Lucene search
+L

119 matches found

hackapp
hackapp
added 2016/04/01 8:51 a.m.27 views

IBM Verse - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application IBM Verse published at the 'play' market has multiple vulnerabilities...

0.9AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 8:51 a.m.11 views

BWL Kennzahlen Free - Dynamic Code Loading, External URLs, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application BWL Kennzahlen Free published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2015/09/18 11:1 a.m.13 views

Google Outlines Plans to Deprecate RC4, SSLv3

As expected, Google formally announced its intent to move away from the stream cipher RC4 and the SSLv3 protocol this week, citing a long history of weaknesses in both. Adam Langley, a security engineer for the company, announced the plans through a blog post on Thursday. While there isn’t a...

7.2AI score
Exploits0References5
Kitploit
Kitploit
added 2015/05/07 9:17 p.m.20 views

Double the bang for your buck with Acunetix Vulnerability Scanner

Acunetix have announced that they are extending their current free offering of the network security scan, part of their cloud-based web and network vulnerability scanner. Those signing up for a trial of the online version of Acunetix vulnerability scanner will now be able to scan their perimeter...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2015/03/23 12:0 a.m.52 views

[SE-2014-02] Google App Engine Java security sandbox bypasses (details)

Hello All, Details of our SE-2014-02 project have been released to the public. A technical writeup and accompanying Proof of Concept codes can be found at the following location: http://www.security-explorations.com/en/SE-2014-02-details.html In case of Google App Engine for Java, its first layer...

Exploits0
The Hacker News
The Hacker News
added 2014/10/16 10:8 p.m.14 views

Hacking Smart Electricity Meters To Cut Power Bills

Smart devices are growing at an exponential pace with the increase in connecting devices embedded in cars, retail systems, refrigerators, televisions and countless other things people use in their everyday life, but security and privacy are the key issues for such applications, which still face...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2014/08/26 12:0 a.m.25 views

Granding MA300 - Weak Pin Encryption Brute Force

source: https://www.securityfocus.com/bid/69390/info Grand MA 300 is prone to multiple security weaknesses. Attackers can exploit these issues to disclose the access pin by sniffing network traffic or perform brute-force attacks on pin to gain unauthorized access. This may aid in other attacks...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.27 views

NXP Semiconductors MIFARE Classic Smartcard - Multiple Security Weaknesses

No description provided by source. source: http://www.securityfocus.com/bid/31853/info MIFARE Classic is prone to multiple security weaknesses: 1. A security weakness may allow attackers to recover the internal state of the linear feedback shift register. 2. A security weakness may allow attacker...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/12/17 3:49 p.m.10 views

Santander BillPay Security Vulnerabilities Patched

Security weaknesses on the Santander Group BillPay website and mobile banking application have been addressed by the financial services organization’s developer Headland after they were exposed less than a week ago. U.K. consultant Paul Moore of Cresona Corp., reported a number of serious...

0.3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2013/11/04 1:51 p.m.5 views

Department of Energy Susceptible to Attack

An audit of the Department of Energy has shown that 29 new weaknesses emerged on the agency’s networks this year in addition to 10 existing that the DoE failed to fix after a 2012 audit. The audit, undertaken by the Office of Inspector General and the Office of Audits and Inspections, revealed...

0.3AI score
Exploits0References1
ThreatPost
ThreatPost
added 2013/09/04 1:20 p.m.12 views

Windows 8 Picture Gesture Authentication Research

Typing on a smartphone or tablet keyboard lends itself to a lot of fat-fingered mistakes. Recent updates to mobile operating systems and desktop OSes such as Windows 8, however, have tried to better leverage the touch screen for things such as authentication. Users, for example, have the option o...

7.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2013/08/01 6:22 p.m.16 views

JavaScript and Timing Attacks Used to Steal Browser Data

LAS VEGAS–Security researchers have been warning about the weaknesses and issues with JavaScript and iframes for years now, but the problem goes far deeper than even many of them thought. A researcher in the U.K. has developed a new technique that uses a combination of JavaScript-based timing...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2013/05/31 7:4 a.m.14 views

Massive 167Gbps DDoS attacks against Banking and Financial Institutions

DDoS attackers attempted to bring down an Banking services earlier this week using one of the largest Distributed denial of service attack using DNS reflection technique. Prolexic, the global leader in Distributed Denial of Service DDoS protection services, announced that it has successfully...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/11/26 12:0 a.m.45 views

Apache Tomcat 7.0.x < 7.0.30 DIGEST Authentication Multiple Security Weaknesses

Binary data 800606.prm...

5CVSS6AI score0.12098EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2012/11/21 12:0 a.m.155 views

Apache Tomcat 5.5.x < 5.5.36 DIGEST Authentication Multiple Security Weaknesses

According to its self-reported version number, the instance of Apache Tomcat 5.5.x listening on the remote host is prior to 5.5.36. It is, therefore, affected by the following vulnerabilities : - Replay-countermeasure functionality in HTTP Digest Access Authentication tracks cnonce values instead...

5CVSS5.8AI score0.12098EPSS
Exploits2References4
ThreatPost
ThreatPost
added 2012/08/06 6:9 p.m.161 views

Microsoft Releases Attack Surface Analyzer Tool

Microsoft has released a public version of its internal Attack Surface Analyzer tool, which helps organizations identify changes to a system’s attack surface as new applications are added. The tool has been in beta for a few months, but this is the first official release. The Attack Surface...

9.3CVSS0.4AI score0.99945EPSS
Exploits33References1
ThreatPost
ThreatPost
added 2012/04/11 6:47 p.m.5 views

Interview: Android Engineered To Enable Data Harvesting

We wrote yesterday about research by Paul Brodeur of Leviathan Security Group on security weaknesses that are built into Google’s Android mobile operating system. Brodeur was able to show, using a proof of concept application, that Android applications without any permissions can still access fil...

7AI score
Exploits0References6
ThreatPost
ThreatPost
added 2011/09/07 5:18 p.m.11 views

Are Some Certificate Authorities Too Big To Fail?

In the wake of this weekend’s revelations of the seriousness of the attack on certificate authority DigiNotar, security experts have renewed criticism of the Internet’s digital certificate infrastructure, with some wondering if larger certificate authorities CAs might be too big to fail...

0.8AI score
Exploits0References5
ThreatPost
ThreatPost
added 2011/07/08 5:38 p.m.16 views

Siemens Warns of Password Vulnerability in SCADA Software

Siemens AG issued an advisory to customers on Tuesday warning of a weakness in its Simatic S7 programmable logic controllers that could allow a remote attacker to intercept and decipher passwords, or change the configuration of the devices. Siemens advised customers to restrict physical and logic...

0.3AI score
Exploits0References6
The Hacker News
The Hacker News
added 2011/07/06 3:1 p.m.2 views

Italian Universities dump database Leaked by LulzStorm

Italian Universities dump database Leaked byLulzStorm LulzStorm , Another Antisec supporter leaked Italian Universities dump database via a tweet on twitter. He release a torrent link and a Mediafire mirror link with a archive of 2.74 Mb. This Archive Include hacked database if 18 Italian...

7.1AI score
Exploits0
Rows per page
Query Builder