Databáze Hot News 2015 December - 2015 January February March April May June July August September October November December
31.12.2015
Bugtraq
Joomla 1.5.x to 3.4.5 Object Injection Exploit (golang) 2015-12-31
irancrash gmail com
Executable installers are vulnerable^WEVIL (case 16): Trend Micro's installers allows arbitrary (remote) code execution 2015-12-31
Stefan Kanthak (stefan kanthak nexgo de)
FTPShell Client v5.24 Buffer Overflow 2015-12-30
apparitionsec gmail com
[oCERT 2015-012] Ganeti multiple issues 2015-12-30
Daniele Bianco (danbia ocert org)
WebKitGTK+ Security Advisory WSA-2015-0002 2015-12-28
Carlos Alberto Lopez Perez (clopez igalia com)
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
riusksk qq com
Malware
Phishing
Amazon | 30th December 2015 |
Tesco | 30th December 2015 |
PAY.SERVICE ✔ | 30th December 2015 |
Microsoft | 30th December 2015 |
Microsoft | 30th December 2015 |
margaretabprwu | 30th December 2015 |
Barclays | 30th December 2015 |
Accounting | 30th December 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
30.12.2015
Bugtraq
[oCERT 2015-012] Ganeti multiple issues 2015-12-30
Daniele Bianco (danbia ocert org)
Malware
Phishing
PAYPAI SERVICE | 30th December 2015 |
Were investigating a paypaI | |
Chase | 29th December 2015 |
markecyrv | 29th December 2015 |
Vulnerebility
SANS News
Actor using Rig EK to deliver Qbot - update
Threatpost
Exploit
Simple Ads Manager 2.9.4.116 - SQL Injection
FTPShell Client 5.24 - Buffer Overflow
DeleGate 9.9.13 - Local Root Vulnerability
29.12.2015
Bugtraq
WebKitGTK+ Security Advisory WSA-2015-0002 2015-12-28
Carlos Alberto Lopez Perez (clopez igalia com)
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
riusksk qq com
Malware
Trojan:BAT/Zuquitache
Ransom:MSIL/Zuquitache.A
Phishing
Jeff Skoll | 29th December 2015 |
S e c u r i t y A L E R T | 29th December 2015 |
MRS. ELLAIN ELLIOT | 28th December 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
28.12.2015
Bugtraq
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
riusksk qq com
Malware
Phishing
Capital One 360 | 28th December 2015 |
Paypal | 28th December 2015 |
Carmen Thompson | 28th December 2015 |
Barclays | 28th December 2015 |
JAMES F. ENTWISTLE | 28th December 2015 |
....Get paid $25 for each emai | 28th December 2015 |
Vulnerebility
SANS News
hashcat and oclHashcat are now open source
Threatpost
Exploit
27.12.2015
Bugtraq
libtiff: invalid write (CVE-2015-7554) 2015-12-26
Hans Jerry Illikainen (hji dyntopia com)
AccessDiver V4.301 Buffer Overflow 2015-12-26
apparitionsec gmail com
Malware
Phishing
michael swartz | 27th December 2015 |
NatWest | 26th December 2015 |
Chase | 25th December 2015 |
Account Support | 25th December 2015 |
Vulnerebility
Google Chrome Prior to 47.0.2526.106 Multiple Remote Code Execution Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/79348
libxml2 CVE-2015-7500 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79562
Mozilla Firefox Multiple Security Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/79279
Libxml2 'xmlParseConditionalSections()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79507
libxml2 CVE-2015-7498 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79548
Libxml2 CVE-2015-1819 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/75570
Libxml2 'xmlDictComputeFastQKey()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79508
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77621
libxml2 CVE-2015-5312 XML Entity Expansion Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79536
Libxml2 'xmlGROW()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79509
libxml2 Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/77681
Libxml2 'parser.c' Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77390
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/74241
Foxit Reader Local Privilege Escalation Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77041
QEMU 'hw/net/pcnet.c' Remote Buffer Overflow Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78230
QEMU 'hw/net/pcnet.c' Heap Based Buffer Overflow Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78227
Dnsmasq CVE-2015-3294 Remote Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/74452
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77544
Linux Kernel 'btrfs/inode.c' Information Disclosure Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78219
Linux kernel CVE-2013-7446 Use After Free Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77638
Red Hat Enterprise Linux 'USB Device Descriptor' Local Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77030
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77524
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78623
Xen 'hvm/irq.c' Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79644
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77280
SANS News
Threatpost
Exploit
EasyCafe Server <= 2.2.14 Remote File Read
25.12.2015
Bugtraq
Malware
Phishing
Account Team | 25th December 2015 |
PayPaI Inc | 25th December 2015 |
Vulnerebility
Foxit Reader Local Privilege Escalation Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77041
QEMU 'hw/net/pcnet.c' Remote Buffer Overflow Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78230
QEMU 'hw/net/pcnet.c' Heap Based Buffer Overflow Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78227
Dnsmasq CVE-2015-3294 Remote Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/74452
Google Chrome Prior to 47.0.2526.106 Multiple Unspecified Security Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79348
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77544
Linux Kernel 'btrfs/inode.c' Information Disclosure Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78219
Linux kernel CVE-2013-7446 Use After Free Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77638
Red Hat Enterprise Linux 'USB Device Descriptor' Local Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77030
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77524
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78623
Xen 'hvm/irq.c' Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79644
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77280
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77283
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/75525
SANS News
Threatpost
Exploit
Rips Scanner 0.5 - (code.php) Local File Inclusion
24.12.2015
Bugtraq
[SECURITY] [DSA 3430-1] libxml2 security update 2015-12-23
Salvatore Bonaccorso (carnil debian org)
Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege 2015-12-23
Stefan Kanthak (stefan kanthak nexgo de)
[slackware-security] blueman (SSA:2015-356-01) 2015-12-23
Slackware Security Team (security slackware com)
Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16 2015-12-22
LpSolit gmail com
Malware
Phishing
support account | 24th December 2015 |
Tesco plc. | 23rd December 2015 |
Vulnerebility
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77524
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77280
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77283
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/75525
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/76317
OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76497
OpenSSH Login Handling Security Bypass Weakness
2015-12-24
http://www.securityfocus.com/bid/75990
gdk-pixbuf Heap Buffer Overflow and Denial of Service Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/76953
Gnome GdkPixbuf 'pixops.c' Heap Based Buffer Overflow Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76955
LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/62060
Wireshark '/wiretap/pcapng.c' Remote Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77101
ISC BIND CVE-2015-8000 Remote Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79349
RETIRED: Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/78723
Cisco Web Security Appliance CVE-2015-6290 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76687
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-24
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-24
http://www.securityfocus.com/bid/44484
SANS News
Threatpost
Exploit
Rips Scanner 0.5 - (code.php) Local File Inclusion
23.12.2015
Bugtraq
[slackware-security] blueman (SSA:2015-356-01) 2015-12-23
Slackware Security Team (security slackware com)
Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16 2015-12-22
LpSolit gmail com
ESA-2015-179: EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)
ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)
Aeris Calandar v2.1 - Buffer Overflow Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Switch v4.68 - Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Lithium Forum - (previewImages) Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Malware
TrojanSpy:Win32/Nivdort.CM
TrojanDropper:Win32/Zelug.A
Backdoor:Win32/Zelug.B
TrojanDownloader:VBS/Reywals.A
Backdoor:MSIL/Medirot.A
Phishing
Mia Zhang | 23rd December 2015 |
ANZ BANK | 23rd December 2015 |
Vulnerebility
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77524
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77280
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77283
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/75525
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/76317
OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76497
OpenSSH Login Handling Security Bypass Weakness
2015-12-23
http://www.securityfocus.com/bid/75990
gdk-pixbuf Heap Buffer Overflow and Denial of Service Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/76953
Gnome GdkPixbuf 'pixops.c' Heap Based Buffer Overflow Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76955
LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/62060
Wireshark '/wiretap/pcapng.c' Remote Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77101
ISC BIND CVE-2015-8000 Remote Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79349
RETIRED: Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/78723
Cisco Web Security Appliance CVE-2015-6290 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76687
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-23
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-23
http://www.securityfocus.com/bid/44484
SANS News
Libraries and Dependencies - It Really is Turtles All The Way Down!
Threatpost
Juniper Backdoor Picture Getting Clearer
Yahoo to Warn Users of State-Sponsored Attacks
Exploit
Bigware Shop 2.3.01 - Multiple Local File Inclusion Vulnerabilities
Grawlix 1.0.3 - CSRF Vulnerability
Arastta 1.1.5 - SQL Injection Vulnerabilities
PhpSocial 2.0.0304_20222226 - CSRF Vulnerability
PHP 7.0.0 - Format String Vulnerability
22.12.2015
Bugtraq
ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)
Aeris Calandar v2.1 - Buffer Overflow Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Switch v4.68 - Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Lithium Forum - (previewImages) Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Western Union CN Bug Bounty #6 - Client Side Cross Site Scripting Web Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
[RT-SA-2015-013] Symfony PHP Framework: Session Fixation In "Remember Me" Login Functionality 2015-12-22
RedTeam Pentesting GmbH (release redteam-pentesting de)
Executable installers are vulnerable^WEVIL (case 14): Rapid7's ScanNowUPnP.exe allows arbitrary (remote) code execution 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
[security bulletin] HPSBHF03419 rev.1 - HP Network Products including H3C routers and switches, Remote Denial of Service (DoS), Unauthorized Access. 2015-12-21
security-alert hpe com
Malware
TrojanDownloader:Win32/Ponmocup.A
Phishing
Vulnerebility
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/75525
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/76317
OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76497
OpenSSH Login Handling Security Bypass Weakness
2015-12-22
http://www.securityfocus.com/bid/75990
gdk-pixbuf Heap Buffer Overflow and Denial of Service Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/76953
Gnome GdkPixbuf 'pixops.c' Heap Based Buffer Overflow Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76955
LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/62060
Wireshark '/wiretap/pcapng.c' Remote Denial of Service Vulnerability
2015-12-22
http://www.securityfocus.com/bid/77101
ISC BIND CVE-2015-8000 Remote Denial of Service Vulnerability
2015-12-22
http://www.securityfocus.com/bid/79349
RETIRED: Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78723
Cisco Web Security Appliance CVE-2015-6290 Denial of Service Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76687
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-22
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-22
http://www.securityfocus.com/bid/44484
GNU Wget CVE-2010-2252 Arbitrary File Overwrite Vulnerability
2015-12-22
http://www.securityfocus.com/bid/65722
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-22
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-22
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-22
http://www.securityfocus.com/bid/71762
SANS News
Threatpost
Exploit
Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read
Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read
21.12.2015
Bugtraq
ESA-2015-177: RSA SecurID(r) Web Agent Authentication Bypass Vulnerability 2015-12-21
Security Alert (Security_Alert emc com)
giflib: heap overflow in giffix (CVE-2015-7555) 2015-12-21
Hans Jerry Illikainen (hji dyntopia com)
Executable installers are vulnerable^WEVIL (case 13): ESET NOD32 antivirus installer allows remote code execution with escalation of privilege 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
Almost no resp. only some mitigation(s) for "DLL hijacking" via load-time dependencies 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password 2015-12-18
KoreLogic Disclosures (disclosures korelogic com)
Malware
TrojanSpy:Win32/Nivdort.CT
TrojanSpy:Win32/Nivdort.CS
TrojanSpy:Win32/Nivdort.CR
TrojanSpy:Win32/Nivdort.CP
TrojanSpy:Win32/Nivdort.CH
TrojanDownloader:JS/Swabfex
Phishing
USAA Online Banking | 21st December 2015 |
App.support | 21st December 2015 |
Service Inc | 20th December 2015 |
PayPal | 20th December 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-21
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-21
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77507
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77160
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-21
http://www.securityfocus.com/bid/77238
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74119
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-21
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-0491 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74094
SANS News
Threatpost
Exploit
Ovidentia online Module 2.8 - GLOBALS[babAddonPhpPath] Remote File Inclusion
Ovidentia Widgets 1.0.61 - Remote Command Execution Exploit
Notepad++ NPPFtp Plugin 0.26.3 - Buffer Overflow
Base64 Decoder 1.1.2 - SEH OverWrite PoC
19.12.2015
Bugtraq
[SECURITY] [DSA 3428-1] tomcat8 security update 2015-12-18
Moritz Muehlenhoff (jmm debian org)
KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address 2015-12-18
KoreLogic Disclosures (disclosures korelogic com)
[slackware-security] grub (SSA:2015-351-01) 2015-12-18
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-351-02) 2015-12-18
Slackware Security Team (security slackware com)
Executable uninstallers are vulnerable^WEVIL (case 12): Avira Registry Cleaner allows arbitrary code execution with escalation of privilege 2015-12-18
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3426-1] linux security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
Security Alert (Security_Alert emc com)
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17
Daniele Bianco (danbia ocert org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
Malware
Phishing
SERVICE PPL | 19th December 2015 |
NOTICE | 19th December 2015 |
Wells Fargo | 19th December 2015 |
HSBC UK | 18th December 2015 |
HSBC UK | 18th December 2015 |
Vulnerebility
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-19
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-19
http://www.securityfocus.com/bid/44484
GNU Wget CVE-2010-2252 Arbitrary File Overwrite Vulnerability
2015-12-19
http://www.securityfocus.com/bid/65722
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-19
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-19
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-19
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-19
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-19
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-19
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78619
SANS News
Threatpost
Exploit
Google Chrome - Renderer Process to Browser Process Privilege Escalation
18.12.2015
Bugtraq
[slackware-security] grub (SSA:2015-351-01) 2015-12-18
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-351-02) 2015-12-18
Slackware Security Team (security slackware com)
Executable uninstallers are vulnerable^WEVIL (case 12): Avira Registry Cleaner allows arbitrary code execution with escalation of privilege 2015-12-18
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3426-1] linux security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
Security Alert (Security_Alert emc com)
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17
Daniele Bianco (danbia ocert org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
CVE-2015-5348 - Apache Camel medium disclosure vulnerability 2015-12-17
Claus Ibsen (claus ibsen gmail com)
[SECURITY] [DSA 3337-2] gdk-pixbuf security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
[slackware-security] mozilla-firefox (SSA:2015-349-03) 2015-12-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3424-1] subversion security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
Malware
Backdoor:Python/Atalag.A
TrojanSpy:Python/Basonil.A
TrojanSpy:MSIL/Ohona.A
Phishing
HSBC UK | 18th December 2015 |
HSBC UK | 18th December 2015 |
USAA | 17th December 2015 |
USAA | 17th December 2015 |
Upgrade X | 17th December 2015 |
Vulnerebility
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-18
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-18
http://www.securityfocus.com/bid/44484
GNU Wget CVE-2010-2252 Arbitrary File Overwrite Vulnerability
2015-12-18
http://www.securityfocus.com/bid/65722
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-18
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-18
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-18
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-18
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-18
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-18
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78619
SANS News
Threatpost
Exploit
Joomla 1.5 - 3.4.5 - Object Injection RCE X-Forwarded-For Header
Ovidentia maillist Module 4.0 - Remote File Inclusion Exploit
PFSense <= 2.2.5 - Directory Traversal
Windows Kernel win32k!OffsetChildren - Null Pointer Dereference
win32k Desktop and Clipboard - Null Pointer Derefence
win32k Clipboard Bitmap - Use-After-Free Vulnerability
Adobe Flash TextField.antiAliasType Setter - Use-After-Free
Adobe Flash TextField.gridFitType Setter - Use-After-Free
Adobe Flash MovieClip.lineStyle - Use-After-Frees
Adobe Flash GradientFill - Use-After-Frees
Samsung Galaxy S6 Samsung Gallery - GIF Parsing Crash
Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash
17.12.2015
Bugtraq
ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
Security Alert (Security_Alert emc com)
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17
Daniele Bianco (danbia ocert org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
CVE-2015-5348 - Apache Camel medium disclosure vulnerability 2015-12-17
Claus Ibsen (claus ibsen gmail com)
[SECURITY] [DSA 3337-2] gdk-pixbuf security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
[slackware-security] mozilla-firefox (SSA:2015-349-03) 2015-12-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3424-1] subversion security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBHF03528 rev.1 - HP Network Products running VCX, Remote Unauthorized Modification 2015-12-16
security-alert hpe com
[SECURITY] [DSA 3423-1] cacti security update 2015-12-16
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3421-1] grub2 security update 2015-12-16
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3422-1] iceweasel security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
Shutdown UX DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
Shockwave Flash Object DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
[security bulletin] HPSBUX03529 SSRT102967 rev.1 - HP-UX BIND service running named, Remote Denial of Service (DoS) 2015-12-16
security-alert hpe com
Event Viewer Snapin multiple DLL side loading vulnerabilities 2015-12-16
Securify B.V. (lists securify nl)
libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16
FreeBSD Security Advisories (security-advisories freebsd org)
SQL Injection in orion.extfeedbackform Bitrix Module 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
RCE in Zen Cart via Arbitrary File Inclusion 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
[slackware-security] openssl (SSA:2015-349-04) 2015-12-16
Slackware Security Team (security slackware com)
[slackware-security] bind (SSA:2015-349-01) 2015-12-16
Slackware Security Team (security slackware com)
Malware
TrojanDownloader:PowerShell/Wedinga.A
Phishing
_NoReply | 16th December 2015 |
PayPal | 16th December 2015 |
NatWest | 16th December 2015 |
Info Service Dpt | 15th December 2015 |
PayPal | 15th December 2015 |
SERVICE PPL | 15th December 2015 |
MSN Incoporation | 15th December 2015 |
Vulnerebility
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-17
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-17
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-17
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-17
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-17
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-17
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77192
SANS News
When Hunting BeEF, Yara rules (Part 2)
Threatpost
Critical Flaws Found in Network Management Systems
Exploit
Easy File Sharing Web Server 7.2 - GET HTTP Request SEH Buffer Overflow
Easy File Sharing Web Server 7.2 - HEAD HTTP Request SEH Buffer Overflow
Zen Cart 1.5.4 - Local File Inclusion
Gentoo Local Priv Escalation in QEMU
16.12.2015
Bugtraq
[SECURITY] [DSA 3422-1] iceweasel security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
Shutdown UX DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
Shockwave Flash Object DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
[security bulletin] HPSBUX03529 SSRT102967 rev.1 - HP-UX BIND service running named, Remote Denial of Service (DoS) 2015-12-16
security-alert hpe com
Event Viewer Snapin multiple DLL side loading vulnerabilities 2015-12-16
Securify B.V. (lists securify nl)
libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16
FreeBSD Security Advisories (security-advisories freebsd org)
SQL Injection in orion.extfeedbackform Bitrix Module 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
RCE in Zen Cart via Arbitrary File Inclusion 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
[slackware-security] openssl (SSA:2015-349-04) 2015-12-16
Slackware Security Team (security slackware com)
[slackware-security] bind (SSA:2015-349-01) 2015-12-16
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-349-02) 2015-12-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3420-1] bind9 security update 2015-12-15
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3419-1] cups-filters security update 2015-12-15
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:MSIL/Banload.AL
TrojanDownloader:Win32/Banload.BFX
TrojanSpy:Win32/Ursnif.HP
Backdoor:Python/Covnoo.A
Backdoor:Win32/Blackhole.AE
Backdoor:Win32/Jadow.A
Trojan:Win32/Varpes.C!plock
Trojan:Win32/Varpes.A!plock
Trojan:Win32/Varpes.D!plock
Trojan:Win32/Varpes.I!plock
Phishing
Info Service Dpt | 15th December 2015 |
PayPal | 15th December 2015 |
SERVICE PPL | 15th December 2015 |
Vulnerebility
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-16
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-16
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-16
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-16
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-16
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77507
SANS News
Threatpost
Exploit
Wireshark - iseries_parse_packet Heap-Based Buffer Overflow
Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow
Wireshark - wmem_alloc Assertion Failure
Wireshark - dissect_zcl_pwr_prof_pwrprofstatersp Static Out-of-Bounds Read
Wireshark - dissct_rsl_ipaccess_msg Static Out-of-Bounds Read
Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow
Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV
Wireshark - dissect_nbap_MACdPDU_Size SIGSEGV
Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow
Wireshark - ascend_seek Static Out-of-Bounds Read
Wireshark - addresses_equal (dissect_rsvp_common) Use-After-Free
Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow
Wireshark - find_signature Stack-Based Out-of-Bounds Read
Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow
Wireshark - getRate Stack-Based Out-of-Bounds Read
FireEye Wormable Remote Code Execution in MIP JAR Analysis
Ovidentia newsletter Module 2.2 - (admin.php) Remote File Inclusion Exploit
Joomla 1.5 - 3.4.5 - Object Injection Remote Command Execution
15.12.2015
Bugtraq
[SECURITY] [DSA 3419-1] cups-filters security update 2015-12-15
Salvatore Bonaccorso (carnil debian org)
Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta) 2015-12-14
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3418-1] chromium-browser security update 2015-12-15
Michael Gilbert (mgilbert debian org)
[security bulletin] HPSBST03517 rev.1 - HP StoreOnce Backup systems, Remote Execution of Arbitrary Code with Privilege Elevation, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS) 2015-12-14
security-alert hpe com
Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370] 2015-12-15
Hector Marco-Gisbert (hecmargi upv es)
phpback v1.1 XSS vulnerability 2015-12-15
apparitionsec gmail com
ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS 2015-12-14
ERPScan inc (erpscan online gmail com)
[SECURITY] [DSA 3417-1] bouncycastle security update 2015-12-14
Luciano Bello (luciano debian org)
[ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability 2015-12-14
ERPScan inc (erpscan online gmail com)
ECommerceMajor SQL Injection Vulnerability 2015-12-13
Rahul Pratap Singh (techno rps gmail com)
Malware
TrojanDownloader:MSIL/Genmaldow.C
TrojanDownloader:MSIL/Genmaldow.D
HackTool:MSIL/Noancooe.B
PWS:Win32/QQpass.GU
Phishing
Service | 15th December 2015 |
OFAMERICA BANK. | 15th December 2015 |
Vodafone | 14th December 2015 |
PayPal Service | 14th December 2015 |
PayPal | 14th December 2015 |
Vulnerebility
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-15
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-15
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77507
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77160
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/77238
SANS News
Threatpost
Exploit
Joomla 1.5 - 3.4.5 - Object Injection Remote Command Execution
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_SetConfFileChunk Stack Buffer...
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_GetConfFileChunk Stack Buffer...
Microsoft Office / COM Object DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)
Legend Perl IRC Bot Remote Code Execution
Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution
ECommerceMajor - (productdtl.php, prodid param) SQL Injection Vulnerability
WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation
Polycom VVX-Series Business Media Phones - Path Traversal Vulnerability
Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion
Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal
Adobe Flash Type Confusion in IExternalizable.readExternal When Performing Local Serialization
Adobe Flash Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter
14.12.2015
Bugtraq
ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS 2015-12-14
ERPScan inc (erpscan online gmail com)
[SECURITY] [DSA 3417-1] bouncycastle security update 2015-12-14
Luciano Bello (luciano debian org)
[ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability 2015-12-14
ERPScan inc (erpscan online gmail com)
ECommerceMajor SQL Injection Vulnerability 2015-12-13
Rahul Pratap Singh (techno rps gmail com)
[SECURITY] [DSA 3416-1] libphp-phpmailer security update 2015-12-13
Luciano Bello (luciano debian org)
COM+ Services DLL side loading vulnerability 2015-12-12
Securify B.V. (lists securify nl)
Malware
Phishing
HSBC | 13th December 2015 |
National | 13th December 2015 |
Vulnerebility
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78626
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78209
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-14
http://www.securityfocus.com/bid/78734
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-14
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77507
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77160
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-14
http://www.securityfocus.com/bid/77238
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77164
SANS News
Color My Logs: Providing Context for Your Logs Using Our Data
Threatpost
Exploit
Windows XP-10 - Null-Free WinExec Shellcode (Python)
Siemens Simatic S7 1200 CPU Command Module (MSF)
ECommerceMajor - (productdtl.php, prodid param) SQL Injection Vulnerability
WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation
13.12.2015
Bugtraq
COM+ Services DLL side loading vulnerability 2015-12-12
Securify B.V. (lists securify nl)
Windows Authentication UI DLL side loading vulnerability 2015-12-12
Securify B.V. (lists securify nl)
XSS Vulnerability in Synnefo Client for Synnefo IMS 2015 - CVE-2015-8247 2015-12-12
Aravind (altoarun gmail com)
[security bulletin] HPSBHF03431 rev.1 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2015-12-12
security-alert hpe com
APPLE-SA-2015-12-11-1 iTunes 12.3.2 2015-12-11
Apple Product Security (product-security-noreply lists apple com)
ORGIN STUDIOS Cms Multiple Vulnerability 2015-12-11
iedb team gmail com
Malware
Phishing
PaypaI Service | 13th December 2015 |
Paypal support | 13th December 2015 |
Bank of America | 12th December 2015 |
Bank of America Customer | |
Vulnerebility
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-13
http://www.securityfocus.com/bid/77238
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77192
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-13
http://www.securityfocus.com/bid/66690
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-13
http://www.securityfocus.com/bid/70103
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-13
http://www.securityfocus.com/bid/53354
Linux Kernel SCTP Implementation CVE-2015-5283 Local Denial of Service Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77058
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77544
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77209
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-12-13
http://www.securityfocus.com/bid/74733
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-13
http://www.securityfocus.com/bid/78524
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77528
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77524
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77194
Netgear G54/N150 WNR1000v3 Router CVE-2015-8263 Security Bypass Vulnerability
2015-12-13
http://www.securityfocus.com/bid/78873
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77164
SANS News
Threatpost
Exploit
12.12.2015
Bugtraq
[security bulletin] HPSBHF03431 rev.1 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2015-12-12
security-alert hpe com
APPLE-SA-2015-12-11-1 iTunes 12.3.2 2015-12-11
Apple Product Security (product-security-noreply lists apple com)
ORGIN STUDIOS Cms Multiple Vulnerability 2015-12-11
iedb team gmail com
Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege 2015-12-08
Stefan Kanthak (stefan kanthak nexgo de)
WordPress <=v4.4 Username Exists Information Disclosure 2015-12-10
John SECURELI.com (john secureli com)
BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10
Blue Frost Security Research Lab (research bluefrostsecurity de)
Malware
Phishing
CIBC Online Banking | 11th December 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-12
http://www.securityfocus.com/bid/77238
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77192
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-12
http://www.securityfocus.com/bid/66690
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-12
http://www.securityfocus.com/bid/70103
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-12
http://www.securityfocus.com/bid/53354
Linux Kernel SCTP Implementation CVE-2015-5283 Local Denial of Service Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77058
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77544
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77209
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-12-12
http://www.securityfocus.com/bid/74733
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-12
http://www.securityfocus.com/bid/78524
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77528
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77524
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77194
Netgear G54/N150 WNR1000v3 Router CVE-2015-8263 Security Bypass Vulnerability
2015-12-12
http://www.securityfocus.com/bid/78873
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77164
SANS News
Threatpost
Exploit
11.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege 2015-12-08
Stefan Kanthak (stefan kanthak nexgo de)
WordPress <=v4.4 Username Exists Information Disclosure 2015-12-10
John SECURELI.com (john secureli com)
BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10
Blue Frost Security Research Lab (research bluefrostsecurity de)
SEC Consult SA-20151210-0 :: Skybox Platform Multiple Vulnerabilities 2015-12-10
SEC Consult Vulnerability Lab (research sec-consult com)
Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
APPLE-SA-2015-12-08-6 Xcode 7.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
Secunia Research: Microsoft Windows usp10.dll "GetFontDesc()" Integer Underflow Vulnerability 2015-12-08
Secunia Research (remove-vuln secunia com)
APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 3414-1] xen security update 2015-12-09
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBHF03432 rev.1 - HPE Networking Comware 5, Comware 5 Low Encryption SW, Comware 7, VCX Using NTP, Remote Access Restriction Bypass and Code Execution 2015-12-09
security-alert hpe com
APPLE-SA-2015-12-08-2 tvOS 9.1 2015-12-09
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco Prime Collaboration Assurance Default Account Credential Vulnerability 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Malware
TrojanDownloader:Win32/Banload.BFW
Phishing
Support Service | 11th December 2015 |
NOTICE : WE HAVE MAKE SOME | |
Microsoft | 10th December 2015 |
Support Service | 10th December 2015 |
NOTICE : WE HAVE MAKE SOME | |
Microsoft | 10th December 2015 |
Vulnerebility
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77528
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77524
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77194
Netgear G54/N150 WNR1000v3 Router CVE-2015-8263 Security Bypass Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78873
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77164
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78626
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78622
libpng CVE-2015-8126 Multiple Heap Based Buffer Overflow Vulnerabilities
2015-12-11
http://www.securityfocus.com/bid/77568
libpng 'png_convert_to_rfc1123()' Function Out Of Bounds Read Memory Corruption Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77304
Microsoft Windows CVE-2015-6127 Information Disclosure Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78516
libpng CVE-2015-8472 Incomplete Fix Heap Based Buffer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78624
Git CVE-2015-7545 Remote Command Execution Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78711
Adobe FlashPlayer and AIR CVE-2015-8407 Stack Buffer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78717
Adobe Flash Player and AIR Multiple Unspecified Security Bypass Vulnerabilities
2015-12-11
http://www.securityfocus.com/bid/78713
Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2015-12-11
http://www.securityfocus.com/bid/78712
Adobe Flash Player and AIR CVE-2015-8445 Unspecified Integer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78716 Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77165
Mozilla Netscape Portable Runtime CVE-2015-7183 Integer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77415
SANS News
Everything old is new again - Blackhole exploit kit since November 2015
Threatpost
Banking Malware Moving Over Facebook Hosted in Cloud
Exploit
10.12.2015
Bugtraq
BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10
Blue Frost Security Research Lab (research bluefrostsecurity de)
SEC Consult SA-20151210-0 :: Skybox Platform Multiple Vulnerabilities 2015-12-10
SEC Consult Vulnerability Lab (research sec-consult com)
Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
APPLE-SA-2015-12-08-6 Xcode 7.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
Secunia Research: Microsoft Windows usp10.dll "GetFontDesc()" Integer Underflow Vulnerability 2015-12-08
Secunia Research (remove-vuln secunia com)
APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 3414-1] xen security update 2015-12-09
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBHF03432 rev.1 - HPE Networking Comware 5, Comware 5 Low Encryption SW, Comware 7, VCX Using NTP, Remote Access Restriction Bypass and Code Execution 2015-12-09
security-alert hpe com
APPLE-SA-2015-12-08-2 tvOS 9.1 2015-12-09
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco Prime Collaboration Assurance Default Account Credential Vulnerability 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[CORE-2015-0014] - Microsoft Windows Media Center link file incorrectly resolved reference 2015-12-09
CORE Advisories Team (advisories coresecurity com)
[security bulletin] HPSBHF03433 SSRT102964 rev.1 - HP-UX Running Mozilla Firefox and Thunderbird, Remote Disclosure of Information 2015-12-09
security-alert hpe com
APPLE-SA-2015-12-08-5 Safari 9.0.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-12-08-4 watchOS 2.1 2015-12-09
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-12-08-1 iOS 9.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBMU03520 rev.1 - HP Insight Control server provisioning, Remote Disclosure of Information 2015-12-09
security-alert hpe com
Path Traversal via CSRF in bitrix.xscan Bitrix Module 2015-12-09
High-Tech Bridge Security Research (advisory htbridge ch)
APPLE-SA-2015-12-08-4 watchOS 2.1 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
Advisory: Arro and Other Android Taxi Hailing Apps Did Not Use SSL (Mobile Knowledge) 2015-12-08
securityresearch shaftek biz
[CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities 2015-12-09
Vogt, Thomas (Thomas Vogt secunet com)
XSS vulnerability in Intellect Core banking software - Polaris 2015-12-09
msahu controlcase com
PHP File Inclusion in bitrix.mpbuilder Bitrix Module 2015-12-09
High-Tech Bridge Security Research (advisory htbridge ch)
WordPress Users Ultra Plugin [Blind SQL injection] - Update 2015-12-08
Panagiotis Vagenas (pan vagenas gmail com)
Executable installers are vulnerable^WEVIL (case 9): Chrome's setup.exe allows arbitrary code execution and escalation of privilege 2015-12-09
Stefan Kanthak (stefan kanthak nexgo de)
MacOS/iPhone/Apple Watch/Apple TV libc File System Buffer Overflow 2015-12-08
submit cxsec org
[SECURITY] [DSA 3415-1] chromium-browser security update 2015-12-10
Michael Gilbert (mgilbert debian org)
Malware
Phishing
Support Service | 10th December 2015 |
NOTICE : WE HAVE MAKE SOME | |
Microsoft | 10th December 2015 |
Vulnerebility
Mozilla Netscape Portable Runtime CVE-2015-7183 Integer Overflow Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77415
Google Chrome CVE-2015-1302 Information Disclosure Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77537
Mozilla Network Security Services Memory Corruption and Heap Buffer Overflow Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77416
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78416
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-10
http://www.securityfocus.com/bid/78209
Oracle MySQL Server CVE-2015-4815 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77222
Oracle MySQL Server CVE-2015-4826 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77237
Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77153
Adobe ColdFusion APSB15-29 Multiple Unspecified Cross Site Scripting Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77625
Adobe Flash Player and AIR APSB15-32 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78715
Adobe Premiere Clip CVE-2015-8051 Unspecified Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77624
Adobe Flash Player and AIR APSB15-32 Multiple Unspecified Memory Corruption Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78710
Oracle MySQL Server CVE-2015-4870 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77208
Oracle MySQL Server CVE-2015-4792 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77171
Oracle MySQL Server CVE-2015-4802 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77165
Oracle MySQL Server CVE-2015-4858 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77145
Oracle MySQL Server CVE-2015-4836 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77190
Oracle MySQL Server CVE-2015-4807 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77205
Oracle MySQL Server CVE-2015-4861 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77137
Oracle MySQL Server CVE-2015-4830 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77228
Cisco Unified Communications Manager CVE-2015-6410 Security Bypass Vulnerability
2015-12-10
http://www.securityfocus.com/bid/78741
Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-10
http://www.securityfocus.com/bid/78723
X.Org libXfont LZW Decompression 'BufCompressedFill()' Local Privilege Escalation Vulnerability
2015-12-10
http://www.securityfocus.com/bid/49124
Apple Mac OS X and iOS Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/76343
PHP PHAR Multiple Denial of Service Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/76959
OpenLDAP CVE-2015-6908 Denial of Service Vulnerability
2015-12-10
http://www.securityfocus.com/bid/76714
Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/52379
LibreSSL 'OBJ_obj2txt()' Function Buffer Overflow and Information Disclosure Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77112
Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78719
Apple iOS APPLE-SA-2015-10-21-1 Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77268
2015-12-10
http://www.securityfocus.com/bid/78719
Apple iOS APPLE-SA-2015-10-21-1 Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77268
Apple iOS and Mac OS X Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77263
SANS News
Threatpost
Exploit
iy10 Dizin Scripti - Multiple Vulnerabilities
Gökhan Balbal Script 2.0 - CSRF Vulnerability
Skybox Platform <=7.0.611 - Multiple Vulnerabilities
Rar CmdExtract::UnstoreFile Integer Truncation Memory Corruption
Avast OOB Write Decrypting PEncrypt Packed Executables
Avast JetDb::IsExploited4x - Performs Unbounded Search on Input
Avast Heap Overflow Unpacking MoleBox Archives
Avast Integer Overflow Verifying numFonts in TTC Header
9.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 5): JRSoft InnoSetup 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Malware
Phishing
Vulnerebility
Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78723
X.Org libXfont LZW Decompression 'BufCompressedFill()' Local Privilege Escalation Vulnerability
2015-12-09
http://www.securityfocus.com/bid/49124
Apple Mac OS X and iOS Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/76343
PHP PHAR Multiple Denial of Service Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/76959
OpenLDAP CVE-2015-6908 Denial of Service Vulnerability
2015-12-09
http://www.securityfocus.com/bid/76714
Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/52379
LibreSSL 'OBJ_obj2txt()' Function Buffer Overflow and Information Disclosure Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77112
Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/78719
Apple iOS APPLE-SA-2015-10-21-1 Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77268
Apple iOS and Mac OS X Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77263
Adobe ColdFusion APSB15-29 Multiple Unspecified Cross Site Scripting Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77625
Adobe Premiere Clip CVE-2015-8051 Unspecified Security Vulnerability
2015-12-09
http://www.securityfocus.com/bid/77624
Cisco FirePOWER Management Center Software CVE-2015-6411 Information Disclosure Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78740
Multiple Cisco IP Phones CVE-2015-6403 Local Arbitrary File Upload Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78739
Cisco Prime Collaboration Assurance CVE-2015-6389 Insecure Default Password Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78738
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/75161
IBM WebSphere Application Server CVE-2015-7450 Remote Code Execution Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77653
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-12-08
http://www.securityfocus.com/bid/75156
HP LoadRunner Virtual Table Server CVE-2015-6857 Local Code Execution Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77946
Cisco IOS XE 3S Software CVE-2015-6383 Local Security Bypass Vulnerability
2015-12-08
http://www.securityfocus.com/bid/78521
Unitronics VisiLogic ActiveX Control Multiple Remote Code Execution Vulnerabilities
2015-12-08
http://www.securityfocus.com/bid/77571
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77194
Cisco Networking Services CVE-2015-6375 Information Disclosure Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77676
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77192
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74119
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74083
SANS News
Enforcing USB Storage Policy with PowerShell
Threatpost
Internet Root Name Servers Survive Unusual DDoS Attack
Exploit
Microsoft Windows Media Center Library Parsing RCE Vulnerability aka "self-executing" MCL File
Microsoft Windows Media Center Link File Incorrectly Resolved Reference
WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities
WIMAX MT711x - Multiple Vulnerabilities
Wordpress Plugin WP Easy Poll 1.1.3 - XSS and CSRF
IE 11.0.9600.18097 COmWindowProxy::SwitchMarkup NULL PTR
MacOS X 10.11 FTS Deep Structure of the File System Buffer Overflow
8.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 5): JRSoft InnoSetup 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
iScripts Multicart Cms Multiple Vulnerability 2015-12-07
iedb team gmail com
WebBoutiques Cms Cross-Site Scripting Vulnerability 2015-12-07
iedb team gmail com
Executable installers are vulnerable^WEVIL (case 6): SumatraPDF-*-installer.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Malware
TrojanSpy:Win32/Nivdort.BZ
TrojanSpy:Win32/Nivdort.CI
TrojanSpy:Win32/Nivdort.CJ
TrojanSpy:Win32/Nivdort.CK
TrojanSpy:Win32/Nivdort.CO
TrojanDownloader:JS/Swabfex.A
TrojanDownloader:MSIL/Bladabindi.J
TrojanDropper:Win32/Sulunch
VBA/TrojanDownloader.Agent.ADX
Phishing
Argos | 8th December 2015 |
7th December 2015 | |
7th December 2015 | |
Chase Bank | 7th December 2015 |
Natwest | 6th December 2015 |
Vulnerebility
Magento 'bridgeName' Paramater Cross Site Scripting Vulnerability
2015-12-07
http://www.securityfocus.com/bid/70950
Linux Kernel SCTP Implementation CVE-2015-5283 Local Denial of Service Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77058
Oracle Java SE CVE-2015-0486 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74145
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74141
IBM WebSphere Portal CVE-2015-4993 Unspecified Cross Site Scripting Vulnerability
2015-12-07
http://www.securityfocus.com/bid/78609
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74119
IBM SDK CVE-2015-1914 Sandbox Security Bypass Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74645
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-07
http://www.securityfocus.com/bid/77238
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77192
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77200
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77162
Mozilla Firefox Multiple Security Vulnerabilities
2015-12-07
http://www.securityfocus.com/bid/77411
Mozilla Netscape Portable Runtime CVE-2015-7183 Integer Overflow Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77415
SANS News
Threatpost
Bitcoin Extortionist Copycats on the Rise, Experts Say
Microsoft, Law Enforcement Collaborate in Dorkbot Takedown
Exploit
phpFileManager 0.9.8 Remote Code Execution
Atlassian HipChat for Jira Plugin Velocity Template Injection
SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities
OpenMRS 2.3 (1.11.4) - XML External Entity (XXE) Processing Exploit
OpenMRS 2.3 (1.11.4) - Expression Language Injection Vulnerability
OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities
OpenMRS 2.3 (1.11.4) - Local File Disclosure Vulnerability
PHP Utility Belt - Remote Code Execution
WordPress Polls Widget Plugin 1.0.7 - SQL Injection Vulnerability
iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions
iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions
7.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
iScripts Multicart Cms Multiple Vulnerability 2015-12-07
iedb team gmail com
WebBoutiques Cms Cross-Site Scripting Vulnerability 2015-12-07
iedb team gmail com
Executable installers are vulnerable^WEVIL (case 6): SumatraPDF-*-installer.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Command Injection in cool-video-gallery v1.9 Wordpress plugin 2015-12-07
Larry Cashdollar (larry0 me com)
[SYSS-2015-047] sysPass - Cross-Site Scripting (CWE-79) 2015-12-07
disclosure syss de
[SYSS-2015-046] sysPass - Insecure Direct Object References (CWE-932) 2015-12-07
disclosure syss de
Edimax BR-6478AC & Others Multiple Vulnerabilites 2015-12-07
mwinstead3790 gmail com
FreeBSD Security Advisory FreeBSD-SA-15:26.openssl 2015-12-05
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
TrojanDropper:MSIL/Redwer.A
Win32/Varpes
BrowserModifier:Win32/Pokki
Phishing
7th December 2015 | |
7th December 2015 | |
Chase Bank | 7th December 2015 |
Natwest | 6th December 2015 |
Discover Customer Service | 6th December 2015 |
Account-Service | 6th December 2015 |
Thomas Jones | 6th December 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions
6.12.2015
Bugtraq
[SECURITY] [DSA 3413-1] openssl security update 2015-12-04
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBGN03525 rev.1: HP Performance Center Virtual Table Server, Remote Code Execution 2015-12-03
security-alert hpe com
[SECURITY] [DSA 3412-1] redis security update 2015-12-03
Salvatore Bonaccorso (carnil debian org)
ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
Security Alert (Security_Alert emc com)
[slackware-security] mozilla-thunderbird (SSA:2015-337-02) 2015-12-03
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-337-01) 2015-12-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3411-1] cups-filters security update 2015-12-02
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
PayPal | 5th December 2015 |
PAYPAL - YOUR ACCOUNT HAS | |
PayPal | 5th December 2015 |
BT | 5th December 2015 |
Apple | 5th December 2015 |
5th December 2015 | |
PayPal | 4th December 2015 |
Vulnerebility
SANS News
Are you looking to setup your own Malware Sandbox?
Threatpost
OpenSSL Patches Bring Last Update for 0.9.8 and 1.0.0 Branches
Let’s Encrypt Initiative Enters Public Beta
Exploit
Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions
4.12.2015
Bugtraq
[SECURITY] [DSA 3413-1] openssl security update 2015-12-04
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBGN03525 rev.1: HP Performance Center Virtual Table Server, Remote Code Execution 2015-12-03
security-alert hpe com
[SECURITY] [DSA 3412-1] redis security update 2015-12-03
Salvatore Bonaccorso (carnil debian org)
ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
Security Alert (Security_Alert emc com)
[slackware-security] mozilla-thunderbird (SSA:2015-337-02) 2015-12-03
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-337-01) 2015-12-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3411-1] cups-filters security update 2015-12-02
Moritz Muehlenhoff (jmm debian org)
Ellucian Banner Student Vulnerability Disclosure 2015-12-02
sean dillon risksense com
WordPress Users Ultra Plugin [Persistence XSS] 2015-12-02
pan vagenas gmail com
WordPress Users Ultra Plugin [Blind SQL injection] 2015-12-02
pan vagenas gmail com
Malware
VBA/TrojanDownloader.Agent.AEA
Phishing
PayPal | 4th December 2015 |
PayPal Inc | 4th December 2015 |
PayPal Inc | 4th December 2015 |
[ PAYPAL ] : VIEW YOUR RECENT | |
Service Inc | 4th December 2015 |
Service | 4th December 2015 |
Vulnerebility
SANS News
Automating Phishing Analysis using BRO
Threatpost
Exploit
Wordpress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities
Wordpress Plugin Sell Download v1.0.16 - Local File Disclosure
Wordpress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities
3.12.2015
Bugtraq
ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
Security Alert (Security_Alert emc com)
[slackware-security] mozilla-thunderbird (SSA:2015-337-02) 2015-12-03
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-337-01) 2015-12-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3411-1] cups-filters security update 2015-12-02
Moritz Muehlenhoff (jmm debian org)
Ellucian Banner Student Vulnerability Disclosure 2015-12-02
sean dillon risksense com
WordPress Users Ultra Plugin [Persistence XSS] 2015-12-02
pan vagenas gmail com
WordPress Users Ultra Plugin [Blind SQL injection] 2015-12-02
pan vagenas gmail com
Gnome Nautilus [Denial of Service] 2015-12-02
pan vagenas gmail com
SQLi Vulnerability in ATuter management system 2015-12-02
sirus shahini gmail com
Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected XSS in Ultimate Member WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Malware
TrojanSpy:MSIL/Banker.P
TrojanDownloader:Win32/Banload.BFM
TrojanDownloader:VBS/Banload.AS
TrojanDownloader:MSIL/Banload.AK
Phishing
Vulnerebility
SANS News
New variant of CryptoWall - Is it right to call it 4.0?
Threatpost
Exploit
Gnome Nautilus 3.16 - Denial of Service
Acunetix WVS 10 - Local Privilege escalation
Oracle BeeHive 2 voice-servlet processEvaluation() Vulnerability
Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload
Advantech Switch Bash Environment Variable Code Injection (Shellshock)
WordPress Users Ultra Plugin 1.5.50 - Blind SQL injection
WordPress Users Ultra Plugin 1.5.50 - Persistent XSS
WordPress Gwolle Guestbook Plugin 1.5.3 - Remote File Inclusion
Malwarebytes Antivirus 2.2.0 - DoS PoC
2.12.2015
Bugtraq
WordPress Users Ultra Plugin [Persistence XSS] 2015-12-02
pan vagenas gmail com
WordPress Users Ultra Plugin [Blind SQL injection] 2015-12-02
pan vagenas gmail com
Gnome Nautilus [Denial of Service] 2015-12-02
pan vagenas gmail com
SQLi Vulnerability in ATuter management system 2015-12-02
sirus shahini gmail com
Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected XSS in Ultimate Member WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Remote File Inclusion in Gwolle Guestbook WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected XSS in Role Scoper WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected Cross-Site Scripting (XSS) in SourceBans 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
[SECURITY] [DSA 3409-1] putty security update 2015-12-01
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3410-1] icedove security update 2015-12-01
Moritz Muehlenhoff (jmm debian org)
Zenphoto 1.4.10 Local File Inclusion 2015-12-02
apparitionsec gmail com
Zenphoto 1.4.10 XSS Vulnerability 2015-12-01
apparitionsec gmail com
[SECURITY] [DSA 3408-1] gnutls26 security update 2015-12-01
Salvatore Bonaccorso (carnil debian org)
Malware
Trojan:Win32/Startpage.XW
TrojanDropper:Win32/Binuflix.A
PWS:MSIL/Stimilina.N
Backdoor:MSIL/Omaneat.A
VBA/TrojanDownloader.Agent.AIK
VBA/TrojanDownloader.Agent.AHU
VBA/TrojanDownloader.Agent.AEA
Phishing
Vulnerebility
SANS News
Threatpost
Exploit
Advantech Switch Bash Environment Variable Code Injection (Shellshock)
Acunetix WVS 10 - Local Privilege escalation
1.12.2015
Bugtraq
Zenphoto 1.4.10 XSS Vulnerability 2015-12-01
apparitionsec gmail com
[SECURITY] [DSA 3408-1] gnutls26 security update 2015-12-01
Salvatore Bonaccorso (carnil debian org)
Huawei Wimax routers vulnerable to multiple threats 2015-11-30
Pierre Kim (pierre kim sec gmail com)
[SE-2014-02] Errata document for Issue 42 (CVE-2015-4871 affecting Java SE 7) 2015-11-30
Security Explorations (contact security-explorations com)
LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection 2015-11-30
advisories (advisories lsexperts de)
Proftpd 1.3.5a LATEST (0-day) Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Belkin N150 Wireless Home Router Multiple Vulnerabilities 2015-11-30
Rahul Pratap Singh (techno rps gmail com)
Malware
HackTool:Win32/Kapahyku.A
TrojanDropper:Win32/Nivdort.A
TrojanSpy:Win32/Nivdort.CE
Phishing
Lloyds Bank | 1st December 2015 |
PayPal Inc | 1st December 2015 |
[ PAYPAL ] : VIEW YOUR RECENT | |
Email Administrator | 1st December 2015 |
Admin | 1st December 2015 |
paypal | 30th November 2015 |
Vulnerebility
SANS News
Threatpost
Embedded Devices Share, Reuse Private SSH Keys, HTTPs Certificates
China APT Gang Targets Hong Kong Media via Dropbox
Exploit
Kodi 15 - Arbitrary File Aaccess (Web Interface)
Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities
Zenphoto 1.4.10 - Local File Inclusion
ntop-ng <= 2.0.151021 - Privilege Escalation
HumHub 0.11.2 and 0.20.0-beta.2 - SQL Injection