3943 matches found
Google Releases Google Chrome 27.0.1453.93
Google has released Google Chrome 27.0.1453.93 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial-of-service condition, obtain sensitive information, or execute arbitrary code. US-CERT encourages use...
Mozilla Releases Multiple Updates
The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities. Firefox 21.0 Firefox ESR 17.0.6 Thunderbird 17.0.6 Thunderbird ESR 17.0.6 These vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtai...
Adobe Releases Security Updates for Adobe Flash Player
Adobe has released security updates for Adobe Flash Player to address multiple vulnerabilities. These vulnerabilities could cause a denial-of-service condition and potentially allow an attacker to execute arbitrary code and take control of an affected system. The following versions of Adobe Flash...
Security Updates Available for Adobe Reader and Acrobat
Adobe has released security updates for Adobe Reader and Acrobat to address multiple vulnerabilities. These vulnerabilities could cause a crash and potentially allow an attacker to take control of an affected system. The following versions of Adobe Reader and Acrobat are affected: Adobe Reader XI...
Microsoft Releases Security Advisory for Internet Explorer
Microsoft is investigating public reports of a remote code execution vulnerability in Internet Explorer 8 and is aware of attacks that attempt to exploit this vulnerability. This vulnerability may allow an attacker to execute arbitrary code if a user accesses a specially crafted website. Microsof...
SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey
SEC Consult Vulnerability Lab Security Advisory 20130417-0 ======================================================================= title: Multiple vulnerabilities in Sosci Survey product: Sosci Survey vulnerable version: 2.3.04a fixed version: 2.3.04a impact: Critical homepage:...
Oracle Releases April 2013 Security Advisory
Oracle has released its Critical Patch Update for April 2013 to address 128 vulnerabilities across multiple products. This update contains the following security fixes: 4 for Oracle Database Server 29 for Oracle Fusion Middleware 6 for Oracle E-Business Suite 3 for Oracle Supply Chain Products...
Sosci Survey 2.x Bypass / XSS / Command Execution
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities in Sosci Survey product: Sosci Survey vulnerable version: 2.3.04a fixed version: 2.3.04a impact: Critical homepage: https://www.soscisurvey.de...
Sosci Survey - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/59278/info Sosci Survey is prone to following security vulnerabilities: 1. An unauthorized-access vulnerability 2. Multiple cross-site scripting vulnerabilities 3. Multiple HTML-injection vulnerabilities 4. A PHP code-execution vulnerability Successful...
Google Releases Google Chrome 26.0.1410.57
Google has released Google Chrome 26.0.1410.57 for all Chrome OS devices to address a vulnerability. This vulnerability could allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Release blog entry and follow best-practice security...
Adobe Releases Security Updates for Adobe Flash Player
Adobe has released security updates for Adobe Flash Player. These vulnerabilities could potentially allow an attacker to take control of an affected system or cause a denial-of-service condition. Adobe has released updates to the following products: Adobe Flash Player 11.6.602.180 and earlier...
Adobe Releases Security Update for ColdFusion
Adobe has released a security hotfix for Adobe ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX to address multiple vulnerabilities. These vulnerabilities could allow an unauthorized user to bypass authentication controls. US-CERT recommends that users and administrators review...
Microsoft Releases April 2013 Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Internet Explorer, Server Software, and Security Software as part of the Microsoft Security Bulletin summary for April 2013. These vulnerabilities could allow remote code execution, elevation of privilege,...
Mozilla Releases Multiple Updates
The Mozilla Foundation has released updates to address multiple vulnerabilities. These vulnerabilities could allow an attacker to initiate a cross-site scripting attack or obtain sensitive information, enable privilege escalation or execute arbitrary code, or cause a denial-of-service condition...
[Bluelog v1.1.1] Simple Bluetooth Scanner
Bluelog is a simple Bluetooth scanner designed to tell you how many discoverable devices there are in an area as quickly as possible. It is intended to be used as a site survey tool, identifying the number of possible Bluetooth targets there are in the surrounding environment. Changelog v1.1.1...
Recent Reports of DHS-Themed Ransomware (UPDATE)
US-CERT has received reports of increased activity concerning an apparently DHS-themed ransomware malware infection occurring in the wild. Users who are being targeted by the ransomware receive a message claiming that use of their computer has been suspended and that the user must pay a fine to...
Apple Releases iOS 6.1.3
Apple has released iOS 6.1.3 for the iPhone 3GS or later, iPod touch 4th generation or later, and iPad 2 or later to address multiple vulnerabilities. These vulnerabilities may allow an attacker to operate with elevated privileges, bypass security features or execute arbitrary code. US-CERT...
Askiaweb survey application contains multiple vulnerabilities
Overview The Askiaweb survey application contains multiple vulnerabilities. Description The Askiaweb survey application contains multiple vulnerabilities.CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' - CVE-2013-0123 The administration interface for the...
Google Releases Google Chrome 25.0.1364.173
Google has released Google Chrome 25.0.1364.173 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to cause a denial-of-service condition or execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update ...
Apple Releases OS X v10.8.3 and Security Update 2013-001
Apple has released OS X v10.8.3 and Security Update 2013-001 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, bypass authentication, leverage additional attacks, cause a denial-of-service condition or obtain sensitive information. US-CERT...