Zimperium Program Buys Exploits for Patched Mobile Vulnerabilities

Mobile security company Zimperium said Tuesday that it will start buying exploits, but in a departure from most other programs, it will not be buying zero-days. The company’s N-Days Exploit Acquisition Program will pay researchers from a pool of $1.5 million for exploits targeting vulnerabilities...

frankonia.de XSS vulnerability

Vulnerable URL: http://www.frankonia.de/Hemd+SlimFit/Brandit/Ansicht.html?Artikelnummer=264878=63074'"--=Ratingbox Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 14:52 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alex...

hexal.de XSS vulnerability

Vulnerable URL: http://www.hexal.de/praeparate/arzneimittel.php?fachkreise=false Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 214156 VIP website status:| No Check hexal.de SSL connection:| Grade: A Coordinated...

CVE-2017-3286

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...

CVE-2017-3246

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...

CVE-2017-3246

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...

Design/Logic Flaw

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...

Design/Logic Flaw

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...

CVE-2017-3246

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure...

CVE-2017-3246

The CVE-2017-3246 entry refers to a vulnerability in the Oracle Application Object Library (Patching) within Oracle E-Business Suite. Affected supported versions include 12.1.3, 12.2.3, 12.2.4, 12.2.5, and 12.2.6. The issue is described as easily exploitable by a high-privilege attacker who has l...

CVE-2017-3286

Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite subcomponent: Patching. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where...

dermomarket.com XSS vulnerability

Vulnerable URL: http://www.dermomarket.com/index.php?do=catalog/results=%3C/script%3E%3Cscript%3Ealert%28%22OPENBUGBOUNTY%22%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 14:21 GMT Vulnerability type:| XSS Vulnerability status...

About the security content of Safari 9.1.1 - Apple Support

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website. For information about...

maison-domotique.fr XSS vulnerability

Vulnerable URL: http://maison-domotique.fr/rechercher.php?rechercher=%22%3E%3C/title%3E%27%3E;%3C/script%3E%3Csvg/onload=alert/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2017-00996)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. A local security vulnerability exists in Oracle E-Business Suite versions 12.1.3, 12.2.3, 12.2.4, 12.2.5, and 12.2.6. An attacker could exploit this...

Oracle E-Business Suite Local Security Vulnerability

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. Oracle E-Business Suite has a local security...

service.upc.ie XSS vulnerability

Vulnerable URL: http://service.upc.ie/cckservices/outage?customerid=76501367="&=1404134638485 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

FTC Issues Public Challenge to Improve IoT Patching

Admittedly, patching existing connected devices in the wild is easier said than done. But that’s not deterring the Federal Trade Commission from soliciting help in finding a solution. The U.S. government agency today announced the kickoff of the FTC IoT Home Inspector Challenge, a prize contest...

FBI-DHS Report Links Fancy Bear Gang to Election Hacks

In a report released Thursday the Federal Bureau of Investigation and the US Department of Homeland Security implicated Russian hacking group Fancy Bear in attacks against several election-related targets. According to the Joint Analysis Report, the hacking group Fancy Bear, believed to have ties...

coraltravel.al XSS vulnerability

Vulnerable URL: http://coraltravel.al/post.php?id=247'" Details: Description| Value ---|--- Patched:| Yes, at 25.11.2017 Latest check for patch:| 25.11.2017 09:50 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 19464627 VIP website status:| No Check coraltravel....