Seagate Business NAS Firmware Vulnerabilities Disclosed

Firmware running on certain Seagate network-attached storage devices that are popular with small businesses and home offices, are vulnerable to remote attacks. Researchers at Beyond Binary, a security consulting firm in Australia, on Sunday went public with their disclosure after a nearly...

Ubuntu: Security Advisory (USN-2509-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : ca-certificates update (USN-2509-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2509-1 advisory. The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20141019 package. Tenabl...

USN-2509-1: ca-certificates update

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20141019 package...

Memory Corruption Bugs Found in VLC Media Player

There are two memory corruption vulnerabilities in some versions of the VLC open-source media player that can allow an attacker to run arbitrary code on vulnerable machines. Neither one of the vulnerabilities has been fixed by VideoLAN, the organization that maintains VLC. Security researcher...

Mac OS X : Apple Safari < 6.2.2 / 7.1.2 / 8.0.2 Multiple Vulnerabilities

The version of Apple Safari installed on the remote Mac OS X host is a version prior to 6.2.2 / 7.1.2 / 8.0.2. It is, therefore, affected by the following vulnerabilities in WebKit : - An SVG loaded in an IMG element could load a CSS file cross-origin. This can allow data exfiltration...

Google Chrome < 39.0.2171.65 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 39.0.2171.65. It is, therefore, affected by the following vulnerabilities : - A double-free vulnerability exists in the version of Adobe Flash bundled with Chrome which could result in arbitrary code executio...

CVE-2014-7910

Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors...

Code injection

Rockwell Automation Connected Components Workbench CCW before 7.00.00 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an invalid property value to an ActiveX control that was built with an outdated compiler...

CVE-2014-5424

Rockwell Automation Connected Components Workbench CCW before 7.00.00 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via an invalid property value to an ActiveX control that was built with an outdated compiler...

PT-2014-1825 · Red Hat +5 · Red Hat +5

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Linux kernel versions 2.6.32 Linux kernel versions prior to 3.17.4 Description: The issue concerns multiple vulnerabilities in the Linux kernel, specifically affecting Red Hat Enterprise Linux. These vulnerabilities can be...

Ubuntu: Security Advisory (USN-2350-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2350-1 nss update

The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17 which includes the latest CA certificate bundle...

Malicious Google DoubleClick Advertisements Distributed Malware to Millions of Computers

Cyber criminals have exploited the power of two online advertising networks, Google's DoubleClick and popular Zedo advertising agency, to deliver malicious advertisements to millions of internet users that could install malware on a user's computer. A recent report published by the researcher of...

CVE-2013-4444

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file...

UBUNTU-CVE-2013-4444

Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file...

IE to Block Older ActiveX Controls, Starting with Java

Next week’s Microsoft Patch Tuesday security bulletins will not only bring nine new security bulletins but also an update to Internet Explorer that blocks outdated ActiveX controls, starting with Java. Notifications will flag the older ActiveX controls and users will have the option to update the...

Flash Player < 14.0.0.125 (inferred) Multiple Vulnerabilities (APSB14-16)

Binary data 8303.prm...

McAfee VirusScan Enterprise for Linux Detection and Status

McAfee VirusScan Enterprise for Linux VSEL is installed on the remote host. However, there is a problem with the installation; either its services are not running or its engine and/or virus definitions are out of date. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc';...

Target Kill Chain Analysis

Last week, I talked with Wall Street Journal reporter Ben DiPietro about the persistent communications gap between the data center and the board room when it comes to recognizing and tackling security threats: In almost every breach situation after his company completes a forensic analysis, Mr...