality of information through a...

Information disclosure

IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to...

CVE-2016-8960

IBM Cognos Business Intelligence 10.2 could allow a user with lower privilege Capabilities to adopt the Capabilities of a higher-privilege user by intercepting the higher-privilege user's cookie value from its HTTP request and then reusing it in subsequent requests. IBM Reference : 1993718...

LastPass websiteConnector.js content script allows proxying internal RPC commands

noticed this entry in the contentscript array from the LastPass manifest: "matches": "https://1min-ui-prod.service.lastpass.com/" , "js": "1minsignup/chrome/websiteConnector.js" , "allframes": true, "runat": "documentend" , That's a content script that is only used for one specific lastpass.com...