Databáze Hot News 2015- 2020 2019 2018 2017 2016 2015 2014 2013
Hot News Alert APT Attacks Bugtraq CERT Crime Cryptocurrency Exploit Hacking ICS IDS/IPS Incident Malware Operation Phishing Ransom SANS Vulnerebility
2015 January February March April May June July August September October November December
31.12.2015
Bugtraq
Joomla 1.5.x to 3.4.5 Object Injection Exploit (golang) 2015-12-31
irancrash gmail com
Executable installers are vulnerable^WEVIL (case 16): Trend Micro's installers allows arbitrary (remote) code execution 2015-12-31
Stefan Kanthak (stefan kanthak nexgo de)
FTPShell Client v5.24 Buffer Overflow 2015-12-30
apparitionsec gmail com
[oCERT 2015-012] Ganeti multiple issues 2015-12-30
Daniele Bianco (danbia ocert org)
WebKitGTK+ Security Advisory WSA-2015-0002 2015-12-28
Carlos Alberto Lopez Perez (clopez igalia com)
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
riusksk qq com
Malware
Phishing
Amazon | 30th December 2015 |
Tesco | 30th December 2015 |
PAY.SERVICE ✔ | 30th December 2015 |
Microsoft | 30th December 2015 |
Microsoft | 30th December 2015 |
margaretabprwu | 30th December 2015 |
Barclays | 30th December 2015 |
Accounting | 30th December 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
30.12.2015
Bugtraq
[oCERT 2015-012] Ganeti multiple issues 2015-12-30
Daniele Bianco (danbia ocert org)
Malware
Phishing
PAYPAI SERVICE | 30th December 2015 |
Were investigating a paypaI | |
Chase | 29th December 2015 |
markecyrv | 29th December 2015 |
Vulnerebility
SANS News
Actor using Rig EK to deliver Qbot - update
Threatpost
Exploit
Simple Ads Manager 2.9.4.116 - SQL Injection
FTPShell Client 5.24 - Buffer Overflow
DeleGate 9.9.13 - Local Root Vulnerability
29.12.2015
Bugtraq
WebKitGTK+ Security Advisory WSA-2015-0002 2015-12-28
Carlos Alberto Lopez Perez (clopez igalia com)
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
riusksk qq com
Malware
Trojan:BAT/Zuquitache
Ransom:MSIL/Zuquitache.A
Phishing
Jeff Skoll | 29th December 2015 |
S e c u r i t y A L E R T | 29th December 2015 |
MRS. ELLAIN ELLIOT | 28th December 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
28.12.2015
Bugtraq
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
riusksk qq com
Malware
Phishing
Capital One 360 | 28th December 2015 |
Paypal | 28th December 2015 |
Carmen Thompson | 28th December 2015 |
Barclays | 28th December 2015 |
JAMES F. ENTWISTLE | 28th December 2015 |
....Get paid $25 for each emai | 28th December 2015 |
Vulnerebility
SANS News
hashcat and oclHashcat are now open source
Threatpost
Exploit
27.12.2015
Bugtraq
libtiff: invalid write (CVE-2015-7554) 2015-12-26
Hans Jerry Illikainen (hji dyntopia com)
AccessDiver V4.301 Buffer Overflow 2015-12-26
apparitionsec gmail com
Malware
Phishing
michael swartz | 27th December 2015 |
NatWest | 26th December 2015 |
Chase | 25th December 2015 |
Account Support | 25th December 2015 |
Vulnerebility
Google Chrome Prior to 47.0.2526.106 Multiple Remote Code Execution Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/79348
libxml2 CVE-2015-7500 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79562
Mozilla Firefox Multiple Security Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/79279
Libxml2 'xmlParseConditionalSections()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79507
libxml2 CVE-2015-7498 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79548
Libxml2 CVE-2015-1819 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/75570
Libxml2 'xmlDictComputeFastQKey()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79508
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77621
libxml2 CVE-2015-5312 XML Entity Expansion Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79536
Libxml2 'xmlGROW()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79509
libxml2 Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/77681
Libxml2 'parser.c' Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77390
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/74241
Foxit Reader Local Privilege Escalation Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77041
QEMU 'hw/net/pcnet.c' Remote Buffer Overflow Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78230
QEMU 'hw/net/pcnet.c' Heap Based Buffer Overflow Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78227
Dnsmasq CVE-2015-3294 Remote Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/74452
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77544
Linux Kernel 'btrfs/inode.c' Information Disclosure Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78219
Linux kernel CVE-2013-7446 Use After Free Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77638
Red Hat Enterprise Linux 'USB Device Descriptor' Local Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77030
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77524
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78623
Xen 'hvm/irq.c' Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79644
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77280
SANS News
Threatpost
Exploit
EasyCafe Server <= 2.2.14 Remote File Read
25.12.2015
Bugtraq
Malware
Phishing
Account Team | 25th December 2015 |
PayPaI Inc | 25th December 2015 |
Vulnerebility
Foxit Reader Local Privilege Escalation Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77041
QEMU 'hw/net/pcnet.c' Remote Buffer Overflow Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78230
QEMU 'hw/net/pcnet.c' Heap Based Buffer Overflow Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78227
Dnsmasq CVE-2015-3294 Remote Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/74452
Google Chrome Prior to 47.0.2526.106 Multiple Unspecified Security Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79348
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77544
Linux Kernel 'btrfs/inode.c' Information Disclosure Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78219
Linux kernel CVE-2013-7446 Use After Free Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77638
Red Hat Enterprise Linux 'USB Device Descriptor' Local Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77030
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77524
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78623
Xen 'hvm/irq.c' Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79644
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77280
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77283
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/75525
SANS News
Threatpost
Exploit
Rips Scanner 0.5 - (code.php) Local File Inclusion
24.12.2015
Bugtraq
[SECURITY] [DSA 3430-1] libxml2 security update 2015-12-23
Salvatore Bonaccorso (carnil debian org)
Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege 2015-12-23
Stefan Kanthak (stefan kanthak nexgo de)
[slackware-security] blueman (SSA:2015-356-01) 2015-12-23
Slackware Security Team (security slackware com)
Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16 2015-12-22
LpSolit gmail com
Malware
Phishing
support account | 24th December 2015 |
Tesco plc. | 23rd December 2015 |
Vulnerebility
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77524
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77280
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77283
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/75525
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/76317
OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76497
OpenSSH Login Handling Security Bypass Weakness
2015-12-24
http://www.securityfocus.com/bid/75990
gdk-pixbuf Heap Buffer Overflow and Denial of Service Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/76953
Gnome GdkPixbuf 'pixops.c' Heap Based Buffer Overflow Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76955
LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/62060
Wireshark '/wiretap/pcapng.c' Remote Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77101
ISC BIND CVE-2015-8000 Remote Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79349
RETIRED: Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/78723
Cisco Web Security Appliance CVE-2015-6290 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76687
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-24
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-24
http://www.securityfocus.com/bid/44484
SANS News
Threatpost
Exploit
Rips Scanner 0.5 - (code.php) Local File Inclusion
23.12.2015
Bugtraq
[slackware-security] blueman (SSA:2015-356-01) 2015-12-23
Slackware Security Team (security slackware com)
Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16 2015-12-22
LpSolit gmail com
ESA-2015-179: EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)
ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)
Aeris Calandar v2.1 - Buffer Overflow Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Switch v4.68 - Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Lithium Forum - (previewImages) Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Malware
TrojanSpy:Win32/Nivdort.CM
TrojanDropper:Win32/Zelug.A
Backdoor:Win32/Zelug.B
TrojanDownloader:VBS/Reywals.A
Backdoor:MSIL/Medirot.A
Phishing
Mia Zhang | 23rd December 2015 |
ANZ BANK | 23rd December 2015 |
Vulnerebility
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77524
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77280
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77283
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/75525
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/76317
OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76497
OpenSSH Login Handling Security Bypass Weakness
2015-12-23
http://www.securityfocus.com/bid/75990
gdk-pixbuf Heap Buffer Overflow and Denial of Service Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/76953
Gnome GdkPixbuf 'pixops.c' Heap Based Buffer Overflow Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76955
LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/62060
Wireshark '/wiretap/pcapng.c' Remote Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77101
ISC BIND CVE-2015-8000 Remote Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79349
RETIRED: Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/78723
Cisco Web Security Appliance CVE-2015-6290 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76687
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-23
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-23
http://www.securityfocus.com/bid/44484
SANS News
Libraries and Dependencies - It Really is Turtles All The Way Down!
Threatpost
Juniper Backdoor Picture Getting Clearer
Yahoo to Warn Users of State-Sponsored Attacks
Exploit
Bigware Shop 2.3.01 - Multiple Local File Inclusion Vulnerabilities
Grawlix 1.0.3 - CSRF Vulnerability
Arastta 1.1.5 - SQL Injection Vulnerabilities
PhpSocial 2.0.0304_20222226 - CSRF Vulnerability
PHP 7.0.0 - Format String Vulnerability
22.12.2015
Bugtraq
ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)
Aeris Calandar v2.1 - Buffer Overflow Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Switch v4.68 - Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Lithium Forum - (previewImages) Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Western Union CN Bug Bounty #6 - Client Side Cross Site Scripting Web Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
[RT-SA-2015-013] Symfony PHP Framework: Session Fixation In "Remember Me" Login Functionality 2015-12-22
RedTeam Pentesting GmbH (release redteam-pentesting de)
Executable installers are vulnerable^WEVIL (case 14): Rapid7's ScanNowUPnP.exe allows arbitrary (remote) code execution 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
[security bulletin] HPSBHF03419 rev.1 - HP Network Products including H3C routers and switches, Remote Denial of Service (DoS), Unauthorized Access. 2015-12-21
security-alert hpe com
Malware
TrojanDownloader:Win32/Ponmocup.A
Phishing
Vulnerebility
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/75525
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/76317
OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76497
OpenSSH Login Handling Security Bypass Weakness
2015-12-22
http://www.securityfocus.com/bid/75990
gdk-pixbuf Heap Buffer Overflow and Denial of Service Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/76953
Gnome GdkPixbuf 'pixops.c' Heap Based Buffer Overflow Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76955
LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/62060
Wireshark '/wiretap/pcapng.c' Remote Denial of Service Vulnerability
2015-12-22
http://www.securityfocus.com/bid/77101
ISC BIND CVE-2015-8000 Remote Denial of Service Vulnerability
2015-12-22
http://www.securityfocus.com/bid/79349
RETIRED: Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78723
Cisco Web Security Appliance CVE-2015-6290 Denial of Service Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76687
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-22
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-22
http://www.securityfocus.com/bid/44484
GNU Wget CVE-2010-2252 Arbitrary File Overwrite Vulnerability
2015-12-22
http://www.securityfocus.com/bid/65722
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-22
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-22
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-22
http://www.securityfocus.com/bid/71762
SANS News
Threatpost
Exploit
Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read
Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read
21.12.2015
Bugtraq
ESA-2015-177: RSA SecurID(r) Web Agent Authentication Bypass Vulnerability 2015-12-21
Security Alert (Security_Alert emc com)
giflib: heap overflow in giffix (CVE-2015-7555) 2015-12-21
Hans Jerry Illikainen (hji dyntopia com)
Executable installers are vulnerable^WEVIL (case 13): ESET NOD32 antivirus installer allows remote code execution with escalation of privilege 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
Almost no resp. only some mitigation(s) for "DLL hijacking" via load-time dependencies 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password 2015-12-18
KoreLogic Disclosures (disclosures korelogic com)
Malware
TrojanSpy:Win32/Nivdort.CT
TrojanSpy:Win32/Nivdort.CS
TrojanSpy:Win32/Nivdort.CR
TrojanSpy:Win32/Nivdort.CP
TrojanSpy:Win32/Nivdort.CH
TrojanDownloader:JS/Swabfex
Phishing
USAA Online Banking | 21st December 2015 |
App.support | 21st December 2015 |
Service Inc | 20th December 2015 |
PayPal | 20th December 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-21
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-21
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77507
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77160
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-21
http://www.securityfocus.com/bid/77238
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74119
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-21
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-0491 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74094
SANS News
Threatpost
Exploit
Ovidentia online Module 2.8 - GLOBALS[babAddonPhpPath] Remote File Inclusion
Ovidentia Widgets 1.0.61 - Remote Command Execution Exploit
Notepad++ NPPFtp Plugin 0.26.3 - Buffer Overflow
Base64 Decoder 1.1.2 - SEH OverWrite PoC
19.12.2015
Bugtraq
[SECURITY] [DSA 3428-1] tomcat8 security update 2015-12-18
Moritz Muehlenhoff (jmm debian org)
KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address 2015-12-18
KoreLogic Disclosures (disclosures korelogic com)
[slackware-security] grub (SSA:2015-351-01) 2015-12-18
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-351-02) 2015-12-18
Slackware Security Team (security slackware com)
Executable uninstallers are vulnerable^WEVIL (case 12): Avira Registry Cleaner allows arbitrary code execution with escalation of privilege 2015-12-18
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3426-1] linux security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
Security Alert (Security_Alert emc com)
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17
Daniele Bianco (danbia ocert org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
Malware
Phishing
SERVICE PPL | 19th December 2015 |
NOTICE | 19th December 2015 |
Wells Fargo | 19th December 2015 |
HSBC UK | 18th December 2015 |
HSBC UK | 18th December 2015 |
Vulnerebility
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-19
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-19
http://www.securityfocus.com/bid/44484
GNU Wget CVE-2010-2252 Arbitrary File Overwrite Vulnerability
2015-12-19
http://www.securityfocus.com/bid/65722
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-19
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-19
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-19
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-19
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-19
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-19
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78619
SANS News
Threatpost
Exploit
Google Chrome - Renderer Process to Browser Process Privilege Escalation
18.12.2015
Bugtraq
[slackware-security] grub (SSA:2015-351-01) 2015-12-18
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-351-02) 2015-12-18
Slackware Security Team (security slackware com)
Executable uninstallers are vulnerable^WEVIL (case 12): Avira Registry Cleaner allows arbitrary code execution with escalation of privilege 2015-12-18
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3426-1] linux security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
Security Alert (Security_Alert emc com)
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17
Daniele Bianco (danbia ocert org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
CVE-2015-5348 - Apache Camel medium disclosure vulnerability 2015-12-17
Claus Ibsen (claus ibsen gmail com)
[SECURITY] [DSA 3337-2] gdk-pixbuf security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
[slackware-security] mozilla-firefox (SSA:2015-349-03) 2015-12-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3424-1] subversion security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
Malware
Backdoor:Python/Atalag.A
TrojanSpy:Python/Basonil.A
TrojanSpy:MSIL/Ohona.A
Phishing
HSBC UK | 18th December 2015 |
HSBC UK | 18th December 2015 |
USAA | 17th December 2015 |
USAA | 17th December 2015 |
Upgrade X | 17th December 2015 |
Vulnerebility
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-18
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-18
http://www.securityfocus.com/bid/44484
GNU Wget CVE-2010-2252 Arbitrary File Overwrite Vulnerability
2015-12-18
http://www.securityfocus.com/bid/65722
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-18
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-18
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-18
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-18
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-18
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-18
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78619
SANS News
Threatpost
Exploit
Joomla 1.5 - 3.4.5 - Object Injection RCE X-Forwarded-For Header
Ovidentia maillist Module 4.0 - Remote File Inclusion Exploit
PFSense <= 2.2.5 - Directory Traversal
Windows Kernel win32k!OffsetChildren - Null Pointer Dereference
win32k Desktop and Clipboard - Null Pointer Derefence
win32k Clipboard Bitmap - Use-After-Free Vulnerability
Adobe Flash TextField.antiAliasType Setter - Use-After-Free
Adobe Flash TextField.gridFitType Setter - Use-After-Free
Adobe Flash MovieClip.lineStyle - Use-After-Frees
Adobe Flash GradientFill - Use-After-Frees
Samsung Galaxy S6 Samsung Gallery - GIF Parsing Crash
Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash
17.12.2015
Bugtraq
ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
Security Alert (Security_Alert emc com)
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17
Daniele Bianco (danbia ocert org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
CVE-2015-5348 - Apache Camel medium disclosure vulnerability 2015-12-17
Claus Ibsen (claus ibsen gmail com)
[SECURITY] [DSA 3337-2] gdk-pixbuf security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
[slackware-security] mozilla-firefox (SSA:2015-349-03) 2015-12-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3424-1] subversion security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBHF03528 rev.1 - HP Network Products running VCX, Remote Unauthorized Modification 2015-12-16
security-alert hpe com
[SECURITY] [DSA 3423-1] cacti security update 2015-12-16
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3421-1] grub2 security update 2015-12-16
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3422-1] iceweasel security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
Shutdown UX DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
Shockwave Flash Object DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
[security bulletin] HPSBUX03529 SSRT102967 rev.1 - HP-UX BIND service running named, Remote Denial of Service (DoS) 2015-12-16
security-alert hpe com
Event Viewer Snapin multiple DLL side loading vulnerabilities 2015-12-16
Securify B.V. (lists securify nl)
libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16
FreeBSD Security Advisories (security-advisories freebsd org)
SQL Injection in orion.extfeedbackform Bitrix Module 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
RCE in Zen Cart via Arbitrary File Inclusion 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
[slackware-security] openssl (SSA:2015-349-04) 2015-12-16
Slackware Security Team (security slackware com)
[slackware-security] bind (SSA:2015-349-01) 2015-12-16
Slackware Security Team (security slackware com)
Malware
TrojanDownloader:PowerShell/Wedinga.A
Phishing
_NoReply | 16th December 2015 |
PayPal | 16th December 2015 |
NatWest | 16th December 2015 |
Info Service Dpt | 15th December 2015 |
PayPal | 15th December 2015 |
SERVICE PPL | 15th December 2015 |
MSN Incoporation | 15th December 2015 |
Vulnerebility
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-17
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-17
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-17
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-17
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-17
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-17
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77192
SANS News
When Hunting BeEF, Yara rules (Part 2)
Threatpost
Critical Flaws Found in Network Management Systems
Exploit
Easy File Sharing Web Server 7.2 - GET HTTP Request SEH Buffer Overflow
Easy File Sharing Web Server 7.2 - HEAD HTTP Request SEH Buffer Overflow
Zen Cart 1.5.4 - Local File Inclusion
Gentoo Local Priv Escalation in QEMU
16.12.2015
Bugtraq
[SECURITY] [DSA 3422-1] iceweasel security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
Shutdown UX DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
Shockwave Flash Object DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
[security bulletin] HPSBUX03529 SSRT102967 rev.1 - HP-UX BIND service running named, Remote Denial of Service (DoS) 2015-12-16
security-alert hpe com
Event Viewer Snapin multiple DLL side loading vulnerabilities 2015-12-16
Securify B.V. (lists securify nl)
libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16
FreeBSD Security Advisories (security-advisories freebsd org)
SQL Injection in orion.extfeedbackform Bitrix Module 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
RCE in Zen Cart via Arbitrary File Inclusion 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
[slackware-security] openssl (SSA:2015-349-04) 2015-12-16
Slackware Security Team (security slackware com)
[slackware-security] bind (SSA:2015-349-01) 2015-12-16
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-349-02) 2015-12-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3420-1] bind9 security update 2015-12-15
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3419-1] cups-filters security update 2015-12-15
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:MSIL/Banload.AL
TrojanDownloader:Win32/Banload.BFX
TrojanSpy:Win32/Ursnif.HP
Backdoor:Python/Covnoo.A
Backdoor:Win32/Blackhole.AE
Backdoor:Win32/Jadow.A
Trojan:Win32/Varpes.C!plock
Trojan:Win32/Varpes.A!plock
Trojan:Win32/Varpes.D!plock
Trojan:Win32/Varpes.I!plock
Phishing
Info Service Dpt | 15th December 2015 |
PayPal | 15th December 2015 |
SERVICE PPL | 15th December 2015 |
Vulnerebility
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-16
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-16
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-16
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-16
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-16
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77507
SANS News
Threatpost
Exploit
Wireshark - iseries_parse_packet Heap-Based Buffer Overflow
Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow
Wireshark - wmem_alloc Assertion Failure
Wireshark - dissect_zcl_pwr_prof_pwrprofstatersp Static Out-of-Bounds Read
Wireshark - dissct_rsl_ipaccess_msg Static Out-of-Bounds Read
Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow
Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV
Wireshark - dissect_nbap_MACdPDU_Size SIGSEGV
Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow
Wireshark - ascend_seek Static Out-of-Bounds Read
Wireshark - addresses_equal (dissect_rsvp_common) Use-After-Free
Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow
Wireshark - find_signature Stack-Based Out-of-Bounds Read
Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow
Wireshark - getRate Stack-Based Out-of-Bounds Read
FireEye Wormable Remote Code Execution in MIP JAR Analysis
Ovidentia newsletter Module 2.2 - (admin.php) Remote File Inclusion Exploit
Joomla 1.5 - 3.4.5 - Object Injection Remote Command Execution
15.12.2015
Bugtraq
[SECURITY] [DSA 3419-1] cups-filters security update 2015-12-15
Salvatore Bonaccorso (carnil debian org)
Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta) 2015-12-14
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3418-1] chromium-browser security update 2015-12-15
Michael Gilbert (mgilbert debian org)
[security bulletin] HPSBST03517 rev.1 - HP StoreOnce Backup systems, Remote Execution of Arbitrary Code with Privilege Elevation, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS) 2015-12-14
security-alert hpe com
Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370] 2015-12-15
Hector Marco-Gisbert (hecmargi upv es)
phpback v1.1 XSS vulnerability 2015-12-15
apparitionsec gmail com
ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS 2015-12-14
ERPScan inc (erpscan online gmail com)
[SECURITY] [DSA 3417-1] bouncycastle security update 2015-12-14
Luciano Bello (luciano debian org)
[ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability 2015-12-14
ERPScan inc (erpscan online gmail com)
ECommerceMajor SQL Injection Vulnerability 2015-12-13
Rahul Pratap Singh (techno rps gmail com)
Malware
TrojanDownloader:MSIL/Genmaldow.C
TrojanDownloader:MSIL/Genmaldow.D
HackTool:MSIL/Noancooe.B
PWS:Win32/QQpass.GU
Phishing
Service | 15th December 2015 |
OFAMERICA BANK. | 15th December 2015 |
Vodafone | 14th December 2015 |
PayPal Service | 14th December 2015 |
PayPal | 14th December 2015 |
Vulnerebility
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-15
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-15
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77507
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77160
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/77238
SANS News
Threatpost
Exploit
Joomla 1.5 - 3.4.5 - Object Injection Remote Command Execution
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_SetConfFileChunk Stack Buffer...
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_GetConfFileChunk Stack Buffer...
Microsoft Office / COM Object DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)
Legend Perl IRC Bot Remote Code Execution
Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution
ECommerceMajor - (productdtl.php, prodid param) SQL Injection Vulnerability
WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation
Polycom VVX-Series Business Media Phones - Path Traversal Vulnerability
Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion
Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal
Adobe Flash Type Confusion in IExternalizable.readExternal When Performing Local Serialization
Adobe Flash Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter
14.12.2015
Bugtraq
ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS 2015-12-14
ERPScan inc (erpscan online gmail com)
[SECURITY] [DSA 3417-1] bouncycastle security update 2015-12-14
Luciano Bello (luciano debian org)
[ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability 2015-12-14
ERPScan inc (erpscan online gmail com)
ECommerceMajor SQL Injection Vulnerability 2015-12-13
Rahul Pratap Singh (techno rps gmail com)
[SECURITY] [DSA 3416-1] libphp-phpmailer security update 2015-12-13
Luciano Bello (luciano debian org)
COM+ Services DLL side loading vulnerability 2015-12-12
Securify B.V. (lists securify nl)
Malware
Phishing
HSBC | 13th December 2015 |
National | 13th December 2015 |
Vulnerebility
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78626
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78209
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-14
http://www.securityfocus.com/bid/78734
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-14
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77507
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77160
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-14
http://www.securityfocus.com/bid/77238
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77164
SANS News
Color My Logs: Providing Context for Your Logs Using Our Data
Threatpost
Exploit
Windows XP-10 - Null-Free WinExec Shellcode (Python)
Siemens Simatic S7 1200 CPU Command Module (MSF)
ECommerceMajor - (productdtl.php, prodid param) SQL Injection Vulnerability
WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation
13.12.2015
Bugtraq
COM+ Services DLL side loading vulnerability 2015-12-12
Securify B.V. (lists securify nl)
Windows Authentication UI DLL side loading vulnerability 2015-12-12
Securify B.V. (lists securify nl)
XSS Vulnerability in Synnefo Client for Synnefo IMS 2015 - CVE-2015-8247 2015-12-12
Aravind (altoarun gmail com)
[security bulletin] HPSBHF03431 rev.1 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2015-12-12
security-alert hpe com
APPLE-SA-2015-12-11-1 iTunes 12.3.2 2015-12-11
Apple Product Security (product-security-noreply lists apple com)
ORGIN STUDIOS Cms Multiple Vulnerability 2015-12-11
iedb team gmail com
Malware
Phishing
PaypaI Service | 13th December 2015 |
Paypal support | 13th December 2015 |
Bank of America | 12th December 2015 |
Bank of America Customer | |
Vulnerebility
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-13
http://www.securityfocus.com/bid/77238
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77192
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-13
http://www.securityfocus.com/bid/66690
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-13
http://www.securityfocus.com/bid/70103
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-13
http://www.securityfocus.com/bid/53354
Linux Kernel SCTP Implementation CVE-2015-5283 Local Denial of Service Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77058
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77544
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77209
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-12-13
http://www.securityfocus.com/bid/74733
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-13
http://www.securityfocus.com/bid/78524
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77528
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77524
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77194
Netgear G54/N150 WNR1000v3 Router CVE-2015-8263 Security Bypass Vulnerability
2015-12-13
http://www.securityfocus.com/bid/78873
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77164
SANS News
Threatpost
Exploit
12.12.2015
Bugtraq
[security bulletin] HPSBHF03431 rev.1 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2015-12-12
security-alert hpe com
APPLE-SA-2015-12-11-1 iTunes 12.3.2 2015-12-11
Apple Product Security (product-security-noreply lists apple com)
ORGIN STUDIOS Cms Multiple Vulnerability 2015-12-11
iedb team gmail com
Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege 2015-12-08
Stefan Kanthak (stefan kanthak nexgo de)
WordPress <=v4.4 Username Exists Information Disclosure 2015-12-10
John SECURELI.com (john secureli com)
BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10
Blue Frost Security Research Lab (research bluefrostsecurity de)
Malware
Phishing
CIBC Online Banking | 11th December 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-12
http://www.securityfocus.com/bid/77238
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77192
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-12
http://www.securityfocus.com/bid/66690
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-12
http://www.securityfocus.com/bid/70103
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-12
http://www.securityfocus.com/bid/53354
Linux Kernel SCTP Implementation CVE-2015-5283 Local Denial of Service Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77058
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77544
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77209
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-12-12
http://www.securityfocus.com/bid/74733
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-12
http://www.securityfocus.com/bid/78524
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77528
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77524
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77194
Netgear G54/N150 WNR1000v3 Router CVE-2015-8263 Security Bypass Vulnerability
2015-12-12
http://www.securityfocus.com/bid/78873
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77164
SANS News
Threatpost
Exploit
11.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege 2015-12-08
Stefan Kanthak (stefan kanthak nexgo de)
WordPress <=v4.4 Username Exists Information Disclosure 2015-12-10
John SECURELI.com (john secureli com)
BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10
Blue Frost Security Research Lab (research bluefrostsecurity de)
SEC Consult SA-20151210-0 :: Skybox Platform Multiple Vulnerabilities 2015-12-10
SEC Consult Vulnerability Lab (research sec-consult com)
Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
APPLE-SA-2015-12-08-6 Xcode 7.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
Secunia Research: Microsoft Windows usp10.dll "GetFontDesc()" Integer Underflow Vulnerability 2015-12-08
Secunia Research (remove-vuln secunia com)
APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 3414-1] xen security update 2015-12-09
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBHF03432 rev.1 - HPE Networking Comware 5, Comware 5 Low Encryption SW, Comware 7, VCX Using NTP, Remote Access Restriction Bypass and Code Execution 2015-12-09
security-alert hpe com
APPLE-SA-2015-12-08-2 tvOS 9.1 2015-12-09
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco Prime Collaboration Assurance Default Account Credential Vulnerability 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Malware
TrojanDownloader:Win32/Banload.BFW
Phishing
Support Service | 11th December 2015 |
NOTICE : WE HAVE MAKE SOME | |
Microsoft | 10th December 2015 |
Support Service | 10th December 2015 |
NOTICE : WE HAVE MAKE SOME | |
Microsoft | 10th December 2015 |
Vulnerebility
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77528
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77524
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77194
Netgear G54/N150 WNR1000v3 Router CVE-2015-8263 Security Bypass Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78873
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77164
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78626
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78622
libpng CVE-2015-8126 Multiple Heap Based Buffer Overflow Vulnerabilities
2015-12-11
http://www.securityfocus.com/bid/77568
libpng 'png_convert_to_rfc1123()' Function Out Of Bounds Read Memory Corruption Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77304
Microsoft Windows CVE-2015-6127 Information Disclosure Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78516
libpng CVE-2015-8472 Incomplete Fix Heap Based Buffer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78624
Git CVE-2015-7545 Remote Command Execution Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78711
Adobe FlashPlayer and AIR CVE-2015-8407 Stack Buffer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78717
Adobe Flash Player and AIR Multiple Unspecified Security Bypass Vulnerabilities
2015-12-11
http://www.securityfocus.com/bid/78713
Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2015-12-11
http://www.securityfocus.com/bid/78712
Adobe Flash Player and AIR CVE-2015-8445 Unspecified Integer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78716 Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77165
Mozilla Netscape Portable Runtime CVE-2015-7183 Integer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77415
SANS News
Everything old is new again - Blackhole exploit kit since November 2015
Threatpost
Banking Malware Moving Over Facebook Hosted in Cloud
Exploit
10.12.2015
Bugtraq
BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10
Blue Frost Security Research Lab (research bluefrostsecurity de)
SEC Consult SA-20151210-0 :: Skybox Platform Multiple Vulnerabilities 2015-12-10
SEC Consult Vulnerability Lab (research sec-consult com)
Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
APPLE-SA-2015-12-08-6 Xcode 7.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
Secunia Research: Microsoft Windows usp10.dll "GetFontDesc()" Integer Underflow Vulnerability 2015-12-08
Secunia Research (remove-vuln secunia com)
APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 3414-1] xen security update 2015-12-09
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBHF03432 rev.1 - HPE Networking Comware 5, Comware 5 Low Encryption SW, Comware 7, VCX Using NTP, Remote Access Restriction Bypass and Code Execution 2015-12-09
security-alert hpe com
APPLE-SA-2015-12-08-2 tvOS 9.1 2015-12-09
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco Prime Collaboration Assurance Default Account Credential Vulnerability 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[CORE-2015-0014] - Microsoft Windows Media Center link file incorrectly resolved reference 2015-12-09
CORE Advisories Team (advisories coresecurity com)
[security bulletin] HPSBHF03433 SSRT102964 rev.1 - HP-UX Running Mozilla Firefox and Thunderbird, Remote Disclosure of Information 2015-12-09
security-alert hpe com
APPLE-SA-2015-12-08-5 Safari 9.0.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-12-08-4 watchOS 2.1 2015-12-09
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-12-08-1 iOS 9.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBMU03520 rev.1 - HP Insight Control server provisioning, Remote Disclosure of Information 2015-12-09
security-alert hpe com
Path Traversal via CSRF in bitrix.xscan Bitrix Module 2015-12-09
High-Tech Bridge Security Research (advisory htbridge ch)
APPLE-SA-2015-12-08-4 watchOS 2.1 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
Advisory: Arro and Other Android Taxi Hailing Apps Did Not Use SSL (Mobile Knowledge) 2015-12-08
securityresearch shaftek biz
[CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities 2015-12-09
Vogt, Thomas (Thomas Vogt secunet com)
XSS vulnerability in Intellect Core banking software - Polaris 2015-12-09
msahu controlcase com
PHP File Inclusion in bitrix.mpbuilder Bitrix Module 2015-12-09
High-Tech Bridge Security Research (advisory htbridge ch)
WordPress Users Ultra Plugin [Blind SQL injection] - Update 2015-12-08
Panagiotis Vagenas (pan vagenas gmail com)
Executable installers are vulnerable^WEVIL (case 9): Chrome's setup.exe allows arbitrary code execution and escalation of privilege 2015-12-09
Stefan Kanthak (stefan kanthak nexgo de)
MacOS/iPhone/Apple Watch/Apple TV libc File System Buffer Overflow 2015-12-08
submit cxsec org
[SECURITY] [DSA 3415-1] chromium-browser security update 2015-12-10
Michael Gilbert (mgilbert debian org)
Malware
Phishing
Support Service | 10th December 2015 |
NOTICE : WE HAVE MAKE SOME | |
Microsoft | 10th December 2015 |
Vulnerebility
Mozilla Netscape Portable Runtime CVE-2015-7183 Integer Overflow Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77415
Google Chrome CVE-2015-1302 Information Disclosure Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77537
Mozilla Network Security Services Memory Corruption and Heap Buffer Overflow Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77416
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78416
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-10
http://www.securityfocus.com/bid/78209
Oracle MySQL Server CVE-2015-4815 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77222
Oracle MySQL Server CVE-2015-4826 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77237
Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77153
Adobe ColdFusion APSB15-29 Multiple Unspecified Cross Site Scripting Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77625
Adobe Flash Player and AIR APSB15-32 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78715
Adobe Premiere Clip CVE-2015-8051 Unspecified Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77624
Adobe Flash Player and AIR APSB15-32 Multiple Unspecified Memory Corruption Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78710
Oracle MySQL Server CVE-2015-4870 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77208
Oracle MySQL Server CVE-2015-4792 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77171
Oracle MySQL Server CVE-2015-4802 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77165
Oracle MySQL Server CVE-2015-4858 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77145
Oracle MySQL Server CVE-2015-4836 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77190
Oracle MySQL Server CVE-2015-4807 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77205
Oracle MySQL Server CVE-2015-4861 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77137
Oracle MySQL Server CVE-2015-4830 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77228
Cisco Unified Communications Manager CVE-2015-6410 Security Bypass Vulnerability
2015-12-10
http://www.securityfocus.com/bid/78741
Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-10
http://www.securityfocus.com/bid/78723
X.Org libXfont LZW Decompression 'BufCompressedFill()' Local Privilege Escalation Vulnerability
2015-12-10
http://www.securityfocus.com/bid/49124
Apple Mac OS X and iOS Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/76343
PHP PHAR Multiple Denial of Service Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/76959
OpenLDAP CVE-2015-6908 Denial of Service Vulnerability
2015-12-10
http://www.securityfocus.com/bid/76714
Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/52379
LibreSSL 'OBJ_obj2txt()' Function Buffer Overflow and Information Disclosure Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77112
Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78719
Apple iOS APPLE-SA-2015-10-21-1 Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77268
2015-12-10
http://www.securityfocus.com/bid/78719
Apple iOS APPLE-SA-2015-10-21-1 Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77268
Apple iOS and Mac OS X Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77263
SANS News
Threatpost
Exploit
iy10 Dizin Scripti - Multiple Vulnerabilities
Gökhan Balbal Script 2.0 - CSRF Vulnerability
Skybox Platform <=7.0.611 - Multiple Vulnerabilities
Rar CmdExtract::UnstoreFile Integer Truncation Memory Corruption
Avast OOB Write Decrypting PEncrypt Packed Executables
Avast JetDb::IsExploited4x - Performs Unbounded Search on Input
Avast Heap Overflow Unpacking MoleBox Archives
Avast Integer Overflow Verifying numFonts in TTC Header
9.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 5): JRSoft InnoSetup 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Malware
Phishing
Vulnerebility
Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78723
X.Org libXfont LZW Decompression 'BufCompressedFill()' Local Privilege Escalation Vulnerability
2015-12-09
http://www.securityfocus.com/bid/49124
Apple Mac OS X and iOS Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/76343
PHP PHAR Multiple Denial of Service Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/76959
OpenLDAP CVE-2015-6908 Denial of Service Vulnerability
2015-12-09
http://www.securityfocus.com/bid/76714
Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/52379
LibreSSL 'OBJ_obj2txt()' Function Buffer Overflow and Information Disclosure Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77112
Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/78719
Apple iOS APPLE-SA-2015-10-21-1 Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77268
Apple iOS and Mac OS X Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77263
Adobe ColdFusion APSB15-29 Multiple Unspecified Cross Site Scripting Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77625
Adobe Premiere Clip CVE-2015-8051 Unspecified Security Vulnerability
2015-12-09
http://www.securityfocus.com/bid/77624
Cisco FirePOWER Management Center Software CVE-2015-6411 Information Disclosure Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78740
Multiple Cisco IP Phones CVE-2015-6403 Local Arbitrary File Upload Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78739
Cisco Prime Collaboration Assurance CVE-2015-6389 Insecure Default Password Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78738
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/75161
IBM WebSphere Application Server CVE-2015-7450 Remote Code Execution Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77653
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-12-08
http://www.securityfocus.com/bid/75156
HP LoadRunner Virtual Table Server CVE-2015-6857 Local Code Execution Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77946
Cisco IOS XE 3S Software CVE-2015-6383 Local Security Bypass Vulnerability
2015-12-08
http://www.securityfocus.com/bid/78521
Unitronics VisiLogic ActiveX Control Multiple Remote Code Execution Vulnerabilities
2015-12-08
http://www.securityfocus.com/bid/77571
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77194
Cisco Networking Services CVE-2015-6375 Information Disclosure Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77676
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77192
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74119
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74083
SANS News
Enforcing USB Storage Policy with PowerShell
Threatpost
Internet Root Name Servers Survive Unusual DDoS Attack
Exploit
Microsoft Windows Media Center Library Parsing RCE Vulnerability aka "self-executing" MCL File
Microsoft Windows Media Center Link File Incorrectly Resolved Reference
WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities
WIMAX MT711x - Multiple Vulnerabilities
Wordpress Plugin WP Easy Poll 1.1.3 - XSS and CSRF
IE 11.0.9600.18097 COmWindowProxy::SwitchMarkup NULL PTR
MacOS X 10.11 FTS Deep Structure of the File System Buffer Overflow
8.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 5): JRSoft InnoSetup 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
iScripts Multicart Cms Multiple Vulnerability 2015-12-07
iedb team gmail com
WebBoutiques Cms Cross-Site Scripting Vulnerability 2015-12-07
iedb team gmail com
Executable installers are vulnerable^WEVIL (case 6): SumatraPDF-*-installer.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Malware
TrojanSpy:Win32/Nivdort.BZ
TrojanSpy:Win32/Nivdort.CI
TrojanSpy:Win32/Nivdort.CJ
TrojanSpy:Win32/Nivdort.CK
TrojanSpy:Win32/Nivdort.CO
TrojanDownloader:JS/Swabfex.A
TrojanDownloader:MSIL/Bladabindi.J
TrojanDropper:Win32/Sulunch
VBA/TrojanDownloader.Agent.ADX
Phishing
Argos | 8th December 2015 |
7th December 2015 | |
7th December 2015 | |
Chase Bank | 7th December 2015 |
Natwest | 6th December 2015 |
Vulnerebility
Magento 'bridgeName' Paramater Cross Site Scripting Vulnerability
2015-12-07
http://www.securityfocus.com/bid/70950
Linux Kernel SCTP Implementation CVE-2015-5283 Local Denial of Service Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77058
Oracle Java SE CVE-2015-0486 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74145
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74141
IBM WebSphere Portal CVE-2015-4993 Unspecified Cross Site Scripting Vulnerability
2015-12-07
http://www.securityfocus.com/bid/78609
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74119
IBM SDK CVE-2015-1914 Sandbox Security Bypass Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74645
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-07
http://www.securityfocus.com/bid/77238
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77192
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77200
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77162
Mozilla Firefox Multiple Security Vulnerabilities
2015-12-07
http://www.securityfocus.com/bid/77411
Mozilla Netscape Portable Runtime CVE-2015-7183 Integer Overflow Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77415
SANS News
Threatpost
Bitcoin Extortionist Copycats on the Rise, Experts Say
Microsoft, Law Enforcement Collaborate in Dorkbot Takedown
Exploit
phpFileManager 0.9.8 Remote Code Execution
Atlassian HipChat for Jira Plugin Velocity Template Injection
SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities
OpenMRS 2.3 (1.11.4) - XML External Entity (XXE) Processing Exploit
OpenMRS 2.3 (1.11.4) - Expression Language Injection Vulnerability
OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities
OpenMRS 2.3 (1.11.4) - Local File Disclosure Vulnerability
PHP Utility Belt - Remote Code Execution
WordPress Polls Widget Plugin 1.0.7 - SQL Injection Vulnerability
iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions
iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions
7.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
iScripts Multicart Cms Multiple Vulnerability 2015-12-07
iedb team gmail com
WebBoutiques Cms Cross-Site Scripting Vulnerability 2015-12-07
iedb team gmail com
Executable installers are vulnerable^WEVIL (case 6): SumatraPDF-*-installer.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Command Injection in cool-video-gallery v1.9 Wordpress plugin 2015-12-07
Larry Cashdollar (larry0 me com)
[SYSS-2015-047] sysPass - Cross-Site Scripting (CWE-79) 2015-12-07
disclosure syss de
[SYSS-2015-046] sysPass - Insecure Direct Object References (CWE-932) 2015-12-07
disclosure syss de
Edimax BR-6478AC & Others Multiple Vulnerabilites 2015-12-07
mwinstead3790 gmail com
FreeBSD Security Advisory FreeBSD-SA-15:26.openssl 2015-12-05
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
TrojanDropper:MSIL/Redwer.A
Win32/Varpes
BrowserModifier:Win32/Pokki
Phishing
7th December 2015 | |
7th December 2015 | |
Chase Bank | 7th December 2015 |
Natwest | 6th December 2015 |
Discover Customer Service | 6th December 2015 |
Account-Service | 6th December 2015 |
Thomas Jones | 6th December 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions
6.12.2015
Bugtraq
[SECURITY] [DSA 3413-1] openssl security update 2015-12-04
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBGN03525 rev.1: HP Performance Center Virtual Table Server, Remote Code Execution 2015-12-03
security-alert hpe com
[SECURITY] [DSA 3412-1] redis security update 2015-12-03
Salvatore Bonaccorso (carnil debian org)
ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
Security Alert (Security_Alert emc com)
[slackware-security] mozilla-thunderbird (SSA:2015-337-02) 2015-12-03
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-337-01) 2015-12-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3411-1] cups-filters security update 2015-12-02
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
PayPal | 5th December 2015 |
PAYPAL - YOUR ACCOUNT HAS | |
PayPal | 5th December 2015 |
BT | 5th December 2015 |
Apple | 5th December 2015 |
5th December 2015 | |
PayPal | 4th December 2015 |
Vulnerebility
SANS News
Are you looking to setup your own Malware Sandbox?
Threatpost
OpenSSL Patches Bring Last Update for 0.9.8 and 1.0.0 Branches
Let’s Encrypt Initiative Enters Public Beta
Exploit
Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions
4.12.2015
Bugtraq
[SECURITY] [DSA 3413-1] openssl security update 2015-12-04
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBGN03525 rev.1: HP Performance Center Virtual Table Server, Remote Code Execution 2015-12-03
security-alert hpe com
[SECURITY] [DSA 3412-1] redis security update 2015-12-03
Salvatore Bonaccorso (carnil debian org)
ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
Security Alert (Security_Alert emc com)
[slackware-security] mozilla-thunderbird (SSA:2015-337-02) 2015-12-03
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-337-01) 2015-12-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3411-1] cups-filters security update 2015-12-02
Moritz Muehlenhoff (jmm debian org)
Ellucian Banner Student Vulnerability Disclosure 2015-12-02
sean dillon risksense com
WordPress Users Ultra Plugin [Persistence XSS] 2015-12-02
pan vagenas gmail com
WordPress Users Ultra Plugin [Blind SQL injection] 2015-12-02
pan vagenas gmail com
Malware
VBA/TrojanDownloader.Agent.AEA
Phishing
PayPal | 4th December 2015 |
PayPal Inc | 4th December 2015 |
PayPal Inc | 4th December 2015 |
[ PAYPAL ] : VIEW YOUR RECENT | |
Service Inc | 4th December 2015 |
Service | 4th December 2015 |
Vulnerebility
SANS News
Automating Phishing Analysis using BRO
Threatpost
Exploit
Wordpress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities
Wordpress Plugin Sell Download v1.0.16 - Local File Disclosure
Wordpress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities
3.12.2015
Bugtraq
ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
Security Alert (Security_Alert emc com)
[slackware-security] mozilla-thunderbird (SSA:2015-337-02) 2015-12-03
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-337-01) 2015-12-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3411-1] cups-filters security update 2015-12-02
Moritz Muehlenhoff (jmm debian org)
Ellucian Banner Student Vulnerability Disclosure 2015-12-02
sean dillon risksense com
WordPress Users Ultra Plugin [Persistence XSS] 2015-12-02
pan vagenas gmail com
WordPress Users Ultra Plugin [Blind SQL injection] 2015-12-02
pan vagenas gmail com
Gnome Nautilus [Denial of Service] 2015-12-02
pan vagenas gmail com
SQLi Vulnerability in ATuter management system 2015-12-02
sirus shahini gmail com
Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected XSS in Ultimate Member WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Malware
TrojanSpy:MSIL/Banker.P
TrojanDownloader:Win32/Banload.BFM
TrojanDownloader:VBS/Banload.AS
TrojanDownloader:MSIL/Banload.AK
Phishing
Vulnerebility
SANS News
New variant of CryptoWall - Is it right to call it 4.0?
Threatpost
Exploit
Gnome Nautilus 3.16 - Denial of Service
Acunetix WVS 10 - Local Privilege escalation
Oracle BeeHive 2 voice-servlet processEvaluation() Vulnerability
Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload
Advantech Switch Bash Environment Variable Code Injection (Shellshock)
WordPress Users Ultra Plugin 1.5.50 - Blind SQL injection
WordPress Users Ultra Plugin 1.5.50 - Persistent XSS
WordPress Gwolle Guestbook Plugin 1.5.3 - Remote File Inclusion
Malwarebytes Antivirus 2.2.0 - DoS PoC
2.12.2015
Bugtraq
WordPress Users Ultra Plugin [Persistence XSS] 2015-12-02
pan vagenas gmail com
WordPress Users Ultra Plugin [Blind SQL injection] 2015-12-02
pan vagenas gmail com
Gnome Nautilus [Denial of Service] 2015-12-02
pan vagenas gmail com
SQLi Vulnerability in ATuter management system 2015-12-02
sirus shahini gmail com
Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected XSS in Ultimate Member WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Remote File Inclusion in Gwolle Guestbook WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected XSS in Role Scoper WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected Cross-Site Scripting (XSS) in SourceBans 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
[SECURITY] [DSA 3409-1] putty security update 2015-12-01
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3410-1] icedove security update 2015-12-01
Moritz Muehlenhoff (jmm debian org)
Zenphoto 1.4.10 Local File Inclusion 2015-12-02
apparitionsec gmail com
Zenphoto 1.4.10 XSS Vulnerability 2015-12-01
apparitionsec gmail com
[SECURITY] [DSA 3408-1] gnutls26 security update 2015-12-01
Salvatore Bonaccorso (carnil debian org)
Malware
Trojan:Win32/Startpage.XW
TrojanDropper:Win32/Binuflix.A
PWS:MSIL/Stimilina.N
Backdoor:MSIL/Omaneat.A
VBA/TrojanDownloader.Agent.AIK
VBA/TrojanDownloader.Agent.AHU
VBA/TrojanDownloader.Agent.AEA
Phishing
Vulnerebility
SANS News
Threatpost
Exploit
Advantech Switch Bash Environment Variable Code Injection (Shellshock)
Acunetix WVS 10 - Local Privilege escalation
1.12.2015
Bugtraq
Zenphoto 1.4.10 XSS Vulnerability 2015-12-01
apparitionsec gmail com
[SECURITY] [DSA 3408-1] gnutls26 security update 2015-12-01
Salvatore Bonaccorso (carnil debian org)
Huawei Wimax routers vulnerable to multiple threats 2015-11-30
Pierre Kim (pierre kim sec gmail com)
[SE-2014-02] Errata document for Issue 42 (CVE-2015-4871 affecting Java SE 7) 2015-11-30
Security Explorations (contact security-explorations com)
LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection 2015-11-30
advisories (advisories lsexperts de)
Proftpd 1.3.5a LATEST (0-day) Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Belkin N150 Wireless Home Router Multiple Vulnerabilities 2015-11-30
Rahul Pratap Singh (techno rps gmail com)
Malware
HackTool:Win32/Kapahyku.A
TrojanDropper:Win32/Nivdort.A
TrojanSpy:Win32/Nivdort.CE
Phishing
Lloyds Bank | 1st December 2015 |
PayPal Inc | 1st December 2015 |
[ PAYPAL ] : VIEW YOUR RECENT | |
Email Administrator | 1st December 2015 |
Admin | 1st December 2015 |
paypal | 30th November 2015 |
Vulnerebility
SANS News
Threatpost
Embedded Devices Share, Reuse Private SSH Keys, HTTPs Certificates
China APT Gang Targets Hong Kong Media via Dropbox
Exploit
Kodi 15 - Arbitrary File Aaccess (Web Interface)
Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities
Zenphoto 1.4.10 - Local File Inclusion
ntop-ng <= 2.0.151021 - Privilege Escalation
HumHub 0.11.2 and 0.20.0-beta.2 - SQL Injection
RHEL 7.0/7.1 - abrt/sosreport Local Root
Centos 7.1/Fedora 22 - abrt Local Root
30.11.2015
Bugtraq
LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection 2015-11-30
advisories (advisories lsexperts de)
Proftpd 1.3.5a LATEST (0-day) Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Belkin N150 Wireless Home Router Multiple Vulnerabilities 2015-11-30
Rahul Pratap Singh (techno rps gmail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-29
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-29
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Audit Report. 2015-11-29
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
lem nikolas gmail com
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
aiscorp gives greetz com
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
[FD] Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) 2015-11-27
Manuel Mancera (mmancera a2secure com)
[SECURITY] [DSA 3407-1] dpkg security update 2015-11-26
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Support | 29th November 2015 |
FWD: PLEASE VERIFY YOUR | |
PayPal | 29th November 2015 |
IMMO USA | 29th November 2015 |
Pay.service | 28th November 2015 |
Support | 28th November 2015 |
FWD: PLEASE VERIFY YOUR | |
auto-confirm@amazon.com | 28th November 2015 |
Keshan S. Watson | 28th November 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Easy File Sharing Web Server 7.2 - Remote SEH Buffer Overflow (DEP Bypass with ROP)
HumHub 0.11.2 and 0.20.0-beta.2 - SQL Injection
27.11.2015
Bugtraq
[FD] Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) 2015-11-27
Manuel Mancera (mmancera a2secure com)
[SECURITY] [DSA 3407-1] dpkg security update 2015-11-26
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3405-1] smokeping security update 2015-11-25
Florian Weimer (fw deneb enyo de)
[SECURITY] [DSA 3406-1] nspr security update 2015-11-25
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3404-1] python-django security update 2015-11-25
Salvatore Bonaccorso (carnil debian org)
CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability 2015-11-25
Vulnerability Lab (research vulnerability-lab com)
Malware
VBA/TrojanDownloader.Agent.AJD
VBA/TrojanDownloader.Agent.AJH
Phishing
NATWEST | 26th November 2015 |
Amazon | 26th November 2015 |
Vulnerebility
SANS News
Known ?Good? DNS, An Observation
Threatpost
Exploit
26.11.2015
Bugtraq
[SECURITY] [DSA 3407-1] dpkg security update 2015-11-26
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3405-1] smokeping security update 2015-11-25
Florian Weimer (fw deneb enyo de)
[SECURITY] [DSA 3406-1] nspr security update 2015-11-25
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3404-1] python-django security update 2015-11-25
Salvatore Bonaccorso (carnil debian org)
CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability 2015-11-25
Vulnerability Lab (research vulnerability-lab com)
[security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25
security-alert hpe com
[security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25
security-alert hpe com
[slackware-security] pcre (SSA:2015-328-01) 2015-11-25
Slackware Security Team (security slackware com)
Malware
TrojanSpy:Win32/Nivdort.CD
TrojanSpy:Win32/Nivdort.CC
Phishing
Amazon | 26th November 2015 |
Virgin Media | 26th November 2015 |
Chase(SM)online.active.card@co | 26th November 2015 |
Chase Online | 26th November 2015 |
SUPPORT | 26th November 2015 |
Microsoft Team | 26th November 2015 |
email update | 25th November 2015 |
Sonya Owens | 25th November 2015 |
Vulnerebility
SANS News
Threatpost
Lenovo Patches Vulnerabilities in System Update Service
Exploit
Linux x86_64 Polymorphic execve Shellcode - 31 bytes
25.11.2015
Bugtraq
[SECURITY] [DSA 3404-1] python-django security update 2015-11-25
Salvatore Bonaccorso (carnil debian org)
CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability 2015-11-25
Vulnerability Lab (research vulnerability-lab com)
[security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25
security-alert hpe com
[security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25
security-alert hpe com
[slackware-security] pcre (SSA:2015-328-01) 2015-11-25
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3403-1] libcommons-collections3-java security update 2015-11-24
Moritz Muehlenhoff (jmm debian org)
ESA-2015-164: EMC Isilon OneFS Privilege Escalation Vulnerability 2015-11-24
Security Alert (Security_Alert emc com)
[SECURITY] [DSA 3402-1] symfony security update 2015-11-24
Salvatore Bonaccorso (carnil debian org)
Steam Weak File Permissions Privilege Escalation 2015-11-23
ajs swordshield com
CVE-2015-5255: SSRF vulnerability in Apache Flex BlazeDS 4.7.1 2015-11-23
Christofer Dutz (cdutz apache org)
Malware
Worm:Win32/Conficker.B!inf
Trojan:HTML/Pdfphish.A
VBA/TrojanDownloader.Agent.AJD
Phishing
Sonya Owens | 25th November 2015 |
Google Team | 24th November 2015 |
email update | 25th November 2015 |
Sonya Owens | 25th November 2015 |
Google Team | 24th November 2015 |
QuickBooks Online Payroll | 23rd November 2015 |
QuickBooks Payroll Services | 23rd November 2015 |
Vulnerebility
SANS News
Threatpost
Nuclear Exploit Kit Spreading Cryptowall 4.0 Ransomware
Exploit
SAP Sybase Adaptive Server Enterprise XML External Entity Information Disclosure Vulnerability
WP-Client 3.8.7 - Stored XSS Vulnerability
24.11.2015
Bugtraq
[SECURITY] [DSA 3402-1] symfony security update 2015-11-24
Salvatore Bonaccorso (carnil debian org)
Steam Weak File Permissions Privilege Escalation 2015-11-23
ajs swordshield com
Malware
Phishing
QuickBooks Online Payroll | 23rd November 2015 |
QuickBooks Payroll Services | 23rd November 2015 |
Vulnerebility
SANS News
Threatpost
Backdoor In A Backdoor Identified in 600,000 Arris Modems
Stealthy GlassRAT Spies on Commercial Targets
Exploit
Windows ndis.sys IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) - Pool Buffer Overflow (MS15-117)
Windows Cursor Object Potential Memory Leak (MS15-115)
Windows Race Condition DestroySMWP Use-After-Free (MS15-115)
Windows Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)
Joomla Content History SQLi Remote Code Execution
vBulletin 5.x - Remote Code Execution Exploit
NVIDIA Stereoscopic 3D Driver Service 7.17.13.5382 - Arbitrary Run Key Creation
23.11.2015
Bugtraq
Steam Weak File Permissions Privilege Escalation 2015-11-23
ajs swordshield com
CVE-2015-5255: SSRF vulnerability in Apache Flex BlazeDS 4.7.1 2015-11-23
Christofer Dutz (cdutz apache org)
[ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE 2015-11-23
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-019] SAP Afaria - Stored XSS 2015-11-23
ERPScan inc (erpscan online gmail com)
[FD] Celoxis <= 9.5 - Cross Site Scripting (XSS) 2015-11-23
Manuel Mancera (mmancera a2secure com)
[ERPSCAN-15-020] SAP Mobile Platform 2.3 - XXE in application import 2015-11-23
ERPScan inc (erpscan online gmail com)
Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-22
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd v1.3.5a ZERODAY - Malloc issues Advanced Information Security Corporation 2015-11-22
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-22
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-22
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd ZERODAY - Malloc issues Advanced Information Security Corporation 2015-11-22
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-23
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-23
Nicholas Lemonias. (lem nikolas googlemail com)
Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android 2015-11-20
Shazron (shazron apache org)
Malware
Trojan:Win32/Gatak
TrojanDropper:MSIL/Fatext.A
Phishing
paypal | 23rd November 2015 |
Pay'Pal@Services.com | 23rd November 2015 |
Mail System Administrator | 22nd November 2015 |
service@intl.paypal | 22nd November 2015 |
NOTE : TEAM PAYPAL YOU HAVE A | |
Vulnerebility
SANS News
Threatpost
Starwood Hotel Chain Hit By Point of Sale Malware
Exploit
vBulletin 5.x - Remote Code Execution Exploit
Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption Vulnerability
Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption Vulnerability
Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption Vulnerability 2
Audacious 3.7 - ID3 Local Crash PoC
22.11.2015
Bugtraq
Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android 2015-11-20
Shazron (shazron apache org)
Fwd: CVE-2015-5256: Apache Cordova vulnerable to improper application of whitelist restrictions 2015-11-20
Shazron (shazron apache org)
[SECURITY] [DSA 3400-1] lxc security update 2015-11-19
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBUX03522 SSRT102942 rev.1 - HP-UX BIND running named, Remote Denial of Service (DoS) 2015-11-19
security-alert hpe com
NEW VMSA-2015-0008 - VMware product updates address information disclosure issue 2015-11-19
VMware Security Response Center (security vmware com)
Malware
Phishing
PayPal | 22nd November 2015 |
PayPal | 22nd November 2015 |
National | 20th November 2015 |
rolando moreno palos | 20th November 2015 |
Vulnerebility
SANS News
Threatpost
German Government Audits TrueCrypt
VMware Patches Pesky XXE Bug in Flex BlazeDS
Exploit
20.11.2015
Bugtraq
[SECURITY] [DSA 3400-1] lxc security update 2015-11-19
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBUX03522 SSRT102942 rev.1 - HP-UX BIND running named, Remote Denial of Service (DoS) 2015-11-19
security-alert hpe com
Malware
TrojanDownloader:MSIL/Genmaldow.A
TrojanDownloader:MSIL/Pstinb.E
TrojanDownloader:MSIL/Pstinb.J
Phishing
rolando moreno palos | 20th November 2015 |
Dr. | 19th November 2015 |
Royal Bank | 19th November 2015 |
**Online Banking (Wire | |
Vulnerebility
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77192
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4881 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77159
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77148
Adobe LiveCycle Data Services CVE-2015-3269 XML External Entity Information Disclosure Vulnerability
2015-11-19
http://www.securityfocus.com/bid/76394
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74083
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74072
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-11-19
http://www.securityfocus.com/bid/73684
Google Chrome Prior to 44.0.2403.89 Multiple Security Vulnerabilities
2015-11-19
http://www.securityfocus.com/bid/75973
IBM HTTP Server CVE-2015-4947 Stack Buffer Overflow Vulnerability
2015-11-19
http://www.securityfocus.com/bid/76658
Apache HTTP Server CVE-2015-3183 Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/75963
IBM SDK CVE-2015-1914 Sandbox Security Bypass Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74645
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74119
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-0491 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74094
SANS News
Threatpost
Exploit
F5 iControl iCall::Script Root Command Execution
Chkrootkit Local Privilege Escalation
ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities
ZTE ZXHN H108N R1A, ZXV10 W300 Routers - Multiple Vulnerabilities
Cambium ePMP 1000 - Multiple Vulnerabilities
Netwin SurgeFTP Sever 23d6 - Stored Cross Site Scripting Vulnerabilities.
19.11.2015
Bugtraq
[security bulletin] HPSBUX03522 SSRT102942 rev.1 - HP-UX BIND running named, Remote Denial of Service (DoS) 2015-11-19
security-alert hpe com
NEW VMSA-2015-0008 - VMware product updates address information disclosure issue 2015-11-19
VMware Security Response Center (security vmware com)
CVE-2015-8131: Kibana CSRF vulnerability 2015-11-18
Kevin Kluge (kevin elastic co)
IBM i Access Buffer Overflow Code DOS CVE-2015-7422 2015-11-18
apparitionsec gmail com
IBM i Access Buffer Overflow Code Exec CVE-2015-2023 2015-11-18
apparitionsec gmail com
[security bulletin] HPSBGN03521 rev.2 - HP Operations Orchestration Central, Cross-Site Request Forgery (CSRF) 2015-11-18
security-alert hpe com
[SECURITY] [DSA 3399-1] libpng security update 2015-11-18
Salvatore Bonaccorso (carnil debian org)
RCE and SQL injection via CSRF in Horde Groupware 2015-11-18
High-Tech Bridge Security Research (advisory htbridge ch)
Malware
VBA/TrojanDownloader.Agent.AIU
VBA/TrojanDownloader.Agent.AIQ
VBA/TrojanDownloader.Agent.AIP
Phishing
Royal Bank | 19th November 2015 |
**Online Banking (Wire | |
Chase | 18th November 2015 |
Natwest Bank | 18th November 2015 |
VISA | 18th November 2015 |
Vulnerebility
SANS News
Actors using exploit kits - How they change tactics
Threatpost
VirusTotal Adds Sandbox Execution for OS X Apps
FBI Warns Public Officials of Doxing Threat
Exploit
IBM i Access 7.1 - Buffer Overflow Code Execution
F5 iControl iCall::Script Root Command Execution
Netwin SurgeFTP Sever 23d6 - Stored Cross Site Scripting Vulnerabilities.
Horde Groupware 5.2.10 - CSRF Vulnerability
WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload
SuperScan 4.1 - Scan Hostname/IP Field Buffer Overflow
SuperScan 4.1 - Tools Hostname/IP/URL Field Buffer Overflow
SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field SEH Overflow
Sam Spade 1.14 - Decode URL Buffer Overflow Crash PoC
Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow
18.11.2015
Bugtraq
RCE and SQL injection via CSRF in Horde Groupware 2015-11-18
High-Tech Bridge Security Research (advisory htbridge ch)
Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability 2015-11-18
Vulnerability Lab (research vulnerability-lab com)
[security bulletin] HPSBGN03521 rev.1 - HP Operations Orchestration Central, Cross-Site Request Forgery (CSRF) 2015-11-17
security-alert hpe com
WordPress Users Ultra Plugin [Unrestricted File Upload] 2015-11-17
pan vagenas gmail com
ESA-2015-163: EMC VPLEX Sensitive Information Exposure Vulnerability 2015-11-17
Security Alert (Security_Alert emc com)
Open-Xchange Security Advisory 2015-11-17 2015-11-17
Martin Heiland (martin heiland lists open-xchange com)
Malware
TrojanDownloader:MSIL/Banload.AJ
Rogue:MSIL/Rustliver
TrojanProxy:Win32/Bunitu.N
PWS:HTML/Phish.GK
TrojanDownloader:Win32/Banload.BFP
TrojanDownloader:Win32/Banload.BFN
Trojan:Win32/Zlader.A
TrojanDropper:JS/Zlader.B
Trojan:Win32/Anaki.A
Phishing
VISA | 18th November 2015 |
Cindy Mclaughlin | 17th November 2015 |
USAA Member Service © 2015 | 17th November 2015 |
iTunes Store | 17th November 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75823
Adobe Acrobat and Reader APSB15-24 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2015-11-18
http://www.securityfocus.com/bid/77068
Oracle Java SE CVE-2015-4729 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75892
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-2619 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75881
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-2637 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75883
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75861
Oracle Java SE CVE-2015-2664 Local Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75857
Oracle Java SE CVE-2015-4736 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75850
Oracle Java SE CVE-2015-4731 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75812
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75784
IBM SDK Java Security Components CVE-2015-1931 Local Information Disclosure Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75985
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-2613 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75871
Oracle Java SE CVE-2015-2638 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75833
Adobe Flash Player and AIR APSB15-25 Multiple Unspecified Memory Corruption Vulnerabilities
2015-11-18
http://www.securityfocus.com/bid/77065
Adobe Flash Player and AIR CVE-2015-7662 Security Bypass Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77535
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77063
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77116
Adobe Flash Player and AIR CVE-2015-7659 Remote Code Execution Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77534
Adobe Flash Player CVE-2015-7647 Unspecified Remote Code Execution Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77115
Adobe Flash Player and AIR CVE-2015-5569 Unspecified Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77060
Adobe Flash Player and AIR APSB15-25 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-11-18
http://www.securityfocus.com/bid/77061
Adobe Flash Player CVE-2015-7645 Unspecified Remote Code Execution Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77081
SANS News
Help Wanted: Please help test our experimental PFSense Client
Threatpost
Patched Libpng Vulnerabilities Have Limited Scope
Attackers Embracing Steganography to Hide Communication
Microsoft Cracks Down on Toolbars, Unsigned DLLs with Edge Update
Exploit
WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload
17.11.2015
Bugtraq
WordPress Users Ultra Plugin [Unrestricted File Upload] 2015-11-17
pan vagenas gmail com
ESA-2015-163: EMC VPLEX Sensitive Information Exposure Vulnerability 2015-11-17
Security Alert (Security_Alert emc com)
Open-Xchange Security Advisory 2015-11-17 2015-11-17
Martin Heiland (martin heiland lists open-xchange com)
Free WMA MP3 Converter - Buffer Overflow Exploit (SEH) 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
Murgent CMS - SQL Injection Vulnerability 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
Magento Bug Bounty #22 - (Profile) Persistent Vulnerability 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
Port Scan v2.0 iOS - Command Inject Vulnerability 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
LAN Scan HD v1.20 iOS - Command Inject Vulnerability 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
Malware
VBA/TrojanDownloader.Agent.AIM
Phishing
USAA Member Service © 2015 | 17th November 2015 |
iTunes Store | 17th November 2015 |
BTMail Administrator | 17th November 2015 |
Health Coverage UK | 16th November 2015 |
SunTrust Bank | 16th November 2015 |
Vulnerebility
SANS News
Automatic MIME attachments triage
Threatpost
Attackers Can Use SAP to Bridge Corporate, Operational ICS Networks
Google to Warn Recipients of Unencrypted Gmail Messages
Exploit
D-Link DIR-815, DIR-850L - SSDP Command Injection
D-Link DIR-890L/R - Multiple Buffer Overflow Vulnerabilities
D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities
D-Link DIR-825 (vC) - Multiple Vulnerabilities
D-Link DIR-818W - Multiple Vulnerabilities
D-Link DIR-817LW - Multiple Vulnerabilities
D-Link DIR-815 - Multiple Vulnerabilities
D-Link DIR-645 - Multiple UPNP Vulnerabilities
D-Link DIR-615 - Multiple Buffer Overflow Vulnerabilities
D-Link DIR-601 - Command Injection Vulnerability
D-Link DIR-880L - Multiple Buffer Overflow Vulnerabilities
D-Link DGL5500 - HNAP Buffer Overflow Vulnerability
ClipperCMS 1.3.0 - Code Execution Vulnerability
XCart 5.2.6 - Code Execution Vulnerability
Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload
Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload
VLC Web Interface 2.2.1 - Metadata Title XSS Vulnerability
D-link Wireless Router DIR-816L – CSRF Vulnerability
AlegroCart 1.2.8 - Multiple SQL Injection Vulnerabilities
AlegroCart 1.2.8 - LFI/RFI Vulnerability
ClipperCMS 1.3.0 - Multiple SQL Injection Vulnerabilities
foobar2000 1.3.9 - (.asx) Local Crash PoC
Sam Spade 1.14 - Browse URL Buffer Overflow PoC
foobar2000 1.3.9 - (.pls; .m3u; .m3u8) Local Crash PoC
foobar2000 1.3.9 - (.asx) Local Crash PoC
Windows Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based...
Windows Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer...
Kaspersky Antivirus - Certificate Handling Path Traversal
16.11.2015
Bugtraq
[SECURITY] [DSA 3398-1] strongswan security update 2015-11-16
Yves-Alexis Perez (corsac debian org)
CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability 2015-11-16
Matthew Flanagan (mattimustang gmail com)
SYSS-2015-061 Wirecard Checkout Page - Improper Validation of Integrity Check Value 2015-11-13
martin sturm syss de
Malware
Trojan:Win32/Varpes.J!plock
TrojanSpy:Win32/Nivdort.BV
TrojanSpy:Win32/Nivdort.BW
TrojanSpy:Win32/Nivdort.BX
TrojanDownloader:Win32/Banload.BFK
Phishing
SunTrust Bank | 16th November 2015 |
Online | 16th November 2015 |
PaypaI Service | 15th November 2015 |
Reminder: Your Paypal account | |
Vulnerebility
SANS News
Threatpost
Exploit
D-link Wireless Router DIR-816L – CSRF Vulnerability
CF Image Host 1.65 - CSRF Vulnerability
CF Image Host 1.65 - PHP Command Injection
TECO SG2 FBD Client 3.51 - .gfb SEH Overwrite Buffer Overflow Vulnerability
TECO TP3-PCLINK 2.1 - .tpc File Handling Buffer Overflow Vulnerability
TECO AP-PCLINK 1.094 - .tpc File Handling Buffer Overflow Vulnerability
x64 Linux egghunter in 24 bytes
TECO SG2 LAD Client 3.51 - .gen SEH Overwrite Buffer Overflow Exploit
TECO JN5 L510-DriveLink 1.482 - .lf5 SEH Overwrite Buffer Overflow Exploit
Sam Spade 1.14 - Browse URL Buffer Overflow PoC
15.11.2015
Bugtraq
OpenBSD package 'net-snmp' information disclosure 2015-11-12
Pierre Kim (pierre kim sec gmail com)
SYSS-2015-061 Wirecard Checkout Page - Improper Validation of Integrity Check Value 2015-11-13
martin sturm syss de
[security bulletin] HPSBGN03428 rev.3 - HP Asset Manager Web UI Client, Local Disclosure of Sensitive Information 2015-11-13
security-alert hpe com
Dlink DGL5500 Un-Authenticated Buffer overflow in HNAP functionality 2015-11-13
samhuntley84 gmail com
Dlink DIR-880L Buffer overflows in authenticatio and HNAP functionalities. 2015-11-13
samhuntley84 gmail com
Dlink DIR-601 Command injection in ping functionality 2015-11-13
samhuntley84 gmail com
Dlink DIR-645 UPNP Buffer Overflow 2015-11-13
samhuntley84 gmail com
Dlink DIR-815 Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
samhuntley84 gmail com
Dlink DIR-817LW Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
samhuntley84 gmail com
Dlink DIR-818W Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
samhuntley84 gmail com
Dlink DIR-615 Authenticated Buffer overflow in Ping and Send email functionality 2015-11-13
samhuntley84 gmail com
Dlink DIR-890L/R Buffer overflows in authentication and HNAP functionalities. 2015-11-13
samhuntley84 gmail com
Dlink DIR-825 (vC) Buffer overflows in authentication,HNAP and ping functionalities and also directory traversal issue exists 2015-11-13
samhuntley84 gmail com
Dlink DIR-880L Buffer overflows in authenticatio and HNAP functionalities. 2015-11-13
samhuntley84 gmail com
Dlink SSDP command injection using UDP for a lot of Dlink routers including DIR-815, DIR-850L 2015-11-13
samhuntley84 gmail com
Dlink DIR-866L Buffer overflows in HNAP and send email functionalities 2015-11-13
samhuntley84 gmail com
CF Image Host XSS 2015-11-14
apparitionsec gmail com
CF Image Host CSRF 2015-11-14
apparitionsec gmail com
CF Image Host PHP Command Injection 2015-11-14
apparitionsec gmail com
PHP Address Book SQL Injection Vulnerability 2015-11-14
Rahul Pratap Singh (techno rps gmail com)
[SECURITY] [DSA 3208-2] freexl regression update 2015-11-14
Salvatore Bonaccorso (carnil debian org)
/tmp race condition in IBM Installation Manager V1.8.1 install script 2015-11-14
larry0 me com
D-link wireless router DIR-816L Cross-Site Request Forgery (CSRF) vulnerability 2015-11-14
bhadresh patel helpag com
[slackware-security] seamonkey (SSA:2015-318-01) 2015-11-15
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Researchers Discover Two New Strains of POS Malware
CSRF Flaw Patched in Popular Spring Social Core Library
Exploit
b374k Web Shell - CSRF Command Injection
13.11.2015
Bugtraq
OpenBSD package 'net-snmp' information disclosure 2015-11-12
Pierre Kim (pierre kim sec gmail com)
[SECURITY] [DSA 3395-2] krb5 security update 2015-11-12
Salvatore Bonaccorso (carnil debian org)
Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability 2015-11-11
Secunia Research (remove-vuln secunia com)
Malware
TrojanDownloader:MSIL/Dowjamal.A
SoftwareBundler:Win32/Xiazai
TrojanSpy:MSIL/Aconstel.A
TrojanDropper:MSIL/Fatext.A
PWS:Win32/Fareit.AG
Backdoor:Win32/Wencho.A
Phishing
HSBC Bank | 13th November 2015 |
Natwest Bank | 13th November 2015 |
Vulnerebility
SANS News
Google Reconnaissance, Sprinter-style
Threatpost
Tor: FBI Paid CMU $1 Million to De-Anonymize Users
Exploit Writing and Mitigation Going Hand in Hand
Exploit
b374k Web Shell - CSRF Command Injection
R-Scripts Vacation Rental Script 7R - Multiple Vulnerabilities
TACK 1.07 - Local Stack-Based Buffer Overflow
TUDU 0.82 - Local Stack-Based Buffer Overflow
Sam Spade 1.14 - S-Lang Command Field SEH Overflow
12.11.2015
Bugtraq
Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability 2015-11-11
Secunia Research (remove-vuln secunia com)
[security bulletin] HPSBGN03507 rev.2 - HP Arcsight Management Center, Arcsight Logger, Remote Cross-Site Scripting (XSS) 2015-11-10
security-alert hpe com
Malware
Backdoor:Win32/Wencho.A
PWS:MSIL/Stimilina.M
TrojanDownloader:MSIL/Genmaldow
VBA/TrojanDownloader.Agent.AFW
Phishing
Security Center Pay Pal | 12th November 2015 |
PayPal | 12th November 2015 |
Smith | 11th November 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
11.11.2015
Bugtraq
Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability 2015-11-11
Secunia Research (remove-vuln secunia com)
[security bulletin] HPSBGN03507 rev.2 - HP Arcsight Management Center, Arcsight Logger, Remote Cross-Site Scripting (XSS) 2015-11-10
security-alert hpe com
[SECURITY] [DSA 3397-1] wpa security update 2015-11-10
Salvatore Bonaccorso (carnil debian org)
Microsoft .NET Framework XSS / Elevation of Privilege CVE-2015-6099 2015-11-11
apparitionsec gmail com
[SECURITY] [DSA 3396-1] linux security update 2015-11-10
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3386-2] unzip regression update 2015-11-09
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:Win32/Banload.BFH
TrojanDownloader:Win32/Banload.BFI
TrojanDropper:Win32/Bancos.N
SoftwareBundler:Win32/Dowadmin
Phishing
National | 11th November 2015 |
PayPal | 11th November 2015 |
PayPal | 11th November 2015 |
Vulnerebility
SANS News
Threatpost
Critical Java Bug Extends to Oracle, IBM Middleware
Adobe Flash Update Includes Patches for 17 Vulnerabilities
Exploit
WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection
FBZX 2.10 - Local Stack-Based Buffer Overflow
Google AdWords API PHP client library <= 6.2.0 - Arbitrary PHP Code Execution
eBay Magento CE <= 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / DoS)
Google AdWords <= 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)
10.11.2015
Bugtraq
[SECURITY] [DSA 3396-1] linux security update 2015-11-10
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3386-2] unzip regression update 2015-11-09
Salvatore Bonaccorso (carnil debian org)
TestLink 1.9.14 CSRF Vulnerability 2015-11-08
Aravind (altoarun gmail com)
TestLink 1.9.14 Persistent XSS 2015-11-08
Aravind (altoarun gmail com)
[SECURITY] [DSA 3395-1] krb5 security update 2015-11-06
Salvatore Bonaccorso (carnil debian org)
[ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities 2015-11-06
Timothy Bish (tabish121 gmail com)
[slackware-security] mozilla-firefox (SSA:2015-310-01) 2015-11-06
Slackware Security Team (security slackware com)
Malware
TrojanSpy:Win32/Nivdort.BU
Trojan:JS/Kovter.A
Phishing
AOL | 10th November 2015 |
Microsoft | 9th November 2015 |
Fw: new message Date: Fri, 6 | |
Vulnerebility
SANS News
Threatpost
Comodo Issues Eight Forbidden Certificates
Exploit
Wordpress Ajax Load More PHP Upload Vulnerability
Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems
Jenkins 1.633 - Unauthenticated Credential Recovery
YESWIKI 0.2 - Path Traversal Vulnerability
9.11.2015
Bugtraq
TestLink 1.9.14 CSRF Vulnerability 2015-11-08
Aravind (altoarun gmail com)
TestLink 1.9.14 Persistent XSS 2015-11-08
Aravind (altoarun gmail com)
[SECURITY] [DSA 3395-1] krb5 security update 2015-11-06
Salvatore Bonaccorso (carnil debian org)
[ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities 2015-11-06
Timothy Bish (tabish121 gmail com)
[slackware-security] mozilla-firefox (SSA:2015-310-01) 2015-11-06
Slackware Security Team (security slackware com)
[slackware-security] mozilla-nss (SSA:2015-310-02) 2015-11-06
Slackware Security Team (security slackware com)
Malware
Trojan:Win32/Peals.D!plock
Trojan:Win32/Deefy!plock
Worm:Win32/Vitchit.A
Worm:Win32/Mothyfil.B
PWS:MSIL/Stimilini.T
Phishing
Wells Fargo Online | 8th November 2015 |
National | 8th November 2015 |
PayPal Team | 8th November 2015 |
service@paypal.intl.com | 8th November 2015 |
Vulnerebility
SANS News
Threatpost
High-Risk SAP HANA Vulnerabilities Patched
ProtonMail Back Online Following Six-Day DDoS Attack
Exploit
Arris TG1682G Modem - Stored XSS Vulnerability
Wordpress Ajax Load More PHP Upload Vulnerability
TestLink 1.9.14 - CSRF Vulnerability
POP Peeper 4.0.1 - SEH Over-Write
FreeType 2.6.1 TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read
7.11.2015
Bugtraq
[SECURITY] [DSA 3395-1] krb5 security update 2015-11-06
Salvatore Bonaccorso (carnil debian org)
[ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities 2015-11-06
Timothy Bish (tabish121 gmail com)
[slackware-security] mozilla-firefox (SSA:2015-310-01) 2015-11-06
Slackware Security Team (security slackware com)
[slackware-security] mozilla-nss (SSA:2015-310-02) 2015-11-06
Slackware Security Team (security slackware com)
Malware
Phishing
PayPal Team | 8th November 2015 |
service@paypal.intl.com | 8th November 2015 |
service@paypal.intl.com | 7th November 2015 |
Amazon | 7th November 2015 |
PayPal | 7th November 2015 |
Vulnerebility
SANS News
Threatpost
Microsoft Considers Earlier SHA-1 Deprecation Deadline
Advantech Clears Hard-Coded SSH Keys from EKI Switches
Exploit
Cryptocat Arbitrary Script Injection Vulnerability
QNap QVR Client 5.1.0.11290 - Crash PoC
6.11.2015
Bugtraq
CVE-2015-5378 2015-11-06
Suyog Rao (suyog elastic co)
CVE-2015-5619 2015-11-06
Suyog Rao (suyog elastic co)
NXFilter v3.0.3 Persistent / Reflected XSS 2015-11-06
apparitionsec gmail com
NXFilter v3.0.3 CSRF 2015-11-06
apparitionsec gmail com
Elasticsearch vulnerability CVE-2015-4165 2015-11-06
Kevin Kluge (kevin elastic co)
[SECURITY] [DSA 3394-1] libreoffice security update 2015-11-05
Moritz Muehlenhoff (jmm debian org)
Elasticsearch vulnerability CVE-2015-5377 2015-11-05
Kevin Kluge (kevin elastic co)
SEC Consult SA-20151105-0 :: Insecure default configuration in Ubiquiti Networks products 2015-11-05
SEC Consult Vulnerability Lab (research sec-consult com)
[security bulletin] HPSBGN03519 rev.1 - HP Project and Portfolio Management Center, Remote Disclosure of Information 2015-11-04
security-alert hpe com
[SECURITY] [DSA 3393-1] iceweasel security update 2015-11-04
Moritz Muehlenhoff (jmm debian org)
Malware
Backdoor:Win32/Bayrob.B
TrojanClicker:Win32/Clikug.F
Win32/Sarento
TrojanSpy:MSIL/Yakbeex.D
Trojan:Win32/Patched.AO
TrojanDownloader:MSIL/Pstinb.F
Phishing
PayPal | 6th November 2015 |
Dr. Watsons | 5th November 2015 |
PayPal Service | 5th November 2015 |
PayPal | 5th November 2015 |
PayPal ! | 5th November 2015 |
PayPal Team | 5th November 2015 |
Vulnerebility
SANS News
Tracking HTTP POST data with ELK
Threatpost
Mozilla Embraces Private Browsing with Tracking Protection in Firefox 42
Updated Cryptowall Encrypts File Names, Mocks Victims
Exploit
Cryptocat Arbitrary Script Injection Vulnerability
Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution
NXFilter 3.0.3 - CSRF Vulnerabilities
NXFilter 3.0.3 - Multiple XSS Vulnerabilities
5.11.2015
Bugtraq
[SECURITY] [DSA 3393-1] iceweasel security update 2015-11-04
Moritz Muehlenhoff (jmm debian org)
Cisco Security Advisory: Cisco Web Security Appliance Certificate Generation Command Injection Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Mobility Services Engine Privilege Escalation Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Mobility Services Engine Static Credential Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Email Security Appliance Anti-Spam Scanner Bypass Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Email Security Appliance Email Scanner Denial of Service Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Web Security Appliance Range Request Denial of Service Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Web Security Appliance Cache Reply Denial of Service Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco AsyncOS TCP Flood Denial of Service Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[KIS-2015-10] Piwik <= 2.14.3 (DisplayTopKeywords) PHP Object Injection Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
[KIS-2015-09] Piwik <= 2.14.3 (viewDataTable) Autoloaded File Inclusion Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
[KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
[KIS-2015-08] ATutor <= 2.2 (edit_marks.php) PHP Code Injection Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
[KIS-2015-06] ATutor <= 2.2 (confirm.php) Session Variable Overloading Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
[KIS-2015-05] ATutor <= 2.2 (Custom Course Icon) Unrestricted File Upload Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED] 2015-11-04
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 3392-1] freeimage security update 2015-11-04
Sebastien Delafond (seb debian org)
Malware
TrojanDownloader:MSIL/Banload.AH
TrojanDownloader:MSIL/Banload.AD
Phishing
PayPal | 5th November 2015 |
PayPal ! | 5th November 2015 |
PayPal Team | 5th November 2015 |
Paul Hindle | 5th November 2015 |
PayPal | 5th November 2015 |
Halifax | 5th November 2015 |
ROYAL BANK OF SCOTLAND® | 5th November 2015 |
*******Online Banking (Wire | |
PayPal | 5th November 2015 |
Vulnerebility
SANS News
Threatpost
Shuanet Adware Rooting Android Devices Via Trojanized Apps - See more at: https://threatpost.com/#sthash.Ox1iuvx1.dpuf
Chinese Mobile Ad Library Backdoored to Spy on iOS Devices
New Tinba Variant Seen Targeting Russian, Japanese Banks
Exploit
Cryptocat Arbitrary Script Injection Vulnerability
vBulletin 5.1.x - PreAuth 0day Remote Code Execution Exploit
OpenSSL Alternative Chains Certificate Forgery
4.11.2015
Bugtraq
FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED] 2015-11-04
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 3392-1] freeimage security update 2015-11-04
Sebastien Delafond (seb debian org)
[security bulletin] HPSBGN03429 rev.2 - HP Arcsight Logger, Remote Disclosure of Information 2015-11-03
security-alert hpe com
[security bulletin] HPSBGN03425 rev.1 - HP ArcSight SmartConnectors, Remote Disclosure of Information, Local Escalation of Privilege 2015-11-03
security-alert hpe com
[security bulletin] HPSBGN03430 rev.1 - HP ArcSight products, Local Elevation of Privilege 2015-11-03
security-alert hpe com
[SECURITY] [DSA 3391-1] php-horde security update 2015-11-03
Florian Weimer (fw deneb enyo de)
[security bulletin] HPSBGN03386 rev.2 - HP Central View Fraud Risk Management, Revenue Leakage Control, Dealer Performance Audit, Credit Risk Control, Roaming Fraud Control, Subscription Fraud Prevention, Remote Disclosure of Information, Local Disclosure 2015-11-03
security-alert hpe com
[security bulletin] HPSBGN03426 rev.1 - HP Mobility Software, Remote Execution of Arbitrary Code 2015-11-02
security-alert hpe com
[SECURITY] [DSA 3355-2] libvdpau regression update 2015-11-02
Alessandro Ghedini (ghedo debian org)
Malware
Win32/Upatre
TrojanDropper:O97M/Farheyt.A
TrojanDownloader:Win32/Banload.BFB
Phishing
PayPaI Service | 4th November 2015 |
Royal Bank | 4th November 2015 |
*******Online Banking (Wire | |
RBC Royal Bank | 2nd November 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77192
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4881 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77159
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77126
HP Vertica CVE-2015-6867 Remote Code Execution Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77405
Microsoft Windows Object Reference CVE-2015-2554 Local Privilege Escalation Vulnerability
2015-11-03
http://www.securityfocus.com/bid/76998
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77242
Xen CVE-2015-7835 Privilege Escalation Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77366
Oracle Java SE CVE-2015-4871 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77238
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-11-03
http://www.securityfocus.com/bid/72325
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77287
NTP CVE-2015-7702 Incomplete Fix Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77286
Network Time Protocol 'ntpq.c' Memory Corruption Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77288
NTP CVE-2015-7692 Incomplete Fix Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77285
Network Time Protocol CVE-2015-7703 Arbitrary File Overwrite Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77278
NTP CVE-2015-7691 Incomplete Fix Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77274
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77280
SANS News
Threatpost
Google Project Zero Turns Over 11 Bugs in Galaxy S6 Edge
Updated XcodeGhost Adds iOS9 Support
PageFair Hack Serves Up Fake Flash Update to 500 Sites
Exploit
vBulletin 5 PreAuth Remote Code Execution
FreeType 2.6.1 TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads
3.11.2015
Bugtraq
[security bulletin] HPSBGN03426 rev.1 - HP Mobility Software, Remote Execution of Arbitrary Code 2015-11-02
security-alert hpe com
[SECURITY] [DSA 3355-2] libvdpau regression update 2015-11-02
Alessandro Ghedini (ghedo debian org)
[security bulletin] HPSBMU03518 rev.1 - HP Vertica, Remote Code Execution 2015-11-02
security-alert hpe com
[SECURITY] [DSA 3390-1] xen security update 2015-11-02
Salvatore Bonaccorso (carnil debian org)
CVE-2015-7326 (XXE vulnerability in Milton Webdav) 2015-11-02
0ang3el gmail com
Accentis Content Resource Management System - XSS 2015-11-02
GalaxyCVEcollector gmail com
Accentis Content Resource Management System - SQL 2015-11-02
GalaxyCVEcollector gmail com
Malware
Win32/TrojanDownloader.Bredolab.CB
Phishing
RBC Royal Bank | 2nd November 2015 |
PayPal service | 2nd November 2015 |
IMPORTANT - WE NOTICED UNUSUAL | |
Vulnerebility
QEMU PRDT Data Handling Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73316
QEMU Realtek rtl8139 Model CVE-2015-5165 Information Disclosure Vulnerability
2015-11-03
http://www.securityfocus.com/bid/76153
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-11-03
http://www.securityfocus.com/bid/74733
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75158
OpenSSL 'ssleay_rand_bytes()' Function Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75219
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-11-03
http://www.securityfocus.com/bid/73684
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73225
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73232
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73237
Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/74475
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73227
Apache Struts CVE-2015-1831 Security Bypass Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75940
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75161
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/74111
Linux Kernel 'x86/entry/entry_64.S' Local Privilege Escalation Vulnerability
2015-11-03
http://www.securityfocus.com/bid/76004
Linux Kernel Multiple Remote Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75510
Linux Kernel 'fs/pipe.c' Multiple Local Memory Corruption Vulnerabilities
2015-11-03
http://www.securityfocus.com/bid/74951
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-11-03
http://www.securityfocus.com/bid/76317
Libxml2 CVE-2015-1819 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75570
jabberd CVE-2015-2059 Out of Bounds Read Memory Corruption Vulnerability
2015-11-03
http://www.securityfocus.com/bid/72736
Google Chrome Prior to 44.0.2403.89 Multiple Security Vulnerabilities
2015-11-03
http://www.securityfocus.com/bid/75973
Apache HTTP Server CVE-2015-3183 Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75963
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75154
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75156
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75157
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75895
GNU glibc 'getaddrinfo.c' Remote Code Execution Vulnerability
2015-11-03
http://www.securityfocus.com/bid/72710
SANS News
Enhancing pentesting recon with nmap
Threatpost
Latest EMET Bypass Targets WoW64 Windows Subsystem
Vulnerability Identified in Genomic Data Sharing Network
Exploit
Samsung Galaxy S6 Samsung Gallery - GIF Parsing Crash
Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption
Samsung Galaxy S6 - libQjpeg DoIntegralUpsample Crash
Samsung Galaxy S6 - Samsung Gallery Bitmap Decoding Crash
Samsung libQjpeg Image Decoding Memory Corruption
Python 2.7 hotshot Module - pack_string Heap Buffer Overflow
Python 2.7 array.fromstring Method - Use After Free
Python 2.7 strop.replace() Method - Integer Overflow
Python 3.3 - 3.5 product_setstate() Function - Out-of-bounds Read
actiTIME 2015.2 - Multiple Vulnerabilities
Sam Spade 1.14 - (Crawl website) Buffer OverFlow
Sam Spade 1.14 - (Scan Addresses) Buffer Overflow Exploit
TCPing 2.1.0 - Buffer Overflow
2.11.2015
Bugtraq
CVE-2015-7326 (XXE vulnerability in Milton Webdav) 2015-11-02
0ang3el gmail com
Accentis Content Resource Management System - XSS 2015-11-02
GalaxyCVEcollector gmail com
Accentis Content Resource Management System - SQL 2015-11-02
GalaxyCVEcollector gmail com
Cross-Site Scripting | Zeuscart V4 2015-11-02
ITAS Team (itas team itas vn)
[SECURITY] [DSA 3389-1] elasticsearch end-of-life 2015-11-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3381-2] openjdk-7 security update 2015-11-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3388-1] ntp security update 2015-11-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3387-1] openafs security update 2015-11-01
Florian Weimer (fw deneb enyo de)
TCPing 2.1.0 Buffer Overflow 2015-11-01
apparitionsec gmail com
[SECURITY] [DSA 3386-1] unzip security update 2015-10-31
Laszlo Boszormenyi \(GCS\) (gcs debian org)
[SECURITY] [DSA 3385-1] mariadb-10.0 security update 2015-10-31
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
PayPal service | 2nd November 2015 |
IMPORTANT - WE NOTICED UNUSUAL | |
Security Apple | 1st November 2015 |
AOL | 1st November 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
30.10.2015
Bugtraq
[slackware-security] jasper (SSA:2015-302-02) 2015-10-29
Slackware Security Team (security slackware com)
PHP Server Monitor 3.1.1 Privilege Escalation 2015-10-30
apparitionsec gmail com
PHP Server Monitor 3.1.1 CSRF 2015-10-30
apparitionsec gmail com
[slackware-security] curl (SSA:2015-302-01) 2015-10-29
Slackware Security Team (security slackware com)
[slackware-security] ntp (SSA:2015-302-03) 2015-10-29
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3384-1] virtualbox security update 2015-10-29
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3383-1] wordpress security update 2015-10-29
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3332-2] wordpress regression update 2015-10-29
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Brayden | 30th October 2015 |
MRS. JODI REULAND | 30th October 2015 |
Ofornelas-F R_E..E..___A-C | |
Yahoo.com | 29th October 2015 |
Vulnerebility
SANS News
Threatpost
Web Hosting Service 000webhost Hacked, Information of 13 Million Leaked
Exploit
Sam Spade 1.14 - Scan From IP Address Field SEH Overflow Crash PoC
PHP Server Monitor 3.1.1- Multiple CSRF Vulnerabilities
PHP Server Monitor 3.1.1- CSRF Privilege Escalation
eBay Magento <= 1.9.2.1 - PHP FPM XML eXternal Entity Injection
Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution
Pligg CMS 2.0.2 - Multiple SQL Injection Vulnerabilities
Pligg CMS 2.0.2 - Directory Traversal
Pligg CMS 2.0.2 - CSRF Code Execution
AIX 7.1 - lquerylv Local Privilege Escalation
Oxwall 1.7.4 - CSRF Vulnerability
29.10.2015
Bugtraq
[ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
Cross-Site Request Forgery on Oxwall 2015-10-29
High-Tech Bridge Security Research (advisory htbridge ch)
CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver 2015-10-29
Portcullis Advisories (advisories portcullis-security com)
CVE-2015-7724 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver 2015-10-29
Portcullis Advisories (advisories portcullis-security com)
[SECURITY] [DSA 3382-1] phpmyadmin security update 2015-10-28
Thijs Kinkhorst (thijs debian org)
Malware
VBA/TrojanDownloader.Agent.ADX
Win32/TrojanDownloader.Nymaim.AY
Phishing
paypal | 29th October 2015 |
Vulnerebility
SANS News
USB cleaning device for the masses
Threatpost
Rockwell Patches Serious ‘FrostyURL’ PLC Vulnerability
Exploit
Joomla JNews (com_jnews) Component 8.5.1 - SQL Injection
NetUSB Kernel Stack Buffer Overflow
28.10.2015
Bugtraq
Arbitrary code execution resp. escalation of privilege with Mozilla's SETUP.EXE 2015-10-28
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3381-1] openjdk-7 security update 2015-10-27
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3380-1] php5 security update 2015-10-27
Florian Weimer (fw deneb enyo de)
[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
Malware
Rogue:VBS/Trapwot
TrojanProxy:MSIL/Segyroxb.A
Trojan:JS/Iframeinject.AG
Phishing
PayPal | 28th October 2015 |
Vulnerebility
SANS News
Threatpost
Fewer IPsec VPN Connections at Risk from Weak Diffie-Hellman
Exploit
Th3 MMA mma.php Backdoor Arbitrary File Upload
Samsung SecEmailUI Script Injection
JIRA and HipChat for JIRA Plugin Velocity Template Injection Vulnerability
Sagem FAST3304-V2 - Authentication Bypass
Samsung m2m1shot Kernel Driver Buffer Overflow
Samsung seiren Kernel Driver Buffer Overflow
Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw
Samsung SecEmailComposer QUICK_REPLY_BACKGROUND Permissions Weakness
27.10.2015
Bugtraq
[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
MacOS X 10.11 hardlink bomb cause resource exhaustion (Avast PoC) 2015-10-26
submit cxsec org
MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow 2015-10-26
submit cxsec org
Secunia Research: Oracle Outside In Two Buffer Overflow Vulnerabilities 2015-10-26
Secunia Research (remove-vuln secunia com)
Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability 2015-10-26
Secunia Research (remove-vuln secunia com)
FreeBSD Security Advisory FreeBSD-SA-15:25.ntp 2015-10-26
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
SoftwareBundler:Win32/Zubtui.A
Backdoor:Win32/Xtrat.Q
TrojanDownloader:Win32/Captorveen.B
PWS:MSIL/Stimilini.S
Trojan:Win32/Tulim.B!plock
Trojan:Win32/Spallowz.A!plock
Phishing
PayPaI | 27th October 2015 |
MRS. LUCILA LAMME | 27th October 2015 |
Vulnerebility
Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
2015-10-26
http://www.securityfocus.com/bid/76194
IBM WebSphere Application Server CVE-2015-1885 Remote Privilege Escalation Vulnerability
2015-10-26
http://www.securityfocus.com/bid/74219
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-10-26
http://www.securityfocus.com/bid/76249
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/76092
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75157
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75154
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75890
Symantec Endpoint Protection Manager CVE-2015-1489 Remote Privilege Escalation Vulnerability
2015-10-26
http://www.securityfocus.com/bid/76078
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73237
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73225
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73232
Symantec Endpoint Protection Manager CVE-2015-1486 Authentication Bypass Vulnerability
2015-10-26
http://www.securityfocus.com/bid/76074
Cisco Adaptive Security Appliance (ASA) Software CVE-2015-6325 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/77260
Python 'bufferobject.c' Integer Overflow Vulnerability
2015-10-26
http://www.securityfocus.com/bid/70089
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73326
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-10-26
http://www.securityfocus.com/bid/71936
Cisco Adaptive Security Appliance (ASA) Software CVE-2015-0578 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/72718
Apple Mac OS X Multiple Privilege Escalation Vulnerabilities
2015-10-26
http://www.securityfocus.com/bid/76421
Elasticsearch CVE-2015-5377 Remote Code Execution Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75938
Elasticsearch CVE-2015-5531 Directory Traversal Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75935
OpenSSL '/evp/encode.c' Remote Memory Corruption Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73228
IBM WebSphere Application Server CVE-2015-1927 Remote Privilege Escalation Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75486
OpenSSL CVE-2015-0291 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73235
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-10-26
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2015-0437 Remote Java SE Vulnerability
2015-10-26
http://www.securityfocus.com/bid/72146
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-10-26
http://www.securityfocus.com/bid/72136
FFmpeg CVE-2015-6761 Unspecified Memory Corruption Vulnerability
2015-10-26
http://www.securityfocus.com/bid/77073
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-10-26
http://www.securityfocus.com/bid/72140
SANS News
Threatpost
Novel NTP Attacks Roll Back Time
Yahoo Hires Bob Lord as its CISO
New Campaign Shows Dridex Active, Targeting French
Exploit
Th3 MMA mma.php Backdoor Arbitrary File Upload
Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation
Win10Pcap - Local Privilege Escalation Vulnerability
26.10.2015
Bugtraq
MacOS X 10.11 hardlink bomb cause resource exhaustion (Avast PoC) 2015-10-26
submit cxsec org
MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow 2015-10-26
submit cxsec org
Secunia Research: Oracle Outside In Two Buffer Overflow Vulnerabilities 2015-10-26
Secunia Research (remove-vuln secunia com)
Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability 2015-10-26
Secunia Research (remove-vuln secunia com)
FreeBSD Security Advisory FreeBSD-SA-15:25.ntp 2015-10-26
FreeBSD Security Advisories (security-advisories freebsd org)
AlienVault OSSIM 4.3 CSRF 2015-10-26
mohammadreza mohajerani gmail com
AlienVault OSSIM 4.3 CSRF vulnerability report 2015-10-25
mohammadreza mohajerani gmail com
[SECURITY] [DSA 3379-1] miniupnpc security update 2015-10-25
Salvatore Bonaccorso (carnil debian org)
Fwd: Timing attack vulnerability in most Zeus server-sides 2015-10-25
rotem kerner (nullfield gmail com)
[SECURITY] [DSA 3377-1] mysql-5.5 security update 2015-10-24
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBGN03429 rev.1 - HP Arcsight Logger, Remote Disclosure of Information 2015-10-23
security-alert hp com
[security bulletin] HPSBGN03428 rev.1 - HP Asset Manager, Local Disclosure of Sensitive Information 2015-10-23
security-alert hp com
CVE-2015-6576: Bamboo - Deserialisation resulting in remote code execution 2015-10-23
David Black (dblack atlassian com)
Malware
PWS:MSIL/Stimilina.G
PWS:MSIL/Stimilina.H
PWS:MSIL/Stimilina.I
Win32/Upatre
Phishing
Holly Bass | 25th October 2015 |
Chase(SM)spalerts4secure3@comc | 25th October 2015 |
Apple | 25th October 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Windows 10 - pcap Driver Local Privilege Escalation
Alreader 2.5 .fb2 - SEH Based Stack Overflow (ASLR and DEP bypass)
Safari User-Assisted Applescript Exec Attack
23.10.2015
Bugtraq
CVE-2015-6576: Bamboo - Deserialisation resulting in remote code execution 2015-10-23
David Black (dblack atlassian com)
Re: TeamSpeak Client <= 3.0.18.1 RFI, Directory Traversal to RCE 2015-10-22
scurippio autistici org
SEC Consult SA-20151022-0 :: Lime Survey Multiple Critical Vulnerabilities 2015-10-22
SEC Consult Vulnerability Lab (research sec-consult com)
Re: TeamSpeak Client <= 3.0.18.1 RFI, Directory Traversal to RCE 2015-10-22
scurippio autistici org
TeamSpeak Client <= 3.0.18.1 RFI, Directory Traversal to RCE 2015-10-22
scurippio autistici org
Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 2015-10-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
APPLE-SA-2015-10-21-8 OS X Server 5.0.15 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-7 Xcode 7.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-5 iTunes 12.3.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
Malware
Adware:Win32/Doma
TrojanClicker:Win32/Buoveco.A
TrojanDownloader:Win32/Dowfeld.A
Phishing
PayPal | 23rd October 2015 |
You submitted an order | |
WEB | 22nd October 2015 |
MAINTENANCE MAIL-BOX YOUR | |
PayPal_ID 42310 | 22nd October 2015 |
Your account is limited now | |
Chase | 21st October 2015 |
APPLE INC. | 21st October 2015 |
Vulnerebility
SANS News
Threatpost
Joomla Update Patches Critical SQL Injection Vulnerability
Exploit
Realtyna RPL Joomla Extension 8.9.2 - Multiple SQL Injection Vulnerabilities
Realtyna RPL Joomla Extension 8.9.2 - Persistent XSS And CSRF Vulnerabilities
Subrion 3.X.X - Multiple Vulnerabilities
Beckhoff CX9020 CPU Module - Remote Code Execution Exploit
22.10.2015
Bugtraq
TeamSpeak Client <= 3.0.18.1 RFI, Directory Traversal to RCE 2015-10-22
scurippio autistici org
Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 2015-10-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
APPLE-SA-2015-10-21-8 OS X Server 5.0.15 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-7 Xcode 7.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-5 iTunes 12.3.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-3 Safari 9.0.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-2 watchOS 2.0.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-1 iOS 9.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco ASA Software VPN ISAKMP Denial of Service Vulnerability 2015-10-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco ASA Software DNS Denial of Service Vulnerability 2015-10-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability 2015-10-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability 2015-10-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)
SiteWIX - (edit_photo2.php id) SQL Injection Exploit 2015-10-21
ZoRLu Bugrahan (zorlu milw00rm com)
Malware
TrojanDownloader:Win32/Dowfeld.A
TrojanDropper:Win32/Soloniti.A
TrojanDownloader:BAT/Truvaeril.A
TrojanSpy:Win32/Banker.APB
Adware:Win32/Loones
TrojanSpy:MSIL/Omaneat.C
TrojanDownloader:Win32/Xeliam.A
Phishing
WEB | 22nd October 2015 |
MAINTENANCE MAIL-BOX YOUR | |
PayPal_ID 42310 | 22nd October 2015 |
Your account is limited now | |
Chase | 21st October 2015 |
Vulnerebility
SANS News
Compromised Magento sites led to Neutrino exploit kit
Threatpost
Google Moving Gmail to Strict DMARC Implementation
Custom Google App Engine Tweak Still Leads to Java Sandbox Escapes
Exploit
Beckhoff CX9020 CPU Module - Remote Code Execution Exploit
21.10.2015
Bugtraq
SiteWIX - (edit_photo2.php id) SQL Injection Exploit 2015-10-21
ZoRLu Bugrahan (zorlu milw00rm com)
[SE-2014-02] Google App Engine Java security sandbox bypasses (Issue 42) 2015-10-21
Security Explorations (contact security-explorations com)
[SECURITY] [DSA 3376-1] chromium-browser security update 2015-10-21
Michael Gilbert (mgilbert debian org)
[SECURITY] [DSA 3375-1] wordpress security update 2015-10-19
Yves-Alexis Perez (corsac debian org)
[SECURITY] [DSA 3374-1] postgresql-9.4 security update 2015-10-19
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:Win32/Xeliam.A
Phishing
APPLE INC. | 21st October 2015 |
MENS TOP SECRET GUIDE | 20th October 2015 |
Vulnerebility
SANS News
Threatpost
Microsoft Opens .NET Core, ASP.NET Bug Bounties
Let’s Encrypt Hits Another Free HTTPS Milestone
Academics Find Critical Flaws in Self-Encrypting Hardware Drives - See more at: https://threatpost.com/#sthash.7fFNlffq.dpuf
Academics Find Critical Flaws in Self-Encrypting Hardware Drives - See more at: https://threatpost.com/#sthash.7fFNlffq.dpuf
Exploit
Zpanel Remote Unauthenticated RCE
HandyPassword 4.9.3 - SEH Over-Write Exploit
20.10.2015
Bugtraq
[SECURITY] [DSA 3375-1] wordpress security update 2015-10-19
Yves-Alexis Perez (corsac debian org)
[SECURITY] [DSA 3374-1] postgresql-9.4 security update 2015-10-19
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3373-1] owncloud security update 2015-10-18
Salvatore Bonaccorso (carnil debian org)
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access 2015-10-16
ERPScan inc (erpscan online gmail com)
Events Made Easy WordPress plugin CSRF + Persistent XSS 2015-10-16
David Sopas (davidsopas gmail com)
Malware
DDoS:Win32/Flusihoc.A
TrojanDownloader:Win32/Upatre.CO
TrojanSpy:MSIL/Yakbeex.C
TrojanDownloader:MSIL/Fleendow.A
TrojanDownloader:Win32/Bamvleds.A
Phishing
PayPal | 20th October 2015 |
SGT MONICA L BROWN | 20th October 2015 |
Vulnerebility
SANS News
Threatpost
Apple to Remove 256 iOS Apps Using Private APIs, Collecting Personal Data
Exploit
19.10.2015
Bugtraq
[SECURITY] [DSA 3374-1] postgresql-9.4 security update 2015-10-19
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3373-1] owncloud security update 2015-10-18
Salvatore Bonaccorso (carnil debian org)
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access 2015-10-16
ERPScan inc (erpscan online gmail com)
Malware
Phishing
APPLE INC | 19th October 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Wordpress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability
Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow
Nibbleblog File Upload Vulnerability
Belkin Router N150 1.00.08, 1.00.09 - Path Traversal Vulnerability
Adobe Flash IExternalizable.writeExternal - Type Confusion
16.10.2015
Bugtraq
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access 2015-10-16
ERPScan inc (erpscan online gmail com)
Events Made Easy WordPress plugin CSRF + Persistent XSS 2015-10-16
David Sopas (davidsopas gmail com)
Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) 2015-10-16
Qualys Security Advisory (qsa qualys com)
[ISecAuditors Security Advisories] URL Open Redirect in Google generic TLD and ccTLD 2015-10-15
ISecAuditors Security Advisories (advisories isecauditors com)
APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 2015-10-15
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBOV03503 rev.1 - HP OpenVMS CSWS_JAVA running Tomcat, Multiple Remote Vulnerabilities 2015-10-15
security-alert hp com
[security bulletin] HPSBUX03512 SSRT102254 rev.1 - HP-UX Web Server Suite running Apache, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-10-15
security-alert hp com
Freemake Video Downloader 3.7.1 - Code Execution Vulnerability 2015-10-15
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability 2015-10-15
Vulnerability Lab (research vulnerability-lab com)
Malware
TrojanDownloader:Win32/Brucryp.C
PWS:MSIL/Petun
TrojanDownloader:Win32/Bagoox.A
TrojanClicker:Win32/Bagoox.A
DDoS:Win32/Nitol.K
Backdoor:Win32/Slingup.A
SoftwareBundler:Win32/InstallMonster
TrojanDownloader:Win32/Strumapine.A
Phishing
PAYPal info | 16th October 2015 |
HSBC Bank | 16th October 2015 |
PalyPal Support | 16th October 2015 |
Account Support | 16th October 2015 |
Vulnerebility
SANS News
Threatpost
WordPress Fixes Critical Stored XSS Error in Akismet
Latest Microsoft Transparency Report Details Content Removal Requests
Exploit
AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow
Linux x86_64 Bindshell with Password (92 bytes)
15.10.2015
Bugtraq
Freemake Video Downloader 3.7.1 - Code Execution Vulnerability 2015-10-15
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability 2015-10-15
Vulnerability Lab (research vulnerability-lab com)
Blat.exe v2.7.6 SMTP / NNTP Mailer Buffer Overflow 2015-10-14
apparitionsec gmail com
US DoD's Dc3dd v7.2.6 suffers from a Buffer Overflow vulnerability - Advanced Information Security Corporation - Zero Day Research 2015-10-14
Nicholas Lemonias. (lem nikolas googlemail com)
[CVE-2015-2552] Windows 8+ - Trusted Boot Security Feature Bypass Vulnerability 2015-10-14
Myria (myriachan gmail com)
[security bulletin] HPSBGN03515 rev.1 - HP Smart Profile Server Data Analytics Layer (SPS DAL), Remote Cross-Site-Scripting (XSS), Disclosure of Information 2015-10-13
security-alert hp com
Malware
Backdoor:Win32/Noancooe
Backdoor:Win32/Bergat.C
TrojanDownloader:Win32/Kalumino.A
SoftwareBundler:Win32/Coolnetry
TrojanDownloader:Win32/Hospizrox.A
TrojanDownloader:Win32/Redosdru
TrojanDownloader:Win32/Banload.BET
TrojanDownloader:MSIL/Banload.AB
TrojanDownloader:AutoIt/Banload.V
TrojanDownloader:AutoIt/Banload.T
Phishing
Exploit kit roundup: Less Angler, more Nuclear
Vulnerebility
SANS News
Google Patches Chrome, Changes Mixed Content Warnings
Law Enforcement Shuts Down Dridex Operation
Threatpost
Exploit
netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities
PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities
AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow
Blat.exe 2.7.6 SMTP / NNTP Mailer - Buffer Overflow
14.10.2015
Bugtraq
US DoD's Dc3dd v7.2.6 suffers from a Buffer Overflow vulnerability - Advanced Information Security Corporation - Zero Day Research 2015-10-14
Nicholas Lemonias. (lem nikolas googlemail com)
[CVE-2015-2552] Windows 8+ - Trusted Boot Security Feature Bypass Vulnerability 2015-10-14
Myria (myriachan gmail com)
[security bulletin] HPSBGN03515 rev.1 - HP Smart Profile Server Data Analytics Layer (SPS DAL), Remote Cross-Site-Scripting (XSS), Disclosure of Information 2015-10-13
security-alert hp com
Boolean-based SQL injection Vulnerability in K2 Platforms 2015-10-13
wissam bashour helpag com
[SECURITY] [DSA 3372-1] linux security update 2015-10-13
Ben Hutchings (benh debian org)
Malware
TrojanSpy:MSIL/Yakbeex.B
TrojanDropper:Win32/Sulunch
TrojanDownloader:MSIL/Bladabindi.J
TrojanSpy:Win32/Nivdort!acf
TrojanSpy:Win32/Banker.AOX
TrojanSpy:MSIL/Quoler.A
Adware:Win32/Sogou
TrojanDownloader:BAT/Unwgent.A
Trojan:Win32/Damingvat.A
Adware:Win32/Putalo0l
Phishing
Paypal | 14th October 2015 |
We are unable to validate | |
MRS MONICA ASLAM | 13th October 2015 |
PayPal Support | 13th October 2015 |
Vulnerebility
SANS News
AV Phone Scan via Fake BSOD Web Pages
Threatpost
Dow Jones & Company Latest Financial Firm Hit With Data Breach
Exploit
ZyXEL PMG5318-B20A - OS Command Injection Vulnerability
Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit
13.10.2015
Bugtraq
Boolean-based SQL injection Vulnerability in K2 Platforms 2015-10-13
wissam bashour helpag com
[SECURITY] [DSA 3372-1] linux security update 2015-10-13
Ben Hutchings (benh debian org)
AdobeWorkgroupHelper Stack Based Buffer Overflow 2015-10-13
apparitionsec gmail com
CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin 2015-10-12
grajalerts gmail com
CVE-2015-7682: Multiple Blind SQL Injections in Pie Register WordPress Plugin 2015-10-12
grajalerts gmail com
CVE-2015-7377: Unauthenticated Reflected XSS in Pie Register WordPress Plugin 2015-10-12
grajalerts gmail com
Multiple Remote Code Execution found in ZHONE 2015-10-12
lyon yang s gmail com
Malware
PWS:MSIL/Logbro.A
Backdoor:Win32/Slackbot.F
TrojanDropper:MSIL/Mutra
Backdoor:Win32/Dradkiter.A
HackTool:Win64/Mikatz
TrojanDownloader:O97M/Daoyap.A
TrojanDropper:MSIL/Hostwack.A
TrojanDownloader:Win32/Fikoter.A
Backdoor:Win32/Warood.B
Backdoor:Win32/Warood.A
Phishing
PayPal | 13th October 2015 |
Services Info | 13th October 2015 |
Chase | 13th October 2015 |
Barclays PLC. | 12th October 2015 |
Vulnerebility
SANS News
October 2015 Microsoft Patch Tuesday
Threatpost
Adobe Patches 69 Vulnerabilities in Reader, Acrobat, Flash
Netgear Published Patched Firmware for Routers Under Attack
Exploit
ZHONE < S3.0.501 - Multiple Vulnerabilities
F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - File Path Traversal Vulnerability
Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities
Kerio Control <= 8.6.1 - Multiple Vulnerabilities
libsndfile 1.0.25 - Heap Overflow
CDex Genre 1.79 - Stack Buffer Overflow
12.10.2015
Bugtraq
CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin 2015-10-12
grajalerts gmail com
CVE-2015-7682: Multiple Blind SQL Injections in Pie Register WordPress Plugin 2015-10-12
grajalerts gmail com
CVE-2015-7377: Unauthenticated Reflected XSS in Pie Register WordPress Plugin 2015-10-12
grajalerts gmail com
Multiple Remote Code Execution found in ZHONE 2015-10-12
lyon yang s gmail com
[SYSS-2015-034] MATESO Password Safe and Repository Enterprise - SQL Injection 2015-10-12
matthias deeg syss de
[SYSS-2015-037] MATESO Password Safe and Repository Enterprise - Insufficiently Protected Credentials 2015-10-12
matthias deeg syss de
Multiple Vulnerabilities found in ZHONE 2015-10-12
lyon yang s gmail com
ESA-2015-153 EMC SourceOne Email Supervisor Security Update for Multiple Security Vulnerabilities 2015-10-11
Security Alert (Security_Alert emc com)
[SECURITY] [DSA 3371-1] spice security update 2015-10-09
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:Win32/Maliku.A
TrojanDownloader:Win32/Upatre.CQ
HackTool:Win32/Gambigubo.A
Backdoor:Win32/Venik.O
TrojanDownloader:Win32/Zawwi.A
Win32/Brambul
Win32/Joanap
Phishing
AOL | 12th October 2015 |
Lloyds | 11th October 2015 |
Vulnerebility
SANS News
Data Visualization,What is your Tool of Choice
Threatpost
Exploit
Tomabo MP4 Converter 3.10.12 - 3.11.12 (.m3u) Denial of service (Crush application)
10.10.2015
Bugtraq
[SECURITY] [DSA 3371-1] spice security update 2015-10-09
Salvatore Bonaccorso (carnil debian org)
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-09
Nicholas Lemonias. (lem nikolas googlemail com)
FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc Bug Bounty #119 - URL Redirect Web Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
Malware
Phishing
MR DAVID | 9th October 2015 |
Info | 9th October 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
9.10.2015
Bugtraq
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-09
Nicholas Lemonias. (lem nikolas googlemail com)
FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc Bug Bounty #119 - URL Redirect Web Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
Veeam Backup & Replication Local Privilege Escalation Vulnerability 2015-10-08
ascii (ascii ush it)
[RT-SA-2015-006] Buffalo LinkStation Authentication Bypass 2015-10-08
RedTeam Pentesting GmbH (release redteam-pentesting de)
Potential vulnerabilites in PayPal Beacons 2015-10-08
securityresearch shaftek biz
Malware
TrojanSpy:BAT/Separ.C
SoftwareBundler:Win32/Pokavampo
Trojan:Win32/Patched.AP
Phishing
Info | 9th October 2015 |
Halifax UK | 7th October 2015 |
Vulnerebility
SANS News
Adobe Acrobat and Reader Pre-Announcement
Threatpost
Amazon Inspector Addresses Compliance and Security Challenge
Adobe to Patch Reader and Acrobat Next Week
Exploit
VeryPDF Image2PDF Converter SEH Buffer Overflow
8.10.2015
Bugtraq
Advanced Information Security Corporation, Security Advisory (Oracle's MYSQL v5.6.24 Latest - Buffer Overflows) Repost 2015-10-07
Nicholas Lemonias. (lem nikolas googlemail com)
[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities 2015-10-07
Matteo Beccati (matteo beccati com)
A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE 2015-10-07
Pierre Kim (pierre kim sec gmail com)
RE: Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img 2015-10-07
Alexandre Herzog (Alexandre Herzog csnc ch)
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-07
lem nikolas gmail com
[SECURITY] [DSA 3369-1] zendframework security update 2015-10-06
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3370-1] freetype security update 2015-10-06
Alessandro Ghedini (ghedo debian org)
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-07
Nicholas Lemonias. (lem nikolas googlemail com)
Zope Management Interface CSRF vulnerabilities 2015-10-07
apparitionsec gmail com
[CVE-2015-7670] Multiple SQL Injection in Support Ticket System 1.2 WordPress plugin 2015-10-06
ibeptaz gmail com
Malware
TrojanDownloader:Win32/Upatre.CG
TrojanDownloader:Win32/Upatre.CF
TrojanDownloader:Win32/Brucryp.D
TrojanDropper:Win32/Latot.A
TrojanDownloader:Win32/Latot.A
TrojanSpy:MSIL/Logkayi.A
TrojanSpy:MSIL/Logadat.A
Phishing
Halifax UK | 7th October 2015 |
Summary Billing Account | 7th October 2015 |
WE DISCOVERED IRREGULARITIES | |
Vulnerebility
SANS News
Malicious spam with Word document
Threatpost
New Moker RAT Bypasses Detection
Kemoge Android Adware Campaign Can Lead to Device Takeover
Exploit
Zope Management Interface 4.3.7 - CSRF Vulnerabilities
7.10.2015
Bugtraq
Advanced Information Security Corporation, Security Advisory (Oracle's MYSQL v5.6.24 Latest - Buffer Overflows) Repost 2015-10-07
Nicholas Lemonias. (lem nikolas googlemail com)
[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities 2015-10-07
Matteo Beccati (matteo beccati com)
A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE 2015-10-07
Pierre Kim (pierre kim sec gmail com)
RE: Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img 2015-10-07
Alexandre Herzog (Alexandre Herzog csnc ch)
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-07
lem nikolas gmail com
[SECURITY] [DSA 3369-1] zendframework security update 2015-10-06
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3370-1] freetype security update 2015-10-06
Alessandro Ghedini (ghedo debian org)
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-07
Nicholas Lemonias. (lem nikolas googlemail com)
Zope Management Interface CSRF vulnerabilities 2015-10-07
apparitionsec gmail com
[CVE-2015-7670] Multiple SQL Injection in Support Ticket System 1.2 WordPress plugin 2015-10-06
ibeptaz gmail com
TestLink Security Advisory - SQL Injection Vulnerability - CVE-2015-7390 2015-10-07
Onur Yilmaz (onur netsparker com)
TestLink Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-7391 2015-10-07
Onur Yilmaz (onur netsparker com)
Local RedHat Enterprise Linux DoS â?? RHEL 7.3 Kernel crashes on invalid USB device descriptors (usbvision driver) 2015-10-07
Ralf Spenneberg (info os-t de) (1 replies)
Re: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (usbvision driver) 2015-10-07
Ralf Spenneberg (ralf os-t de)
Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img 2015-10-06
Alexandre Herzog (Alexandre Herzog csnc ch)
Malware
TrojanDownloader:MSIL/Banload.AA
TrojanDownloader:VBS/Banload.V
TrojanDownloader:Win32/Banload.CAC
TrojanDownloader:Win32/Quireap.B
TrojanSpy:Win32/Batlopma.A
PWS:Win32/Sekur.A!dha
TrojanDownloader:SWF/Esaprof.B
TrojanDropper:Win32/Tramox.A
Backdoor:Win32/Warood.C
TrojanDownloader:Win32/Badiehi.B
Phishing
Summary Billing Account | 7th October 2015 |
WE DISCOVERED IRREGULARITIES | |
PayPal | 7th October 2015 |
[PAYPAL]: WARNING YOUR PAYPAL | |
Apple ID | 7th October 2015 |
Amazon | 7th October 2015 |
SGT.MONICA L BROWN | 7th October 2015 |
Vulnerebility
SANS News
Threatpost
Researchers Disrupt Angler Exploit Kit Ecosystem, Derail $30M Ransomware Campaign
Exploit
Zope Management Interface 4.3.7 - CSRF Vulnerabilities
6.10.2015
Bugtraq
Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img 2015-10-06
Alexandre Herzog (Alexandre Herzog csnc ch)
Advisory: web-based VM detection and coarse-grained fingerprinting 2015-10-05
Amit Klein (aksecurity gmail com)
LanWhoIs.exe 1.0.1.120 Stack Buffer Overflow 2015-10-06
apparitionsec gmail com
[security bulletin] HPSBUX03359 SSRT102094 rev.2 - HP-UX pppoec, local elevation of privilege 2015-10-05
security-alert hp com
[slackware-security] seamonkey (SSA:2015-274-03) 2015-10-01
Slackware Security Team (security slackware com)
[slackware-security] mozilla-thunderbird (SSA:2015-274-01) 2015-10-01
Slackware Security Team (security slackware com)
[slackware-security] php (SSA:2015-274-02) 2015-10-01
Slackware Security Team (security slackware com)
[security bulletin] HPSBST03418 rev.2 - HP P6000 Command View Software, Remote Disclosure of Information 2015-10-02
security-alert hp com
FTGate 2009 Build 6.4.00 CSRF Vulnerabilities 2015-10-02
apparitionsec gmail com
Malware
HTML/Costacas
Win32/Blakamba
TrojanProxy:MSIL/Utafajax.A
Phishing
Summary Billing Account | 6th October 2015 |
WE DISCOVERED IRREGULARITIES | |
Vanessa Craig | 6th October 2015 |
Apple | 6th October 2015 |
Votre identifiant Apple vient | |
MR DAVID | 6th October 2015 |
PayPal | 6th October 2015 |
Vulnerebility
SANS News
Threatpost
YiSpecter iOS Malware Abuses Apple Enterprise Certs to Push Adware
Google Pushes Stagefright 2.0 Patches to Nexus Devices
Scottrade Breach Affects 4.6 Million Customers
Canceled Talk Re-Ignites Controversy Over Legitimate Security Research
Exploit
LanSpy 2.0.0.155 - Buffer Overflow
PHP-Fusion <= v7.02.07 - Blind SQL Injection
GLPI 0.85.5 - RCE Through File Upload Filter Bypass
LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow
Last PassBroker 3.2.16 - Stack-Based Buffer Overflow
5.10.2015
Bugtraq
[security bulletin] HPSBST03418 rev.2 - HP P6000 Command View Software, Remote Disclosure of Information 2015-10-02
security-alert hp com
FTGate 2009 Build 6.4.00 CSRF Vulnerabilities 2015-10-02
apparitionsec gmail com
CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability 2015-10-02
Specto (specto custodela com)
[SYSS-2015-039] CSRF in OpenText Secure MFT 2015-10-02
adrian vollmer syss de
[ZDI-15-396] ManageEngine ServiceDesk Plus remote code execution 2015-10-02
Pedro Ribeiro (pedrib gmail com)
Qualys Security Advisory - OpenSMTPD Audit Report 2015-10-02
Qualys Security Advisory (qsa qualys com)
FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind [REVISED] 2015-10-02
FreeBSD Security Advisories (security-advisories freebsd org)
ZTE GPON F427 and possibly F460/F600 - authorization bypass and cleartext password storage 2015-10-02
jerzy patraszewski gmail com
Reflected Cross-Site Scripting (XSS) in SourceBans 2015-10-03
High-Tech Bridge Security Research (advisory htbridge ch)
Multiple Reflected XSS in Payment Form for PayPal Pro version 1.0.1 WordPress plugin 2015-10-04
ibemed gmail com
Multiple Reflected XSS in ResAds version 1.0.1 WordPress plugin 2015-10-04
ibemed gmail com
Malware
Phishing
PayPal | 5th October 2015 |
[PAYPAL]: WARNING YOUR PAYPAL | |
Web Team©2015 | 5th October 2015 |
WelIs Fargo | 5th October 2015 |
Email Admin Center | 5th October 2015 |
Vulnerebility
SANS News
Cyber Security Awareness Month: Protecting Your Network From "Dave"
Threatpost
Experian Breach Spills Data on 15 Million T-Mobile Customers
Exploit
ManageEngine ServiceDesk Plus <= 9.1 build 9110 - Path Traversal
Zemra Botnet CnC Web Panel Remote Code Execution
Kaseya VSA uploader.aspx Arbitrary File Upload
Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation
LanSpy 2.0.0.155 - Buffer Overflow
2.10.2015
Bugtraq
[security bulletin] HPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities 2015-10-01
security-alert hp com
[security bulletin] HPSBGN03424 rev.1 - HP Cloud Service Automation, Remote Authentication Bypass 2015-10-01
security-alert hp com
[SYSS-2015-001] Kaspersky Endpoint Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-003] Kaspersky Small Office Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-002] Kaspersky Endpoint Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-004] Kaspersky Small Office Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-006] Kaspersky Total Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-005] Kaspersky Total Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-008] Kaspersky Internet Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-009] Kaspersky Anti-Virus - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-007] Kaspersky Internet Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-010] Kaspersky Anti-Virus - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
Malware
Phishing
Paypal Inc | 2nd October 2015 |
Paypal Inc | 1st October 2015 |
Vulnerebility
SANS News
Threatpost
HTTPS Available as Opt-In for Blogspot
Apple Patches 100+ Vulnerabilities in OS X, Safari, iOS
Dridex Banking Malware Back in Circulation
Exploit
Avast Antivirus X.509 Error Rendering Command Execution
PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities
Bosch Security Systems Dinion NBN-498 Web Interface - XML Injection
Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation
FTGate 2009 Build 6.4.00 - Multiple Vulnerabilities
FTGate 7 - CSRF Vulnerabilities
ElasticSearch 1.6.0 - Arbitrary File Download
WinRar < 5.30 beta 4 - Settings Import Command Execution
1.10.2015
Bugtraq
[security bulletin] HPSBGN03424 rev.1 - HP Cloud Service Automation, Remote Authentication Bypass 2015-10-01
security-alert hp com
[SYSS-2015-001] Kaspersky Endpoint Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-003] Kaspersky Small Office Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-002] Kaspersky Endpoint Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-004] Kaspersky Small Office Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-006] Kaspersky Total Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-005] Kaspersky Total Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-008] Kaspersky Internet Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-009] Kaspersky Anti-Virus - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-007] Kaspersky Internet Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-010] Kaspersky Anti-Virus - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-09-30-2 Safari 9 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBST03502 rev.1 - HP 3PAR Service Processor (SP) SPOCC, Remote Disclosure of Information 2015-09-30
security-alert hp com
APPLE-SA-2015-09-30-01 iOS 9.0.2 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
Malware
Trojan:Win32/Cuffahlt.B
Adware:Win32/Bayads
Ransom:Win32/Orxlocker.A
Phishing
Amazon Support Inc | 30th September 2015 |
activation | 30th September 2015 |
30th September 2015 | |
service@intl-paypal.com | 30th September 2015 |
Vulnerebility
SANS News
Recent trends in Nuclear Exploit Kit activity
Threatpost
Unsupported Honeywell Experion PKS Vulnerable to Public Attacks
Suspicious Windows 7 Update Actually an Accidental Microsoft ‘Test’ Update
Apple Gatekeeper Bypass Opens Door for Malicious Code
Exploit
Dropbox < 3.3.x - OSX FinderLoadBundle Local Root Exploit
MakeSFX.exe 1.44 - Stack Buffer Overflow
30.9.2015
Bugtraq
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-09-30-2 Safari 9 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBST03502 rev.1 - HP 3PAR Service Processor (SP) SPOCC, Remote Disclosure of Information 2015-09-30
security-alert hp com
APPLE-SA-2015-09-30-01 iOS 9.0.2 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
Apache James Server 2.3.2 security vulnerability fixed 2015-09-30
Eric Charles (eric apache org)
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-30
dev rarlab com (1 replies)
RE: WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-30
Popovici, Alejo \(LATCO - Buenos Aires\) (apopovici DELOITTE com) (1 replies)
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-30
Eugene Roshal (roshal rarlab com)
FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind 2015-09-29
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
TrojanDownloader:MSIL/Malkinocci.A
TrojanDownloader:Win32/Banload.BEM
TrojanSpy:Win32/Banker.AOY
SoftwareBundler:Win32/Techsnab
Phishing
MARK WILLIAMS | 30th September 2015 |
Santander | 30th September 2015 |
Amazon Support Inc | 29th September 2015 |
Golden Charter | 29th September 2015 |
Barclays Bank PLC. | 29th September 2015 |
PayPal | 29th September 2015 |
Vulnerebility
SANS News
Threatpost
Dyreza Trojan Targeting IT Supply Chain Credentials
Exploit
29.9.2015
Bugtraq
CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
Ralf Spenneberg \(OpenSource Security\) (funktionskonto spenneberg net)
Remote privesc and RCE in Kaseya Virtual System Administrator 2015-09-29
Pedro Ribeiro (pedrib gmail com)
Vtiger CRM Authenticated Remote Code Execution (CVE-2015-6000) 2015-09-28
Benjamin Daniel Mussler (sec m
ESA-2015-151: RSA® OneStep Path Traversal Vulnerability 2015-09-29
Security Alert (Security_Alert emc com)
ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities 2015-09-29
Security Alert (Security_Alert emc com)
CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
Ralf Spenneberg \(OpenSource Security\) (funktionskonto spenneberg net) (1 replies)
Re: CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
Ralf Spenneberg (ralf os-t de)
Remote privesc and RCE in Kaseya Virtual System Administrator 2015-09-29
Pedro Ribeiro (pedrib gmail com)
Vtiger CRM Authenticated Remote Code Execution (CVE-2015-6000) 2015-09-28
Benjamin Daniel Mussler (sec ml fl7 de)
Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
l fl7 de)
Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
Malware
TrojanSpy:MSIL/QVKeyLogger.A
TrojanDownloader:MSIL/Suphun.A
TrojanDownloader:Win32/Jalaro.A
Phishing
Amazon Support Inc | 29th September 2015 |
Golden Charter | 29th September 2015 |
Barclays Bank PLC. | 29th September 2015 |
PayPal | 29th September 2015 |
PayPal Support | 29th September 2015 |
IMPORTANT MESSAGE FROM THE | |
Amazon Support Inc | 28th September 2015 |
Vulnerebility
SANS News
Threatpost
SAP Patches 12 SQL Injection, XSS Vulnerabilities in HANA
Dyreza Trojan Targeting IT Supply Chain Credentials
Exploit
ManageEngine EventLog Analyzer Remote Code Execution
Western Digital My Cloud 04.01.03-421, 04.01.04-422 - Command Injection
Kaseya Virtual System Administrator - Multiple Vulnerabilities
IconLover 5.42 - Local Buffer Overflow Exploit
Ubuntu Apport - Local Privilege Escalation
Mango Automation 2.6.0 - Multiple Vulnerabilities
PCMan FTP Server 2.0.7 - Directory Traversal Vulnerability
Watchguard XCS FixCorruptMail Local Privilege Escalation
28.9.2015
Bugtraq
Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
Flowdock API Bug Bounty #3 - (Invite) Persistent Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
My.WiFi USB Drive v1.0 iOS - File Include Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
Subject mail: CVE-2015-7320 - Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
ibemed gmail com
CVE-2015-7320 - Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
ibemed gmail com
CVE-2015-7319 - SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
ibemed gmail com
Malware
TrojanDropper:Win32/Soloniti.A
TrojanDropper:Win32/Morblish.A
TrojanClicker:MSIL/FaceLiker
Trojan:Win32/Greeodode.A
Phishing
Amazon Support Inc | 28th September 2015 |
Lloyds Bank | 27th September 2015 |
Vulnerebility
SANS News
"Transport of London" Malicious E-Mail
Threatpost
JavaScript DDoS Attack Peaks at 275,000 Requests-Per-Second
Hotel Chain Hilton Worldwide Investigating Potential POS Breach
VeraCrypt Patched Against Two Critical TrueCrypt Flaws
Exploit
PCMan FTP Server 2.0.7 - Directory Traversal Vulnerability
BisonWare BisonFTP Server 3.5 - Directory Traversal Vulnerability
Mango Automation 2.6.0 - Multiple Vulnerabilities
Centreon 2.6.1 - Multiple Vulnerabilities
My.WiFi USB Drive 1.0 iOS - File Include Vulnerability
Photos in Wifi 1.0.1 iOS - Arbitrary File Upload Vulnerability
Git-1.9.5 ssh-agent.exe Buffer Overflow
Telegram 3.2 - Input Length Handling Crash PoC
27.9.2015
Bugtraq
Malware
Worm:Win32/Codbot
TrojanDownloader:MSIL/Getete.A
Phishing
Lloyds Bank | 27th September 2015 |
Amazon | 27th September 2015 |
PayPal Support | 26th September 2015 |
IMPORTANT MESSAGE FROM THE | |
æ‹?æ‹?è´· | 26th September 2015 |
Online Survey | 26th September 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
25.9.2015
Bugtraq
[SECURITY] [DSA 3368-1] cyrus-sasl2 security update 2015-09-25
Salvatore Bonaccorso (carnil debian org)
CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine 2015-09-25
Portcullis Advisories (advisories portcullis-security com)
CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine 2015-09-25
Portcullis Advisories (advisories portcullis-security com)
CVE-2015-5076 - Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine 2015-09-25
Portcullis Advisories (advisories portcullis-security com)
Insecure application-coupling in Good Authentication Delegation [MZ-15-03] 2015-09-25
modzero (security modzero ch)
Malware
Phishing
Online Survey | 26th September 2015 |
Virgin Media | 25th September 2015 |
bigfoot.com | 23rd September 2015 |
å?å“折扣 | 22nd September 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
FortiManager 5.2.2 - Persistent XSS Vulnerabilities
X2Engine 4.2 - CSRF Vulnerability
X2Engine 4.2 - Arbitrary File Upload
24.9.2015
Bugtraq
Insecure application-coupling in Good Authentication Delegation [MZ-15-03] 2015-09-25
modzero (security modzero ch)
FortiManager v5.2.2 Multiple XSS Vulnerabilities 2015-09-25
apparitionsec gmail com
Re: CVE-2015-5204: HTTP header injection vulnerability in Apache Cordova File Transfer Plugin for Android 2015-09-24
Shazron (shazron apache org)
[SECURITY] [DSA 3367-1] wireshark security update 2015-09-24
Moritz Muehlenhoff (jmm debian org)
BMC-2015-0006: File inclusion vulnerability in "BIRT Engine" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)
BMC-2015-0005: File inclusion vulnerability in "BIRT Viewer" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)
[SECURITY] [DSA 3366-1] rpcbind security update 2015-09-23
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Virgin Media | 25th September 2015 |
bigfoot.com | 23rd September 2015 |
å?å“折扣 | 22nd September 2015 |
Vulnerebility
SANS News
Mozilla Foundation Security Advisory 2015-112
Threatpost
Naikon APT Group Tied to China’s PLA Unit 78020
Microsoft Revokes Trust for Certificates Leaked by D-Link
Curbing the For-Profit Cybercrime Food Chain
Exploit
Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)
FortiManager 5.2.2 - Persistent XSS Vulnerabilities
X2Engine 4.2 - CSRF Vulnerability
X2Engine 4.2 - Arbitrary File Upload
SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit
WinRar 5.21 - SFX OLE Command Execution
FreshFTP 5.52 - .qfl Crash PoC
23.9.2015
Bugtraq
BMC-2015-0006: File inclusion vulnerability in "BIRT Engine" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)
BMC-2015-0005: File inclusion vulnerability in "BIRT Viewer" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)
[SECURITY] [DSA 3366-1] rpcbind security update 2015-09-23
Salvatore Bonaccorso (carnil debian org)
Cisco AnyConnect elevation of privileges via DMG install script 2015-09-23
Securify B.V. (lists securify nl)
[SECURITY] [DSA 3365-1] iceweasel security update 2015-09-23
Moritz Muehlenhoff (jmm debian org)
ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities 2015-09-23
Security Alert (Security_Alert emc com)
Cisco Security Advisory: Cisco IOS XE Software Network Address Translation Denial of Service Vulnerability 2015-09-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco IOS and IOS XE Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability 2015-09-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities 2015-09-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Malware
Phishing
bigfoot.com | 23rd September 2015 |
Vulnerebility
SANS News
Threatpost
5.6 Million Fingerprints Stolen In OPM Hack
Exploit
SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit
w3tw0rk / Pitbul IRC Bot Remote Code Execution
refbase <= 0.9.6 - Multiple Vulnerabilities
Cisco AnyConnect 3.1.08009 - Privilege Escalation via DMG Install Script
22.9.2015
Bugtraq
UltraEdit v22.20 - Buffer Overflow Vulnerability 2015-09-23
Vulnerability Lab (research vulnerability-lab com)
WiFi Drive CR v1.0 iOS - Persistent Filename Dir List Vulnerability 2015-09-23
Vulnerability Lab (research vulnerability-lab com)
Flowdock API Bug Bounty #1 - (Description) Persistent Web Vulnerability 2015-09-23
Vulnerability Lab (research vulnerability-lab com)
Reflected Cross-Site Scripting (XSS) in iTop 2015-09-23
High-Tech Bridge Security Research (advisory htbridge ch)
Open-Xchange Security Advisory 2015-09-23 2015-09-23
Martin Heiland (martin heiland lists open-xchange com)
[slackware-security] mozilla-firefox (SSA:2015-265-01) 2015-09-23
Slackware Security Team (security slackware com)
Cisco AnyConnect elevation of privileges via DLL side loading 2015-09-22
Securify B.V. (lists securify nl)
Malware
Phishing
bigfoot.com | 23rd September 2015 |
å?å“折扣 | 22nd September 2015 |
PayPal Service | 22nd September 2015 |
Applec | 22nd September 2015 |
Tesco Bank | 22nd September 2015 |
Vulnerebility
SANS News
Making our users unlearn what we taught them
Threatpost
Bypass Developed for Microsoft Memory Protection, Control Flow Guard
Federal CISOs Propose New Efforts to Shore Up Cybersecurity
Exploit
SAP Netweaver < 7.01 - XML External Entity Injection
Kaspersky Antivirus ThinApp Parser Stack Buffer Overflow
Cisco AnyConnect Secure Mobility Client 3.1.08009 - Privilege Escalation
OS X Regex Engine (TRE) - Integer Signedness and Overflow Issues
OS X Regex Engine (TRE) - Stack Buffer Overflow
Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow
Window Kernel - Bitmap Handling Use-After-Free (MS15-061) #2
Windows Kernel - DeferWindowPos Use-After-Free (MS15-073)
Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073)
Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073)
Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061)
Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061)
Windows Kernel - SURFOBJ NULL Pointer Dereference (MS15-061)
Windows Kernel - Brush Object Use-After-Free Vulnerability (MS15-061)
Windows Kernel - WindowStation Use-After-Free (MS15-061)
Windows Kernel - NULL Pointer Dereference with Window Station and Clipboard (MS15-061)
Windows Kernel - Bitmap Handling Use-After-Free (MS15-061)
Windows Kernel - FlashWindowEx Memory Corruption (MS15-097)
Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097)
Windows Kernel - Use-After-Free with Cursor Object (MS15-097)
Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)
Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097)
Kaspersky Antivirus VB6 Parsing Integer Overflow
Kaspersky Antivirus ExeCryptor Parsing Memory Corruption
Kaspersky Antivirus PE Unpacking Integer Overflow
Kaspersky Antivirus DEX File Format Parsing Memory Corruption
Kaspersky Antivirus CHM Parsing Stack Buffer Overflow
Kaspersky Antivirus UPX Parsing Memory Corruption
Kaspersky Antivirus "Yoda's Protector" Unpacking Memory Corruption
22.9.2015
Bugtraq
UDID v1.0 iOS - Persistent Mail Encode Vulnerability 2015-09-22
Vulnerability Lab (research vulnerability-lab com)
Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability 2015-09-22
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3364-1] linux security update 2015-09-21
Ben Hutchings (benh debian org)
APPLE-SA-2015-09-21-1 watchOS 2 2015-09-21
Apple Product Security (product-security-noreply lists apple com)
Jasig CAS server vulnerabilities 2015-09-21
Antoni Klajn (antoni d klajn pwr edu pl)
Advisory: Insufficient Parameter Sanitization in login.live.com (Microsoft) 2015-09-21
securityresearch shaftek biz
CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth 2015-09-21
Antoine Neuenschwander (Antoine Neuenschwander csnc ch)
[SECURITY] [DSA 3363-1] owncloud-client security update 2015-09-20
Luciano Bello (luciano debian org)
Malware
Phishing
PayPal Service | 22nd September 2015 |
Apple | 22nd September 2015 |
Tesco Bank | 22nd September 2015 |
FROM MRS MICHELLE OBAMA | 21st September 2015 |
Chase | 21st September 2015 |
PayPal | 21st September 2015 |
Vulnerebility
SANS News
Threatpost
South Korean Child Monitoring App Beset by Vulnerabilities, Privacy Issues - See more at: https://threatpost.com/#sthash.dJZUKlne.dpuf
South Korean Child Monitoring App Beset by Vulnerabilities, Privacy Issues
Apple watchOS2 Includes Host of Code-Execution Patches
Model Assesses Readiness to Accept Outside Vulnerability Reports
Exploit
Konica Minolta FTP Utility 1.0 - Directory Traversal Vulnerability
Kirby CMS <= 2.1.0 - CSRF Content Upload and PHP Script Execution
h5ai < 0.25.0 - Unrestricted File Upload
Air Drive Plus 2.4 - Arbitrary File Upload Vulnerability
Kirby CMS <= 2.1.0 - Authentication Bypass
21.9.2015
Bugtraq
Jasig CAS server vulnerabilities 2015-09-21
Antoni Klajn (antoni d klajn pwr edu pl)
Advisory: Insufficient Parameter Sanitization in login.live.com (Microsoft) 2015-09-21
securityresearch shaftek biz
CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth 2015-09-21
Antoine Neuenschwander (Antoine Neuenschwander csnc ch)
[SECURITY] [DSA 3363-1] owncloud-client security update 2015-09-20
Luciano Bello (luciano debian org)
Defense in depth -- the Microsoft way (part 35): Windows Explorer ignores "Run as administrator" ... 2015-09-19
Stefan Kanthak (stefan kanthak nexgo de)
SAP Netwaver - XML External Entity Injection 2015-09-21
Lukasz Miedzinski (lukasz miedzinski gmail com)
[SECURITY] [DSA 3362-1] qemu-kvm security update 2015-09-18
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Chase | 21st September 2015 |
PayPal | 21st September 2015 |
Chase Update | 21st September 2015 |
PayPaI Service | 21st September 2015 |
Apple ID | 21st September 2015 |
21st September 2015 | |
Service PaypaI | 20th September 2015 |
Credit Union | 20th September 2015 |
Vulnerebility
SANS News
Threatpost
Adobe Patches 23 Critical Vulnerabilities in Flash Player
XcodeGhost iOS Malware Contained
Exploit
ADH-Web Server IP-Cameras - Multiple Vulnerabilities
Konica Minolta FTP Utility 1.0 - Remote Command Execution
Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow
20.9.2015
Bugtraq
KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
KoreLogic Disclosures (disclosures korelogic com)
[security bulletin] HPSBST03418 rev.1 - HP P6000 Command View Software, Remote Disclosure of Information 2015-09-17
security-alert hp com
Malware
Phishing
Credit Union | 20th September 2015 |
VIRGIN MEDIA | 20th September 2015 |
Amazon | 19th September 2015 |
Microsoft | 19th September 2015 |
Amazon | 19th September 2015 |
Vulnerebility
SANS News
Don't launch that file Adobe Reader!
Threatpost
Exploit
Thomson CableHome Gateway (DWG849) Cable Modem Gateway - Information Exposure
ADH-Web Server IP-Cameras - Multiple Vulnerabilities
Total Commander 8.52 - Buffer Overflow (Windows 10)
Total Commander 8.52 - Buffer Overflow
Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection
Wireshark 1.12.7 - Division by Zero Crash PoC
Microsoft Office 2007 - BIFFRecord Length Use-After-Free
Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion
Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097)
MS15-078 Microsoft Windows Font Driver Buffer Overflow
17.9.2015
Bugtraq
KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
KoreLogic Disclosures (disclosures korelogic com)
[security bulletin] HPSBST03418 rev.1 - HP P6000 Command View Software, Remote Disclosure of Information 2015-09-17
security-alert hp com
APPLE-SA-2015-09-16-4 OS X Server 5.0.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
Apple Safari FTP PASV manipulation vulnerability (CVE-2015-5912) 2015-09-16
Amit Klein (aksecurity gmail com)
APPLE-SA-2015-09-16-3 iTunes 12.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
Malware
Phishing
Amazon | 17th September 2015 |
National | 17th September 2015 |
Eco Experts | 16th September 2015 |
Vulnerebility
SANS News
Threatpost
Apple Addresses Dozens of Vulnerabilities, Embraces Two-Factor Authentication in iOS 9
D-Link Accidentally Leaks Private Code-Signing Keys
Google Details Plans to Disable SSLv3 and RC4
Exploit
IKEView.exe R60 - .elg Local SEH Exploit
ZTE PC UI USB Modem Software - Buffer Overflow
ManageEngine OpManager Remote Code Execution
Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation
Windows NtUserGetClipboardAccessToken Token Leak
Windows Task Scheduler DeleteExpiredTaskAfter File Deletion Privilege Escalation
Windows CreateObjectTask TileUserBroker Privilege Escalation
Windows CreateObjectTask SettingsSyncDiagnostics Privilege Escalation
16.9.2015
Bugtraq
APPLE-SA-2015-09-16-3 iTunes 12.3 2015-09-16
Apple Product Security (product-security-noreply
KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
KoreLogic Disclosures (disclosures korelogic com)
[security bulletin] HPSBST03418 rev.1 - HP P6000 Command View Software, Remote Disclosure of Information 2015-09-17
security-alert hp com
APPLE-SA-2015-09-16-4 OS X Server 5.0.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
Apple Safari FTP PASV manipulation vulnerability (CVE-2015-5912) 2015-09-16
Amit Klein (aksecurity gmail com)
APPLE-SA-2015-09-16-3 iTunes 12.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-09-16-2 Xcode 7.0 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-09-16-1 iOS 9 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16
security-alert hp com
Fwd: [CVE-2015-6940] Pentaho GA PDI & GA BA - Improper authentication allows unauthenticated access to configuration files 2015-09-16
gregory draperi (gregory draperi gmail com)
lists apple com)
APPLE-SA-2015-09-16-2 Xcode 7.0 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-09-16-1 iOS 9 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16
security-alert hp com
Malware
TrojanDropper:MSIL/Mutra
TrojanSpy:Win32/Rebhip.E
Trojan:JS/Iframeinject.AE
Phishing
Eco Experts | 16th September 2015 |
Christy Bryant | 16th September 2015 |
PayPaI Inc | 15th September 2015 |
USAA | 15th September 2015 |
Vulnerebility
Symantec Endpoint Protection Manager CVE-2015-1487 Arbitrary File Write Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76094
Linux Kernel 'perf_callchain_user_64()' Function Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76401
Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-09-17
http://www.securityfocus.com/bid/76288
Adobe FlashPlayer and AIR APSB15-19 Type Confusion Multiple Remote Code Execution Vulnerabilities
2015-09-17
http://www.securityfocus.com/bid/76287
Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76194
IBM WebSphere Application Server CVE-2015-1885 Remote Privilege Escalation Vulnerability
2015-09-17
http://www.securityfocus.com/bid/74219
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76249
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76092
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75157
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75154
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75890
Symantec Endpoint Protection Manager CVE-2015-1489 Remote Privilege Escalation Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76078
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/73237
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/73225
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/73232
Symantec Endpoint Protection Manager CVE-2015-1486 Authentication Bypass Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76074
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-09-17
http://www.securityfocus.com/bid/73326
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-09-17
http://www.securityfocus.com/bid/71936
Apple Mac OS X Multiple Privilege Escalation Vulnerabilities
2015-09-17
http://www.securityfocus.com/bid/76421
Elasticsearch CVE-2015-5377 Remote Code Execution Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75938
Elasticsearch CVE-2015-5531 Directory Traversal Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75935
IBM WebSphere Application Server CVE-2015-1927 Remote Privilege Escalation Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75486
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75156
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-09-17
http://www.securityfocus.com/bid/72165
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-09-17
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-0437 Remote Java SE Vulnerability
2015-09-17
http://www.securityfocus.com/bid/72146
GNU glibc 'send_dg()' Function Local Information Disclosure Weakness
2015-09-17
http://www.securityfocus.com/bid/72844
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-09-17
http://www.securityfocus.com/bid/74733
SANS News
A day in the life of a pentester, or is my job is too sexy for me?
Threatpost
Dutch Police Arrest Alleged CoinVault Ransomware Authors
Schneider Patches Plaintext Credentials Bug in Building Automation System
Dennis Fisher On Security, Journalism, and the Origins of Threatpost
Details Surface on Patched Bugzilla Privilege Escalation Flaw
Exploit
Android libstagefright - Integer Overflow Remote Code Execution
ManageEngine OpManager Remote Code Execution
ZeusCart 4.0 - CSRF Vulnerability
ZTE PC UI USB Modem Software - Buffer Overflow
MS15-078 Microsoft Windows Font Driver Buffer Overflow
VBox Satellite Express 2.3.17.3 - Arbitrary Write
15.9.2015
Bugtraq
Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16
security-alert hp com
Fwd: [CVE-2015-6940] Pentaho GA PDI & GA BA - Improper authentication allows unauthenticated access to configuration files 2015-09-16
gregory draperi (gregory draperi gmail com)
Microsoft Exchange Information Disclosure 2015-09-16
apparitionsec gmail com
[SECURITY] [DSA 3360-1] icu security update 2015-09-15
Laszlo Boszormenyi (GCS) (gcs debian org)
Malware
TrojanSpy:Win32/Rebhip
TrojanDownloader:Win32/Bladabindi
Phishing
Christy Bryant | 16th September 2015 |
PayPaI Inc | 15th September 2015 |
USAA | 15th September 2015 |
ebilling@bt.com | 15th September 2015 |
Vulnerebility
SANS News
Malicious spam with zip attachments containing .js files
Threatpost
WordPress Patches Serious Shortcodes Core Engine Vulnerability
First Let’s Encrypt Free Certificate Goes Live
Scan of IPv4 Space for ‘Implanted’ Cisco Routers Finds Fewer Than 100
Spam Campaign Continuing to Serve Up Malicious .js Files
Google Patches Latest Android Lockscreen Bypass
Exploit
Microsoft Office Excel 2007, 2010, 2013 - BIFFRecord Use-After-Free
Microsoft Office 2007 - BIFFRecord Length Use-After-Free
Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion
Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097)
WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection
FAROL - SQL Injection Vulnerability
14.9.2015
Bugtraq
[security bulletin] HPSBHF03509 rev.1 - HP ThinPro and Smart Zero Core, Remote Denial of Service, Unauthorized Access to Data 2015-09-15
security-alert hp com
Paypal Inc - Open Redirect Web Vulnerability 2015-09-15
Vulnerability Lab (research vulnerability-lab com)
Openfire 3.10.2 CSRF Vulnerabilities 2015-09-15
apparitionsec gmail com
IKEView.exe R60 Stack Buffer Overflow 2015-09-14
apparitionsec gmail com
[security bulletin] HPSBMU03392 rev.2 - HP ArcSight Logger, Remote Authorization Bypass 2015-09-14
security-alert hp com
[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting 2015-09-14
Ahrens, Julien (Julien Ahrens secunet com)
[SECURITY] [DSA 3358-1] php5 security update 2015-09-13
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:AutoIt/Gedo
TrojanDropper:MSIL/Mutra
TrojanClicker:Win32/Frosparf.H
TrojanDownloader:Win32/Frosparf.A
Phishing
Barclays PLC | 14th September 2015 |
Amazon | 14th September 2015 |
PayPal | 13th September 2015 |
Apple | 13th September 2015 |
Halifax Plc | 13th September 2015 |
Vulnerebility
SANS News
Risk... in the most obscure places
Threatpost
DARPA Protecting Software From Reverse Engineering Through Obfuscation
Attackers Replacing Firmware on Cisco Routers
Exploit
Android Shellcode Telnetd with Parameters
Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation
Windows NtUserGetClipboardAccessToken Token Leak
Windows Task Scheduler DeleteExpiredTaskAfter File Deletion Privilege Escalation
Windows CreateObjectTask TileUserBroker Privilege Escalation
Windows CreateObjectTask SettingsSyncDiagnostics Privilege Escalation
TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials
Total Commander 8.52 - SEH-Overwrite BOF
Attackers Replacing Firmware on Cisco Routers
Attackers Replacing Firmware on Cisco Routers
MS15-100 Microsoft Windows Media Center MCL Vulnerability
WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection
Openfire 3.10.2 - Unrestricted File Upload
Openfire 3.10.2 - Remote File Inclusion
Openfire 3.10.2 - Privilege Escalation
Openfire 3.10.2 - Multiple XSS Vulnerabilities
Openfire 3.10.2 - CSRF Vulnerabilities
Silver Peak VXOA < 6.2.11 - Multiple Vulnerabilities
ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution
ManageEngine OpManager 11.5 - Multiple Vulnerabilities
13.9.2015
Bugtraq
[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting 2015-09-14
Ahrens, Julien (Julien Ahrens secunet com)
[SECURITY] [DSA 3358-1] php5 security update 2015-09-13
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3359-1] virtualbox security update 2015-09-13
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3357-1] vzctl security update 2015-09-13
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3356-1] openldap security update 2015-09-12
Salvatore Bonaccorso (carnil debian org)
IKEView.exe Fox beta 1 Stack Buffer Overflow 2015-09-12
apparitionsec gmail com
Malware
Phishing
Barclays PLC | 14th September 2015 |
Amazon | 14th September 2015 |
PayPal | 13th September 2015 |
Apple | 13th September 2015 |
Halifax Plc | 13th September 2015 |
PAYPAI SERVICE | 13th September 2015 |
Vulnerebility
SANS News
The Wordpress Plugins Playground
Threatpost
Installation of Tor Relay in Library Attracts DHS Attention
New Debian Releases Fix PHP, VirtualBox Bugs
Exploit
ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution
ManageEngine OpManager 11.5 - Multiple Vulnerabilities
EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities
IKEView.exe Fox beta 1 - Stack Buffer Overflow
IKEView.exe R60 - Stack Buffer Overflow
12.9.2015
Bugtraq
[SECURITY] [DSA 3356-1] openldap security update 2015-09-12
Salvatore Bonaccorso (carnil debian org)
IKEView.exe Fox beta 1 Stack Buffer Overflow 2015-09-12
apparitionsec gmail com
[security bulletin] HPSBHF03408 rev.2 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code 2015-09-11
security-alert hp com
[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability 2015-09-11
Egidio Romano (research karmainsecurity com)
Magento Bug Bounty #19 - Persistent Filename Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15 2015-09-10
LpSolit gmail com
Malware
Phishing
Apple | 13th September 2015 |
Halifax Plc | 13th September 2015 |
PAYPAI SERVICE | 13th September 2015 |
PayPal | 12th September 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Microsoft Internet Explorer 11 - Stack Underflow Crash PoC
Windows Media Center - Command Execution (MS15-100)
Monsta FTP 1.6.2 - Multiple Vulnerabilities
11.9.2015
Bugtraq
DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
Onur Yilmaz (onur netsparker com)
[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability 2015-09-11
Egidio Romano (research karmainsecurity com)
Magento Bug Bounty #19 - Persistent Filename Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15 2015-09-10
LpSolit gmail com
Security advisory for Bugzilla 5.0, 4.4.9, and 4.2.14 2015-09-10
dkl mozilla com
DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
Onur Yilmaz (onur netsparker com)
[SECURITY] [DSA 3355-1] libvdpau security update 2015-09-10
Alessandro Ghedini (ghedo debian org)
Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
Securify B.V. (lists securify nl)
Synology Video Station command injection and multiple SQL injection vulnerabilities 2015-09-09
Securify B.V. (lists securify nl)
[SECURITY] [DSA 3355-1] libvdpau security update 2015-09-10
Alessandro Ghedini (ghedo debian org)
Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
Securify B.V. (lists securify nl)
Synology Video Station command injection and multiple SQL injection vulnerabilities 2015-09-09
Securify B.V. (lists securify nl)
[security bulletin] HPSBGN03504 rev.1 - HP UCMDB, Local Disclosure of Sensitive Information 2015-09-09
security-alert hp com
[security bulletin] HPSBOV03505 rev.1 - TCP/IP Services for OpenVMS running NTP, Remote Code Execution, Denial of Service (DoS) 2015-09-09
security-alert hp com
Malware
TrojanDownloader:Win32/Blinsload.A
PWS:Win32/Pumba.C
Phishing
alert@barclays.co.uk | 11th September 2015 |
USAA | 10th September 2015 |
APPLE | 10th September 2015 |
Vulnerebility
SANS News
Feeding DShield with OSSEC Logs
Threatpost
Just Like Old Days: IOT Security Pits Regulators Against Market
Gary McGraw on Scalable Software Security and Medical Device Securityf
Series of Buffer Overflows Plague Many Yokogawa ICS Products
Exploit
OS X x64 - tcp bind shellcode, NULL byte free (144 bytes)
OS X Install.framework suid root Runner Binary Privilege Escalation
OS X Install.framework Arbitrary mkdir, unlink and chown to admin Group
OS X Install.framework suid Helper Privilege Escalation
Logitech Webcam Software 1.1 - eReg.exe SEH/Unicode Buffer Overflow
OpenLDAP 2.4.42 - ber_get_next Denial of Service
10.9.2015
Bugtraq
DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
Onur Yilmaz (onur netsparker com)
[SECURITY] [DSA 3355-1] libvdpau security update 2015-09-10
Alessandro Ghedini (ghedo debian org)
Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
Securify B.V. (lists securify nl)
Synology Video Station command injection and multiple SQL injection vulnerabilities 2015-09-09
Securify B.V. (lists securify nl)
[security bulletin] HPSBGN03504 rev.1 - HP UCMDB, Local Disclosure of Sensitive Information 2015-09-09
security-alert hp com
[security bulletin] HPSBOV03505 rev.1 - TCP/IP Services for OpenVMS running NTP, Remote Code Execution, Denial of Service (DoS) 2015-09-09
security-alert hp com
[ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-015] SAP NetWeaver AS ABAPâ?? Hardcoded Credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE in Add Repository 2015-09-09
ERPScan inc (erpscan online gmail com)
ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-09-09
Security Alert (Security_Alert emc com)
ESA-2015-140: RSA® Identity Management & Governance Multiple Cross-Site Scripting Vulnerabilities 2015-09-09
Security Alert (Security_Alert emc com)
[security bulletin] HPSBOV03506 rev.1 - TCP/IP Services for OpenVMS running BIND, Remote Denial of Service (DoS) 2015-09-08
security-alert hp com
Defense in depth -- the Microsoft way (part 33): arbitrary code execution (and UAC bypass) via RegEdit.exe 2015-09-08
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3354-1] spice security update 2015-09-08
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:MSIL/Muxtart.A
Phishing
APPLE | 10th September 2015 |
Vulnerebility
SANS News
Threatpost
FTC, Experts Push Startups to Think About Security From the Beginning
NY Health Provider Excellus Discloses Data Breach Dating to 2013
Pair of Drupal Modules Patch Access Bypass Flaws
Exploit
Android Stagefright - Remote Code Execution
Qlikview <= 11.20 SR11 - Blind XXE Injection Vulnerability
Auto-Exchanger 5.1.0 - CSRF Vulnerability
9.9.2015
Bugtraq
[ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-015] SAP NetWeaver AS ABAPâ?? Hardcoded Credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE in Add Repository 2015-09-09
ERPScan inc (erpscan online gmail com)
ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-09-09
Security Alert (Security_Alert emc com)
ESA-2015-140: RSA® Identity Management & Governance Multiple Cross-Site Scripting Vulnerabilities 2015-09-09
Security Alert (Security_Alert emc com)
[security bulletin] HPSBOV03506 rev.1 - TCP/IP Services for OpenVMS running BIND, Remote Denial of Service (DoS) 2015-09-08
security-alert hp com
Defense in depth -- the Microsoft way (part 33): arbitrary code execution (and UAC bypass) via RegEdit.exe 2015-09-08
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3354-1] spice security update 2015-09-08
Salvatore Bonaccorso (carnil debian org)
Re: Oracle Hyperion password disclosure... 2015-09-08
jeff kayser jibeconsulting com
Malware
MonitoringTool:Win32/TektonIt
HackTool:Win32/Broduplo
TrojanDownloader:Win32/Dabaker.A
TrojanDownloader:Java/OpenConnection.QE
Phishing
Tesco Bank | 8th September 2015 |
Vulnerebility
SANS News
Threatpost
Android Stagefright Exploit Code Released to Public
Musical Chairs Campaign Found Deploying New Gh0st RAT Variant
Jessy Irwin on Password Security, Opsec and User Education
Security of iMessage System Comes to the Fore Again
Turla APT Group Abusing Satellite Internet Links
TLS Implementations Vulnerable to RSA Key Leaks
Microsoft Patches Graphics Component Flaw Under Attack
Exploit
Qlikview <= 11.20 SR11 - Blind XXE Injection Vulnerability
PHP SplDoublyLinkedList unserialize() Use-After-Free
PHP GMP unserialize() Use-After-Free
PHP SplObjectStorage unserialize() Use-After-Free
PHP Session Deserializer Use-After-Free
DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities
Linux/x86 - execve("/bin/cat", ["/bin/cat", "/etc/passwd"], NULL)
8.9.2015
Bugtraq
[CVE-2015-3623] Qlikview blind XXE Security Vulnerability 2015-09-08
alex_haynes outlook com
NETGEAR Wireless Management System - Authentication Bypass and Privilege Escalation. 2015-09-07
Elliott Lewis (elliott lewis uk gmail com)
[SECURITY] [DSA 3353-1] openslp-dfsg security update 2015-09-05
Alessandro Ghedini (ghedo debian org)
JSPMySQL Administrador CSRF & XSS Vulnerabilities 2015-09-05
apparitionsec gmail com
Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)
Malware
Backdoor:Win32/Shesmi.A
TrojanDownloader:Win32/Puflug.B
TrojanDropper:Win32/PSah.A
Phishing
Amazon | 7th September 2015 |
Vulnerebility
SANS News
Threatpost
Adobe Patches Two Shockwave Player Vulnerabilities
eBay Fixes XSS Flaw in Subdomain
Government Releases Policy on Vulnerability Discovery and Disclosure
Exploit
Cisco Sourcefire User Agent 2.2 - Insecure File Permissions
IBM AIX High Availability Cluster Multiprocessing (HACMP) Local Privilege Escalation 0day
Advantech WebAccess 8.0, 3.4.3 ActiveX - Multiple Vulnerabilities
VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow
7.9.2015
Bugtraq
NETGEAR Wireless Management System - Authentication Bypass and Privilege Escalation. 2015-09-07
Elliott Lewis (elliott lewis uk gmail com)
[SECURITY] [DSA 3353-1] openslp-dfsg security update 2015-09-05
Alessandro Ghedini (ghedo debian org)
JSPMySQL Administrador CSRF & XSS Vulnerabilities 2015-09-05
apparitionsec gmail com
Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)
Avira Mobile Security iOS Application - Cleartext Credentials Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)
Defense in depth -- the Microsoft way (part 32): yet another (trivial) UAC bypass resp. privilege escalation 2015-09-04
Stefan Kanthak (stefan kanthak nexgo de)
Oracle Hyperion password disclosure... 2015-09-04
Jeff Kayser (jeff kayser jibeconsulting com)
Malware
TrojanSpy:Win32/Banker.AOT
TrojanSpy:Win32/Banker.AOS
TrojanSpy:Win32/Banker.AOP
Phishing
Nobel Trust Ltd. | 3rd September 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Endian Firewall Proxy Password Change Command Injection
NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
JSPMySQL Administrador - Multiple Vulnerabilities
Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities
WordPress Contact Form Generator <= 2.0.1 - Multiple CSRF Vulnerabilities
FireEye Appliance Unauthorized File Disclosure
Elastix < 2.5 , PHP Code Injection Exploit
AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow
Disconnect.me Mac OS X Client <= 2.0 - Local Privilege Escalation
ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC
5.9.2015
Bugtraq
Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)
Avira Mobile Security iOS Application - Cleartext Credentials Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)
Defense in depth -- the Microsoft way (part 32): yet another (trivial) UAC bypass resp. privilege escalation 2015-09-04
Stefan Kanthak (stefan kanthak nexgo de)
Oracle Hyperion password disclosure... 2015-09-04
Jeff Kayser (jeff kayser jibeconsulting com)
[SECURITY] [DSA 3352-1] screen security update 2015-09-04
Laszlo Boszormenyi (gcs debian org)
Malware
VBA / TrojanDownloader.Agent.AAV
VBA / TrojanDownloader.Agent.AAL
VBA / TrojanDownloader.Agent.AAK
VBA / TrojanDownloader.Agent.AAZ
Phishing
Vulnerebility
SANS News
Threatpost
Attacker Compromised Mozilla Bug System, Stole Private Vulnerability Data - See more at: https://threatpost.com/attacker-compromised-mozilla-bug-system-stole-private-vulnerability-data/114552/#sthash.0WvwhP3t.dpuf
Attacker Compromised Mozilla Bug System, Stole Private Vulnerability Data - See more at: https://threatpost.com/attacker-compromised-mozilla-bug-system-stole-private-vulnerability-data/114552/#sthash.0WvwhP3t.dpuf
Attacker Compromised Mozilla Bug System, Stole Private Vulnerability Data
Exploit
4.9.2015
Bugtraq
[SECURITY] [DSA 3352-1] screen security update 2015-09-04
Laszlo Boszormenyi (gcs debian org)
[slackware-security] seamonkey (SSA:2015-246-01) 2015-09-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3351-1] chromium-browser security update 2015-09-03
Michael Gilbert (mgilbert debian org)
[CVE-2014-7216] Yahoo! Messenger emoticons.xml Multiple Key Value Handling Local Buffer Overflow 2015-09-03
Julien Ahrens (info rcesecurity com)
ESA-2015-144: EMC Documentum Content Server Privilege Escalation Vulnerability 2015-09-03
Security Alert (Security_Alert emc com)
Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities 2015-09-03
Vulnerability Lab (research vulnerability-lab com)
Checkmarx CxQL Sandbox bypass (CVE-2014-8778) 2015-09-03
hdau deloitte fr
[SYSS-2015-016] Avaya one-X® Agent - Hard-coded Cryptographic Key 2015-09-03
sven freund syss de
[slackware-security] bind (SSA:2015-245-01) 2015-09-02
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3350-1] bind9 security update 2015-09-02
Moritz Muehlenhoff (jmm debian org)
FreeBSD Security Advisory FreeBSD-SA-15:23.bind 2015-09-02
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 3348-1] qemu security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3349-1] qemu-kvm security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
SANS News
Port Scanners: The Good and The Bad
Threatpost
Citovat Wassenaar, HP vytáhne z Mobile Pwn2Own
Federálové Change Policy vyžadovat rozkaz k použití Stingrays
Exploit
3.9.2015
Bugtraq
[SECURITY] [DSA 3348-1] qemu security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3349-1] qemu-kvm security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)
Cisco Security Advisory: Cisco Integrated Management Controller Supervisor and Cisco UCS Director Remote File Overwrite Vulnerability 2015-09-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[SECURITY] [DSA 3347-1] pdns security update 2015-09-02
Sébastien Delafond (seb debian org)
ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability 2015-09-02
Security Alert (Security_Alert emc com)
Malware
TrojanDownloader:Win32/Contaskitar.B
TrojanDownloader:Win32/Retkwark.A
TrojanDownloader:Win32/Qulkonwi.D
TrojanDownloader:Win32/Lophistdol.A
Backdoor:Win32/NetWiredRC.D
TrojanSpy:Win32/Banker.AOO
Backdoor:Win32/Farfli.BJ
TrojanDownloader:Win32/Upatre.BY
TrojanDownloader:Win32/Upatre.BX
TrojanDownloader:Win32/Scadmacs.A
SoftwareBundler:Win32/Owsair
SoftwareBundler:Win32/LoadArcher.A
SoftwareBundler:Win32/LoadArcher
TrojanDownloader:Win32/Upatre.CB
Phishing
Service 2015 | 2nd September 2015 |
Administrator Online® | 2nd September 2015 |
Yvonne Perry | 2nd September 2015 |
Tesco Bank | 1st September 2015 |
Mohamed Abdel | 1st September 2015 |
email update | 1st September 2015 |
Mona Yates | 1st September 2015 |
Vulnerebility
SANS News
Querying the DShield API from RTIR
Threatpost
New Versions of Carbanak Banking Malware Seen Hitting Targets in U.S. and Europe
New Android Ransomware Communicates over XMPP
Cisco Patches File Overwrite Bug in IMC Supervisor and UCS Director
Exploit
SphereFTP Server 2.0 - Crash PoC
2.9.2015
Bugtraq
[SECURITY] [DSA 3347-1] pdns security update 2015-09-02
Sébastien Delafond (seb debian org)
ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability 2015-09-02
Security Alert (Security_Alert emc com)
Cross-Site Request Forgery in Cerb 2015-09-02
High-Tech Bridge Security Research (advisory htbridge ch)
[slackware-security] gdk-pixbuf2 (SSA:2015-244-01) 2015-09-01
Slackware Security Team (security slackware com)
CVE-2015-5603: JIRA and the HipChat For JIRA plugin - Velocity Template Injection 2015-09-02
David Black (dblack atlassian com)
KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation 2015-09-01
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation 2015-09-01
KoreLogic Disclosures (disclosures korelogic com)
[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities 2015-09-01
CORE Advisories Team (advisories coresecurity com)
Malware
Phishing
Tesco Bank | 1st September 2015 |
Mohamed Abdel | 1st September 2015 |
email update | 1st September 2015 |
Mona Yates | 1st September 2015 |
IT管ç†ä¸å¿ƒ | 1st September 2015 |
ã€ç½‘络è¿è¥éƒ¨ã€‘关于EMI | |
Wells Fargo Bank | 1st September 2015 |
Vulnerebility
SANS News
What's the situation this week for Neutrino and Angler EK?
Threatpost
Encryption, Lock Mechanism Vulnerabilities Plague AppLock
Google Patches Critical Vulnerabilities in Chrome 45
Victims of June OPM Hack Still Haven’t Been Notified
Netflix Sleepy Puppy Awakens XSS Vulnerabilities in Secondary Applications
Exploit
Bedita 3.5.1 - XSS Vulnerabilities
Edimax BR6228nS/BR6228nC - Multiple Vulnerabilities
Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow
SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where PoC
XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write PoC
Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow
SphereFTP Server 2.0 - Crash PoC
OS X x64 /bin/sh Shellcode, NULL Byte Free, 34 bytes
Cerb 7.0.3 - CSRF Vulnerability
GPON Home Router FTP G-93RG1 - CSRF Command Execution Vulnerability
Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass
1.9.2015
Bugtraq
[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities 2015-09-01
CORE Advisories Team (advisories coresecurity com)
[security bulletin] HPSBMU03339 rev.1 - HP LoadRunner Controller, Local Execution of Arbitrary Code 2015-09-01
security-alert hp com
[security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information 2015-08-31
security-alert hp com
[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information 2015-08-31
security-alert hp com
Malware
Phishing
Mohamed Abdel | 1st September 2015 |
email update | 1st September 2015 |
Mona Yates | 1st September 2015 |
IT管ç†ä¸å¿ƒ | 1st September 2015 |
ã€ç½‘络è¿è¥éƒ¨ã€‘关于EMI | |
Wells Fargo Bank | 1st September 2015 |
PayPol Services | 31st August 2015 |
CASE ID : 1389795465 | PLEASE | |
PayPal - Customer | 31st August 2015 |
Natwest | 29th August 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Bedita 3.5.1 - XSS Vulnerabilities
Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow
31.8.2015
Bugtraq
[security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information 2015-08-31
security-alert hp com
[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information 2015-08-31
security-alert hp com
Dogma India dogmaindia CMS - Auth Bypass Vulnerability 2015-08-28
Vulnerability Lab (research vulnerability-lab com)
Jenkins 1.626 - Cross Site Request Forgery / Code Execution 2015-08-28
smash devilteam pl
LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability 2015-08-28
Vulnerability Lab (research vulnerability-lab com)
PayPal Bug Bounty #119 - Stored Cross Site Scripting Vulnerability 2015-08-28
Vulnerability Lab (research vulnerability-lab com)
[security bulletin] HPSBGN03407 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Modification, Disclosure of Information 2015-08-28
security-alert hp com
[security bulletin] HPSBGN03387 rev.1 - HP Intelligent Provisioning, Remote Code Execution, Unauthorized Access 2015-08-28
security-alert hp com
[SECURITY] [DSA 3346-1] drupal7 security update 2015-08-31
Alessandro Ghedini (ghedo debian org)
[security bulletin] HPSBMU03416 rev.1 - HP Data Protector, Remote Disclosure of Information 2015-08-28
security-alert hp com
[SECURITY] [DSA 3345-1] iceweasel security update 2015-08-29
Salvatore Bonaccorso (carnil debian org)
[slackware-security] mozilla-firefox (SSA:2015-241-01) 2015-08-29
Slackware Security Team (security slackware com)
Re: Re: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host 2015-08-30
kev r yahoo com
[SECURITY] [DSA 3344-1] php5 security update 2015-08-27
Sebastien Delafond (seb debian org)
Malware
TrojanDownloader:Win32/ExtenBro.A
BrowserModifier:Win32/Diplugem
DDoS:Win32/Nitol.J
TrojanDownloader:Win32/Olutall.B
TrojanDownloader:AutoIt/Fadef
SoftwareBundler:Win32/FakeDiX
Phishing
Vulnerebility
SANS News
Detecting file changes on Microsoft systems with FCIV
Threatpost
CoreBot Malware Steals Credentials-For Now
CERT Warns of Slew of Bugs in Belkin N600 Routers
NSF Awards $6M Grants for Internet of Things Security
CoreBot Malware Steals Credentials-For Now
Exploit
PhpWiki 1.5.4 - Multiple Vulnerabilities
Edimax PS-1206MF - Web Admin Auth Bypass
Ganglia Web Frontend < 3.5.1 - PHP Code Execution
Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection Vulnerability
Apple OS X Entitlements Rootpipe Privilege Escalation
Microsoft Office 2007 - msxml5.dll Crash PoC
Viber 4.2.0 - Non-Printable Characters Handling Denial of Service Vulnerability
30.8.2015
Bugtraq
Malware
BrowserModifier:Win32/Diplugem
TrojanDownloader:Win32/ExtenBro.A
DDoS:Win32/Nitol.J
TrojanDownloader:Win32/Olutall.B
TrojanDownloader:AutoIt/Fadef
SoftwareBundler:Win32/FakeDiX
Phishing
Natwest | 29th August 2015 |
Vulnerebility
SANS News
Automating Metrics using RTIR REST API
Threatpost
Appeals Court Vacates Lower Court’s Decision on National Security Letters
Exploit
MS SQL Server 2000/2005 SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit
Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure
Sysax Multi Server 6.40 SSH Component Denial of Service
28.8.2015
Bugtraq
[SECURITY] [DSA 3344-1] php5 security update 2015-08-27
Sebastien Delafond (seb debian org)
[security bulletin] HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of Information 2015-08-27
security-alert hp com
UAC Bypass Vulnerability on "Windows 7" in Windows Script Host 2015-08-27
vozzie gmail com (1 replies)
Malware
TrojanDownloader:Win32/Banload.BDQ
TrojanSpy:Win32/Bancos.ANS
TrojanDownloader:Win32/Banload.BDN
TrojanDownloader:Win32/Banload.BDL
PWS:Win32/Fareit.AF
TrojanDownloader:Win32/Zegost.H
Exploit:Win32/CVE-2015-2426
TrojanDownloader:MSIL/Winpud.A
Phishing
Barclays PLC. | 27th August 2015 |
Silvia Ribas. | 27th August 2015 |
Vulnerebility
SANS News
Test File: PDF With Embedded DOC Dropping EICAR
Threatpost
Adobe Hotfix Patches XXE Vulnerability in ColdFusion
Scanner Finds Malicious Android Apps at Scale
Google to Pause Flash Ads in Chrome Starting Next Week
FBI: Social Engineering, Hacks Lead to Millions Lost to Wire Fraud
Exploit
WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload
Jenkins 1.626 - Cross Site Request Forgery / Code Execution
Wolf CMS Arbitrary File Upload To Command Execution
Photo Transfer (2) 1.0 iOS - Denial of Service Vulnerability
27.8.2015
Bugtraq
UAC Bypass Vulnerability on "Windows 7" in Windows Script Host 2015-08-27
vozzie gmail com
[security bulletin] HPSBHF03408 rev.1 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code 2015-08-26
security-alert hp com
[security bulletin] HPSBGN03411 rev.1 - HP Operations Agent Virtual Appliance, Remote Unauthorized Disclosure of Information 2015-08-26
security-alert hp com
CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins 2015-08-26
grajalerts noreply gmail com
[security bulletin] HPSBGN03405 rev.1 - HP Integration Adaptor, Remote Unauthorized Modification, Disclosure of Information 2015-08-26
security-alert hp com
Malware
TrojanDownloader:Win32/Gratem.A
BrowserModifier:Win32/IstartSurf!lnk
BrowserModifier:Win32/DeltaHomes!lnk
BrowserModifier:Win32/OurSurfing!lnk
Phishing
Silvia Ribas. | 27th August 2015 |
PayPal | 27th August 2015 |
Vulnerebility
SANS News
Threatpost
Target Says SEC Won’t Pursue Enforcement Action as a Result of Data Breach
Patched Ins0mnia Vulnerability Keeps Malicious iOS Apps Hidden
Endress+Hauser Patches Buffer Overflow In Dozens of ICS Products
Exploit
Magento eCommerce - Remote Code Execution
VLC Media Player 2.2.1 - m3u8/m3u Crash PoC
FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution
Xion Audio Player 1.5 build 155 Stack Based Buffer Overflow
QEMU Programmable Interrupt Timer Controller Heap Overflow
26.8.2015
Bugtraq
[security bulletin] HPSBMU03397 rev.1 - HP Version Control Agent (VCA) on Windows and Linux, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03413 rev.1 - HP Virtual Connect Enterprise Manager SDK, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03396 rev.1 - HP Version Control Repository Manager (VCRM) on Windows and Linux, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities 2015-08-24
security-alert hp com
Malware
VBA / TrojanDownloader.Agent.AAC
VBA / TrojanDownloader.Agent.ZX
VBA / TrojanDownloader.Agent.ZS
Phishing
Natwest | 26th August 2015 |
PayPal | 26th August 2015 |
Vulnerebility
SANS News
Actor that tried Neutrino exploit kit now back to Angler
Threatpost
CERT Warns of Hard-Coded Credentials in DSL SOHO Routers
Researchers Uncover New Italian RAT uWarrior
Exploit
VLC Media Player 2.2.1 - m3u8/m3u Crash PoC
25.8.2015
Bugtraq
[security bulletin] HPSBMU03397 rev.1 - HP Version Control Agent (VCA) on Windows and Linux, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03413 rev.1 - HP Virtual Connect Enterprise Manager SDK, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03396 rev.1 - HP Version Control Repository Manager (VCRM) on Windows and Linux, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBGN03404 rev.1 - HP Service Health Reporter, Remote Unauthorized Modification 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03345 rev.1 - HP Network Node Manager i (NNMi) and Smart Plugins (iSPIs) for HP-UX, Linux, Solaris, and Windows, Remote Disclosure of Information, Unauthorized Modification 2015-08-24
security-alert hp com
[SYSS-2015-026] Denial of Service (CWE-730) and Overly Restrictive Account Lockout Mechanism (CWE-645) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
[SYSS-2015-027] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
[SYSS-2015-028] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
[SYSS-2015-029] Insecure Direct Object Reference (CWE-932) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
[SYSS-2015-032] Broken Authentication and Session Management (CWE-930) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
[SYSS-2015-030] Improper Handling of Insufficient Privileges (CWE-274) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
SYSS-2015-033: Missing Function Level Access Control (CWE-935) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation 2015-08-24
ajs swordshield com
Cross site request forgery vulnerability in Linksys WAG120N 2015-08-23
DonVallejo . (j v vallejo gmail com)
[SYSS-2015-025] Netop Remote Control - Insufficiently Protected Credentials 2015-08-24
matthias deeg syss de
Malware
Phishing
service@paypal.co.uk | 24th August 2015 |
ACTION REQUIRED -YOUR BANK HAS | |
Vulnerebility
SANS News
Dropbox Phishing via Compromised Wordpress Site
Threatpost
Charlie Miller to Leave Twitter Security Team
AutoIt Used in Targeted Attacks to Move RATs
Exploit
Microsoft Office 2007 OneTableDocumentStream Invalid Object
Microsoft Office 2007 Malformed Document Stack-Based Buffer Overflow
Firefox PDF.js Privileged Javascript Injection
Pligg CMS 2.0.2 - CSRF Add Admin Exploit
WordPress GeoPlaces3 Theme - Arbitrary File Upload Vulnerbility
Mock SMTP Server 1.0 Remote Crash PoC
GOM Audio 2.0.8 - (.gas) Crash POC
Keeper IP Camera 3.2.2.10 - Authentication Bypass
24.8.2015
Bugtraq
Cross site request forgery vulnerability in Linksys WAG120N 2015-08-23
DonVallejo . (j v vallejo gmail com)
[SYSS-2015-025] Netop Remote Control - Insufficiently Protected Credentials 2015-08-24
matthias deeg syss de
Logstash vulnerability CVE-2015-5619 2015-08-21
Suyog Rao (suyog elastic co)
Malware
Phishing
SUPPORT | 24th August 2015 |
Microsoft | 24th August 2015 |
sales | 23rd August 2015 |
Chase Bank | 23rd August 2015 |
USAA | 23rd August 2015 |
Vulnerebility
SANS News
Are You Protecting your "Backdoor" ?
Threatpost
White House Support for CISA Worries Privacy Advocates - See more at: https://threatpost.com/#sthash.N0mq2Ham.dpuf
White House Support for CISA Worries Privacy Advocates
AlienSpy RAT Resurfaces as JSocket
Vulnerabilities Identified in Dolphin, Mercury Android Browsers
Exploit
Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow
Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow
24.8.2015
Bugtraq
Logstash vulnerability CVE-2015-5619 2015-08-21
Suyog Rao (suyog elastic co)
[security bulletin] HPSBUX03410 SSRT102175 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-21
security-alert hp com
Re: [SECURITY] [DSA 3325-2] apache2 regression update 2015-08-21
franzskinn gmail com
APPLE-SA-2015-08-20-1 QuickTime 7.7.8 2015-08-20
Apple Product Security (product-security-noreply lists apple com)
Re: Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability 2015-08-20
anonymous yahoo com
[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege 2015-08-20
security-alert hp com
[SECURITY] [DSA 3342-1] vlc security update 2015-08-20
Alessandro Ghedini (ghedo debian org)
[oCERT-2015-009] VLC arbitrary pointer dereference 2015-08-20
Andrea Barisani (lcars ocert org)
UBNT Bug Bounty #3 - Persistent Filename Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
WebSolutions India Design CMS - SQL Injection Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
ChiefPDF Software v2.x - Buffer Overflow Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Malware
Phishing
Chase Bank | 23rd August 2015 |
USAA | 23rd August 2015 |
Lloyds Bank | 22nd August 2015 |
Lloyds | 22nd August 2015 |
Vulnerebility
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-08-22
http://www.securityfocus.com/bid/73684
Symantec Endpoint Protection Manager CVE-2015-1487 Arbitrary File Write Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76094
Linux Kernel 'perf_callchain_user_64()' Function Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76401
Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-08-22
http://www.securityfocus.com/bid/76288
Adobe FlashPlayer and AIR APSB15-19 Type Confusion Multiple Remote Code Execution Vulnerabilities
2015-08-22
http://www.securityfocus.com/bid/76287
Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76194
IBM WebSphere Application Server CVE-2015-1885 Remote Privilege Escalation Vulnerability
2015-08-22
http://www.securityfocus.com/bid/74219
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76249
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76092
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75157
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75154
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75890
Symantec Endpoint Protection Manager CVE-2015-1489 Remote Privilege Escalation Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76078
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/73237
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/73225
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/73232
Symantec Endpoint Protection Manager CVE-2015-1486 Authentication Bypass Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76074
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-08-22
http://www.securityfocus.com/bid/73326
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-08-22
http://www.securityfocus.com/bid/71936
Apple Mac OS X Multiple Privilege Escalation Vulnerabilities
2015-08-22
http://www.securityfocus.com/bid/76421
Elasticsearch CVE-2015-5377 Remote Code Execution Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75938
Elasticsearch CVE-2015-5531 Directory Traversal Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75935
IBM WebSphere Application Server CVE-2015-1927 Remote Privilege Escalation Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75486
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-08-22
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2015-0437 Remote Java SE Vulnerability
2015-08-22
http://www.securityfocus.com/bid/72146
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-08-22
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-08-22
http://www.securityfocus.com/bid/72140
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-08-22
http://www.securityfocus.com/bid/72142
SANS News
Threatpost
Exploit
Microsoft Office 2007 wwlib.dll fcPlcfFldMom Uninitialized Heap Usage
Microsoft Office 2007 wwlib.dll Type Confusion
Microsoft Office 2007 OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write
Microsoft Office 2007 MSO.dll Arbitrary Free
Microsoft Office 2007 MSO.dll Use-After-Free
Windows win32k.sys TTF Font Processing win32k!fsc_BLTHoriz Out-of-Bounds Pool Write
Windows win32k.sys TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access
Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed FDSelect Offset in the CFF Table
Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table
Windows win32k.sys TTF Font Processing win32k!scl_ApplyTranslation Pool-Based Buffer Overflow
Windows win32k.sys TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow
Windows ATMFD.DLL Write to Uninitialized Address Due to Malformed CFF Table
Windows ATMFD.DLL CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access
Windows ATMFD.DLL CFF table (ATMFD+0x34072 / ATMFD+0x3407b) Invalid Memory Access
Windows ATMFD.DLL CharString Stream Out-of-Bounds Reads
Microsoft Office 2007 MSPTLS Heap Index Integer Underflow
21.8.2015
Bugtraq
[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege 2015-08-20
security-alert hp com
[SECURITY] [DSA 3342-1] vlc security update 2015-08-20
Alessandro Ghedini (ghedo debian org)
[oCERT-2015-009] VLC arbitrary pointer dereference 2015-08-20
Andrea Barisani (lcars ocert org)
UBNT Bug Bounty #3 - Persistent Filename Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
WebSolutions India Design CMS - SQL Injection Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Malware
Win32/TrojanDownloader.Small.ACX
Phishing
Microsoft | 21st August 2015 |
HM Revenue & Customs | 21st August 2015 |
@aol.com | 20th August 2015 |
Amazon Support | 20th August 2015 |
Amazon Support | 19th August 2015 |
Vulnerebility
Multiple Zend Products CVE-2015-5161 XML External Entity Injection Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76177
Apache Subversion CVE-2015-0248 Multiple Denial of Service Vulnerabilities
2015-08-21
http://www.securityfocus.com/bid/74260
Apache Subversion CVE-2015-3184 Information Disclosure Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76274
Apache Subversion CVE-2014-8108 Remote Denial of Service Vulnerability
2015-08-21
http://www.securityfocus.com/bid/71725
Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76273
Apache Subversion 'deadprops.c' Security Bypass Vulnerability
2015-08-21
http://www.securityfocus.com/bid/74259
Apache Subversion CVE-2014-3580 Remote Denial of Service Vulnerability
2015-08-21
http://www.securityfocus.com/bid/71726
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75867
Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76194
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-08-21
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75796
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-2613 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75871
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-08-21
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-2590 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75818
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75823
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75861
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-4731 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75812
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75784
WordPress WP OAuth Server Plugin Multiple Predictable Random Number Generator Weaknesses
2015-08-21
http://www.securityfocus.com/bid/76363
Linux Kernel CVE-2015-3212 Local Security Bypass Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76082
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76092
ISC BIND CVE-2014-8500 Remote Denial of Service Vulnerability
2015-08-21
http://www.securityfocus.com/bid/71590
Huawei Mate 7 Smartphone Multiple Local Privilege Escalation Vulnerabilities
2015-08-21
http://www.securityfocus.com/bid/74742
Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75849
Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75837
SANS News
A recent decline in traffic associated with Operation Windigo
Threatpost
Uptick in Neutrino Exploit Kit Traffic Doesn’t Mean Angler Reign Over
Details Surface on Patched Sandbox Violation Vulnerability in iOS
Facebook Updates Information-Sharing Platform
Exploit
WordPress MDC Private Message Plugin 1.0.0 - Persistent XSS
Valhala Honeypot 1.8 - Stack-Based Buffer Overflow
Win2003 x64 - Token Stealing shellcode - 59 bytes
20.8.2015
Bugtraq
[security bulletin] HPSBUX03400 SSRT102211 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-19
security-alert hp com
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability 2015-08-19
Christofer Dutz (cdutz apache org)
Privilege escalation through RPC commands in EMC Documentum Content Server (incomplete fix in CVE-2015-4532) 2015-08-19
andrew panfilov tel
Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19
Asher995 gmail com (2 replies)
Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19
paul szabo sydney edu au
RE: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19
Chillman, Paul, Vodafone UK (Paul Chillman vodafone com)
[SYSS-2015-041] XSS in OpenText Secure MFT 2015-08-19
adrian vollmer syss de
Malware
Phishing
Amazon Support | 20th August 2015 |
Amazon Support | 19th August 2015 |
PayPal Inc | 19th August 2015 |
[PAYPAL VERIFICATION] ✉ LAST | |
Vulnerebility
Linux Kernel CVE-2015-3212 Local Security Bypass Vulnerability
2015-08-20
http://www.securityfocus.com/bid/76082
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-08-20
http://www.securityfocus.com/bid/76092
ISC BIND CVE-2014-8500 Remote Denial of Service Vulnerability
2015-08-20
http://www.securityfocus.com/bid/71590
Huawei Mate 7 Smartphone Multiple Local Privilege Escalation Vulnerabilities
2015-08-20
http://www.securityfocus.com/bid/74742
Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75849
Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75837
Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75802
Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75830
Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75822
Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74089
Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74112
Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74103
Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75759
Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72217
Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74115
Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75751
Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72210
Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72191
Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72214
Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74095
Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72205
Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74073
Oracle MySQL Server CVE-2015-2573 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74078
Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72227
Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72200
Oracle MySQL Server CVE-2015-0501 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74070
Drupal Acquia Cloud Site Factory Connector Module Open Redirection Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75280
Drupal LABjs Module Open Redirection Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75279
Drupal Shibboleth authentication Module Cross Site Scripting Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75410
Drupal HybridAuth Social Login Module Access Bypass Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75412
SANS News
Actor using Angler exploit kit switched to Neutrino
Threatpost
Holes Patched in Online Bookmarking App Pocket
Web.com Loses 93,000 Credit Card Numbers in Breach
Inside the Unpatched OS X Vulnerabilities
Exploit
Aruba Mobility Controller 6.4.2.8 - Multiple vulnerabilities
Vifi Radio v1 - CSRF Vulnerability
up.time 7.5.0 Superadmin Privilege Escalation Exploit
up.time 7.5.0 XSS And CSRF Add Admin Exploit
up.time 7.5.0 Arbitrary File Disclose And Delete Exploit
up.time 7.5.0 Upload And Execute File Exploit
19.8.2015
Bugtraq
[SYSS-2015-041] XSS in OpenText Secure MFT 2015-08-19
adrian vollmer syss de
Trend Micro Deep Discovery XSS 2015-08-19
apparitionsec gmail com
Trend Micro Deep Discovery Authentication Bypass 2015-08-19
apparitionsec gmail com
Re: Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-08-18
aabbccdd05407 gmail com
CVE-2015-5699 - Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation 2015-08-18
Gregory Pickett (gpickett71 yahoo com)
FreeBSD Security Advisory FreeBSD-SA-15:20.expat 2015-08-18
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 3338-1] python-django security update 2015-08-18
Alessandro Ghedini (ghedo debian org)
Malware
TrojanDownloader:Win32/Upatre.BR
TrojanDownloader:MSIL/Torwofun.B
PWS:Win32/QQpass.GR
PWS:MSIL/Facepass.A
SoftwareBundler:Win32/Bestof
PWS:O97M/Wipha.A
Phishing
admin email | 19th August 2015 |
Lisa | 18th August 2015 |
285$ | 18th August 2015 |
Tesco Bank | 18th August 2015 |
Tracy Allen | 18th August 2015 |
Natwest | 18th August 2015 |
Mail Administrator | 18th August 2015 |
Arlene Horton | 18th August 2015 |
Unlimited | 18th August 2015 |
FRESH TOOLS / ONLINE LIVE | |
Apple | 18th August 2015 |
YOUR APPLE ID WAS USED TO SIGN | |
Vulnerebility
Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72214
Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72191
Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72205
Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72200
Adobe Flash Player and AIR CVE-2015-5560 Unspecified Integer Overflow Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76289
Adobe FlashPlayer and AIR APSB15-19 Type Confusion Multiple Remote Code Execution Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/76287
Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/76288
Adobe Flash Player and AIR APSB15-19 Multiple Memroy Corruption Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/76291
Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72210
Adobe Flash Player and AIR CVE-2015-5124 Unspecified Memory Corruption Vulnerability
2015-08-19
http://www.securityfocus.com/bid/75959
Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/75087
Adobe FlashPlayer and AIR APSB15-19 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/76282
Adobe Flash Player ActionScript 3 BitmapData Use After Free Remote Memory Corruption Vulnerability
2015-08-19
http://www.securityfocus.com/bid/75710
Adobe Flash Player CVE-2015-5122 Use After Free Remote Memory Corruption Vulnerability
2015-08-19
http://www.securityfocus.com/bid/75712
OpenSSH Login Handling Security Bypass Weakness
2015-08-19
http://www.securityfocus.com/bid/75990
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-08-19
http://www.securityfocus.com/bid/75525
Net-SNMP snmptrapd CVE-2014-3565 Remote Denial of Service Vulnerability
2015-08-19
http://www.securityfocus.com/bid/69477
Fortinet FortiOS SSL-VPN Man in The Middle Security Bypass Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76065
Linux Kernel 'get_bitmap_file()' Function Local Information Disclosure Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76066
GNU glibc 'getaddrinfo.c' Remote Code Execution Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72710
Linux Kernel Multiple Remote Denial of Service Vulnerability
2015-08-19
http://www.securityfocus.com/bid/75510
Mozilla Firefox CVE-2015-4492 Use After Free Memory Corruption Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76297
Mozilla Firefox Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/76294
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76249
Icecast Remote Denial of Service Vulnerability
2015-08-19
http://www.securityfocus.com/bid/73965
libgadu CVE-2014-3775 Memory Corruption Vulnerability
2015-08-19
http://www.securityfocus.com/bid/67471
Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2015-08-19
http://www.securityfocus.com/bid/65188
libgadu SSL Certificate Validation CVE-2013-4488 Security Bypass Vulnerability
2015-08-19
http://www.securityfocus.com/bid/63473
SQLite Versions Prior to 3.8.9 Multiple Security Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/74228
Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76273
SANS News
Microsoft Security Bulletin MS15-093 - Critical OOB - Internet Explorer RCE
Threatpost
Emergency IE Patch Fixes Vulnerability Under Attack
IRS Hack May Implicate Three Times As Many Taxpayers Than Expected
Apple Zero Day Remains Unpatched
Core Infrastructure Initiative Launches Open Source Security Badge Program
Adobe Patches XXE Vulnerability in LiveCycle Data Services
Exploit
Flash Broker-Based Sandbox Escape via Forward Slash Instead of Backslash
Flash Broker-Based Sandbox Escape via Unexpected Directory Lock
Flash Broker-Based Sandbox Escape via Timing Attack Against File Moving
Flash Boundless Tunes - Universal SOP Bypass Through ActionSctipt's Sound Object
Flash PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution
Flash Player Integer Overflow in Function.apply
Flash AVSS.setSubscribedTags Use After Free Memory Corruption
Flash Uninitialized Stack Variable MPD Parsing Memory Corruption
Flash Issues in DefineBitsLossless and DefineBitsLossless2 Leads to Using Uninitialized Memory
Flash AS2 Use After Free in TextField.filters
Flash AS2 Use After Free While Setting TextField.filters
Flash Use-After-Free in Display List Handling
Flash Use-After-Free in NetConnection.connect
Adobe Flash Use-After-Free When Setting Variable
Flash AS2 Use After Free in DisplacementMapFilter.mapBitmap
Flash Use-After-Free with MovieClip.scrollRect in AS2
Adobe Flash Use-After-Free When Setting Value
Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File
Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File (2)
Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF
Adobe Flash Use-After-Free in XML.childNodes
Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow
FTP Commander 8.02 - SEH Overwrite
OS X 10.10.5 - XNU Local Privilege Escalation
18.8.2015
Bugtraq
Re: [SECURITY] [DSA 3336-1] nss security update 2015-08-17
miguelmellolopes gmail com
EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532) 2015-08-17
andrew panfilov tel
[SECURITY] [DSA 3336-1] nss security update 2015-08-17
Salvatore Bonaccorso (carnil debian org)
sysadmin privilege in EMC Documentum Content Server 2015-08-17
andrew panfilov tel
Insufficient certificate validation in EMC Secure Remote Services Virtual Edition 2015-08-17
Securify B.V. (lists securify nl)
Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal 2015-08-17
Securify B.V. (lists securify nl)
[ERPSCAN-15-013] SAP NetWeaver AS Java CIM UPLOAD â?? XXE 2015-08-17
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-012] SAP Afaria 7 XComms â?? Buffer Overflow 2015-08-17
ERPScan inc (erpscan online gmail com)
ESA-2015-130: EMC Documentum WebTop and WebTop Clients Cross-Site Request Forgery Vulnerability 2015-08-17
Security Alert (Security_Alert emc com)
ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities 2015-08-17
Security Alert (Security_Alert emc com)
Malware
PWS:O97M/Wipha.A
PWS:Win32/Wipha.A
TrojanDownloader:Win32/Tembatch.B
Exploit:VBS/CVE-2014-6332
Exploit:SWF/CVE-2014-6332
Phishing
Barclays | 18th August 2015 |
TalkTalk | 17th August 2015 |
The payment for your latest | |
NEWF#CKFRIEND | 17th August 2015 |
6367$ | 17th August 2015 |
No need to stay awake all | |
Vulnerebility
Linux Kernel 'get_bitmap_file()' Function Local Information Disclosure Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76066
GNU glibc 'getaddrinfo.c' Remote Code Execution Vulnerability
2015-08-18
http://www.securityfocus.com/bid/72710
Linux Kernel Multiple Remote Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/75510
Mozilla Firefox CVE-2015-4492 Use After Free Memory Corruption Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76297
Mozilla Firefox Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/76294
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76249
Icecast Remote Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/73965
libgadu CVE-2014-3775 Memory Corruption Vulnerability
2015-08-18
http://www.securityfocus.com/bid/67471
Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2015-08-18
http://www.securityfocus.com/bid/65188
libgadu SSL Certificate Validation CVE-2013-4488 Security Bypass Vulnerability
2015-08-18
http://www.securityfocus.com/bid/63473
SQLite Versions Prior to 3.8.9 Multiple Security Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/74228
Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76273
Apache Subversion 'deadprops.c' Security Bypass Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74259
Apache Subversion CVE-2015-0248 Multiple Denial of Service Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/74260
IBM Domino Remote Cross Site Scripting Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74908
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-08-18
http://www.securityfocus.com/bid/72169
Linux Kernel 'x86/entry/entry_64.S' Local Privilege Escalation Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76004
Linux Kernel CVE-2015-3212 Local Security Bypass Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76082
Linux Kernel CVE-2014-9731 Local Information Disclosure Vulnerability
2015-08-18
http://www.securityfocus.com/bid/75001
Linux Kernel KVM 'kvm_apic_has_events()' Function Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/75142
Linux Kernel '/arch/x86/net/bpf_jit_comp.c' CVE-2015-4700 Local Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/75356
Linux Kernel UDF File System Multiple Local Denial of Service Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/74964
Linux Kernel 'ozwpan' Driver Multiple Heap Buffer Overflow Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/74672
Linux Kernel 'vhost/scsi.c' Local Memory Corruption Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74664
Linux Kernel 'ozwpan' Driver Multiple Denial of Service Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/74668
Linux Kernel 'fs/udf/inode.c' Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74963
Linux Kernel CVE-2015-3636 Local Privilege Escalation Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74450
Linux Kernel 'fs/fhandle.c' Local Race Condition Vulnerability
2015-08-18
http://www.securityfocus.com/bid/72357
Linux Kernel 'sk_dst_get()' Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/72435
Linux Kernel CVE-2015-2922 Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74315
SANS News
Tool Tip: Kansa Stafford released, PowerShell for DFIR
Threatpost
Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched
Exploit
Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched - See more at: https://threatpost.com/#sthash.fuC1gXrv.dpuf
Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched
Uber to Quadruple Security Staff by 2016
Werkzeug Debug Shell Command Execution
Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
VideoCharge Studio Buffer Overflow (SEH)
FTP Commander 8.02 - SEH Overwrite
Cisco Unified Communications Manager - Multiple Vulnerabilities
vBulletin < 4.2.2 - Memcache Remote Code Execution
Nuts CMS Remote PHP Code Injection / Execution
Magento CE < 1.9.0.1 Post Auth RCE
PHPfileNavigator 2.3.3 - XSS Vulnerabilities
PHPfileNavigator 2.3.3 - CSRF Vulnerability
Sagemcom F@ST 3864 V2 - Get Admin Password
17.8.2015
Bugtraq
Poor security in SOHO routers, again. Changing configuration parameters with a click. 2015-08-17
DonVallejo . (j v vallejo gmail com)
Re: Multiple vulnerabilites in vendor IKE implementations, including Cisco, 2015-08-16
arash yazdanfare gmail com
Re: NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE 2015-08-16
13669185678 139 com
Malware
PWS:Win32/Rugond.A
TrojanDropper:Win32/Notdinoti.B
TrojanDropper:Win32/Strakupa.A
TrojanSpy:Win32/Gucotut.A
TrojanDownloader:Win32/Lentrigy.A
TrojanDownloader:MSIL/Runtk.A
Backdoor:Win32/Venik.K
Phishing
FindMeAndF#ckMe | 17th August 2015 |
PayPal | 17th August 2015 |
ROCKSTAR SERVER | 15th August 2015 |
Vulnerebility
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-08-17
http://www.securityfocus.com/bid/75161
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/75157
cURL/libcURL 'fix_hostname()' Function Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/74300
Todd Miller Sudo 'validate_env_vars()' Local Privilege Escalation Vulnerability
2015-08-17
http://www.securityfocus.com/bid/65997
Todd Miller Sudo CVE-2014-9680 Local Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/72649
GNU Troff pdfroff Insecure Temporary File Creation and Arbitrary File Access Vulnerabilities
2015-08-17
http://www.securityfocus.com/bid/36381
tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71150
tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71153
Todd Miller Sudo CVE-2013-1775 Local Authentication Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/58203
Todd Miller Sudo CVE-2013-2776 Local Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/62741
Python 'ZipExtFile._read2()' Method Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/65179
Python 'sock_recvfrom_into()' Function Buffer Overflow Vulnerability
2015-08-17
http://www.securityfocus.com/bid/65379
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71701
Perl CVE-2013-7422 Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/75704
Python CVE-2014-9365 TLS Certificate Validation Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71639
cURL/libcURL CVE-2015-3145 Out of Bounds Read Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/74303
cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2015-08-17
http://www.securityfocus.com/bid/70988
cURL/libcURL CVE-2015-3148 Remote Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/74301
cURL/libcURL CVE-2015-3153 Information Disclosure Vulnerability
2015-08-17
http://www.securityfocus.com/bid/74408
cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/69742
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71964
Todd Miller Sudo CVE-2013-1776 Local Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/58207
tcpdump CVE-2014-9140 Buffer Overflow Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71468
cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/69748
cURL/libcURL NTLM connection CVE-2015-3143 Remote Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/74299
PostgreSQL CVE-2014-8161 Information Disclosure Vulnerability
2015-08-17
http://www.securityfocus.com/bid/72538
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/75158
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/75156
PostgreSQL CVE-2015-0244 Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/72543
PostgreSQL 'to_char()' Function Buffer Overflow Vulnerability
2015-08-17
http://www.securityfocus.com/bid/72540
SANS News
Tool Tip: Kansa Stafford released, PowerShell for DFIR
Threatpost
Apple Patches Critical OS X DYLD Flaw in Monster Update - See more at: https://threatpost.com/#sthash.1zChwKF7.dpuf
Apple Patches Critical OS X DYLD Flaw in Monster Update - See more at: https://threatpost.com/#sthash.1zChwKF7.dpuf
AT&T Facilitated NSA Surveillance Efforts, Reports
Using BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks
Exploit
Microsoft Windows HTA (HTML Application) - Remote Code Execution (MS14-064)
Sagemcom F@ST 3864 V2 - Get Admin Password
MASM321 11 Quick Editor (.qeditor) 4.0g- .qse SEH Based Buffer Overflow (ASLR & SAFESEH bypass)
XMPlay 3.8.1.12 - .pls Local Crash PoC
16.8.2015
Bugtraq
Malware
Phishing
ROCKSTAR SERVER | 15th August 2015 |
PayPal | 15th August 2015 |
Apple Inc. | 15th August 2015 |
Vulnerebility
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-08-16
http://www.securityfocus.com/bid/75161
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/75157
cURL/libcURL 'fix_hostname()' Function Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/74300
Todd Miller Sudo 'validate_env_vars()' Local Privilege Escalation Vulnerability
2015-08-16
http://www.securityfocus.com/bid/65997
Todd Miller Sudo CVE-2014-9680 Local Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/72649
GNU Troff pdfroff Insecure Temporary File Creation and Arbitrary File Access Vulnerabilities
2015-08-16
http://www.securityfocus.com/bid/36381
tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71150
tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71153
Todd Miller Sudo CVE-2013-1775 Local Authentication Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/58203
Todd Miller Sudo CVE-2013-2776 Local Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/62741
Python 'ZipExtFile._read2()' Method Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/65179
Python 'sock_recvfrom_into()' Function Buffer Overflow Vulnerability
2015-08-16
http://www.securityfocus.com/bid/65379
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71701
Perl CVE-2013-7422 Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/75704
Python CVE-2014-9365 TLS Certificate Validation Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71639
cURL/libcURL CVE-2015-3145 Out of Bounds Read Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/74303
cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2015-08-16
http://www.securityfocus.com/bid/70988
cURL/libcURL CVE-2015-3148 Remote Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/74301
cURL/libcURL CVE-2015-3153 Information Disclosure Vulnerability
2015-08-16
http://www.securityfocus.com/bid/74408
cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/69742
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71964
Todd Miller Sudo CVE-2013-1776 Local Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/58207
tcpdump CVE-2014-9140 Buffer Overflow Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71468
cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/69748
cURL/libcURL NTLM connection CVE-2015-3143 Remote Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/74299
PostgreSQL CVE-2014-8161 Information Disclosure Vulnerability
2015-08-16
http://www.securityfocus.com/bid/72538
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/75158
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/75156
PostgreSQL CVE-2015-0244 Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/72543
PostgreSQL 'to_char()' Function Buffer Overflow Vulnerability
2015-08-16
http://www.securityfocus.com/bid/72540
SANS News
Threatpost
Apple Patches Critical OS X DYLD Flaw in Monster Update
Exploit
15.8.2015
Bugtraq
Malware
Phishing
Apple Inc. | 15th August 2015 |
webmaster | 14th August 2015 |
EMail from Easy Biz (EARN $500 | |
Ashley Johnston | 14th August 2015 |
Vulnerebility
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-08-15
http://www.securityfocus.com/bid/75161
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/75157
cURL/libcURL 'fix_hostname()' Function Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/74300
Todd Miller Sudo 'validate_env_vars()' Local Privilege Escalation Vulnerability
2015-08-15
http://www.securityfocus.com/bid/65997
Todd Miller Sudo CVE-2014-9680 Local Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/72649
GNU Troff pdfroff Insecure Temporary File Creation and Arbitrary File Access Vulnerabilities
2015-08-15
http://www.securityfocus.com/bid/36381
tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71150
tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71153
Todd Miller Sudo CVE-2013-1775 Local Authentication Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/58203
Todd Miller Sudo CVE-2013-2776 Local Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/62741
Python 'ZipExtFile._read2()' Method Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/65179
Python 'sock_recvfrom_into()' Function Buffer Overflow Vulnerability
2015-08-15
http://www.securityfocus.com/bid/65379
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71701
Perl CVE-2013-7422 Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/75704
Python CVE-2014-9365 TLS Certificate Validation Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71639
cURL/libcURL CVE-2015-3145 Out of Bounds Read Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/74303
cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2015-08-15
http://www.securityfocus.com/bid/70988
cURL/libcURL CVE-2015-3148 Remote Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/74301
cURL/libcURL CVE-2015-3153 Information Disclosure Vulnerability
2015-08-15
http://www.securityfocus.com/bid/74408
cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/69742
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71964
Todd Miller Sudo CVE-2013-1776 Local Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/58207
tcpdump CVE-2014-9140 Buffer Overflow Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71468
cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/69748
cURL/libcURL NTLM connection CVE-2015-3143 Remote Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/74299
PostgreSQL CVE-2014-8161 Information Disclosure Vulnerability
2015-08-15
http://www.securityfocus.com/bid/72538
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/75158
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/75156
PostgreSQL CVE-2015-0244 Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/72543
PostgreSQL 'to_char()' Function Buffer Overflow Vulnerability
2015-08-15
http://www.securityfocus.com/bid/72540
SANS News
Threatpost
OwnStar Attack Now Aimed at BMW, Chrysler, Mercedes Cars
Apple Patches Critical OS X DYLD Flaw in Monster Update
Exploit
Gkplugins Picasaweb - Download File
TOTOLINK Routers - Backdoor and RCE Exploit PoC
Joomla com_memorix component - SQL Injection vulnerability
Microsoft HTML Help Compiler 4.74.8702.0 - SEH Based Overflow
Firefox < 39.03 - pdf.js Same Origin Policy Exploit
Ability FTP Server 2.1.4 - afsmain.exe USER Command Remote DoS
Ability FTP Server 2.1.4 - Admin Panel AUTHCODE Command Remote DoS
Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC
14.8.2015
Bugtraq
Nuance PowerPDF Advanced Metadata Information Disclosure Vulnerability (low|local) 2015-08-13
Christopher Hudel (christopher hudel com)
APPLE-SA-2015-08-13-4 OS X Server v4.1.5 2015-08-13
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006 2015-08-13
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-08-13-3 iOS 8.4.1 2015-08-13
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 2015-08-13
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBGN03393 rev.1 - HP Operations Manager i, Remote Code Execution 2015-08-12
security-alert hp com
Malware
Phishing
Amazon | 13th August 2015 |
WebTeam | 13th August 2015 |
JAMES F. ENTWISTLE | 13th August 2015 |
PayPal | 13th August 2015 |
[PayPal Support] Your Account | |
Vulnerebility
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-08-14
http://www.securityfocus.com/bid/76092
WordPress Prior to 4.2.4 Multiple Security Vulnerabilities
2015-08-14
http://www.securityfocus.com/bid/76160
WordPress Prior to 4.2.3 Multiple Security Vulnerabilities
2015-08-14
http://www.securityfocus.com/bid/76011
Mozilla Firefox CVE-2015-4492 Use After Free Memory Corruption Vulnerability
2015-08-14
http://www.securityfocus.com/bid/76297
Mozilla Firefox Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-08-14
http://www.securityfocus.com/bid/76294
SANS News
More patches! This time from Apple to Safari, OS X and OS X server
Microsoft patch tuesday problem with Symantec Cloud Endpoint protection?
Threatpost
Stagefright Patch Incomplete Leaving Android Devices Still Exposed
Salesforce Patches XSS on a Subdomain
Zero Day in Android’s Google Admin App Can Bypass Sandbox
Exploit
13.8.2015
Bugtraq
phpipam-1.1.010 XSS Vulnerability 2015-08-12
apparitionsec gmail com
PHPfileNavigator v2.3.3 CSRF Add Arbitrary Users 2015-08-12
apparitionsec gmail com
phpipam-1.1.010 XSS Vulnerability 2015-08-12
apparitionsec gmail com
Malware
Phishing
iLOTTO INTERNET LOTTERY | 13th August 2015 |
iLOTTO INTERNET LOTTERY | 13th August 2015 |
iLOTTO INTERNET LOTTERY | 12th August 2015 |
Alexandra Smith | 12th August 2015 |
Vulnerebility
WordPress Prior to 4.2.4 Multiple Security Vulnerabilities
2015-08-13
http://www.securityfocus.com/bid/76160
WordPress Prior to 4.2.3 Multiple Security Vulnerabilities
2015-08-13
http://www.securityfocus.com/bid/76011
Mozilla Firefox CVE-2015-4492 Use After Free Memory Corruption Vulnerability
2015-08-13
http://www.securityfocus.com/bid/76297
Mozilla Firefox Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-08-13
http://www.securityfocus.com/bid/76294
SANS News
Yes Virginia, Stored XSS's Do Exist!
Threatpost
Facebook Awards $100,000 for New Class of Vulnerabilities and Detection Tool
Exploit
Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability (MS15-079)
Windows 8.1 DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076)
Linux x86 - /bin/sh ROL/ROR Encoded Shellcode
12.8.2015
Bugtraq
[slackware-security] mozilla-firefox (SSA:2015-219-01) 2015-08-08
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3330-1] activemq security update 2015-08-07
Moritz Muehlenhoff (jmm debian org)
QNAP crypto keys logged on unencrypted disk partition in world accessible files 2015-08-07
Andreas Steinmetz (ast domdv de)
[slackware-security] mozilla-nss (SSA:2015-219-02) 2015-08-08
Slackware Security Team (security slackware com)
Device Inspector v1.5 iOS - Command Inject Vulnerabilities 2015-08-07
Vulnerability Lab (research vulnerability-lab com)
Ferrari - PHP CGI Argument Injection (RCE) Vulnerability 2015-08-07
Vulnerability Lab (research vulnerability-lab com)
Malware
VBA / TrojanDownloader.Agent.ZH
VBA / TrojanDownloader.Agent.ZC
VBA / TrojanDownloader.Agent.YX
VBA / TrojanDownloader.Agent.YW
Phishing
noreply@intipaypal | 12th August 2015 |
PayPal | 12th August 2015 |
Mail Delivery Service | 11th August 2015 |
Wells Fargo | 11th August 2015 |
MS linda | 11th August 2015 |
linda lin | 11th August 2015 |
USAA | 11th August 2015 |
Vulnerebility
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-08-11
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-08-11
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-08-11
http://www.securityfocus.com/bid/74111
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-08-11
http://www.securityfocus.com/bid/71936
FreeType Versions Prior to 2.5.4 Multiple Remote Vulnerabilities
2015-08-11
http://www.securityfocus.com/bid/72986
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/73231
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/73232
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75156
Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/74475
IBM WebSphere Application Server CVE-2015-1920 Remote Code Execution Vulnerability
2015-08-11
http://www.securityfocus.com/bid/74439
Froxlor 'class.Database.php' Information Disclosure Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76097
Remind 'var.c' Buffer Overflow Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76099
Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75919
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75157
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75161
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75154
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-08-11
http://www.securityfocus.com/bid/74733
PHP 'cgi_main.c' Out of Bounds Read Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/71833
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75158
Google Stagefright Media Playback Engine Multiple Remote Code Execution Vulnerabilities
2015-08-11
http://www.securityfocus.com/bid/76052
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76249
XMLTooling-C CVE-2015-0851 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76134
Linux Kernel 'x86/entry/entry_64.S' Local Privilege Escalation Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76004
Mozilla Firefox OS Graphics Buffer Management Memory Corruption Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76253
Mozilla Firefox OS Same Origin Policy Security Bypass Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76255
Mozilla Firefox OS USB Mass Storage handling Local Security Bypass Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76254
Linux Kernel '/arch/x86/net/bpf_jit_comp.c' CVE-2015-4700 Local Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75356
Linux Kernel 'path_openat()' Function Use After Free Memory Corruption Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76142
SANS News
Threatpost
Huge Flash Update Patches More Than 30 Vulnerabilities
Sen. Warren Worried About Banks’ New Encrypted Messaging Platform
Patched Android ‘Serialization’ Vulnerability Affects 55 Percent of Devices
Oracle CSO: You ‘Must Not Reverse Engineer Our Code’
Hack-Fueled ‘Unprecedented’ Insider Trading Ring Nets $100M
Microsoft Patches Critical Vulnerabilities in New Edge Browser
Exploit
Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability (MS15-079)
11.8.2015
Bugtraq
[slackware-security] mozilla-firefox (SSA:2015-219-01) 2015-08-08
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3330-1] activemq security update 2015-08-07
Moritz Muehlenhoff (jmm debian org)
QNAP crypto keys logged on unencrypted disk partition in world accessible files 2015-08-07
Andreas Steinmetz (ast domdv de)
[slackware-security] mozilla-nss (SSA:2015-219-02) 2015-08-08
Slackware Security Team (security slackware com)
Device Inspector v1.5 iOS - Command Inject Vulnerabilities 2015-08-07
Vulnerability Lab (research vulnerability-lab com)
Ferrari - PHP CGI Argument Injection (RCE) Vulnerability 2015-08-07
Vulnerability Lab (research vulnerability-lab com)
Thomson Reuters FATCA - Arbitrary File Upload 2015-08-07
jakub palaczynski ingservicespolska pl
[SECURITY] [DSA 3329-1] linux security update 2015-08-07
Salvatore Bonaccorso (carnil debian org)
Malware
Trojan:Win32/Hucnak.D!plock
Trojan:Win32/Hucnak.C!plock
Trojan:Win32/Hucnak.B!plock
Trojan:Win32/Hucnak.A!plock
Phishing
United Arab | 11th August 2015 |
USAA.Web.Services | 11th August 2015 |
Barclays Online | 10th August 2015 |
PayPal Inc | 10th August 2015 |
PayPal Inc | 10th August 2015 |
Account Notification | 9th August 2015 |
Vulnerebility
SANS News
.COM.COM Used For Malicious Typo Squatting
Threatpost
Exploit
10.8.2015
Bugtraq
Malware
TrojanDownloader:Win32/Zeagle.G
TrojanDownloader:Win32/Upatre.BW
Phishing
Account Notification | 9th August 2015 |
@aol.com | 8th August 2015 |
Apple Inc | 8th August 2015 |
ACCOUNT TEMPORARILY SUSPENDED | |
NatWest | 8th August 2015 |
Vulnerebility
SANS News
What Was Old is New Again: Honeypots!
Threatpost
Mozilla Patches Bug Used in Active Attacks
Privacy Badger 1.0 Released With Support For EFF Do Not Track Policy
Darkhotel APT Latest to Use Hacking Team Zero Day
Exploit
WordPress Video Gallery 2.7 SQL Injection
WordPress WPTF Image Gallery 1.03 - Aribtrary File Download
WordPress Recent Backups Plugin 0.7 - Arbitrary File Download
WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download
WordPress Video Gallery 2.7 SQL Injection
WordPress Candidate Application Form Plugin 1.0 - Arbitrary File Download
Havij Pro - Crash POC ,Linux x86 Egg Hunter Shellcode (19 bytes)
8.8.2015
Bugtraq
Thomson Reuters FATCA - Arbitrary File Upload 2015-08-07
jakub palaczynski ingservicespolska pl
[SECURITY] [DSA 3329-1] linux security update 2015-08-07
Salvatore Bonaccorso (carnil debian org)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de) (2 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Reindl Harald (h reindl thelounge net)
RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Steve Friedl (steve unixwiz net) (1 replies)
RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Frank Waarsenburg (fwaarsenburg ram-it nl) (1 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Jakob Holderbaum (hi jakob io) (1 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Teddy A PURWADI (teddyap access net id)
Malware
Phishing
NatWest | 7th August 2015 |
MBNA Limited | 6th August 2015 |
Account Support | 6th August 2015 |
TD Bank via Me | 6th August 2015 |
Vulnerebility
SANS News
Threatpost
Manipulating WSUS to Own Enterprises
Exploit
PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow
Froxlor Server Management Panel 0.9.33.1 - MySQL Login Information Disclosure
PHP News Script 4.0.0 - SQL Injection
Microweber 1.0.3 - Stored XSS And CSRF Add Admin Exploit
Microweber 1.0.3 File Upload Filter Bypass Remote PHP Code Execution
WordPress Job Manager Plugin 0.7.22 - Persistent XSS
Heroes of Might and Magic III .h3m Map file Buffer Overflow
Linux x86 Memory Sinkhole Privilege Escalation PoC
Windows NDProxy Privilege Escalation XP SP3 x86 and 2003 SP2 x86 (MS14-002)
Dell Netvault Backup 10.0.1.24 - Denial of Service
7.8.2015
Bugtraq
Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de) (2 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Reindl Harald (h reindl thelounge net)
RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Steve Friedl (steve unixwiz net) (1 replies)
RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Frank Waarsenburg (fwaarsenburg ram-it nl) (1 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Jakob Holderbaum (hi jakob io)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de)
Malware
TrojanDownloader:Win32/Tembatch.A
TrojanDownloader:MSIL/Beldex.A
TrojanDownloader:MSIL/Golomak.A
TrojanDropper:Win32/Dexel.A
TrojanSpy:MSIL/Golroted.D
Phishing
MBNA Limited | 6th August 2015 |
Account Support | 6th August 2015 |
Vulnerebility
SANS News
Sigcheck and virustotal-search
Threatpost
Feasible ‘Going Dark’ Crypto Solution Nowhere to be Found
Updated DGA Changer Malware Generates Fake Domain Stream
BLEKey Device Breaks RFID Physical Access Controls
‘Prohibition Era’ Of Security Research May Be Ahead
Exploit
6.8.2015
Bugtraq
[security bulletin] HPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of Information 2015-08-05
security-alert hp com
Re: [FD] Mozilla extensions: a security nightmare 2015-08-05
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-05
Ansgar Wiechers (bugtraq planetcobalt net)
SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network 2015-08-05
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 3328-2] wordpress regression update 2015-08-04
Thijs Kinkhorst (thijs debian org)
Malware
TrojanDropper:Win32/Dexel.A
TrojanSpy:MSIL/Golroted.D
TrojanDownloader:MSIL/Bladabindi.I
Adware:Win32/Peapoon
TrojanDownloader:Win32/Paxer.A
TrojanDownloader:Win32/Upatre.BS
TrojanDownloader:Win32/Syten.A
Worm:Win32/Gamarue.AU
Phishing
TD Bank via Me | 6th August 2015 |
@aol.com | 5th August 2015 |
Vulnerebility
SANS News
Nuclear EK traffic patterns in August 2015
Threatpost
Feasible ‘Going Dark’ Crypto Solution Nowhere to be Found
Google Plans Monthly Security Updates for Nexus Phones
APT Group Gets Selective About Data it Steals
Government Asks for Security Community’s Help on Technical Issues
Granick: Dream of Internet Freedom ‘Dying’
‘Software Liability Is Inevitable’
Exploit
Linux Privilege Escalation Due to Nested NMIs Interrupting espfix64
5.8.2015
Bugtraq
[SECURITY] [DSA 3328-2] wordpress regression update 2015-08-04
Thijs Kinkhorst (thijs debian org)
Mozilla extensions: a security nightmare 2015-08-04
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3328-1] wordpress security update 2015-08-04
Thijs Kinkhorst (thijs debian org)
[SECURITY] [DSA 3327-1] squid3 security update 2015-08-03
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3326-1] ghostscript security update 2015-08-02
Salvatore Bonaccorso (carnil debian org)
Malware
Adware:Win32/Peapoon
TrojanDownloader:Win32/Paxer.A
TrojanDownloader:Win32/Upatre.BS
TrojanDownloader:Win32/Syten.A
Worm:Win32/Gamarue.AU
TrojanDownloader:Win32/Mavradoi.C
TrojanDropper:Win32/Banload.BAX
TrojanSpy:Win32/Banker.VCW
TrojanDownloader:Win32/Banload.BCV
TrojanDownloader:Win32/Banload.ZEQ
Phishing
Pamela Hicks | 4th August 2015 |
Chase | 4th August 2015 |
全国楼凤å°?å§å…¼èŒè‰¯å®¶ | 4th August 2015 |
Natwest | 4th August 2015 |
Smtpmercantile.in | 4th August 2015 |
Melanie Clark | 4th August 2015 |
Apple | 3rd August 2015 |
USAA | 3rd August 2015 |
Vulnerebility
SANS News
Whatever Happened to tmUnblock.cgi ("Moon Worm")
Threatpost
Researchers Uncover ‘Terracotta’ Chinese VPN Service Used by APT Crews for Cover
Updated Rig Exploit Kit Closing in on 1 Million Victims
Exploit
4.8.2015
Bugtraq
[SECURITY] [DSA 3326-1] ghostscript security update 2015-08-02
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3325-1] apache2 security update 2015-08-01
Stefan Fritsch (sf debian org)
[SECURITY] [DSA 3324-1] icedove security update 2015-08-01
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3323-1] icu security update 2015-08-01
Laszlo Boszormenyi (gcs debian org)
Multiple XSS vulnerabilities in FortiSandbox WebUI 2015-08-01
hyp3rlinx lycos com
Malware
TrojanDropper:Win32/Banload.BAX
TrojanSpy:Win32/Banker.VCW
TrojanDownloader:Win32/Banload.BCV
TrojanDownloader:Win32/Banload.ZEQ
Phishing
Melanie Clark | 4th August 2015 |
Apple | 3rd August 2015 |
USAA | 3rd August 2015 |
Discover | 2nd August 2015 |
Vulnerebility
SANS News
Threatpost
Windows 10 Upgrade Spam Carries CTB-Locker Ransomware
EFF, AdBlock and Others Launch New Do Not Track Standard
Thunderstrike 2 OS X Firmware Attack Self-Replicates to Peripherals
DHS Raises Privacy Concerns With Senate Cyber Threat Sharing Bill
Exploit
3.8.2015
Bugtraq
phpFileManager 0.9.8 Remote Command Execution 2015-07-31
hyp3rlinx lycos com
HP ArcSight Logger provides incorrect/invalid/incomplete results for queries with boolean operators 2015-07-31
roberto logsat com
[SECURITY] [DSA 3321-1] xmltooling security update 2015-07-30
Alessandro Ghedini (ghedo debian org)
viagra generic singapore 2015-07-30
info fast-isotretinoin com
Malware
Worm:Win32/NeksMiner.A
TrojanDropper:Win32/Bunitu.G
TrojanSpy:MSIL/Irstil.A
Worm:Win32/Xtrat.D
Worm:Win32/Xtrat.C
Phishing
USAA | 3rd August 2015 |
Discover | 2nd August 2015 |
Microsoft | 2nd August 2015 |
Nancy Morales | 2nd August 2015 |
Paypal Support | 2nd August 2015 |
Service Account | 2nd August 2015 |
SUPPORT | 2nd August 2015 |
Ashok Tools | 2nd August 2015 |
FRESH TOOLS / ONLINE LIVE | |
Chase Online | 1st August 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
1.8.2015
Bugtraq
phpFileManager 0.9.8 Remote Command Execution 2015-07-31
hyp3rlinx lycos com
HP ArcSight Logger provides incorrect/invalid/incomplete results for queries with boolean operators 2015-07-31
roberto logsat com
[SECURITY] [DSA 3321-1] xmltooling security update 2015-07-30
Alessandro Ghedini (ghedo debian org)
Malware
Phishing
PayPal | 31st July 2015 |
iTunes | 31st July 2015 |
Vulnerebility
SANS News
Tech tip follow-up: Using the data Invoked with R's system command
Threatpost
FBI Warns of Increase in DDoS Extortion Scams
Unusual Re-Do of US Wassenaar Rules Applauded
Exploit
KMPlayer 3.9.x - .srt Crash PoC
T-Mobile Internet Manager - Contact Name Crash PoC
31.7.2015
Bugtraq
viagra generic singapore 2015-07-30
info fast-isotretinoin com
[SECURITY] [DSA 3320-1] openafs security update 2015-07-30
Sebastien Delafond (seb debian org)
Cisco Security Advisory: Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability 2015-07-30
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Dell Netvault Backup Remote Denial of Service 2015-07-30
epoide gmail com
FreeBSD Security Advisory FreeBSD-SA-15:16.openssh [REVISED] 2015-07-30
FreeBSD Security Advisories (security-advisories freebsd org)
[security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29
security-alert hp com
Malware
Win32/TrojanDownloader.Nymaim.AY
Win32/TrojanDownloader.Small.CBA
Phishing
Microsoft | 31st July 2015 |
Apple | 30th July 2015 |
Verified by | 29th July 2015 |
Vulnerebility
Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74111
Debian OpenJDK CVE-2014-8873 Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/76019
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75823
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75890
SANS News
Tech tip: Invoke a system command in R
Threatpost
Cisco Fixes DoS Vulnerability in ASR 1000 Routers
Writing Advanced OS X Malware an ‘Elegant’ Solution to Improving Detection
Moonpig Warns Customers of ‘Security Issue’
Exploit
30.7.2015
Bugtraq
[security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29
security-alert hp com
Cross-Site Scripting (XSS) in qTranslate WordPress Plugin 2015-07-29
High-Tech Bridge Security Research (advisory htbridge ch)
[security bulletin] HPSBGN03367 rev.1 - HP TransactionVision with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29
security-alert hp com
phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability 2015-07-29
apparitionsec gmail com
[slackware-security] bind (SSA:2015-209-01) 2015-07-28
Slackware Security Team (security slackware com)
FreeBSD Security Advisory FreeBSD-SA-15:17.bind 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-15:16.openssh 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-15:15.tcp 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-15:14.bsdpatch 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
TrojanSpy:MSIL/Irstil.A
Worm:Win32/Xtrat.D
Worm:Win32/Xtrat.C
TrojanClicker:Win32/Frosparf.G
TrojanClicker:Win32/Frosparf.F
TrojanDropper:Win32/Zbot.D
Phishing
Verified by | 29th July 2015 |
NatWest CreditCard | 29th July 2015 |
Vulnerebility
SANS News
Threatpost
Click-Malware Podvod Šíření přes JavaScript Přílohy
Yahoo touts Úspěch Bug Bounty Programu
Nový Chrome rozšíření pomáhá v boji klávesnice Biometrické profilování
Výzkumníci Manipulovat pušky Precision Cílení System
Exploit
phpFileManager 0.9.8 - CSRF Vulnerability
Tendoo CMS 1.3 - XSS Vulnerabilities
Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution
29.7.2015
Bugtraq
[SECURITY] [DSA 3319-1] bind9 security update 2015-07-28
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20150728-0 :: McAfee Application Control Multiple Vulnerabilities 2015-07-28
SEC Consult Vulnerability Lab (research sec-consult com)
Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne 2015-07-28
Samuel Lavitt - CVE-2015-0942 (CVE-2015-0942 precipice fi)
Malware
TrojanSpy:MSIL/Irstil.A
Worm:Win32/Xtrat.D
Worm:Win32/Xtrat.C
TrojanClicker:Win32/Frosparf.G
TrojanClicker:Win32/Frosparf.F
TrojanDropper:Win32/Zbot.D
Phishing
Lloyds Bank | 29th July 2015 |
Capital One | 28th July 2015 |
PayPal | 28th July 2015 |
Vulnerebility
redcarpet CVE-2015-5147 Stack Buffer Overflow Vulnerability
2015-07-30
http://www.securityfocus.com/bid/75508
Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74111
Debian OpenJDK CVE-2014-8873 Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/76019
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75823
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75796
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-0470 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74149
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74119
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-07-28
http://www.securityfocus.com/bid/71936
LXC '/lxc/attach.c' Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75998
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0460 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74097
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72165
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75588
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75784
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74147
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-28
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75861
Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74475
Oracle Java SE CVE-2015-4729 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75892
Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72717
Apache HTTP Server CVE-2015-3183 Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75963
SANS News
Guest Diary: Xavier Mertens - Integrating VirusTotal within ELK
Android Stagefright multimedia viewer prone to remote exploitation
Threatpost
White House Says No Thanks to Snowden Pardon Petition
Exploit
phpFileManager 0.9.8 - Remote Command Execution Vulnerability
28.7.2015
Bugtraq
Apple iTunes & AppStore - Filter Bypass & Persistent Invoice Vulnerability 2015-07-27
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3318-1] expat security update 2015-07-26
Laszlo Boszormenyi (gcs debian org)
[SECURITY] [DSA 3317-1] lxc security update 2015-07-25
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3316-1] openjdk-7 security update 2015-07-25
Moritz Muehlenhoff (jmm debian org)
Malware
TrojanDropper:Win32/Zbot.D
Trojan:Win32/Blakamba.gen!A
Phishing
Chase | 27th July 2015 |
Chase | 27th July 2015 |
Vulnerebility
redcarpet CVE-2015-5147 Stack Buffer Overflow Vulnerability
2015-07-30
http://www.securityfocus.com/bid/75508
Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74111
Debian OpenJDK CVE-2014-8873 Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/76019
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75823
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75796
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-0470 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74149
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74119
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-07-28
http://www.securityfocus.com/bid/71936
LXC '/lxc/attach.c' Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75998
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0460 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74097
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72165
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75588
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75784
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74147
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-28
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75861
Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74475
Oracle Java SE CVE-2015-4729 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75892
Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72717
Apache HTTP Server CVE-2015-3183 Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75963
SANS News
Threatpost
Valve Patches Password Reset Vulnerability in Steam - See more at: https://threatpost.com/#sthash.hA8elqhb.dpuf
Census Bureau Says Breach Didn’t Compromise Sensitive Data
PHP File Manager Riddled With Vulnerabilities, Including Backdoor
Pair of Bugs Open Honeywell Home Controllers Up to Easy Hacks
Valve Patches Password Reset Vulnerability in Steam
Exploit
Hawkeye-G v3.0.1.4912 Persistent XSS & Information Leakage
WordPress Unite Gallery Lite Plugin 1.4.6 - Multiple Vulnerabilities
WordPress Count Per Day Plugin 3.4 - SQL Injection
Xceedium Xsuite - Multiple Vulnerabilities
Foxit Reader - PNG Conversion Parsing tEXt Chunk Arbitrary Code Execution
Libuser Library - Multiple Vulnerabilities
27.7.2015
Bugtraq
Malware
Backdoor:MSIL/Povbop.A
TrojanDownloader:Win32/Codumwis.A
Phishing
Tesco Bank Plc | 26th July 2015 |
Chase | 26th July 2015 |
Barclays | 25th July 2015 |
Ebay customer service | 25th July 2015 |
PayPal | 24th July 2015 |
Service PayPal | 24th July 2015 |
Vulnerebility
SANS News
Threatpost
Car Hacking Gets the Attention of Detroit and Washington
Google Helps Lead Effort Against Automated Traffic From Data Centers
Class Action Suit Against Neiman Marcus Over Data Breach Revived
Exploit
25.7.2015
Bugtraq
Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-07-24
apparitionsec gmail com
[SECURITY] [DSA 3315-1] chromium-browser security update 2015-07-24
Michael Gilbert (mgilbert debian org)
Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878 2015-07-24
apparitionsec gmail com
[SECURITY] [DSA 3314-1] typo3-src end of life 2015-07-23
Moritz Muehlenhoff (jmm debian org)
Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser 2015-07-23
Qualys Security Advisory (qsa qualys com)
Malware
Phishing
Ebay customer service | 25th July 2015 |
PayPal | 24th July 2015 |
Service PayPal | 24th July 2015 |
PayPal | 23rd July 2015 |
Vulnerebility
SANS News
Threatpost
Stakeholders Argue Against Restrictive Wassennaar Proposal - See more at: https://threatpost.com/#sthash.0U326EDO.dpuf
Stakeholders Argue Against Restrictive Wassennaar Proposal - See more at: https://threatpost.com/#sthash.0U326EDO.dpuf
Stakeholders Argue Against Restrictive Wassennaar Proposal - See more at: https://threatpost.com/#sthash.0U326EDO.dpuf
Zúčastněné strany argumentovat proti omezujících Wassennaar Návrh
Fiat Chrysler připomíná, 1,4 milionů automobilů Po Software Bug je Odhalení
Exploit
Hawkeye-G v3.0.1.4912 CSRF Vulnerability
24.7.2015
Bugtraq
Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser 2015-07-23
Qualys Security Advisory (qsa qualys com)
ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability 2015-07-23
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3313-1] linux security update 2015-07-23
Salvatore Bonaccorso (carnil debian org)
Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
ESA-2015-118: EMC Avamar Directory Traversal Vulnerability 2015-07-22
Security Alert (Security_Alert emc com)
Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] 2015-07-22
modzero (security modzero ch)
Malware
TrojanSpy:MSIL/Tese.A
TrojanSpy:MSIL/Nitwil.A
TrojanDownloader:Win32/Banload.BCM
TrojanDownloader:Win32/Banload.BCL
TrojanDownloader:Win32/Banload.BCH
TrojanDownloader:Win32/Banload.BCA
TrojanSpy:Win32/Bholog.B
Backdoor:Win32/PcClient.CQ
Backdoor:Win32/Zegost.C
Backdoor:Win32/Dodiw.A
Phishing
PayPal | 23rd July 2015 |
PayPal | 22nd July 2015 |
PayPal | 21st July 2015 |
Order confirmation:Thank you | |
Vulnerebility
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73231
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71935
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-07-22
http://www.securityfocus.com/bid/71939
X.Org libXfont 'bitmap/bdfread.c' Local Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73280
nbd CVE-2013-7441 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/74808
X.Org libXfont 'bitmap/bdfread.c' Out of Bounds Local Buffer Overflow Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73277
X.Org libXfont BDF Font File Handling CVE-2015-1804 Buffer Overflow Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73279
Network Block Device Server 'strncmp()' Function Access Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/64002
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75158
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75157
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75154
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75156
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/74733
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73237
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73239
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73227
OpenSSL CVE-2015-0205 Man in the Middle Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71941
OpenSSL 'dtls1_buffer_record()' Function Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71940
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75588
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71942
JQuery 'combobox.html' Cross Site Scripting Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71107
JQuery 'ui/jquery.ui.dialog.js' Cross Site Scripting Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71106
Wireshark TLS/SSL Decryption CVE-2015-0564 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71922
Wireshark NCP Dissector CVE-2014-8713 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71073
Wireshark TNEF Dissector CVE-2015-2191 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/72941
Wireshark DEC DNA Routing Protocol Dissector CVE-2015-0562 Remote Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71921
SANS News
Searching Through the VirusTotal Database
Threatpost
Several Critical Flaws Patched in Drupal Module
WordPress Patches Critical XSS Vulnerability in All Builds
Four Zero Days Disclosed in Internet Explorer Mobile
Bartalex Variants Spotted Dropping Pony, Dyre Malware
Exploit
23.7.2015
Bugtraq
Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
ESA-2015-118: EMC Avamar Directory Traversal Vulnerability 2015-07-22
Security Alert (Security_Alert emc com)
Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] 2015-07-22
modzero (security modzero ch)
Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin 2015-07-22
High-Tech Bridge Security Research (advisory htbridge ch)
SQL Injection in Count Per Day WordPress Plugin 2015-07-22
High-Tech Bridge Security Research (advisory htbridge ch)
[SECURITY] [DSA 3312-1] cacti security update 2015-07-22
Alessandro Ghedini (ghedo debian org)
NetCracker Resource Management 8.0 - SQL Injection Vulnerability 2015-07-22
jychia sec gmail com
NetCracker Resource Management 8.0 - XSS Vulnerability 2015-07-22
jychia sec gmail com
Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities 2015-07-22
apparitionsec gmail com
FreeBSD Security Advisory FreeBSD-SA-15:13.tcp 2015-07-22
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
TrojanDownloader:Win32/Banload.BCM
TrojanDownloader:Win32/Banload.BCL
TrojanDownloader:Win32/Banload.BCH
TrojanDownloader:Win32/Banload.BCA
TrojanSpy:Win32/Bholog.B
Backdoor:Win32/PcClient.CQ
Backdoor:Win32/Zegost.C
Backdoor:Win32/Dodiw.A
TrojanSpy:MSIL/Grelog.A
PWS:Win32/Zbot!VM
Phishing
PayPal | 23rd July 2015 |
PayPal | 22nd July 2015 |
Vulnerebility
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73231
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71935
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-07-22
http://www.securityfocus.com/bid/71939
X.Org libXfont 'bitmap/bdfread.c' Local Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73280
nbd CVE-2013-7441 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/74808
X.Org libXfont 'bitmap/bdfread.c' Out of Bounds Local Buffer Overflow Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73277
X.Org libXfont BDF Font File Handling CVE-2015-1804 Buffer Overflow Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73279
Network Block Device Server 'strncmp()' Function Access Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/64002
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75158
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75157
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75154
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75156
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/74733
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73237
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73239
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73227
OpenSSL CVE-2015-0205 Man in the Middle Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71941
OpenSSL 'dtls1_buffer_record()' Function Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71940
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75588
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71942
JQuery 'combobox.html' Cross Site Scripting Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71107
JQuery 'ui/jquery.ui.dialog.js' Cross Site Scripting Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71106
Wireshark TLS/SSL Decryption CVE-2015-0564 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71922
Wireshark NCP Dissector CVE-2014-8713 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71073
Wireshark TNEF Dissector CVE-2015-2191 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/72941
Wireshark DEC DNA Routing Protocol Dissector CVE-2015-0562 Remote Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71921
SANS News
Threatpost
Exploit
OS X 10.10 DYLD_PRINT_TO_FILE Local Privilege Escalation
Counter-Strike 1.6 'GameInfo' Query Reflection DoS PoC
22.7.2015
Bugtraq
WorldCIST'2016 - Brazil: Call for Workshops Proposals - Best Papers published by ISI/SCI Journals 2015-07-21
Maria Lemos (marialemos72 gmail com)
CVE-2015-5379: Axigen XSS vulnerability for html attachments 2015-07-21
Ioan Indreias (ioan indreias axigen com)
[security bulletin] HPSBMU03380 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities 2015-07-20
security-alert hp com
Malware
Backdoor:Win32/Dodiw.A
TrojanSpy:MSIL/Grelog.A
PWS:Win32/Zbot!VM
TrojanDownloader:MSIL/Bassit.A
Backdoor:Win32/Venik.L
TrojanProxy:MSIL/Mictanort.A
TrojanSpy:Win32/Flancos.A
TrojanProxy:Win32/Mediana
TrojanDownloader:Win32/Mytonel.D
Backdoor:Win32/Chaapt.A
Phishing
PayPal | 21st July 2015 |
Order confirmation:Thank you | |
H0rnyBuddyAlert | 21st July 2015 |
Natwest Bank | 21st July 2015 |
Support-Team™ | 21st July 2015 |
PayPal | 21st July 2015 |
YOUR ACCOUNT PAYPAL IS LIMITED | |
Barclays Online | 21st July 2015 |
Access to your Barclays | |
Vulnerebility
Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75849
Oracle MySQL Server CVE-2015-4771 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75835
Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75759
Oracle MySQL Server CVE-2015-2611 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75762
Oracle MySQL Server CVE-2015-4767 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75844
Oracle MySQL Server CVE-2015-2641 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75815
Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75837
Oracle MySQL Server CVE-2015-2639 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75760
Oracle MySQL Server CVE-2015-2617 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75774
Oracle MySQL Server CVE-2015-4761 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75770
Oracle MySQL Server CVE-2015-4769 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75753
Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75751
Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75802
Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75822
Oracle MySQL Server CVE-2015-2661 Local Security Server Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75813
Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75830
Oracle MySQL Server CVE-2015-4772 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75781
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75588
Mozilla Firefox/Thunderbird Multiple Security Vulnerabilities
2015-07-22
http://www.securityfocus.com/bid/75541
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/74733
Mozilla Firefox/Thunderbird CVE-2014-1565 Out of Bounds Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/69521
Mozilla Firefox/Thunderbird CVE-2015-0813 Use After Free Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73463
Mozilla Firefox Firefox ESR and Thunderbird Multiple Memory Corruption Vulnerabilities
2015-07-22
http://www.securityfocus.com/bid/74615
Mozilla Firefox and Thunderbird MFSA 2015-48 through -58 Multiple Vulnerabilities
2015-07-22
http://www.securityfocus.com/bid/74611
Mozilla Firefox Firefox ESR and Thunderbird CVE-2015-0816 Privilege Escalation Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73461
Mozilla Firefox Firefox ESR and Thunderbird CVE-2015-0815 Multiple Memory Corruption Vulnerabilities
2015-07-22
http://www.securityfocus.com/bid/73466
Mozilla Firefox/Thunderbird 'sendBeacon()' Function Cross-Site Request Forgery Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73457
Mozilla Firefox/Thunderbird CVE-2015-0801 Same Origin Policy Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73455
SANS News
Searching Through the VirusTotal Database
Exploit
SysAid Help Desk 'rdslogs' Arbitrary File Upload
Internet Download Manager - OLE Automation Array Remote Code Execution
Joomla! Helpdesk Pro Plugin < 1.4.0 - Multiple Vulnerabilities
win32/xp[TR] sp3 MessageBox - 24Bytes
21.7.2015
Bugtraq
[security bulletin] HPSBMU03377 rev.1 - HP Release Control running RC4, Remote Disclosure of Information 2015-07-20
security-alert hp com
[security bulletin] HPSBUX03379 SSRT101976 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-07-20
security-alert hp com
[SECURITY] [DSA 3311-1] mariadb-10.0 security update 2015-07-20
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3310-1] freexl security update 2015-07-19
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3309-1] tidy security update 2015-07-18
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3308-1] mysql-5.5 security update 2015-07-18
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanSpy:Win32/BrobanMos.A
TrojanDownloader:Win32/Banload.BBL
TrojanDownloader:Win32/Banload.BBN
TrojanDownloader:Win32/Banload.BBM
Adware:MSIL/Bawswerps
TrojanSpy:MSIL/Keylogger.BP
TrojanDownloader:Win32/Inexsmar.A
TrojanSpy:Win32/Aneatop.A
TrojanDropper:MSIL/Golbla.C
TrojanDownloader:Win32/Nefhop.A
Phishing
Vulnerebility
redcarpet CVE-2015-5147 Stack Buffer Overflow Vulnerability
2015-07-30
http://www.securityfocus.com/bid/75508
Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533
Oracle Java SE CVE-2015-0403 Local Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72148
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72175
Oracle Java SE CVE-2015-0421 Local Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72150
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72140
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72173
Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
2015-07-21
http://www.securityfocus.com/bid/74115
Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
2015-07-21
http://www.securityfocus.com/bid/74112
Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
2015-07-21
http://www.securityfocus.com/bid/74103
Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
2015-07-21
http://www.securityfocus.com/bid/74089
Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
2015-07-21
http://www.securityfocus.com/bid/74095
Oracle MySQL Server CVE-2015-2573 Remote Security Vulnerability
2015-07-21
http://www.securityfocus.com/bid/74078
Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
2015-07-21
http://www.securityfocus.com/bid/74073
Oracle MySQL Server CVE-2015-0501 Remote Security Vulnerability
2015-07-21
http://www.securityfocus.com/bid/74070
Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
2015-07-21
http://www.securityfocus.com/bid/75822
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-21
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-0413 Local Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72176
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72165
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-21
http://www.securityfocus.com/bid/75588
ISC BIND CVE-2015-1349 Remote Denial of Service Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72673
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72162
Oracle Java SE CVE-2014-6587 Local Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72168
Oracle Java SE CVE-2015-0400 Remote Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72159
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2015-0406 Remote Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72154
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-07-21
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-07-21
http://www.securityfocus.com/bid/72142
SANS News
Special Microsoft Bulletin Patching Remote Code Execution Flaw in OpenType Font Drivers
Exploit
Microsoft Word Local Machine Zone Remote Code Execution Vulnerability
TcpDump rpki_rtr_pdu_print Out-of-Bounds Denial of Service
20.7.2015
Bugtraq
AirDroid ID - Client Side JSONP Callback Vulnerability 2015-07-17
Vulnerability Lab (research vulnerability-lab com)
FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability 2015-07-17
Vulnerability Lab (research vulnerability-lab com)
UDID+ v2.5 iOS - Mail Command Inject Vulnerability 2015-07-17
Vulnerability Lab (research vulnerability-lab com)
Oracle E-Business Suite Servlet URL Redirection Vulnerability 2015-07-17
owais md khan gmail com
Novell GroupWise 2014 WebAccess vulnerable to XSS attacks 2015-07-17
adrian vollmer syss de
Malware
Phishing
METROBANKDIRECT | 19th July 2015 |
Navy Federal | 19th July 2015 |
Vulnerebility
Microsoft Internet Explorer CVE-2015-2412 Information Disclosure Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75687
Adobe Reader and Acrobat JavaScript API Execution Multiple Security Bypass Vulnerabilities
2015-07-20
http://www.securityfocus.com/bid/75737
Adobe Acrobat and Reader Use-After-Free Multiple Remote Code Execution Vulnerabilities
2015-07-20
http://www.securityfocus.com/bid/75739
Adobe Acrobat and Reader APSB15-15 Multiple Memory Corruption Vulnerabilities
2015-07-20
http://www.securityfocus.com/bid/75740
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-20
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-4731 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75812
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75784
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75823
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-20
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-2664 Local Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75857
Oracle Java SE CVE-2015-2627 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75893
Oracle Java SE CVE-2015-2638 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75833
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75861
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-2637 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75883
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75796
Adobe Reader and Acrobat CVE-2015-5093 Remote Buffer Overflow Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75748
Oracle Java SE CVE-2015-2590 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75818
Adobe Acrobat and Reader CVE-2015-5091 Security Bypass Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75738
Adobe Acrobat and Reader Multiple Security Bypass Vulnerabilities
2015-07-20
http://www.securityfocus.com/bid/75743
Oracle Java SE CVE-2015-2596 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75887
Oracle Java SE CVE-2015-2659 Remote Security Vulnerability
2015-07-20
http://www.securityfocus.com/bid/75877
Adobe Acrobat and Reader Multiple Remote Integer Overflow Vulnerabilities
2015-07-20
http://www.securityfocus.com/bid/75741
SANS News
The Value a "Fresh Set Of Eyes" (FSOE)
Exploit
19.7.2015
Bugtraq
Oracle E-Business Suite Servlet URL Redirection Vulnerability 2015-07-17
owais md khan gmail com
Novell GroupWise 2014 WebAccess vulnerable to XSS attacks 2015-07-17
adrian vollmer syss de
SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express 2015-07-16
SEC Consult Vulnerability Lab (research sec-consult com)
Elasticsearch CVE-2015-5531 2015-07-16
Kevin Kluge (kevin elastic co)
Elasticsearch CVE-2015-5377 2015-07-16
Kevin Kluge (kevin elastic co)
Malware
Phishing
Dropbox | 18th July 2015 |
LateNightFriend | 18th July 2015 |
USAA | 17th July 2015 |
Vulnerebility
redcarpet CVE-2015-5147 Stack Buffer Overflow Vulnerability
2015-07-30
http://www.securityfocus.com/bid/75508
Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533
Microsoft Internet Explorer CVE-2015-2412 Information Disclosure Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75687
Adobe Reader and Acrobat JavaScript API Execution Multiple Security Bypass Vulnerabilities
2015-07-19
http://www.securityfocus.com/bid/75737
Adobe Acrobat and Reader Use-After-Free Multiple Remote Code Execution Vulnerabilities
2015-07-19
http://www.securityfocus.com/bid/75739
Adobe Acrobat and Reader APSB15-15 Multiple Memory Corruption Vulnerabilities
2015-07-19
http://www.securityfocus.com/bid/75740
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-19
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-4731 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75812
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75784
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75823
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-19
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-2664 Local Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75857
Oracle Java SE CVE-2015-2627 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75893
Oracle Java SE CVE-2015-2638 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75833
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75861
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-2637 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75883
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75796
Adobe Reader and Acrobat CVE-2015-5093 Remote Buffer Overflow Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75748
Oracle Java SE CVE-2015-2590 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75818
Adobe Acrobat and Reader CVE-2015-5091 Security Bypass Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75738
Adobe Acrobat and Reader Multiple Security Bypass Vulnerabilities
2015-07-19
http://www.securityfocus.com/bid/75743
Oracle Java SE CVE-2015-2596 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75887
Oracle Java SE CVE-2015-2659 Remote Security Vulnerability
2015-07-19
http://www.securityfocus.com/bid/75877
Adobe Acrobat and Reader Multiple Remote Integer Overflow Vulnerabilities
2015-07-19
http://www.securityfocus.com/bid/75741
SANS News
Exploit
18.7.2015
Bugtraq
Oracle E-Business Suite Servlet URL Redirection Vulnerability 2015-07-17
owais md khan gmail com
Novell GroupWise 2014 WebAccess vulnerable to XSS attacks 2015-07-17
adrian vollmer syss de
SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express 2015-07-16
SEC Consult Vulnerability Lab (research sec-consult com)
Elasticsearch CVE-2015-5531 2015-07-16
Kevin Kluge (kevin elastic co)
Elasticsearch CVE-2015-5377 2015-07-16
Kevin Kluge (kevin elastic co)
ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability 2015-07-16
Security Alert (Security_Alert emc com)
ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability 2015-07-16
Security Alert (Security_Alert emc com)
[CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure 2015-07-16
Cédric Champeau (cedric champeau gmail com)
Malware
Phishing
USAA | 17th July 2015 |
Royal Bank Support | 17th July 2015 |
Vulnerebility
Microsoft Internet Explorer CVE-2015-2412 Information Disclosure Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75687
Adobe Reader and Acrobat JavaScript API Execution Multiple Security Bypass Vulnerabilities
2015-07-18
http://www.securityfocus.com/bid/75737
Adobe Acrobat and Reader Use-After-Free Multiple Remote Code Execution Vulnerabilities
2015-07-18
http://www.securityfocus.com/bid/75739
Adobe Acrobat and Reader APSB15-15 Multiple Memory Corruption Vulnerabilities
2015-07-18
http://www.securityfocus.com/bid/75740
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-18
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-4731 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75812
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75784
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75823
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-18
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-2664 Local Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75857
Oracle Java SE CVE-2015-2627 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75893
Oracle Java SE CVE-2015-2638 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75833
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75861
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-2637 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75883
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75796
Adobe Reader and Acrobat CVE-2015-5093 Remote Buffer Overflow Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75748
Oracle Java SE CVE-2015-2590 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75818
Adobe Acrobat and Reader CVE-2015-5091 Security Bypass Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75738
Adobe Acrobat and Reader Multiple Security Bypass Vulnerabilities
2015-07-18
http://www.securityfocus.com/bid/75743
Oracle Java SE CVE-2015-2596 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75887
Oracle Java SE CVE-2015-2659 Remote Security Vulnerability
2015-07-18
http://www.securityfocus.com/bid/75877
Adobe Acrobat and Reader Multiple Remote Integer Overflow Vulnerabilities
2015-07-18
http://www.securityfocus.com/bid/75741
SANS News
Exploit
D-Link Cookie Command Execution
WordPress BuddyPress Activity Plus Plugin 1.5 - CSRF Vulnerability
17.7.2015
Bugtraq
SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express 2015-07-16
SEC Consult Vulnerability Lab (research sec-consult com)
Elasticsearch CVE-2015-5531 2015-07-16
Kevin Kluge (kevin elastic co)
Elasticsearch CVE-2015-5377 2015-07-16
Kevin Kluge (kevin elastic co)
ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability 2015-07-16
Security Alert (Security_Alert emc com)
ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability 2015-07-16
Security Alert (Security_Alert emc com)
[CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure 2015-07-16
Cédric Champeau (cedric champeau gmail com)
Malware
TrojanDownloader:Win32/Upatre.BR
TrojanDropper:Win32/Plimrost.A
TrojanProxy:Win32/Poindampa.A
TrojanDropper:AutoIt/Jenxcus
Backdoor:Win32/Zegost.DV
TrojanDownloader:Win32/Zegost.C
Worm:Win32/Imafly.B
TrojanDownloader:MSIL/Prardrukat.A
Backdoor:Win32/Venik.I
Backdoor:Win32/Venik.J
Phishing
Metrobankdirect | 16th July 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4731 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75812
Adobe Flash Player CVE-2015-5122 Use After Free Remote Memory Corruption Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75712
Adobe Flash Player ActionScript 3 BitmapData Use After Free Remote Memory Corruption Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75710
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75861
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75823
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75796
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-2590 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75818
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-17
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75784
Linux Kernel CVE-2015-2922 Denial of Service Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74315
Linux Kernel CVE-2015-3636 Local Privilege Escalation Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74450
Oracle Java SE CVE-2015-2659 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/75877
Oracle MySQL Server CVE-2015-0511 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74130
Oracle MySQL Server CVE-2015-0498 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74133
Oracle MySQL Server CVE-2015-0507 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74121
Oracle MySQL Server CVE-2015-2566 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74126
Oracle MySQL Server CVE-2015-2567 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74123
Oracle MySQL Server CVE-2015-0405 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74110
Oracle MySQL Server CVE-2015-0506 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74120
Oracle MySQL Server CVE-2015-0423 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74091
Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
2015-07-17
http://www.securityfocus.com/bid/74089
SANS News
Exploit
15 TOTOLINK Router Models - Multiple RCE Vulnerabilities
4 TOTOLINK Router Models - CSRF and XSS Vulnerabilities
4 TOTOLINK Router Models - Backdoor Credentials
8 TOTOLINK Router Models - Backdoor and RCE
16.7.2015
Bugtraq
Backdoor credentials found in 4 TOTOLINK router models 2015-07-15
Pierre Kim (pierre kim sec gmail com)
4 TOTOLINK router models vulnerable to CSRF and XSS attacks 2015-07-15
Pierre Kim (pierre kim sec gmail com)
15 TOTOLINK router models vulnerable to multiple RCEs 2015-07-15
Pierre Kim (pierre kim sec gmail com)
Cisco Security Advisory: Cisco Videoscape Delivery System Denial of Service Vulnerability 2015-07-15
Cisco Systems Product Security Incident Response Team (psirt cisco com)
XSS, Code Execution, DOS, Password Leak, Weak Authentication in GetSimpleCMS 3.3.5 2015-07-15
Tim Coen (tc coen gmail com)
XSS vulnerability in OFBiz forms 2015-07-15
lilian_iatco yahoo com
Malware
TrojanDownloader:MSIL/Prardrukat.A
Backdoor:Win32/Venik.I
Backdoor:Win32/Venik.J
Phishing
Lloyds Bank | 15th July 2015 |
Storage Limit | 15th July 2015 |
howiem@bigfoot.com Mailbox | |
Vulnerebility
redcarpet CVE-2015-5147 Stack Buffer Overflow Vulnerability
2015-07-30
http://www.securityfocus.com/bid/75508
Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533
Linux Kernel CVE-2015-3636 Local Privilege Escalation Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74450
Oracle MySQL Server CVE-2015-0511 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74130
Oracle MySQL Server CVE-2015-0498 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74133
Oracle MySQL Server CVE-2015-0507 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74121
Oracle MySQL Server CVE-2015-2566 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74126
Oracle MySQL Server CVE-2015-2567 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74123
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75861
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75823
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-2590 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75818
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75796
Oracle Java SE CVE-2015-4731 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75812
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/75784
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-16
http://www.securityfocus.com/bid/73684
Oracle MySQL Server CVE-2015-0405 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74110
Oracle MySQL Server CVE-2015-0506 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74120
Oracle MySQL Server CVE-2015-0423 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74091
Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74089
Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74095
Oracle MySQL Server CVE-2015-0503 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74102
Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74103
Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74112
Oracle MySQL Server CVE-2015-0438 Remote Security Vulnerability
2015-07-16
http://www.securityfocus.com/bid/74098
SANS News
After Flash, what will exploit kits focus on next?
Exploit
Kaseya Virtual System Administrator - Multiple Vulnerabilities
Joomla DOCman Component - Multiple Vulnerabilities
15.7.2015
Bugtraq
Malware
TrojanDropper:MSIL/Golbla.B
VirTool:MSIL/Injector.EW
TrojanSpy:Win32/Nivdort.BO
TrojanSpy:Win32/Nivdort.BN
Trojan:Win32/Kovter.C!reg
TrojanSpy:Win32/Bradop.E
TrojanDownloader:Win32/Travalork.A
TrojanSpy:Win32/Bradop.G
Trojan:Win32/Apmit.A!plock
Trojan:Win32/Banload.E
Phishing
Storage Limit | 15th July 2015 |
howiem@bigfoot.com Mailbox | |
Vulnerebility
OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
2015-07-15
http://www.securityfocus.com/bid/70586
MIT Kerberos 5 1.7.x Checksum Multiple Remote Security Bypass Vulnerabilities
2015-07-15
http://www.securityfocus.com/bid/45116
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-07-15
http://www.securityfocus.com/bid/72325
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-07-15
http://www.securityfocus.com/bid/71939
ModSecurity 'mod_headers' module Security Bypass Vulnerability
2015-07-15
http://www.securityfocus.com/bid/66550
X.Org X Server 'xkb/xkb.c' Information Disclosure Vulnerability
2015-07-15
http://www.securityfocus.com/bid/72578
Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
2015-07-15
http://www.securityfocus.com/bid/72717
RETIRED: Oracle E-Business Suite CVE-2014-3571 Remote Security Vulnerability
2015-07-15
http://www.securityfocus.com/bid/75769
X.Org X Server CVE-2014-8102 Out of Bounds Denial of Service Vulnerability
2015-07-15
http://www.securityfocus.com/bid/71608
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-07-15
http://www.securityfocus.com/bid/71937
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-07-15
http://www.securityfocus.com/bid/73225
X.Org libXfont 'bitmap/bdfread.c' Local Denial of Service Vulnerability
2015-07-15
http://www.securityfocus.com/bid/73280
Mozilla Network Security Services CVE-2014-1568 Security Bypass Vulnerability
2015-07-15
http://www.securityfocus.com/bid/70116
Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
2015-07-15
http://www.securityfocus.com/bid/74475
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-15
http://www.securityfocus.com/bid/73684
Apache Struts CVE-2013-2251 Multiple Remote Command Execution Vulnerabilities
2015-07-15
http://www.securityfocus.com/bid/61189
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-07-15
http://www.securityfocus.com/bid/70574
Apache Struts CVE-2014-7809 Security Bypass Vulnerability
2015-07-15
http://www.securityfocus.com/bid/71548
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-15
http://www.securityfocus.com/bid/74733
Apache Commons FileUpload 'DiskFileItem' Class Null Byte Arbitrary File Write Vulnerability
2015-07-15
http://www.securityfocus.com/bid/63174
Mozilla Network Security Services CVE-2014-1569 Security Bypass Vulnerability
2015-07-15
http://www.securityfocus.com/bid/71675
cURL/libcURL Remote Input Validation Vulnerability
2015-07-15
http://www.securityfocus.com/bid/51665
QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability
2015-07-15
http://www.securityfocus.com/bid/74640
Microsoft Windows Adobe Font Driver 'atmfd.dll' Remote Privilege Escalation Vulnerability
2015-07-15
http://www.securityfocus.com/bid/75587
Oracle MySQL Server CVE-2015-0498 Remote Security Vulnerability
2015-07-15
http://www.securityfocus.com/bid/74133
Oracle MySQL Server CVE-2015-2566 Remote Security Vulnerability
2015-07-15
http://www.securityfocus.com/bid/74126
Oracle MySQL Server CVE-2015-0511 Remote Security Vulnerability
2015-07-15
http://www.securityfocus.com/bid/74130
Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
2015-07-15
http://www.securityfocus.com/bid/74115
SANS News
July 2015 Microsoft Patch Tuesday
Adobe Updates Flash Player, Shockwave and PDF Reader
OPENSSL update fixes Certificate Verification issue
Cisco PSIRT reporting Customers affected by ASA VPN DoS attacks
Detecting Random - Finding Algorithmically chosen DNS names (DGA)
SSL, SSL - Where Art Thou SSL?
BizCN gate actor changes from Fiesta to Nuclear exploit kit
Another example of Angler exploit kit pushing CryptoWall 3.0
Exploit
Impero Education Pro - SYSTEM Remote Command Execution
Pimcore CMS Build 3450 - Directory Traversal
Internet Download Manager - (.ief) Crash PoC
Internet Download Manager - (Find Download) Crash PoC
ZOC Terminal Emulator 7 - (Quick Connection) Crash PoC
14.7.2015
Bugtraq
Malware
Phishing
USAA | 14th July 2015 |
Paypal service | 12th July 2015 |
Mail User | 11th July 2015 |
Virgin Money UK | 11th July 2015 |
PayPal | 11th July 2015 |
WE'RE INVESTIGATING A PAYPAI | |
Chase | 10th July 2015 |
Vulnerebility
redcarpet CVE-2015-5147 Stack Buffer Overflow Vulnerability
2015-07-30
http://www.securityfocus.com/bid/75508
Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533
OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2015-07-10
http://www.securityfocus.com/bid/69079
OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2015-07-10
http://www.securityfocus.com/bid/69084
OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2015-07-10
http://www.securityfocus.com/bid/69077
OpenSSL 'no-ssl3' Build Option Security Bypass Vulnerability
2015-07-10
http://www.securityfocus.com/bid/70585
Multiple PowerDNS Products CVE-2015-1868 Remote Denial of Service Vulnerability
2015-07-10
http://www.securityfocus.com/bid/74306
OpenSSL CVE-2015-1793 Certificate Verification Security Bypass Vulnerability
2015-07-10
http://www.securityfocus.com/bid/75652
OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2015-07-10
http://www.securityfocus.com/bid/69075
WordPress ReFlex Gallery Plugin 'php.php' Arbitrary File Upload Vulnerability
2015-07-10
http://www.securityfocus.com/bid/57100
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-10
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-07-10
http://www.securityfocus.com/bid/74147
PHP CVE-2015-4599 Remote Memory Corruption Vulnerability
2015-07-10
http://www.securityfocus.com/bid/75251
PHP 'exception::getTraceAsString' CVE-2015-4603 Remote Security Vulnerability
2015-07-10
http://www.securityfocus.com/bid/75252
PHP 'incomplete_class.c' Memory Corruption Vulnerability
2015-07-10
http://www.securityfocus.com/bid/75249
PHP NULL Character CVE-2015-3412 Multiple Security Bypass Vulnerabilities
2015-07-10
http://www.securityfocus.com/bid/75250
PHP CVE-2015-3411 Null Character Security Bypass Vulnerability
2015-07-10
http://www.securityfocus.com/bid/75255
PHP CVE-2015-4601 Multiple Memory Corruption Vulnerabilities
2015-07-10
http://www.securityfocus.com/bid/75246
PHP CVE-2015-3329 Buffer Overflow Vulnerability
2015-07-10
http://www.securityfocus.com/bid/74240
PHP 'do_soap_call()' Function Type Confusion Information Disclosure Vulnerability
2015-07-10
http://www.securityfocus.com/bid/75103
PHP 'pcnt_exec()' Function Null Character Security Bypass Vulnerability
2015-07-10
http://www.securityfocus.com/bid/75056
PHP PHAR 'phar_tar_process_metadata()' Function Heap Memory Corruption Vulnerability
2015-07-10
http://www.securityfocus.com/bid/74703
PHP 'ftp_genlist()' Function Integer Overflow Vulnerability
2015-07-10
http://www.securityfocus.com/bid/74902
PHP CVE-2015-4598 Multiple Security Bypass Vulnerabilities
2015-07-10
http://www.securityfocus.com/bid/75244
PHP 'unserialize()' Function Information Disclosure and Remote Code Execution Vulnerabilities
2015-07-10
http://www.securityfocus.com/bid/74413
PHP PHAR 'phar_parse_tarfile()' Function Remote Memory Corruption Vulnerability
2015-07-10
http://www.securityfocus.com/bid/74700
PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
2015-07-10
http://www.securityfocus.com/bid/74903
PHP LibGD Extension 'gd_gif_in.c' Stack Buffer Overflow Vulnerability
2015-07-10
http://www.securityfocus.com/bid/73306
PHP 'ext/phar/phar_object.c' Double Free Denial of Service Vulnerability
2015-07-10
http://www.securityfocus.com/bid/73037
PHP CVE-2014-9425 Double Free Denial of Service Vulnerability
2015-07-10
http://www.securityfocus.com/bid/71800
SANS News
Exploit
Accellion FTA getStatus verify_oauth_token Command Execution
VNC Keyboard Remote Code Execution
Adobe Flash opaqueBackground Use After Free
Western Digital Arkeia Remote Code Execution
phpSQLiteCMS - Multiple Vulnerabilities
Arab Portal 3 - SQL Injection Vulnerability
phpVibe - Aribtrary File Disclosure ArticleFR 3.0.6 - Multiple Vulnerabilities
WordPress Swim Team Plugin 1.44.10777 - Arbitrary File Download
ZenPhoto 1.4.8 - Multiple Vulnerabilities
Full Player 8.2.1 - Memory Corruption PoC
2.7.2015
Bugtraq
iTunes 12.2 and QuickTime 7.7.7 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-07-01
Stefan Kanthak (stefan kanthak nexgo de)
Exploit Code for ipTIME firmwares < 9.58 (root RCE against 127 router models) 2015-07-01
Pierre Kim (pierre kim sec gmail com)
ESA-2015-112: EMC Isilon OneFS Command Injection Vulnerability 2015-07-01
Security Alert (Security_Alert emc com)
Path Traversal in BlackCat CMS 2015-07-01
High-Tech Bridge Security Research (advisory htbridge ch)
Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)
ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities 2015-07-01
Security Alert (Security_Alert emc com)
ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities 2015-07-01
Security Alert (Security_Alert emc com)
FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)
Ebay Magento Bug Bounty #14 - Persistent Description Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)
Pinterest Bug Bounty #1 - Persistent contact_name Vulnerability 2015-07-01
Vulnerability Lab (research vulnerability-lab com)
Malware
Phishing
Apple | 1st July 2015 |
Mail User | 30th June 2015 |
iTunes | 30th June 2015 |
Dear Valued Member | 30th June 2015 |
Mr. Martin | 30th June 2015 |
Microsoft | 29th June 2015 |
Vulnerebility
Exploit
D-Link DSP-W w110 v1.05b01 - Multiple Vulnerabilities
McAfee SiteAdvisor 3.7.2 (firefox) Use After Free PoC
1.7.2015
Bugtraq
APPLE-SA-2015-06-30-3 Mac EFI Security Update 2015-001 2015-06-30
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 2015-06-30
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005 2015-06-30
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-06-30-1 iOS 8.4 2015-06-30
Apple Product Security (product-security-noreply lists apple com)
Google Chrome Address Spoofing (Request For Comment) 2015-06-30
David Leo (david leo deusen co uk)
CVE-2015-4674 - TimeDoctor autoupdate over plain-HTTP 2015-06-29
Fernando Muñoz (fernando null-life com)
Malware
Phishing
Mail User | 30th June 2015 |
iTunes | 30th June 2015 |
Dear Valued Member | 30th June 2015 |
Mr. Martin | 30th June 2015 |
Microsoft | 29th June 2015 |
Vulnerebility
Exploit
30.6.2015
Bugtraq
[SECURITY] [DSA 3297-1] unattended-upgrades security update 2015-06-29
Alessandro Ghedini (ghedo debian org)
novius-os.5.0.1 Persistent XSS, LFI & Open Redirect Vulnerabilities 2015-06-29
apparitionsec gmail com
Malware
Phishing
Mail User | 30th June 2015 |
iTunes | 30th June 2015 |
Dear Valued Member | 30th June 2015 |
Mr. Martin | 30th June 2015 |
Microsoft | 29th June 2015 |
Vodafone | 28th June 2015 |
Vulnerebility
Exploit
Adobe Flash Player Drawing Fill Shader Memory Corruption
Watchguard XCS <=10.0 - Multiple Vulnerabilities
Novius 5.0.1 - Multiple Vulnerabilities
WedgeOS <= 4.0.4 - Multiple Vulnerabilities
CollabNet Subversion Edge Management 4.0.11 - Local File Inclusion
Fiyo CMS 2.0_1.9.1 - SQL Injection
C2Box 4.0.0(r19171) - CSRF Vulnerability
Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities
encoded 64 bit execve shellcode
Novius 5.0.1 - Multiple Vulnerabilities
29.6.2015
Bugtraq
novius-os.5.0.1 Persistent XSS, LFI & Open Redirect Vulnerabilities 2015-06-29
apparitionsec gmail com
CollabNet Subversion Edge indes local file inclusion 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
CollabNet Subversion Edge missing single login restriction 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
CollabNet Subversion Edge weak password storage mechanism 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
CollabNet Subversion Edge missing XSRF protection 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
CollabNet Subversion Edge weak password policy 2015-06-28
Oliver-Tobias Ripka (otr bockcay de)
Malware
Phishing
Microsoft | 29th June 2015 |
Vodafone | 28th June 2015 |
Vulnerebility
Exploit
27.6.2015
Bugtraq
Malware
Phishing
Bank Of America | 27th June 2015 |
* IMPORTANT * Ensure The Safty | |
iTunes | 26th June 2015 |
PayPal Service | 26th June 2015 |
Bank of Scotland | 25th June 2015 |
Vulnerebility
Exploit
Thycotic Secret Server 8.8.000004 - Stored XSS
ManageEngine Asset Explorer 6.1 - Stored XSS
26.6.2015
Bugtraq
Cisco Security Advisory: Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA 2015-06-25
Cisco System
Cisco Security Advisory: Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA 2015-06-25
Cisco Systems Product Security Incident Response Team (psirt cisco com)
ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability 2015-06-25
Security Alert (Security_Alert emc com)
Netgear Prosafe VPN Firewalls - Multiple vulnerabilities 2015-06-25
post encripto no
[ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-005] SAP Mobile Platform - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[SECURITY] [DSA 3295-1] cacti security update 2015-06-24
Salvatore Bonaccorso (carnil debian org)
s Product Security Incident Response Team (psirt cisco com)
ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability 2015-06-25
Security Alert (Security_Alert emc com)
Netgear Prosafe VPN Firewalls - Multiple vulnerabilities 2015-06-25
post encripto no
[ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-005] SAP Mobile Platform - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE 2015-06-25
Darya Maenkova (d maenkova erpscan com)
[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS 2015-06-25
Darya Maenkova (d maenkova erpscan com)
Malware
Phishing
PayPal Service | 26th June 2015 |
Bank of Scotland | 25th June 2015 |
System Notification | 24th June 2015 |
Barclays Bank | 24th June 2015 |
Apple | 24th June 2015 |
USAA | 24th June 2015 |
Vulnerebility
Exploit
Koha <= 3.20.1 - Multiple SQL Injections
Koha <= 3.20.1 - Path Traversal
Koha <= 3.20.1 - Multiple XSS and XSRF Vulnerabilities
Linux/x86 - chmod('/etc/passwd',0777) shellcode (42 bytes)
Linux/x86 - chmod('/etc/gshadow') shellcode (37 bytes)
Linux/x86 chmod('/etc/shadow','0777') shellcode (42 bytes)
25.6.2015
Bugtraq
[SECURITY] [DSA 3295-1] cacti security update 2015-06-24
Salvatore Bonaccorso (carnil debian org)
CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders 2015-06-24
Federick Joe P Fajardo (fjpfajardo ph ibm com)
CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004 2015-06-24
Marco Delai (Marco Delai csnc ch)
[SECURITY] [DSA 3294-1] wireshark security update 2015-06-23
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
System Notification | 24th June 2015 |
Barclays Bank | 24th June 2015 |
Apple | 24th June 2015 |
USAA | 24th June 2015 |
Dropbox_notification | 23rd June 2015 |
PayPal | 23rd June 2015 |
Vulnerebility
Exploit
Adobe Flash Player ShaderJob Buffer Overflow
GeniXCMS 0.0.3 - XSS Vulnerabilities
WordPress Huge-IT Slider 2.7.5 - Multiple Vulnerabilities
GeniXCMS 0.0.3 - register.php SQL Injection Vulnerabilities
Joomla SimpleImageUpload - Arbitrary File Upload
Vesta Control Panel 0.9.8 - OS Command Injection
Windows ClientCopyImage Win32k Exploit
Linux/x86 - mkdir HACK & chmod 777 and exit(0) - 29 Bytes
Linux/x86 - Netcat BindShell Port 5555 - 60 bytes
linux/x86-64 execve(/bin/sh) 30 bytes
24.6.2015
Bugtraq
ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-06-23
Security Alert (Security_Alert emc com)
ESA-2015-109: EMC Documentum D2 Cross-Site Scripting 2015-06-23
Security Alert (Security_Alert emc com)
KMPlayer 3.9.1.136 Capture Unicode Buffer Overflow (ASLR Bypass) 2015-06-23
n4ser farhadi gmail com
The "localhosed" attack - stealing IE local machine cookies and exposing its internal IP address 2015-06-22
Amit Klein (aksecurity gmail com)
ManageEngine Asset Explorer v6.1 - Persistent Vulnerability 2015-06-22
Vulnerability Lab (research vulnerability-lab com)
Malware
Win32 / TrojanDownloader.Rottentu.A
Phishing
Apple | 24th June 2015 |
USAA | 24th June 2015 |
Dropbox_notification | 23rd June 2015 |
PayPal | 23rd June 2015 |
Barclays | 22nd June 2015 |
Vulnerebility
Exploit
23.6.2015
Bugtraq
KMPlayer 3.9.1.136 Capture Unicode Buffer Overflow (ASLR Bypass) 2015-06-23
n4ser farhadi gmail com
The "localhosed" attack - stealing IE local machine cookies and exposing its internal IP address 2015-06-22
Amit Klein (aksecurity gmail com)
ManageEngine Asset Explorer v6.1 - Persistent Vulnerability 2015-06-22
Vulnerability Lab (research vulnerability-lab com)
[oCERT-2015-008] FreeRADIUS insufficent CRL application 2015-06-22
Andrea Barisani (lcars ocert org)
mysql-lite-administrator XSS vulnerabilities 2015-06-21
apparitionsec gmail com
mysql-lite-administrator XSS vulnerabilities 2015-06-21
apparitionsec gmail com
[security bulletin] HPSBMU03356 rev.1 - HP Business Service Automation Essentials (BSAE) running TLS, Remote Disclosure of Information 2015-06-22
security-alert hp com
GeniXCMS XSS Vulnerabilities 2015-06-22
apparitionsec gmail com
[SECURITY] [DSA 3293-1] pyjwt security update 2015-06-20
Alessandro Ghedini (ghedo debian org)
[CVE-2015-3188] Apache Storm remote code execution vulnerability 2015-06-20
P. Taylor Goetz (ptgoetz apache org)
Malware
Phishing
PayPal | 23rd June 2015 |
Barclays | 22nd June 2015 |
USAA | 22nd June 2015 |
Wells Fargo | 22nd June 2015 |
Vulnerebility
CUPS < 2.0.3 - Multiple Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 PDF Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 PNG Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 Gif Parsing Memory Corruption Vulnerabilities
Paintshop Pro X7 GIF Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize)
Exploit
CUPS < 2.0.3 - Multiple Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 PDF Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 PNG Parsing Memory Corruption Vulnerabilities
Photoshop CC2014 and Bridge CC 2014 Gif Parsing Memory Corruption Vulnerabilities
Paintshop Pro X7 GIF Conversion Heap Memory Corruption Vulnerabilities (LZWMinimumCodeSize)
22.6.2015
Bugtraq
Ebay Magento Bug Bounty #17 - Client Side Cross Site Scripting Web Vulnerability 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
Ebay Magento Bug Bounty #10 - Persistent Filename Vulnerability 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities 2015-06-19
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3292-1] cinder security update 2015-06-19
Sebastien Delafond (seb debian org)
DUO Security push Timing Attack 2015-06-18
jpierini paysw com
[SECURITY] [DSA 3291-1] drupal7 security update 2015-06-18
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 3290-1] linux security update 2015-06-18
Ben Hutchings (benh debian org)
Malware
Phishing
USAA | 22nd June 2015 |
Wells Fargo | 22nd June 2015 |
iTunes Service | 21st June 2015 |
PayPal support | 21st June 2015 |
PayPal Inc ✔ | 21st June 2015 |
PayPal Service | 21st June 2015 |
PayPal | 20th June 2015 |
Vulnerebility
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-06-18
http://www.securityfocus.com/bid/71936
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0486 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74145
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74111
PHP libmagick 'libmagic/softmagic.c' Denial of Service Vulnerability
2015-06-18
http://www.securityfocus.com/bid/75241
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-06-18
http://www.securityfocus.com/bid/73232
OpenSSL '/evp/encode.c' Remote Memory Corruption Vulnerability
2015-06-18
http://www.securityfocus.com/bid/73228
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-06-18
http://www.securityfocus.com/bid/71935
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-06-18
http://www.securityfocus.com/bid/73237
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-06-18
http://www.securityfocus.com/bid/73231
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-06-18
http://www.securityfocus.com/bid/73227
PHP CVE-2015-4599 Remote Memory Corruption Vulnerability
2015-06-18
http://www.securityfocus.com/bid/75251
PHP 'exception::getTraceAsString' CVE-2015-4603 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/75252
PHP 'incomplete_class.c' Memory Corruption Vulnerability
2015-06-18
http://www.securityfocus.com/bid/75249
PHP CVE-2015-4601 Multiple Memory Corruption Vulnerabilities
2015-06-18
http://www.securityfocus.com/bid/75246
PHP CVE-2015-4598 Multiple Security Bypass Vulnerabilities
2015-06-18
http://www.securityfocus.com/bid/75244
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-0460 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74097
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74083
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74119
Oracle Java SE CVE-2015-0492 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74129
Oracle Java SE CVE-2015-0484 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74135
Oracle Java SE CVE-2015-0491 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74094
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-0470 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74149
Linux Kernel 'fs/pipe.c' Multiple Local Memory Corruption Vulnerabilities
2015-06-18
http://www.securityfocus.com/bid/74951
CUPS cupsRasterReadPixels Buffer Overflow Vulnerability
2015-06-18
http://www.securityfocus.com/bid/72594
CUPS CVE-2015-1159 Cross Site Scripting Vulnerability
2015-06-18
http://www.securityfocus.com/bid/75106
Exploit
18.6.2015
Bugtraq
[SECURITY] [DSA 3291-1] drupal7 security update 2015-06-18
Sebastien Delafond (seb debian org)
[SECURITY] [DSA 3290-1] linux security update 2015-06-18
Ben Hutchings (benh debian org)
[security bulletin] HPSBGN03338 rev.1 - HP Service Manager running RC4, Remote Disclosure of Information 2015-06-17
security-alert hp com
Malware
Phishing
Lloyds | 18th June 2015 |
PayPal Service | 18th June 2015 |
Chase | 17th June 2015 |
paypal | 17th June 2015 |
Michelle | 17th June 2015 |
PayPal Service | 17th June 2015 |
Vulnerebility
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-06-18
http://www.securityfocus.com/bid/71936
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0486 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74145
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74111
PHP libmagick 'libmagic/softmagic.c' Denial of Service Vulnerability
2015-06-18
http://www.securityfocus.com/bid/75241
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-06-18
http://www.securityfocus.com/bid/73232
OpenSSL '/evp/encode.c' Remote Memory Corruption Vulnerability
2015-06-18
http://www.securityfocus.com/bid/73228
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-06-18
http://www.securityfocus.com/bid/71935
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-06-18
http://www.securityfocus.com/bid/73237
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-06-18
http://www.securityfocus.com/bid/73231
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-06-18
http://www.securityfocus.com/bid/73227
PHP CVE-2015-4599 Remote Memory Corruption Vulnerability
2015-06-18
http://www.securityfocus.com/bid/75251
PHP 'exception::getTraceAsString' CVE-2015-4603 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/75252
PHP 'incomplete_class.c' Memory Corruption Vulnerability
2015-06-18
http://www.securityfocus.com/bid/75249
PHP CVE-2015-4601 Multiple Memory Corruption Vulnerabilities
2015-06-18
http://www.securityfocus.com/bid/75246
PHP CVE-2015-4598 Multiple Security Bypass Vulnerabilities
2015-06-18
http://www.securityfocus.com/bid/75244
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-0460 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74097
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74083
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74119
Oracle Java SE CVE-2015-0492 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74129
Oracle Java SE CVE-2015-0484 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74135
Oracle Java SE CVE-2015-0491 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74094
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-0470 Remote Security Vulnerability
2015-06-18
http://www.securityfocus.com/bid/74149
Linux Kernel 'fs/pipe.c' Multiple Local Memory Corruption Vulnerabilities
2015-06-18
http://www.securityfocus.com/bid/74951
CUPS cupsRasterReadPixels Buffer Overflow Vulnerability
2015-06-18
http://www.securityfocus.com/bid/72594
CUPS CVE-2015-1159 Cross Site Scripting Vulnerability
2015-06-18
http://www.securityfocus.com/bid/75106
Exploit
ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities
ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Delete Vulnerability
WinylPlayer 3.0.3 Memory Corruption PoC
HansoPlayer 3.4.0 Memory Corruption PoC
18.6.2015
Bugtraq
[security bulletin] HPSBGN03338 rev.1 - HP Service Manager running RC4, Remote Disclosure of Information 2015-06-17
security-alert hp com
[security bulletin] HPSBGN03350 rev.1 - HP SiteScope Using RC4, Remote Disclosure of Information 2015-06-17
security-alert hp com
VCE3570: VCE Vision(TM) Intelligent Operations Cryptographic and Cleartext Vulnerabilities 2015-06-17
VCE - PSIRT (VCEPSIRT vce com)
Reflected Cross-Site Scripting (XSS) in SearchBlox 2015-06-17
High-Tech Bridge Security Research (advisory htbridge ch)
OS Command Injection in Vesta Control Panel 2015-06-17
High-Tech Bridge Security Research (advisory htbridge ch)
ESA-2015-043: RSA® Validation Manager Security Update for Multiple Vulnerabilities 2015-06-16
Security Alert (Security_Alert emc com)
ESA-2015-106: EMC Unified Infrastructure Manager/Provisioning (UIM/P) Authentication Bypass Vulnerability 2015-06-16
Security Alert (Security_Alert emc com)
BlackCat CMS v1.1.1 Arbitrary File Download Vulnerability 2015-06-16
d4rkr0id gmail com
Malware
Phishing
PayPal Service | 18th June 2015 |
Chase | 17th June 2015 |
paypal | 17th June 2015 |
Michelle | 17th June 2015 |
PayPal Service | 17th June 2015 |
PayPal Service | 16th June 2015 |
Vulnerebility
Exploit
BlackCat CMS 1.1.1 Arbitrary File Download
16.6.2015
Bugtraq
[SECURITY] [DSA 3289-1] p7zip security update 2015-06-15
Ben Hutchings (benh debian org)
WebdesignJiNi Cms Sql Injection Vulnerability 2015-06-14
iedb team gmail com
Productsurf Cms Sql Injection Vulnerability 2015-06-14
iedb team gmail com
[SECURITY] [DSA 3252-2] sqlite3 security update 2015-06-14
Alessandro Ghedini (ghedo debian org)
[RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager 2015-06-15
RedTeam Pentesting GmbH (release redteam-pentesting de)
Malware
Phishing
EARTHLINK | 16th June 2015 |
Chase | 16th June 2015 |
Amazon UK | 15th June 2015 |
Apple | 15th June 2015 |
google help desk | 15th June 2015 |
YOU HAVE A PENDING INCOMING | |
Vulnerebility
Exploit
Cisco AnyConnect Secure Mobility 2.x, 3.x, 4.x - Client DoS PoC
Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - CSRF Vulnerability
E-Detective Lawful Interception System - Multiple Vulnerabilities
TYPO3 Akronymmanager Extension 0.5.0 - SQL Injection
Apexis IP CAM - Information Disclosure
Linux/x86 - /etc/passwd Reader (58 bytes)
Ubuntu 12.04, 14.04, 14.10, 15.04 - overlayfs Local Root (Shell)
Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - CSRF Vulnerability
Ubuntu 12.04, 14.04, 14.10, 15.04 - overlayfs Local Root (Shadow File)
Filezilla 3.11.0.2 - SFTP Module Denial of Service Vulnerability
Putty 0.64 - Denial of Service Vulnerability
15.6.2015
Bugtraq
[RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager 2015-06-15
RedTeam Pentesting GmbH (release redteam-pentesting de)
[SECURITY] [DSA 3287-1] openssl security update 2015-06-13
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3288-1] libav security update 2015-06-13
Moritz Muehlenhoff (jmm debian org)
Buffer Overflow in My Wifi Router Software 2015-06-13
sudson08 gmail com
[SECURITY] [DSA 3286-1] xen security update 2015-06-13
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3285-1] qemu-kvm security update 2015-06-12
Salvatore Bonaccorso (carnil debian org)
[slackware-security] openssl (SSA:2015-162-01) 2015-06-11
Slackware Security Team (security slackware com)
Malware
Phishing
Apple | 15th June 2015 |
google help desk | 15th June 2015 |
YOU HAVE A PENDING INCOMING | |
iTunes | 14th June 2015 |
EARTHLINK | 14th June 2015 |
Support | 14th June 2015 |
Pay Pal | 14th June 2015 |
PayPal Security Team | 14th June 2015 |
REMINDER - ACTION REQUIRED: | |
Vulnerebility
Multiple Cisco Products CVE-2015-0744 Denial of Service Vulnerability
2015-06-29
http://www.securityfocus.com/bid/74916
QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74640
Stunnel CVE-2014-0016 PRNG Initialization Weakness
2015-06-09
http://www.securityfocus.com/bid/65964
Oracle Java SE CVE-2015-0460 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74097
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74119
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74111
Sun J2SE Software Development Kit Java Archive Tool Directory Traversal Vulnerability
2015-06-09
http://www.securityfocus.com/bid/13083
Microsoft Internet Explorer CVE-2015-1712 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74515
Module::Signature Multiple Remote Command Execution and Security Bypass Vulnerabilities
2015-06-09
http://www.securityfocus.com/bid/73935
Microsoft Internet Explorer CVE-2015-1704 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74521
Module::Signature 'Signature.pm' Security Bypass Vulnerability
2015-06-09
http://www.securityfocus.com/bid/73937
Microsoft Internet Explorer CVE-2015-1692 Clipboard Information Disclosure Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74517
Microsoft Internet Explorer CVE-2015-1705 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74509
Microsoft Internet Explorer CVE-2015-1706 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74510
Microsoft Internet Explorer CVE-2015-1694 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74508
Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74490
Microsoft Internet Explorer CVE-2015-1710 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74513
Oracle Solaris CVE-2015-2577 Local Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74122
Microsoft Internet Explorer CVE-2015-1718 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74607
Microsoft Internet Explorer CVE-2015-1713 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74518
Microsoft Internet Explorer CVE-2015-1691 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74507
libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
2015-06-09
http://www.securityfocus.com/bid/71282
Microsoft Internet Explorer CVE-2015-1711 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74514
Microsoft Windows GDI+ CVE-2015-1670 OpenType Font Parsing Information Disclosure Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74485
Microsoft .NET Framework CVE-2015-1672 Remote Denial of Service Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74482
Microsoft VBScript and JScript CVE-2015-1686 ASLR Security Bypass Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74530
Microsoft .NET Framework CVE-2015-1673 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74487
Exploit
Milw0rm Clone Script 1.0 - (Auth Bypass) SQL Injection Vulnerability
Filezilla 3.11.0.2 - SFTP Module Denial of Service Vulnerability
Putty 0.64 - Denial of Service Vulnerability
13.6.2015
Bugtraq
[slackware-security] openssl (SSA:2015-162-01) 2015-06-11
Slackware Security Team (security slackware com)
FreeBSD Security Advisory FreeBSD-SA-15:10.openssl 2015-06-12
FreeBSD Security Advisories (security-advisories freebsd org)
[SYSS-2015-020] ZENWorks Mobile Management - Cross-Site Scripting 2015-06-12
ludwig stage syss de
ZCMS SQL Injection & Persistent XSS 2015-06-12
apparitionsec gmail com
[slackware-security] php (SSA:2015-162-02) 2015-06-11
Slackware Security Team (security slackware com)
Nakid-CMS CSRF, Persistent XSS & LFI 2015-06-11
apparitionsec gmail com
[KIS-2015-03] Concrete5 <= 5.7.4 (Access.php) SQL Injection Vulnerability 2015-06-11
Egidio Romano (research karmainsecurity com)
Malware
Phishing
USAA | 13th June 2015 |
American Express | 13th June 2015 |
PayPal Security Team | 12th June 2015 |
REMINDER - ACTION REQUIRED: | |
Mercantile | 11th June 2015 |
Vulnerebility
Exploit
ClickHeat <= 1.14 Change Admin Password CSRF
Nakid CMS - Multiple Vulnerabilities
Opsview <= 4.6.2 - Multiple XSS Vulnerabilities
ZCMS 1.1 - Multiple Vulnerabilities
WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal
WordPress Aviary Image Editor Add On For Gravity Forms 3.0 Beta Shell Upload
12.6.2015
Bugtraq
[KIS-2015-03] Concrete5 <= 5.7.4 (Access.php) SQL Injection Vulnerability 2015-06-11
Egidio Romano (research karmainsecurity com)
[KIS-2015-02] Concrete5 <= 5.7.3.1 Multiple Reflected Cross-Site Scripting Vulnerabilities 2015-06-11
Egidio Romano (research karmainsecurity com)
[KIS-2015-01] Concrete5 <= 5.7.3.1 (sendmail) Remote Code Execution Vulnerability 2015-06-11
Egidio Romano (research karmainsecurity com)
Remote file upload vulnerability in aviary-image-editor-add-on-for-gravity-forms v3.0beta Wordpress plugin 2015-06-10
Larry W. Cashdollar (larry0 me com)
Cisco Security Advisory: Cisco IOS XR Software Crafted IPv6 Packet Denial of Service Vulnerability 2015-06-11
Cisco Systems Product Security Incident Response Team (psirt cisco com)
D-Link DSP-W110 - multiple vulnerabilities 2015-06-11
Peter Adkins (peter adkins kernelpicnic net)
[security bulletin] HPSBUX03337 SSRT102066 rev.1 - HP-UX Apache Web Server Suite running Apache Web Server, Tomcat v6.x, or PHP v5.4.x, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-06-11
security-alert hp com
Malware
Win32 / TrojanDownloader.Wauchos.AK
Phishing
Mercantile | 11th June 2015 |
PayPal | 11th June 2015 |
Vulnerebility
Multiple Cisco Products CVE-2015-0744 Denial of Service Vulnerability
2015-06-29
http://www.securityfocus.com/bid/74916
QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74640
Stunnel CVE-2014-0016 PRNG Initialization Weakness
2015-06-09
http://www.securityfocus.com/bid/65964
Oracle Java SE CVE-2015-0460 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74097
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74147
Sun J2SE Software Development Kit Java Archive Tool Directory Traversal Vulnerability
2015-06-09
http://www.securityfocus.com/bid/13083
Module::Signature Multiple Remote Command Execution and Security Bypass Vulnerabilities
2015-06-09
http://www.securityfocus.com/bid/73935
Module::Signature 'Signature.pm' Security Bypass Vulnerability
2015-06-09
http://www.securityfocus.com/bid/73937
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74119
Oracle Solaris CVE-2015-2577 Local Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74122
Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74490
Microsoft Internet Explorer CVE-2015-1694 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74508
Microsoft Internet Explorer CVE-2015-1705 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74509
Microsoft Internet Explorer CVE-2015-1706 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74510
Microsoft Internet Explorer CVE-2015-1710 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74513
Microsoft Internet Explorer CVE-2015-1712 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74515
Microsoft Internet Explorer CVE-2015-1692 Clipboard Information Disclosure Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74517
Microsoft Internet Explorer CVE-2015-1704 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74521
libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
2015-06-09
http://www.securityfocus.com/bid/71282
Microsoft .NET Framework CVE-2015-1672 Remote Denial of Service Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74482
Microsoft Windows GDI+ CVE-2015-1670 OpenType Font Parsing Information Disclosure Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74485
Microsoft .NET Framework CVE-2015-1673 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74487
Microsoft Internet Explorer CVE-2015-1691 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74507
Microsoft Internet Explorer CVE-2015-1711 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74514
Microsoft Internet Explorer CVE-2015-1713 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74518
Microsoft VBScript and JScript CVE-2015-1686 ASLR Security Bypass Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74530
Microsoft Internet Explorer CVE-2015-1718 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74607
Exploit
OSSEC 2.7 <= 2.8.1 - Local Root Escalation
11.6.2015
Bugtraq
Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability 2015-06-10
Vulnerability Lab (research vulnerability-lab com)
Use-After-Free in PHP 2015-06-10
High-Tech Bridge Security Research (advisory htbridge ch)
Multiple Vulnerabilities in ISPConfig 2015-06-10
High-Tech Bridge Security Research (advisory htbridge ch)
Arbitrary File Disclosure and Open Redirect in Bonita BPM 2015-06-10
High-Tech Bridge Security Research (advisory htbridge ch)
[RT-SA-2015-004] Alcatel-Lucent OmniSwitch Web Interface Cross-Site Request Forgery 2015-06-10
RedTeam Pentesting GmbH (release redteam-pentesting de)
[RT-SA-2015-003] Alcatel-Lucent OmniSwitch Web Interface Weak Session ID 2015-06-10
RedTeam Pentesting GmbH (release redteam-pentesting de)
[security bulletin] HPSBUX03341 SSRT102068 rev.1 - HP-UX Apache Tomcat v7.x, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-06-09
security-alert hp com
Malware
Backdoor:MSIL/Bladabindi.BG
Worm:Win32/Rebhip.Y
Worm:Win32/Rebhip.Z
Backdoor:Win32/Zegost.THD
Backdoor:Win32/Zegost.THD
TrojanDownloader:Win32/Redosdru.C
Phishing
PayPal | 11th June 2015 |
Receipt for your PayPal | |
Жанна Сергеевна | 10th June 2015 |
楼凤å°?å§è‰¯å®¶å…¼èŒä¿¡æ¯ | 10th June 2015 |
EARTHLINK | 10th June 2015 |
Vulnerebility
Multiple Cisco Products CVE-2015-0744 Denial of Service Vulnerability
2015-06-29
http://www.securityfocus.com/bid/74916
QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74640
Stunnel CVE-2014-0016 PRNG Initialization Weakness
2015-06-09
http://www.securityfocus.com/bid/65964
Oracle Java SE CVE-2015-0460 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74097
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74147
Sun J2SE Software Development Kit Java Archive Tool Directory Traversal Vulnerability
2015-06-09
http://www.securityfocus.com/bid/13083
Module::Signature Multiple Remote Command Execution and Security Bypass Vulnerabilities
2015-06-09
http://www.securityfocus.com/bid/73935
Module::Signature 'Signature.pm' Security Bypass Vulnerability
2015-06-09
http://www.securityfocus.com/bid/73937
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74119
Oracle Solaris CVE-2015-2577 Local Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74122
Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74490
Microsoft Internet Explorer CVE-2015-1694 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74508
Microsoft Internet Explorer CVE-2015-1705 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74509
Microsoft Internet Explorer CVE-2015-1706 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74510
Microsoft Internet Explorer CVE-2015-1710 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74513
Microsoft Internet Explorer CVE-2015-1712 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74515
Microsoft Internet Explorer CVE-2015-1692 Clipboard Information Disclosure Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74517
Microsoft Internet Explorer CVE-2015-1704 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74521
libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
2015-06-09
http://www.securityfocus.com/bid/71282
Microsoft .NET Framework CVE-2015-1672 Remote Denial of Service Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74482
Microsoft Windows GDI+ CVE-2015-1670 OpenType Font Parsing Information Disclosure Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74485
Microsoft .NET Framework CVE-2015-1673 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74487
Microsoft Internet Explorer CVE-2015-1691 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74507
Microsoft Internet Explorer CVE-2015-1711 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74514
Microsoft Internet Explorer CVE-2015-1713 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74518
Microsoft VBScript and JScript CVE-2015-1686 ASLR Security Bypass Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74530
Microsoft Internet Explorer CVE-2015-1718 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74607
Exploit
ProFTPD 1.3.5 Mod_Copy Command Execution
Paypal Currencucy Converter Basic For Woocommerce File Read
Wordpress History Collection <=1.1.1 Arbitrary File Download
Pandora FMS 5.0, 5.1 - Authentication Bypass
Wordpress RobotCPA Plugin V5 - Local File Inclusion
HP WebInspect <= 10.4 XML External Entity Injection
Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability
Libmimedir VCF Memory Corruption PoC
FiverrScript CSRF Vulnerability (Add New Admin)
GeoVision (GeoHttpServer) Webcams Remote File Disclosure Exploit
ISPConfig 3.0.5.4p6 - Multiple Vulnerabilities
Bonita BPM 6.5.1 - Multiple Vulnerabilities
Alcatel-Lucent OmniSwitch - CSRF Vulnerability
AnimaGallery 2.6 - Local File Inclusion
WordPress Encrypted Contact Form Plugin 1.0.4 - CSRF Vulnerability
10.6.2015
Bugtraq
Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability 2015-06-10
Vulnerability Lab (research vulnerability-lab com)
Use-After-Free in PHP 2015-06-10
High-Tech Bridge Security Research (advisory htbridge ch)
Multiple Vulnerabilities in ISPConfig 2015-06-10
High-Tech Bridge Security Research (advisory htbridge ch)
Arbitrary File Disclosure and Open Redirect in Bonita BPM 2015-06-10
High-Tech Bridge Security Research (advisory htbridge ch)
[RT-SA-2015-004] Alcatel-Lucent OmniSwitch Web Interface Cross-Site Request Forgery 2015-06-10
RedTeam Pentesting GmbH (release redteam-pentesting de)
[RT-SA-2015-003] Alcatel-Lucent OmniSwitch Web Interface Weak Session ID 2015-06-10
RedTeam Pentesting GmbH (release redteam-pentesting de)
[security bulletin] HPSBUX03341 SSRT102068 rev.1 - HP-UX Apache Tomcat v7.x, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-06-09
security-alert hp com
Elasticsearch vulnerability CVE-2015-4165 2015-06-09
Kevin Kluge (kevin elastic co)
Malware
Phishing
楼凤å°?å§è‰¯å®¶å…¼èŒä¿¡æ¯ | 10th June 2015 |
EARTHLINK | 10th June 2015 |
EARTHLINK | 9th June 2015 |
iTunes | 9th June 2015 |
Apple | 8th June 2015 |
PayPal | 8th June 2015 |
Chase | 8th June 2015 |
Vulnerebility
Multiple Cisco Products CVE-2015-0744 Denial of Service Vulnerability
2015-06-29
http://www.securityfocus.com/bid/74916
QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74640
Stunnel CVE-2014-0016 PRNG Initialization Weakness
2015-06-09
http://www.securityfocus.com/bid/65964
Oracle Java SE CVE-2015-0460 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74097
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74147
Sun J2SE Software Development Kit Java Archive Tool Directory Traversal Vulnerability
2015-06-09
http://www.securityfocus.com/bid/13083
Module::Signature Multiple Remote Command Execution and Security Bypass Vulnerabilities
2015-06-09
http://www.securityfocus.com/bid/73935
Module::Signature 'Signature.pm' Security Bypass Vulnerability
2015-06-09
http://www.securityfocus.com/bid/73937
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74119
Oracle Solaris CVE-2015-2577 Local Security Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74122
Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74490
Microsoft Internet Explorer CVE-2015-1694 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74508
Microsoft Internet Explorer CVE-2015-1705 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74509
Microsoft Internet Explorer CVE-2015-1706 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74510
Microsoft Internet Explorer CVE-2015-1710 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74513
Microsoft Internet Explorer CVE-2015-1712 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74515
Microsoft Internet Explorer CVE-2015-1692 Clipboard Information Disclosure Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74517
Microsoft Internet Explorer CVE-2015-1704 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74521
libFLAC 'src/libFLAC/stream_decoder.c' Heap Buffer Overflow Vulnerability
2015-06-09
http://www.securityfocus.com/bid/71282
Microsoft .NET Framework CVE-2015-1672 Remote Denial of Service Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74482
Microsoft Windows GDI+ CVE-2015-1670 OpenType Font Parsing Information Disclosure Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74485
Microsoft .NET Framework CVE-2015-1673 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74487
Microsoft Internet Explorer CVE-2015-1691 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74507
Microsoft Internet Explorer CVE-2015-1711 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74514
Microsoft Internet Explorer CVE-2015-1713 Remote Privilege Escalation Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74518
Microsoft VBScript and JScript CVE-2015-1686 ASLR Security Bypass Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74530
Microsoft Internet Explorer CVE-2015-1718 Remote Memory Corruption Vulnerability
2015-06-09
http://www.securityfocus.com/bid/74607
Exploit
SV: Milw0rm Clone Script v1.0 - (time based) SQLi
9.6.2015
Bugtraq
[SECURITY] [DSA 3282-1] strongswan security update 2015-06-08
Yves-Alexis Perez (corsac debian org)
Symphony CMS XSS Vulnerability 2015-06-08
apparitionsec gmail com
AnimaGallery 2.6 (theme and lang cookie parameter) Local File Include Vulnerability 2015-06-08
d4rkr0id gmail com
[SECURITY] [DSA 3281-1] Debian Security Team PGP/GPG key change notice 2015-06-07
Thijs Kinkhorst (thijs debian org)
[SECURITY] [DSA 3280-1] php5 security update 2015-06-07
Moritz Muehlenhoff (jmm debian org)
Malware
Backdoor:MSIL/NetWiredRC.A
TrojanDropper:Win32/Plugx.J
TrojanDownloader:MSIL/Dowector.A
BrowserModifier:Win32/IminentSProtection
BrowserModifier:Win32/AskToolbarNotifier
Phishing
Apple | 8th June 2015 |
PayPal | 8th June 2015 |
Chase | 8th June 2015 |
КÑениÑ? Глебовна | 7th June 2015 |
PayPal | 6th June 2015 |
[Notice] : Update Your Account | |
Vulnerebility
Multiple Cisco Products CVE-2015-0744 Denial of Service Vulnerability
2015-06-29
http://www.securityfocus.com/bid/74916
Linux Kernel 'fs/pipe.c' Multiple Local Memory Corruption Vulnerabilities
2015-06-04
http://www.securityfocus.com/bid/74951
Apache Tomcat 'mod_jk' CVE-2014-8111 Information Disclosure Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74265
Cisco AnyConnect Secure Mobility Client CVE-2015-0761 Local Privilege Escalation Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74954
Attic 'attic/archiver.py' Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74821
WordPress wp-smiley Plugin HTML Injection and Cross Site Request Forgery Vulnerabilities
2015-06-04
http://www.securityfocus.com/bid/74914
PHP 'SoapClient's __call()' Function Type Confusion Remote Code Execution Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73357
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72165
NTP 'ntp_crypto.c' Information Disclosure Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72583
NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72584
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73225
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73227
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73232
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73237
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73239
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73326
cURL/libcURL NTLM connection CVE-2015-3143 Remote Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74299
cURL/libcURL CVE-2015-3148 Remote Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74301
cURL/libcURL CVE-2015-3153 Information Disclosure Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74408
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/71936
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-06-04
http://www.securityfocus.com/bid/71939
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72140
Oracle Java SE CVE-2015-0437 Remote Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72146
Oracle Java SE CVE-2015-0403 Local Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72148
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74083
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74104
Exploit
Wordpress Plugin 'WP Mobile Edition' - LFI Vulnerability
8.6.2015
Bugtraq
Symphony CMS XSS Vulnerability 2015-06-08
apparitionsec gmail com
AnimaGallery 2.6 (theme and lang cookie parameter) Local File Include Vulnerability 2015-06-08
d4rkr0id gmail com
[SECURITY] [DSA 3281-1] Debian Security Team PGP/GPG key change notice 2015-06-07
Thijs Kinkhorst (thijs debian org)
[SECURITY] [DSA 3280-1] php5 security update 2015-06-07
Moritz Muehlenhoff (jmm debian org)
Hardcoded AES 256 bit key used in Kankun IoT/Smart socket and its mobile App 2015-06-06
Payatu Research (research payatu com)
[SECURITY] [DSA 3279-1] redis security update 2015-06-06
Alessandro Ghedini (ghedo debian org)
Symphony CMS 2.6.2 2015-06-06
apparitionsec gmail com
CVE-2015-4010 - Cross-site Request Forgery & Cross-site Scripting in Encrypted Contact Form Wordpress Plugin v1.0.4 2015-06-06
venkatesh nitin gmail com
Xloner v3.1.2 wordpress plugin authenticated command execution and XSS 2015-06-05
Larry W. Cashdollar (larry0 me com)
Expedia Product Security Advisory: Cruise Ship Centers Information Disclosure 2015-06-05
Mike Sheward (msheward expedia com)
CVE-2015-4109 - WordPress Users Ultra Plugin [SQL injection] 2015-06-05
pan vagenas gmail com
1 Click Extract Audio v2.3.6 - Activex Buffer Overflow 2015-06-05
Vulnerability Lab (research vulnerability-lab com)
1 Click Audio Converter v2.3.6 - Activex Buffer Overflow 2015-06-05
Vulnerability Lab (research vulnerability-lab com)
1 Click Audio Converter v2.3.6 - Activex Buffer Overflow 2015-06-05
Vulnerability Lab (research vulnerability-lab com)
Wing FTP Server Remote Code Execution vulnerability 2015-06-05
alex_haynes outlook com
Malware
TrojanDownloader:Win32/Noucti.A
Phishing
КÑениÑ? Глебовна | 7th June 2015 |
PayPal | 6th June 2015 |
[Notice] : Update Your Account | |
PayPal Service ✔ | 6th June 2015 |
PayPal Service | 6th June 2015 |
Vulnerebility
Multiple Cisco Products CVE-2015-0744 Denial of Service Vulnerability
2015-06-29
http://www.securityfocus.com/bid/74916
Linux Kernel 'fs/pipe.c' Multiple Local Memory Corruption Vulnerabilities
2015-06-04
http://www.securityfocus.com/bid/74951
Apache Tomcat 'mod_jk' CVE-2014-8111 Information Disclosure Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74265
Cisco AnyConnect Secure Mobility Client CVE-2015-0761 Local Privilege Escalation Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74954
Attic 'attic/archiver.py' Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74821
WordPress wp-smiley Plugin HTML Injection and Cross Site Request Forgery Vulnerabilities
2015-06-04
http://www.securityfocus.com/bid/74914
PHP 'SoapClient's __call()' Function Type Confusion Remote Code Execution Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73357
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72165
NTP 'ntp_crypto.c' Information Disclosure Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72583
NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72584
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73225
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73227
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73232
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73237
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73239
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73326
cURL/libcURL NTLM connection CVE-2015-3143 Remote Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74299
cURL/libcURL CVE-2015-3148 Remote Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74301
cURL/libcURL CVE-2015-3153 Information Disclosure Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74408
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/71936
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-06-04
http://www.securityfocus.com/bid/71939
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72140
Oracle Java SE CVE-2015-0437 Remote Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72146
Oracle Java SE CVE-2015-0403 Local Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72148
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74083
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74104
Exploit
D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change
TP-Link ADSL2+ TD-W8950ND - Unauthenticated Remote DNS Change
D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change
D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change
5.6.2015
Bugtraq
1 Click Extract Audio v2.3.6 - Activex Buffer Overflow 2015-06-05
Vulnerability Lab (research vulnerability-lab com)
1 Click Audio Converter v2.3.6 - Activex Buffer Overflow 2015-06-05
Vulnerability Lab (research vulnerability-lab com)
1 Click Audio Converter v2.3.6 - Activex Buffer Overflow 2015-06-05
Vulnerability Lab (research vulnerability-lab com)
Wing FTP Server Remote Code Execution vulnerability 2015-06-05
alex_haynes outlook com
[CVE-2015-4108] Wing FTP Server Cross-site Request Forgery vulnerabilities 2015-06-05
alex_haynes outlook com
CA20150604-01: Security Notice for CA Common Services 2015-06-04
Kotas, Kevin J (Kevin Kotas ca com)
[security bulletin] HPSBGN03343 rev.1 - HP WebInspect, Remote Unauthorized Access 2015-06-04
security-alert hp com
CVE-2015-4153 - WordPress zM Ajax Login & Register Plugin [Local File Inclusion] 2015-06-04
pan vagenas gmail com
Malware
TrojanDownloader:Win32/Noucti.A
Phishing
Verfaction Paypal | 4th June 2015 |
Chase Bank | 3rd June 2015 |
Vulnerebility
Multiple Cisco Products CVE-2015-0744 Denial of Service Vulnerability
2015-06-29
http://www.securityfocus.com/bid/74916
Linux Kernel 'fs/pipe.c' Multiple Local Memory Corruption Vulnerabilities
2015-06-04
http://www.securityfocus.com/bid/74951
Apache Tomcat 'mod_jk' CVE-2014-8111 Information Disclosure Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74265
Cisco AnyConnect Secure Mobility Client CVE-2015-0761 Local Privilege Escalation Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74954
Attic 'attic/archiver.py' Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74821
WordPress wp-smiley Plugin HTML Injection and Cross Site Request Forgery Vulnerabilities
2015-06-04
http://www.securityfocus.com/bid/74914
PHP 'SoapClient's __call()' Function Type Confusion Remote Code Execution Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73357
NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72584
NTP 'ntp_crypto.c' Information Disclosure Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72583
cURL/libcURL CVE-2015-3148 Remote Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74301
cURL/libcURL NTLM connection CVE-2015-3143 Remote Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74299
cURL/libcURL CVE-2015-3153 Information Disclosure Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74408
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73239
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73232
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73237
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73227
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73225
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72165
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/73326
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72169
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-06-04
http://www.securityfocus.com/bid/71936
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-06-04
http://www.securityfocus.com/bid/71939
Oracle Java SE CVE-2015-0403 Local Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72148
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-06-04
http://www.securityfocus.com/bid/74083
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72140
Oracle Java SE CVE-2015-0437 Remote Java SE Vulnerability
2015-06-04
http://www.securityfocus.com/bid/72146
Exploit
JDownloader 2 Beta - Directory Traversal Vulnerability
Seagate Central 2014.0410.0026-F Remote Root Exploit
Wordpress Really Simple Guest Post <= 1.0.6 - File Include
WordPress zM Ajax Login & Register Plugin 1.0.9 Local File Inclusion
1 Click Audio Converter 2.3.6 - Activex Buffer Overflow
1 Click Extract Audio 2.3.6 - Activex Buffer Overflow
Jildi FTP Client 1.5.6 (SEH) BOF
ZTE AC 3633R USB Modem Multiple Vulnerabilities
4.6.2015
Bugtraq
ESA-2015-091: RSA® Web Threat Detection Cross-Site Request Forgery Vulnerability 2015-06-03
Security Alert (Security_Alert emc com)
Local PHP File Inclusion in ResourceSpace 2015-06-03
High-Tech Bridge Security Research (advisory htbridge ch)
Jildi FTP Client 1.5.2 b1138 - Buffer Overflow Vulnerability 2015-06-03
banana88 inbox com
Safari Address Spoofing - Impact, Code, How It Works, History 2015-06-03
David Leo (david leo deusen co uk)
[SECURITY] [DSA 3249-2] jqueryui security update 2015-06-02
Sebastien Delafond (seb debian org)
Malware
TrojanDownloader:Win32/Upatre.BJ
TrojanDownloader:Win32/Upatre.BG
Ransom:Win32/Roduk.A!dllDefCon
Ransom:PowerShell/Roduk.ADefCon
TrojanDownloader:PowerShell/Roduk.ADefCon
Phishing
Chase Bank | 3rd June 2015 |
Apple | 3rd June 2015 |
Your Apple ID has expired in | |
NatWest | 2nd June 2015 |
Vulnerebility
Exploit
vfront-0.99.2 CSRF & Persistent XSS
WebDrive 12.2 (B4172) - Buffer Overflow Vulnerability
Jildi FTP Client Buffer Overflow PoC
3.6.2015
Bugtraq
[SECURITY] [DSA 3277-1] wireshark security update 2015-06-02
Moritz Muehlenhoff (jmm debian org)
WebDrive 12.2 (B4172) - Buffer Overflow Vulnerability 2015-06-02
Vulnerability Lab (research vulnerability-lab com)
vfront-0.99.2 CSRF & Persistent XSS 2015-06-02
apparitionsec gmail com
Enhanced SQL Portal 5.0.7961 XSS Vulnerability 2015-06-02
apparitionsec gmail com
Freebox OS Web interface 3.0.2 XSS, CSRF 2015-06-01
huyngocbk gmail com
t2'15: Call for Papers 2015 (Helsinki / Finland) 2015-06-01
Tomi Tuominen (tomi tuominen t2 fi)
Malware
Ransom:PowerShell/Polock.A PWS:Win32/OnLineGames.AH
Phishing
Apple | 3rd June 2015 |
Your Apple ID has expired in | |
NatWest | 2nd June 2015 |
limited.services@paypal.com | 2nd June 2015 |
Joey | 1st June 2015 |
Vulnerebility
Exploit
PonyOS <= 3.0 - tty ioctl() Local Kernel Exploit
2.6.2015
Bugtraq
CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS] 2015-06-01
pan vagenas gmail com
CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation] 2015-06-01
pan vagenas gmail com
WebDrive Buffer OverFlow PoC 2015-06-01
banana88 inbox com
Ektron CMS 9.10 SP1 - XSS Vulnerability 2015-05-31
jerold v00d00sec com
Ektron CMS 9.10 SP1 - CSRF Vulnerability 2015-05-31
jerold v00d00sec com
[SECURITY] [DSA 3276-1] symfony security update 2015-05-31
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3269-2] postgresql-9.1 regression update 2015-05-31
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3275-1] fusionforge security update 2015-05-30
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
limited.services@paypal.com | 2nd June 2015 |
Joey | 1st June 2015 |
Ms. Carman L. Lapointe | 1st June 2015 |
Paypal | 1st June 2015 |
iTunes | 1st June 2015 |
Service ✔ | 1st June 2015 |
Vulnerebility
WordPress ReFlex Gallery Plugin 'php.php' Arbitrary File Upload Vulnerability
2015-05-30
http://www.securityfocus.com/bid/57100
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-05-30
http://www.securityfocus.com/bid/74147
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-05-30
http://www.securityfocus.com/bid/70574
OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/69081
OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/70586
OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/69082
OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/69076
OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/69078
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-05-30
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-05-30
http://www.securityfocus.com/bid/74111
IBM WebSphere Application Server CVE-2015-1920 Remote Code Execution Vulnerability
2015-05-30
http://www.securityfocus.com/bid/74439
OpenSSL CVE-2015-0205 Man in the Middle Security Bypass Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71941
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71935
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_buffer_record()' Function Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71940
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-05-30
http://www.securityfocus.com/bid/71939
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71937
OpenSSL 'ssl23_get_client_hello()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71934
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-05-30
http://www.securityfocus.com/bid/73326
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-05-30
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-05-30
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2014-6512 IP Address Spoofing Vulnerability
2015-05-30
http://www.securityfocus.com/bid/70567
Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2015-05-30
http://www.securityfocus.com/bid/70538
PHPWind Cross Site Scripting and Open Redirection Vulnerabilities
2015-05-30
http://www.securityfocus.com/bid/74804
QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability
2015-05-30
http://www.securityfocus.com/bid/74640
WordPress church_admin Plugin 'address' Field HTML Injection Vulnerability
2015-05-30
http://www.securityfocus.com/bid/74782
Drupal Entity API Module Field Labels Cross Site Scripting Vulnerability
2015-05-30
http://www.securityfocus.com/bid/72806
Red Hat SETroubleShoot CVE-2015-1815 Remote Privilege Escalation Vulnerability
2015-05-30
http://www.securityfocus.com/bid/73374
openSUSE OSC 'osc/core.py' Command Injection Vulnerability
2015-05-30
http://www.securityfocus.com/bid/73114
slapi-nis Directory Server Plugin CVE-2015-0283 Multiple Remote Denial of Service Vulnerabilities
2015-05-30
http://www.securityfocus.com/bid/73377
Exploit
Realtek SDK Miniigd UPnP SOAP Command Execution
Airties login-cgi Buffer Overflow
IBM Security AppScan Standard <= 9.0.2 - OLE Automation Array Remote Code Execution
WebDrive 12.2 (Build # 4172) - Buffer OverFlow PoC
D-Link Devices HNAP SOAPAction-Header Command Execution
WordPress dzs-zoomsounds Plugins <= 2.0 - Remote File Upload Vulnerability
Aruba ClearPass Policy Manager Stored XSS
PonyOS <= 3.0 - VFS Permissions Exploit
PonyOS <= 3.0 - ELF Loader Privilege Escalation
1.6.2015
Bugtraq
CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS] 2015-06-01
pan vagenas gmail com
CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation] 2015-06-01
pan vagenas gmail com
WebDrive Buffer OverFlow PoC 2015-06-01
banana88 inbox com
Ektron CMS 9.10 SP1 - XSS Vulnerability 2015-05-31
jerold v00d00sec com
Ektron CMS 9.10 SP1 - CSRF Vulnerability 2015-05-31
jerold v00d00sec com
[SECURITY] [DSA 3276-1] symfony security update 2015-05-31
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3269-2] postgresql-9.1 regression update 2015-05-31
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3275-1] fusionforge security update 2015-05-30
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Paypal | 1st June 2015 |
iTunes | 1st June 2015 |
Service ✔ | 1st June 2015 |
EARTHLINK | 1st June 2015 |
Vulnerebility
WordPress ReFlex Gallery Plugin 'php.php' Arbitrary File Upload Vulnerability
2015-05-30
http://www.securityfocus.com/bid/57100
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-05-30
http://www.securityfocus.com/bid/74147
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-05-30
http://www.securityfocus.com/bid/70574
OpenSSL DTLS CVE-2014-3505 Remote Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/69081
OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/70586
OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/69082
OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/69076
OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/69078
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-05-30
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-05-30
http://www.securityfocus.com/bid/74111
IBM WebSphere Application Server CVE-2015-1920 Remote Code Execution Vulnerability
2015-05-30
http://www.securityfocus.com/bid/74439
OpenSSL CVE-2015-0205 Man in the Middle Security Bypass Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71941
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71935
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_buffer_record()' Function Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71940
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-05-30
http://www.securityfocus.com/bid/71939
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71937
OpenSSL 'ssl23_get_client_hello()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-05-30
http://www.securityfocus.com/bid/71934
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-05-30
http://www.securityfocus.com/bid/73326
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-05-30
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-05-30
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2014-6512 IP Address Spoofing Vulnerability
2015-05-30
http://www.securityfocus.com/bid/70567
Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2015-05-30
http://www.securityfocus.com/bid/70538
PHPWind Cross Site Scripting and Open Redirection Vulnerabilities
2015-05-30
http://www.securityfocus.com/bid/74804
QEMU 'hw/block/fdc.c' VENOM Remote Memory Corruption Vulnerability
2015-05-30
http://www.securityfocus.com/bid/74640
WordPress church_admin Plugin 'address' Field HTML Injection Vulnerability
2015-05-30
http://www.securityfocus.com/bid/74782
Drupal Entity API Module Field Labels Cross Site Scripting Vulnerability
2015-05-30
http://www.securityfocus.com/bid/72806
Red Hat SETroubleShoot CVE-2015-1815 Remote Privilege Escalation Vulnerability
2015-05-30
http://www.securityfocus.com/bid/73374
openSUSE OSC 'osc/core.py' Command Injection Vulnerability
2015-05-30
http://www.securityfocus.com/bid/73114
slapi-nis Directory Server Plugin CVE-2015-0283 Multiple Remote Denial of Service Vulnerabilities
2015-05-30
http://www.securityfocus.com/bid/73377
Exploit
IBM Security AppScan Standard <= 9.0.2 - OLE Automation Array Remote Code Execution
WebDrive 12.2 (Build # 4172) - Buffer OverFlow PoC
WordPress dzs-zoomsounds Plugins <= 2.0 - Remote File Upload Vulnerability
PonyOS <= 3.0 - VFS Permissions Exploit
PonyOS <= 3.0 - ELF Loader Privilege Escalation
29.5.2015
Bugtraq
[security bulletin] HPSBHF03340 rev.1 - HP ThinPro Linux and HP Smart Zero Core running HP Easy Setup Wizard, Local Unauthorized Access, Elevation of Privilege 2015-05-28
security-alert hp com
Audacity 2.0.5 contains Arbitrary DLL Injection Code Execution 2015-05-28
mystyle_rahul yahoo co in
[SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices 2015-05-28
Gergely Eberhardt (gergely eberhardt search-lab hu)
DbNinja 3.2.6 Flash XSS Vulnerabilities 2015-05-28
apparitionsec gmail com
DbNinja 3.2.6 Flash XSS Vulnerabilities 2015-05-28
apparitionsec gmail com
Malware
Phishing
WellsFargo Alert | 29th May 2015 |
PayPal | 29th May 2015 |
Your account PayPal is limited | |
Barclays Bank | 28th May 2015 |
Sun Trust Banking | 27th May 2015 |
Apple | 27th May 2015 |
Vulnerebility
Exploit
28.5.2015
Bugtraq
[Onapsis Security Advisory 2015-006] SAP HANA Information Disclosure via SQL IMPORT FROM statement 2015-05-27
Onapsis Research Labs (research onapsis com)
[Onapsis Security Advisory 2015-007] SAP HANA Log Injection Vulnerability 2015-05-27
Onapsis Research Labs (research onapsis com)
Thycotic Password Manager Secret Server iOS Application - MITM SSL Certificate Vulnerability 2015-05-27
David Coomber (davidcoomber infosec gmail com)
[SECURITY] [DSA 3268-2] ntfs-3g security update 2015-05-26
Salvatore Bonaccorso (carnil debian org)
CVE-2015-4084 - WordPress Free Counter Plugin [Stored XSS] 2015-05-26
pan vagenas gmail com
[SECURITY] [DSA 3273-1] tiff security update 2015-05-25
Moritz Muehlenhoff (jmm debian org)
Synology Photo Station multiple Cross-Site Scripting vulnerabilities 2015-05-25
Securify B.V. (lists securify nl)
Reflected Cross-Site Scripting in Synology DiskStation Manager 2015-05-25
Securify B.V. (lists securify nl)
Command injection vulnerability in Synology Photo Station 2015-05-25
Securify B.V. (lists securify nl)
Malware
Phishing
Sun Trust Banking | 27th May 2015 |
Apple | 27th May 2015 |
service@paypal.co.uk | 26th May 2015 |
Apple | 26th May 2015 |
Skype | 25th May 2015 |
Vulnerebility
Drupal Views Module Access Bypass Vulnerability
2015-05-29
http://www.securityfocus.com/bid/74462
Exploit
WordPress Plugin Free Counter 1.1 Stored XSS
27.5.2015
Bugtraq
Thycotic Password Manager Secret Server iOS Application - MITM SSL Certificate Vulnerability 2015-05-27
David Coomber (davidcoomber infosec gmail com)
[SECURITY] [DSA 3268-2] ntfs-3g security update 2015-05-26
Salvatore Bonaccorso (carnil debian org)
CVE-2015-4084 - WordPress Free Counter Plugin [Stored XSS] 2015-05-26
pan vagenas gmail com
[SECURITY] [DSA 3273-1] tiff security update 2015-05-25
Moritz Muehlenhoff (jmm debian org)
Synology Photo Station multiple Cross-Site Scripting vulnerabilities 2015-05-25
Securify B.V. (lists securify nl)
Reflected Cross-Site Scripting in Synology DiskStation Manager 2015-05-25
Securify B.V. (lists securify nl)
Command injection vulnerability in Synology Photo Station 2015-05-25
Securify B.V. (lists securify nl)
[SECURITY] [DSA 3265-2] zendframework regression update 2015-05-24
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3272-1] ipsec-tools security update 2015-05-23
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Apple | 27th May 2015 |
service@paypal.co.uk | 26th May 2015 |
Apple | 26th May 2015 |
Vulnerebility
Drupal Views Module Access Bypass Vulnerability
2015-05-29
http://www.securityfocus.com/bid/74462
php-gd 'gdxpm.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/66233
PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2015-05-25
http://www.securityfocus.com/bid/68007
PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2015-05-25
http://www.securityfocus.com/bid/64225
PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/61776
OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69084
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73326
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-05-25
http://www.securityfocus.com/bid/73684
IPsec-Tools NULL Pointer Dereference Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74739
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73225
NVIDIA Display Driver CVE-2015-1170 Local Privilege Escalation Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73442
OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69076
OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69083
OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69075
OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69077
OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69078
OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69079
OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69082
t1utils Buffer Overflow Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74674
WordPress Landing Pages Plugin Unspecified SQL Injection and Cross Site Scripting Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74777
Wordpress Roomcloud Plugin 'roomcloud.php' Multiple Cross Site Scripting Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74580
PgBouncer src/client.c' Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74751
WordPress GigPress Plugin 'handlers.php' Multiple SQL Injection Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74747
WordPress NewStatPress Plugin Unspecified SQL Injection and Cross Site Scripting Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74773
Ruby on Rails Action Pack Comp CVE-2014-7829 Incomplete Fix Information Disclosure Vulnerability
2015-05-25
http://www.securityfocus.com/bid/71183
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/71936
Google Chrome Prior to 43.0.2357.65 Multiple Security Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74723
Google Chrome CVE-2015-1265 Multiple Unspecified Security Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74727
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73239
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-05-25
http://www.securityfocus.com/bid/71939
Exploit
WordPress Plugin Free Counter 1.1 Stored XSS
Acoustica Pianissimo 1.0 Build 12 (Registration ID) Buffer Overflow PoC
26.5.2015
Bugtraq
Synology Photo Station multiple Cross-Site Scripting vulnerabilities 2015-05-25
Securify B.V. (lists securify nl)
Reflected Cross-Site Scripting in Synology DiskStation Manager 2015-05-25
Securify B.V. (lists securify nl)
Command injection vulnerability in Synology Photo Station 2015-05-25
Securify B.V. (lists securify nl)
[SECURITY] [DSA 3265-2] zendframework regression update 2015-05-24
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3272-1] ipsec-tools security update 2015-05-23
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3271-1] nbd security update 2015-05-23
Alessandro Ghedini (ghedo debian org)
Malware
Phishing
Apple | 26th May 2015 |
Skype | 25th May 2015 |
iTunes | 25th May 2015 |
iTunes | 25th May 2015 |
iTunes | 25th May 2015 |
Mercantile | 25th May 2015 |
Vulnerebility
Drupal Views Module Access Bypass Vulnerability
2015-05-29
http://www.securityfocus.com/bid/74462
php-gd 'gdxpm.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/66233
PHP DNS TXT Record Handling Heap Buffer Overflow Vulnerability
2015-05-25
http://www.securityfocus.com/bid/68007
PHP OpenSSL Extension 'openssl_x509_parse()' Remote Memory Corruption Vulnerability
2015-05-25
http://www.securityfocus.com/bid/64225
PHP SSL Certificate Validation CVE-2013-4248 Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/61776
OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69084
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73326
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-05-25
http://www.securityfocus.com/bid/73684
IPsec-Tools NULL Pointer Dereference Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74739
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73225
NVIDIA Display Driver CVE-2015-1170 Local Privilege Escalation Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73442
OpenSSL DTLS CVE-2014-3506 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69076
OpenSSL SRP CVE-2014-3512 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69083
OpenSSL CVE-2014-3508 Information Disclosure Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69075
OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69077
OpenSSL DTLS CVE-2014-3507 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69078
OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69079
OpenSSL DTLS CVE-2014-3510 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69082
t1utils Buffer Overflow Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74674
WordPress Landing Pages Plugin Unspecified SQL Injection and Cross Site Scripting Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74777
Wordpress Roomcloud Plugin 'roomcloud.php' Multiple Cross Site Scripting Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74580
PgBouncer src/client.c' Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74751
WordPress GigPress Plugin 'handlers.php' Multiple SQL Injection Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74747
WordPress NewStatPress Plugin Unspecified SQL Injection and Cross Site Scripting Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74773
Ruby on Rails Action Pack Comp CVE-2014-7829 Incomplete Fix Information Disclosure Vulnerability
2015-05-25
http://www.securityfocus.com/bid/71183
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/71936
Google Chrome Prior to 43.0.2357.65 Multiple Security Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74723
Google Chrome CVE-2015-1265 Multiple Unspecified Security Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74727
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73239
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-05-25
http://www.securityfocus.com/bid/71939
Exploit
Wordpress Video Gallery Plugin 2.8 Arbitrary Mail Relay
WordPress NewStatPress Plugin 0.9.8 Multiple Vulnerabilities
WordPress Landing Pages Plugin 1.8.4 Multiple Vulnerabilities
WordPress GigPress Plugin 2.3.8 - SQL Injection
Apache Jackrabbit WebDAV XXE Exploit
Wordpress MailChimp Subscribe Forms 1.1 Remote Code Execution
Wordpress church_admin Plugin 0.800 Stored XSS
Wordpess Simple Photo Gallery 1.7.8 Blind SQL Injection
Sendio ESP Information Disclosure Vulnerability
Clickheat 1.13+ Remote Command Execution
25.5.2015
Bugtraq
[CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability 2015-05-22
CORE Advisories Team (advisories coresecurity com)
[SECURITY] [DSA 3270-1] postgresql-9.4 security update 2015-05-22
Christoph Berg (myon debian org)
[SECURITY] [DSA 3268-1] ntfs-3g security update 2015-05-22
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
iTunes | 25th May 2015 |
iTunes | 25th May 2015 |
iTunes | 25th May 2015 |
Mercantile | 25th May 2015 |
Vulnerebility
Drupal Views Module Access Bypass Vulnerability
2015-05-29
http://www.securityfocus.com/bid/74462
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-05-25
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74083
Oracle Java SE CVE-2015-0491 Remote Security Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74094
Dojo Toolkit CVE-2014-8917 Multiple Cross Site Scripting Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/72903
CKEditor Preview Plugin CVE-2014-5191 Unspecified Cross Site Scripting Vulnerability
2015-05-25
http://www.securityfocus.com/bid/69161
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-05-25
http://www.securityfocus.com/bid/73684
OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/70586
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73232
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73239
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73237
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73225
GNU glibc 'swscanf' Local Heap Buffer Overflow Vulnerability
2015-05-25
http://www.securityfocus.com/bid/72428
GNU glibc 'send_dg()' Function Local Information Disclosure Weakness
2015-05-25
http://www.securityfocus.com/bid/72844
FUSE CVE-2015-3202 Local Privilege Escalation Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74765
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73326
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-05-25
http://www.securityfocus.com/bid/72165
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-05-25
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2015-05-25
http://www.securityfocus.com/bid/70538
Multiple OleumTech Products CVE-2014-2361 Local Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/68795
Multiple OleumTech Products CVE-2014-2362 Predictable Random Number Generator Weakness
2015-05-25
http://www.securityfocus.com/bid/68800
OleumTech WIO DH2 Wireless Gateway CVE-2014-2360 Remote Denial of Service Vulnerability
2015-05-25
http://www.securityfocus.com/bid/68797
X.Org libXfont 'bitmap/bdfread.c' Out of Bounds Local Buffer Overflow Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73277
X.Org X Server Protocol Handling Out-of-Bounds Multiple Denial of Service Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/71603
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-05-25
http://www.securityfocus.com/bid/71939
MIT Kerberos 5 CVE-2014-5355 Multiple Denial of Service Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74042
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/71935
OpenSSL '/evp/encode.c' Remote Memory Corruption Vulnerability
2015-05-25
http://www.securityfocus.com/bid/73228
WordPress WP Membership Plugin Multiple Security Vulnerabilities
2015-05-25
http://www.securityfocus.com/bid/74766
Exploit
FTP Media Server 3.0 - Authentication Bypass and Denial of Service
22.5.2015
Bugtraq
[SECURITY] [DSA 3266-1] fuse security update 2015-05-21
Salvatore Bonaccorso (carnil debian org)
Webgrind XSS vulnerability 2015-05-21
hyp3rlinx gmail com
CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability) 2015-05-21
Julian Reschke (julian reschke greenbytes de)
CVE for Apple's ECDHE-ECDSA SecureTransport bug? 2015-05-20
Jeffrey Walton (noloader gmail com)
[SECURITY] [DSA 3261-2] libmodule-signature-perl regression update 2015-05-20
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Barclays | 21st May 2015 |
Halifax Bank | 21st May 2015 |
PayPal Inc, | 21st May 2015 |
Vulnerebility
Drupal Views Module Access Bypass Vulnerability
2015-05-29
http://www.securityfocus.com/bid/74462
ownCloud CVE-2015-3013 Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74451
WordPress WP Symposium Plugin CVE-2015-3325 SQL Injection Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74237
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74083
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-05-22
http://www.securityfocus.com/bid/73684
Microsoft Windows GDI+ CVE-2015-1671 TrueType Font Handling Remote Code Execution Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74490
Sun J2SE Software Development Kit Java Archive Tool Directory Traversal Vulnerability
2015-05-22
http://www.securityfocus.com/bid/13083
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-05-22
http://www.securityfocus.com/bid/70574
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-05-22
http://www.securityfocus.com/bid/73326
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0491 Remote Security Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74094
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74119
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74141
Elasticsearch CVE-2015-3337 Directory Traversal Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74353
Microsoft Windows GDI+ CVE-2015-1670 OpenType Font Parsing Information Disclosure Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74485
IBM SDK CVE-2015-1914 Sandbox Security Bypass Vulnerability
2015-05-22
http://www.securityfocus.com/bid/74645
Google Chrome Prior to 43.0.2357.65 Multiple Security Vulnerabilities
2015-05-22
http://www.securityfocus.com/bid/74723
Google V8 Prior to 4.3.61.21 Multiple Unspecified Security Vulnerabilities
2015-05-22
http://www.securityfocus.com/bid/74730
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-05-22
http://www.securityfocus.com/bid/71935
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-05-22
http://www.securityfocus.com/bid/71936
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-05-22
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-05-22
http://www.securityfocus.com/bid/71939
OpenSSL 'dtls1_buffer_record()' Function Denial of Service Vulnerability
2015-05-22
http://www.securityfocus.com/bid/71940
OpenSSL CVE-2015-0205 Man in the Middle Security Bypass Vulnerability
2015-05-22
http://www.securityfocus.com/bid/71941
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-05-22
http://www.securityfocus.com/bid/71942
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-05-22
http://www.securityfocus.com/bid/72169
Google Chrome CVE-2015-1265 Multiple Unspecified Security Vulnerabilities
2015-05-22
http://www.securityfocus.com/bid/74727
Exploit
Microsoft Windows - Local Privilege Escalation (MS15-051)
Windows - CNG.SYS Kernel Security Feature Bypass PoC (MS15-052)
Windows 8.0 - 8.1 x64 - TrackPopupMenu Privilege Escalation (MS14-058)
Forma LMS 1.3 Multiple SQL Injection Vulnerabilities
WordPress WP Symposium Plugin 15.1 SQL Injection Vulnerability
21.5.2015
Bugtraq
[security bulletin] HPSBUX03333 SSRT102029 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS), or Other Vulnerabilities 2015-05-20
security-alert hp com
[security bulletin] HPSBUX03334 SSRT102000 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-05-20
security-alert hp com
Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
Stored XSS in WP Photo Album Plus WordPress Plugin 2015-05-20
High-Tech Bridge Security Research (advisory htbridge ch)
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3265-1] zendframework security update 2015-05-20
David Prévot (david tilapin org)
ManageEngine EventLog Analyzer V:10.0 CSRF Vulnerability 2015-05-19
akashchavan0708 gmail com
Staff FTP v3.04 Software - DLL Hijacking Vulnerability 2015-05-19
metacom27 gmail com
[SECURITY] [DSA 3263-1] proftpd-dfsg security update 2015-05-19
Sebastien Delafond (seb debian org)
Staff FTP v3.04 Software - DLL Hijacking Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability 2015-05-20
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3264-1] icedove security update 2015-05-19
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow 2015-05-19
security-alert hp com
APPLE-SA-2015-05-19-1 Watch OS 1.0.1 2015-05-19
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access 2015-05-19
security-alert hp com
[SECURITY] [DSA 3175-2] kfreebsd-9 security update 2015-05-18
Alessandro Ghedini (ghedo debian org)
WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability 2015-05-19
metacom27 gmail com
iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3262-1] xen security update 2015-05-18
Moritz Muehlenhoff (jmm debian org)
OYO File Manager 1.1 iOS&Android - Multiple Vulnerabilities 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
Wireless Photo Transfer v3.0 iOS - File Include Vulnerability 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
CRUCMS Crucial Networking - SQL Injection Vulnerability 2015-05-18
Vulnerability Lab (research vulnerability-lab com)
[slackware-security] mozilla-thunderbird (SSA:2015-137-01) 2015-05-17
Slackware Security Team (security slackware com)
ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability 2015-05-16
Security Alert (Security_Alert emc com)
[SECURITY] [DSA 3261-1] libmodule-signature-perl security update 2015-05-15
Salvatore Bonaccorso (carnil debian org)
[SE-2014-02] Unconfirmed / unpatched vulnerabilities in Google App Engine 2015-05-15
Security Explorations (contact security-explorations com)
phpMyAdmin 4.4.6 Man-In-the-Middle API Github 2015-05-14
submit cxsec org
[SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass 2015-05-14
Mark Thomas (markt apache org)
SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2) 2015-05-14
SEC Consult Vulnerability Lab (research sec-consult com)
Sidu 5.2 Admin XSS Vulnerability 2015-05-14
apparitionsec gmail com
Malware
Phishing
Microsoft | 21st May 2015 |
USAA | 20th May 2015 |
Alisha Tarologist | 20th May 2015 |
Chase | 20th May 2015 |
Nationwide Building Society | 19th May 2015 |
Barclays | 19th May 2015 |
Vulnerebility
Drupal Views Module Access Bypass Vulnerability
2015-05-29
http://www.securityfocus.com/bid/74462
ownCloud CVE-2015-3013 Security Bypass Vulnerability
2015-05-25
http://www.securityfocus.com/bid/74451
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-05-21
http://www.securityfocus.com/bid/72169
Dojo Toolkit CVE-2014-8917 Multiple Cross Site Scripting Vulnerabilities
2015-05-21
http://www.securityfocus.com/bid/72903
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73237
OpenSSL '/evp/encode.c' Remote Memory Corruption Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73228
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73227
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-05-21
http://www.securityfocus.com/bid/71935
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-05-21
http://www.securityfocus.com/bid/71936
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-05-21
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-05-21
http://www.securityfocus.com/bid/71939
OpenSSL 'dtls1_buffer_record()' Function Denial of Service Vulnerability
2015-05-21
http://www.securityfocus.com/bid/71940
OpenSSL CVE-2015-0205 Man in the Middle Security Bypass Vulnerability
2015-05-21
http://www.securityfocus.com/bid/71941
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-05-21
http://www.securityfocus.com/bid/71942
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73225
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73232
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73239
NTP CVE-2015-1799 Denial of Service Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73950
NTP CVE-2015-1798 Man in the Middle Security Bypass Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73951
Google Chrome Prior to 43.0.2357.65 Multiple Security Vulnerabilities
2015-05-21
http://www.securityfocus.com/bid/74723
Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2015-05-21
http://www.securityfocus.com/bid/70538
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-05-21
http://www.securityfocus.com/bid/70574
libpng 'png_combine_row()' Heap Buffer Overflow Vulnerability
2015-05-21
http://www.securityfocus.com/bid/71820
OpenSSL 'ssl23_get_client_hello()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-05-21
http://www.securityfocus.com/bid/71934
libpng CVE-2015-0973 Multiple Heap Based Buffer Overflow Vulnerabilities
2015-05-21
http://www.securityfocus.com/bid/71994
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-05-21
http://www.securityfocus.com/bid/72165
Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
2015-05-21
http://www.securityfocus.com/bid/72717
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73326
Linux Kernel 'nf_conntrack_extend.h' NULL Pointer Dereference Denial of Service Vulnerability
2015-05-21
http://www.securityfocus.com/bid/73953
Exploit
Phoenix Contact ILC 150 ETH PLC Remote Control Script
WordPress FeedWordPress Plugin 2015.0426 - SQL Injection
Comodo GeekBuddy < 4.18.121 - Local Privilege Escalation
ZOC SSH Client Buffer Overflow Vulnerability (SEH)
Linux/x86 execve "/bin/sh" - shellcode 26 bytes
7.3.2015
Bugtraq
Last Call - Workhsops of CISTI'2015: 10th Iberian Conference on Information Systems and Technologies 2015-03-05
ML (marialemos72 gmail com)
Ultimate PHP Board (UPB) 2.2.7 Cross Site Scripting Vulnerability 2015-03-05
prathan ptr gmail com
[ MDVSA-2015:054 ] bind 2015-03-04
security mandriva com
WeBid 1.1.1 Unrestricted File Upload Exploit 2015-03-04
prathan ptr gmail com
[ MDVSA-2015:055 ] freetype2 2015-03-04
security mandriva com
Malware
Phishing
TV Stream | 7th March 2015 |
David | 6th March 2015 |
Paypal | 6th March 2015 |
Wells Fargo | 6th March 2015 |
PayPal | 6th March 2015 |
Security Centre | 5th March 2015 |
Barclays | 4th March 2015 |
PayPal | 4th March 2015 |
Vulnerebility
Drupal Global Redirect Module Open Redirection Vulnerability
2015-02-28
http://www.securityfocus.com/bid/54002
Bitweaver 'rankings.php' Local File Include Vulnerability
2015-02-28
http://www.securityfocus.com/bid/52176
IBM DB2 Administration Server (DAS) 'validateUser()' Stack Buffer Overflow Vulnerability
2015-02-28
http://www.securityfocus.com/bid/46077
IBM WebSphere Application Server for z/OS Multiple Unspecified Cross Site Scripting Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43874
ENOVIA Unspecified Security Vulnerability
2015-02-28
http://www.securityfocus.com/bid/44509
SilverStripe Unspecified Cross Site Request Forgery Vulnerability
2015-02-28
http://www.securityfocus.com/bid/44768
IBM Systems Director Agent 'reset_diragent_keys' Insecure File Permissions Vulnerability
2015-02-28
http://www.securityfocus.com/bid/44839
SilverStripe Multiple Remote Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/45367
TYPO3 Core TYPO3-SA-2010-022 Multiple Remote Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/45470
webConductor 'default.asp' SQL Injection Vulnerability
2015-02-28
http://www.securityfocus.com/bid/41042
IBM Tivoli Directory Server 'DIGEST-MD5' Denial of Service Vulnerability
2015-02-28
http://www.securityfocus.com/bid/42093
IBM WebSphere Service Registry and Repository Multiple Cross Site Scripting Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/42281
IBM Tivoli Storage Manager FastBack Remote Code Execution and Denial of Service Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/42549
IBM Records Manager Multiple Unspecified Remote Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43136
IBM AIX Local Privilege Escalation and Security Bypass Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43207
IBM DB2 prior to 9.7 Fix Pack 3 Multiple Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43291
Blue Coat ProxySG Unspecified Cross Site Scripting Vulnerability
2015-02-28
http://www.securityfocus.com/bid/43675
IBM Tivoli Access Manager for e-business Multiple Cross Site Scripting Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/44382
IBM Tivoli Directory Server Multiple Denial of Service Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/44604
Apple Safari 'setInterval()' Address Bar Spoofing Vulnerability
2015-02-28
http://www.securityfocus.com/bid/52323
eGroupware Multiple Input Validation Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/52770
IBM WebSphere ILOG JRules Cross Site Scripting Vulnerability
2015-02-28
http://www.securityfocus.com/bid/41030
IBM Rational ClearQuest Unspecified Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/41205
IBM FileNet Application Engine Multiple Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43271
MyBB Multiple Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/50816
XChat Remote Denial of Service Vulnerability
2015-02-28
http://www.securityfocus.com/bid/50820
AnGuanJia Remote Unauthorized Access Vulnerability
2015-02-28
http://www.securityfocus.com/bid/51695
Apple Mac OS X Apple Type Services '.dfont' Font File Memory Corruption Vulnerability
2015-02-28
http://www.securityfocus.com/bid/51832
WordPress s2Member Pro Plugin 'Coupon Code' Field HTML Injection Vulnerability
2015-02-28
http://www.securityfocus.com/bid/51997
Dotclear 'swfupload.swf' Remote Arbitrary File Upload Vulnerability
2015-02-28
http://www.securityfocus.com/bid/52173
Exploit
HP Data Protector 8.10 Remote Command Execution
ProjectSend r561 - SQL Injection Vulnerability
4.3.2015
Bugtraq
[ MDVSA-2015:054 ] bind 2015-03-04
security mandriva com
WeBid 1.1.1 Unrestricted File Upload Exploit 2015-03-04
prathan ptr gmail com
[ MDVSA-2015:055 ] freetype2 2015-03-04
security mandriva com
[CVE-2015-2102] Clipbucket 2.7 RC3 0.9 - Blind SQL Injection 2015-03-04
prathan ptr gmail com
[SECURITY] [DSA 3179-1] icedove security update 2015-03-03
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBST03265 rev.1 - HP VMA SAN Gateway running Bash Shell and OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information 2015-03-03
security-alert hp com
[ MDVSA-2015:052 ] tomcat 2015-03-03
security mandriva com
Malware
Phishing
Barclays | 4th March 2015 |
PayPal | 4th March 2015 |
Vulnerebility
Drupal Global Redirect Module Open Redirection Vulnerability
2015-02-28
http://www.securityfocus.com/bid/54002
Bitweaver 'rankings.php' Local File Include Vulnerability
2015-02-28
http://www.securityfocus.com/bid/52176
IBM DB2 Administration Server (DAS) 'validateUser()' Stack Buffer Overflow Vulnerability
2015-02-28
http://www.securityfocus.com/bid/46077
IBM WebSphere Application Server for z/OS Multiple Unspecified Cross Site Scripting Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43874
ENOVIA Unspecified Security Vulnerability
2015-02-28
http://www.securityfocus.com/bid/44509
SilverStripe Unspecified Cross Site Request Forgery Vulnerability
2015-02-28
http://www.securityfocus.com/bid/44768
IBM Systems Director Agent 'reset_diragent_keys' Insecure File Permissions Vulnerability
2015-02-28
http://www.securityfocus.com/bid/44839
SilverStripe Multiple Remote Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/45367
TYPO3 Core TYPO3-SA-2010-022 Multiple Remote Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/45470
webConductor 'default.asp' SQL Injection Vulnerability
2015-02-28
http://www.securityfocus.com/bid/41042
IBM Tivoli Directory Server 'DIGEST-MD5' Denial of Service Vulnerability
2015-02-28
http://www.securityfocus.com/bid/42093
IBM WebSphere Service Registry and Repository Multiple Cross Site Scripting Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/42281
IBM Tivoli Storage Manager FastBack Remote Code Execution and Denial of Service Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/42549
IBM Records Manager Multiple Unspecified Remote Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43136
IBM AIX Local Privilege Escalation and Security Bypass Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43207
IBM DB2 prior to 9.7 Fix Pack 3 Multiple Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43291
Blue Coat ProxySG Unspecified Cross Site Scripting Vulnerability
2015-02-28
http://www.securityfocus.com/bid/43675
IBM Tivoli Access Manager for e-business Multiple Cross Site Scripting Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/44382
IBM Tivoli Directory Server Multiple Denial of Service Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/44604
Apple Safari 'setInterval()' Address Bar Spoofing Vulnerability
2015-02-28
http://www.securityfocus.com/bid/52323
eGroupware Multiple Input Validation Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/52770
IBM WebSphere ILOG JRules Cross Site Scripting Vulnerability
2015-02-28
http://www.securityfocus.com/bid/41030
IBM Rational ClearQuest Unspecified Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/41205
IBM FileNet Application Engine Multiple Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43271
MyBB Multiple Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/50816
XChat Remote Denial of Service Vulnerability
2015-02-28
http://www.securityfocus.com/bid/50820
AnGuanJia Remote Unauthorized Access Vulnerability
2015-02-28
http://www.securityfocus.com/bid/51695
Apple Mac OS X Apple Type Services '.dfont' Font File Memory Corruption Vulnerability
2015-02-28
http://www.securityfocus.com/bid/51832
WordPress s2Member Pro Plugin 'Coupon Code' Field HTML Injection Vulnerability
2015-02-28
http://www.securityfocus.com/bid/51997
Dotclear 'swfupload.swf' Remote Arbitrary File Upload Vulnerability
2015-02-28
http://www.securityfocus.com/bid/52173
Exploit
Symantec Web Gateway 5 restore.php Post Authentication Command Injection
Seagate Business NAS Unauthenticated Remote Command Execution
Solarwinds Orion Service - SQL Injection Vulnerabilities
BEdita CMS 3.5.0 - Multiple Vulnerabilities
PHPMoAdmin Unauthorized Remote Code Execution (0-Day)
Linux Kernel IRET Instruction #SS Fault Handling - Crash PoC
Linux Kernel PPP-over-L2TP Socket Level Handling - Crash PoC
Linux Kernel Associative Array Garbage Collection - Crash PoC
2.3.2015
Bugtraq
[ MDVSA-2015:049 ] cups 2015-03-02
security mandriva com
[CVE-2015-1583] ATutor LCMS - CSRF Vulnerability in Version 2.2 2015-02-28
edricteo outlook sg
BEdita CMS - XSS & CSRF Vulnerability in Version 3.5.0 2015-02-28
edricteo outlook sg
SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home 2015-02-27
SEC Consult Vulnerability Lab (research sec-consult com)
Wordpress Media Cleaner Plugin - XSS Vulnerability 2015-02-27
iletisim ismailsaygili com tr
[SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags 2015-02-27
Jeremy Boynes (jboynes apache org)
Malware
Phishing
Satya Vathi | 2nd March 2015 |
Satya Vathi | 2nd March 2015 |
PayPal | 2nd March 2015 |
PayPal | 2nd March 2015 |
EARTH LINK RDP | 1st March 2015 |
Santander UK | 1st March 2015 |
Halifax | 1st March 2015 |
Payments | 1st March 2015 |
Marilynn Johengen | 1st March 2015 |
service@paypal.co.uk | 28th February 2015 |
Service PayPal | 27th February 2015 |
Alert | 27th February 2015 |
Apple Team | 27th February 2015 |
Vulnerebility
Drupal Global Redirect Module Open Redirection Vulnerability
2015-02-28
http://www.securityfocus.com/bid/54002
Bitweaver 'rankings.php' Local File Include Vulnerability
2015-02-28
http://www.securityfocus.com/bid/52176
IBM DB2 Administration Server (DAS) 'validateUser()' Stack Buffer Overflow Vulnerability
2015-02-28
http://www.securityfocus.com/bid/46077
IBM WebSphere Application Server for z/OS Multiple Unspecified Cross Site Scripting Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43874
ENOVIA Unspecified Security Vulnerability
2015-02-28
http://www.securityfocus.com/bid/44509
SilverStripe Unspecified Cross Site Request Forgery Vulnerability
2015-02-28
http://www.securityfocus.com/bid/44768
IBM Systems Director Agent 'reset_diragent_keys' Insecure File Permissions Vulnerability
2015-02-28
http://www.securityfocus.com/bid/44839
SilverStripe Multiple Remote Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/45367
TYPO3 Core TYPO3-SA-2010-022 Multiple Remote Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/45470
webConductor 'default.asp' SQL Injection Vulnerability
2015-02-28
http://www.securityfocus.com/bid/41042
IBM Tivoli Directory Server 'DIGEST-MD5' Denial of Service Vulnerability
2015-02-28
http://www.securityfocus.com/bid/42093
IBM WebSphere Service Registry and Repository Multiple Cross Site Scripting Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/42281
IBM Tivoli Storage Manager FastBack Remote Code Execution and Denial of Service Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/42549
IBM Records Manager Multiple Unspecified Remote Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43136
IBM AIX Local Privilege Escalation and Security Bypass Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43207
IBM DB2 prior to 9.7 Fix Pack 3 Multiple Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43291
Blue Coat ProxySG Unspecified Cross Site Scripting Vulnerability
2015-02-28
http://www.securityfocus.com/bid/43675
IBM Tivoli Access Manager for e-business Multiple Cross Site Scripting Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/44382
IBM Tivoli Directory Server Multiple Denial of Service Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/44604
Apple Safari 'setInterval()' Address Bar Spoofing Vulnerability
2015-02-28
http://www.securityfocus.com/bid/52323
eGroupware Multiple Input Validation Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/52770
IBM WebSphere ILOG JRules Cross Site Scripting Vulnerability
2015-02-28
http://www.securityfocus.com/bid/41030
IBM Rational ClearQuest Unspecified Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/41205
IBM FileNet Application Engine Multiple Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/43271
MyBB Multiple Security Vulnerabilities
2015-02-28
http://www.securityfocus.com/bid/50816
XChat Remote Denial of Service Vulnerability
2015-02-28
http://www.securityfocus.com/bid/50820
AnGuanJia Remote Unauthorized Access Vulnerability
2015-02-28
http://www.securityfocus.com/bid/51695
Apple Mac OS X Apple Type Services '.dfont' Font File Memory Corruption Vulnerability
2015-02-28
http://www.securityfocus.com/bid/51832
WordPress s2Member Pro Plugin 'Coupon Code' Field HTML Injection Vulnerability
2015-02-28
http://www.securityfocus.com/bid/51997
Dotclear 'swfupload.swf' Remote Arbitrary File Upload Vulnerability
2015-02-28
http://www.securityfocus.com/bid/52173
Exploit
Seagate Business NAS <= 2014.00319 - Pre-Authentication Remote Code Execution (0day)
27.2.2015
Bugtraq
[SECURITY] [DSA 3176-1] request-tracker4 security update 2015-02-26
Salvatore Bonaccorso (carnil debian org)
Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities 2015-02-26
Vulnerability Lab (research vulnerability-lab com)
Data Source: Scopus CMS - SQL Injection Web Vulnerability 2015-02-26
Vulnerability Lab (research vulnerability-lab com)
DSS TFTP 1.0 Server - Path Traversal Vulnerability 2015-02-26
Vulnerability Lab (research vulnerability-lab com)
D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities 2015-02-26
Peter Adkins (peter adkins kernelpicnic net)
[slackware-security] mozilla-firefox (SSA:2015-056-01) 2015-02-26
Slackware Security Team (security slackware com)
[slackware-security] mozilla-thunderbird (SSA:2015-056-02) 2015-02-26
Slackware Security Team (security slackware com)
[security bulletin] HPSBUX03273 SSRT101951 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2015-02-26
security-alert hp com
[security bulletin] HPSBUX03244 SSRT101885 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites 2015-02-26
security-alert hp com
[SECURITY] [DSA 3175-1] kfreebsd-9 security update 2015-02-25
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBUX03162 SSRT101885 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites 2015-02-25
security-alert hp com
[SECURITY] [DSA 3174-1] iceweasel security update 2015-02-25
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3173-1] libgtk2-perl security update 2015-02-25
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3172-1] cups security update 2015-02-25
Sebastien Delafond (seb debian org)
Malware
Phishing
Musⅽⅼe.Gaⅰns | 26th February 2015 |
Boost Perforâ…¿anâ…½e anâ…¾ | |
Paypal Support | 26th February 2015 |
PayPal | 26th February 2015 |
Important: We noticed unusual | |
Internal Revenue Service | 26th February 2015 |
Csloxinfo Internet Service ser | 26th February 2015 |
Apple Team | 25th February 2015 |
Diego Glenn | 25th February 2015 |
Barclays Online | 25th February 2015 |
Bank of America | 25th February 2015 |
Vulnerebility
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72173
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72140
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-02-27
http://www.securityfocus.com/bid/71937
OpenSSL 'ssl23_get_client_hello()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-02-27
http://www.securityfocus.com/bid/71934
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0400 Remote Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72159
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2015-0403 Local Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72148
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72132
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-02-27
http://www.securityfocus.com/bid/71939
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72175
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-02-27
http://www.securityfocus.com/bid/71936
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-02-27
http://www.securityfocus.com/bid/71942
Oracle Java SE CVE-2015-0406 Remote Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72154
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-02-27
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72136
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-02-27
http://www.securityfocus.com/bid/71935
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72142
Oracle Java SE CVE-2014-6587 Local Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72168
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72162
Mozilla Firefox/Thunderbird CVE-2015-0831 Use After Free Denial of Service Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72746
Mozilla Firefox/Thunderbird CVE-2015-0822 Arbitrary File Read Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72756
Mozilla Firefox/Thunderbird CVE-2015-0836 Unspecified Memory Corruption Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72742
Mozilla Firefox/Thunderbird CVE-2015-0835 Unspecified Memory Corruption Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72748
Mozilla Firefox Firefox ESR and Thunderbird DLL Loading Arbitrary Code Execution Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72747
Mozilla Firefox CVE-2015-0827 Heap Buffer Overflow Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72755
ISC BIND CVE-2015-1349 Remote Denial of Service Vulnerability
2015-02-27
http://www.securityfocus.com/bid/72673
Google Android 'GraphicBuffer::unflatten()' Function Multiple Integer Overflow Vulnerabilities
2015-02-27
http://www.securityfocus.com/bid/72788
Oracle Java SE CVE-2013-0440 Remote Java Runtime Environment Vulnerability
2015-02-27
http://www.securityfocus.com/bid/57712
Exploit
26.2.2015
Bugtraq
[SECURITY] [DSA 3169-1] eglibc security update 2015-02-23
Aurelien Jarno (aurel32 debian org)
[SECURITY] [DSA 3168-1] ruby-redcloth security update 2015-02-22
Sebastien Delafond (seb debian org)
CVE-2014-8487: Kony EMM insecurity Direct Object Reference 2015-02-22
michael hendrickx helpag com
[SECURITY] [DSA 3167-1] sudo security update 2015-02-22
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3166-1] e2fsprogs security update 2015-02-22
Michael Gilbert (mgilbert debian org)
[SECURITY] [DSA 3165-1] xdg-utils security update 2015-02-22
Michael Gilbert (mgilbert debian org)
[SECURITY] [DSA 3171-1] samba security update 2015-02-23
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Csloxinfo Internet Service ser | 26th February 2015 |
Apple Team | 25th February 2015 |
Diego Glenn | 25th February 2015 |
Barclays Online | 25th February 2015 |
Bank of America | 25th February 2015 |
Apple Team | 24th February 2015 |
PayPal | 24th February 2015 |
Your PayPal Account Will Be | |
Vulnerebility
Mozilla Firefox CVE-2015-0827 Heap Buffer Overflow Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72755
WordPress Photo Gallery Plugin 'wp-admin/admin-ajax.php' SQL Injection Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72015
Microsoft Internet Explorer CVE-2014-6369 Remote Memory Corruption Vulnerability
2015-02-26
http://www.securityfocus.com/bid/71452
Samba 'TALLOC_FREE()' Function Remote Code Execution Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72711
Mozilla Firefox/Thunderbird CVE-2015-0831 Use After Free Denial of Service Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72746
Mozilla Firefox/Thunderbird CVE-2015-0822 Arbitrary File Read Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72756
Mozilla Firefox/Thunderbird CVE-2015-0836 Unspecified Memory Corruption Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72742
RETIRED: RPCBind CVE-2012-3541 Remote Information Disclosure Vulnerability
2015-02-26
http://www.securityfocus.com/bid/68750
grep 'kwset.c' Remote Buffer Overflow Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72281
IOServer CVE-2014-5425 Out-of-Bounds Read Denial of Service Vulnerability
2015-02-26
http://www.securityfocus.com/bid/70639
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72325
Wireshark '.pcap' File Memory Corruption Vulnerability
2015-02-26
http://www.securityfocus.com/bid/46167
PHPKIT WCMS 'include.php' Cross Site Scripting Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72001
Croogo CMS Cross Site Scripting Vulnerability
2015-02-26
http://www.securityfocus.com/bid/71999
Sefrengo CMS 'main.php' Cross Site Scripting and Multiple SQL Injection Vulnerabilities
2015-02-26
http://www.securityfocus.com/bid/71885
Cisco AsyncOS Software CVE-2015-0624 Open Redirection Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72702
Drupal Context Module Open Redirection Vulnerability
2015-02-26
http://www.securityfocus.com/bid/71925
Kajona 'admin.php' Cross Site Scripting Vulnerability
2015-02-26
http://www.securityfocus.com/bid/71886
CreA8social 'Add Game' field HTML Injection Vulnerability
2015-02-26
http://www.securityfocus.com/bid/71966
e2fsprogs 'lib/ext2fs/openfs.c' Local Heap Based Buffer Overflow Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72520
e2fsprogs CVE-2015-1572 Incomplete Fix Local Heap Based Buffer Overflow Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72709
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-02-26
http://www.securityfocus.com/bid/71761
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-02-26
http://www.securityfocus.com/bid/71757
NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72584
NTP 'ntp_crypto.c' Information Disclosure Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72583
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-02-26
http://www.securityfocus.com/bid/71762
Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2015-02-26
http://www.securityfocus.com/bid/71758
Cisco Desktop Collaboration Experience DX650 CVE-2015-0584 Command Injection Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72696
Oracle Database Server CVE-2015-0373 Remote Security Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72145
Microsoft Internet Explorer CVE-2015-0035 Remote Memory Corruption Vulnerability
2015-02-26
http://www.securityfocus.com/bid/72447
Exploit
25.2.2015
Bugtraq
[SECURITY] [DSA 3169-1] eglibc security update 2015-02-23
Aurelien Jarno (aurel32 debian org)
[SECURITY] [DSA 3168-1] ruby-redcloth security update 2015-02-22
Sebastien Delafond (seb debian org)
CVE-2014-8487: Kony EMM insecurity Direct Object Reference 2015-02-22
michael hendrickx helpag com
[SECURITY] [DSA 3167-1] sudo security update 2015-02-22
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3166-1] e2fsprogs security update 2015-02-22
Michael Gilbert (mgilbert debian org)
[SECURITY] [DSA 3165-1] xdg-utils security update 2015-02-22
Michael Gilbert (mgilbert debian org)
Malware
Phishing
Apple Team | 24th February 2015 |
PayPal | 24th February 2015 |
Your PayPal Account Will Be | |
AppeID Support | 23rd February 2015 |
Daniel Paez | 23rd February 2015 |
Vulnerebility
Wireshark '.pcap' File Memory Corruption Vulnerability
2015-02-25
http://www.securityfocus.com/bid/46167
Samba 'TALLOC_FREE()' Function Remote Code Execution Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72711
PHPKIT WCMS 'include.php' Cross Site Scripting Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72001
Croogo CMS Cross Site Scripting Vulnerability
2015-02-25
http://www.securityfocus.com/bid/71999
Sefrengo CMS 'main.php' Cross Site Scripting and Multiple SQL Injection Vulnerabilities
2015-02-25
http://www.securityfocus.com/bid/71885
Cisco AsyncOS Software CVE-2015-0624 Open Redirection Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72702
Drupal Context Module Open Redirection Vulnerability
2015-02-25
http://www.securityfocus.com/bid/71925
Kajona 'admin.php' Cross Site Scripting Vulnerability
2015-02-25
http://www.securityfocus.com/bid/71886
CreA8social 'Add Game' field HTML Injection Vulnerability
2015-02-25
http://www.securityfocus.com/bid/71966
e2fsprogs 'lib/ext2fs/openfs.c' Local Heap Based Buffer Overflow Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72520
e2fsprogs CVE-2015-1572 Incomplete Fix Local Heap Based Buffer Overflow Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72709
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-02-25
http://www.securityfocus.com/bid/71761
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-02-25
http://www.securityfocus.com/bid/71757
NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72584
NTP 'ntp_crypto.c' Information Disclosure Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72583
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-02-25
http://www.securityfocus.com/bid/71762
Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2015-02-25
http://www.securityfocus.com/bid/71758
Cisco Desktop Collaboration Experience DX650 CVE-2015-0584 Command Injection Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72696
Oracle Database Server CVE-2015-0373 Remote Security Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72145
Microsoft Internet Explorer CVE-2015-0035 Remote Memory Corruption Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72447
glibc CVE-2015-1473 Unspecified Security Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72499
GNU glibc 'getaddrinfo.c' Remote Code Execution Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72710
GNU glibc 'getanswer_r()' Function Infinite Loop Denial of Service Vulnerability
2015-02-25
http://www.securityfocus.com/bid/71670
GNU glibc 'swscanf' Local Heap Buffer Overflow Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72428
GNU glibc 'xc_cpupool_getinfo()' Function Use After Free Memory Corruption Vulnerability
2015-02-25
http://www.securityfocus.com/bid/68006
GNU glibc Formatted Printing Functionality Multiple Security Vulnerabilities
2015-02-25
http://www.securityfocus.com/bid/54374
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-02-25
http://www.securityfocus.com/bid/70574
Todd Miller Sudo CVE-2014-9680 Local Security Bypass Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72649
xdg-utils 'xdg-open' CVE-2015-1877 Remote Command Injection Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72675
Cisco Hosted Collaboration Solution CVE-2015-0626 Information Disclosure Vulnerability
2015-02-25
http://www.securityfocus.com/bid/72666
Exploit
HP Client Automation Command Injection
24.2.2015
Bugtraq
[SECURITY] [DSA 3169-1] eglibc security update 2015-02-23
Aurelien Jarno (aurel32 debian org)
[SECURITY] [DSA 3168-1] ruby-redcloth security update 2015-02-22
Sebastien Delafond (seb debian org)
CVE-2014-8487: Kony EMM insecurity Direct Object Reference 2015-02-22
michael hendrickx helpag com
[SECURITY] [DSA 3167-1] sudo security update 2015-02-22
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3166-1] e2fsprogs security update 2015-02-22
Michael Gilbert (mgilbert debian org)
[SECURITY] [DSA 3165-1] xdg-utils security update 2015-02-22
Michael Gilbert (mgilbert debian org)
[SECURITY] [DSA 3171-1] samba security update 2015-02-23
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3164-1] typo3-src security update 2015-02-21
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
PayPal | 24th February 2015 |
Your PayPal Account Will Be | |
AppeID Support | 23rd February 2015 |
Daniel Paez | 23rd February 2015 |
Vulnerebility
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-02-24
http://www.securityfocus.com/bid/71761
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-02-24
http://www.securityfocus.com/bid/71757
NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72584
NTP 'ntp_crypto.c' Information Disclosure Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72583
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-02-24
http://www.securityfocus.com/bid/71762
Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2015-02-24
http://www.securityfocus.com/bid/71758
Cisco Desktop Collaboration Experience DX650 CVE-2015-0584 Command Injection Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72696
Oracle Database Server CVE-2015-0373 Remote Security Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72145
Microsoft Internet Explorer CVE-2015-0035 Remote Memory Corruption Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72447
Samba 'TALLOC_FREE()' Funtion Remote Code Execution Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72711
glibc CVE-2015-1473 Unspecified Security Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72499
GNU glibc 'getaddrinfo.c' Remote Code Execution Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72710
GNU glibc 'getanswer_r()' Function Infinite Loop Denial of Service Vulnerability
2015-02-24
http://www.securityfocus.com/bid/71670
GNU glibc 'swscanf' Local Heap Buffer Overflow Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72428
GNU glibc 'xc_cpupool_getinfo()' Function Use After Free Memory Corruption Vulnerability
2015-02-24
http://www.securityfocus.com/bid/68006
GNU glibc Formatted Printing Functionality Multiple Security Vulnerabilities
2015-02-24
http://www.securityfocus.com/bid/54374
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-02-24
http://www.securityfocus.com/bid/70574
Todd Miller Sudo CVE-2014-9680 Local Security Bypass Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72649
e2fsprogs 'lib/ext2fs/openfs.c' Local Heap Based Buffer Overflow Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72520
xdg-utils 'xdg-open' CVE-2015-1877 Remote Command Injection Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72675
Cisco Hosted Collaboration Solution CVE-2015-0626 Information Disclosure Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72666
Persistent Systems Radia Client Automation CVE-2015-1498 Remote Privilege Escalation Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72613
Multiple Schneider Electric Products CVE-2014-9200 Stack Based Buffer Overflow Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72335
Cisco Web Security Appliance CVE-2015-0623 Cross Site Scripting Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72663
Cisco Unified Communications Manager CVE-2014-8008 File Disclosure Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72263
Adobe Flash Player Multiple Unspecified Security Vulnerabilities
2015-02-24
http://www.securityfocus.com/bid/72514
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72325
Mozilla Network Security Services CVE-2014-1569 Security Bypass Vulnerability
2015-02-24
http://www.securityfocus.com/bid/71675
Microsoft Internet Explorer CVE-2015-0046 Remote Memory Corruption Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72416
Microsoft Internet Explorer CVE-2015-0043 Remote Memory Corruption Vulnerability
2015-02-24
http://www.securityfocus.com/bid/72413
Exploit
WeBid 1.1.1 Unrestricted File Upload Exploit
Clipbucket 2.7 RC3 0.9 - Blind SQL Injection
Zabbix 2.0.5 - Cleartext ldap_bind_password Password Disclosure (MSF)
Zeuscart v.4 - Multiple Vulnerabilities
phpBugTracker 1.6.0 - Multiple Vulnerabilities
WordPress Easy Social Icons Plugin 1.2.2 - CSRF Vulnerability
PHP DateTime Use After Free Vulnerability
23.2.2015
Bugtraq
iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-02-19
Stefan Kanthak (stefan kanthak nexgo de)
Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames) 2015-02-19
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3163-1] libreoffice security update 2015-02-19
Alessandro Ghedini (ghedo debian org)
Malware
Phishing
Virgin Media | 22nd February 2015 |
Vulnerebility
Cisco Hosted Collaboration Solution CVE-2015-0626 Information Disclosure Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72666
Persistent Systems Radia Client Automation CVE-2015-1498 Remote Privilege Escalation Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72613
Multiple Schneider Electric Products CVE-2014-9200 Stack Based Buffer Overflow Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72335
Cisco Web Security Appliance CVE-2015-0623 Cross Site Scripting Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72663
Cisco Unified Communications Manager CVE-2014-8008 File Disclosure Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72263
Adobe Flash Player Multiple Unspecified Security Vulnerabilities
2015-02-23
http://www.securityfocus.com/bid/72514
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72325
Mozilla Network Security Services CVE-2014-1569 Security Bypass Vulnerability
2015-02-23
http://www.securityfocus.com/bid/71675
Microsoft Internet Explorer CVE-2015-0046 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72416
Microsoft Internet Explorer CVE-2015-0043 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72413
Microsoft Internet Explorer CVE-2015-0042 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72412
Microsoft Internet Explorer CVE-2015-0045 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72415
Microsoft Internet Explorer CVE-2015-0044 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72414
Microsoft Internet Explorer CVE-2015-0041 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72411
Microsoft Internet Explorer CVE-2015-0040 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72410
Microsoft Internet Explorer CVE-2015-0038 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72404
Microsoft Internet Explorer CVE-2015-0037 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72448
Microsoft Internet Explorer CVE-2015-0036 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72446
Multiple VMware Products CVE-2015-1044 Denial Of Service Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72336
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0058 Local Privilege Escalation Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72468
Microsoft Internet Explorer CVE-2015-0053 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72421
Cisco Wireless LAN Controller CVE-2015-0622 Denial of Service Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72665
Microsoft Internet Explorer CVE-2015-0031 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72445
Microsoft Internet Explorer CVE-2015-0027 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72441
Microsoft Internet Explorer CVE-2015-0025 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72439
Microsoft Internet Explorer CVE-2015-0017 Remote Memory Corruption Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72402
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0003 Local Privilege Escalation Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72457
Adobe Flash Player CVE-2015-0311 Unspecified Security Vulnerability
2015-02-23
http://www.securityfocus.com/bid/72283
Microsoft Virtual PC Hypervisor Virtual Machine Monitor Security Bypass Vulnerability
2015-02-23
http://www.securityfocus.com/bid/38764
xdg-utils 'xdg-open' Remote Command Injection Vulnerability
2015-02-23
http://www.securityfocus.com/bid/71284
Exploit
22.2.2015
Bugtraq
iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-02-19
Stefan Kanthak (stefan kanthak nexgo de)
Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames) 2015-02-19
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3163-1] libreoffice security update 2015-02-19
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3162-1] bind9 security update 2015-02-18
Florian Weimer (fw deneb enyo de)
PHP Code Execution in jui_filter_rules Parsing Library 2015-02-18
Timo Schmid (tschmid ernw de)
Malware
Phishing
RXX_VIAGRA | 22nd February 2015 |
PayPal | 22nd February 2015 |
[ PayPal ] : View your recent | |
PayPal Inc Service | 21st February 2015 |
Pvsatyanarayana Raju | 21st February 2015 |
First Online | 21st February 2015 |
service@paypal | 20th February 2015 |
PayPaI Service | 20th February 2015 |
PayPal | 20th February 2015 |
PayPal | 20th February 2015 |
[ PayPal ] : 36View your | |
Apple | 20th February 2015 |
[SUSPICIOUS MESSAGE] Please | |
PayPal | 20th February 2015 |
Vulnerebility
Cisco Hosted Collaboration Solution CVE-2015-0626 Information Disclosure Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72666
Persistent Systems Radia Client Automation CVE-2015-1498 Remote Privilege Escalation Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72613
Multiple Schneider Electric Products CVE-2014-9200 Stack Based Buffer Overflow Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72335
Cisco Web Security Appliance CVE-2015-0623 Cross Site Scripting Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72663
Cisco Unified Communications Manager CVE-2014-8008 File Disclosure Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72263
Adobe Flash Player Multiple Unspecified Security Vulnerabilities
2015-02-22
http://www.securityfocus.com/bid/72514
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72325
Mozilla Network Security Services CVE-2014-1569 Security Bypass Vulnerability
2015-02-22
http://www.securityfocus.com/bid/71675
Microsoft Internet Explorer CVE-2015-0046 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72416
Microsoft Internet Explorer CVE-2015-0043 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72413
Microsoft Internet Explorer CVE-2015-0042 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72412
Microsoft Internet Explorer CVE-2015-0045 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72415
Microsoft Internet Explorer CVE-2015-0044 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72414
Microsoft Internet Explorer CVE-2015-0041 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72411
Microsoft Internet Explorer CVE-2015-0040 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72410
Microsoft Internet Explorer CVE-2015-0038 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72404
Microsoft Internet Explorer CVE-2015-0037 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72448
Microsoft Internet Explorer CVE-2015-0036 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72446
Multiple VMware Products CVE-2015-1044 Denial Of Service Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72336
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0058 Local Privilege Escalation Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72468
Microsoft Internet Explorer CVE-2015-0053 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72421
Cisco Wireless LAN Controller CVE-2015-0622 Denial of Service Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72665
Microsoft Internet Explorer CVE-2015-0031 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72445
Microsoft Internet Explorer CVE-2015-0027 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72441
Microsoft Internet Explorer CVE-2015-0025 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72439
Microsoft Internet Explorer CVE-2015-0017 Remote Memory Corruption Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72402
Microsoft Windows Kernel 'Win32k.sys' CVE-2015-0003 Local Privilege Escalation Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72457
Adobe Flash Player CVE-2015-0311 Unspecified Security Vulnerability
2015-02-22
http://www.securityfocus.com/bid/72283
Microsoft Virtual PC Hypervisor Virtual Machine Monitor Security Bypass Vulnerability
2015-02-22
http://www.securityfocus.com/bid/38764
xdg-utils 'xdg-open' Remote Command Injection Vulnerability
2015-02-22
http://www.securityfocus.com/bid/71284
Exploit
19.2.2015
Bugtraq
PHP Code Execution in jui_filter_rules Parsing Library 2015-02-18
Timo Schmid (tschmid ernw de)
[CVE-2015-1517] Piwigo - SQL Injection in Version 2.7.3 2015-02-18
sven bsddaemon org
[RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite 2015-02-18
RedTeam Pentesting GmbH (release redteam-pentesting de)
Crushftp 7.2.0 - Multiple CSRF & XSS Vulnerabilitiesþ 2015-02-17
Rehan Ahmed (knight_rehan hotmail com)
Malware
Phishing
Vulnerebility
GNU patch Directory Traversal Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72074
Fortinet FortiAuthenticator Appliance Multiple Security Vulnerabilities
2015-02-19
http://www.securityfocus.com/bid/72378
ClamAV 'libclamav/petite.c' Denial of Service Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72641
ClamAV CVE-2014-9328 Multiple Heap Buffer Overflow Vulnerabilities
2015-02-19
http://www.securityfocus.com/bid/72372
OpenSSL CVE-2014-3470 Denial of Service Vulnerability
2015-02-19
http://www.securityfocus.com/bid/67898
OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
2015-02-19
http://www.securityfocus.com/bid/66801
OpenSSL 'so_ssl3_write()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-02-19
http://www.securityfocus.com/bid/67193
OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2015-02-19
http://www.securityfocus.com/bid/67899
PHP CVE-2015-0231 Incomplete Fix Use After Free Remote Code Execution Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72539
PHP 'exif_process_unicode()' Function Remote Code Execution Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72541
PHP 'cgi_main.c' Out of Bounds Read Denial of Service Vulnerability
2015-02-19
http://www.securityfocus.com/bid/71833
PHP libmagick 'src/softmagic.c' Out-of-Bounds Read Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72505
PHP 'process_nested_data()' Function Use After Free Remote Code Execution Vulnerability
2015-02-19
http://www.securityfocus.com/bid/71791
PHP '/ext/opcache/zend_shared_alloc.c' Use After Free Denial of Service Vulnerability
2015-02-19
http://www.securityfocus.com/bid/71929
Cisco Adaptive Security Appliance (ASA) Software CVE-2014-8023 Remote Security Bypass Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72618
Siemens SIMATIC STEP 7 CVE-2015-1356 Security Bypass Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72627
Siemens SIMATIC STEP 7 TIA Portal CVE-2015-1355 Information Disclosure Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72624
PHP '/ext/pgsql/pgsql.c' Null Pointer Deference Denial of Service Vulnerability
2015-02-19
http://www.securityfocus.com/bid/71932
Siemens SIMATIC WinCC TIA Portal Man in the Middle Information Disclosure Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72625
Siemens SIMATIC WinCC and PCS7 CVE-2014-4686 Privilege Escalation Vulnerability
2015-02-19
http://www.securityfocus.com/bid/68875
X.Org X Server 'xkb/xkb.c' Information Disclosure Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72578
X.Org X Server CVE-2013-6424 Local Denial of Service Vulnerability
2015-02-19
http://www.securityfocus.com/bid/64127
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-02-19
http://www.securityfocus.com/bid/71762
NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72584
NTP 'ntp_crypto.c' Information Disclosure Vulnerability
2015-02-19
http://www.securityfocus.com/bid/72583
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-02-19
http://www.securityfocus.com/bid/71757
Moodle CVE-2015-0212 Cross Site Scripting Vulnerability
2015-02-18
http://www.securityfocus.com/bid/72662
InstantASP InstantForum.NET CVE-2014-9468 Multiple Cross Site Scripting Vulnerabilities
2015-02-18
http://www.securityfocus.com/bid/72660
ClamAV CVE-2015-1461 Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-02-18
http://www.securityfocus.com/bid/72654
FLAC libFLAC 'encoder.c' Unspecified Security Vulnerability
2015-02-18
http://www.securityfocus.com/bid/72650
Exploit
18.2.2015
Bugtraq
NetGear WNDR Authentication Bypass / Information Disclosure 2015-02-17
Peter Adkins (peter adkins kernelpicnic net)
Ebay Inc Magento Bug Bounty #5 - Persistent Validation & Mail Encoding Web Vulnerability 2015-02-17
Vulnerability Lab (research vulnerability-lab com)
CVE-2015-1614 csrf/xss in in wordpress Plugin Image Metadata cruncher 2015-02-17
kingkaustubh me com
[slackware-security] sudo (SSA:2015-047-03) 2015-02-16
Slackware Security Team (security slackware com)
[slackware-security] patch (SSA:2015-047-01) 2015-02-16
Slackware Security Team (security slackware com)
[slackware-security] seamonkey (SSA:2015-047-02) 2015-02-16
Slackware Security Team (security slackware com)
Reflected File Download in AOL Search Website 2015-02-16
Ricardo Iramar dos Santos (riramar gmail com) (1 replies)
Malware
Phishing
Customer Service.Amazon | 16th February 2015 |
Verification-Amazon:Ticket | |
Barclays Online | 16th February 2015 |
Chase Bank | 16th February 2015 |
PayPal | 16th February 2015 |
PayPal | 16th February 2015 |
Vulnerebility
X.Org X Server 'xkb/xkb.c' Information Disclosure Vulnerability
2015-02-18
http://www.securityfocus.com/bid/72578
X.Org X Server CVE-2013-6424 Local Denial of Service Vulnerability
2015-02-18
http://www.securityfocus.com/bid/64127
Siemens SIMATIC WinCC and PCS7 CVE-2014-4686 Privilege Escalation Vulnerability
2015-02-18
http://www.securityfocus.com/bid/68875
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-02-18
http://www.securityfocus.com/bid/71762
NTP 'ntp_io.c' Authentication Security Bypass Vulnerability
2015-02-18
http://www.securityfocus.com/bid/72584
NTP 'ntp_crypto.c' Information Disclosure Vulnerability
2015-02-18
http://www.securityfocus.com/bid/72583
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-02-18
http://www.securityfocus.com/bid/71757
Cpio Symlink Directory Traversal Vulnerability
2015-02-17
http://www.securityfocus.com/bid/71914
Linux Kernel cpio 'list_file()' Function Heap Based Buffer Overflow Vulnerability
2015-02-17
http://www.securityfocus.com/bid/71248
Oracle Java SE CVE-2014-0449 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66907
Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66893
Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66902
Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/68583
Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66910
Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66881
Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66866
Oracle Java SE CVE-2014-6531 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70572
Oracle Java SE CVE-2014-6519 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70570
Oracle Java SE CVE-2014-6513 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70569
Oracle Java SE CVE-2014-6512 IP Address Spoofing Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70567
Oracle Java SE CVE-2014-6515 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70565
Oracle Java SE CVE-2014-6504 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70564
Oracle Java SE CVE-2014-6527 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70560
Oracle Java SE CVE-2014-6506 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70556
Oracle Java SE CVE-2014-6511 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70548
Oracle Java SE CVE-2014-6517 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70552
Oracle Java SE CVE-2014-6558 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70544
Oracle Java SE CVE-2014-6502 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70533
Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70538
Oracle Java SE CVE-2014-6476 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70531
Exploit
X360 VideoPlayer ActiveX Control Buffer Overflow
Java JMX Server Insecure Configuration Java Code Execution
Guppy CMS 5.0.9 & 5.00.10 Authentication Bypass/Change Email
GuppY CMS 5.0.9 & 5.00.10 Multiple CSRF Vulnerabilities
17.2.2015
Bugtraq
Reflected File Download in AOL Search Website 2015-02-16
Ricardo Iramar dos Santos (riramar gmail com) (1 replies)
Re: Reflected File Download in AOL Search Website 2015-02-16
Mike Antcliffe (mikeantcliffe logicallysecure com)
Multiple Cross site scripting in wordpress Plugin Image Metadata cruncher 2015-02-15
kingkaustubh me com
Cosmoshop - XSS on Admin-Login Mask 2015-02-14
innate gmx de
[CVE-2015-1585] Fat Free CRM - CSRF Vulnerability in Version 0.13.5 2015-02-14
sven bsddaemon org
CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four 2015-02-14
Hector Marco (hecmargi upv es)
CVE-2015-1600 - Netatmo Weather Station Cleartext Password Leak 2015-02-13
jullrich sans edu
UNIT4 Prosoft HRMS XSS Vulnerability 2015-02-13
jerold v00d00sec com
[security bulletin] HPSBGN03258 rev.1 - HP Insight Control server deployment Windows Pre-boot Execution Environment, Microsoft Schannel (Winshock) Remote Code Execution 2015-02-13
security-alert hp com
Malware
Phishing
Customer Service.Amazon | 16th February 2015 |
Verification-Amazon:Ticket | |
Barclays Online | 16th February 2015 |
Chase Bank | 16th February 2015 |
PayPal | 16th February 2015 |
PayPal | 16th February 2015 |
Tesco Bank | 15th February 2015 |
Vulnerebility
Oracle Java SE CVE-2014-2397 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66893
Oracle Java SE CVE-2014-0461 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66902
Oracle Java SE CVE-2014-4218 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/68583
Oracle Java SE CVE-2014-0459 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66910
Oracle Java SE CVE-2014-2421 Buffer Overflow Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66881
Oracle Java SE CVE-2014-0457 Remote Code Execution Vulnerability
2015-02-17
http://www.securityfocus.com/bid/66866
Oracle Java SE CVE-2014-6531 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70572
Oracle Java SE CVE-2014-6519 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70570
Oracle Java SE CVE-2014-6513 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70569
Oracle Java SE CVE-2014-6512 IP Address Spoofing Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70567
Oracle Java SE CVE-2014-6515 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70565
Oracle Java SE CVE-2014-6504 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70564
Oracle Java SE CVE-2014-6527 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70560
Oracle Java SE CVE-2014-6506 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70556
Oracle Java SE CVE-2014-6511 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70548
Oracle Java SE CVE-2014-6517 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70552
Oracle Java SE CVE-2014-6558 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70544
Oracle Java SE CVE-2014-6502 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70533
Oracle Java SE CVE-2014-6457 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70538
Oracle Java SE CVE-2014-6476 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70531
Oracle Java SE CVE-2014-6562 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70523
Oracle Java SE CVE-2014-6456 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70522
Oracle Java SE CVE-2014-6485 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70519
Oracle Java SE CVE-2014-6532 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70507
Oracle Java SE CVE-2014-6503 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70518
Oracle Java SE CVE-2014-6468 Local Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70488
Oracle Java SE CVE-2014-6466 Local Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70484
Oracle Java SE CVE-2014-4288 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70470
Oracle Java SE CVE-2014-6493 Remote Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70468
Oracle Java SE CVE-2014-6458 Local Security Vulnerability
2015-02-17
http://www.securityfocus.com/bid/70460
Exploit
eTouch SamePage 4.4.0.0.239 - Multiple Vulnerabilities
16.2.2015
Bugtraq
UNIT4 Prosoft HRMS XSS Vulnerability 2015-02-13
jerold v00d00sec com
[security bulletin] HPSBGN03258 rev.1 - HP Insight Control server deployment Windows Pre-boot Execution Environment, Microsoft Schannel (Winshock) Remote Code Execution 2015-02-13
security-alert hp com
CVE-2015-1574 - Google Email App 4.2.2 remote denial of service 2015-02-13
Hector Marco (hecmargi upv es)
Malware
Phishing
Chase Bank | 16th February 2015 |
PayPal | 16th February 2015 |
PayPal | 16th February 2015 |
Tesco Bank | 15th February 2015 |
American Express | 15th February 2015 |
Vulnerebility
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72325
ClamAV CVE-2014-9328 Multiple Heap Buffer Overflow Vulnerabilities
2015-02-16
http://www.securityfocus.com/bid/72372
ClamAV CVE-2013-6497 Local Denial of Service Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71178
Cisco Adaptive Security Appliance (ASA) Software CVE-2015-0619 Denial of Service Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72579
PostgreSQL CVE-2015-0244 Security Bypass Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72543
PostgreSQL CVE-2014-8161 Information Disclosure Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72538
PostgreSQL 'to_char()' Function Buffer Overflow Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72540
PostgreSQL 'pgcrypto' Module Stack-Based Buffer Overflow Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72542
e2fsprogs 'lib/ext2fs/openfs.c' Local Heap Based Buffer Overflow Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72520
elfutils '/libelf/elf_begin.c' Directory Traversal Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71804
Linux Kernel 'splice()' System Call Local Denial of Service Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72347
Linux Kernel CVE-2014-9322 Local Privilege Escalation Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71685
Cisco IOS Software CVE-2015-0593 Denial of Service Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72549
Cisco TelePresence IX5000 Series CVE-2015-0611 Unauthorized Access Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72568
D-Bus CVE-2015-0245 Local Denial of Service Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72545
Microsoft Windows Group Policy CVE-2015-0008 Remote Code Execution Vulnerability
2015-02-16
http://www.securityfocus.com/bid/72477
OpenVAS Manager 'timezone' Parameter SQL Injection Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71360
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71936
mime-support Package 'run-mailcap' CVE-2014-7209 Command Injection Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71797
file CVE-2014-8116 Multiple Denial of Service Vulnerabilities
2015-02-16
http://www.securityfocus.com/bid/71700
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71701
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71942
Linux Kernel cpio 'list_file()' Function Heap Based Buffer Overflow Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71248
BSD mailx CVE-2004-2771 Local Arbitrary Command Execution Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71704
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71937
tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71153
Info-ZIP UnZip CVE-2014-8139 Remote Heap Buffer Overflow Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71790
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71935
Info-ZIP UnZip CVE-2014-8140 Out of Bounds Write Heap Buffer Overflow Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71792
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-02-16
http://www.securityfocus.com/bid/71964
Exploit
13.2.2015
Bugtraq
[ MDVSA-2015:046 ] ntp 2015-02-12
security mandriva com
[ MDVSA-2015:045 ] e2fsprogs 2015-02-12
security mandriva com
[ MDVSA-2015:047 ] elfutils 2015-02-12
security mandriva com
[ MDVSA-2015:048 ] postgresql 2015-02-12
security mandriva com
[ MDVSA-2015:044 ] perl-Gtk2 2015-02-12
security mandriva com
Open-Xchange Security Advisory 2015-02-12 2015-02-12
Martin Heiland (martin heiland open-xchange com)
Shakacon 2015 Last Call for Papers (July 6-9 2015, Honolulu, Hawaii) 2015-02-12
Jonathan Brossard (endrazine gmail com)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2015-02-11
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[SECURITY] [DSA 3161-1] dbus security update 2015-02-11
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3160-1] xorg-server security update 2015-02-11
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
PayPal | 12th February 2015 |
[IMPORTANT] : YOUR ACCOUNT | |
PayPal Inc. | 12th February 2015 |
Vulnerebility
Cisco Adaptive Security Appliance (ASA) Software CVE-2015-0619 Denial of Service Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72579
PostgreSQL CVE-2015-0244 Security Bypass Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72543
PostgreSQL CVE-2014-8161 Information Disclosure Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72538
PostgreSQL 'to_char()' Function Buffer Overflow Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72540
PostgreSQL 'pgcrypto' Module Stack-Based Buffer Overflow Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72542
e2fsprogs 'lib/ext2fs/openfs.c' Local Heap Based Buffer Overflow Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72520
elfutils '/libelf/elf_begin.c' Directory Traversal Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71804
Linux Kernel 'splice()' System Call Local Denial of Service Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72347
Linux Kernel CVE-2014-9322 Local Privilege Escalation Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71685
Cisco IOS Software CVE-2015-0593 Denial of Service Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72549
Cisco TelePresence IX5000 Series CVE-2015-0611 Unauthorized Access Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72568
D-Bus CVE-2015-0245 Local Denial of Service Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72545
Microsoft Windows Group Policy CVE-2015-0008 Remote Code Execution Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72477
OpenVAS Manager 'timezone' Parameter SQL Injection Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71360
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71936
mime-support Package 'run-mailcap' CVE-2014-7209 Command Injection Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71797
file CVE-2014-8116 Multiple Denial of Service Vulnerabilities
2015-02-13
http://www.securityfocus.com/bid/71700
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71701
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71942
Linux Kernel cpio 'list_file()' Function Heap Based Buffer Overflow Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71248
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-02-13
http://www.securityfocus.com/bid/72325
BSD mailx CVE-2004-2771 Local Arbitrary Command Execution Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71704
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71937
tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71153
Info-ZIP UnZip CVE-2014-8139 Remote Heap Buffer Overflow Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71790
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71935
Info-ZIP UnZip CVE-2014-8140 Out of Bounds Write Heap Buffer Overflow Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71792
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71964
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-02-13
http://www.securityfocus.com/bid/71939
tcpdump CVE-2014-9140 Buffer Overflow Vulnerability
2015-02-13
http://www.securityfocus.com/bid/71468
Exploit
Exponent CMS 2.3.1 - Multiple XSS Vulnerabilities
Wordpress Video Gallery 2.7.0 - SQL Injection Vulnerability
12.2.2015
Bugtraq
[SECURITY] [DSA 3160-1] xorg-server security update 2015-02-11
Moritz Muehlenhoff (jmm debian org)
Elasticsearch vulnerability CVE-2015-1427 2015-02-11
Kevin Kluge (kevin kluge elasticsearch com)
Cisco Security Advisory: Cisco Secure Access Control System SQL Injection Vulnerability 2015-02-11
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Ninja Forms WordPress Plugin Multiple Cross-Site Scripting Vulnerability 2015-02-11
sn 1dn eu
[ANN] MSKB 3004375 available for Windows 2000 and later too (but NOT from Mcirosoft) 2015-02-11
Stefan Kanthak (stefan kanthak nexgo de)
T-Mobile Internet Manager - DLL Hijacking (mfc71enu.dll) 2015-02-11
Vulnerability Lab (research vulnerability-lab com)
Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability 2015-02-11
Vulnerability Lab (research vulnerability-lab com)
BlinkSale Bug Bounty #1 - Encode & Validation Vulnerability 2015-02-11
Vulnerability Lab (research vulnerability-lab com)
Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability 2015-02-11
Vulnerability Lab (research vulnerability-lab com)
Multiple Vulnerabilities in my little forum 2015-02-11
High-Tech Bridge Security Research (advisory htbridge com)
Two Reflected XSS Vulnerabilities in Easing Slider WordPress Plugin 2015-02-11
High-Tech Bridge Security Research (advisory htbridge com)
[SECURITY] [DSA 3159-1] ruby1.8 security update 2015-02-10
Alessandro Ghedini (ghedo debian org)
[ MDVSA-2015:043 ] otrs 2015-02-10
security mandriva com
[ MDVSA-2015:041 ] cabextract 2015-02-10
security mandriva com
[ MDVSA-2015:040 ] zarafa 2015-02-10
security mandriva com
[ MDVSA-2015:042 ] clamav 2015-02-10
security mandriva com
[security bulletin] HPSBMU03246 rev.1 - HP Insight Control for Linux Central Management Server Pre-boot Execution Environment running Bash Shell, Multiple Vulnerabilities 2015-02-10
security-alert hp com
[security bulletin] HPSBMU03245 rev.1 - HP Insight Control server deployment Linux Preboot Execution Environment running Bash Shell, Multiple Vulnerabilities 2015-02-10
security-alert hp com
[security bulletin] HPSBGN03255 rev.1 - HP OpenCall Media Platform (OCMP) running SSLv3, Remote Denial of Service (DoS),Disclosure of Information 2015-02-10
security-alert hp com
[ MDVSA-2015:039 ] glibc 2015-02-10
security mandriva com
[RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page 2015-02-10
RedTeam Pentesting GmbH (release redteam-pentesting de)
Mooplayer 1.3.0 'm3u' SEH Buffer Overflow POC 2015-02-10
saman j l33t gmail com
[security bulletin] HPSBGN03251 rev.1 - HP Storage Essentials running SSLv3, Remote Disclosure of Information 2015-02-09
security-alert hp com
[SECURITY] [DSA 3158-1] unrtf security update 2015-02-09
Salvatore Bonaccorso (carnil debian org)
[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling 2015-02-09
Mark Thomas (markt apache org)
Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072) 2015-02-09
bhdresh gmail com
Radexscript CMS 2.2.0 - SQL Injection vulnerability 2015-02-09
ITAS Team (itas team itas vn)
Malware
Phishing
PayPal | 12th February 2015 |
[IMPORTANT] : YOUR ACCOUNT | |
PayPal Inc. | 12th February 2015 |
PayPal Inc. | 11th February 2015 |
alerts@citibank.com | 11th February 2015 |
Apple iTunes | 11th February 2015 |
service@paypal.co.uk | 11th February 2015 |
Mr. Ban Ki-Moon | 11th February 2015 |
Whats AppNotifier | 10th February 2015 |
NATWEST BANK | 9th February 2015 |
PayPal | 9th February 2015 |
NatWest | 9th February 2015 |
*** *** Your access to | |
PaypaI Service | 9th February 2015 |
Wells Fargo Online | 9th February 2015 |
Support@PayPal.com | 8th February 2015 |
WE'RE INVESTIGATING A PAYPAI | |
Vulnerebility
OpenVAS Manager 'timezone' Parameter SQL Injection Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71360
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71936
mime-support Package 'run-mailcap' CVE-2014-7209 Command Injection Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71797
file CVE-2014-8116 Multiple Denial of Service Vulnerabilities
2015-02-12
http://www.securityfocus.com/bid/71700
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71701
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71942
Linux Kernel cpio 'list_file()' Function Heap Based Buffer Overflow Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71248
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-02-12
http://www.securityfocus.com/bid/72325
BSD mailx CVE-2004-2771 Local Arbitrary Command Execution Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71704
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71937
tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71153
Info-ZIP UnZip CVE-2014-8139 Remote Heap Buffer Overflow Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71790
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71935
Info-ZIP UnZip CVE-2014-8140 Out of Bounds Write Heap Buffer Overflow Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71792
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71964
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-02-12
http://www.securityfocus.com/bid/71939
tcpdump CVE-2014-9140 Buffer Overflow Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71468
Libevent CVE-2014-6272 Multiple Heap Based Buffer Overflow Vulnerabilities
2015-02-12
http://www.securityfocus.com/bid/71971
LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71349
Info-ZIP UnZip CVE-2014-8141 Out of Bounds Read Heap Buffer Overflow Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71793
Graphviz 'agerr()' Function Remote Format String Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71283
file CVE-2014-8117 Denial of Service Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71692
tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2015-02-12
http://www.securityfocus.com/bid/71150
PostgreSQL CVE-2014-8161 Information Disclosure Vulnerability
2015-02-12
http://www.securityfocus.com/bid/72538
PostgreSQL 'to_char()' Function Buffer Overflow Vulnerability
2015-02-12
http://www.securityfocus.com/bid/72540
PostgreSQL 'pgcrypto' Module Stack-Based Buffer Overflow Vulnerability
2015-02-12
http://www.securityfocus.com/bid/72542
PostgreSQL CVE-2015-0244 Security Bypass Vulnerability
2015-02-12
http://www.securityfocus.com/bid/72543
Cisco IOS Software CVE-2015-0609 Denial of Service Vulnerability
2015-02-12
http://www.securityfocus.com/bid/72564
Cisco Prime Infrastructure CVE-2014-2147 Cross Frame Scripting Vulnerability
2015-02-12
http://www.securityfocus.com/bid/72551
Cisco IOS Software CVE-2015-0608 Denial of Service Vulnerability
2015-02-12
http://www.securityfocus.com/bid/72566
Exploit
Achat v0.150 beta7 Buffer Overflow
SoftSphere DefenseWall FW/IPS 3.24 - Privilege Escalation
MooPlayer 1.3.0 'm3u' SEH Buffer Overflow
Wordpress Survey and Poll Plugin 1.1 - Blind SQL Injection
Pandora FMS 5.1 SP1 - SQL Injection Vulnerability
IBM Endpoint Manager - Stored XSS Vulnerability
8.2.2015
Bugtraq
Malware
Phishing
Barclays | 7th February 2015 |
Tesco Bank | 7th February 2015 |
PayPal | 7th February 2015 |
Your account PayPal is limited | |
Paypal | 6th February 2015 |
PayPal | 5th February 2015 |
Vulnerebility
Cisco Unified IP Phones 9900 Series CVE-2015-0601 Local Denial of Service Vulnerability
2015-02-10
http://www.securityfocus.com/bid/72483
mpg123 MP3 Decoding Heap Based Buffer Overflow Vulnerability
2015-02-08
http://www.securityfocus.com/bid/65304
GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2015-02-08
http://www.securityfocus.com/bid/70137
GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2015-02-08
http://www.securityfocus.com/bid/70154
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-02-08
http://www.securityfocus.com/bid/70103
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-02-08
http://www.securityfocus.com/bid/70574
GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2015-02-08
http://www.securityfocus.com/bid/70166
OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
2015-02-08
http://www.securityfocus.com/bid/70586
GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2015-02-08
http://www.securityfocus.com/bid/70152
Microsoft Internet Explorer Same Origin Policy Security Bypass Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72489
OpenSSL CVE-2014-3513 Information Disclosure Vulnerability
2015-02-08
http://www.securityfocus.com/bid/70584
GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2015-02-08
http://www.securityfocus.com/bid/70165
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72140
Oracle Java SE CVE-2014-6587 Local Java SE Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72168
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72132
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72165
Vorbis Tools CVE-2014-9640 Local Denial of Service Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72292
Django 'django.views.static.serve()' Function Denial of Service Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72078
Django 'django.util.http.is_safe_url()' Cross Site Scripting Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72079
Django CVE-2015-0219 Security Bypass Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72081
CodeWrights 'HART DTM' Library CVE-2014-9191 Denial of Service Vulnerability
2015-02-08
http://www.securityfocus.com/bid/71952
Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72191
Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72210
Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72200
Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72214
Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72205
Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72227
Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72217
JasPer 'jpc_qmfb.c' Arbitrary Code Execution Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72293
JasPer 'jpc_dec_process_sot()' Remote Heap Buffer Overflow Vulnerability
2015-02-08
http://www.securityfocus.com/bid/72296
Exploit
3.2.2015
Bugtraq
[SECURITY] [DSA 3149-1] condor security update 2015-02-02
Sebastien Delafond (seb debian org)
[security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information 2015-02-02
security-alert hp com
[SECURITY] [DSA 3150-1] vlc security update 2015-02-02
Alessandro Ghedini (ghedo debian org)
[security bulletin] HPSBMU03236 rev.1 - HP Systems Insight Manager for Windows running Bash Shell, Remote Code Execution 2015-02-02
security-alert hp com
Fork CMS 3.8.3 - XSS Vulnerability 2015-02-02
ITAS Team (itas team itas vn)
Microweber 0.95 - SQL Injection Vulnerability 2015-02-02
ITAS Team (itas team itas vn)
Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities 2015-02-02
ITAS Team (itas team itas vn)
Malware
Phishing
PayPal | 3rd February 2015 |
Please Login to Update Your | |
PayPal | 3rd February 2015 |
Apple | 2nd February 2015 |
Apple | 2nd February 2015 |
[Dear customer] : Hi Your User | |
PayPal Security | 1st February 2015 |
Vulnerebility
VLC Media Player Multiple Security Vulnerabilities
2015-02-03
http://www.securityfocus.com/bid/72252
ClamAV CVE-2014-9328 Multiple Heap Buffer Overflow Vulnerabilities
2015-02-03
http://www.securityfocus.com/bid/72372
Condor CVE-2014-8126 Arbitrary Code Execution Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72019
IBM Tririga Application Platform CVE-2014-8894 Multiple Open Redirection Vulnerabilities
2015-02-03
http://www.securityfocus.com/bid/72408
Mozilla Firefox/SeaMonkey Bitmap Rendering Information Disclosure Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72048
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8635 Multiple Memory Corruption Vulnerabilities
2015-02-03
http://www.securityfocus.com/bid/72050
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8634 Multiple Memory Corruption Vulnerabilities
2015-02-03
http://www.securityfocus.com/bid/72049
Mozilla Firefox/SeaMonkey Web Audio Denial of Service Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72045
Mozilla Firefox Gecko Media Plugin Sandbox Security Bypass Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72043
Mozilla Firefox/Thunderbird/SeaMonkey Proxy Authentication Session Fixation Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72046
Mozilla Firefox/Thunderbird/SeaMonkey sendBeacon Cross-Site Request Forgery Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72047
Mozilla Firefox/SeaMonkey Online Certificate Status Protocol Responder Security Bypass Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72042
Mozilla Firefox/SeaMonkey XrayWrapper Privilege Escalation Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72041
Mozilla Firefox/SeaMonkey WebRTC Memory Corruption Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72044
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-02-03
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72132
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72165
Google Android CVE-2014-7911 Local Privilege Escalation Vulnerability
2015-02-03
http://www.securityfocus.com/bid/71176
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72175
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72173
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72162
Oracle Java SE CVE-2015-0400 Remote Java SE Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72159
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72142
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2014-6587 Local Java SE Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72168
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72140
Multiple VMware Products CVE-2014-8370 Remote Privilege Escalation Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72338
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-02-03
http://www.securityfocus.com/bid/72325
Exploit
Sefrengo CMS 1.6.1 - Multiple SQL Injection Vulnerabilities
1.2.2015
Bugtraq
[security bulletin] HPSBOV03226 rev.2 - HP TCP/IP Services for OpenVMS, BIND 9 Server Resolver, Multiple Remote Vulnerabilities 2015-01-30
security-alert hp com
[SECURITY] [DSA 3147-1] openjdk-6 security update 2015-01-30
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3146-1] requests security update 2015-01-30
Sebastien Delafond (seb debian org)
ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability 2015-01-30
Security Alert (Security_Alert emc com)
Malware
Phishing
PayPal Security | 1st February 2015 |
PayPal Services | 31st January 2015 |
NatWest | 31st January 2015 |
no_reply@bt.com | 31st January 2015 |
Apple | 31st January 2015 |
NatWest | 30th January 2015 |
no_reply@bt.com | 30th January 2015 |
Vulnerebility
VMware vSphere Data Protection CVE-2014-4632 Certificate Validation Security Bypass Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72367
TYPO3 LDAP / SSO Authentication Extension Authentication Bypass Vulnerability
2015-02-01
http://www.securityfocus.com/bid/71981
TYPO3 Content Rating SQL Injection and Cross Site Scripting Vulnerabilities
2015-02-01
http://www.securityfocus.com/bid/71984
TYPO3 Content Rating Extbase Extension Multiple Input Validation Vulnerabilities
2015-02-01
http://www.securityfocus.com/bid/71985
Cisco WebEx Meetings Server CVE-2015-0595 Information Disclosure Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72370
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72175
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72173
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2014-6587 Local Java SE Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72168
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72162
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72142
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-02-01
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72140
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72132
Cisco WebEx Meetings Server CVE-2015-0596 Cross Site Request Forgery Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72371
Python Requests CVE-2014-1829 Information Disclosure Vulnerability
2015-02-01
http://www.securityfocus.com/bid/70012
Python Requests CVE-2014-1830 Information Disclosure Vulnerability
2015-02-01
http://www.securityfocus.com/bid/70013
Privoxy CVE-2015-1381 Multiple Memory Corruption Vulnerabilities
2015-02-01
http://www.securityfocus.com/bid/72354
Privoxy CVE-2015-1382 Remote Denial of Service Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72360
Vorbis Tools CVE-2014-9640 Local Denial of Service Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72292
Info-ZIP UnZip Out of Bounds Denial of Service Vulnerability
2015-02-01
http://www.securityfocus.com/bid/71825
PolarSSL 'asn1parse.c' Remote Code Execution Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72306
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72325
Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2015-02-01
http://www.securityfocus.com/bid/69396
Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2015-02-01
http://www.securityfocus.com/bid/69428
Linux Kernel 'SMB2_tcon' NULL Pointer Dereference Denial of Service Vulnerability
2015-02-01
http://www.securityfocus.com/bid/69867
Linux Kernel 'splice()' System Call Local Denial of Service Vulnerability
2015-02-01
http://www.securityfocus.com/bid/72347
Exploit
30.1.2015
Bugtraq
[SECURITY] [DSA 3144-1] openjdk-7 security update 2015-01-29
Moritz Muehlenhoff (jmm debian org)
NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability 2015-01-29
VMware Security Response Center (security vmware com)
Symantec Encryption Management Server < 3.2.0MP6 - Remote Command Injection 2015-01-30
Paul Craig (lists vantagepoint sg)
Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router 2015-01-29
kingkaustubh me com
Reflected XSS vulnarbility in Asus RT-N10 Plus Router 2015-01-29
kingkaustubh me com
Malware
Phishing
no_reply@bt.com | 30th January 2015 |
APPLE STORE | 28th January 2015 |
PayPal | 28th January 2015 |
IMPORTANT: WE NOTICED UNUSUAL | |
Vulnerebility
Privoxy CVE-2015-1381 Multiple Memory Corruption Vulnerabilities
2015-01-30
http://www.securityfocus.com/bid/72354
Privoxy CVE-2015-1382 Remote Denial of Service Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72360
Vorbis Tools CVE-2014-9640 Local Denial of Service Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72292
Info-ZIP UnZip Out of Bounds Denial of Service Vulnerability
2015-01-30
http://www.securityfocus.com/bid/71825
PolarSSL 'asn1parse.c' Remote Code Execution Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72306
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72325
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72162
Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2015-01-30
http://www.securityfocus.com/bid/69396
Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2015-01-30
http://www.securityfocus.com/bid/69428
Linux Kernel 'SMB2_tcon' NULL Pointer Dereference Denial of Service Vulnerability
2015-01-30
http://www.securityfocus.com/bid/69867
Linux Kernel 'splice()' System Call Local Denial of Service Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72347
Linux Kernel CVE-2014-7841 SCTP NULL Pointer Dereference Denial of Service Vulnerability
2015-01-30
http://www.securityfocus.com/bid/71081
Linux Kernel 'shmem.c' CVE-2014-4171 Local Denial of Service Vulnerability
2015-01-30
http://www.securityfocus.com/bid/68157
CodeWrights 'HART DTM' Library CVE-2014-9191 Denial of Service Vulnerability
2015-01-30
http://www.securityfocus.com/bid/71952
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72175
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72132
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72169
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-01-30
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72173
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72142
Oracle Java SE CVE-2014-6587 Local Java SE Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72168
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72140
FerretCMS Multiple Security Vulnerabilities
2015-01-30
http://www.securityfocus.com/bid/72287
JasPer 'jpc_qmfb.c' Arbitrary Code Execution Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72293
Drupal Context Module Open Redirection Vulnerability
2015-01-30
http://www.securityfocus.com/bid/71925
JasPer 'jpc_dec_process_sot()' Remote Heap Buffer Overflow Vulnerability
2015-01-30
http://www.securityfocus.com/bid/72296
Cisco Identity Services Engine CVE-2014-8022 Multiple Cross Site Scripting Vulnerabilities
2015-01-30
http://www.securityfocus.com/bid/72083
Exploit
29.1.2015
Bugtraq
Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router 2015-01-29
kingkaustubh me com
Reflected XSS vulnarbility in Asus RT-N10 Plus Router 2015-01-29
kingkaustubh me com
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities 2015-01-29
Security Alert (Security_Alert emc com)
Blubrry PowerPress Security Advisory - XSS Vulnerability - CVE-2015-1385 2015-01-29
Onur Yilmaz (onur netsparker com)
CVE-2014-8779: SSH Host keys on Pexip Infinity 2015-01-29
giles pexip com
[The ManageOwnage Series, part XII]: Multiple vulnerabilities in FailOverServlet (OpManager, AppManager, IT360) 2015-01-28
Pedro Ribeiro (pedrib gmail com)
Cisco Security Advisory: GNU glibc gethostbyname Function Buffer Overflow Vulnerability 2015-01-28
Cisco Systems Product Security Incident Response Team (psirt cisco com)
AST-2015-001: File descriptor leak when incompatible codecs are offered 2015-01-28
Asterisk Security Team (security asterisk org)
[slackware-security] glibc (SSA:2015-028-01) 2015-01-28
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72325
JasPer 'jpc_qmfb.c' Arbitrary Code Execution Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72293
Drupal Context Module Open Redirection Vulnerability
2015-01-29
http://www.securityfocus.com/bid/71925
Info-ZIP UnZip Out of Bounds Denial of Service Vulnerability
2015-01-29
http://www.securityfocus.com/bid/71825
JasPer 'jpc_dec_process_sot()' Remote Heap Buffer Overflow Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72296
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72132
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72175
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-01-29
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72162
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72140
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72142
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72173
Oracle Java SE CVE-2014-6587 Local Java SE Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72168
Cisco Identity Services Engine CVE-2014-8022 Multiple Cross Site Scripting Vulnerabilities
2015-01-29
http://www.securityfocus.com/bid/72083
Airwatch CVE-2014-8372 Multiple Information Disclosure Vulnerabilities
2015-01-29
http://www.securityfocus.com/bid/71609
Apple iOS APPLE-SA-2015-01-27-2 Multiple Security Vulnerabilities
2015-01-29
http://www.securityfocus.com/bid/72333
Multiple Apple Products Multiple Security Vulnerabilities
2015-01-29
http://www.securityfocus.com/bid/72327
Linux Kernel CVE-2014-9322 Local Privilege Escalation Vulnerability
2015-01-29
http://www.securityfocus.com/bid/71685
Linux Kernel CVE-2014-7841 SCTP NULL Pointer Dereference Denial of Service Vulnerability
2015-01-29
http://www.securityfocus.com/bid/71081
LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2015-01-29
http://www.securityfocus.com/bid/71349
WebKit CVE-2014-4477 Unspecified Memory Corruption Vulnerability
2015-01-29
http://www.securityfocus.com/bid/72331
Microsoft Windows TCP/IP CVE-2014-4076 Local Privilege Escalation Vulnerability
2015-01-29
http://www.securityfocus.com/bid/70976
Linux Kernel 'SMB2_tcon' NULL Pointer Dereference Denial of Service Vulnerability
2015-01-29
http://www.securityfocus.com/bid/69867
Linux Kernel 'shmem.c' CVE-2014-4171 Local Denial of Service Vulnerability
2015-01-29
http://www.securityfocus.com/bid/68157
Linux Kernel 'ISOFS' Stack-Based Buffer Overflow Vulnerability
2015-01-29
http://www.securityfocus.com/bid/69396
Linux Kernel 'ISOFS' Deadlock Local Denial of Service Vulnerability
2015-01-29
http://www.securityfocus.com/bid/69428
Exploit
VSAT Sailor 900 - Remote Exploit
ClearSCADA - Remote Authentication Bypass Exploit
OS X < 10.10.x - Gatekeeper bypass Vulnerability
UniPDF 1.1 - Crash PoC (SEH overwritten)
Microsoft Windows Server 2003 SP2 - Privilege Escalation
ManageEngine Firewall Analyzer 8.0 - Directory Traversal/XSS Vulnerabilities
FreeBSD Kernel Multiple Vulnerabilities
28.1.2015
Bugtraq
[CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8 2015-01-28
sven bsddaemon org
[CVE-2015-1394] Photo Gallery (Wordpress Plugin) - Multiple XSS Vulnerabilities Version 1.2.8 2015-01-28
sven bsddaemon org
[AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability 2015-01-28
Amplia Security Advisories (advisories ampliasecurity com)
NEW VMSA-2015-0001 - VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address resolve security issues 2015-01-27
VMware Security Response Center (security vmware com)
Multiple vulnerabilities in MantisBT 2015-01-28
High-Tech Bridge Security Research (advisory htbridge com)
Two XSS Vulnerabilities in SupportCenter Plus 2015-01-28
High-Tech Bridge Security Research (advisory htbridge com)
Malware
Phishing
NETELLER | 28th January 2015 |
Your NETELLER Account Has Been | |
Service .inc | 28th January 2015 |
PayPal | 28th January 2015 |
BT | 28th January 2015 |
PayPal | 28th January 2015 |
PayPal | 28th January 2015 |
PayPal | 28th January 2015 |
[Paypal]: You Need To Confirm | |
Skype | 28th January 2015 |
Citibank | 28th January 2015 |
PayPal | 28th January 2015 |
Apple | 28th January 2015 |
PayPal | 28th January 2015 |
Your Barclays Account | 28th January 2015 |
Paypal Support | 28th January 2015 |
Apple | 28th January 2015 |
HSBC Bank | 28th January 2015 |
NatWest | 28th January 2015 |
Microsoft | 28th January 2015 |
PayPal Reminder | 28th January 2015 |
PayPal Services | 28th January 2015 |
YOUR ACCOUNT PAYPAL IS LIMITED | |
PayPal | 28th January 2015 |
PayPal Update | 28th January 2015 |
PayPal Inc | 28th January 2015 |
HSBC Bank | 28th January 2015 |
Vulnerebility
CodeWrights 'HART DTM' Library CVE-2014-9191 Denial of Service Vulnerability
2015-01-28
http://www.securityfocus.com/bid/71952
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-01-28
http://www.securityfocus.com/bid/70574
OpenSSL 'no-ssl3' Build Option Security Bypass Vulnerability
2015-01-28
http://www.securityfocus.com/bid/70585
OpenSSL CVE-2014-3511 Man in the Middle Security Bypass Vulnerability
2015-01-28
http://www.securityfocus.com/bid/69079
OpenSSL NULL Pointer Dereference CVE-2014-5139 Local Denial of Service Vulnerability
2015-01-28
http://www.securityfocus.com/bid/69077
OpenSSL CVE-2014-3509 Remote Denial of Service Vulnerability
2015-01-28
http://www.securityfocus.com/bid/69084
OpenSSL CVE-2014-0224 Man in the Middle Security Bypass Vulnerability
2015-01-28
http://www.securityfocus.com/bid/67899
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-01-28
http://www.securityfocus.com/bid/71762
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-01-28
http://www.securityfocus.com/bid/71761
Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2015-01-28
http://www.securityfocus.com/bid/71758
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-01-28
http://www.securityfocus.com/bid/71757
Mozilla Firefox/SeaMonkey XrayWrapper Privilege Escalation Vulnerability
2015-01-28
http://www.securityfocus.com/bid/72041
Mozilla Firefox/SeaMonkey Web Audio Denial of Service Vulnerability
2015-01-28
http://www.securityfocus.com/bid/72045
GNU glibc 'iconv()' Denial of Service Vulnerability
2015-01-28
http://www.securityfocus.com/bid/69472
GNU glibc CVE-2014-7817 Arbitrary Command Execution Vulnerability
2015-01-28
http://www.securityfocus.com/bid/71216
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8634 Multiple Memory Corruption Vulnerabilities
2015-01-28
http://www.securityfocus.com/bid/72049
Mozilla Firefox/SeaMonkey Bitmap Rendering Information Disclosure Vulnerability
2015-01-28
http://www.securityfocus.com/bid/72048
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8635 Multiple Memory Corruption Vulnerabilities
2015-01-28
http://www.securityfocus.com/bid/72050
Mozilla Firefox/Thunderbird/SeaMonkey sendBeacon Cross-Site Request Forgery Vulnerability
2015-01-28
http://www.securityfocus.com/bid/72047
Mozilla Firefox/Thunderbird/SeaMonkey Proxy Authentication Session Fixation Vulnerability
2015-01-28
http://www.securityfocus.com/bid/72046
Mozilla Firefox/SeaMonkey Online Certificate Status Protocol Responder Security Bypass Vulnerability
2015-01-28
http://www.securityfocus.com/bid/72042
Mozilla Firefox/SeaMonkey WebRTC Memory Corruption Vulnerability
2015-01-28
http://www.securityfocus.com/bid/72044
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-01-28
http://www.securityfocus.com/bid/72173
Wireshark TLS/SSL Decryption CVE-2015-0564 Denial of Service Vulnerability
2015-01-28
http://www.securityfocus.com/bid/71922
Wireshark DEC DNA Routing Protocol Dissector CVE-2015-0562 Remote Denial of Service Vulnerability
2015-01-28
http://www.securityfocus.com/bid/71921
Xen MMU CVE-2014-8594 Local Security Bypass Vulnerability
2015-01-28
http://www.securityfocus.com/bid/71149
Xen CVE-2014-8595 Local Privilege Escalation Vulnerability
2015-01-28
http://www.securityfocus.com/bid/71151
Xen MMU_MACHPHYS_UPDATE Handling Memory Leak Denial of Service Vulnerability
2015-01-28
http://www.securityfocus.com/bid/71207
Xen CVE-2014-8867 Denial of Service Vulnerability
2015-01-28
http://www.securityfocus.com/bid/71331
Xen CVE-2014-8866 Denial of Service Vulnerability
2015-01-28
http://www.securityfocus.com/bid/71332
Exploit
ClearSCADA - Remote Authentication Bypass Exploit
27.1.2015
Bugtraq
[SECURITY] [DSA 3140-1] xen security update 2015-01-27
Moritz Muehlenhoff (jmm debian org)
[SYSS-2014-013] FancyFon FAMOC - Use of a One-Way Hash without a Salt 2015-01-27
matthias deeg syss de
[SYSS-2014-011] FancyFon FAMOC - Cross-Site Scripting 2015-01-27
matthias deeg syss de
[SYSS-2014-012] FancyFon FAMOC - Session Fixation 2015-01-27
matthias deeg syss de
CVE-2015-0223: anonymous access to qpidd cannot be prevented 2015-01-26
Gordon Sim (gsim apache org)
CVE-2015-0224: qpidd can be crashed by unauthenticated user 2015-01-26
Gordon Sim (gsim apache org)
[CORE-2015-0002] - Android WiFi-Direct Denial of Service 2015-01-26
CORE Advisories Team (advisories coresecurity com)
WebKitGTK+ Security Advisory WSA-2015-0001 2015-01-26
Carlos Alberto Lopez Perez (clopez igalia com)
Malware
Phishing
Paypal | 27th January 2015 |
National | 27th January 2015 |
Apple Inc. | 27th January 2015 |
PayPal | 27th January 2015 |
ebilling@bt.com | 27th January 2015 |
Natwest | 27th January 2015 |
onlinebankinservice@tescobank. | 27th January 2015 |
_-Vydox_-_Plus_- | 27th January 2015 |
~NEW~YEAR,~NEW~YOU:~30~DAY~FRE | |
MS MARY ARINZE | 27th January 2015 |
JANET NAPOLITANO | 27th January 2015 |
PayPal Services | 27th January 2015 |
YOUR ACCOUNT PAYPAL IS LIMITED | |
PayPal | 27th January 2015 |
Apple Service | 27th January 2015 |
Ysande | 27th January 2015 |
PayPal | 27th January 2015 |
PayPal | 27th January 2015 |
Barclays | 27th January 2015 |
Bank of America Alert | 27th January 2015 |
Apple | 27th January 2015 |
Apple | 27th January 2015 |
PayPal INC. | 27th January 2015 |
YOUR ACCOUNT WILL BE LIMITED. | |
NatWest Online Banking | 27th January 2015 |
head office | 27th January 2015 |
Navy Federal Online | 27th January 2015 |
Vulnerebility
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72132
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72175
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-01-27
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2014-6587 Local Java SE Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72168
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72142
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72140
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72162
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72155
Microsoft Windows Kerberos Checksum CVE-2014-6324 Remote Privilege Escalation Vulnerability
2015-01-27
http://www.securityfocus.com/bid/70958
kwallet Weak Stored Password Encryption Local Security Weakness
2015-01-27
http://www.securityfocus.com/bid/67716
IBM Tivoli Storage Manager Client CVE-2013-2964 Local Buffer Overflow Vulnerability
2015-01-27
http://www.securityfocus.com/bid/62789
Linux Kernel 'vdso_addr()' Function Local Security Bypass Vulnerability
2015-01-27
http://www.securityfocus.com/bid/71990
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72169
Django CVE-2015-0219 Security Bypass Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72081
Django 'django.util.http.is_safe_url()' Cross Site Scripting Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72079
Django 'ModelMultipleChoiceField' Denial of Service Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72080
Django 'django.views.static.serve()' Function Denial of Service Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72078
Castor Library CVE-2014-3004 XML External Entity Information Disclosure Vulnerability
2015-01-27
http://www.securityfocus.com/bid/67676
Docker CVE-2014-9358 Multiple Directory Traversal Vulnerabilities
2015-01-27
http://www.securityfocus.com/bid/71649
Docker CVE-2014-9357 Remote Privilege Escalation Vulnerability
2015-01-27
http://www.securityfocus.com/bid/71647
Docker CVE-2014-9356 Multiple Directory Traversal Vulnerabilities
2015-01-27
http://www.securityfocus.com/bid/71654
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72173
Google Chrome 40.0.2214.91 Multiple Security Vulnerabilities
2015-01-27
http://www.securityfocus.com/bid/72288
Unbound CVE-2014-8602 Remote Denial of Service Vulnerability
2015-01-27
http://www.securityfocus.com/bid/71589
JasPer 'jpc_qmfb.c' Arbitrary Code Execution Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72293
JasPer 'jpc_dec_process_sot()' Remote Heap Buffer Overflow Vulnerability
2015-01-27
http://www.securityfocus.com/bid/72296
JasPer CVE-2014-8138 Remote Heap Buffer Overflow Vulnerability
2015-01-27
http://www.securityfocus.com/bid/71746
JasPer CVE-2014-8137 Double Free Remote Code Execution Vulnerability
2015-01-27
http://www.securityfocus.com/bid/71742
Exploit
D-Link DSL-2740R - Unauthenticated Remote DNS Change Exploit
VLC Player 2.1.5 - DEP Access Violation Vulnerability
VLC Player 2.1.5 - Write Access Violation Vulnerability
Comodo Backup 4.4.0.0 - NULL Pointer Dereference EOP
Mangallam CMS - SQL Injection Web Vulnerability
Barracuda Networks Cloud Series - Filter Bypass Vulnerability
ManageEngine ServiceDesk Plus 9.0 (< Build 9031) - User Privileges Management Vulnerability
PHP Webquest 2.6 - SQL Injection
Android WiFi-Direct Denial of Service
26.1.2015
Bugtraq
Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)
REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)
REWTERZ-20140101 - ManageEngine ServiceDesk SQL Injection Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)
[HITB-Announce] #HITB2015AMS Call for Papers 1st Round is Closing in 10 Days 2015-01-22
Hafez Kamal (aphesz hackinthebox org)
PhotoSync 1.1.3 Android - Command Inject Vulnerability 2015-01-22
Vulnerability Lab (research vulnerability-lab com)
Program-O v2.4.6 - Multiple Web Vulnerabilities 2015-01-22
Vulnerability Lab (research vulnerability-lab com)
CVE-2015-1180-xss-eventsentry 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1179-xss-mango-automation-scada 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1178-xss-x-cart-ecommerce 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
Malware
Phishing
Vulnerebility
Adobe Flash Player CVE-2015-0311 Unspecified Security Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72283
JasPer 'jpc_qmfb.c' Arbitrary Code Execution Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72293
JasPer 'jpc_dec_process_sot()' Remote Heap Buffer Overflow Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72296
McAfee ePolicy Orchestrator 'conditionXML' Parameter XML External Entity Injection Vulnerability
2015-01-26
http://www.securityfocus.com/bid/71881
Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72217
Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72191
Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72210
Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72227
Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72200
Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72214
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-01-26
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72132
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72175
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72142
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72173
Oracle Java SE CVE-2014-6587 Local Java SE Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72168
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72162
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72140
elfutils '/libelf/elf_begin.c' Directory Traversal Vulnerability
2015-01-26
http://www.securityfocus.com/bid/71804
Info-ZIP UnZip Out of Bounds Denial of Service Vulnerability
2015-01-26
http://www.securityfocus.com/bid/71825
Samba CVE-2014-8143 Privilege Escalation Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72278
Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability
2015-01-26
http://www.securityfocus.com/bid/72261
Jenkins Session Cookie Multiple Security Bypass Vulnerabilities
2015-01-26
http://www.securityfocus.com/bid/72054
ManageEngine ServiceDesk Plus 'search' Parameter User Enumeration Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72300
ManageEngine ServiceDesk Plus 'CreateReportTable.jsp' SQL Injection Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72299
McAfee ePolicy Orchestrator CVE-2015-0922 Information Disclosure Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72298
Exploit
23.1.2015
Bugtraq
Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)
REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)
REWTERZ-20140101 - ManageEngine ServiceDesk SQL Injection Vulnerability 2015-01-22
Rewterz - Research Group (advisories rewterz com)
[HITB-Announce] #HITB2015AMS Call for Papers 1st Round is Closing in 10 Days 2015-01-22
Hafez Kamal (aphesz hackinthebox org)
PhotoSync 1.1.3 Android - Command Inject Vulnerability 2015-01-22
Vulnerability Lab (research vulnerability-lab com)
Program-O v2.4.6 - Multiple Web Vulnerabilities 2015-01-22
Vulnerability Lab (research vulnerability-lab com)
CVE-2015-1180-xss-eventsentry 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1179-xss-mango-automation-scada 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1178-xss-x-cart-ecommerce 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
Malware
Phishing
Vulnerebility
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-01-23
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72132
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72175
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72142
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72173
Oracle Java SE CVE-2014-6587 Local Java SE Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72168
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72162
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72140
elfutils '/libelf/elf_begin.c' Directory Traversal Vulnerability
2015-01-23
http://www.securityfocus.com/bid/71804
Info-ZIP UnZip Out of Bounds Denial of Service Vulnerability
2015-01-23
http://www.securityfocus.com/bid/71825
Samba CVE-2014-8143 Privilege Escalation Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72278
Adobe Flash Player CVE-2015-0310 Unspecified Memory Corruption Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72261
Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72200
Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72214
Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72210
Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72217
Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72191
Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72227
Jenkins Session Cookie Multiple Security Bypass Vulnerabilities
2015-01-23
http://www.securityfocus.com/bid/72054
JasPer 'jpc_qmfb.c' Arbitrary Code Execution Vulnerability
2015-01-23
http://www.securityfocus.com/bid/72293
Samsung SmartViewer 'CNC_Ctrl' ActiveX Stack Buffer Overflow Vulnerability
2015-01-22
http://www.securityfocus.com/bid/71486
ppmd CVE-2015-1199 Multiple Directory Traversal Vulnerabilities
2015-01-22
http://www.securityfocus.com/bid/72099
pxz CVE-2015-1200 Insecure File Permissions Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72101
binutils 'peXXigen.c' Remote Denial of Service Vulnerability
2015-01-22
http://www.securityfocus.com/bid/70866
binutils CVE-2014-8502 Heap Based Buffer Overflow Vulnerability
2015-01-22
http://www.securityfocus.com/bid/70869
binutils 'ihex.c' Stack Based Buffer Overflow Vulnerability
2015-01-22
http://www.securityfocus.com/bid/70868
Exploit
22.1.2015
Bugtraq
PhotoSync 1.1.3 Android - Command Inject Vulnerability 2015-01-22
Vulnerability Lab (research vulnerability-lab com)
Program-O v2.4.6 - Multiple Web Vulnerabilities 2015-01-22
Vulnerability Lab (research vulnerability-lab com)
CVE-2015-1180-xss-eventsentry 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1179-xss-mango-automation-scada 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1178-xss-x-cart-ecommerce 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
CVE-2015-1177-xss-exponent 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP 2015-01-22
SEC Consult Vulnerability Lab (research sec-consult com)
CVE-2015-1176-xss-osticket 2015-01-22
Sudhanshu Chauhan (sudhanshu octogence com)
[slackware-security] samba (SSA:2015-020-01) 2015-01-21
Slackware Security Team (security slackware com)
Remote Desktop v0.9.4 Android - Multiple Vulnerabilities 2015-01-21
Vulnerability Lab (research vulnerability-lab com)
iExplorer 3.6.3 - DLL Hijacking Exploit itunesmobiledevice.dll 2015-01-21
Vulnerability Lab (research vulnerability-lab com)
[RT-SA-2014-010] AVM FRITZ!Box Firmware Signature Bypass 2015-01-21
RedTeam Pentesting GmbH (release redteam-pentesting de)
PhotoSync v1.1.3 Android - Command Inject Vulnerability 2015-01-21
Vulnerability Lab (research vulnerability-lab com)
[oCERT-2015-001] JasPer input sanitization errors 2015-01-21
Andrea Barisani (lcars ocert org)
[security bulletin] HPSBUX03235 SSRT101750 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-01-20
security-alert hp com
[SECURITY] [DSA 3134-1] sympa security update 2015-01-20
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3133-1] privoxy security update 2015-01-20
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72200
Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72214
Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72210
Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72217
Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72191
Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72227
Jenkins Session Cookie Multiple Security Bypass Vulnerabilities
2015-01-22
http://www.securityfocus.com/bid/72054
Samsung SmartViewer 'CNC_Ctrl' ActiveX Stack Buffer Overflow Vulnerability
2015-01-22
http://www.securityfocus.com/bid/71486
ppmd CVE-2015-1199 Multiple Directory Traversal Vulnerabilities
2015-01-22
http://www.securityfocus.com/bid/72099
pxz CVE-2015-1200 Insecure File Permissions Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72101
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72136
binutils 'peXXigen.c' Remote Denial of Service Vulnerability
2015-01-22
http://www.securityfocus.com/bid/70866
binutils CVE-2014-8502 Heap Based Buffer Overflow Vulnerability
2015-01-22
http://www.securityfocus.com/bid/70869
binutils 'ihex.c' Stack Based Buffer Overflow Vulnerability
2015-01-22
http://www.securityfocus.com/bid/70868
binutils 'srec.c' Stack Based Buffer Overflow Vulnerability
2015-01-22
http://www.securityfocus.com/bid/70761
Exiv2 'riffvideo.cpp' Remote Buffer Overflow Vulnerability
2015-01-22
http://www.securityfocus.com/bid/71912
binutils 'archive.c' Local Information Disclosure Vulnerability
2015-01-22
http://www.securityfocus.com/bid/71083
binutils Multiple Directory Traversal Vulnerabilities
2015-01-22
http://www.securityfocus.com/bid/70908
Oracle Java SE CVE-2014-6549 Remote Java SE Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72137
Oracle Java SE CVE-2015-0437 Remote Java SE Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72146
Oracle Java SE CVE-2015-0407 Remote Java SE Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72162
Oracle Java SE CVE-2014-6591 Remote Java SE Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72175
Oracle Java SE CVE-2015-0383 Local Java SE, Java SE Embedded, JRockit Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72155
Oracle Java SE CVE-2014-6601 Remote Java SE Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72132
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72142
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-01-22
http://www.securityfocus.com/bid/70574
Oracle Java SE CVE-2014-6585 Remote Java SE Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72173
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-01-22
http://www.securityfocus.com/bid/72140
Exploit
Exif Pilot 4.7.2 - SEH Based Buffer Overflow
19.1.2015
Bugtraq
CVE-2015-1032 Kiwix Cross-Site Scripting Vulnerability 2015-01-18
Riley Baird (BM-2cVqnDuYbAU5do2DfJTrN7ZbAJ246S4Xix bitmessage ch)
[slackware-security] seamonkey (SSA:2015-016-04) 2015-01-17
Slackware Security Team (security slackware com)
[slackware-security] mozilla-firefox (SSA:2015-016-02) 2015-01-17
Slackware Security Team (security slackware com)
[slackware-security] freetype (SSA:2015-016-01) 2015-01-17
Slackware Security Team (security slackware com)
[slackware-security] mozilla-thunderbird (SSA:2015-016-03) 2015-01-17
Slackware Security Team (security slackware com)
[ MDVSA-2015:027 ] kernel 2015-01-16
security mandriva com
Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability 2015-01-16
admin@evolution-sec.com (admin evolution-sec com)
WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
VeryPhoto v3.0 iOS - Command Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
CatBot v0.4.2 (PHP) - SQL Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3129-1] rpm security update 2015-01-15
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
elfutils '/libelf/elf_begin.c' Directory Traversal Vulnerability
2015-01-19
http://www.securityfocus.com/bid/71804
Cisco WebEx Meetings Server CVE-2014-8030 Cross Site Scripting Vulnerability
2015-01-19
http://www.securityfocus.com/bid/71945
Lsyncd 'default-rsyncssh.lua' Remote Command Injection Vulnerability
2015-01-19
http://www.securityfocus.com/bid/71179
Microsoft Windows CVE-2015-0002 Local Privilege Escalation Vulnerability
2015-01-19
http://www.securityfocus.com/bid/71972
Adobe Flash Player and AIR CVE-2015-0306 Unspecified Memory Corruption Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72036
Adobe Flash Player and AIR CVE-2015-0308 Use After Free Remote Code Execution Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72039
Adobe Flash Player and AIR CVE-2015-0301 Unspecified Security Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72034
Adobe Flash Player and AIR CVE-2015-0309 Unspecified Heap Based Buffer Overflow Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72038
Adobe Flash Player and AIR CVE-2015-0305 Type Confusion Remote Code Execution Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72033
Adobe Flash Player and AIR CVE-2015-0304 Unspecified Heap Based Buffer Overflow Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72032
Adobe Flash Player and AIR CVE-2015-0307 Out of Bounds Read Memory Corruption Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72037
Adobe Flash Player and AIR CVE-2015-0303 Unspecified Memory Corruption Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72031
Adobe Flash Player and AIR CVE-2015-0302 Information Disclosure Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72035
GE Proficy HMI/SCADA - CIMPLICITY CVE-2014-2355 Multiple Local Buffer Overflow Vulnerabilities
2015-01-19
http://www.securityfocus.com/bid/72096
Python 'ssl.match_hostname()' Function Denial of Service Vulnerability
2015-01-19
http://www.securityfocus.com/bid/59877
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8634 Multiple Memory Corruption Vulnerabilities
2015-01-19
http://www.securityfocus.com/bid/72049
Mozilla Firefox/Thunderbird/SeaMonkey Proxy Authentication Session Fixation Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72046
Mozilla Firefox/SeaMonkey WebRTC Memory Corruption Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72044
Mozilla Firefox/Thunderbird/SeaMonkey sendBeacon Cross-Site Request Forgery Vulnerability
2015-01-19
http://www.securityfocus.com/bid/72047
OpenStack Neutron 'dns_nameservers' Parameter Denial of Service Vulnerability
2015-01-19
http://www.securityfocus.com/bid/71278
Linux Kernel CVE-2014-3687 Denial of Service Vulnerability
2015-01-19
http://www.securityfocus.com/bid/70766
Linux Kernel CVE-2014-3673 Denial of Service Vulnerability
2015-01-19
http://www.securityfocus.com/bid/70883
Cisco Secure Access Control Server CVE-2014-8027 Privilege Escalation Vulnerability
2015-01-19
http://www.securityfocus.com/bid/71944
Cisco Secure Access Control Server CVE-2014-8028 Multiple Cross Site Scripting Vulnerabilities
2015-01-19
http://www.securityfocus.com/bid/71946
RPM CVE-2013-6435 Remote Code Execution Vulnerability
2015-01-19
http://www.securityfocus.com/bid/71558
RPM CVE-2014-8118 CPIO Header Handling Integer Overflow Vulnerability
2015-01-19
http://www.securityfocus.com/bid/71588
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8635 Multiple Memory Corruption Vulnerabilities
2015-01-19
http://www.securityfocus.com/bid/72050
BSDCPIO Symlink Directory Traversal Vulnerability
2015-01-16
http://www.securityfocus.com/bid/72102
AlienVault OSSIM and USM Multple Command Execution Vulnerabilities
2015-01-16
http://www.securityfocus.com/bid/72100
Mozilla Firefox/SeaMonkey Web Audio Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72045
Exploit
17.1.2015
Bugtraq
[ MDVSA-2015:027 ] kernel 2015-01-16
security mandriva com
Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability 2015-01-16
admin@evolution-sec.com (admin evolution-sec com)
WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
VeryPhoto v3.0 iOS - Command Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
CatBot v0.4.2 (PHP) - SQL Injection Vulnerability 2015-01-16
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3129-1] rpm security update 2015-01-15
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
Microsoft Windows CVE-2015-0002 Local Privilege Escalation Vulnerability
2015-01-17
http://www.securityfocus.com/bid/71972
Adobe Flash Player and AIR CVE-2015-0306 Unspecified Memory Corruption Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72036
Adobe Flash Player and AIR CVE-2015-0308 Use After Free Remote Code Execution Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72039
Adobe Flash Player and AIR CVE-2015-0301 Unspecified Security Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72034
Adobe Flash Player and AIR CVE-2015-0309 Unspecified Heap Based Buffer Overflow Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72038
Adobe Flash Player and AIR CVE-2015-0305 Type Confusion Remote Code Execution Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72033
Adobe Flash Player and AIR CVE-2015-0304 Unspecified Heap Based Buffer Overflow Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72032
Adobe Flash Player and AIR CVE-2015-0307 Out of Bounds Read Memory Corruption Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72037
Adobe Flash Player and AIR CVE-2015-0303 Unspecified Memory Corruption Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72031
Adobe Flash Player and AIR CVE-2015-0302 Information Disclosure Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72035
GE Proficy HMI/SCADA - CIMPLICITY CVE-2014-2355 Multiple Local Buffer Overflow Vulnerabilities
2015-01-17
http://www.securityfocus.com/bid/72096
Python 'ssl.match_hostname()' Function Denial of Service Vulnerability
2015-01-17
http://www.securityfocus.com/bid/59877
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8634 Multiple Memory Corruption Vulnerabilities
2015-01-17
http://www.securityfocus.com/bid/72049
Mozilla Firefox/Thunderbird/SeaMonkey Proxy Authentication Session Fixation Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72046
Mozilla Firefox/SeaMonkey WebRTC Memory Corruption Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72044
Mozilla Firefox/Thunderbird/SeaMonkey sendBeacon Cross-Site Request Forgery Vulnerability
2015-01-17
http://www.securityfocus.com/bid/72047
OpenStack Neutron 'dns_nameservers' Parameter Denial of Service Vulnerability
2015-01-17
http://www.securityfocus.com/bid/71278
Linux Kernel CVE-2014-3687 Denial of Service Vulnerability
2015-01-17
http://www.securityfocus.com/bid/70766
Linux Kernel CVE-2014-3673 Denial of Service Vulnerability
2015-01-17
http://www.securityfocus.com/bid/70883
Cisco Secure Access Control Server CVE-2014-8027 Privilege Escalation Vulnerability
2015-01-17
http://www.securityfocus.com/bid/71944
Cisco Secure Access Control Server CVE-2014-8028 Multiple Cross Site Scripting Vulnerabilities
2015-01-17
http://www.securityfocus.com/bid/71946
RPM CVE-2013-6435 Remote Code Execution Vulnerability
2015-01-17
http://www.securityfocus.com/bid/71558
RPM CVE-2014-8118 CPIO Header Handling Integer Overflow Vulnerability
2015-01-17
http://www.securityfocus.com/bid/71588
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8635 Multiple Memory Corruption Vulnerabilities
2015-01-17
http://www.securityfocus.com/bid/72050
BSDCPIO Symlink Directory Traversal Vulnerability
2015-01-16
http://www.securityfocus.com/bid/72102
AlienVault OSSIM and USM Multple Command Execution Vulnerabilities
2015-01-16
http://www.securityfocus.com/bid/72100
Mozilla Firefox/SeaMonkey Web Audio Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72045
Mozilla Firefox/SeaMonkey XrayWrapper Privilege Escalation Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72041
Mozilla Firefox/SeaMonkey Online Certificate Status Protocol Responder Security Bypass Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72042
Mozilla Firefox/SeaMonkey Bitmap Rendering Information Disclosure Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72048
Exploit
16.1.2015
Bugtraq
Alienvault OSSIM/USM Command Execution Vulnerability 2015-01-15
Peter Lapp (lappsec gmail com)
[ MDVSA-2015:025 ] mpfr 2015-01-15
security mandriva com
[ MDVSA-2015:024 ] libsndfile 2015-01-15
security mandriva com
[ MDVSA-2015:026 ] untrf 2015-01-15
security mandriva com
[ MDVSA-2015:023 ] libvirt 2015-01-15
security mandriva com
[SECURITY] [DSA 3128-1] linux security update 2015-01-15
Salvatore Bonaccorso (carnil debian org)
FreeBSD Security Advisory FreeBSD-SA-15:01.openssl 2015-01-14
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 3127-1] iceweasel security update 2015-01-14
Moritz Muehlenhoff (jmm debian org)
Two XSS vulnerabilities in Simple Security WordPress Plugin 2015-01-14
High-Tech Bridge Security Research (advisory htbridge com)
MS14-080 CVE-2014-6365 Code 2015-01-14
DiéyÇ? (dieyu dieyu org)
AusCERT2015 Call for Papers: closes 18th January 2015-01-14
AusCERT (auscert auscert org au)
Malware
Phishing
Vulnerebility
Mozilla Firefox/Thunderbird/SeaMonkey Proxy Authentication Session Fixation Vulnerability
2015-01-16
http://www.securityfocus.com/bid/72046
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8635 Multiple Memory Corruption Vulnerabilities
2015-01-16
http://www.securityfocus.com/bid/72050
Mozilla Firefox/Thunderbird/SeaMonkey sendBeacon Cross-Site Request Forgery Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72047
Mozilla Firefox/SeaMonkey Web Audio Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72045
Mozilla Firefox/SeaMonkey XrayWrapper Privilege Escalation Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72041
Mozilla Firefox/SeaMonkey Online Certificate Status Protocol Responder Security Bypass Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72042
Mozilla Firefox/Thunderbird/SeaMonkey CVE-2014-8634 Multiple Memory Corruption Vulnerabilities
2015-01-15
http://www.securityfocus.com/bid/72049
Mozilla Firefox/SeaMonkey WebRTC Memory Corruption Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72044
Mozilla Firefox/SeaMonkey Bitmap Rendering Information Disclosure Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72048
Cisco MDS 9000 NX-OS Software CVE-2015-0582 Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71979
cinnamon-screensaver CVE-2014-1949 Lock Screen Local Security Bypass Vulnerability
2015-01-15
http://www.securityfocus.com/bid/65515
UnRTF RTF File Handling CVE-2014-9275 Out of Bounds Memory Corruption Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71506
MPFR 'strtofr.c' Buffer Overflow Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71542
libsndfile 'src/sd2.c' Multiple Buffer Overflow Vulnerabilities
2015-01-15
http://www.securityfocus.com/bid/71796
Cisco WebEx Meetings Server CVE-2014-8034 User Enumeration Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71978
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71964
GNU Coreutils 'parse_datetime()' Local Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71268
GNU Coreutils Insecure Temporary File Creation Vulnerability
2015-01-15
http://www.securityfocus.com/bid/37256
Info-ZIP UnZip CVE-2014-8139 Remote Heap Buffer Overflow Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71790
Info-ZIP UnZip CVE-2014-8140 Out of Bounds Write Heap Buffer Overflow Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71792
Info-ZIP UnZip CVE-2014-8141 Out of Bounds Read Heap Buffer Overflow Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71793
GParted CVE-2014-7208 OS Command Injection Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71739
Linux Kernel CVE-2014-9419 Local Information Disclosure Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71794
AMD 16h Model Processor CVE-2013-6885 Local Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/63983
Linux Kernel 'keys/gc.c' Local Memory Corruption Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71880
Linux Kernel 'kernel/tls.c' Local Information Disclosure Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71684
Linux Kernel 'fs/isofs/rock.c' Local Information Disclosure Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71883
libvirt 'qemu/qemu_driver.c' Multiple Local Denial of Service Vulnerabilities
2015-01-15
http://www.securityfocus.com/bid/71782
Adobe Flash Player and AIR CVE-2015-0308 Use After Free Remote Code Execution Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72039
Adobe Flash Player and AIR CVE-2015-0305 Type Confusion Remote Code Execution Vulnerability
2015-01-15
http://www.securityfocus.com/bid/72033
Exploit
15.1.2015
Bugtraq
[SECURITY] [DSA 3127-1] iceweasel security update 2015-01-14
Moritz Muehlenhoff (jmm debian org)
Two XSS vulnerabilities in Simple Security WordPress Plugin 2015-01-14
High-Tech Bridge Security Research (advisory htbridge com)
MS14-080 CVE-2014-6365 Code 2015-01-14
DiéyÇ? (dieyu dieyu org)
AusCERT2015 Call for Papers: closes 18th January 2015-01-14
AusCERT (auscert auscert org au)
[security bulletin] HPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information 2015-01-13
security-alert hp com
[SECURITY] [DSA 3123-2] binutils-mingw-w64 security update 2015-01-13
Thijs Kinkhorst (thijs debian org)
Sitefinity Enterprise v7.2.53 - Persistent Vulnerability 2015-01-13
Vulnerability Lab (research vulnerability-lab com)
Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities 2015-01-13
Vulnerability Lab (research vulnerability-lab com)
[security bulletin] HPSBMU03230 rev.1 - HP Insight Control server deployment Remote Disclosure of Information 2015-01-13
security-alert hp com
SEC Consult SA-20150113-2 :: Cross-Site Request Forgery in XBMC / Kodi 2015-01-13
SEC Consult Vulnerability Lab (research sec-consult com)
SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower 2015-01-13
SEC Consult Vulnerability Lab (research sec-consult com)
CVE-2015-0203: Apache Qpid's qpidd can be crashed by authenticated user 2015-01-13
Gordon Sim (gsim apache org)
Malware
Phishing
Vulnerebility
Catapult Software DNP3 Driver CVE-2013-2811 Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/63811
OpenSSL 'dtls1_buffer_record()' Function Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71940
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-01-15
http://www.securityfocus.com/bid/71939
OpenSSL 'ssl23_get_client_hello()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71934
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71936
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71942
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70574
OpenSSL Session Ticket Memory Leak Remote Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70586
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70103
GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70137
GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70154
GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70152
GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70166
GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70165
OpenSSL CVE-2014-3513 Information Disclosure Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70584
CodeWrights 'HART DTM' Library CVE-2014-9191 Local Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71952
Drupal Flag Module CVE-2014-3453 Arbitrary PHP Code Execution Vulnerability
2015-01-15
http://www.securityfocus.com/bid/67318
Linux Kernel User Namespace Local Security Bypass Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71154
Linux Kernel 'fs/isofs/rock.c' Infinite Loop Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71717
Linux Kernel CVE-2014-9419 Local Information Disclosure Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71794
Linux Kernel 'keys/gc.c' Local Memory Corruption Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71880
Linux Kernel 'fragmentation.c' Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71847
Git CVE-2014-9390 Arbitrary File Overwrite Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71732
binutils CVE-2014-8502 Heap Based Buffer Overflow Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70869
binutils 'ihex.c' Stack Based Buffer Overflow Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70868
binutils 'peXXigen.c' Remote Denial of Service Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70866
binutils 'srec.c' Stack Based Buffer Overflow Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70761
binutils 'archive.c' Local Information Disclosure Vulnerability
2015-01-15
http://www.securityfocus.com/bid/71083
binutils CVE-2014-8485 Arbitrary Code Execution Vulnerability
2015-01-15
http://www.securityfocus.com/bid/70741
Exploit
13.1.2015
Bugtraq
MS14-080 CVE-2014-6365 Technical Details Without "Nonsense" 2015-01-13
DiéyÇ? (dieyu dieyu org)
[security bulletin] HPSBOV03228 rev.1 - HP OpenVMS running Bash Shell, Remote Code Execution 2015-01-12
security-alert hp com
[Corrected] Stored XSS Vulnerability in F5 BIG-IP Application Security Manager 2015-01-13
Peter Lapp (lappsec gmail com)
Stored XSS Vulnerability in F5 BIG-IP Application Security Manager 2015-01-12
Peter Lapp (lappsec gmail com)
[SECURITY] [DSA 3126-1] php5 security update 2015-01-12
Thijs Kinkhorst (thijs debian org)
Corel Software DLL Hijacking 2015-01-12
CORE Advisories Team (advisories coresecurity com)
CVE-2014-8870: Arbitrary Redirect in Tapatalk Plugin for WoltLab Burning Board 4.0 2015-01-12
RedTeam Pentesting GmbH (release redteam-pentesting de)
[RT-SA-2014-015] Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0 2015-01-12
RedTeam Pentesting GmbH (release redteam-pentesting de)
[ MDVSA-2015:022 ] wireshark 2015-01-12
security mandriva com
[ MDVSA-2015:021 ] curl 2015-01-12
security mandriva com
[ MDVSA-2015:020 ] libssh 2015-01-12
security mandriva com
ZTE Datacard PCW(Telecom MF180) - Multiple Software Vulnerabilities 2015-01-12
Vulnerability Lab (research vulnerability-lab com)
Heroku API Bug Bounty #1 - Persistent Invitation Vulnerability 2015-01-12
Vulnerability Lab (research vulnerability-lab com)
Heroku API Deep Dive Bug Bounty #3 - Persistent UI Vulnerability 2015-01-12
Vulnerability Lab (research vulnerability-lab com)
Blitz CMS Community - SQL Injection Web Vulnerability 2015-01-12
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3125-1] openssl security update 2015-01-11
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3124-1] otrs2 security update 2015-01-10
Salvatore Bonaccorso (carnil debian org)
Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities 2015-01-10
Pietro Oliva (pietroliva gmail com)
[security bulletin] HPSBOV03227 rev.1 - HP SSL for OpenVMS, Remote Disclosure of Information, Denial of Service (DoS) and Other Vulnerabilities 2015-01-10
security-alert hp com
Malware
Phishing
Vulnerebility
Cisco Secure Access Control Server CVE-2014-8029 Open Redirection Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71948
OpenSSL 'dtls1_buffer_record()' Function Denial of Service Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71940
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-0205 Man in the Middle Security Bypass Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71941
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-01-13
http://www.securityfocus.com/bid/71939
LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71349
CodeWrights 'HART DTM' Library CVE-2014-9191 Local Denial of Service Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71952
JBoss Enterprise Application Platform Plain Text Password Local Information Disclosure Vulnerability
2015-01-13
http://www.securityfocus.com/bid/65762
HawtJNI CVE-2013-2035 Local Privilege Escalation Vulnerability
2015-01-13
http://www.securityfocus.com/bid/59876
Linux Kernel 'fs/isofs/rock.c' Local Information Disclosure Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71883
WordPress Js-Multi-Hotel Plugin 'roomid' Parameter Cross Site Scripting Vulnerability
2015-01-13
http://www.securityfocus.com/bid/64045
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71942
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71936
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71935
Drupal Poll Chart Block Module Cross Site Scripting Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71635
Drupal School Administration Module Multiple HTML Injection Vulnerabilities
2015-01-13
http://www.securityfocus.com/bid/71785
Drupal Godwin's Law Module Cross Site Scripting Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71636
Drupal Webform Invitation Module Cross Site Scripting Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71472
Drupal MoIP Module Cross Site Scripting Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71634
WordPress Banner Effect Header Plugin 'options-general.php' Cross Site Scripting Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71887
VDG Security Sense Multiple Security Vulnerabilities
2015-01-13
http://www.securityfocus.com/bid/71736
ZfcUser 'redirect' Parameter Cross Site Scripting Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71931
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-01-13
http://www.securityfocus.com/bid/70574
Wireshark DEC DNA Routing Protocol Dissector CVE-2015-0562 Remote Denial of Service Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71921
Wireshark SMTP Dissector 'packet-smtp.c' Remote Denial of Service Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71916
Wireshark TLS/SSL Decryption CVE-2015-0564 Denial of Service Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71922
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71964
BEdita CMS 'index.php' Multiple HTML Injection Vulnerabilities
2015-01-13
http://www.securityfocus.com/bid/71949
Roundcube Webmail Multiple Cross Site Request Forgery Vulnerabilities
2015-01-13
http://www.securityfocus.com/bid/71909
p7zip Symlink Directory Traversal Vulnerability
2015-01-13
http://www.securityfocus.com/bid/71890
Exploit
9.1.2015
Bugtraq
Recon 2015 Call For Papers - June 19 - 21, 2015 - Montreal, Canada 2015-01-08
root recon cx (root)
[ MDVSA-2015:018 ] asterisk 2015-01-08
security mandriva com
[ MDVSA-2015:017 ] libevent 2015-01-08
security mandriva com
[SECURITY] [DSA 3121-1] file security update 2015-01-08
Moritz Muehlenhoff (jmm debian org)
[ MDVSA-2015:016 ] unzip 2015-01-08
security mandriva com
[ MDVSA-2015:015 ] sox 2015-01-08
security mandriva com
[ MDVSA-2015:014 ] libjpeg 2015-01-08
security mandriva com
[ MDVSA-2015:013 ] znc 2015-01-08
security mandriva com
[ MDVSA-2015:012 ] jasper 2015-01-08
security mandriva com
[ MDVSA-2015:011 ] nail 2015-01-08
security mandriva com
[ MDVSA-2015:010 ] file 2015-01-08
security mandriva com
[ MDVSA-2015:009 ] krb5 2015-01-08
security mandriva com
[ MDVSA-2015:008 ] pwgen 2015-01-08
security mandriva com
[ MDVSA-2015:007 ] unrtf 2015-01-08
security mandriva com
[ MDVSA-2015:006 ] mediawiki 2015-01-08
security mandriva com
[security bulletin] HPSBMU03118 rev.3 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2015-01-06
security-alert hp com
[SECURITY] [DSA 3120-1] mantis security update 2015-01-06
Moritz Muehlenhoff (jmm debian org)
Brother MFC Administration Reflected Cross-Site Scripting 2015-01-07
vulns dionach com
Self-XSS in Microsoft Dynamics CRM 2013 SP1 2015-01-07
High-Tech Bridge Security Research (advisory htbridge com)
Malware
Phishing
Vulnerebility
tcpdump CVE-2014-9140 Buffer Overflow Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71468
Thermostat CVE-2014-8120 Local Privilege Escalation Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71709
Mozilla Network Security Services CVE-2014-1569 Security Bypass Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71675
Linux Kernel cpio 'list_file()' Function Heap Based Buffer Overflow Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71248
GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability
2015-01-09
http://www.securityfocus.com/bid/38628
file CVE-2014-8116 Multiple Denial of Service Vulnerabilities
2015-01-09
http://www.securityfocus.com/bid/71700
file CVE-2014-8117 Denial of Service Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71692
Info-ZIP UnZip CVE-2014-8140 Out of Bounds Write Heap Buffer Overflow Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71792
Info-ZIP UnZip CVE-2014-8139 Remote Heap Buffer Overflow Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71790
Info-ZIP UnZip CVE-2014-8141 Out of Bounds Read Heap Buffer Overflow Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71793
libjpeg-turbo CVE-2014-9092 Stack Based Buffer Overflow Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71326
JasPer CVE-2014-8137 Double Free Remote Code Execution Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71742
JasPer CVE-2014-8138 Remote Heap Buffer Overflow Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71746
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71701
BSD mailx CVE-2004-2771 Local Arbitrary Command Execution Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71704
MIT Kerberos 5 CVE-2014-5353 NULL Pointer Dereference Remote Denial of Service Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71679
ZNC 'CWebAdminMod::ChanPage()' Function Denial of Service Vulnerability
2015-01-09
http://www.securityfocus.com/bid/66926
Multiple Asterisk Products WebSocket Server Denial of Service Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71607
SoX 'wav' File Multiple Heap Buffer Overflow Vulnerabilities
2015-01-09
http://www.securityfocus.com/bid/71774
pwgen CVE-2013-4440 Insecure Password Generation Weakness
2015-01-09
http://www.securityfocus.com/bid/63185
pwgen CVE-2013-4442 Insecure Password Generation Weakness
2015-01-09
http://www.securityfocus.com/bid/63184
Mediawiki 'thumb.php' Cross Site Scripting Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71775
UnRTF RTF File Handling Out of Bounds Memory Corruption Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71430
UnRTF RTF File Handling CVE-2014-9275 Out of Bounds Memory Corruption Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71506
Mediawiki '$wgCrossSiteAJAXdomains' Security Bypass Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71776
SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
2015-01-09
http://www.securityfocus.com/bid/49778
RSA BSAFE Micro Edition Suite CVE-2014-0636 Chain Processing Vulnerability
2015-01-09
http://www.securityfocus.com/bid/66791
RSA BSAFE Micro Edition Suite CVE-2014-0628 Denial of Service Vulnerability
2015-01-09
http://www.securityfocus.com/bid/66388
Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2015-01-09
http://www.securityfocus.com/bid/71758
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-01-09
http://www.securityfocus.com/bid/71761
Exploit
Pandora v3.1 Auth Bypass and Arbitrary File Upload Vulnerability
Ntpdc 4.2.6p3 - Local Buffer Overflow
WordPress Shopping Cart 3.0.4 - Unrestricted File Upload
8.1.2015
Bugtraq
[security bulletin] HPSBMU03118 rev.3 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2015-01-06
security-alert hp com
[SECURITY] [DSA 3120-1] mantis security update 2015-01-06
Moritz Muehlenhoff (jmm debian org)
Brother MFC Administration Reflected Cross-Site Scripting 2015-01-07
vulns dionach com
Self-XSS in Microsoft Dynamics CRM 2013 SP1 2015-01-07
High-Tech Bridge Security Research (advisory htbridge com)
ZTE Datacard MF19 0V1.0.0B PCW - Multiple Vulnerabilities 2015-01-06
Vulnerability Lab (research vulnerability-lab com)
[ MDVSA-2015:005 ] subversion 2015-01-05
security mandriva com
ESA-2014-180: EMC Documentum Web Development Kit Multiple Vulnerabilities 2015-01-05
Security Alert (Security_Alert emc com)
[SECURITY] [DSA 3119-1] libevent security update 2015-01-06
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-01-08
http://www.securityfocus.com/bid/70103
Schneider Electric ProClima CVE-2014-8514 Remote Buffer Overflow Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71710
Schneider Electric ProClima CVE-2014-8512 Remote Buffer Overflow Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71711
Schneider Electric ProClima CVE-2014-9188 Remote Buffer Overflow Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71713
Schneider Electric ProClima CVE-2014-8511 Remote Buffer Overflow Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71712
Schneider Electric ProClima CVE-2014-8513 Remote Buffer Overflow Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71707
mime-support Package 'run-mailcap' CVE-2014-7209 Command Injection Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71797
Libmspack 'qtmd.c' Infinite Loop Denial of Service Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71851
Cisco Identity Services Engine Software CVE-2014-8017 Password Disclosure Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71767
Cisco Unified Communications Domain Manager CVE-2014-8018 Cross Site Scripting Vulnerabilities
2015-01-08
http://www.securityfocus.com/bid/71771
Cisco Jabber Guest CVE-2014-8024 Multiple Information Disclosure Vulnerabilities
2015-01-08
http://www.securityfocus.com/bid/71770
Mozilla Network Security Services CVE-2014-1569 Security Bypass Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71675
elfutils '/libelf/elf_begin.c' Directory Traversal Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71804
GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
2015-01-08
http://www.securityfocus.com/bid/70154
GNU glibc 'iconv()' Denial of Service Vulnerability
2015-01-08
http://www.securityfocus.com/bid/69472
GNU glibc CVE-2014-7817 Arbitrary Command Execution Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71216
HP Systems Insight Manager CVE-2014-2643 Unspecified Remote Privilege Escalation Vulnerability
2015-01-08
http://www.securityfocus.com/bid/70225
HP Systems Insight Manager CVE-2014-2645 Unspecified Clickjacking Vulnerability
2015-01-08
http://www.securityfocus.com/bid/70224
HP Systems Insight Manager CVE-2014-2644 Unspecified Cross Site Scripting Vulnerability
2015-01-08
http://www.securityfocus.com/bid/70223
GNU Bash CVE-2014-7186 Local Memory Corruption Vulnerability
2015-01-08
http://www.securityfocus.com/bid/70152
GNU Bash CVE-2014-7169 Incomplete Fix Remote Code Execution Vulnerability
2015-01-08
http://www.securityfocus.com/bid/70137
GNU Bash CVE-2014-6278 Incomplete Fix Remote Code Execution Vulnerability
2015-01-08
http://www.securityfocus.com/bid/70166
GNU Bash CVE-2014-6277 Incomplete Fix Remote Code Execution Vulnerability
2015-01-08
http://www.securityfocus.com/bid/70165
Multiple F5 Products CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71549
MantisBT XmlImportExport Plugin 'ImportXml.php' Arbitrary PHP Code Execution Vulnerability
2015-01-08
http://www.securityfocus.com/bid/70993
MantisBT 'copy_field.php' Cross Site Scripting Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71371
MantisBT 'view_all_set.php' Multiple SQL Injection Vulnerabilities
2015-01-08
http://www.securityfocus.com/bid/71298
MantisBT 'file_download.php' HTML Injection Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71380
MantisBT 'core/current_user_api.php' PHP Object Injection Vulnerability
2015-01-08
http://www.securityfocus.com/bid/71361
MantisBT CVE-2014-6316 Multiple URI Redirection Vulnerabilities
2015-01-08
http://www.securityfocus.com/bid/71478
Exploit
Microweber CMS 0.95 - SQL Injection
Pirelli ADSL2/2+ Wireless Router P.DGA4001N - Information Disclosure
Sefrengo CMS 1.6.0 - SQL Injection
7.1.2015
Bugtraq
ZTE Datacard MF19 0V1.0.0B PCW - Multiple Vulnerabilities 2015-01-06
Vulnerability Lab (research vulnerability-lab com)
[ MDVSA-2015:005 ] subversion 2015-01-05
security mandriva com
ESA-2014-180: EMC Documentum Web Development Kit Multiple Vulnerabilities 2015-01-05
Security Alert (Security_Alert emc com)
[SECURITY] [DSA 3119-1] libevent security update 2015-01-06
Salvatore Bonaccorso (carnil debian org)
[ MDVSA-2015:001 ] c-icap 2015-01-05
security mandriva com
[ MDVSA-2015:002 ] pcre 2015-01-05
security mandriva com
Open-Xchange Security Advisory 2015-01-05 2015-01-05
Martin Heiland (martin heiland open-xchange com)
Malware
Phishing
Vulnerebility
concrete5 Multiple Cross-Site Scripting Vulnerabilities
2015-01-07
http://www.securityfocus.com/bid/71592
Linux Kernel cpio 'list_file()' Function Heap Based Buffer Overflow Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71248
TinyMCE BBCode Plugin CVE-2012-4230 HTML Injection Vulnerability
2015-01-07
http://www.securityfocus.com/bid/58424
Linux Kernel 'kernel/kvm.c' Local Information Disclosure Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71650
ISC BIND CVE-2014-8500 Remote Denial of Service Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71590
OpenSSL CVE-2014-3566 Man In The Middle Information Disclosure Vulnerability
2015-01-07
http://www.securityfocus.com/bid/70574
DenyHosts 'regex.py' Remote Denial of Service Vulnerability
2015-01-07
http://www.securityfocus.com/bid/64478
Linux Kernel CVE-2010-5313 Local Denial of Service Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71363
Linux Kernel 'espfix64' Local Denial of Service Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71250
Linux Kernel CVE-2014-7841 SCTP NULL Pointer Dereference Denial of Service Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71081
Linux Kernel 'trace_syscalls.c' Multiple Local Denial of Service Vulnerabilities
2015-01-07
http://www.securityfocus.com/bid/70971
Linux Kernel KVM CVE-2014-7842 Local Denial of Service Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71078
Linux Kernel 'trace_syscalls.c' Multiple Local Denial of Service Vulnerabilities
2015-01-07
http://www.securityfocus.com/bid/70972
Apache Subversion CVE-2014-8108 Remote Denial of Service Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71725
Apache Subversion CVE-2014-3580 Remote Denial of Service Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71726
PCRE 'pcre_exec.c' Heap Based Buffer Overflow Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71206
libvirt CVE-2014-7823 Information Disclosure Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71095
Contenido CMS 'front_content.php' Multiple Cross Site Scripting Vulnerabilities
2015-01-07
http://www.securityfocus.com/bid/71809
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-01-07
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-01-07
http://www.securityfocus.com/bid/71757
Linux Kernel CVE-2014-9322 Local Privilege Escalation Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71685
PHP 'process_nested_data()' Function Use After Free Remote Code Execution Vulnerability
2015-01-07
http://www.securityfocus.com/bid/71791
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-01-06
http://www.securityfocus.com/bid/71761
Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71758
c-icap Server CVE-2013-7402 Multiple Denial of Service Vulnerabilities
2015-01-06
http://www.securityfocus.com/bid/69812
c-icap Server 'request.c' Remote Buffer Overflow Vulnerability
2015-01-06
http://www.securityfocus.com/bid/69498
Ettercap 'dissectors/ec_radius.c' Stack Buffer Overflow Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71698
Ettercap 'nbns_spoof.c' Heap Based Buffer Overflow Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71690
Ettercap 'dissector_postgresql()' Function Heap Buffer Overflow Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71689
Ettercap CVE-2014-6396 Arbitrary File Write Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71697
Exploit
BulletProof FTP Client BPS Buffer Overflow
AdaptCMS 3.0.3 - Multiple Vulnerabilities
6.1.2015
Bugtraq
ESA-2014-180: EMC Documentum Web Development Kit Multiple Vulnerabilities 2015-01-05
Security Alert (Security_Alert emc com)
[SECURITY] [DSA 3119-1] libevent security update 2015-01-06
Salvatore Bonaccorso (carnil debian org)
[ MDVSA-2015:001 ] c-icap 2015-01-05
security mandriva com
[ MDVSA-2015:002 ] pcre 2015-01-05
security mandriva com
Open-Xchange Security Advisory 2015-01-05 2015-01-05
Martin Heiland (martin heiland open-xchange com)
[SECURITY] [DSA 3118-1] strongswan security update 2015-01-05
Yves-Alexis Perez (corsac debian org)
[ MDVSA-2015:003 ] ntp 2015-01-05
security mandriva com
[ MDVSA-2015:004 ] php 2015-01-05
security mandriva com
[The ManageOwnage Series, part XI]: Remote code execution in ServiceDesk, Asset Explorer, Support Center and IT360 2015-01-04
Pedro Ribeiro (pedrib gmail com)
Malware
Phishing
Vulnerebility
libvirt CVE-2014-7823 Information Disclosure Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71095
Contenido CMS 'front_content.php' Multiple Cross Site Scripting Vulnerabilities
2015-01-06
http://www.securityfocus.com/bid/71809
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-01-06
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-01-06
http://www.securityfocus.com/bid/71757
Apache Subversion CVE-2014-8108 Remote Denial of Service Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71725
Apache Subversion CVE-2014-3580 Remote Denial of Service Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71726
Linux Kernel CVE-2014-9322 Local Privilege Escalation Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71685
PHP 'process_nested_data()' Function Use After Free Remote Code Execution Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71791
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-01-06
http://www.securityfocus.com/bid/71761
Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71758
c-icap Server CVE-2013-7402 Multiple Denial of Service Vulnerabilities
2015-01-06
http://www.securityfocus.com/bid/69812
c-icap Server 'request.c' Remote Buffer Overflow Vulnerability
2015-01-06
http://www.securityfocus.com/bid/69498
PCRE 'pcre_exec.c' Heap Based Buffer Overflow Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71206
Ettercap 'dissectors/ec_radius.c' Stack Buffer Overflow Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71698
Ettercap 'nbns_spoof.c' Heap Based Buffer Overflow Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71690
Ettercap 'dissector_postgresql()' Function Heap Buffer Overflow Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71689
Ettercap CVE-2014-6396 Arbitrary File Write Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71697
Ettercap 'dissectors/ec_cvs.c' Out of Bounds Read Denial of Service Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71691
Ettercap 'mdns_spoof.c' Remote Denial of Service Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71695
Ettercap 'dissectors/ec_cvs.c' Security Bypass Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71693
Ettercap 'dissector_dhcp()' Function Denial of Service Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71696
FreeType 'src/cff/cf2hints.c' Remote Stack Buffer Overflow Vulnerability
2015-01-06
http://www.securityfocus.com/bid/66074
BSD mailx CVE-2004-2771 Local Arbitrary Command Execution Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71704
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71701
GNU Coreutils 'parse_datetime()' Local Denial of Service Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71268
UnRTF RTF File Handling Out of Bounds Memory Corruption Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71430
file 'src/readelf.c' Denial of Service Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71715
UnRTF RTF File Handling CVE-2014-9275 Out of Bounds Memory Corruption Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71506
file ELF Parser Denial of Service Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71714
elfutils '/libelf/elf_begin.c' Directory Traversal Vulnerability
2015-01-06
http://www.securityfocus.com/bid/71804
Exploit
5.1.2015
Bugtraq
[The ManageOwnage Series, part XI]: Remote code execution in ServiceDesk, Asset Explorer, Support Center and IT360 2015-01-04
Pedro Ribeiro (pedrib gmail com)
[KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)
[KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)
[KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)
[KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)
Malware
Phishing
Vulnerebility
BSD mailx CVE-2004-2771 Local Arbitrary Command Execution Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71704
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71701
GNU Coreutils 'parse_datetime()' Local Denial of Service Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71268
UnRTF RTF File Handling Out of Bounds Memory Corruption Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71430
file 'src/readelf.c' Denial of Service Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71715
UnRTF RTF File Handling CVE-2014-9275 Out of Bounds Memory Corruption Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71506
file ELF Parser Denial of Service Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71714
elfutils '/libelf/elf_begin.c' Directory Traversal Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71804
mpg123 MP3 Decoding Heap Based Buffer Overflow Vulnerability
2015-01-05
http://www.securityfocus.com/bid/65304
Mediawiki 'thumb.php' Cross Site Scripting Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71775
libsndfile 'src/sd2.c' Multiple Buffer Overflow Vulnerabilities
2015-01-05
http://www.securityfocus.com/bid/71796
Mediawiki '$wgCrossSiteAJAXdomains' Security Bypass Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71776
miniunzip 'minizip.c' Directory Traversal Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71846
Dwarfdump Use After Free Memory Denial of Service Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71839
Koha Multiple Cross Site Scripting Vulnerabilities
2015-01-05
http://www.securityfocus.com/bid/71803
MPFR 'strtofr.c' Buffer Overflow Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71542
python-xdg '/tmp' Insecure Temporary File Creation Vulnerability
2015-01-05
http://www.securityfocus.com/bid/65042
OpenJPEG CVE-2013-6887 Multiple Denial Of Service Vulnerabilities
2015-01-05
http://www.securityfocus.com/bid/64140
OpenJPEG CVE-2013-6052 Multiple Out of Bounds Memory Corruption Vulnerabilities
2015-01-05
http://www.securityfocus.com/bid/64118
OpenJPEG CVE-2013-6053 Multiple Out of Bounds Memory Corruption Vulnerabilities
2015-01-05
http://www.securityfocus.com/bid/64121
OpenJPEG CVE-2013-1447 Multiple Denial Of Service Vulnerabilities
2015-01-05
http://www.securityfocus.com/bid/64142
OpenJPEG CVE-2013-6045 Multiple Remote Heap Based Buffer Overflow Vulnerabilities
2015-01-05
http://www.securityfocus.com/bid/64109
cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2015-01-05
http://www.securityfocus.com/bid/70988
Ettercap CVE-2014-6396 Arbitrary File Write Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71697
Ettercap 'mdns_spoof.c' Remote Denial of Service Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71695
Ettercap 'dissectors/ec_cvs.c' Security Bypass Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71693
Ettercap 'dissectors/ec_cvs.c' Out of Bounds Read Denial of Service Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71691
Ettercap 'dissectors/ec_radius.c' Stack Buffer Overflow Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71698
Ettercap 'nbns_spoof.c' Heap Based Buffer Overflow Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71690
Ettercap 'dissector_postgresql()' Function Heap Buffer Overflow Vulnerability
2015-01-05
http://www.securityfocus.com/bid/71689
Exploit
ASUSWRT 3.0.0.4.376_1071 - LAN Backdoor Command Execution
Crea8Social 2.0 - XSS Change Interface
1.1.2015
Bugtraq
[KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)
[KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)
[KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)
[KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)
[KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability 2014-12-31
Egidio Romano (research karmainsecurity com)
[SECURITY] [DSA 3117-1] php5 security update 2014-12-31
Salvatore Bonaccorso (carnil debian org)
[The ManageOwnage Series, part X]: 0-day administrator account creation in Desktop Central 2014-12-31
Pedro Ribeiro (pedrib gmail com)
Defense in depth -- the Microsoft way (part 26): "Set Program Access and Computer Defaults" hides applications like Outlook 2014-12-30
Stefan Kanthak (stefan kanthak nexgo de)
ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability 2014-12-30
Security Alert (Security_Alert emc com)
ESA-2014-158: RSA BSAFE® Micro Edition Suite and SSL-J Triple Handshake Vulnerability 2014-12-30
Security Alert (Security_Alert emc com)
[SECURITY] [DSA 3116-1] polarssl security update 2014-12-30
Moritz Muehlenhoff (jmm debian org)
Remote Code Execution via Unauthorised File upload in Cforms 14.7 2014-12-29
z fedotkin infosec ru
[SECURITY] [DSA 3115-1] pyyaml security update 2014-12-29
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
Vulnerebility
RPM CVE-2013-6435 Remote Code Execution Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71558
RPM CVE-2014-8118 CPIO Header Handling Integer Overflow Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71588
JasPer CVE-2014-8137 Double Free Remote Code Execution Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71742
JasPer CVE-2014-8138 Remote Heap Buffer Overflow Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71746
PHP 'cgi_main.c' Out of Bounds Read Denial of Service Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71833
MIT Kerberos 5 CVE-2014-4343 Remote Denial of Service Vulnerability
2015-01-01
http://www.securityfocus.com/bid/69159
PHP 'process_nested_data()' Function Use After Free Remote Code Execution Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71791
MIT Kerberos 5 CVE-2014-4341 Remote Denial of Service Vulnerability
2015-01-01
http://www.securityfocus.com/bid/68909
MIT kerberos 5 'ldap_principal2.c' Buffer Overflow Vulnerability
2015-01-01
http://www.securityfocus.com/bid/69168
Multiple WordPress Themes Multiple Arbitrary File Download Vulnerabilities
2015-01-01
http://www.securityfocus.com/bid/69497
MIT Kerberos 5 'svr_principal.c' Information Disclosure Vulnerability
2015-01-01
http://www.securityfocus.com/bid/70380
Mozilla Firefox/Thunderbird CVE-2014-1587 Multiple Memory Corruption Vulnerabilities
2015-01-01
http://www.securityfocus.com/bid/71391
Mozilla Firefox/Thunderbird CVE-2014-1593 Buffer Overflow Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71395
Mozilla Firefox/Thunderbird CVE-2014-1594 Security Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71396
Mozilla Firefox/Thunderbird CVE-2014-1590 Denial of Service Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71397
Mozilla Firefox/Thunderbird CVE-2014-1592 Use After Free Memory Corruption Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71398
Symantec Web Gateway CVE-2014-7285 Command Injection Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71620
Docker CVE-2014-9357 Remote Privilege Escalation Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71647
Docker CVE-2014-9358 Multiple Directory Traversal Vulnerabilities
2015-01-01
http://www.securityfocus.com/bid/71649
Docker CVE-2014-9356 Multiple Directory Traversal Vulnerabilities
2015-01-01
http://www.securityfocus.com/bid/71654
RETIRED: Linux Kernel 'Polkit' Local Privilege Escalation Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71716
Multiple Puppet Products CVE-2014-3248 Remote Code Execution Vulnerability
2015-01-01
http://www.securityfocus.com/bid/68035
PolarSSL Unspecified Memory Corruption Vulnerability
2015-01-01
http://www.securityfocus.com/bid/70905
LibYAML and Perl YAML-LibYAML Module 'scanner.c' Remote Denial of Service Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71349
JasPer 'jpc_dec.c' Multiple Remote Heap Buffer Overflow Vulnerabilities
2015-01-01
http://www.securityfocus.com/bid/71476
Multiple F5 Products CVE-2014-8730 Man In The Middle Information Disclosure Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71549
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-01-01
http://www.securityfocus.com/bid/71757
Network Time Protocol CVE-2014-9296 Unspecified Security Vulnerability
2015-01-01
http://www.securityfocus.com/bid/71758
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-01-01
http://www.securityfocus.com/bid/71761
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-01-01
http://www.securityfocus.com/bid/71762
Exploit
Windows 8.1 (32/64 bit) - Privilege Escalation (ahcache.sys/NtApphelpCacheControl)
ProjectSend Arbitrary File Upload
Social Microblogging PRO 1.5 Stored XSS Vulnerability
CFP: Passwords 2015, Dec 7-9, Cambridge, UK 2015-07-10
Per Thorsheim (per thorsheim net)
CVE-2015-4670 - AjaxControlToolkit File Upload Directory Traversal 2015-07-13
Brian Cardinale (brian cardinaleconsulting com)
[SYSS-2015-031] sysPass - SQL Injection 2015-07-13
disclosure syss de
phpSQLiteCMS CSRF, Unrestricted File Type Upload, Privilege Escalation & XSS CSRF, Unrestricted File Type Upload, Privilege Escalation & XSS 2015-07-13
apparitionsec gmail com
[slackware-security] mozilla-thunderbird (SSA:2015-192-01) 2015-07-12
Slackware Security Team (security slackware com)
SQL Injection, Reflected XSS, Path Traversal, Function Execution in ZenPhoto 1.4.8 2015-07-10
Tim Coen (tc coen gmail com)
[security bulletin] HPSBGN03373 rev.1 - HP Release Control running TLS, Remote Disclosure of Information 2015-07-10
security-alert hp com
Cisco Security Advisory: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products 2015-07-10
Cisco Systems Product Security Incident Response Team (psirt cisco com)
ESA-2015-115: EMC RecoverPoint for Virtual Machines (VMs) Restriction Bypass Vulnerability 2015-07-10
Security Alert (Security_Alert emc com)
CVE-2014-7952, Android ADB backup APK injection vulnerability 2015-07-10
Imre RAD (imre rad search-lab hu)
[security bulletin] HPSBGN03351 rev.2 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL, Remote Disclosure of Information 2015-07-10
security-alert hp com
[security bulletin] HPSBGN03371 rev.1 - HP IceWall Products running OpenSSL, Remote Denial of Service (DoS) 2015-07-10
security-alert hp com
NEW VMSA-2015-0005 : VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability 2015-07-10
VMware Security Response Center (security vmware com)
[SECURITY] [DSA 3307-1] pdns-recursor security update 2015-07-09
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3306-1] pdns security update 2015-07-09
Alessandro Ghedini (ghedo debian org)
[slackware-security] openssl (SSA:2015-190-01) 2015-07-09
Slackware Security Team (security slackware com)
FreeBSD Security Advisory FreeBSD-SA-15:12.openssl 2015-07-09
FreeBSD Security Advisories (security-advisories freebsd org)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2015-07-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Extra information for CVE-2014-2513 - EMC Documentum Content Server: arbitrary code execution 2015-07-08
andrew panfilov tel
[SECURITY] [DSA 3305-1] python-django security update 2015-07-08
Alessandro Ghedini (ghedo debian org)
[CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection 2015-07-08
CORE Advisories Team (advisories coresecurity com)
[security bulletin] HPSBUX03363 rev.1 - HP-UX Apache Web Server running OpenSSL, Remote Disclosure of Information 2015-07-08
security-alert hp com
Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution 2015-07-08
hdau deloitte fr
SQL Injection in easy2map-photos wordpress plugin v1.09 2015-07-08
Larry W. Cashdollar (larry0 me com)
Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 2015-07-08
Larry W. Cashdollar (larry0 me com)
Symantec EP 12.1.4013 Disabling Vulnerability 2015-07-08
apparitionsec gmail com
[slackware-security] bind (SSA:2015-188-04) 2015-07-08
Slackware Security Team (security slackware com)
[slackware-security] ntp (SSA:2015-188-03) 2015-07-08
Slackware Security Team (security slackware com)
[slackware-security] cups (SSA:2015-188-01) 2015-07-08
Slackware Security Team (security slackware com)
[slackware-security] mozilla-firefox (SSA:2015-188-02) 2015-07-08
Slackware Security Team (security slackware com)