Databáze Hot News - Rok - Úvod 2018 2017 2016 2015 2014 2013 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 List - 2018 2017 2016 2015 2014 2013
Poslední aktualizace v 08.10.2016 14:19:38
2015
31.12.2015
Bugtraq
Joomla 1.5.x to 3.4.5 Object Injection Exploit (golang) 2015-12-31
irancrash gmail com
Executable installers are vulnerable^WEVIL (case 16): Trend Micro's installers allows arbitrary (remote) code execution 2015-12-31
Stefan Kanthak (stefan kanthak nexgo de)
FTPShell Client v5.24 Buffer Overflow 2015-12-30
apparitionsec gmail com
[oCERT 2015-012] Ganeti multiple issues 2015-12-30
Daniele Bianco (danbia ocert org)
WebKitGTK+ Security Advisory WSA-2015-0002 2015-12-28
Carlos Alberto Lopez Perez (clopez igalia com)
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
riusksk qq com
Malware
Phishing
Amazon | 30th December 2015 |
Tesco | 30th December 2015 |
PAY.SERVICE ✔ | 30th December 2015 |
Microsoft | 30th December 2015 |
Microsoft | 30th December 2015 |
margaretabprwu | 30th December 2015 |
Barclays | 30th December 2015 |
Accounting | 30th December 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
30.12.2015
Bugtraq
[oCERT 2015-012] Ganeti multiple issues 2015-12-30
Daniele Bianco (danbia ocert org)
Malware
Phishing
PAYPAI SERVICE | 30th December 2015 |
Were investigating a paypaI | |
Chase | 29th December 2015 |
markecyrv | 29th December 2015 |
Vulnerebility
SANS News
Actor using Rig EK to deliver Qbot - update
Threatpost
Exploit
Simple Ads Manager 2.9.4.116 - SQL Injection
FTPShell Client 5.24 - Buffer Overflow
DeleGate 9.9.13 - Local Root Vulnerability
29.12.2015
Bugtraq
WebKitGTK+ Security Advisory WSA-2015-0002 2015-12-28
Carlos Alberto Lopez Perez (clopez igalia com)
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
riusksk qq com
Malware
Trojan:BAT/Zuquitache
Ransom:MSIL/Zuquitache.A
Phishing
Jeff Skoll | 29th December 2015 |
S e c u r i t y A L E R T | 29th December 2015 |
MRS. ELLAIN ELLIOT | 28th December 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
28.12.2015
Bugtraq
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
riusksk qq com
Malware
Phishing
Capital One 360 | 28th December 2015 |
Paypal | 28th December 2015 |
Carmen Thompson | 28th December 2015 |
Barclays | 28th December 2015 |
JAMES F. ENTWISTLE | 28th December 2015 |
....Get paid $25 for each emai | 28th December 2015 |
Vulnerebility
SANS News
hashcat and oclHashcat are now open source
Threatpost
Exploit
27.12.2015
Bugtraq
libtiff: invalid write (CVE-2015-7554) 2015-12-26
Hans Jerry Illikainen (hji dyntopia com)
AccessDiver V4.301 Buffer Overflow 2015-12-26
apparitionsec gmail com
Malware
Phishing
michael swartz | 27th December 2015 |
NatWest | 26th December 2015 |
Chase | 25th December 2015 |
Account Support | 25th December 2015 |
Vulnerebility
Google Chrome Prior to 47.0.2526.106 Multiple Remote Code Execution Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/79348
libxml2 CVE-2015-7500 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79562
Mozilla Firefox Multiple Security Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/79279
Libxml2 'xmlParseConditionalSections()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79507
libxml2 CVE-2015-7498 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79548
Libxml2 CVE-2015-1819 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/75570
Libxml2 'xmlDictComputeFastQKey()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79508
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77621
libxml2 CVE-2015-5312 XML Entity Expansion Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79536
Libxml2 'xmlGROW()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79509
libxml2 Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/77681
Libxml2 'parser.c' Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77390
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-26
http://www.securityfocus.com/bid/74241
Foxit Reader Local Privilege Escalation Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77041
QEMU 'hw/net/pcnet.c' Remote Buffer Overflow Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78230
QEMU 'hw/net/pcnet.c' Heap Based Buffer Overflow Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78227
Dnsmasq CVE-2015-3294 Remote Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/74452
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77544
Linux Kernel 'btrfs/inode.c' Information Disclosure Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78219
Linux kernel CVE-2013-7446 Use After Free Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77638
Red Hat Enterprise Linux 'USB Device Descriptor' Local Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77030
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77524
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/78623
Xen 'hvm/irq.c' Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79644
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-26
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-26
http://www.securityfocus.com/bid/77280
SANS News
Threatpost
Exploit
EasyCafe Server <= 2.2.14 Remote File Read
25.12.2015
Bugtraq
Malware
Phishing
Account Team | 25th December 2015 |
PayPaI Inc | 25th December 2015 |
Vulnerebility
Foxit Reader Local Privilege Escalation Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77041
QEMU 'hw/net/pcnet.c' Remote Buffer Overflow Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78230
QEMU 'hw/net/pcnet.c' Heap Based Buffer Overflow Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78227
Dnsmasq CVE-2015-3294 Remote Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/74452
Google Chrome Prior to 47.0.2526.106 Multiple Unspecified Security Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79348
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77544
Linux Kernel 'btrfs/inode.c' Information Disclosure Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78219
Linux kernel CVE-2013-7446 Use After Free Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77638
Red Hat Enterprise Linux 'USB Device Descriptor' Local Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77030
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77524
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78623
Xen 'hvm/irq.c' Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79644
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77280
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77283
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-25
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-25
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-25
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-25
http://www.securityfocus.com/bid/75525
SANS News
Threatpost
Exploit
Rips Scanner 0.5 - (code.php) Local File Inclusion
24.12.2015
Bugtraq
[SECURITY] [DSA 3430-1] libxml2 security update 2015-12-23
Salvatore Bonaccorso (carnil debian org)
Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege 2015-12-23
Stefan Kanthak (stefan kanthak nexgo de)
[slackware-security] blueman (SSA:2015-356-01) 2015-12-23
Slackware Security Team (security slackware com)
Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16 2015-12-22
LpSolit gmail com
Malware
Phishing
support account | 24th December 2015 |
Tesco plc. | 23rd December 2015 |
Vulnerebility
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77524
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77280
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77283
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/75525
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/76317
OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76497
OpenSSH Login Handling Security Bypass Weakness
2015-12-24
http://www.securityfocus.com/bid/75990
gdk-pixbuf Heap Buffer Overflow and Denial of Service Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/76953
Gnome GdkPixbuf 'pixops.c' Heap Based Buffer Overflow Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76955
LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2015-12-24
http://www.securityfocus.com/bid/62060
Wireshark '/wiretap/pcapng.c' Remote Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/77101
ISC BIND CVE-2015-8000 Remote Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/79349
RETIRED: Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-24
http://www.securityfocus.com/bid/78723
Cisco Web Security Appliance CVE-2015-6290 Denial of Service Vulnerability
2015-12-24
http://www.securityfocus.com/bid/76687
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-24
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-24
http://www.securityfocus.com/bid/44484
SANS News
Threatpost
Exploit
Rips Scanner 0.5 - (code.php) Local File Inclusion
23.12.2015
Bugtraq
[slackware-security] blueman (SSA:2015-356-01) 2015-12-23
Slackware Security Team (security slackware com)
Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16 2015-12-22
LpSolit gmail com
ESA-2015-179: EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)
ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)
Aeris Calandar v2.1 - Buffer Overflow Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Switch v4.68 - Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Lithium Forum - (previewImages) Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Malware
TrojanSpy:Win32/Nivdort.CM
TrojanDropper:Win32/Zelug.A
Backdoor:Win32/Zelug.B
TrojanDownloader:VBS/Reywals.A
Backdoor:MSIL/Medirot.A
Phishing
Mia Zhang | 23rd December 2015 |
ANZ BANK | 23rd December 2015 |
Vulnerebility
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77524
Xen CVE-2015-8555 Information Disclosure Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79543
Xen 'pt-msi.c' Heap Memory Corruption Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79579
Multiple Adobe Products CVE-2015-5255 Server Side Request Forgery Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77626
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77287
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77280
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7855 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77283
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/75525
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/76317
OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76497
OpenSSH Login Handling Security Bypass Weakness
2015-12-23
http://www.securityfocus.com/bid/75990
gdk-pixbuf Heap Buffer Overflow and Denial of Service Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/76953
Gnome GdkPixbuf 'pixops.c' Heap Based Buffer Overflow Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76955
LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2015-12-23
http://www.securityfocus.com/bid/62060
Wireshark '/wiretap/pcapng.c' Remote Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/77101
ISC BIND CVE-2015-8000 Remote Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/79349
RETIRED: Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-23
http://www.securityfocus.com/bid/78723
Cisco Web Security Appliance CVE-2015-6290 Denial of Service Vulnerability
2015-12-23
http://www.securityfocus.com/bid/76687
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-23
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-23
http://www.securityfocus.com/bid/44484
SANS News
Libraries and Dependencies - It Really is Turtles All The Way Down!
Threatpost
Juniper Backdoor Picture Getting Clearer
Yahoo to Warn Users of State-Sponsored Attacks
Exploit
Bigware Shop 2.3.01 - Multiple Local File Inclusion Vulnerabilities
Grawlix 1.0.3 - CSRF Vulnerability
Arastta 1.1.5 - SQL Injection Vulnerabilities
PhpSocial 2.0.0304_20222226 - CSRF Vulnerability
PHP 7.0.0 - Format String Vulnerability
22.12.2015
Bugtraq
ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability 2015-12-22
Security Alert (Security_Alert emc com)
Aeris Calandar v2.1 - Buffer Overflow Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
POP Peeper 4.0.1 - Persistent Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Switch v4.68 - Code Execution Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Lithium Forum - (previewImages) Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
Western Union CN Bug Bounty #6 - Client Side Cross Site Scripting Web Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability 2015-12-22
Vulnerability Lab (research vulnerability-lab com)
[RT-SA-2015-013] Symfony PHP Framework: Session Fixation In "Remember Me" Login Functionality 2015-12-22
RedTeam Pentesting GmbH (release redteam-pentesting de)
Executable installers are vulnerable^WEVIL (case 14): Rapid7's ScanNowUPnP.exe allows arbitrary (remote) code execution 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
[security bulletin] HPSBHF03419 rev.1 - HP Network Products including H3C routers and switches, Remote Denial of Service (DoS), Unauthorized Access. 2015-12-21
security-alert hpe com
Malware
TrojanDownloader:Win32/Ponmocup.A
Phishing
Vulnerebility
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/77063
Apache Tomcat CVE-2014-7810 Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/74665
GNU GRUB2 CVE-2015-8370 Multiple Local Authentication Bypass Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/79358
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78524
Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78215
OpenStack Nova CVE-2015-7713 Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76960
Juniper ScreenOS CVE-2015-7755 Unauthorized Access and Information Disclosure Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/79626
Xen PV Backend Driver CVE-2015-8550 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/79592
Xen Multiple Denial of Service Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/79546
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/75525
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/76317
OpenSSH CVE-2015-6565 Local Security Bypass Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76497
OpenSSH Login Handling Security Bypass Weakness
2015-12-22
http://www.securityfocus.com/bid/75990
gdk-pixbuf Heap Buffer Overflow and Denial of Service Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/76953
Gnome GdkPixbuf 'pixops.c' Heap Based Buffer Overflow Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76955
LibRaw CVE-2013-1438 Multiple NULL Pointer Dereference Denial of Service Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/62060
Wireshark '/wiretap/pcapng.c' Remote Denial of Service Vulnerability
2015-12-22
http://www.securityfocus.com/bid/77101
ISC BIND CVE-2015-8000 Remote Denial of Service Vulnerability
2015-12-22
http://www.securityfocus.com/bid/79349
RETIRED: Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78723
Cisco Web Security Appliance CVE-2015-6290 Denial of Service Vulnerability
2015-12-22
http://www.securityfocus.com/bid/76687
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-22
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-22
http://www.securityfocus.com/bid/44484
GNU Wget CVE-2010-2252 Arbitrary File Overwrite Vulnerability
2015-12-22
http://www.securityfocus.com/bid/65722
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-22
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-22
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-22
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-22
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-22
http://www.securityfocus.com/bid/71762
SANS News
Threatpost
Exploit
Wireshark infer_pkt_encap - Heap-Based Out-of-Bounds Read
Wireshark AirPDcapDecryptWPABroadcastKey - Heap-Based Out-of-Bounds Read
21.12.2015
Bugtraq
ESA-2015-177: RSA SecurID(r) Web Agent Authentication Bypass Vulnerability 2015-12-21
Security Alert (Security_Alert emc com)
giflib: heap overflow in giffix (CVE-2015-7555) 2015-12-21
Hans Jerry Illikainen (hji dyntopia com)
Executable installers are vulnerable^WEVIL (case 13): ESET NOD32 antivirus installer allows remote code execution with escalation of privilege 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
Almost no resp. only some mitigation(s) for "DLL hijacking" via load-time dependencies 2015-12-21
Stefan Kanthak (stefan kanthak nexgo de)
KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password 2015-12-18
KoreLogic Disclosures (disclosures korelogic com)
Malware
TrojanSpy:Win32/Nivdort.CT
TrojanSpy:Win32/Nivdort.CS
TrojanSpy:Win32/Nivdort.CR
TrojanSpy:Win32/Nivdort.CP
TrojanSpy:Win32/Nivdort.CH
TrojanDownloader:JS/Swabfex
Phishing
USAA Online Banking | 21st December 2015 |
App.support | 21st December 2015 |
Service Inc | 20th December 2015 |
PayPal | 20th December 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-21
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-21
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77507
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77160
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-21
http://www.securityfocus.com/bid/77238
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74119
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-21
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-0491 Remote Security Vulnerability
2015-12-21
http://www.securityfocus.com/bid/74094
SANS News
Threatpost
Exploit
Ovidentia online Module 2.8 - GLOBALS[babAddonPhpPath] Remote File Inclusion
Ovidentia Widgets 1.0.61 - Remote Command Execution Exploit
Notepad++ NPPFtp Plugin 0.26.3 - Buffer Overflow
Base64 Decoder 1.1.2 - SEH OverWrite PoC
19.12.2015
Bugtraq
[SECURITY] [DSA 3428-1] tomcat8 security update 2015-12-18
Moritz Muehlenhoff (jmm debian org)
KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address 2015-12-18
KoreLogic Disclosures (disclosures korelogic com)
[slackware-security] grub (SSA:2015-351-01) 2015-12-18
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-351-02) 2015-12-18
Slackware Security Team (security slackware com)
Executable uninstallers are vulnerable^WEVIL (case 12): Avira Registry Cleaner allows arbitrary code execution with escalation of privilege 2015-12-18
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3426-1] linux security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
Security Alert (Security_Alert emc com)
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17
Daniele Bianco (danbia ocert org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
Malware
Phishing
SERVICE PPL | 19th December 2015 |
NOTICE | 19th December 2015 |
Wells Fargo | 19th December 2015 |
HSBC UK | 18th December 2015 |
HSBC UK | 18th December 2015 |
Vulnerebility
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-19
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-19
http://www.securityfocus.com/bid/44484
GNU Wget CVE-2010-2252 Arbitrary File Overwrite Vulnerability
2015-12-19
http://www.securityfocus.com/bid/65722
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-19
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-19
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-19
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-19
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-19
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-19
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-19
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-19
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-19
http://www.securityfocus.com/bid/78619
SANS News
Threatpost
Exploit
Google Chrome - Renderer Process to Browser Process Privilege Escalation
18.12.2015
Bugtraq
[slackware-security] grub (SSA:2015-351-01) 2015-12-18
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-351-02) 2015-12-18
Slackware Security Team (security slackware com)
Executable uninstallers are vulnerable^WEVIL (case 12): Avira Registry Cleaner allows arbitrary code execution with escalation of privilege 2015-12-18
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3426-1] linux security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
Security Alert (Security_Alert emc com)
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17
Daniele Bianco (danbia ocert org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
CVE-2015-5348 - Apache Camel medium disclosure vulnerability 2015-12-17
Claus Ibsen (claus ibsen gmail com)
[SECURITY] [DSA 3337-2] gdk-pixbuf security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
[slackware-security] mozilla-firefox (SSA:2015-349-03) 2015-12-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3424-1] subversion security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
Malware
Backdoor:Python/Atalag.A
TrojanSpy:Python/Basonil.A
TrojanSpy:MSIL/Ohona.A
Phishing
HSBC UK | 18th December 2015 |
HSBC UK | 18th December 2015 |
USAA | 17th December 2015 |
USAA | 17th December 2015 |
Upgrade X | 17th December 2015 |
Vulnerebility
Adobe Flash Player ActionScript 3 ByteArray Use After Free Remote Memory Corruption Vulnerability
2015-12-18
http://www.securityfocus.com/bid/75568
Microsoft Windows Environment Variable Expansion in PATH Security Bypass Weakness
2015-12-18
http://www.securityfocus.com/bid/44484
GNU Wget CVE-2010-2252 Arbitrary File Overwrite Vulnerability
2015-12-18
http://www.securityfocus.com/bid/65722
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-18
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-18
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-18
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-18
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-18
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-18
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-18
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-18
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-18
http://www.securityfocus.com/bid/78619
SANS News
Threatpost
Exploit
Joomla 1.5 - 3.4.5 - Object Injection RCE X-Forwarded-For Header
Ovidentia maillist Module 4.0 - Remote File Inclusion Exploit
PFSense <= 2.2.5 - Directory Traversal
Windows Kernel win32k!OffsetChildren - Null Pointer Dereference
win32k Desktop and Clipboard - Null Pointer Derefence
win32k Clipboard Bitmap - Use-After-Free Vulnerability
Adobe Flash TextField.antiAliasType Setter - Use-After-Free
Adobe Flash TextField.gridFitType Setter - Use-After-Free
Adobe Flash MovieClip.lineStyle - Use-After-Frees
Adobe Flash GradientFill - Use-After-Frees
Samsung Galaxy S6 Samsung Gallery - GIF Parsing Crash
Samsung Galaxy S6 Samsung Gallery - Bitmap Decoding Crash
17.12.2015
Bugtraq
ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
Security Alert (Security_Alert emc com)
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17
Daniele Bianco (danbia ocert org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17
Luciano Bello (luciano debian org)
CVE-2015-5348 - Apache Camel medium disclosure vulnerability 2015-12-17
Claus Ibsen (claus ibsen gmail com)
[SECURITY] [DSA 3337-2] gdk-pixbuf security update 2015-12-17
Salvatore Bonaccorso (carnil debian org)
[slackware-security] mozilla-firefox (SSA:2015-349-03) 2015-12-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3424-1] subversion security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBHF03528 rev.1 - HP Network Products running VCX, Remote Unauthorized Modification 2015-12-16
security-alert hpe com
[SECURITY] [DSA 3423-1] cacti security update 2015-12-16
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3421-1] grub2 security update 2015-12-16
Luciano Bello (luciano debian org)
[SECURITY] [DSA 3422-1] iceweasel security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
Shutdown UX DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
Shockwave Flash Object DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
[security bulletin] HPSBUX03529 SSRT102967 rev.1 - HP-UX BIND service running named, Remote Denial of Service (DoS) 2015-12-16
security-alert hpe com
Event Viewer Snapin multiple DLL side loading vulnerabilities 2015-12-16
Securify B.V. (lists securify nl)
libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16
FreeBSD Security Advisories (security-advisories freebsd org)
SQL Injection in orion.extfeedbackform Bitrix Module 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
RCE in Zen Cart via Arbitrary File Inclusion 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
[slackware-security] openssl (SSA:2015-349-04) 2015-12-16
Slackware Security Team (security slackware com)
[slackware-security] bind (SSA:2015-349-01) 2015-12-16
Slackware Security Team (security slackware com)
Malware
TrojanDownloader:PowerShell/Wedinga.A
Phishing
_NoReply | 16th December 2015 |
PayPal | 16th December 2015 |
NatWest | 16th December 2015 |
Info Service Dpt | 15th December 2015 |
PayPal | 15th December 2015 |
SERVICE PPL | 15th December 2015 |
MSN Incoporation | 15th December 2015 |
Vulnerebility
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-12-17
http://www.securityfocus.com/bid/73684
libxml2 'parser.c' Out of Bounds Read Multiple Information Disclosure Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/74241
Libxml2 'parser.c' Buffer Overflow Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77621
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-17
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-17
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-17
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-17
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-17
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-17
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-17
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-17
http://www.securityfocus.com/bid/77192
SANS News
When Hunting BeEF, Yara rules (Part 2)
Threatpost
Critical Flaws Found in Network Management Systems
Exploit
Easy File Sharing Web Server 7.2 - GET HTTP Request SEH Buffer Overflow
Easy File Sharing Web Server 7.2 - HEAD HTTP Request SEH Buffer Overflow
Zen Cart 1.5.4 - Local File Inclusion
Gentoo Local Priv Escalation in QEMU
16.12.2015
Bugtraq
[SECURITY] [DSA 3422-1] iceweasel security update 2015-12-16
Moritz Muehlenhoff (jmm debian org)
Shutdown UX DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
Shockwave Flash Object DLL side loading vulnerability 2015-12-16
Securify B.V. (lists securify nl)
[security bulletin] HPSBUX03529 SSRT102967 rev.1 - HP-UX BIND service running named, Remote Denial of Service (DoS) 2015-12-16
security-alert hpe com
Event Viewer Snapin multiple DLL side loading vulnerabilities 2015-12-16
Securify B.V. (lists securify nl)
libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16
FreeBSD Security Advisories (security-advisories freebsd org)
SQL Injection in orion.extfeedbackform Bitrix Module 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
RCE in Zen Cart via Arbitrary File Inclusion 2015-12-16
High-Tech Bridge Security Research (advisory htbridge ch)
libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16
Hans Jerry Illikainen (hji dyntopia com)
[slackware-security] openssl (SSA:2015-349-04) 2015-12-16
Slackware Security Team (security slackware com)
[slackware-security] bind (SSA:2015-349-01) 2015-12-16
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-349-02) 2015-12-16
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3420-1] bind9 security update 2015-12-15
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3419-1] cups-filters security update 2015-12-15
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:MSIL/Banload.AL
TrojanDownloader:Win32/Banload.BFX
TrojanSpy:Win32/Ursnif.HP
Backdoor:Python/Covnoo.A
Backdoor:Win32/Blackhole.AE
Backdoor:Win32/Jadow.A
Trojan:Win32/Varpes.C!plock
Trojan:Win32/Varpes.A!plock
Trojan:Win32/Varpes.D!plock
Trojan:Win32/Varpes.I!plock
Phishing
Info Service Dpt | 15th December 2015 |
PayPal | 15th December 2015 |
SERVICE PPL | 15th December 2015 |
Vulnerebility
Multiple FireEye Products 'JAR Analysis' Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78809
Network Time Protocol CVE-2014-9295 Multiple Stack Based Buffer Overflow Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/71761
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/70103
NTP 'ntp-keygen.c' Predictable Random Number Generator Weakness
2015-12-16
http://www.securityfocus.com/bid/71762
NTP 'ntp_config.c' Insufficient Entropy Security Weakness
2015-12-16
http://www.securityfocus.com/bid/71757
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/66690
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-16
http://www.securityfocus.com/bid/53354
LibreOffice Multiple Remote Code Execution and Information Disclosure Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/77486
Cisco IOS XE Software CVE-2015-6359 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/79200
Adobe Flash Player CVE-2015-7645 Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77081
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-16
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-16
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-16
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-16
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-16
http://www.securityfocus.com/bid/77507
SANS News
Threatpost
Exploit
Wireshark - iseries_parse_packet Heap-Based Buffer Overflow
Wireshark - dissect_tds7_colmetadata_token Stack-Based Buffer Overflow
Wireshark - wmem_alloc Assertion Failure
Wireshark - dissect_zcl_pwr_prof_pwrprofstatersp Static Out-of-Bounds Read
Wireshark - dissct_rsl_ipaccess_msg Static Out-of-Bounds Read
Wireshark - file_read (wtap_read_bytes_or_eof/mp2t_find_next_pcr) Stack-Based Buffer Overflow
Wireshark - memcpy (get_value / dissect_btatt) SIGSEGV
Wireshark - dissect_nbap_MACdPDU_Size SIGSEGV
Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow
Wireshark - ascend_seek Static Out-of-Bounds Read
Wireshark - addresses_equal (dissect_rsvp_common) Use-After-Free
Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack-Based Buffer Overflow
Wireshark - find_signature Stack-Based Out-of-Bounds Read
Wireshark - AirPDcapPacketProcess Stack-Based Buffer Overflow
Wireshark - getRate Stack-Based Out-of-Bounds Read
FireEye Wormable Remote Code Execution in MIP JAR Analysis
Ovidentia newsletter Module 2.2 - (admin.php) Remote File Inclusion Exploit
Joomla 1.5 - 3.4.5 - Object Injection Remote Command Execution
15.12.2015
Bugtraq
[SECURITY] [DSA 3419-1] cups-filters security update 2015-12-15
Salvatore Bonaccorso (carnil debian org)
Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta) 2015-12-14
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3418-1] chromium-browser security update 2015-12-15
Michael Gilbert (mgilbert debian org)
[security bulletin] HPSBST03517 rev.1 - HP StoreOnce Backup systems, Remote Execution of Arbitrary Code with Privilege Elevation, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS) 2015-12-14
security-alert hpe com
Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370] 2015-12-15
Hector Marco-Gisbert (hecmargi upv es)
phpback v1.1 XSS vulnerability 2015-12-15
apparitionsec gmail com
ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS 2015-12-14
ERPScan inc (erpscan online gmail com)
[SECURITY] [DSA 3417-1] bouncycastle security update 2015-12-14
Luciano Bello (luciano debian org)
[ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability 2015-12-14
ERPScan inc (erpscan online gmail com)
ECommerceMajor SQL Injection Vulnerability 2015-12-13
Rahul Pratap Singh (techno rps gmail com)
Malware
TrojanDownloader:MSIL/Genmaldow.C
TrojanDownloader:MSIL/Genmaldow.D
HackTool:MSIL/Noancooe.B
PWS:Win32/QQpass.GU
Phishing
Service | 15th December 2015 |
OFAMERICA BANK. | 15th December 2015 |
Vodafone | 14th December 2015 |
PayPal Service | 14th December 2015 |
PayPal | 14th December 2015 |
Vulnerebility
Microsoft Windows CVE-2015-6128 DLL Loading Remote Code Execution Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78612
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77116
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-12-15
http://www.securityfocus.com/bid/71939
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-12-15
http://www.securityfocus.com/bid/71942
OpenSSL 'dtls1_get_record()' Function NULL Pointer Dereference Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/71937
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78626
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/78734
Kaspersky Antivirus Multiple Memory Corruption Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/77608
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78209
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-15
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77507
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77160
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-15
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-15
http://www.securityfocus.com/bid/77238
SANS News
Threatpost
Exploit
Joomla 1.5 - 3.4.5 - Object Injection Remote Command Execution
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - Invalid Pointer Dereference
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_SetConfFileChunk Stack Buffer...
IBM Tivoli Storage Manager FastBack Server 5.5.4.2 - _FXCLI_GetConfFileChunk Stack Buffer...
Microsoft Office / COM Object DLL Planting with comsvcs.dll Delay Load of mqrt.dll (MS15-132)
Legend Perl IRC Bot Remote Code Execution
Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution
ECommerceMajor - (productdtl.php, prodid param) SQL Injection Vulnerability
WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation
Polycom VVX-Series Business Media Phones - Path Traversal Vulnerability
Bitrix bitrix.mpbuilder Module 1.0.10 - Local File Inclusion
Bitrix bitrix.xscan Module 1.0.3 - Directory Traversal
Adobe Flash Type Confusion in IExternalizable.readExternal When Performing Local Serialization
Adobe Flash Type Confusion in Serialization with ObjectEncoder.dynamicPropertyWriter
14.12.2015
Bugtraq
ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS 2015-12-14
ERPScan inc (erpscan online gmail com)
[SECURITY] [DSA 3417-1] bouncycastle security update 2015-12-14
Luciano Bello (luciano debian org)
[ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability 2015-12-14
ERPScan inc (erpscan online gmail com)
ECommerceMajor SQL Injection Vulnerability 2015-12-13
Rahul Pratap Singh (techno rps gmail com)
[SECURITY] [DSA 3416-1] libphp-phpmailer security update 2015-12-13
Luciano Bello (luciano debian org)
COM+ Services DLL side loading vulnerability 2015-12-12
Securify B.V. (lists securify nl)
Malware
Phishing
HSBC | 13th December 2015 |
National | 13th December 2015 |
Vulnerebility
Multiple Kaspersky Products Certificate Handling Directory Traversal Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77616
Multiple Kaspersky Products Local Security Bypass Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77618
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78626
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78622
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78209
Google Chrome Prior to 47.0.2526.80 Multiple Security Vulnerabilities
2015-12-14
http://www.securityfocus.com/bid/78734
PHPMailer 'class.phpmailer.php' Security Bypass Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78619
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77192
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-14
http://www.securityfocus.com/bid/78416
Xen CVE-2015-8338 Denial of Service Vulnerability
2015-12-14
http://www.securityfocus.com/bid/78920
Antirez Redis 'lua_struct.c' Integer Overflow Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77507
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77160
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-14
http://www.securityfocus.com/bid/77238
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-14
http://www.securityfocus.com/bid/77164
SANS News
Color My Logs: Providing Context for Your Logs Using Our Data
Threatpost
Exploit
Windows XP-10 - Null-Free WinExec Shellcode (Python)
Siemens Simatic S7 1200 CPU Command Module (MSF)
ECommerceMajor - (productdtl.php, prodid param) SQL Injection Vulnerability
WordPress Admin Management Xtended Plugin 2.4.0 - Privilege escalation
13.12.2015
Bugtraq
COM+ Services DLL side loading vulnerability 2015-12-12
Securify B.V. (lists securify nl)
Windows Authentication UI DLL side loading vulnerability 2015-12-12
Securify B.V. (lists securify nl)
XSS Vulnerability in Synnefo Client for Synnefo IMS 2015 - CVE-2015-8247 2015-12-12
Aravind (altoarun gmail com)
[security bulletin] HPSBHF03431 rev.1 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2015-12-12
security-alert hpe com
APPLE-SA-2015-12-11-1 iTunes 12.3.2 2015-12-11
Apple Product Security (product-security-noreply lists apple com)
ORGIN STUDIOS Cms Multiple Vulnerability 2015-12-11
iedb team gmail com
Malware
Phishing
PaypaI Service | 13th December 2015 |
Paypal support | 13th December 2015 |
Bank of America | 12th December 2015 |
Bank of America Customer | |
Vulnerebility
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-13
http://www.securityfocus.com/bid/77238
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77192
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-13
http://www.securityfocus.com/bid/66690
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-13
http://www.securityfocus.com/bid/70103
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-13
http://www.securityfocus.com/bid/53354
Linux Kernel SCTP Implementation CVE-2015-5283 Local Denial of Service Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77058
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77544
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77209
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-12-13
http://www.securityfocus.com/bid/74733
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-13
http://www.securityfocus.com/bid/78524
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77528
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77524
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77194
Netgear G54/N150 WNR1000v3 Router CVE-2015-8263 Security Bypass Vulnerability
2015-12-13
http://www.securityfocus.com/bid/78873
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-13
http://www.securityfocus.com/bid/77164
SANS News
Threatpost
Exploit
12.12.2015
Bugtraq
[security bulletin] HPSBHF03431 rev.1 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2015-12-12
security-alert hpe com
APPLE-SA-2015-12-11-1 iTunes 12.3.2 2015-12-11
Apple Product Security (product-security-noreply lists apple com)
ORGIN STUDIOS Cms Multiple Vulnerability 2015-12-11
iedb team gmail com
Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege 2015-12-08
Stefan Kanthak (stefan kanthak nexgo de)
WordPress <=v4.4 Username Exists Information Disclosure 2015-12-10
John SECURELI.com (john secureli com)
BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10
Blue Frost Security Research Lab (research bluefrostsecurity de)
Malware
Phishing
CIBC Online Banking | 11th December 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-12
http://www.securityfocus.com/bid/77238
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77192
OpenSSL TLS 'heartbeat' Extension Multiple Information Disclosure Vulnerabilities
2015-12-12
http://www.securityfocus.com/bid/66690
GNU Bash CVE-2014-6271 Remote Code Execution Vulnerability
2015-12-12
http://www.securityfocus.com/bid/70103
dhcpcd CVE-2012-2152 Remote Stack Buffer Overflow Vulnerability
2015-12-12
http://www.securityfocus.com/bid/53354
Linux Kernel SCTP Implementation CVE-2015-5283 Local Denial of Service Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77058
Linux Kernel CVE-2015-7872 Local Privilege Escalation Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77544
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77209
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-12-12
http://www.securityfocus.com/bid/74733
cups-filters CVE-2015-8327 Arbitrary Command Execution Vulnerability
2015-12-12
http://www.securityfocus.com/bid/78524
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77528
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77524
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77194
Netgear G54/N150 WNR1000v3 Router CVE-2015-8263 Security Bypass Vulnerability
2015-12-12
http://www.securityfocus.com/bid/78873
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-12
http://www.securityfocus.com/bid/77164
SANS News
Threatpost
Exploit
11.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege 2015-12-08
Stefan Kanthak (stefan kanthak nexgo de)
WordPress <=v4.4 Username Exists Information Disclosure 2015-12-10
John SECURELI.com (john secureli com)
BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10
Blue Frost Security Research Lab (research bluefrostsecurity de)
SEC Consult SA-20151210-0 :: Skybox Platform Multiple Vulnerabilities 2015-12-10
SEC Consult Vulnerability Lab (research sec-consult com)
Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
APPLE-SA-2015-12-08-6 Xcode 7.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
Secunia Research: Microsoft Windows usp10.dll "GetFontDesc()" Integer Underflow Vulnerability 2015-12-08
Secunia Research (remove-vuln secunia com)
APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 3414-1] xen security update 2015-12-09
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBHF03432 rev.1 - HPE Networking Comware 5, Comware 5 Low Encryption SW, Comware 7, VCX Using NTP, Remote Access Restriction Bypass and Code Execution 2015-12-09
security-alert hpe com
APPLE-SA-2015-12-08-2 tvOS 9.1 2015-12-09
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco Prime Collaboration Assurance Default Account Credential Vulnerability 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Malware
TrojanDownloader:Win32/Banload.BFW
Phishing
Support Service | 11th December 2015 |
NOTICE : WE HAVE MAKE SOME | |
Microsoft | 10th December 2015 |
Support Service | 10th December 2015 |
NOTICE : WE HAVE MAKE SOME | |
Microsoft | 10th December 2015 |
Vulnerebility
Linux Kernel CVE-2015-5307 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77528
Linux Kernel CVE-2015-8104 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77524
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77194
Netgear G54/N150 WNR1000v3 Router CVE-2015-8263 Security Bypass Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78873
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77164
OpenSSL CVE-2015-3194 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78623
OpenSSL CVE-2015-3195 Information Disclosure Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78626
OpenSSL CVE-2015-3196 Denial of Service Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78622
libpng CVE-2015-8126 Multiple Heap Based Buffer Overflow Vulnerabilities
2015-12-11
http://www.securityfocus.com/bid/77568
libpng 'png_convert_to_rfc1123()' Function Out Of Bounds Read Memory Corruption Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77304
Microsoft Windows CVE-2015-6127 Information Disclosure Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78516
libpng CVE-2015-8472 Incomplete Fix Heap Based Buffer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78624
Git CVE-2015-7545 Remote Command Execution Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78711
Adobe FlashPlayer and AIR CVE-2015-8407 Stack Buffer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78717
Adobe Flash Player and AIR Multiple Unspecified Security Bypass Vulnerabilities
2015-12-11
http://www.securityfocus.com/bid/78713
Adobe FlashPlayer and AIR APSB15-32 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2015-12-11
http://www.securityfocus.com/bid/78712
Adobe Flash Player and AIR CVE-2015-8445 Unspecified Integer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/78716 Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77165
Mozilla Netscape Portable Runtime CVE-2015-7183 Integer Overflow Vulnerability
2015-12-11
http://www.securityfocus.com/bid/77415
SANS News
Everything old is new again - Blackhole exploit kit since November 2015
Threatpost
Banking Malware Moving Over Facebook Hosted in Cloud
Exploit
10.12.2015
Bugtraq
BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10
Blue Frost Security Research Lab (research bluefrostsecurity de)
SEC Consult SA-20151210-0 :: Skybox Platform Multiple Vulnerabilities 2015-12-10
SEC Consult Vulnerability Lab (research sec-consult com)
Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
APPLE-SA-2015-12-08-6 Xcode 7.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
Secunia Research: Microsoft Windows usp10.dll "GetFontDesc()" Integer Underflow Vulnerability 2015-12-08
Secunia Research (remove-vuln secunia com)
APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
[SECURITY] [DSA 3414-1] xen security update 2015-12-09
Moritz Muehlenhoff (jmm debian org)
[security bulletin] HPSBHF03432 rev.1 - HPE Networking Comware 5, Comware 5 Low Encryption SW, Comware 7, VCX Using NTP, Remote Access Restriction Bypass and Code Execution 2015-12-09
security-alert hpe com
APPLE-SA-2015-12-08-2 tvOS 9.1 2015-12-09
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco Prime Collaboration Assurance Default Account Credential Vulnerability 2015-12-09
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[CORE-2015-0014] - Microsoft Windows Media Center link file incorrectly resolved reference 2015-12-09
CORE Advisories Team (advisories coresecurity com)
[security bulletin] HPSBHF03433 SSRT102964 rev.1 - HP-UX Running Mozilla Firefox and Thunderbird, Remote Disclosure of Information 2015-12-09
security-alert hpe com
APPLE-SA-2015-12-08-5 Safari 9.0.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-12-08-4 watchOS 2.1 2015-12-09
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-12-08-1 iOS 9.2 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBMU03520 rev.1 - HP Insight Control server provisioning, Remote Disclosure of Information 2015-12-09
security-alert hpe com
Path Traversal via CSRF in bitrix.xscan Bitrix Module 2015-12-09
High-Tech Bridge Security Research (advisory htbridge ch)
APPLE-SA-2015-12-08-4 watchOS 2.1 2015-12-08
Apple Product Security (product-security-noreply lists apple com)
Advisory: Arro and Other Android Taxi Hailing Apps Did Not Use SSL (Mobile Knowledge) 2015-12-08
securityresearch shaftek biz
[CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities 2015-12-09
Vogt, Thomas (Thomas Vogt secunet com)
XSS vulnerability in Intellect Core banking software - Polaris 2015-12-09
msahu controlcase com
PHP File Inclusion in bitrix.mpbuilder Bitrix Module 2015-12-09
High-Tech Bridge Security Research (advisory htbridge ch)
WordPress Users Ultra Plugin [Blind SQL injection] - Update 2015-12-08
Panagiotis Vagenas (pan vagenas gmail com)
Executable installers are vulnerable^WEVIL (case 9): Chrome's setup.exe allows arbitrary code execution and escalation of privilege 2015-12-09
Stefan Kanthak (stefan kanthak nexgo de)
MacOS/iPhone/Apple Watch/Apple TV libc File System Buffer Overflow 2015-12-08
submit cxsec org
[SECURITY] [DSA 3415-1] chromium-browser security update 2015-12-10
Michael Gilbert (mgilbert debian org)
Malware
Phishing
Support Service | 10th December 2015 |
NOTICE : WE HAVE MAKE SOME | |
Microsoft | 10th December 2015 |
Vulnerebility
Mozilla Netscape Portable Runtime CVE-2015-7183 Integer Overflow Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77415
Google Chrome CVE-2015-1302 Information Disclosure Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77537
Mozilla Network Security Services Memory Corruption and Heap Buffer Overflow Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77416
Google Chrome Prior to 47.0.2526.73 Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78416
Node.js CVE-2015-6764 Out of Bounds Denial of Service Vulnerability
2015-12-10
http://www.securityfocus.com/bid/78209
Oracle MySQL Server CVE-2015-4815 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77222
Oracle MySQL Server CVE-2015-4826 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77237
Oracle MySQL Server CVE-2015-4913 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77153
Adobe ColdFusion APSB15-29 Multiple Unspecified Cross Site Scripting Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77625
Adobe Flash Player and AIR APSB15-32 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78715
Adobe Premiere Clip CVE-2015-8051 Unspecified Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77624
Adobe Flash Player and AIR APSB15-32 Multiple Unspecified Memory Corruption Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78710
Oracle MySQL Server CVE-2015-4870 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77208
Oracle MySQL Server CVE-2015-4792 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77171
Oracle MySQL Server CVE-2015-4802 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77165
Oracle MySQL Server CVE-2015-4858 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77145
Oracle MySQL Server CVE-2015-4836 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77190
Oracle MySQL Server CVE-2015-4807 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77205
Oracle MySQL Server CVE-2015-4861 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77137
Oracle MySQL Server CVE-2015-4830 Remote Security Vulnerability
2015-12-10
http://www.securityfocus.com/bid/77228
Cisco Unified Communications Manager CVE-2015-6410 Security Bypass Vulnerability
2015-12-10
http://www.securityfocus.com/bid/78741
Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-10
http://www.securityfocus.com/bid/78723
X.Org libXfont LZW Decompression 'BufCompressedFill()' Local Privilege Escalation Vulnerability
2015-12-10
http://www.securityfocus.com/bid/49124
Apple Mac OS X and iOS Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/76343
PHP PHAR Multiple Denial of Service Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/76959
OpenLDAP CVE-2015-6908 Denial of Service Vulnerability
2015-12-10
http://www.securityfocus.com/bid/76714
Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/52379
LibreSSL 'OBJ_obj2txt()' Function Buffer Overflow and Information Disclosure Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77112
Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/78719
Apple iOS APPLE-SA-2015-10-21-1 Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77268
2015-12-10
http://www.securityfocus.com/bid/78719
Apple iOS APPLE-SA-2015-10-21-1 Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77268
Apple iOS and Mac OS X Multiple Security Vulnerabilities
2015-12-10
http://www.securityfocus.com/bid/77263
SANS News
Threatpost
Exploit
iy10 Dizin Scripti - Multiple Vulnerabilities
Gökhan Balbal Script 2.0 - CSRF Vulnerability
Skybox Platform <=7.0.611 - Multiple Vulnerabilities
Rar CmdExtract::UnstoreFile Integer Truncation Memory Corruption
Avast OOB Write Decrypting PEncrypt Packed Executables
Avast JetDb::IsExploited4x - Performs Unbounded Search on Input
Avast Heap Overflow Unpacking MoleBox Archives
Avast Integer Overflow Verifying numFonts in TTC Header
9.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 5): JRSoft InnoSetup 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Malware
Phishing
Vulnerebility
Wireshark PCAPNG File CVE-2015-7830 Remote Code Execution Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78723
X.Org libXfont LZW Decompression 'BufCompressedFill()' Local Privilege Escalation Vulnerability
2015-12-09
http://www.securityfocus.com/bid/49124
Apple Mac OS X and iOS Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/76343
PHP PHAR Multiple Denial of Service Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/76959
OpenLDAP CVE-2015-6908 Denial of Service Vulnerability
2015-12-09
http://www.securityfocus.com/bid/76714
Expat XML Parsing Multiple Remote Denial of Service Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/52379
LibreSSL 'OBJ_obj2txt()' Function Buffer Overflow and Information Disclosure Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77112
Apple Mac OS X/watchOS/iOS/tvOS Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/78719
Apple iOS APPLE-SA-2015-10-21-1 Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77268
Apple iOS and Mac OS X Multiple Security Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77263
Adobe ColdFusion APSB15-29 Multiple Unspecified Cross Site Scripting Vulnerabilities
2015-12-09
http://www.securityfocus.com/bid/77625
Adobe Premiere Clip CVE-2015-8051 Unspecified Security Vulnerability
2015-12-09
http://www.securityfocus.com/bid/77624
Cisco FirePOWER Management Center Software CVE-2015-6411 Information Disclosure Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78740
Multiple Cisco IP Phones CVE-2015-6403 Local Arbitrary File Upload Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78739
Cisco Prime Collaboration Assurance CVE-2015-6389 Insecure Default Password Vulnerability
2015-12-09
http://www.securityfocus.com/bid/78738
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/75161
IBM WebSphere Application Server CVE-2015-7450 Remote Code Execution Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77653
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-12-08
http://www.securityfocus.com/bid/75156
HP LoadRunner Virtual Table Server CVE-2015-6857 Local Code Execution Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77946
Cisco IOS XE 3S Software CVE-2015-6383 Local Security Bypass Vulnerability
2015-12-08
http://www.securityfocus.com/bid/78521
Unitronics VisiLogic ActiveX Control Multiple Remote Code Execution Vulnerabilities
2015-12-08
http://www.securityfocus.com/bid/77571
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77194
Cisco Networking Services CVE-2015-6375 Information Disclosure Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77676
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77192
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74119
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-12-08
http://www.securityfocus.com/bid/74083
SANS News
Enforcing USB Storage Policy with PowerShell
Threatpost
Internet Root Name Servers Survive Unusual DDoS Attack
Exploit
Microsoft Windows Media Center Library Parsing RCE Vulnerability aka "self-executing" MCL File
Microsoft Windows Media Center Link File Incorrectly Resolved Reference
WIMAX LX350P(WIXFMR-108) - Multiple Vulnerabilities
WIMAX MT711x - Multiple Vulnerabilities
Wordpress Plugin WP Easy Poll 1.1.3 - XSS and CSRF
IE 11.0.9600.18097 COmWindowProxy::SwitchMarkup NULL PTR
MacOS X 10.11 FTS Deep Structure of the File System Buffer Overflow
8.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 5): JRSoft InnoSetup 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
iScripts Multicart Cms Multiple Vulnerability 2015-12-07
iedb team gmail com
WebBoutiques Cms Cross-Site Scripting Vulnerability 2015-12-07
iedb team gmail com
Executable installers are vulnerable^WEVIL (case 6): SumatraPDF-*-installer.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Malware
TrojanSpy:Win32/Nivdort.BZ
TrojanSpy:Win32/Nivdort.CI
TrojanSpy:Win32/Nivdort.CJ
TrojanSpy:Win32/Nivdort.CK
TrojanSpy:Win32/Nivdort.CO
TrojanDownloader:JS/Swabfex.A
TrojanDownloader:MSIL/Bladabindi.J
TrojanDropper:Win32/Sulunch
VBA/TrojanDownloader.Agent.ADX
Phishing
Argos | 8th December 2015 |
7th December 2015 | |
7th December 2015 | |
Chase Bank | 7th December 2015 |
Natwest | 6th December 2015 |
Vulnerebility
Magento 'bridgeName' Paramater Cross Site Scripting Vulnerability
2015-12-07
http://www.securityfocus.com/bid/70950
Linux Kernel SCTP Implementation CVE-2015-5283 Local Denial of Service Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77058
Oracle Java SE CVE-2015-0486 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74145
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74141
IBM WebSphere Portal CVE-2015-4993 Unspecified Cross Site Scripting Vulnerability
2015-12-07
http://www.securityfocus.com/bid/78609
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74119
IBM SDK CVE-2015-1914 Sandbox Security Bypass Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74645
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77242
Oracle Java SE CVE-2015-4810 Local Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77229
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4871 Multiple Security Bypass Vulnerabilities
2015-12-07
http://www.securityfocus.com/bid/77238
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77192
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77200
IBM Java SDK CVE-2015-5006 Local Information Disclosure Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77645
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77241
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77162
Mozilla Firefox Multiple Security Vulnerabilities
2015-12-07
http://www.securityfocus.com/bid/77411
Mozilla Netscape Portable Runtime CVE-2015-7183 Integer Overflow Vulnerability
2015-12-07
http://www.securityfocus.com/bid/77415
SANS News
Threatpost
Bitcoin Extortionist Copycats on the Rise, Experts Say
Microsoft, Law Enforcement Collaborate in Dorkbot Takedown
Exploit
phpFileManager 0.9.8 Remote Code Execution
Atlassian HipChat for Jira Plugin Velocity Template Injection
SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities
OpenMRS 2.3 (1.11.4) - XML External Entity (XXE) Processing Exploit
OpenMRS 2.3 (1.11.4) - Expression Language Injection Vulnerability
OpenMRS 2.3 (1.11.4) - Multiple Cross-Site Scripting Vulnerabilities
OpenMRS 2.3 (1.11.4) - Local File Disclosure Vulnerability
PHP Utility Belt - Remote Code Execution
WordPress Polls Widget Plugin 1.0.7 - SQL Injection Vulnerability
iniNet SpiderControl SCADA Web Server Service 2.02 - Insecure File Permissions
iniNet SpiderControl PLC Editor Simatic 6.30.04 - Insecure File Permissions
7.12.2015
Bugtraq
Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
iScripts Multicart Cms Multiple Vulnerability 2015-12-07
iedb team gmail com
WebBoutiques Cms Cross-Site Scripting Vulnerability 2015-12-07
iedb team gmail com
Executable installers are vulnerable^WEVIL (case 6): SumatraPDF-*-installer.exe allows remote code execution with escalation of privilege 2015-12-07
Stefan Kanthak (stefan kanthak nexgo de)
Command Injection in cool-video-gallery v1.9 Wordpress plugin 2015-12-07
Larry Cashdollar (larry0 me com)
[SYSS-2015-047] sysPass - Cross-Site Scripting (CWE-79) 2015-12-07
disclosure syss de
[SYSS-2015-046] sysPass - Insecure Direct Object References (CWE-932) 2015-12-07
disclosure syss de
Edimax BR-6478AC & Others Multiple Vulnerabilites 2015-12-07
mwinstead3790 gmail com
FreeBSD Security Advisory FreeBSD-SA-15:26.openssl 2015-12-05
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
TrojanDropper:MSIL/Redwer.A
Win32/Varpes
BrowserModifier:Win32/Pokki
Phishing
7th December 2015 | |
7th December 2015 | |
Chase Bank | 7th December 2015 |
Natwest | 6th December 2015 |
Discover Customer Service | 6th December 2015 |
Account-Service | 6th December 2015 |
Thomas Jones | 6th December 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions
6.12.2015
Bugtraq
[SECURITY] [DSA 3413-1] openssl security update 2015-12-04
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBGN03525 rev.1: HP Performance Center Virtual Table Server, Remote Code Execution 2015-12-03
security-alert hpe com
[SECURITY] [DSA 3412-1] redis security update 2015-12-03
Salvatore Bonaccorso (carnil debian org)
ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
Security Alert (Security_Alert emc com)
[slackware-security] mozilla-thunderbird (SSA:2015-337-02) 2015-12-03
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-337-01) 2015-12-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3411-1] cups-filters security update 2015-12-02
Moritz Muehlenhoff (jmm debian org)
Malware
Phishing
PayPal | 5th December 2015 |
PAYPAL - YOUR ACCOUNT HAS | |
PayPal | 5th December 2015 |
BT | 5th December 2015 |
Apple | 5th December 2015 |
5th December 2015 | |
PayPal | 4th December 2015 |
Vulnerebility
SANS News
Are you looking to setup your own Malware Sandbox?
Threatpost
OpenSSL Patches Bring Last Update for 0.9.8 and 1.0.0 Branches
Let’s Encrypt Initiative Enters Public Beta
Exploit
Cyclope Employee Surveillance <= v8.6.1- Insecure File Permissions
4.12.2015
Bugtraq
[SECURITY] [DSA 3413-1] openssl security update 2015-12-04
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBGN03525 rev.1: HP Performance Center Virtual Table Server, Remote Code Execution 2015-12-03
security-alert hpe com
[SECURITY] [DSA 3412-1] redis security update 2015-12-03
Salvatore Bonaccorso (carnil debian org)
ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
Security Alert (Security_Alert emc com)
[slackware-security] mozilla-thunderbird (SSA:2015-337-02) 2015-12-03
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-337-01) 2015-12-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3411-1] cups-filters security update 2015-12-02
Moritz Muehlenhoff (jmm debian org)
Ellucian Banner Student Vulnerability Disclosure 2015-12-02
sean dillon risksense com
WordPress Users Ultra Plugin [Persistence XSS] 2015-12-02
pan vagenas gmail com
WordPress Users Ultra Plugin [Blind SQL injection] 2015-12-02
pan vagenas gmail com
Malware
VBA/TrojanDownloader.Agent.AEA
Phishing
PayPal | 4th December 2015 |
PayPal Inc | 4th December 2015 |
PayPal Inc | 4th December 2015 |
[ PAYPAL ] : VIEW YOUR RECENT | |
Service Inc | 4th December 2015 |
Service | 4th December 2015 |
Vulnerebility
SANS News
Automating Phishing Analysis using BRO
Threatpost
Exploit
Wordpress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities
Wordpress Plugin Sell Download v1.0.16 - Local File Disclosure
Wordpress Plugin TheCartPress v1.4.7 - Multiple Vulnerabilities
3.12.2015
Bugtraq
ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
Security Alert (Security_Alert emc com)
[slackware-security] mozilla-thunderbird (SSA:2015-337-02) 2015-12-03
Slackware Security Team (security slackware com)
[slackware-security] libpng (SSA:2015-337-01) 2015-12-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3411-1] cups-filters security update 2015-12-02
Moritz Muehlenhoff (jmm debian org)
Ellucian Banner Student Vulnerability Disclosure 2015-12-02
sean dillon risksense com
WordPress Users Ultra Plugin [Persistence XSS] 2015-12-02
pan vagenas gmail com
WordPress Users Ultra Plugin [Blind SQL injection] 2015-12-02
pan vagenas gmail com
Gnome Nautilus [Denial of Service] 2015-12-02
pan vagenas gmail com
SQLi Vulnerability in ATuter management system 2015-12-02
sirus shahini gmail com
Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected XSS in Ultimate Member WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Malware
TrojanSpy:MSIL/Banker.P
TrojanDownloader:Win32/Banload.BFM
TrojanDownloader:VBS/Banload.AS
TrojanDownloader:MSIL/Banload.AK
Phishing
Vulnerebility
SANS News
New variant of CryptoWall - Is it right to call it 4.0?
Threatpost
Exploit
Gnome Nautilus 3.16 - Denial of Service
Acunetix WVS 10 - Local Privilege escalation
Oracle BeeHive 2 voice-servlet processEvaluation() Vulnerability
Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload
Advantech Switch Bash Environment Variable Code Injection (Shellshock)
WordPress Users Ultra Plugin 1.5.50 - Blind SQL injection
WordPress Users Ultra Plugin 1.5.50 - Persistent XSS
WordPress Gwolle Guestbook Plugin 1.5.3 - Remote File Inclusion
Malwarebytes Antivirus 2.2.0 - DoS PoC
2.12.2015
Bugtraq
WordPress Users Ultra Plugin [Persistence XSS] 2015-12-02
pan vagenas gmail com
WordPress Users Ultra Plugin [Blind SQL injection] 2015-12-02
pan vagenas gmail com
Gnome Nautilus [Denial of Service] 2015-12-02
pan vagenas gmail com
SQLi Vulnerability in ATuter management system 2015-12-02
sirus shahini gmail com
Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected XSS in Ultimate Member WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Remote File Inclusion in Gwolle Guestbook WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected XSS in Role Scoper WordPress Plugin 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
Reflected Cross-Site Scripting (XSS) in SourceBans 2015-12-02
High-Tech Bridge Security Research (advisory htbridge ch)
[SECURITY] [DSA 3409-1] putty security update 2015-12-01
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3410-1] icedove security update 2015-12-01
Moritz Muehlenhoff (jmm debian org)
Zenphoto 1.4.10 Local File Inclusion 2015-12-02
apparitionsec gmail com
Zenphoto 1.4.10 XSS Vulnerability 2015-12-01
apparitionsec gmail com
[SECURITY] [DSA 3408-1] gnutls26 security update 2015-12-01
Salvatore Bonaccorso (carnil debian org)
Malware
Trojan:Win32/Startpage.XW
TrojanDropper:Win32/Binuflix.A
PWS:MSIL/Stimilina.N
Backdoor:MSIL/Omaneat.A
VBA/TrojanDownloader.Agent.AIK
VBA/TrojanDownloader.Agent.AHU
VBA/TrojanDownloader.Agent.AEA
Phishing
Vulnerebility
SANS News
Threatpost
Exploit
Advantech Switch Bash Environment Variable Code Injection (Shellshock)
Acunetix WVS 10 - Local Privilege escalation
1.12.2015
Bugtraq
Zenphoto 1.4.10 XSS Vulnerability 2015-12-01
apparitionsec gmail com
[SECURITY] [DSA 3408-1] gnutls26 security update 2015-12-01
Salvatore Bonaccorso (carnil debian org)
Huawei Wimax routers vulnerable to multiple threats 2015-11-30
Pierre Kim (pierre kim sec gmail com)
[SE-2014-02] Errata document for Issue 42 (CVE-2015-4871 affecting Java SE 7) 2015-11-30
Security Explorations (contact security-explorations com)
LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection 2015-11-30
advisories (advisories lsexperts de)
Proftpd 1.3.5a LATEST (0-day) Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Belkin N150 Wireless Home Router Multiple Vulnerabilities 2015-11-30
Rahul Pratap Singh (techno rps gmail com)
Malware
HackTool:Win32/Kapahyku.A
TrojanDropper:Win32/Nivdort.A
TrojanSpy:Win32/Nivdort.CE
Phishing
Lloyds Bank | 1st December 2015 |
PayPal Inc | 1st December 2015 |
[ PAYPAL ] : VIEW YOUR RECENT | |
Email Administrator | 1st December 2015 |
Admin | 1st December 2015 |
paypal | 30th November 2015 |
Vulnerebility
SANS News
Threatpost
Embedded Devices Share, Reuse Private SSH Keys, HTTPs Certificates
China APT Gang Targets Hong Kong Media via Dropbox
Exploit
Kodi 15 - Arbitrary File Aaccess (Web Interface)
Belkin N150 Wireless Home Router F9K1009 v1 - Multiple Vulnerabilities
Zenphoto 1.4.10 - Local File Inclusion
ntop-ng <= 2.0.151021 - Privilege Escalation
HumHub 0.11.2 and 0.20.0-beta.2 - SQL Injection
RHEL 7.0/7.1 - abrt/sosreport Local Root
Centos 7.1/Fedora 22 - abrt Local Root
30.11.2015
Bugtraq
LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection 2015-11-30
advisories (advisories lsexperts de)
Proftpd 1.3.5a LATEST (0-day) Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Belkin N150 Wireless Home Router Multiple Vulnerabilities 2015-11-30
Rahul Pratap Singh (techno rps gmail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-29
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-29
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Audit Report. 2015-11-29
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
lem nikolas gmail com
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
aiscorp gives greetz com
Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
Nicholas Lemonias. (lem nikolas googlemail com)
[FD] Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) 2015-11-27
Manuel Mancera (mmancera a2secure com)
[SECURITY] [DSA 3407-1] dpkg security update 2015-11-26
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Support | 29th November 2015 |
FWD: PLEASE VERIFY YOUR | |
PayPal | 29th November 2015 |
IMMO USA | 29th November 2015 |
Pay.service | 28th November 2015 |
Support | 28th November 2015 |
FWD: PLEASE VERIFY YOUR | |
auto-confirm@amazon.com | 28th November 2015 |
Keshan S. Watson | 28th November 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Easy File Sharing Web Server 7.2 - Remote SEH Buffer Overflow (DEP Bypass with ROP)
HumHub 0.11.2 and 0.20.0-beta.2 - SQL Injection
27.11.2015
Bugtraq
[FD] Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) 2015-11-27
Manuel Mancera (mmancera a2secure com)
[SECURITY] [DSA 3407-1] dpkg security update 2015-11-26
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3405-1] smokeping security update 2015-11-25
Florian Weimer (fw deneb enyo de)
[SECURITY] [DSA 3406-1] nspr security update 2015-11-25
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3404-1] python-django security update 2015-11-25
Salvatore Bonaccorso (carnil debian org)
CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability 2015-11-25
Vulnerability Lab (research vulnerability-lab com)
Malware
VBA/TrojanDownloader.Agent.AJD
VBA/TrojanDownloader.Agent.AJH
Phishing
NATWEST | 26th November 2015 |
Amazon | 26th November 2015 |
Vulnerebility
SANS News
Known ?Good? DNS, An Observation
Threatpost
Exploit
26.11.2015
Bugtraq
[SECURITY] [DSA 3407-1] dpkg security update 2015-11-26
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3405-1] smokeping security update 2015-11-25
Florian Weimer (fw deneb enyo de)
[SECURITY] [DSA 3406-1] nspr security update 2015-11-25
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3404-1] python-django security update 2015-11-25
Salvatore Bonaccorso (carnil debian org)
CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability 2015-11-25
Vulnerability Lab (research vulnerability-lab com)
[security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25
security-alert hpe com
[security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25
security-alert hpe com
[slackware-security] pcre (SSA:2015-328-01) 2015-11-25
Slackware Security Team (security slackware com)
Malware
TrojanSpy:Win32/Nivdort.CD
TrojanSpy:Win32/Nivdort.CC
Phishing
Amazon | 26th November 2015 |
Virgin Media | 26th November 2015 |
Chase(SM)online.active.card@co | 26th November 2015 |
Chase Online | 26th November 2015 |
SUPPORT | 26th November 2015 |
Microsoft Team | 26th November 2015 |
email update | 25th November 2015 |
Sonya Owens | 25th November 2015 |
Vulnerebility
SANS News
Threatpost
Lenovo Patches Vulnerabilities in System Update Service
Exploit
Linux x86_64 Polymorphic execve Shellcode - 31 bytes
25.11.2015
Bugtraq
[SECURITY] [DSA 3404-1] python-django security update 2015-11-25
Salvatore Bonaccorso (carnil debian org)
CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability 2015-11-25
Vulnerability Lab (research vulnerability-lab com)
[security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25
security-alert hpe com
[security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25
security-alert hpe com
[slackware-security] pcre (SSA:2015-328-01) 2015-11-25
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3403-1] libcommons-collections3-java security update 2015-11-24
Moritz Muehlenhoff (jmm debian org)
ESA-2015-164: EMC Isilon OneFS Privilege Escalation Vulnerability 2015-11-24
Security Alert (Security_Alert emc com)
[SECURITY] [DSA 3402-1] symfony security update 2015-11-24
Salvatore Bonaccorso (carnil debian org)
Steam Weak File Permissions Privilege Escalation 2015-11-23
ajs swordshield com
CVE-2015-5255: SSRF vulnerability in Apache Flex BlazeDS 4.7.1 2015-11-23
Christofer Dutz (cdutz apache org)
Malware
Worm:Win32/Conficker.B!inf
Trojan:HTML/Pdfphish.A
VBA/TrojanDownloader.Agent.AJD
Phishing
Sonya Owens | 25th November 2015 |
Google Team | 24th November 2015 |
email update | 25th November 2015 |
Sonya Owens | 25th November 2015 |
Google Team | 24th November 2015 |
QuickBooks Online Payroll | 23rd November 2015 |
QuickBooks Payroll Services | 23rd November 2015 |
Vulnerebility
SANS News
Threatpost
Nuclear Exploit Kit Spreading Cryptowall 4.0 Ransomware
Exploit
SAP Sybase Adaptive Server Enterprise XML External Entity Information Disclosure Vulnerability
WP-Client 3.8.7 - Stored XSS Vulnerability
24.11.2015
Bugtraq
[SECURITY] [DSA 3402-1] symfony security update 2015-11-24
Salvatore Bonaccorso (carnil debian org)
Steam Weak File Permissions Privilege Escalation 2015-11-23
ajs swordshield com
Malware
Phishing
QuickBooks Online Payroll | 23rd November 2015 |
QuickBooks Payroll Services | 23rd November 2015 |
Vulnerebility
SANS News
Threatpost
Backdoor In A Backdoor Identified in 600,000 Arris Modems
Stealthy GlassRAT Spies on Commercial Targets
Exploit
Windows ndis.sys IOCTL 0x170034 (ndis!ndisNsiGetIfNameForIfIndex) - Pool Buffer Overflow (MS15-117)
Windows Cursor Object Potential Memory Leak (MS15-115)
Windows Race Condition DestroySMWP Use-After-Free (MS15-115)
Windows Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)
Joomla Content History SQLi Remote Code Execution
vBulletin 5.x - Remote Code Execution Exploit
NVIDIA Stereoscopic 3D Driver Service 7.17.13.5382 - Arbitrary Run Key Creation
23.11.2015
Bugtraq
Steam Weak File Permissions Privilege Escalation 2015-11-23
ajs swordshield com
CVE-2015-5255: SSRF vulnerability in Apache Flex BlazeDS 4.7.1 2015-11-23
Christofer Dutz (cdutz apache org)
[ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE 2015-11-23
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-019] SAP Afaria - Stored XSS 2015-11-23
ERPScan inc (erpscan online gmail com)
[FD] Celoxis <= 9.5 - Cross Site Scripting (XSS) 2015-11-23
Manuel Mancera (mmancera a2secure com)
[ERPSCAN-15-020] SAP Mobile Platform 2.3 - XXE in application import 2015-11-23
ERPScan inc (erpscan online gmail com)
Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-22
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd v1.3.5a ZERODAY - Malloc issues Advanced Information Security Corporation 2015-11-22
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-22
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-22
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd ZERODAY - Malloc issues Advanced Information Security Corporation 2015-11-22
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-23
Nicholas Lemonias. (lem nikolas googlemail com)
Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-23
Nicholas Lemonias. (lem nikolas googlemail com)
Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android 2015-11-20
Shazron (shazron apache org)
Malware
Trojan:Win32/Gatak
TrojanDropper:MSIL/Fatext.A
Phishing
paypal | 23rd November 2015 |
Pay'Pal@Services.com | 23rd November 2015 |
Mail System Administrator | 22nd November 2015 |
service@intl.paypal | 22nd November 2015 |
NOTE : TEAM PAYPAL YOU HAVE A | |
Vulnerebility
SANS News
Threatpost
Starwood Hotel Chain Hit By Point of Sale Malware
Exploit
vBulletin 5.x - Remote Code Execution Exploit
Acrobat Reader DC 15.008.20082.15957 - PDF Parsing Memory Corruption Vulnerability
Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption Vulnerability
Oracle Outside In PDF 8.5.2 - Parsing Memory Corruption Vulnerability 2
Audacious 3.7 - ID3 Local Crash PoC
22.11.2015
Bugtraq
Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android 2015-11-20
Shazron (shazron apache org)
Fwd: CVE-2015-5256: Apache Cordova vulnerable to improper application of whitelist restrictions 2015-11-20
Shazron (shazron apache org)
[SECURITY] [DSA 3400-1] lxc security update 2015-11-19
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBUX03522 SSRT102942 rev.1 - HP-UX BIND running named, Remote Denial of Service (DoS) 2015-11-19
security-alert hpe com
NEW VMSA-2015-0008 - VMware product updates address information disclosure issue 2015-11-19
VMware Security Response Center (security vmware com)
Malware
Phishing
PayPal | 22nd November 2015 |
PayPal | 22nd November 2015 |
National | 20th November 2015 |
rolando moreno palos | 20th November 2015 |
Vulnerebility
SANS News
Threatpost
German Government Audits TrueCrypt
VMware Patches Pesky XXE Bug in Flex BlazeDS
Exploit
20.11.2015
Bugtraq
[SECURITY] [DSA 3400-1] lxc security update 2015-11-19
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBUX03522 SSRT102942 rev.1 - HP-UX BIND running named, Remote Denial of Service (DoS) 2015-11-19
security-alert hpe com
Malware
TrojanDownloader:MSIL/Genmaldow.A
TrojanDownloader:MSIL/Pstinb.E
TrojanDownloader:MSIL/Pstinb.J
Phishing
rolando moreno palos | 20th November 2015 |
Dr. | 19th November 2015 |
Royal Bank | 19th November 2015 |
**Online Banking (Wire | |
Vulnerebility
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77192
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77126
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4881 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77159
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/77148
Adobe LiveCycle Data Services CVE-2015-3269 XML External Entity Information Disclosure Vulnerability
2015-11-19
http://www.securityfocus.com/bid/76394
Oracle Java SE CVE-2015-0459 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74083
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74072
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-11-19
http://www.securityfocus.com/bid/73684
Google Chrome Prior to 44.0.2403.89 Multiple Security Vulnerabilities
2015-11-19
http://www.securityfocus.com/bid/75973
IBM HTTP Server CVE-2015-4947 Stack Buffer Overflow Vulnerability
2015-11-19
http://www.securityfocus.com/bid/76658
Apache HTTP Server CVE-2015-3183 Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/75963
IBM SDK CVE-2015-1914 Sandbox Security Bypass Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74645
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74119
Oracle Java SE CVE-2015-0458 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74141
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74111
Oracle Java SE CVE-2015-0491 Remote Security Vulnerability
2015-11-19
http://www.securityfocus.com/bid/74094
SANS News
Threatpost
Exploit
F5 iControl iCall::Script Root Command Execution
Chkrootkit Local Privilege Escalation
ZTE ADSL ZXV10 W300 Modems - Multiple Vulnerabilities
ZTE ZXHN H108N R1A, ZXV10 W300 Routers - Multiple Vulnerabilities
Cambium ePMP 1000 - Multiple Vulnerabilities
Netwin SurgeFTP Sever 23d6 - Stored Cross Site Scripting Vulnerabilities.
19.11.2015
Bugtraq
[security bulletin] HPSBUX03522 SSRT102942 rev.1 - HP-UX BIND running named, Remote Denial of Service (DoS) 2015-11-19
security-alert hpe com
NEW VMSA-2015-0008 - VMware product updates address information disclosure issue 2015-11-19
VMware Security Response Center (security vmware com)
CVE-2015-8131: Kibana CSRF vulnerability 2015-11-18
Kevin Kluge (kevin elastic co)
IBM i Access Buffer Overflow Code DOS CVE-2015-7422 2015-11-18
apparitionsec gmail com
IBM i Access Buffer Overflow Code Exec CVE-2015-2023 2015-11-18
apparitionsec gmail com
[security bulletin] HPSBGN03521 rev.2 - HP Operations Orchestration Central, Cross-Site Request Forgery (CSRF) 2015-11-18
security-alert hpe com
[SECURITY] [DSA 3399-1] libpng security update 2015-11-18
Salvatore Bonaccorso (carnil debian org)
RCE and SQL injection via CSRF in Horde Groupware 2015-11-18
High-Tech Bridge Security Research (advisory htbridge ch)
Malware
VBA/TrojanDownloader.Agent.AIU
VBA/TrojanDownloader.Agent.AIQ
VBA/TrojanDownloader.Agent.AIP
Phishing
Royal Bank | 19th November 2015 |
**Online Banking (Wire | |
Chase | 18th November 2015 |
Natwest Bank | 18th November 2015 |
VISA | 18th November 2015 |
Vulnerebility
SANS News
Actors using exploit kits - How they change tactics
Threatpost
VirusTotal Adds Sandbox Execution for OS X Apps
FBI Warns Public Officials of Doxing Threat
Exploit
IBM i Access 7.1 - Buffer Overflow Code Execution
F5 iControl iCall::Script Root Command Execution
Netwin SurgeFTP Sever 23d6 - Stored Cross Site Scripting Vulnerabilities.
Horde Groupware 5.2.10 - CSRF Vulnerability
WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload
SuperScan 4.1 - Scan Hostname/IP Field Buffer Overflow
SuperScan 4.1 - Tools Hostname/IP/URL Field Buffer Overflow
SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field SEH Overflow
Sam Spade 1.14 - Decode URL Buffer Overflow Crash PoC
Chrome - open-vcdiff OOB Read in Browser Process Integer Overflow
18.11.2015
Bugtraq
RCE and SQL injection via CSRF in Horde Groupware 2015-11-18
High-Tech Bridge Security Research (advisory htbridge ch)
Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability 2015-11-18
Vulnerability Lab (research vulnerability-lab com)
[security bulletin] HPSBGN03521 rev.1 - HP Operations Orchestration Central, Cross-Site Request Forgery (CSRF) 2015-11-17
security-alert hpe com
WordPress Users Ultra Plugin [Unrestricted File Upload] 2015-11-17
pan vagenas gmail com
ESA-2015-163: EMC VPLEX Sensitive Information Exposure Vulnerability 2015-11-17
Security Alert (Security_Alert emc com)
Open-Xchange Security Advisory 2015-11-17 2015-11-17
Martin Heiland (martin heiland lists open-xchange com)
Malware
TrojanDownloader:MSIL/Banload.AJ
Rogue:MSIL/Rustliver
TrojanProxy:Win32/Bunitu.N
PWS:HTML/Phish.GK
TrojanDownloader:Win32/Banload.BFP
TrojanDownloader:Win32/Banload.BFN
Trojan:Win32/Zlader.A
TrojanDropper:JS/Zlader.B
Trojan:Win32/Anaki.A
Phishing
VISA | 18th November 2015 |
Cindy Mclaughlin | 17th November 2015 |
USAA Member Service © 2015 | 17th November 2015 |
iTunes Store | 17th November 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75823
Adobe Acrobat and Reader APSB15-24 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2015-11-18
http://www.securityfocus.com/bid/77068
Oracle Java SE CVE-2015-4729 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75892
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-2619 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75881
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-2637 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75883
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75861
Oracle Java SE CVE-2015-2664 Local Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75857
Oracle Java SE CVE-2015-4736 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75850
Oracle Java SE CVE-2015-4731 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75812
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75784
IBM SDK Java Security Components CVE-2015-1931 Local Information Disclosure Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75985
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-2613 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75871
Oracle Java SE CVE-2015-2638 Remote Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/75833
Adobe Flash Player and AIR APSB15-25 Multiple Unspecified Memory Corruption Vulnerabilities
2015-11-18
http://www.securityfocus.com/bid/77065
Adobe Flash Player and AIR CVE-2015-7662 Security Bypass Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77535
Adobe Flash Player and AIR CVE-2015-7628 Same Origin Policy Security Bypass Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77063
Adobe Flash Player CVE-2015-7648 Unspecified Remote Code Execution Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77116
Adobe Flash Player and AIR CVE-2015-7659 Remote Code Execution Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77534
Adobe Flash Player CVE-2015-7647 Unspecified Remote Code Execution Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77115
Adobe Flash Player and AIR CVE-2015-5569 Unspecified Security Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77060
Adobe Flash Player and AIR APSB15-25 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-11-18
http://www.securityfocus.com/bid/77061
Adobe Flash Player CVE-2015-7645 Unspecified Remote Code Execution Vulnerability
2015-11-18
http://www.securityfocus.com/bid/77081
SANS News
Help Wanted: Please help test our experimental PFSense Client
Threatpost
Patched Libpng Vulnerabilities Have Limited Scope
Attackers Embracing Steganography to Hide Communication
Microsoft Cracks Down on Toolbars, Unsigned DLLs with Edge Update
Exploit
WordPress Users Ultra Plugin 1.5.50 - Unrestricted File Upload
17.11.2015
Bugtraq
WordPress Users Ultra Plugin [Unrestricted File Upload] 2015-11-17
pan vagenas gmail com
ESA-2015-163: EMC VPLEX Sensitive Information Exposure Vulnerability 2015-11-17
Security Alert (Security_Alert emc com)
Open-Xchange Security Advisory 2015-11-17 2015-11-17
Martin Heiland (martin heiland lists open-xchange com)
Free WMA MP3 Converter - Buffer Overflow Exploit (SEH) 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
Murgent CMS - SQL Injection Vulnerability 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
Magento Bug Bounty #22 - (Profile) Persistent Vulnerability 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
Port Scan v2.0 iOS - Command Inject Vulnerability 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
LAN Scan HD v1.20 iOS - Command Inject Vulnerability 2015-11-17
Vulnerability Lab (research vulnerability-lab com)
Malware
VBA/TrojanDownloader.Agent.AIM
Phishing
USAA Member Service © 2015 | 17th November 2015 |
iTunes Store | 17th November 2015 |
BTMail Administrator | 17th November 2015 |
Health Coverage UK | 16th November 2015 |
SunTrust Bank | 16th November 2015 |
Vulnerebility
SANS News
Automatic MIME attachments triage
Threatpost
Attackers Can Use SAP to Bridge Corporate, Operational ICS Networks
Google to Warn Recipients of Unencrypted Gmail Messages
Exploit
D-Link DIR-815, DIR-850L - SSDP Command Injection
D-Link DIR-890L/R - Multiple Buffer Overflow Vulnerabilities
D-Link DIR-866L - Multiple Buffer Overflow Vulnerabilities
D-Link DIR-825 (vC) - Multiple Vulnerabilities
D-Link DIR-818W - Multiple Vulnerabilities
D-Link DIR-817LW - Multiple Vulnerabilities
D-Link DIR-815 - Multiple Vulnerabilities
D-Link DIR-645 - Multiple UPNP Vulnerabilities
D-Link DIR-615 - Multiple Buffer Overflow Vulnerabilities
D-Link DIR-601 - Command Injection Vulnerability
D-Link DIR-880L - Multiple Buffer Overflow Vulnerabilities
D-Link DGL5500 - HNAP Buffer Overflow Vulnerability
ClipperCMS 1.3.0 - Code Execution Vulnerability
XCart 5.2.6 - Code Execution Vulnerability
Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload
Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload
VLC Web Interface 2.2.1 - Metadata Title XSS Vulnerability
D-link Wireless Router DIR-816L – CSRF Vulnerability
AlegroCart 1.2.8 - Multiple SQL Injection Vulnerabilities
AlegroCart 1.2.8 - LFI/RFI Vulnerability
ClipperCMS 1.3.0 - Multiple SQL Injection Vulnerabilities
foobar2000 1.3.9 - (.asx) Local Crash PoC
Sam Spade 1.14 - Browse URL Buffer Overflow PoC
foobar2000 1.3.9 - (.pls; .m3u; .m3u8) Local Crash PoC
foobar2000 1.3.9 - (.asx) Local Crash PoC
Windows Kernel win32k.sys Malformed TrueType Program TTF Font Processing Pool-Based...
Windows Kernel win32k.sys Malformed OS/2 Table TTF Font Processing Pool-Based Buffer...
Kaspersky Antivirus - Certificate Handling Path Traversal
16.11.2015
Bugtraq
[SECURITY] [DSA 3398-1] strongswan security update 2015-11-16
Yves-Alexis Perez (corsac debian org)
CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability 2015-11-16
Matthew Flanagan (mattimustang gmail com)
SYSS-2015-061 Wirecard Checkout Page - Improper Validation of Integrity Check Value 2015-11-13
martin sturm syss de
Malware
Trojan:Win32/Varpes.J!plock
TrojanSpy:Win32/Nivdort.BV
TrojanSpy:Win32/Nivdort.BW
TrojanSpy:Win32/Nivdort.BX
TrojanDownloader:Win32/Banload.BFK
Phishing
SunTrust Bank | 16th November 2015 |
Online | 16th November 2015 |
PaypaI Service | 15th November 2015 |
Reminder: Your Paypal account | |
Vulnerebility
SANS News
Threatpost
Exploit
D-link Wireless Router DIR-816L – CSRF Vulnerability
CF Image Host 1.65 - CSRF Vulnerability
CF Image Host 1.65 - PHP Command Injection
TECO SG2 FBD Client 3.51 - .gfb SEH Overwrite Buffer Overflow Vulnerability
TECO TP3-PCLINK 2.1 - .tpc File Handling Buffer Overflow Vulnerability
TECO AP-PCLINK 1.094 - .tpc File Handling Buffer Overflow Vulnerability
x64 Linux egghunter in 24 bytes
TECO SG2 LAD Client 3.51 - .gen SEH Overwrite Buffer Overflow Exploit
TECO JN5 L510-DriveLink 1.482 - .lf5 SEH Overwrite Buffer Overflow Exploit
Sam Spade 1.14 - Browse URL Buffer Overflow PoC
15.11.2015
Bugtraq
OpenBSD package 'net-snmp' information disclosure 2015-11-12
Pierre Kim (pierre kim sec gmail com)
SYSS-2015-061 Wirecard Checkout Page - Improper Validation of Integrity Check Value 2015-11-13
martin sturm syss de
[security bulletin] HPSBGN03428 rev.3 - HP Asset Manager Web UI Client, Local Disclosure of Sensitive Information 2015-11-13
security-alert hpe com
Dlink DGL5500 Un-Authenticated Buffer overflow in HNAP functionality 2015-11-13
samhuntley84 gmail com
Dlink DIR-880L Buffer overflows in authenticatio and HNAP functionalities. 2015-11-13
samhuntley84 gmail com
Dlink DIR-601 Command injection in ping functionality 2015-11-13
samhuntley84 gmail com
Dlink DIR-645 UPNP Buffer Overflow 2015-11-13
samhuntley84 gmail com
Dlink DIR-815 Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
samhuntley84 gmail com
Dlink DIR-817LW Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
samhuntley84 gmail com
Dlink DIR-818W Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
samhuntley84 gmail com
Dlink DIR-615 Authenticated Buffer overflow in Ping and Send email functionality 2015-11-13
samhuntley84 gmail com
Dlink DIR-890L/R Buffer overflows in authentication and HNAP functionalities. 2015-11-13
samhuntley84 gmail com
Dlink DIR-825 (vC) Buffer overflows in authentication,HNAP and ping functionalities and also directory traversal issue exists 2015-11-13
samhuntley84 gmail com
Dlink DIR-880L Buffer overflows in authenticatio and HNAP functionalities. 2015-11-13
samhuntley84 gmail com
Dlink SSDP command injection using UDP for a lot of Dlink routers including DIR-815, DIR-850L 2015-11-13
samhuntley84 gmail com
Dlink DIR-866L Buffer overflows in HNAP and send email functionalities 2015-11-13
samhuntley84 gmail com
CF Image Host XSS 2015-11-14
apparitionsec gmail com
CF Image Host CSRF 2015-11-14
apparitionsec gmail com
CF Image Host PHP Command Injection 2015-11-14
apparitionsec gmail com
PHP Address Book SQL Injection Vulnerability 2015-11-14
Rahul Pratap Singh (techno rps gmail com)
[SECURITY] [DSA 3208-2] freexl regression update 2015-11-14
Salvatore Bonaccorso (carnil debian org)
/tmp race condition in IBM Installation Manager V1.8.1 install script 2015-11-14
larry0 me com
D-link wireless router DIR-816L Cross-Site Request Forgery (CSRF) vulnerability 2015-11-14
bhadresh patel helpag com
[slackware-security] seamonkey (SSA:2015-318-01) 2015-11-15
Slackware Security Team (security slackware com)
Malware
Phishing
Vulnerebility
SANS News
Threatpost
Researchers Discover Two New Strains of POS Malware
CSRF Flaw Patched in Popular Spring Social Core Library
Exploit
b374k Web Shell - CSRF Command Injection
13.11.2015
Bugtraq
OpenBSD package 'net-snmp' information disclosure 2015-11-12
Pierre Kim (pierre kim sec gmail com)
[SECURITY] [DSA 3395-2] krb5 security update 2015-11-12
Salvatore Bonaccorso (carnil debian org)
Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability 2015-11-11
Secunia Research (remove-vuln secunia com)
Malware
TrojanDownloader:MSIL/Dowjamal.A
SoftwareBundler:Win32/Xiazai
TrojanSpy:MSIL/Aconstel.A
TrojanDropper:MSIL/Fatext.A
PWS:Win32/Fareit.AG
Backdoor:Win32/Wencho.A
Phishing
HSBC Bank | 13th November 2015 |
Natwest Bank | 13th November 2015 |
Vulnerebility
SANS News
Google Reconnaissance, Sprinter-style
Threatpost
Tor: FBI Paid CMU $1 Million to De-Anonymize Users
Exploit Writing and Mitigation Going Hand in Hand
Exploit
b374k Web Shell - CSRF Command Injection
R-Scripts Vacation Rental Script 7R - Multiple Vulnerabilities
TACK 1.07 - Local Stack-Based Buffer Overflow
TUDU 0.82 - Local Stack-Based Buffer Overflow
Sam Spade 1.14 - S-Lang Command Field SEH Overflow
12.11.2015
Bugtraq
Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability 2015-11-11
Secunia Research (remove-vuln secunia com)
[security bulletin] HPSBGN03507 rev.2 - HP Arcsight Management Center, Arcsight Logger, Remote Cross-Site Scripting (XSS) 2015-11-10
security-alert hpe com
Malware
Backdoor:Win32/Wencho.A
PWS:MSIL/Stimilina.M
TrojanDownloader:MSIL/Genmaldow
VBA/TrojanDownloader.Agent.AFW
Phishing
Security Center Pay Pal | 12th November 2015 |
PayPal | 12th November 2015 |
Smith | 11th November 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
11.11.2015
Bugtraq
Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability 2015-11-11
Secunia Research (remove-vuln secunia com)
[security bulletin] HPSBGN03507 rev.2 - HP Arcsight Management Center, Arcsight Logger, Remote Cross-Site Scripting (XSS) 2015-11-10
security-alert hpe com
[SECURITY] [DSA 3397-1] wpa security update 2015-11-10
Salvatore Bonaccorso (carnil debian org)
Microsoft .NET Framework XSS / Elevation of Privilege CVE-2015-6099 2015-11-11
apparitionsec gmail com
[SECURITY] [DSA 3396-1] linux security update 2015-11-10
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3386-2] unzip regression update 2015-11-09
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:Win32/Banload.BFH
TrojanDownloader:Win32/Banload.BFI
TrojanDropper:Win32/Bancos.N
SoftwareBundler:Win32/Dowadmin
Phishing
National | 11th November 2015 |
PayPal | 11th November 2015 |
PayPal | 11th November 2015 |
Vulnerebility
SANS News
Threatpost
Critical Java Bug Extends to Oracle, IBM Middleware
Adobe Flash Update Includes Patches for 17 Vulnerabilities
Exploit
WordPress WP Fastest Cache Plugin 0.8.4.8 - Blind SQL Injection
FBZX 2.10 - Local Stack-Based Buffer Overflow
Google AdWords API PHP client library <= 6.2.0 - Arbitrary PHP Code Execution
eBay Magento CE <= 1.9.2.1 - Unrestricted Cron Script (Potential Code Execution / DoS)
Google AdWords <= 6.2.0 API client libraries - XML eXternal Entity Injection (XXE)
10.11.2015
Bugtraq
[SECURITY] [DSA 3396-1] linux security update 2015-11-10
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3386-2] unzip regression update 2015-11-09
Salvatore Bonaccorso (carnil debian org)
TestLink 1.9.14 CSRF Vulnerability 2015-11-08
Aravind (altoarun gmail com)
TestLink 1.9.14 Persistent XSS 2015-11-08
Aravind (altoarun gmail com)
[SECURITY] [DSA 3395-1] krb5 security update 2015-11-06
Salvatore Bonaccorso (carnil debian org)
[ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities 2015-11-06
Timothy Bish (tabish121 gmail com)
[slackware-security] mozilla-firefox (SSA:2015-310-01) 2015-11-06
Slackware Security Team (security slackware com)
Malware
TrojanSpy:Win32/Nivdort.BU
Trojan:JS/Kovter.A
Phishing
AOL | 10th November 2015 |
Microsoft | 9th November 2015 |
Fw: new message Date: Fri, 6 | |
Vulnerebility
SANS News
Threatpost
Comodo Issues Eight Forbidden Certificates
Exploit
Wordpress Ajax Load More PHP Upload Vulnerability
Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems
Jenkins 1.633 - Unauthenticated Credential Recovery
YESWIKI 0.2 - Path Traversal Vulnerability
9.11.2015
Bugtraq
TestLink 1.9.14 CSRF Vulnerability 2015-11-08
Aravind (altoarun gmail com)
TestLink 1.9.14 Persistent XSS 2015-11-08
Aravind (altoarun gmail com)
[SECURITY] [DSA 3395-1] krb5 security update 2015-11-06
Salvatore Bonaccorso (carnil debian org)
[ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities 2015-11-06
Timothy Bish (tabish121 gmail com)
[slackware-security] mozilla-firefox (SSA:2015-310-01) 2015-11-06
Slackware Security Team (security slackware com)
[slackware-security] mozilla-nss (SSA:2015-310-02) 2015-11-06
Slackware Security Team (security slackware com)
Malware
Trojan:Win32/Peals.D!plock
Trojan:Win32/Deefy!plock
Worm:Win32/Vitchit.A
Worm:Win32/Mothyfil.B
PWS:MSIL/Stimilini.T
Phishing
Wells Fargo Online | 8th November 2015 |
National | 8th November 2015 |
PayPal Team | 8th November 2015 |
service@paypal.intl.com | 8th November 2015 |
Vulnerebility
SANS News
Threatpost
High-Risk SAP HANA Vulnerabilities Patched
ProtonMail Back Online Following Six-Day DDoS Attack
Exploit
Arris TG1682G Modem - Stored XSS Vulnerability
Wordpress Ajax Load More PHP Upload Vulnerability
TestLink 1.9.14 - CSRF Vulnerability
POP Peeper 4.0.1 - SEH Over-Write
FreeType 2.6.1 TrueType tt_sbit_decoder_load_bit_aligned Heap-Based Out-of-Bounds Read
7.11.2015
Bugtraq
[SECURITY] [DSA 3395-1] krb5 security update 2015-11-06
Salvatore Bonaccorso (carnil debian org)
[ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities 2015-11-06
Timothy Bish (tabish121 gmail com)
[slackware-security] mozilla-firefox (SSA:2015-310-01) 2015-11-06
Slackware Security Team (security slackware com)
[slackware-security] mozilla-nss (SSA:2015-310-02) 2015-11-06
Slackware Security Team (security slackware com)
Malware
Phishing
PayPal Team | 8th November 2015 |
service@paypal.intl.com | 8th November 2015 |
service@paypal.intl.com | 7th November 2015 |
Amazon | 7th November 2015 |
PayPal | 7th November 2015 |
Vulnerebility
SANS News
Threatpost
Microsoft Considers Earlier SHA-1 Deprecation Deadline
Advantech Clears Hard-Coded SSH Keys from EKI Switches
Exploit
Cryptocat Arbitrary Script Injection Vulnerability
QNap QVR Client 5.1.0.11290 - Crash PoC
6.11.2015
Bugtraq
CVE-2015-5378 2015-11-06
Suyog Rao (suyog elastic co)
CVE-2015-5619 2015-11-06
Suyog Rao (suyog elastic co)
NXFilter v3.0.3 Persistent / Reflected XSS 2015-11-06
apparitionsec gmail com
NXFilter v3.0.3 CSRF 2015-11-06
apparitionsec gmail com
Elasticsearch vulnerability CVE-2015-4165 2015-11-06
Kevin Kluge (kevin elastic co)
[SECURITY] [DSA 3394-1] libreoffice security update 2015-11-05
Moritz Muehlenhoff (jmm debian org)
Elasticsearch vulnerability CVE-2015-5377 2015-11-05
Kevin Kluge (kevin elastic co)
SEC Consult SA-20151105-0 :: Insecure default configuration in Ubiquiti Networks products 2015-11-05
SEC Consult Vulnerability Lab (research sec-consult com)
[security bulletin] HPSBGN03519 rev.1 - HP Project and Portfolio Management Center, Remote Disclosure of Information 2015-11-04
security-alert hpe com
[SECURITY] [DSA 3393-1] iceweasel security update 2015-11-04
Moritz Muehlenhoff (jmm debian org)
Malware
Backdoor:Win32/Bayrob.B
TrojanClicker:Win32/Clikug.F
Win32/Sarento
TrojanSpy:MSIL/Yakbeex.D
Trojan:Win32/Patched.AO
TrojanDownloader:MSIL/Pstinb.F
Phishing
PayPal | 6th November 2015 |
Dr. Watsons | 5th November 2015 |
PayPal Service | 5th November 2015 |
PayPal | 5th November 2015 |
PayPal ! | 5th November 2015 |
PayPal Team | 5th November 2015 |
Vulnerebility
SANS News
Tracking HTTP POST data with ELK
Threatpost
Mozilla Embraces Private Browsing with Tracking Protection in Firefox 42
Updated Cryptowall Encrypts File Names, Mocks Victims
Exploit
Cryptocat Arbitrary Script Injection Vulnerability
Solarwinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution
NXFilter 3.0.3 - CSRF Vulnerabilities
NXFilter 3.0.3 - Multiple XSS Vulnerabilities
5.11.2015
Bugtraq
[SECURITY] [DSA 3393-1] iceweasel security update 2015-11-04
Moritz Muehlenhoff (jmm debian org)
Cisco Security Advisory: Cisco Web Security Appliance Certificate Generation Command Injection Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Mobility Services Engine Privilege Escalation Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Mobility Services Engine Static Credential Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Email Security Appliance Anti-Spam Scanner Bypass Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Email Security Appliance Email Scanner Denial of Service Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Web Security Appliance Range Request Denial of Service Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Web Security Appliance Cache Reply Denial of Service Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco AsyncOS TCP Flood Denial of Service Vulnerability 2015-11-04
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[KIS-2015-10] Piwik <= 2.14.3 (DisplayTopKeywords) PHP Object Injection Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
[KIS-2015-09] Piwik <= 2.14.3 (viewDataTable) Autoloaded File Inclusion Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
[KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
[KIS-2015-08] ATutor <= 2.2 (edit_marks.php) PHP Code Injection Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
[KIS-2015-06] ATutor <= 2.2 (confirm.php) Session Variable Overloading Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
[KIS-2015-05] ATutor <= 2.2 (Custom Course Icon) Unrestricted File Upload Vulnerability 2015-11-04
Egidio Romano (research karmainsecurity com)
FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED] 2015-11-04
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 3392-1] freeimage security update 2015-11-04
Sebastien Delafond (seb debian org)
Malware
TrojanDownloader:MSIL/Banload.AH
TrojanDownloader:MSIL/Banload.AD
Phishing
PayPal | 5th November 2015 |
PayPal ! | 5th November 2015 |
PayPal Team | 5th November 2015 |
Paul Hindle | 5th November 2015 |
PayPal | 5th November 2015 |
Halifax | 5th November 2015 |
ROYAL BANK OF SCOTLAND® | 5th November 2015 |
*******Online Banking (Wire | |
PayPal | 5th November 2015 |
Vulnerebility
SANS News
Threatpost
Shuanet Adware Rooting Android Devices Via Trojanized Apps - See more at: https://threatpost.com/#sthash.Ox1iuvx1.dpuf
Chinese Mobile Ad Library Backdoored to Spy on iOS Devices
New Tinba Variant Seen Targeting Russian, Japanese Banks
Exploit
Cryptocat Arbitrary Script Injection Vulnerability
vBulletin 5.1.x - PreAuth 0day Remote Code Execution Exploit
OpenSSL Alternative Chains Certificate Forgery
4.11.2015
Bugtraq
FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED] 2015-11-04
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 3392-1] freeimage security update 2015-11-04
Sebastien Delafond (seb debian org)
[security bulletin] HPSBGN03429 rev.2 - HP Arcsight Logger, Remote Disclosure of Information 2015-11-03
security-alert hpe com
[security bulletin] HPSBGN03425 rev.1 - HP ArcSight SmartConnectors, Remote Disclosure of Information, Local Escalation of Privilege 2015-11-03
security-alert hpe com
[security bulletin] HPSBGN03430 rev.1 - HP ArcSight products, Local Elevation of Privilege 2015-11-03
security-alert hpe com
[SECURITY] [DSA 3391-1] php-horde security update 2015-11-03
Florian Weimer (fw deneb enyo de)
[security bulletin] HPSBGN03386 rev.2 - HP Central View Fraud Risk Management, Revenue Leakage Control, Dealer Performance Audit, Credit Risk Control, Roaming Fraud Control, Subscription Fraud Prevention, Remote Disclosure of Information, Local Disclosure 2015-11-03
security-alert hpe com
[security bulletin] HPSBGN03426 rev.1 - HP Mobility Software, Remote Execution of Arbitrary Code 2015-11-02
security-alert hpe com
[SECURITY] [DSA 3355-2] libvdpau regression update 2015-11-02
Alessandro Ghedini (ghedo debian org)
Malware
Win32/Upatre
TrojanDropper:O97M/Farheyt.A
TrojanDownloader:Win32/Banload.BFB
Phishing
PayPaI Service | 4th November 2015 |
Royal Bank | 4th November 2015 |
*******Online Banking (Wire | |
RBC Royal Bank | 2nd November 2015 |
Vulnerebility
Oracle Java SE CVE-2015-4911 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77209
Oracle Java SE CVE-2015-4903 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77194
Oracle Java SE CVE-2015-4844 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77164
Oracle Java SE CVE-2015-4893 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77207
Oracle Java SE CVE-2015-4734 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77192
Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77163
Oracle Java SE CVE-2015-4803 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77200
Oracle Java SE CVE-2015-4860 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77162
Oracle Java SE CVE-2015-4882 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77181
Oracle Java SE CVE-2015-4883 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77161
Oracle Java SE CVE-2015-4872 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77211
Oracle Java SE CVE-2015-4881 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77159
Oracle Java SE CVE-2015-4835 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77148
Oracle Java SE CVE-2015-4842 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77154
Oracle Java SE CVE-2015-4843 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77160
Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77126
HP Vertica CVE-2015-6867 Remote Code Execution Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77405
Microsoft Windows Object Reference CVE-2015-2554 Local Privilege Escalation Vulnerability
2015-11-03
http://www.securityfocus.com/bid/76998
Oracle Java SE CVE-2015-4840 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77242
Xen CVE-2015-7835 Privilege Escalation Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77366
Oracle Java SE CVE-2015-4871 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77238
GNU glibc CVE-2015-0235 Remote Heap Buffer Overflow Vulnerability
2015-11-03
http://www.securityfocus.com/bid/72325
Network Time Protocol CVE-2015-5300 Man in the Middle Security Bypass Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77312
Network Time Protocol CVE-2015-7871 Authentication Bypass Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77287
NTP CVE-2015-7702 Incomplete Fix Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77286
Network Time Protocol 'ntpq.c' Memory Corruption Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77288
NTP CVE-2015-7692 Incomplete Fix Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77285
Network Time Protocol CVE-2015-7703 Arbitrary File Overwrite Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77278
NTP CVE-2015-7691 Incomplete Fix Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77274
Network Time Protocol CVE-2015-7704 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/77280
SANS News
Threatpost
Google Project Zero Turns Over 11 Bugs in Galaxy S6 Edge
Updated XcodeGhost Adds iOS9 Support
PageFair Hack Serves Up Fake Flash Update to 500 Sites
Exploit
vBulletin 5 PreAuth Remote Code Execution
FreeType 2.6.1 TrueType tt_cmap14_validate Parsing Heap-Based Out-of-Bounds Reads
3.11.2015
Bugtraq
[security bulletin] HPSBGN03426 rev.1 - HP Mobility Software, Remote Execution of Arbitrary Code 2015-11-02
security-alert hpe com
[SECURITY] [DSA 3355-2] libvdpau regression update 2015-11-02
Alessandro Ghedini (ghedo debian org)
[security bulletin] HPSBMU03518 rev.1 - HP Vertica, Remote Code Execution 2015-11-02
security-alert hpe com
[SECURITY] [DSA 3390-1] xen security update 2015-11-02
Salvatore Bonaccorso (carnil debian org)
CVE-2015-7326 (XXE vulnerability in Milton Webdav) 2015-11-02
0ang3el gmail com
Accentis Content Resource Management System - XSS 2015-11-02
GalaxyCVEcollector gmail com
Accentis Content Resource Management System - SQL 2015-11-02
GalaxyCVEcollector gmail com
Malware
Win32/TrojanDownloader.Bredolab.CB
Phishing
RBC Royal Bank | 2nd November 2015 |
PayPal service | 2nd November 2015 |
IMPORTANT - WE NOTICED UNUSUAL | |
Vulnerebility
QEMU PRDT Data Handling Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73316
QEMU Realtek rtl8139 Model CVE-2015-5165 Information Disclosure Vulnerability
2015-11-03
http://www.securityfocus.com/bid/76153
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-11-03
http://www.securityfocus.com/bid/74733
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75158
OpenSSL 'ssleay_rand_bytes()' Function Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75219
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-11-03
http://www.securityfocus.com/bid/73684
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73225
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73232
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73237
Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/74475
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-11-03
http://www.securityfocus.com/bid/73227
Apache Struts CVE-2015-1831 Security Bypass Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75940
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75161
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/74111
Linux Kernel 'x86/entry/entry_64.S' Local Privilege Escalation Vulnerability
2015-11-03
http://www.securityfocus.com/bid/76004
Linux Kernel Multiple Remote Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75510
Linux Kernel 'fs/pipe.c' Multiple Local Memory Corruption Vulnerabilities
2015-11-03
http://www.securityfocus.com/bid/74951
OpenSSH PAM Support Multiple Remote Code Execution Vulnerabilities
2015-11-03
http://www.securityfocus.com/bid/76317
Libxml2 CVE-2015-1819 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75570
jabberd CVE-2015-2059 Out of Bounds Read Memory Corruption Vulnerability
2015-11-03
http://www.securityfocus.com/bid/72736
Google Chrome Prior to 44.0.2403.89 Multiple Security Vulnerabilities
2015-11-03
http://www.securityfocus.com/bid/75973
Apache HTTP Server CVE-2015-3183 Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75963
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75154
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75156
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75157
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-11-03
http://www.securityfocus.com/bid/75895
GNU glibc 'getaddrinfo.c' Remote Code Execution Vulnerability
2015-11-03
http://www.securityfocus.com/bid/72710
SANS News
Enhancing pentesting recon with nmap
Threatpost
Latest EMET Bypass Targets WoW64 Windows Subsystem
Vulnerability Identified in Genomic Data Sharing Network
Exploit
Samsung Galaxy S6 Samsung Gallery - GIF Parsing Crash
Samsung Galaxy S6 - android.media.process Face Recognition Memory Corruption
Samsung Galaxy S6 - libQjpeg DoIntegralUpsample Crash
Samsung Galaxy S6 - Samsung Gallery Bitmap Decoding Crash
Samsung libQjpeg Image Decoding Memory Corruption
Python 2.7 hotshot Module - pack_string Heap Buffer Overflow
Python 2.7 array.fromstring Method - Use After Free
Python 2.7 strop.replace() Method - Integer Overflow
Python 3.3 - 3.5 product_setstate() Function - Out-of-bounds Read
actiTIME 2015.2 - Multiple Vulnerabilities
Sam Spade 1.14 - (Crawl website) Buffer OverFlow
Sam Spade 1.14 - (Scan Addresses) Buffer Overflow Exploit
TCPing 2.1.0 - Buffer Overflow
2.11.2015
Bugtraq
CVE-2015-7326 (XXE vulnerability in Milton Webdav) 2015-11-02
0ang3el gmail com
Accentis Content Resource Management System - XSS 2015-11-02
GalaxyCVEcollector gmail com
Accentis Content Resource Management System - SQL 2015-11-02
GalaxyCVEcollector gmail com
Cross-Site Scripting | Zeuscart V4 2015-11-02
ITAS Team (itas team itas vn)
[SECURITY] [DSA 3389-1] elasticsearch end-of-life 2015-11-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3381-2] openjdk-7 security update 2015-11-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3388-1] ntp security update 2015-11-01
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3387-1] openafs security update 2015-11-01
Florian Weimer (fw deneb enyo de)
TCPing 2.1.0 Buffer Overflow 2015-11-01
apparitionsec gmail com
[SECURITY] [DSA 3386-1] unzip security update 2015-10-31
Laszlo Boszormenyi \(GCS\) (gcs debian org)
[SECURITY] [DSA 3385-1] mariadb-10.0 security update 2015-10-31
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
PayPal service | 2nd November 2015 |
IMPORTANT - WE NOTICED UNUSUAL | |
Security Apple | 1st November 2015 |
AOL | 1st November 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
30.10.2015
Bugtraq
[slackware-security] jasper (SSA:2015-302-02) 2015-10-29
Slackware Security Team (security slackware com)
PHP Server Monitor 3.1.1 Privilege Escalation 2015-10-30
apparitionsec gmail com
PHP Server Monitor 3.1.1 CSRF 2015-10-30
apparitionsec gmail com
[slackware-security] curl (SSA:2015-302-01) 2015-10-29
Slackware Security Team (security slackware com)
[slackware-security] ntp (SSA:2015-302-03) 2015-10-29
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3384-1] virtualbox security update 2015-10-29
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3383-1] wordpress security update 2015-10-29
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3332-2] wordpress regression update 2015-10-29
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Brayden | 30th October 2015 |
MRS. JODI REULAND | 30th October 2015 |
Ofornelas-F R_E..E..___A-C | |
Yahoo.com | 29th October 2015 |
Vulnerebility
SANS News
Threatpost
Web Hosting Service 000webhost Hacked, Information of 13 Million Leaked
Exploit
Sam Spade 1.14 - Scan From IP Address Field SEH Overflow Crash PoC
PHP Server Monitor 3.1.1- Multiple CSRF Vulnerabilities
PHP Server Monitor 3.1.1- CSRF Privilege Escalation
eBay Magento <= 1.9.2.1 - PHP FPM XML eXternal Entity Injection
Hitron Router CGN3ACSMR 4.5.8.16 - Arbitrary Code Execution
Pligg CMS 2.0.2 - Multiple SQL Injection Vulnerabilities
Pligg CMS 2.0.2 - Directory Traversal
Pligg CMS 2.0.2 - CSRF Code Execution
AIX 7.1 - lquerylv Local Privilege Escalation
Oxwall 1.7.4 - CSRF Vulnerability
29.10.2015
Bugtraq
[ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29
ERPScan inc (erpscan online gmail com)
Cross-Site Request Forgery on Oxwall 2015-10-29
High-Tech Bridge Security Research (advisory htbridge ch)
CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver 2015-10-29
Portcullis Advisories (advisories portcullis-security com)
CVE-2015-7724 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver 2015-10-29
Portcullis Advisories (advisories portcullis-security com)
[SECURITY] [DSA 3382-1] phpmyadmin security update 2015-10-28
Thijs Kinkhorst (thijs debian org)
Malware
VBA/TrojanDownloader.Agent.ADX
Win32/TrojanDownloader.Nymaim.AY
Phishing
paypal | 29th October 2015 |
Vulnerebility
SANS News
USB cleaning device for the masses
Threatpost
Rockwell Patches Serious ‘FrostyURL’ PLC Vulnerability
Exploit
Joomla JNews (com_jnews) Component 8.5.1 - SQL Injection
NetUSB Kernel Stack Buffer Overflow
28.10.2015
Bugtraq
Arbitrary code execution resp. escalation of privilege with Mozilla's SETUP.EXE 2015-10-28
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3381-1] openjdk-7 security update 2015-10-27
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3380-1] php5 security update 2015-10-27
Florian Weimer (fw deneb enyo de)
[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
Malware
Rogue:VBS/Trapwot
TrojanProxy:MSIL/Segyroxb.A
Trojan:JS/Iframeinject.AG
Phishing
PayPal | 28th October 2015 |
Vulnerebility
SANS News
Threatpost
Fewer IPsec VPN Connections at Risk from Weak Diffie-Hellman
Exploit
Th3 MMA mma.php Backdoor Arbitrary File Upload
Samsung SecEmailUI Script Injection
JIRA and HipChat for JIRA Plugin Velocity Template Injection Vulnerability
Sagem FAST3304-V2 - Authentication Bypass
Samsung m2m1shot Kernel Driver Buffer Overflow
Samsung seiren Kernel Driver Buffer Overflow
Samsung fimg2d FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw
Samsung SecEmailComposer QUICK_REPLY_BACKGROUND Permissions Weakness
27.10.2015
Bugtraq
[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability 2015-10-27
ERPScan inc (erpscan online gmail com)
MacOS X 10.11 hardlink bomb cause resource exhaustion (Avast PoC) 2015-10-26
submit cxsec org
MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow 2015-10-26
submit cxsec org
Secunia Research: Oracle Outside In Two Buffer Overflow Vulnerabilities 2015-10-26
Secunia Research (remove-vuln secunia com)
Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability 2015-10-26
Secunia Research (remove-vuln secunia com)
FreeBSD Security Advisory FreeBSD-SA-15:25.ntp 2015-10-26
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
SoftwareBundler:Win32/Zubtui.A
Backdoor:Win32/Xtrat.Q
TrojanDownloader:Win32/Captorveen.B
PWS:MSIL/Stimilini.S
Trojan:Win32/Tulim.B!plock
Trojan:Win32/Spallowz.A!plock
Phishing
PayPaI | 27th October 2015 |
MRS. LUCILA LAMME | 27th October 2015 |
Vulnerebility
Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
2015-10-26
http://www.securityfocus.com/bid/76194
IBM WebSphere Application Server CVE-2015-1885 Remote Privilege Escalation Vulnerability
2015-10-26
http://www.securityfocus.com/bid/74219
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-10-26
http://www.securityfocus.com/bid/76249
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/76092
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75157
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75154
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75890
Symantec Endpoint Protection Manager CVE-2015-1489 Remote Privilege Escalation Vulnerability
2015-10-26
http://www.securityfocus.com/bid/76078
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73237
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73225
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73232
Symantec Endpoint Protection Manager CVE-2015-1486 Authentication Bypass Vulnerability
2015-10-26
http://www.securityfocus.com/bid/76074
Cisco Adaptive Security Appliance (ASA) Software CVE-2015-6325 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/77260
Python 'bufferobject.c' Integer Overflow Vulnerability
2015-10-26
http://www.securityfocus.com/bid/70089
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73326
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-10-26
http://www.securityfocus.com/bid/71936
Cisco Adaptive Security Appliance (ASA) Software CVE-2015-0578 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/72718
Apple Mac OS X Multiple Privilege Escalation Vulnerabilities
2015-10-26
http://www.securityfocus.com/bid/76421
Elasticsearch CVE-2015-5377 Remote Code Execution Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75938
Elasticsearch CVE-2015-5531 Directory Traversal Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75935
OpenSSL '/evp/encode.c' Remote Memory Corruption Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73228
IBM WebSphere Application Server CVE-2015-1927 Remote Privilege Escalation Vulnerability
2015-10-26
http://www.securityfocus.com/bid/75486
OpenSSL CVE-2015-0291 Denial of Service Vulnerability
2015-10-26
http://www.securityfocus.com/bid/73235
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-10-26
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2015-0437 Remote Java SE Vulnerability
2015-10-26
http://www.securityfocus.com/bid/72146
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-10-26
http://www.securityfocus.com/bid/72136
FFmpeg CVE-2015-6761 Unspecified Memory Corruption Vulnerability
2015-10-26
http://www.securityfocus.com/bid/77073
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-10-26
http://www.securityfocus.com/bid/72140
SANS News
Threatpost
Novel NTP Attacks Roll Back Time
Yahoo Hires Bob Lord as its CISO
New Campaign Shows Dridex Active, Targeting French
Exploit
Th3 MMA mma.php Backdoor Arbitrary File Upload
Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation
Win10Pcap - Local Privilege Escalation Vulnerability
26.10.2015
Bugtraq
MacOS X 10.11 hardlink bomb cause resource exhaustion (Avast PoC) 2015-10-26
submit cxsec org
MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow 2015-10-26
submit cxsec org
Secunia Research: Oracle Outside In Two Buffer Overflow Vulnerabilities 2015-10-26
Secunia Research (remove-vuln secunia com)
Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability 2015-10-26
Secunia Research (remove-vuln secunia com)
FreeBSD Security Advisory FreeBSD-SA-15:25.ntp 2015-10-26
FreeBSD Security Advisories (security-advisories freebsd org)
AlienVault OSSIM 4.3 CSRF 2015-10-26
mohammadreza mohajerani gmail com
AlienVault OSSIM 4.3 CSRF vulnerability report 2015-10-25
mohammadreza mohajerani gmail com
[SECURITY] [DSA 3379-1] miniupnpc security update 2015-10-25
Salvatore Bonaccorso (carnil debian org)
Fwd: Timing attack vulnerability in most Zeus server-sides 2015-10-25
rotem kerner (nullfield gmail com)
[SECURITY] [DSA 3377-1] mysql-5.5 security update 2015-10-24
Salvatore Bonaccorso (carnil debian org)
[security bulletin] HPSBGN03429 rev.1 - HP Arcsight Logger, Remote Disclosure of Information 2015-10-23
security-alert hp com
[security bulletin] HPSBGN03428 rev.1 - HP Asset Manager, Local Disclosure of Sensitive Information 2015-10-23
security-alert hp com
CVE-2015-6576: Bamboo - Deserialisation resulting in remote code execution 2015-10-23
David Black (dblack atlassian com)
Malware
PWS:MSIL/Stimilina.G
PWS:MSIL/Stimilina.H
PWS:MSIL/Stimilina.I
Win32/Upatre
Phishing
Holly Bass | 25th October 2015 |
Chase(SM)spalerts4secure3@comc | 25th October 2015 |
Apple | 25th October 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Windows 10 - pcap Driver Local Privilege Escalation
Alreader 2.5 .fb2 - SEH Based Stack Overflow (ASLR and DEP bypass)
Safari User-Assisted Applescript Exec Attack
23.10.2015
Bugtraq
CVE-2015-6576: Bamboo - Deserialisation resulting in remote code execution 2015-10-23
David Black (dblack atlassian com)
Re: TeamSpeak Client <= 3.0.18.1 RFI, Directory Traversal to RCE 2015-10-22
scurippio autistici org
SEC Consult SA-20151022-0 :: Lime Survey Multiple Critical Vulnerabilities 2015-10-22
SEC Consult Vulnerability Lab (research sec-consult com)
Re: TeamSpeak Client <= 3.0.18.1 RFI, Directory Traversal to RCE 2015-10-22
scurippio autistici org
TeamSpeak Client <= 3.0.18.1 RFI, Directory Traversal to RCE 2015-10-22
scurippio autistici org
Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 2015-10-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
APPLE-SA-2015-10-21-8 OS X Server 5.0.15 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-7 Xcode 7.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-5 iTunes 12.3.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
Malware
Adware:Win32/Doma
TrojanClicker:Win32/Buoveco.A
TrojanDownloader:Win32/Dowfeld.A
Phishing
PayPal | 23rd October 2015 |
You submitted an order | |
WEB | 22nd October 2015 |
MAINTENANCE MAIL-BOX YOUR | |
PayPal_ID 42310 | 22nd October 2015 |
Your account is limited now | |
Chase | 21st October 2015 |
APPLE INC. | 21st October 2015 |
Vulnerebility
SANS News
Threatpost
Joomla Update Patches Critical SQL Injection Vulnerability
Exploit
Realtyna RPL Joomla Extension 8.9.2 - Multiple SQL Injection Vulnerabilities
Realtyna RPL Joomla Extension 8.9.2 - Persistent XSS And CSRF Vulnerabilities
Subrion 3.X.X - Multiple Vulnerabilities
Beckhoff CX9020 CPU Module - Remote Code Execution Exploit
22.10.2015
Bugtraq
TeamSpeak Client <= 3.0.18.1 RFI, Directory Traversal to RCE 2015-10-22
scurippio autistici org
Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 2015-10-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
APPLE-SA-2015-10-21-8 OS X Server 5.0.15 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-7 Xcode 7.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-5 iTunes 12.3.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-3 Safari 9.0.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-2 watchOS 2.0.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-10-21-1 iOS 9.1 2015-10-21
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco ASA Software VPN ISAKMP Denial of Service Vulnerability 2015-10-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco ASA Software DNS Denial of Service Vulnerability 2015-10-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability 2015-10-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability 2015-10-21
Cisco Systems Product Security Incident Response Team (psirt cisco com)
SiteWIX - (edit_photo2.php id) SQL Injection Exploit 2015-10-21
ZoRLu Bugrahan (zorlu milw00rm com)
Malware
TrojanDownloader:Win32/Dowfeld.A
TrojanDropper:Win32/Soloniti.A
TrojanDownloader:BAT/Truvaeril.A
TrojanSpy:Win32/Banker.APB
Adware:Win32/Loones
TrojanSpy:MSIL/Omaneat.C
TrojanDownloader:Win32/Xeliam.A
Phishing
WEB | 22nd October 2015 |
MAINTENANCE MAIL-BOX YOUR | |
PayPal_ID 42310 | 22nd October 2015 |
Your account is limited now | |
Chase | 21st October 2015 |
Vulnerebility
SANS News
Compromised Magento sites led to Neutrino exploit kit
Threatpost
Google Moving Gmail to Strict DMARC Implementation
Custom Google App Engine Tweak Still Leads to Java Sandbox Escapes
Exploit
Beckhoff CX9020 CPU Module - Remote Code Execution Exploit
21.10.2015
Bugtraq
SiteWIX - (edit_photo2.php id) SQL Injection Exploit 2015-10-21
ZoRLu Bugrahan (zorlu milw00rm com)
[SE-2014-02] Google App Engine Java security sandbox bypasses (Issue 42) 2015-10-21
Security Explorations (contact security-explorations com)
[SECURITY] [DSA 3376-1] chromium-browser security update 2015-10-21
Michael Gilbert (mgilbert debian org)
[SECURITY] [DSA 3375-1] wordpress security update 2015-10-19
Yves-Alexis Perez (corsac debian org)
[SECURITY] [DSA 3374-1] postgresql-9.4 security update 2015-10-19
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:Win32/Xeliam.A
Phishing
APPLE INC. | 21st October 2015 |
MENS TOP SECRET GUIDE | 20th October 2015 |
Vulnerebility
SANS News
Threatpost
Microsoft Opens .NET Core, ASP.NET Bug Bounties
Let’s Encrypt Hits Another Free HTTPS Milestone
Academics Find Critical Flaws in Self-Encrypting Hardware Drives - See more at: https://threatpost.com/#sthash.7fFNlffq.dpuf
Academics Find Critical Flaws in Self-Encrypting Hardware Drives - See more at: https://threatpost.com/#sthash.7fFNlffq.dpuf
Exploit
Zpanel Remote Unauthenticated RCE
HandyPassword 4.9.3 - SEH Over-Write Exploit
20.10.2015
Bugtraq
[SECURITY] [DSA 3375-1] wordpress security update 2015-10-19
Yves-Alexis Perez (corsac debian org)
[SECURITY] [DSA 3374-1] postgresql-9.4 security update 2015-10-19
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3373-1] owncloud security update 2015-10-18
Salvatore Bonaccorso (carnil debian org)
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access 2015-10-16
ERPScan inc (erpscan online gmail com)
Events Made Easy WordPress plugin CSRF + Persistent XSS 2015-10-16
David Sopas (davidsopas gmail com)
Malware
DDoS:Win32/Flusihoc.A
TrojanDownloader:Win32/Upatre.CO
TrojanSpy:MSIL/Yakbeex.C
TrojanDownloader:MSIL/Fleendow.A
TrojanDownloader:Win32/Bamvleds.A
Phishing
PayPal | 20th October 2015 |
SGT MONICA L BROWN | 20th October 2015 |
Vulnerebility
SANS News
Threatpost
Apple to Remove 256 iOS Apps Using Private APIs, Collecting Personal Data
Exploit
19.10.2015
Bugtraq
[SECURITY] [DSA 3374-1] postgresql-9.4 security update 2015-10-19
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3373-1] owncloud security update 2015-10-18
Salvatore Bonaccorso (carnil debian org)
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access 2015-10-16
ERPScan inc (erpscan online gmail com)
Malware
Phishing
APPLE INC | 19th October 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Wordpress Ajax Load More Plugin < 2.8.2 - File Upload Vulnerability
Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow
Nibbleblog File Upload Vulnerability
Belkin Router N150 1.00.08, 1.00.09 - Path Traversal Vulnerability
Adobe Flash IExternalizable.writeExternal - Type Confusion
16.10.2015
Bugtraq
ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access 2015-10-16
ERPScan inc (erpscan online gmail com)
Events Made Easy WordPress plugin CSRF + Persistent XSS 2015-10-16
David Sopas (davidsopas gmail com)
Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) 2015-10-16
Qualys Security Advisory (qsa qualys com)
[ISecAuditors Security Advisories] URL Open Redirect in Google generic TLD and ccTLD 2015-10-15
ISecAuditors Security Advisories (advisories isecauditors com)
APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 2015-10-15
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBOV03503 rev.1 - HP OpenVMS CSWS_JAVA running Tomcat, Multiple Remote Vulnerabilities 2015-10-15
security-alert hp com
[security bulletin] HPSBUX03512 SSRT102254 rev.1 - HP-UX Web Server Suite running Apache, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-10-15
security-alert hp com
Freemake Video Downloader 3.7.1 - Code Execution Vulnerability 2015-10-15
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability 2015-10-15
Vulnerability Lab (research vulnerability-lab com)
Malware
TrojanDownloader:Win32/Brucryp.C
PWS:MSIL/Petun
TrojanDownloader:Win32/Bagoox.A
TrojanClicker:Win32/Bagoox.A
DDoS:Win32/Nitol.K
Backdoor:Win32/Slingup.A
SoftwareBundler:Win32/InstallMonster
TrojanDownloader:Win32/Strumapine.A
Phishing
PAYPal info | 16th October 2015 |
HSBC Bank | 16th October 2015 |
PalyPal Support | 16th October 2015 |
Account Support | 16th October 2015 |
Vulnerebility
SANS News
Threatpost
WordPress Fixes Critical Stored XSS Error in Akismet
Latest Microsoft Transparency Report Details Content Removal Requests
Exploit
AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow
Linux x86_64 Bindshell with Password (92 bytes)
15.10.2015
Bugtraq
Freemake Video Downloader 3.7.1 - Code Execution Vulnerability 2015-10-15
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability 2015-10-15
Vulnerability Lab (research vulnerability-lab com)
Blat.exe v2.7.6 SMTP / NNTP Mailer Buffer Overflow 2015-10-14
apparitionsec gmail com
US DoD's Dc3dd v7.2.6 suffers from a Buffer Overflow vulnerability - Advanced Information Security Corporation - Zero Day Research 2015-10-14
Nicholas Lemonias. (lem nikolas googlemail com)
[CVE-2015-2552] Windows 8+ - Trusted Boot Security Feature Bypass Vulnerability 2015-10-14
Myria (myriachan gmail com)
[security bulletin] HPSBGN03515 rev.1 - HP Smart Profile Server Data Analytics Layer (SPS DAL), Remote Cross-Site-Scripting (XSS), Disclosure of Information 2015-10-13
security-alert hp com
Malware
Backdoor:Win32/Noancooe
Backdoor:Win32/Bergat.C
TrojanDownloader:Win32/Kalumino.A
SoftwareBundler:Win32/Coolnetry
TrojanDownloader:Win32/Hospizrox.A
TrojanDownloader:Win32/Redosdru
TrojanDownloader:Win32/Banload.BET
TrojanDownloader:MSIL/Banload.AB
TrojanDownloader:AutoIt/Banload.V
TrojanDownloader:AutoIt/Banload.T
Phishing
Exploit kit roundup: Less Angler, more Nuclear
Vulnerebility
SANS News
Google Patches Chrome, Changes Mixed Content Warnings
Law Enforcement Shuts Down Dridex Operation
Threatpost
Exploit
netis RealTek Wireless Router / ADSL Modem - Multiple Vulnerabilities
PROLiNK H5004NK ADSL Wireless Modem - Multiple Vulnerabilities
AdobeWorkgroupHelper 2.8.3.3 - Stack Based Buffer Overflow
Blat.exe 2.7.6 SMTP / NNTP Mailer - Buffer Overflow
14.10.2015
Bugtraq
US DoD's Dc3dd v7.2.6 suffers from a Buffer Overflow vulnerability - Advanced Information Security Corporation - Zero Day Research 2015-10-14
Nicholas Lemonias. (lem nikolas googlemail com)
[CVE-2015-2552] Windows 8+ - Trusted Boot Security Feature Bypass Vulnerability 2015-10-14
Myria (myriachan gmail com)
[security bulletin] HPSBGN03515 rev.1 - HP Smart Profile Server Data Analytics Layer (SPS DAL), Remote Cross-Site-Scripting (XSS), Disclosure of Information 2015-10-13
security-alert hp com
Boolean-based SQL injection Vulnerability in K2 Platforms 2015-10-13
wissam bashour helpag com
[SECURITY] [DSA 3372-1] linux security update 2015-10-13
Ben Hutchings (benh debian org)
Malware
TrojanSpy:MSIL/Yakbeex.B
TrojanDropper:Win32/Sulunch
TrojanDownloader:MSIL/Bladabindi.J
TrojanSpy:Win32/Nivdort!acf
TrojanSpy:Win32/Banker.AOX
TrojanSpy:MSIL/Quoler.A
Adware:Win32/Sogou
TrojanDownloader:BAT/Unwgent.A
Trojan:Win32/Damingvat.A
Adware:Win32/Putalo0l
Phishing
Paypal | 14th October 2015 |
We are unable to validate | |
MRS MONICA ASLAM | 13th October 2015 |
PayPal Support | 13th October 2015 |
Vulnerebility
SANS News
AV Phone Scan via Fake BSOD Web Pages
Threatpost
Dow Jones & Company Latest Financial Firm Hit With Data Breach
Exploit
ZyXEL PMG5318-B20A - OS Command Injection Vulnerability
Linux/MIPS Kernel NetUSB - Remote Code Execution Exploit
13.10.2015
Bugtraq
Boolean-based SQL injection Vulnerability in K2 Platforms 2015-10-13
wissam bashour helpag com
[SECURITY] [DSA 3372-1] linux security update 2015-10-13
Ben Hutchings (benh debian org)
AdobeWorkgroupHelper Stack Based Buffer Overflow 2015-10-13
apparitionsec gmail com
CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin 2015-10-12
grajalerts gmail com
CVE-2015-7682: Multiple Blind SQL Injections in Pie Register WordPress Plugin 2015-10-12
grajalerts gmail com
CVE-2015-7377: Unauthenticated Reflected XSS in Pie Register WordPress Plugin 2015-10-12
grajalerts gmail com
Multiple Remote Code Execution found in ZHONE 2015-10-12
lyon yang s gmail com
Malware
PWS:MSIL/Logbro.A
Backdoor:Win32/Slackbot.F
TrojanDropper:MSIL/Mutra
Backdoor:Win32/Dradkiter.A
HackTool:Win64/Mikatz
TrojanDownloader:O97M/Daoyap.A
TrojanDropper:MSIL/Hostwack.A
TrojanDownloader:Win32/Fikoter.A
Backdoor:Win32/Warood.B
Backdoor:Win32/Warood.A
Phishing
PayPal | 13th October 2015 |
Services Info | 13th October 2015 |
Chase | 13th October 2015 |
Barclays PLC. | 12th October 2015 |
Vulnerebility
SANS News
October 2015 Microsoft Patch Tuesday
Threatpost
Adobe Patches 69 Vulnerabilities in Reader, Acrobat, Flash
Netgear Published Patched Firmware for Routers Under Attack
Exploit
ZHONE < S3.0.501 - Multiple Vulnerabilities
F5 Big-IP 10.2.4 Build 595.0 Hotfix HF3 - File Path Traversal Vulnerability
Netgear Voice Gateway 2.3.0.23_2.3.23 - Multiple Vulnerabilities
Kerio Control <= 8.6.1 - Multiple Vulnerabilities
libsndfile 1.0.25 - Heap Overflow
CDex Genre 1.79 - Stack Buffer Overflow
12.10.2015
Bugtraq
CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin 2015-10-12
grajalerts gmail com
CVE-2015-7682: Multiple Blind SQL Injections in Pie Register WordPress Plugin 2015-10-12
grajalerts gmail com
CVE-2015-7377: Unauthenticated Reflected XSS in Pie Register WordPress Plugin 2015-10-12
grajalerts gmail com
Multiple Remote Code Execution found in ZHONE 2015-10-12
lyon yang s gmail com
[SYSS-2015-034] MATESO Password Safe and Repository Enterprise - SQL Injection 2015-10-12
matthias deeg syss de
[SYSS-2015-037] MATESO Password Safe and Repository Enterprise - Insufficiently Protected Credentials 2015-10-12
matthias deeg syss de
Multiple Vulnerabilities found in ZHONE 2015-10-12
lyon yang s gmail com
ESA-2015-153 EMC SourceOne Email Supervisor Security Update for Multiple Security Vulnerabilities 2015-10-11
Security Alert (Security_Alert emc com)
[SECURITY] [DSA 3371-1] spice security update 2015-10-09
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:Win32/Maliku.A
TrojanDownloader:Win32/Upatre.CQ
HackTool:Win32/Gambigubo.A
Backdoor:Win32/Venik.O
TrojanDownloader:Win32/Zawwi.A
Win32/Brambul
Win32/Joanap
Phishing
AOL | 12th October 2015 |
Lloyds | 11th October 2015 |
Vulnerebility
SANS News
Data Visualization,What is your Tool of Choice
Threatpost
Exploit
Tomabo MP4 Converter 3.10.12 - 3.11.12 (.m3u) Denial of service (Crush application)
10.10.2015
Bugtraq
[SECURITY] [DSA 3371-1] spice security update 2015-10-09
Salvatore Bonaccorso (carnil debian org)
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-09
Nicholas Lemonias. (lem nikolas googlemail com)
FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc Bug Bounty #119 - URL Redirect Web Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
Malware
Phishing
MR DAVID | 9th October 2015 |
Info | 9th October 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
9.10.2015
Bugtraq
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-09
Nicholas Lemonias. (lem nikolas googlemail com)
FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc Bug Bounty #119 - URL Redirect Web Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability 2015-10-09
Vulnerability Lab (research vulnerability-lab com)
Veeam Backup & Replication Local Privilege Escalation Vulnerability 2015-10-08
ascii (ascii ush it)
[RT-SA-2015-006] Buffalo LinkStation Authentication Bypass 2015-10-08
RedTeam Pentesting GmbH (release redteam-pentesting de)
Potential vulnerabilites in PayPal Beacons 2015-10-08
securityresearch shaftek biz
Malware
TrojanSpy:BAT/Separ.C
SoftwareBundler:Win32/Pokavampo
Trojan:Win32/Patched.AP
Phishing
Info | 9th October 2015 |
Halifax UK | 7th October 2015 |
Vulnerebility
SANS News
Adobe Acrobat and Reader Pre-Announcement
Threatpost
Amazon Inspector Addresses Compliance and Security Challenge
Adobe to Patch Reader and Acrobat Next Week
Exploit
VeryPDF Image2PDF Converter SEH Buffer Overflow
8.10.2015
Bugtraq
Advanced Information Security Corporation, Security Advisory (Oracle's MYSQL v5.6.24 Latest - Buffer Overflows) Repost 2015-10-07
Nicholas Lemonias. (lem nikolas googlemail com)
[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities 2015-10-07
Matteo Beccati (matteo beccati com)
A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE 2015-10-07
Pierre Kim (pierre kim sec gmail com)
RE: Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img 2015-10-07
Alexandre Herzog (Alexandre Herzog csnc ch)
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-07
lem nikolas gmail com
[SECURITY] [DSA 3369-1] zendframework security update 2015-10-06
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3370-1] freetype security update 2015-10-06
Alessandro Ghedini (ghedo debian org)
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-07
Nicholas Lemonias. (lem nikolas googlemail com)
Zope Management Interface CSRF vulnerabilities 2015-10-07
apparitionsec gmail com
[CVE-2015-7670] Multiple SQL Injection in Support Ticket System 1.2 WordPress plugin 2015-10-06
ibeptaz gmail com
Malware
TrojanDownloader:Win32/Upatre.CG
TrojanDownloader:Win32/Upatre.CF
TrojanDownloader:Win32/Brucryp.D
TrojanDropper:Win32/Latot.A
TrojanDownloader:Win32/Latot.A
TrojanSpy:MSIL/Logkayi.A
TrojanSpy:MSIL/Logadat.A
Phishing
Halifax UK | 7th October 2015 |
Summary Billing Account | 7th October 2015 |
WE DISCOVERED IRREGULARITIES | |
Vulnerebility
SANS News
Malicious spam with Word document
Threatpost
New Moker RAT Bypasses Detection
Kemoge Android Adware Campaign Can Lead to Device Takeover
Exploit
Zope Management Interface 4.3.7 - CSRF Vulnerabilities
7.10.2015
Bugtraq
Advanced Information Security Corporation, Security Advisory (Oracle's MYSQL v5.6.24 Latest - Buffer Overflows) Repost 2015-10-07
Nicholas Lemonias. (lem nikolas googlemail com)
[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities 2015-10-07
Matteo Beccati (matteo beccati com)
A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE 2015-10-07
Pierre Kim (pierre kim sec gmail com)
RE: Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img 2015-10-07
Alexandre Herzog (Alexandre Herzog csnc ch)
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-07
lem nikolas gmail com
[SECURITY] [DSA 3369-1] zendframework security update 2015-10-06
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3370-1] freetype security update 2015-10-06
Alessandro Ghedini (ghedo debian org)
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-07
Nicholas Lemonias. (lem nikolas googlemail com)
Zope Management Interface CSRF vulnerabilities 2015-10-07
apparitionsec gmail com
[CVE-2015-7670] Multiple SQL Injection in Support Ticket System 1.2 WordPress plugin 2015-10-06
ibeptaz gmail com
TestLink Security Advisory - SQL Injection Vulnerability - CVE-2015-7390 2015-10-07
Onur Yilmaz (onur netsparker com)
TestLink Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-7391 2015-10-07
Onur Yilmaz (onur netsparker com)
Local RedHat Enterprise Linux DoS â?? RHEL 7.3 Kernel crashes on invalid USB device descriptors (usbvision driver) 2015-10-07
Ralf Spenneberg (info os-t de) (1 replies)
Re: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (usbvision driver) 2015-10-07
Ralf Spenneberg (ralf os-t de)
Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img 2015-10-06
Alexandre Herzog (Alexandre Herzog csnc ch)
Malware
TrojanDownloader:MSIL/Banload.AA
TrojanDownloader:VBS/Banload.V
TrojanDownloader:Win32/Banload.CAC
TrojanDownloader:Win32/Quireap.B
TrojanSpy:Win32/Batlopma.A
PWS:Win32/Sekur.A!dha
TrojanDownloader:SWF/Esaprof.B
TrojanDropper:Win32/Tramox.A
Backdoor:Win32/Warood.C
TrojanDownloader:Win32/Badiehi.B
Phishing
Summary Billing Account | 7th October 2015 |
WE DISCOVERED IRREGULARITIES | |
PayPal | 7th October 2015 |
[PAYPAL]: WARNING YOUR PAYPAL | |
Apple ID | 7th October 2015 |
Amazon | 7th October 2015 |
SGT.MONICA L BROWN | 7th October 2015 |
Vulnerebility
SANS News
Threatpost
Researchers Disrupt Angler Exploit Kit Ecosystem, Derail $30M Ransomware Campaign
Exploit
Zope Management Interface 4.3.7 - CSRF Vulnerabilities
6.10.2015
Bugtraq
Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img 2015-10-06
Alexandre Herzog (Alexandre Herzog csnc ch)
Advisory: web-based VM detection and coarse-grained fingerprinting 2015-10-05
Amit Klein (aksecurity gmail com)
LanWhoIs.exe 1.0.1.120 Stack Buffer Overflow 2015-10-06
apparitionsec gmail com
[security bulletin] HPSBUX03359 SSRT102094 rev.2 - HP-UX pppoec, local elevation of privilege 2015-10-05
security-alert hp com
[slackware-security] seamonkey (SSA:2015-274-03) 2015-10-01
Slackware Security Team (security slackware com)
[slackware-security] mozilla-thunderbird (SSA:2015-274-01) 2015-10-01
Slackware Security Team (security slackware com)
[slackware-security] php (SSA:2015-274-02) 2015-10-01
Slackware Security Team (security slackware com)
[security bulletin] HPSBST03418 rev.2 - HP P6000 Command View Software, Remote Disclosure of Information 2015-10-02
security-alert hp com
FTGate 2009 Build 6.4.00 CSRF Vulnerabilities 2015-10-02
apparitionsec gmail com
Malware
HTML/Costacas
Win32/Blakamba
TrojanProxy:MSIL/Utafajax.A
Phishing
Summary Billing Account | 6th October 2015 |
WE DISCOVERED IRREGULARITIES | |
Vanessa Craig | 6th October 2015 |
Apple | 6th October 2015 |
Votre identifiant Apple vient | |
MR DAVID | 6th October 2015 |
PayPal | 6th October 2015 |
Vulnerebility
SANS News
Threatpost
YiSpecter iOS Malware Abuses Apple Enterprise Certs to Push Adware
Google Pushes Stagefright 2.0 Patches to Nexus Devices
Scottrade Breach Affects 4.6 Million Customers
Canceled Talk Re-Ignites Controversy Over Legitimate Security Research
Exploit
LanSpy 2.0.0.155 - Buffer Overflow
PHP-Fusion <= v7.02.07 - Blind SQL Injection
GLPI 0.85.5 - RCE Through File Upload Filter Bypass
LanWhoIs.exe 1.0.1.120 - Stack Buffer Overflow
Last PassBroker 3.2.16 - Stack-Based Buffer Overflow
5.10.2015
Bugtraq
[security bulletin] HPSBST03418 rev.2 - HP P6000 Command View Software, Remote Disclosure of Information 2015-10-02
security-alert hp com
FTGate 2009 Build 6.4.00 CSRF Vulnerabilities 2015-10-02
apparitionsec gmail com
CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability 2015-10-02
Specto (specto custodela com)
[SYSS-2015-039] CSRF in OpenText Secure MFT 2015-10-02
adrian vollmer syss de
[ZDI-15-396] ManageEngine ServiceDesk Plus remote code execution 2015-10-02
Pedro Ribeiro (pedrib gmail com)
Qualys Security Advisory - OpenSMTPD Audit Report 2015-10-02
Qualys Security Advisory (qsa qualys com)
FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind [REVISED] 2015-10-02
FreeBSD Security Advisories (security-advisories freebsd org)
ZTE GPON F427 and possibly F460/F600 - authorization bypass and cleartext password storage 2015-10-02
jerzy patraszewski gmail com
Reflected Cross-Site Scripting (XSS) in SourceBans 2015-10-03
High-Tech Bridge Security Research (advisory htbridge ch)
Multiple Reflected XSS in Payment Form for PayPal Pro version 1.0.1 WordPress plugin 2015-10-04
ibemed gmail com
Multiple Reflected XSS in ResAds version 1.0.1 WordPress plugin 2015-10-04
ibemed gmail com
Malware
Phishing
PayPal | 5th October 2015 |
[PAYPAL]: WARNING YOUR PAYPAL | |
Web Team©2015 | 5th October 2015 |
WelIs Fargo | 5th October 2015 |
Email Admin Center | 5th October 2015 |
Vulnerebility
SANS News
Cyber Security Awareness Month: Protecting Your Network From "Dave"
Threatpost
Experian Breach Spills Data on 15 Million T-Mobile Customers
Exploit
ManageEngine ServiceDesk Plus <= 9.1 build 9110 - Path Traversal
Zemra Botnet CnC Web Panel Remote Code Execution
Kaseya VSA uploader.aspx Arbitrary File Upload
Truecrypt 7 / VeraCrypt 1.13 - Drive Letter Symbolic Link Creation Privilege Escalation
LanSpy 2.0.0.155 - Buffer Overflow
2.10.2015
Bugtraq
[security bulletin] HPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities 2015-10-01
security-alert hp com
[security bulletin] HPSBGN03424 rev.1 - HP Cloud Service Automation, Remote Authentication Bypass 2015-10-01
security-alert hp com
[SYSS-2015-001] Kaspersky Endpoint Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-003] Kaspersky Small Office Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-002] Kaspersky Endpoint Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-004] Kaspersky Small Office Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-006] Kaspersky Total Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-005] Kaspersky Total Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-008] Kaspersky Internet Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-009] Kaspersky Anti-Virus - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-007] Kaspersky Internet Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-010] Kaspersky Anti-Virus - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
Malware
Phishing
Paypal Inc | 2nd October 2015 |
Paypal Inc | 1st October 2015 |
Vulnerebility
SANS News
Threatpost
HTTPS Available as Opt-In for Blogspot
Apple Patches 100+ Vulnerabilities in OS X, Safari, iOS
Dridex Banking Malware Back in Circulation
Exploit
Avast Antivirus X.509 Error Rendering Command Execution
PIXORD Vehicle 3G Wi-Fi Router 3GR-431P - Multiple Vulnerabilities
Bosch Security Systems Dinion NBN-498 Web Interface - XML Injection
Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation
FTGate 2009 Build 6.4.00 - Multiple Vulnerabilities
FTGate 7 - CSRF Vulnerabilities
ElasticSearch 1.6.0 - Arbitrary File Download
WinRar < 5.30 beta 4 - Settings Import Command Execution
1.10.2015
Bugtraq
[security bulletin] HPSBGN03424 rev.1 - HP Cloud Service Automation, Remote Authentication Bypass 2015-10-01
security-alert hp com
[SYSS-2015-001] Kaspersky Endpoint Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-003] Kaspersky Small Office Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-002] Kaspersky Endpoint Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-004] Kaspersky Small Office Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-006] Kaspersky Total Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-005] Kaspersky Total Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-008] Kaspersky Internet Security - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
[SYSS-2015-009] Kaspersky Anti-Virus - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-007] Kaspersky Internet Security - Authentication Bypass 2015-10-01
matthias deeg syss de
[SYSS-2015-010] Kaspersky Anti-Virus - Use of One-Way Hash withouth a Salt 2015-10-01
matthias deeg syss de
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-09-30-2 Safari 9 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBST03502 rev.1 - HP 3PAR Service Processor (SP) SPOCC, Remote Disclosure of Information 2015-09-30
security-alert hp com
APPLE-SA-2015-09-30-01 iOS 9.0.2 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
Malware
Trojan:Win32/Cuffahlt.B
Adware:Win32/Bayads
Ransom:Win32/Orxlocker.A
Phishing
Amazon Support Inc | 30th September 2015 |
activation | 30th September 2015 |
30th September 2015 | |
service@intl-paypal.com | 30th September 2015 |
Vulnerebility
SANS News
Recent trends in Nuclear Exploit Kit activity
Threatpost
Unsupported Honeywell Experion PKS Vulnerable to Public Attacks
Suspicious Windows 7 Update Actually an Accidental Microsoft ‘Test’ Update
Apple Gatekeeper Bypass Opens Door for Malicious Code
Exploit