Lucene search
+L
CisaMost viewed

4188 matches found

cisa
cisa
•added 2013/01/23 12:0 a.m.•14 views

Cisco Releases Security Advisory for Cisco Wireless LAN Controllers

The Cisco Wireless LAN Controller Cisco WLC product family is affected by multiple vulnerabilities that could potentially cause a denial-of-service condition, allow unauthorized access, or allow an attacker to execute code remotely. Cisco has released software updates that address these...

7.5AI score
Exploits0References1
cisa
cisa
•added 2013/01/08 12:0 a.m.•14 views

Microsoft Releases January 2013 Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Developers Tools, Server Software, and .NET Framework as part of the Microsoft Security Bulletin summary for January 2013. These vulnerabilities could allow remote code execution, elevation of privilege,...

7.2AI score
Exploits0References1
cisa
cisa
•added 2013/01/02 12:0 a.m.•14 views

Microsoft Releases Security Advisory for Internet Explorer

Microsoft has released Security Advisory 2794220 to address a vulnerability in Microsoft Internet Explorer 6, 7, and 8. This vulnerability may allow an attacker to execute arbitrary code if a user accesses a specially crafted website. Microsoft is aware of targeted attacks that attempt to exploit...

7.4AI score
Exploits0References2
cisa
cisa
•added 2012/09/21 12:0 a.m.•14 views

Increased Exploitation in Web Content Management Systems

US-CERT is aware of recent increases in the exploitation of known vulnerabilities in web content management systems CMSs such as Wordpress and Joomla. Compromised CMS installations can be used to host malicious content. US-CERT recommends that users and administrators ensure that their CMS...

7.2AI score
Exploits0References1
cisa
cisa
•added 2012/06/06 12:0 a.m.•14 views

Mozilla Releases Multiple Updates

The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities: Firefox 13.0 Firefox ESR 10.0.5 Thunderbird 13.0 Thunderbird ESR 10.0.5 SeaMonkey 2.10 These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service...

7AI score
Exploits0References5
cisa
cisa
•added 2012/04/24 12:0 a.m.•14 views

RuggedCom Rugged Operating System Vulnerability

RuggedCom Rugged Operating System ROS, used in RuggedCom network infrastructure devices, contains a hard-coded user account with a predictable password. This user account cannot be manually disabled. An attacker who successfully guesses the password may be able to gain complete administrative...

7.2AI score
Exploits0References2
cisa
cisa
•added 2012/03/29 12:0 a.m.•14 views

Google Releases Google Chrome 18.0.1025.142

Google has released Chrome 18.0.1025.142 for Linux, Macintosh, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or perform a cross-site scripting attack. US-CERT encourages...

6.9AI score
Exploits0References1
cisa
cisa
•added 2012/03/22 12:0 a.m.•14 views

Google Releases Google Chrome 17.0.963.83

Google has released Chrome 17.0.963.83 for Linux, Macintosh, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review the Googl...

7.8AI score
Exploits0References1
cisa
cisa
•added 2011/12/21 12:0 a.m.•14 views

Mozilla Releases Firefox 9 and 3.6.25

The Mozilla Foundation has released Firefox 9 and Firefox 3.6.25 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or perform a cross-site scripting attack. US-CERT encourages users and administrators t...

7AI score
Exploits0References2
cisa
cisa
•added 2011/12/02 12:0 a.m.•14 views

Holiday Season Phishing Scams and Malware Campaigns

As the winter holidays are quickly approaching, US-CERT is republishing this entry to increase awareness. In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that take advantage of the winter holidays and holiday shopping season. US-CERT remind...

6.6AI score
Exploits0References6
cisa
cisa
•added 2011/10/25 12:0 a.m.•14 views

Google Releases Chrome 15.0.874.102

Google has released Chrome 15.0.874.102 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to...

7.7AI score
Exploits0References1
cisa
cisa
•added 2011/10/11 12:0 a.m.•14 views

Microsoft Releases October Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Silverlight, Forefront United Access Gateway, and Microsoft Host Integration Server as part of the Microsoft Security Bulletin Summary for October 2011. These vulnerabilities may all...

7.3AI score
Exploits0References4
cisa
cisa
•added 2011/09/14 12:0 a.m.•14 views

Cisco Releases Multiple Security Advisories

Cisco has released two security advisories to address vulnerabilities affecting the CiscoWorks LAN Management Solution, the Cisco Unified Service Monitor, and the Cisco Unified Operations Manager. These vulnerabilities may allow an unauthenticated attacker to execute arbitrary code. US-CERT...

7.8AI score
Exploits0References2
cisa
cisa
•added 2011/08/04 12:0 a.m.•14 views

Microsoft Releases August Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft Office, Microsoft .NET Framework, and Microsoft Developer Tools as part of the Microsoft Security Bulletin Summary for August 2011. These vulnerabilities may allow an attacker to execute...

7.4AI score
Exploits0References2
cisa
cisa
•added 2011/07/13 12:0 a.m.•14 views

Mozilla Releases Firefox 5.0.1

The Mozilla Foundation has released Firefox 5.0.1 to address an issue with Mac OS X 10.7 and Java for Mac OS X 10.6 Update 5. These issues could cause Firefox to crash. US-CERT encourages users and administrators to review the Mozilla Foundation Firefox 5.0.1 Release Notes and apply any necessary...

6.9AI score
Exploits0References1
cisa
cisa
•added 2011/06/01 12:0 a.m.•14 views

Apple Releases Malware Detection Tool

Apple has released Security Update 2011-003 for Mac OS X in response to the recent Mac fake anti-virus software. This update: adds a malware definition to the File Quarantine application causes the File Quarantine application to automatically update its malware definition list daily removes...

6.6AI score
Exploits0References3
cisa
cisa
•added 2011/04/12 12:0 a.m.•14 views

Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat

Adobe has released a security update for Adobe Flash Player to address the vulnerability previously referenced in Adobe Security Advisory APSA11-02. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. Adobe has indicated that...

7.3AI score
Exploits0References3
cisa
cisa
•added 2011/03/25 12:0 a.m.•14 views

Google Releases Chrome 10.0.648.204

Google has released Chrome 10.0.648.204 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry...

7.7AI score
Exploits0References1
cisa
cisa
•added 2011/03/25 12:0 a.m.•14 views

VideoLAN Releases VLC Media Player 1.1.8

VideoLAN has released VLC Media Player 1.1.8 to address two vulnerabilities. These vulnerabilities are due to the improper handling of .AMV and .NSV files. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review...

7.7AI score
Exploits0References1
cisa
cisa
•added 2011/03/14 12:0 a.m.•14 views

Google Releases Chrome 10.0.648.133

Google has released Chrome 10.0.648.133 for Windows, Mac, Linux, and Chrome Frame. This update addresses a vulnerability that may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary update...

7.3AI score
Exploits0References1
cisa
cisa
•added 2011/03/09 12:0 a.m.•14 views

Apple Releases Java Updates for Mac OS X 10.5 and OS X 10.6

Apple has released Java for Mac OS X 10.5 Update 9 and Java for Mac OS X 10.6 Update 4 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple...

7.9AI score
Exploits0References4
cisa
cisa
•added 2011/02/18 12:0 a.m.•14 views

Oracle Releases Critical Patch Update for Java SE and Java for Business

Oracle has released a Critical Patch Update for Java SE and Java for Business. This update addresses multiple vulnerabilities and contains 21 security fixes. US-CERT encourages users and administrators to review the Oracle Java SE and Java for Business Critical Patch Update Advisory for February...

6.8AI score
Exploits0References1
cisa
cisa
•added 2011/02/03 12:0 a.m.•14 views

Microsoft Releases Advance Notification for February Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that its February release will contain 12 bulletins. Three of these bulletins will have the severity rating of critical and will be for Microsoft Windows and Internet Explorer. The remaining bulletins will have a severity...

6.6AI score
Exploits0References1
cisa
cisa
•added 2011/01/12 12:0 a.m.•14 views

Microsoft Security Advisory 2488013

Microsoft Security Advisory 2488013 addresses a vulnerability in Internet Explorer. This advisory has been updated to include Microsoft Fix It 50591 that prevents the recursive loading of CSS style sheets in Internet Explorer as a mitigation for this vulnerability. Exploitation of this...

7.2AI score
Exploits0References4
cisa
cisa
•added 2011/01/07 12:0 a.m.•14 views

Microsoft Internet Explorer 8 use-after-free Vulnerability

US-CERT is aware of a vulnerability affecting Microsoft Internet Explorer 8. This vulnerability is due to improper handling of circular memory references. Exploitation of this vulnerability may allow an attacker to execute arbitrary code in the context of the user or cause a denial-of-service...

7.4AI score
Exploits0References2
cisa
cisa
•added 2010/12/09 12:0 a.m.•14 views

Microsoft Releases Advance Notification for December Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that its December release will contain 17 bulletins. Two of these bulletins will have a severity rating of critical and will be for Microsoft Windows and Internet Explorer. Fourteen of the bulletins will have a severity rati...

6.6AI score
Exploits0References1
cisa
cisa
•added 2010/11/09 12:0 a.m.•14 views

Insecure Loading of Dynamic Link Libraries in Windows Applications

US-CERT is aware of a class of vulnerabilities related to how some Windows applications may load external dynamic link libraries DLLs. When an application loads a DLL without specifying a fully qualified path name, Windows will attempt to locate the DLL by searching a defined set of directories. ...

7.5AI score
Exploits0References10
cisa
cisa
•added 2010/11/04 12:0 a.m.•14 views

Google Releases Chrome 7.0.517.44

Google has released Chrome 7.0.517.41 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates...

7.7AI score
Exploits0References1
cisa
cisa
•added 2010/10/25 12:0 a.m.•14 views

Fraud Advisory for Businesses Released: Corporate Account Take Over

As part of a joint effort, the United States Secret Service, the Federal Bureau of Investigation, the Internet Crime Complaint Center IC3 and the Financial Services Information Sharing and Analysis Center FS-ISAC have released Fraud Advisory for Businesses: Corporate Account Take Over PDF. The...

6.8AI score
Exploits0References1
cisa
cisa
•added 2010/10/18 12:0 a.m.•14 views

RealNetworks Releases Security Update for RealPlayer Vulnerabilities

RealNetworks has issued a Security Update to address multiple vulnerabilities affecting RealPlayer. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the RealNetworks security advisory and apply any necessa...

7.8AI score
Exploits0References1
cisa
cisa
•added 2010/10/14 12:0 a.m.•14 views

RIM Releases Security Advisory for BlackBerry Enterprise Server

RIM has released a security advisory to address a vulnerability in the PDF distiller of the BlackBerry attachment service for the BlackBerry Enterprise Server. This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and...

7.7AI score
Exploits0References1
cisa
cisa
•added 2010/10/07 12:0 a.m.•14 views

Microsoft Releases Advance Notification for October Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that its October release will contain sixteen bulletins. Four bulletins will have the severity rating of critical and will be for Microsoft Windows and Internet Explorer. Ten bulletins will have the severity rating of...

6.6AI score
Exploits0References1
cisa
cisa
•added 2010/09/23 12:0 a.m.•14 views

OpenX Releases Security Update

OpenX has released a security update to address a vulnerability in the 2.8 downloadable version of OpenX. Exploitation of this vulnerability may allow an attacker to compromise the integrity of the server running OpenX. US-CERT encourages users and administrators to review the OpenX "Security...

6.7AI score
Exploits0References2
cisa
cisa
•added 2010/09/21 12:0 a.m.•14 views

Apple Releases Security Update 2010-006

Apple has released security update 2010-006 for Mac OS X and Mac OS X Server to address a vulnerability in the AFP package. This vulnerability may allow an attacker to bypass password validation and obtain sensitive information. The article indicates that this vulnerability does not affect system...

6.6AI score
Exploits0References1
cisa
cisa
•added 2010/09/09 12:0 a.m.•14 views

Malicious Email Campaign Circulating

US-CERT is aware of public reports of malware spreading via email. These reports indicate that the malicious email messages contain the subject line "Here you have" or "Just For You" and contain a link to a seemingly legitimate PDF file. If users click on this link, they will be redirected to a...

6.6AI score
Exploits0References3
cisa
cisa
•added 2010/09/03 12:0 a.m.•14 views

Google Releases Chrome 6.0.472.53

Google has released Chrome 6.0.472.53 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, bypass security restrictions, obtain sensitive information, or conduct spoofing attacks. US-CERT encourages users and...

7.7AI score
Exploits0References1
cisa
cisa
•added 2010/08/31 12:0 a.m.•14 views

Cisco Releases Security Advisory for IOS XR Software Border Gateway Protocol

Cisco has released a security advisory to address a vulnerability in the Cisco IOS XR Software Border Gateway Protocol feature. Exploitation of this vulnerability may result in the continuous resetting of BGP peering sessions, which may cause a denial-of-service condition for affected networks...

6.7AI score
Exploits0References1
cisa
cisa
•added 2010/08/25 12:0 a.m.•14 views

Cisco Releases Advisories for Unified Communications Manager and Unified Presence

Cisco has released security advisories to address multiple vulnerabilities affecting Unified Communications Manager and Unified Presence. These vulnerabilities affect the processing of Session Initiation Protocol SIP messages. Exploitation of these vulnerabilities may allow an attacker to cause a...

6.9AI score
Exploits0References2
cisa
cisa
•added 2010/08/20 12:0 a.m.•14 views

VideoLAN Releases a Security Advisory for VLC Media Player

VideoLAN has released a security advisory to address a vulnerability in VLC Media Player. This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. The updated release also addresses additional issues that could result in a denial-of-service attack...

7.7AI score
Exploits0References1
cisa
cisa
•added 2010/08/13 12:0 a.m.•14 views

Apple Releases QuickTime 7.6.7

Apple has released QuickTime 7.6.7 for Windows to address a vulnerability. This vulnerability is due to a stack buffer overflow that exists in QuickTime error logging. By convincing a user to open a specially crafted movie file, a remote attacker may be able to execute arbitrary code or cause a...

8AI score
Exploits0References1
cisa
cisa
•added 2010/07/28 12:0 a.m.•14 views

Apple Releases Safari 5.0.1 and Safari 4.1.1

Apple has released Safari 5.0.1 and Safari 4.1.1 for Windows and Mac OS X to address multiple vulnerabilities in Safari and WebKit. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information. US-CERT encourages users...

7.5AI score
Exploits0References1
cisa
cisa
•added 2010/07/27 12:0 a.m.•14 views

Google Releases Chrome 5.0.375.125

Google has released Chrome 5.0.375.125 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information. US-CERT encourages users and administrators to review the Google Chrome Releases blog entr...

7.9AI score
Exploits0References1
cisa
cisa
•added 2010/07/26 12:0 a.m.•14 views

Firefox Releases Firefox 3.6.8

The Mozilla Foundation has released Firefox 3.6.8 to address a critical vulnerability. This vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Mozilla Foundation security advisory MFSA 2010-48 and update to Firefox 3.6.8 to hel...

7.6AI score
Exploits0References1
cisa
cisa
•added 2010/05/19 12:0 a.m.•14 views

Apple Releases Updates for Java Mac OS X 10.5 and 10.6

Apple has released Java for Mac OS X 10.5 Update 7 and Java for Mac OS X 10.6 Update 2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple...

7.9AI score
Exploits0References2
cisa
cisa
•added 2010/05/05 12:0 a.m.•14 views

Foxit Releases Foxit Reader 3.3

The Foxit Corporation has released Foxit Reader 3.3 for Windows. This release of Foxit Reader contains a component called Trust Manager. Foxit Reader release notes indicate that the Trust Manager enables users to allow or deny unauthorized actions and data transmission, including URL connection,...

6.6AI score
Exploits0References2
cisa
cisa
•added 2010/04/15 12:0 a.m.•14 views

Cisco Releases Security Advisory

Cisco has released a security advisory to address a vulnerability in Cisco Secure Desktop. Cisco Secure Desktop contains a vulnerable ActiveX control that may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Cisco security advisory...

7.4AI score
Exploits0References2
cisa
cisa
•added 2010/04/13 12:0 a.m.•14 views

Microsoft Releases April Security Bulletin

Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Exchange as part of the Microsoft Security Bulletin Summary for April 2010. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, cause a...

7.5AI score
Exploits0References2
cisa
cisa
•added 2010/04/13 12:0 a.m.•14 views

Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability

The Sun Java Development Toolkit plugin and ActiveX control contain a vulnerability. This vulnerability is due to insufficient argument validation. By convincing a user to visit a specially crafted HTML document, an attacker may be able to exploit this vulnerability and execute an arbitrary JAR...

6.7AI score
Exploits0References1
cisa
cisa
•added 2010/04/05 12:0 a.m.•14 views

Foxit Reader 3.2.1.0401 Released

The Foxit Corporation has released Foxit Reader 3.2.1.0401 to address a critical vulnerability. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Foxit notice regarding the release a...

7.5AI score
Exploits0References2
cisa
cisa
•added 2010/03/23 12:0 a.m.•14 views

Mozilla Releases Firefox 3.6.2

The Mozilla Foundation has released Firefox 3.6.2 to address multiple security issues, including a critical vulnerability that may allow a remote attacker to execute arbitrary code. US-CERT encourages users and administrators to do the following to help mitigate the risks: Review the Firefox 3.6....

7.5AI score
Exploits0References4
Total number of security vulnerabilities4188