1928 matches found
CVE-2013-6734
IBM WebSphere eXtreme Scale Client 7.1 through 8.6.0.4 does not properly isolate the cached data of different users, which allows remote authenticated users to obtain sensitive information in opportunistic circumstances by leveraging access to the same web container...
CVE-2013-6734
CVE-2013-6734 affects IBM WebSphere eXtreme Scale Client versions 7.1.0.x–8.6.0.4 (and WebSphere DataPower XC10 Appliance) where cached HTTP session data can be read by another user when sharing the same web container. The underlying issue is improper isolation of cached data, enabling informatio...
CVE-2013-5394
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecified vectors...
CVE-2013-5390
Cross-site scripting XSS vulnerability in the monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Design/Logic Flaw
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors...
CVE-2013-5394
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 allows remote authenticated users to conduct phishing attacks via unspecified vectors...
CVE-2013-5393
WebSphere eXtreme Scale monitoring console is affected by CVE-2013-5393 due to a logoff handling weakness in versions 7.1.0, 7.1.1, 8.5.0 and 8.6.0. The IBM security bulletin lists the vulnerability and provides remediation: upgrade to WebSphere eXtreme Scale 7.1.1 and apply the interim fix PM974...
CVE-2013-5394
IBM WebSphere eXtreme Scale Monitoring Console (versions 7.1.0, 7.1.1, 8.5.0, 8.6.0) is affected by CVE-2013-5394, a phishing vulnerability reported in the IBM Security Bulletin. The issue arises in the monitoring console and is exploitable by remote authenticated users via unspecified vectors. R...
CVE-2013-5390
CVE-2013-5390 affects IBM WebSphere eXtreme Scale monitoring console (versions 7.1.0, 7.1.1, 8.5.0, 8.6.0). It is a cross-site scripting vulnerability in the monitoring console that allows remote authenticated users to inject arbitrary script/HTML via unspecified vectors. Root cause: XSS in the c...
CVE-2013-5393
The monitoring console in IBM WebSphere eXtreme Scale 7.1.0, 7.1.1, 8.5.0, and 8.6.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors...
DEBIAN-CVE-2013-5003
Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via 1 the scale parameter to pmdpdf.php or 2 the pdfpagenumber parameter to schemaexport.php...
Sql injection
Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via 1 the scale parameter to pmdpdf.php or 2 the pdfpagenumber parameter to schemaexport.php...
masscan
!unittestshttps://github.com/robertdavidgraham/masscan/actio...
Israeli Scientists develop advanced biological computer
Researchers at the Technion-Israel Institute of Technology in Haifa have created an advanced biological computer using only bio molecules such as DNA and enzymes. There's no traditional CPU or hard drive powering the bio-computer, no hardware or software, nor is there any tangible interface to th...
Israeli Scientists develop advanced biological computer
Researchers at the Technion-Israel Institute of Technology in Haifa have created an advanced biological computer using only bio molecules such as DNA and enzymes. There's no traditional CPU or hard drive powering the bio-computer, no hardware or software, nor is there any tangible interface to th...
Cyberwar Name Game a Dangerous Play
SAN JUAN, Puerto Rico – The term “cyberwar” is the “zero day” of security jargon; it’s getting so that every bug is a zero day and every attack is hash-tagged cyberwar. This serves only to distract smart people from making smart decisions. Too much brainpower and bandwidth is being wasted on...
Google Looking Into Hardware to Help Kill the Password
Google is looking at a number of hardware-based authentication mechanisms to bypass one of security’s biggest vulnerabilities: the written password. Wired Magazine got an advanced look at a report submitted by a Google security team for IEEE Security & Privacy Magazine that discusses alternatives...
Costin Raiu on the Red October Cyberespionage Campaign
Dennis Fisher talks with Costin Raiu and Ryan Naraine about the newly uncovered Red October cyberespionage campaign that has targeted embassies, diplomats, research facilities and military targets for more than five years now. Raiu explains the origins of the campaign, where the attackers likely...
Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2013-02)
The nsSVGPathElement::GetPathLengthScale function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary...
Researchers Exploit Cloud Browsers to do Anonymous, Large-Scale Computing
Researchers from two U.S. universities have created a way to anonymously use cloud-based Web browsers to perform large-scale computing tasks – a feat that also demonstrates how hackers might secretly harness massive computing power to launch attacks. Using the MapReduce technique developed by...