Databáze Hot News - Rok - Úvod 2018 2017 2016 2015 2014 2013 - 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 List - 2018 2017 2016 2015 2014 2013
Poslední aktualizace v 08.10.2016 14:19:38
30.9.2015
Bugtraq
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-09-30-2 Safari 9 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBST03502 rev.1 - HP 3PAR Service Processor (SP) SPOCC, Remote Disclosure of Information 2015-09-30
security-alert hp com
APPLE-SA-2015-09-30-01 iOS 9.0.2 2015-09-30
Apple Product Security (product-security-noreply lists apple com)
Apache James Server 2.3.2 security vulnerability fixed 2015-09-30
Eric Charles (eric apache org)
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-30
dev rarlab com (1 replies)
RE: WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-30
Popovici, Alejo \(LATCO - Buenos Aires\) (apopovici DELOITTE com) (1 replies)
Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-30
Eugene Roshal (roshal rarlab com)
FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind 2015-09-29
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
TrojanDownloader:MSIL/Malkinocci.A
TrojanDownloader:Win32/Banload.BEM
TrojanSpy:Win32/Banker.AOY
SoftwareBundler:Win32/Techsnab
Phishing
MARK WILLIAMS | 30th September 2015 |
Santander | 30th September 2015 |
Amazon Support Inc | 29th September 2015 |
Golden Charter | 29th September 2015 |
Barclays Bank PLC. | 29th September 2015 |
PayPal | 29th September 2015 |
Vulnerebility
SANS News
Threatpost
Dyreza Trojan Targeting IT Supply Chain Credentials
Exploit
29.9.2015
Bugtraq
CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
Ralf Spenneberg \(OpenSource Security\) (funktionskonto spenneberg net)
Remote privesc and RCE in Kaseya Virtual System Administrator 2015-09-29
Pedro Ribeiro (pedrib gmail com)
Vtiger CRM Authenticated Remote Code Execution (CVE-2015-6000) 2015-09-28
Benjamin Daniel Mussler (sec m
ESA-2015-151: RSA® OneStep Path Traversal Vulnerability 2015-09-29
Security Alert (Security_Alert emc com)
ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities 2015-09-29
Security Alert (Security_Alert emc com)
CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
Ralf Spenneberg \(OpenSource Security\) (funktionskonto spenneberg net) (1 replies)
Re: CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
Ralf Spenneberg (ralf os-t de)
Remote privesc and RCE in Kaseya Virtual System Administrator 2015-09-29
Pedro Ribeiro (pedrib gmail com)
Vtiger CRM Authenticated Remote Code Execution (CVE-2015-6000) 2015-09-28
Benjamin Daniel Mussler (sec ml fl7 de)
Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
l fl7 de)
Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
Malware
TrojanSpy:MSIL/QVKeyLogger.A
TrojanDownloader:MSIL/Suphun.A
TrojanDownloader:Win32/Jalaro.A
Phishing
Amazon Support Inc | 29th September 2015 |
Golden Charter | 29th September 2015 |
Barclays Bank PLC. | 29th September 2015 |
PayPal | 29th September 2015 |
PayPal Support | 29th September 2015 |
IMPORTANT MESSAGE FROM THE | |
Amazon Support Inc | 28th September 2015 |
Vulnerebility
SANS News
Threatpost
SAP Patches 12 SQL Injection, XSS Vulnerabilities in HANA
Dyreza Trojan Targeting IT Supply Chain Credentials
Exploit
ManageEngine EventLog Analyzer Remote Code Execution
Western Digital My Cloud 04.01.03-421, 04.01.04-422 - Command Injection
Kaseya Virtual System Administrator - Multiple Vulnerabilities
IconLover 5.42 - Local Buffer Overflow Exploit
Ubuntu Apport - Local Privilege Escalation
Mango Automation 2.6.0 - Multiple Vulnerabilities
PCMan FTP Server 2.0.7 - Directory Traversal Vulnerability
Watchguard XCS FixCorruptMail Local Privilege Escalation
28.9.2015
Bugtraq
Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
Flowdock API Bug Bounty #3 - (Invite) Persistent Web Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
My.WiFi USB Drive v1.0 iOS - File Include Vulnerability 2015-09-28
Vulnerability Lab (research vulnerability-lab com)
Subject mail: CVE-2015-7320 - Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
ibemed gmail com
CVE-2015-7320 - Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
ibemed gmail com
CVE-2015-7319 - SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
ibemed gmail com
Malware
TrojanDropper:Win32/Soloniti.A
TrojanDropper:Win32/Morblish.A
TrojanClicker:MSIL/FaceLiker
Trojan:Win32/Greeodode.A
Phishing
Amazon Support Inc | 28th September 2015 |
Lloyds Bank | 27th September 2015 |
Vulnerebility
SANS News
"Transport of London" Malicious E-Mail
Threatpost
JavaScript DDoS Attack Peaks at 275,000 Requests-Per-Second
Hotel Chain Hilton Worldwide Investigating Potential POS Breach
VeraCrypt Patched Against Two Critical TrueCrypt Flaws
Exploit
PCMan FTP Server 2.0.7 - Directory Traversal Vulnerability
BisonWare BisonFTP Server 3.5 - Directory Traversal Vulnerability
Mango Automation 2.6.0 - Multiple Vulnerabilities
Centreon 2.6.1 - Multiple Vulnerabilities
My.WiFi USB Drive 1.0 iOS - File Include Vulnerability
Photos in Wifi 1.0.1 iOS - Arbitrary File Upload Vulnerability
Git-1.9.5 ssh-agent.exe Buffer Overflow
Telegram 3.2 - Input Length Handling Crash PoC
27.9.2015
Bugtraq
Malware
Worm:Win32/Codbot
TrojanDownloader:MSIL/Getete.A
Phishing
Lloyds Bank | 27th September 2015 |
Amazon | 27th September 2015 |
PayPal Support | 26th September 2015 |
IMPORTANT MESSAGE FROM THE | |
æ‹?æ‹?è´· | 26th September 2015 |
Online Survey | 26th September 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
25.9.2015
Bugtraq
[SECURITY] [DSA 3368-1] cyrus-sasl2 security update 2015-09-25
Salvatore Bonaccorso (carnil debian org)
CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine 2015-09-25
Portcullis Advisories (advisories portcullis-security com)
CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine 2015-09-25
Portcullis Advisories (advisories portcullis-security com)
CVE-2015-5076 - Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine 2015-09-25
Portcullis Advisories (advisories portcullis-security com)
Insecure application-coupling in Good Authentication Delegation [MZ-15-03] 2015-09-25
modzero (security modzero ch)
Malware
Phishing
Online Survey | 26th September 2015 |
Virgin Media | 25th September 2015 |
bigfoot.com | 23rd September 2015 |
å?å“折扣 | 22nd September 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
FortiManager 5.2.2 - Persistent XSS Vulnerabilities
X2Engine 4.2 - CSRF Vulnerability
X2Engine 4.2 - Arbitrary File Upload
24.9.2015
Bugtraq
Insecure application-coupling in Good Authentication Delegation [MZ-15-03] 2015-09-25
modzero (security modzero ch)
FortiManager v5.2.2 Multiple XSS Vulnerabilities 2015-09-25
apparitionsec gmail com
Re: CVE-2015-5204: HTTP header injection vulnerability in Apache Cordova File Transfer Plugin for Android 2015-09-24
Shazron (shazron apache org)
[SECURITY] [DSA 3367-1] wireshark security update 2015-09-24
Moritz Muehlenhoff (jmm debian org)
BMC-2015-0006: File inclusion vulnerability in "BIRT Engine" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)
BMC-2015-0005: File inclusion vulnerability in "BIRT Viewer" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)
[SECURITY] [DSA 3366-1] rpcbind security update 2015-09-23
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Virgin Media | 25th September 2015 |
bigfoot.com | 23rd September 2015 |
å?å“折扣 | 22nd September 2015 |
Vulnerebility
SANS News
Mozilla Foundation Security Advisory 2015-112
Threatpost
Naikon APT Group Tied to China’s PLA Unit 78020
Microsoft Revokes Trust for Certificates Leaked by D-Link
Curbing the For-Profit Cybercrime Food Chain
Exploit
Windows Kernel - NtGdiBitBlt Buffer Overflow (MS15-097)
FortiManager 5.2.2 - Persistent XSS Vulnerabilities
X2Engine 4.2 - CSRF Vulnerability
X2Engine 4.2 - Arbitrary File Upload
SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit
WinRar 5.21 - SFX OLE Command Execution
FreshFTP 5.52 - .qfl Crash PoC
23.9.2015
Bugtraq
BMC-2015-0006: File inclusion vulnerability in "BIRT Engine" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)
BMC-2015-0005: File inclusion vulnerability in "BIRT Viewer" servlet used in BMC Remedy AR Reporting 2015-09-23
appsec (appsec bmc com)
[SECURITY] [DSA 3366-1] rpcbind security update 2015-09-23
Salvatore Bonaccorso (carnil debian org)
Cisco AnyConnect elevation of privileges via DMG install script 2015-09-23
Securify B.V. (lists securify nl)
[SECURITY] [DSA 3365-1] iceweasel security update 2015-09-23
Moritz Muehlenhoff (jmm debian org)
ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities 2015-09-23
Security Alert (Security_Alert emc com)
Cisco Security Advisory: Cisco IOS XE Software Network Address Translation Denial of Service Vulnerability 2015-09-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco IOS and IOS XE Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability 2015-09-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities 2015-09-23
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Malware
Phishing
bigfoot.com | 23rd September 2015 |
Vulnerebility
SANS News
Threatpost
5.6 Million Fingerprints Stolen In OPM Hack
Exploit
SMF (Simple Machine Forum) <= 2.0.10 - Remote Memory Exfiltration Exploit
w3tw0rk / Pitbul IRC Bot Remote Code Execution
refbase <= 0.9.6 - Multiple Vulnerabilities
Cisco AnyConnect 3.1.08009 - Privilege Escalation via DMG Install Script
22.9.2015
Bugtraq
UltraEdit v22.20 - Buffer Overflow Vulnerability 2015-09-23
Vulnerability Lab (research vulnerability-lab com)
WiFi Drive CR v1.0 iOS - Persistent Filename Dir List Vulnerability 2015-09-23
Vulnerability Lab (research vulnerability-lab com)
Flowdock API Bug Bounty #1 - (Description) Persistent Web Vulnerability 2015-09-23
Vulnerability Lab (research vulnerability-lab com)
Reflected Cross-Site Scripting (XSS) in iTop 2015-09-23
High-Tech Bridge Security Research (advisory htbridge ch)
Open-Xchange Security Advisory 2015-09-23 2015-09-23
Martin Heiland (martin heiland lists open-xchange com)
[slackware-security] mozilla-firefox (SSA:2015-265-01) 2015-09-23
Slackware Security Team (security slackware com)
Cisco AnyConnect elevation of privileges via DLL side loading 2015-09-22
Securify B.V. (lists securify nl)
Malware
Phishing
bigfoot.com | 23rd September 2015 |
å?å“折扣 | 22nd September 2015 |
PayPal Service | 22nd September 2015 |
Applec | 22nd September 2015 |
Tesco Bank | 22nd September 2015 |
Vulnerebility
SANS News
Making our users unlearn what we taught them
Threatpost
Bypass Developed for Microsoft Memory Protection, Control Flow Guard
Federal CISOs Propose New Efforts to Shore Up Cybersecurity
Exploit
SAP Netweaver < 7.01 - XML External Entity Injection
Kaspersky Antivirus ThinApp Parser Stack Buffer Overflow
Cisco AnyConnect Secure Mobility Client 3.1.08009 - Privilege Escalation
OS X Regex Engine (TRE) - Integer Signedness and Overflow Issues
OS X Regex Engine (TRE) - Stack Buffer Overflow
Apple qlmanage - SceneKit::daeElement::setElementName Heap Overflow
Window Kernel - Bitmap Handling Use-After-Free (MS15-061) #2
Windows Kernel - DeferWindowPos Use-After-Free (MS15-073)
Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073)
Windows Kernel - UserCommitDesktopMemory Use-After-Free (MS15-073)
Windows Kernel - Pool Buffer Overflow Drawing Caption Bar (MS15-061)
Windows Kernel - HmgAllocateObjectAttr Use-After-Free (MS15-061)
Windows Kernel - win32k!vSolidFillRect Buffer Overflow (MS15-061)
Windows Kernel - SURFOBJ NULL Pointer Dereference (MS15-061)
Windows Kernel - Brush Object Use-After-Free Vulnerability (MS15-061)
Windows Kernel - WindowStation Use-After-Free (MS15-061)
Windows Kernel - NULL Pointer Dereference with Window Station and Clipboard (MS15-061)
Windows Kernel - Bitmap Handling Use-After-Free (MS15-061)
Windows Kernel - FlashWindowEx Memory Corruption (MS15-097)
Windows Kernel - bGetRealizedBrush Use-After-Free (MS15-097)
Windows Kernel - Use-After-Free with Cursor Object (MS15-097)
Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)
Windows Kernel - NtGdiStretchBlt Pool Buffer Overflows (MS15-097)
Kaspersky Antivirus VB6 Parsing Integer Overflow
Kaspersky Antivirus ExeCryptor Parsing Memory Corruption
Kaspersky Antivirus PE Unpacking Integer Overflow
Kaspersky Antivirus DEX File Format Parsing Memory Corruption
Kaspersky Antivirus CHM Parsing Stack Buffer Overflow
Kaspersky Antivirus UPX Parsing Memory Corruption
Kaspersky Antivirus "Yoda's Protector" Unpacking Memory Corruption
22.9.2015
Bugtraq
UDID v1.0 iOS - Persistent Mail Encode Vulnerability 2015-09-22
Vulnerability Lab (research vulnerability-lab com)
Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability 2015-09-22
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3364-1] linux security update 2015-09-21
Ben Hutchings (benh debian org)
APPLE-SA-2015-09-21-1 watchOS 2 2015-09-21
Apple Product Security (product-security-noreply lists apple com)
Jasig CAS server vulnerabilities 2015-09-21
Antoni Klajn (antoni d klajn pwr edu pl)
Advisory: Insufficient Parameter Sanitization in login.live.com (Microsoft) 2015-09-21
securityresearch shaftek biz
CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth 2015-09-21
Antoine Neuenschwander (Antoine Neuenschwander csnc ch)
[SECURITY] [DSA 3363-1] owncloud-client security update 2015-09-20
Luciano Bello (luciano debian org)
Malware
Phishing
PayPal Service | 22nd September 2015 |
Apple | 22nd September 2015 |
Tesco Bank | 22nd September 2015 |
FROM MRS MICHELLE OBAMA | 21st September 2015 |
Chase | 21st September 2015 |
PayPal | 21st September 2015 |
Vulnerebility
SANS News
Threatpost
South Korean Child Monitoring App Beset by Vulnerabilities, Privacy Issues - See more at: https://threatpost.com/#sthash.dJZUKlne.dpuf
South Korean Child Monitoring App Beset by Vulnerabilities, Privacy Issues
Apple watchOS2 Includes Host of Code-Execution Patches
Model Assesses Readiness to Accept Outside Vulnerability Reports
Exploit
Konica Minolta FTP Utility 1.0 - Directory Traversal Vulnerability
Kirby CMS <= 2.1.0 - CSRF Content Upload and PHP Script Execution
h5ai < 0.25.0 - Unrestricted File Upload
Air Drive Plus 2.4 - Arbitrary File Upload Vulnerability
Kirby CMS <= 2.1.0 - Authentication Bypass
21.9.2015
Bugtraq
Jasig CAS server vulnerabilities 2015-09-21
Antoni Klajn (antoni d klajn pwr edu pl)
Advisory: Insufficient Parameter Sanitization in login.live.com (Microsoft) 2015-09-21
securityresearch shaftek biz
CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth 2015-09-21
Antoine Neuenschwander (Antoine Neuenschwander csnc ch)
[SECURITY] [DSA 3363-1] owncloud-client security update 2015-09-20
Luciano Bello (luciano debian org)
Defense in depth -- the Microsoft way (part 35): Windows Explorer ignores "Run as administrator" ... 2015-09-19
Stefan Kanthak (stefan kanthak nexgo de)
SAP Netwaver - XML External Entity Injection 2015-09-21
Lukasz Miedzinski (lukasz miedzinski gmail com)
[SECURITY] [DSA 3362-1] qemu-kvm security update 2015-09-18
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Chase | 21st September 2015 |
PayPal | 21st September 2015 |
Chase Update | 21st September 2015 |
PayPaI Service | 21st September 2015 |
Apple ID | 21st September 2015 |
21st September 2015 | |
Service PaypaI | 20th September 2015 |
Credit Union | 20th September 2015 |
Vulnerebility
SANS News
Threatpost
Adobe Patches 23 Critical Vulnerabilities in Flash Player
XcodeGhost iOS Malware Contained
Exploit
ADH-Web Server IP-Cameras - Multiple Vulnerabilities
Konica Minolta FTP Utility 1.0 - Remote Command Execution
Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow
20.9.2015
Bugtraq
KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
KoreLogic Disclosures (disclosures korelogic com)
[security bulletin] HPSBST03418 rev.1 - HP P6000 Command View Software, Remote Disclosure of Information 2015-09-17
security-alert hp com
Malware
Phishing
Credit Union | 20th September 2015 |
VIRGIN MEDIA | 20th September 2015 |
Amazon | 19th September 2015 |
Microsoft | 19th September 2015 |
Amazon | 19th September 2015 |
Vulnerebility
SANS News
Don't launch that file Adobe Reader!
Threatpost
Exploit
Thomson CableHome Gateway (DWG849) Cable Modem Gateway - Information Exposure
ADH-Web Server IP-Cameras - Multiple Vulnerabilities
Total Commander 8.52 - Buffer Overflow (Windows 10)
Total Commander 8.52 - Buffer Overflow
Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection
Wireshark 1.12.7 - Division by Zero Crash PoC
Microsoft Office 2007 - BIFFRecord Length Use-After-Free
Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion
Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097)
MS15-078 Microsoft Windows Font Driver Buffer Overflow
17.9.2015
Bugtraq
KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
KoreLogic Disclosures (disclosures korelogic com)
[security bulletin] HPSBST03418 rev.1 - HP P6000 Command View Software, Remote Disclosure of Information 2015-09-17
security-alert hp com
APPLE-SA-2015-09-16-4 OS X Server 5.0.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
Apple Safari FTP PASV manipulation vulnerability (CVE-2015-5912) 2015-09-16
Amit Klein (aksecurity gmail com)
APPLE-SA-2015-09-16-3 iTunes 12.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
Malware
Phishing
Amazon | 17th September 2015 |
National | 17th September 2015 |
Eco Experts | 16th September 2015 |
Vulnerebility
SANS News
Threatpost
Apple Addresses Dozens of Vulnerabilities, Embraces Two-Factor Authentication in iOS 9
D-Link Accidentally Leaks Private Code-Signing Keys
Google Details Plans to Disable SSLv3 and RC4
Exploit
IKEView.exe R60 - .elg Local SEH Exploit
ZTE PC UI USB Modem Software - Buffer Overflow
ManageEngine OpManager Remote Code Execution
Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation
Windows NtUserGetClipboardAccessToken Token Leak
Windows Task Scheduler DeleteExpiredTaskAfter File Deletion Privilege Escalation
Windows CreateObjectTask TileUserBroker Privilege Escalation
Windows CreateObjectTask SettingsSyncDiagnostics Privilege Escalation
16.9.2015
Bugtraq
APPLE-SA-2015-09-16-3 iTunes 12.3 2015-09-16
Apple Product Security (product-security-noreply
KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
KoreLogic Disclosures (disclosures korelogic com)
[security bulletin] HPSBST03418 rev.1 - HP P6000 Command View Software, Remote Disclosure of Information 2015-09-17
security-alert hp com
APPLE-SA-2015-09-16-4 OS X Server 5.0.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
Apple Safari FTP PASV manipulation vulnerability (CVE-2015-5912) 2015-09-16
Amit Klein (aksecurity gmail com)
APPLE-SA-2015-09-16-3 iTunes 12.3 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-09-16-2 Xcode 7.0 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-09-16-1 iOS 9 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16
security-alert hp com
Fwd: [CVE-2015-6940] Pentaho GA PDI & GA BA - Improper authentication allows unauthenticated access to configuration files 2015-09-16
gregory draperi (gregory draperi gmail com)
lists apple com)
APPLE-SA-2015-09-16-2 Xcode 7.0 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-09-16-1 iOS 9 2015-09-16
Apple Product Security (product-security-noreply lists apple com)
Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16
security-alert hp com
Malware
TrojanDropper:MSIL/Mutra
TrojanSpy:Win32/Rebhip.E
Trojan:JS/Iframeinject.AE
Phishing
Eco Experts | 16th September 2015 |
Christy Bryant | 16th September 2015 |
PayPaI Inc | 15th September 2015 |
USAA | 15th September 2015 |
Vulnerebility
Symantec Endpoint Protection Manager CVE-2015-1487 Arbitrary File Write Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76094
Linux Kernel 'perf_callchain_user_64()' Function Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76401
Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-09-17
http://www.securityfocus.com/bid/76288
Adobe FlashPlayer and AIR APSB15-19 Type Confusion Multiple Remote Code Execution Vulnerabilities
2015-09-17
http://www.securityfocus.com/bid/76287
Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76194
IBM WebSphere Application Server CVE-2015-1885 Remote Privilege Escalation Vulnerability
2015-09-17
http://www.securityfocus.com/bid/74219
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76249
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76092
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75157
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75154
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75890
Symantec Endpoint Protection Manager CVE-2015-1489 Remote Privilege Escalation Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76078
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/73237
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/73225
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/73232
Symantec Endpoint Protection Manager CVE-2015-1486 Authentication Bypass Vulnerability
2015-09-17
http://www.securityfocus.com/bid/76074
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-09-17
http://www.securityfocus.com/bid/73326
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-09-17
http://www.securityfocus.com/bid/71936
Apple Mac OS X Multiple Privilege Escalation Vulnerabilities
2015-09-17
http://www.securityfocus.com/bid/76421
Elasticsearch CVE-2015-5377 Remote Code Execution Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75938
Elasticsearch CVE-2015-5531 Directory Traversal Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75935
IBM WebSphere Application Server CVE-2015-1927 Remote Privilege Escalation Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75486
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-09-17
http://www.securityfocus.com/bid/75156
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-09-17
http://www.securityfocus.com/bid/72165
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-09-17
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-0437 Remote Java SE Vulnerability
2015-09-17
http://www.securityfocus.com/bid/72146
GNU glibc 'send_dg()' Function Local Information Disclosure Weakness
2015-09-17
http://www.securityfocus.com/bid/72844
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-09-17
http://www.securityfocus.com/bid/74733
SANS News
A day in the life of a pentester, or is my job is too sexy for me?
Threatpost
Dutch Police Arrest Alleged CoinVault Ransomware Authors
Schneider Patches Plaintext Credentials Bug in Building Automation System
Dennis Fisher On Security, Journalism, and the Origins of Threatpost
Details Surface on Patched Bugzilla Privilege Escalation Flaw
Exploit
Android libstagefright - Integer Overflow Remote Code Execution
ManageEngine OpManager Remote Code Execution
ZeusCart 4.0 - CSRF Vulnerability
ZTE PC UI USB Modem Software - Buffer Overflow
MS15-078 Microsoft Windows Font Driver Buffer Overflow
VBox Satellite Express 2.3.17.3 - Arbitrary Write
15.9.2015
Bugtraq
Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16
security-alert hp com
Fwd: [CVE-2015-6940] Pentaho GA PDI & GA BA - Improper authentication allows unauthenticated access to configuration files 2015-09-16
gregory draperi (gregory draperi gmail com)
Microsoft Exchange Information Disclosure 2015-09-16
apparitionsec gmail com
[SECURITY] [DSA 3360-1] icu security update 2015-09-15
Laszlo Boszormenyi (GCS) (gcs debian org)
Malware
TrojanSpy:Win32/Rebhip
TrojanDownloader:Win32/Bladabindi
Phishing
Christy Bryant | 16th September 2015 |
PayPaI Inc | 15th September 2015 |
USAA | 15th September 2015 |
ebilling@bt.com | 15th September 2015 |
Vulnerebility
SANS News
Malicious spam with zip attachments containing .js files
Threatpost
WordPress Patches Serious Shortcodes Core Engine Vulnerability
First Let’s Encrypt Free Certificate Goes Live
Scan of IPv4 Space for ‘Implanted’ Cisco Routers Finds Fewer Than 100
Spam Campaign Continuing to Serve Up Malicious .js Files
Google Patches Latest Android Lockscreen Bypass
Exploit
Microsoft Office Excel 2007, 2010, 2013 - BIFFRecord Use-After-Free
Microsoft Office 2007 - BIFFRecord Length Use-After-Free
Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion
Microsoft Office 2007 - OGL.dll ValidateBitmapInfo Bounds Check Failure (MS15-097)
WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection
FAROL - SQL Injection Vulnerability
14.9.2015
Bugtraq
[security bulletin] HPSBHF03509 rev.1 - HP ThinPro and Smart Zero Core, Remote Denial of Service, Unauthorized Access to Data 2015-09-15
security-alert hp com
Paypal Inc - Open Redirect Web Vulnerability 2015-09-15
Vulnerability Lab (research vulnerability-lab com)
Openfire 3.10.2 CSRF Vulnerabilities 2015-09-15
apparitionsec gmail com
IKEView.exe R60 Stack Buffer Overflow 2015-09-14
apparitionsec gmail com
[security bulletin] HPSBMU03392 rev.2 - HP ArcSight Logger, Remote Authorization Bypass 2015-09-14
security-alert hp com
[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting 2015-09-14
Ahrens, Julien (Julien Ahrens secunet com)
[SECURITY] [DSA 3358-1] php5 security update 2015-09-13
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:AutoIt/Gedo
TrojanDropper:MSIL/Mutra
TrojanClicker:Win32/Frosparf.H
TrojanDownloader:Win32/Frosparf.A
Phishing
Barclays PLC | 14th September 2015 |
Amazon | 14th September 2015 |
PayPal | 13th September 2015 |
Apple | 13th September 2015 |
Halifax Plc | 13th September 2015 |
Vulnerebility
SANS News
Risk... in the most obscure places
Threatpost
DARPA Protecting Software From Reverse Engineering Through Obfuscation
Attackers Replacing Firmware on Cisco Routers
Exploit
Android Shellcode Telnetd with Parameters
Windows 10 Build 10130 - User Mode Font Driver Thread Permissions Privilege Escalation
Windows NtUserGetClipboardAccessToken Token Leak
Windows Task Scheduler DeleteExpiredTaskAfter File Deletion Privilege Escalation
Windows CreateObjectTask TileUserBroker Privilege Escalation
Windows CreateObjectTask SettingsSyncDiagnostics Privilege Escalation
TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi - Hard-Coded Credentials
Total Commander 8.52 - SEH-Overwrite BOF
Attackers Replacing Firmware on Cisco Routers
Attackers Replacing Firmware on Cisco Routers
MS15-100 Microsoft Windows Media Center MCL Vulnerability
WordPress CP Reservation Calendar Plugin 1.1.6 - SQL Injection
Openfire 3.10.2 - Unrestricted File Upload
Openfire 3.10.2 - Remote File Inclusion
Openfire 3.10.2 - Privilege Escalation
Openfire 3.10.2 - Multiple XSS Vulnerabilities
Openfire 3.10.2 - CSRF Vulnerabilities
Silver Peak VXOA < 6.2.11 - Multiple Vulnerabilities
ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution
ManageEngine OpManager 11.5 - Multiple Vulnerabilities
13.9.2015
Bugtraq
[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting 2015-09-14
Ahrens, Julien (Julien Ahrens secunet com)
[SECURITY] [DSA 3358-1] php5 security update 2015-09-13
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3359-1] virtualbox security update 2015-09-13
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3357-1] vzctl security update 2015-09-13
Moritz Muehlenhoff (jmm debian org)
[SECURITY] [DSA 3356-1] openldap security update 2015-09-12
Salvatore Bonaccorso (carnil debian org)
IKEView.exe Fox beta 1 Stack Buffer Overflow 2015-09-12
apparitionsec gmail com
Malware
Phishing
Barclays PLC | 14th September 2015 |
Amazon | 14th September 2015 |
PayPal | 13th September 2015 |
Apple | 13th September 2015 |
Halifax Plc | 13th September 2015 |
PAYPAI SERVICE | 13th September 2015 |
Vulnerebility
SANS News
The Wordpress Plugins Playground
Threatpost
Installation of Tor Relay in Library Attracts DHS Attention
New Debian Releases Fix PHP, VirtualBox Bugs
Exploit
ManageEngine EventLog Analyzer < 10.6 build 10060 - SQL Query Execution
ManageEngine OpManager 11.5 - Multiple Vulnerabilities
EZ SQL Reports < 4.11.37 - Multiple Vulnerabilities
IKEView.exe Fox beta 1 - Stack Buffer Overflow
IKEView.exe R60 - Stack Buffer Overflow
12.9.2015
Bugtraq
[SECURITY] [DSA 3356-1] openldap security update 2015-09-12
Salvatore Bonaccorso (carnil debian org)
IKEView.exe Fox beta 1 Stack Buffer Overflow 2015-09-12
apparitionsec gmail com
[security bulletin] HPSBHF03408 rev.2 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code 2015-09-11
security-alert hp com
[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability 2015-09-11
Egidio Romano (research karmainsecurity com)
Magento Bug Bounty #19 - Persistent Filename Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15 2015-09-10
LpSolit gmail com
Malware
Phishing
Apple | 13th September 2015 |
Halifax Plc | 13th September 2015 |
PAYPAI SERVICE | 13th September 2015 |
PayPal | 12th September 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Microsoft Internet Explorer 11 - Stack Underflow Crash PoC
Windows Media Center - Command Execution (MS15-100)
Monsta FTP 1.6.2 - Multiple Vulnerabilities
11.9.2015
Bugtraq
DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
Onur Yilmaz (onur netsparker com)
[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability 2015-09-11
Egidio Romano (research karmainsecurity com)
Magento Bug Bounty #19 - Persistent Filename Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability 2015-09-11
Vulnerability Lab (research vulnerability-lab com)
Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15 2015-09-10
LpSolit gmail com
Security advisory for Bugzilla 5.0, 4.4.9, and 4.2.14 2015-09-10
dkl mozilla com
DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
Onur Yilmaz (onur netsparker com)
[SECURITY] [DSA 3355-1] libvdpau security update 2015-09-10
Alessandro Ghedini (ghedo debian org)
Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
Securify B.V. (lists securify nl)
Synology Video Station command injection and multiple SQL injection vulnerabilities 2015-09-09
Securify B.V. (lists securify nl)
[SECURITY] [DSA 3355-1] libvdpau security update 2015-09-10
Alessandro Ghedini (ghedo debian org)
Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
Securify B.V. (lists securify nl)
Synology Video Station command injection and multiple SQL injection vulnerabilities 2015-09-09
Securify B.V. (lists securify nl)
[security bulletin] HPSBGN03504 rev.1 - HP UCMDB, Local Disclosure of Sensitive Information 2015-09-09
security-alert hp com
[security bulletin] HPSBOV03505 rev.1 - TCP/IP Services for OpenVMS running NTP, Remote Code Execution, Denial of Service (DoS) 2015-09-09
security-alert hp com
Malware
TrojanDownloader:Win32/Blinsload.A
PWS:Win32/Pumba.C
Phishing
alert@barclays.co.uk | 11th September 2015 |
USAA | 10th September 2015 |
APPLE | 10th September 2015 |
Vulnerebility
SANS News
Feeding DShield with OSSEC Logs
Threatpost
Just Like Old Days: IOT Security Pits Regulators Against Market
Gary McGraw on Scalable Software Security and Medical Device Securityf
Series of Buffer Overflows Plague Many Yokogawa ICS Products
Exploit
OS X x64 - tcp bind shellcode, NULL byte free (144 bytes)
OS X Install.framework suid root Runner Binary Privilege Escalation
OS X Install.framework Arbitrary mkdir, unlink and chown to admin Group
OS X Install.framework suid Helper Privilege Escalation
Logitech Webcam Software 1.1 - eReg.exe SEH/Unicode Buffer Overflow
OpenLDAP 2.4.42 - ber_get_next Denial of Service
10.9.2015
Bugtraq
DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
Onur Yilmaz (onur netsparker com)
[SECURITY] [DSA 3355-1] libvdpau security update 2015-09-10
Alessandro Ghedini (ghedo debian org)
Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
Securify B.V. (lists securify nl)
Synology Video Station command injection and multiple SQL injection vulnerabilities 2015-09-09
Securify B.V. (lists securify nl)
[security bulletin] HPSBGN03504 rev.1 - HP UCMDB, Local Disclosure of Sensitive Information 2015-09-09
security-alert hp com
[security bulletin] HPSBOV03505 rev.1 - TCP/IP Services for OpenVMS running NTP, Remote Code Execution, Denial of Service (DoS) 2015-09-09
security-alert hp com
[ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-015] SAP NetWeaver AS ABAPâ?? Hardcoded Credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE in Add Repository 2015-09-09
ERPScan inc (erpscan online gmail com)
ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-09-09
Security Alert (Security_Alert emc com)
ESA-2015-140: RSA® Identity Management & Governance Multiple Cross-Site Scripting Vulnerabilities 2015-09-09
Security Alert (Security_Alert emc com)
[security bulletin] HPSBOV03506 rev.1 - TCP/IP Services for OpenVMS running BIND, Remote Denial of Service (DoS) 2015-09-08
security-alert hp com
Defense in depth -- the Microsoft way (part 33): arbitrary code execution (and UAC bypass) via RegEdit.exe 2015-09-08
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3354-1] spice security update 2015-09-08
Salvatore Bonaccorso (carnil debian org)
Malware
TrojanDownloader:MSIL/Muxtart.A
Phishing
APPLE | 10th September 2015 |
Vulnerebility
SANS News
Threatpost
FTC, Experts Push Startups to Think About Security From the Beginning
NY Health Provider Excellus Discloses Data Breach Dating to 2013
Pair of Drupal Modules Patch Access Bypass Flaws
Exploit
Android Stagefright - Remote Code Execution
Qlikview <= 11.20 SR11 - Blind XXE Injection Vulnerability
Auto-Exchanger 5.1.0 - CSRF Vulnerability
9.9.2015
Bugtraq
[ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-015] SAP NetWeaver AS ABAPâ?? Hardcoded Credentials 2015-09-09
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE in Add Repository 2015-09-09
ERPScan inc (erpscan online gmail com)
ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-09-09
Security Alert (Security_Alert emc com)
ESA-2015-140: RSA® Identity Management & Governance Multiple Cross-Site Scripting Vulnerabilities 2015-09-09
Security Alert (Security_Alert emc com)
[security bulletin] HPSBOV03506 rev.1 - TCP/IP Services for OpenVMS running BIND, Remote Denial of Service (DoS) 2015-09-08
security-alert hp com
Defense in depth -- the Microsoft way (part 33): arbitrary code execution (and UAC bypass) via RegEdit.exe 2015-09-08
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3354-1] spice security update 2015-09-08
Salvatore Bonaccorso (carnil debian org)
Re: Oracle Hyperion password disclosure... 2015-09-08
jeff kayser jibeconsulting com
Malware
MonitoringTool:Win32/TektonIt
HackTool:Win32/Broduplo
TrojanDownloader:Win32/Dabaker.A
TrojanDownloader:Java/OpenConnection.QE
Phishing
Tesco Bank | 8th September 2015 |
Vulnerebility
SANS News
Threatpost
Android Stagefright Exploit Code Released to Public
Musical Chairs Campaign Found Deploying New Gh0st RAT Variant
Jessy Irwin on Password Security, Opsec and User Education
Security of iMessage System Comes to the Fore Again
Turla APT Group Abusing Satellite Internet Links
TLS Implementations Vulnerable to RSA Key Leaks
Microsoft Patches Graphics Component Flaw Under Attack
Exploit
Qlikview <= 11.20 SR11 - Blind XXE Injection Vulnerability
PHP SplDoublyLinkedList unserialize() Use-After-Free
PHP GMP unserialize() Use-After-Free
PHP SplObjectStorage unserialize() Use-After-Free
PHP Session Deserializer Use-After-Free
DirectAdmin Web Control Panel 1.483 - Multiple Vulnerabilities
Linux/x86 - execve("/bin/cat", ["/bin/cat", "/etc/passwd"], NULL)
8.9.2015
Bugtraq
[CVE-2015-3623] Qlikview blind XXE Security Vulnerability 2015-09-08
alex_haynes outlook com
NETGEAR Wireless Management System - Authentication Bypass and Privilege Escalation. 2015-09-07
Elliott Lewis (elliott lewis uk gmail com)
[SECURITY] [DSA 3353-1] openslp-dfsg security update 2015-09-05
Alessandro Ghedini (ghedo debian org)
JSPMySQL Administrador CSRF & XSS Vulnerabilities 2015-09-05
apparitionsec gmail com
Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)
Malware
Backdoor:Win32/Shesmi.A
TrojanDownloader:Win32/Puflug.B
TrojanDropper:Win32/PSah.A
Phishing
Amazon | 7th September 2015 |
Vulnerebility
SANS News
Threatpost
Adobe Patches Two Shockwave Player Vulnerabilities
eBay Fixes XSS Flaw in Subdomain
Government Releases Policy on Vulnerability Discovery and Disclosure
Exploit
Cisco Sourcefire User Agent 2.2 - Insecure File Permissions
IBM AIX High Availability Cluster Multiprocessing (HACMP) Local Privilege Escalation 0day
Advantech WebAccess 8.0, 3.4.3 ActiveX - Multiple Vulnerabilities
VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow
7.9.2015
Bugtraq
NETGEAR Wireless Management System - Authentication Bypass and Privilege Escalation. 2015-09-07
Elliott Lewis (elliott lewis uk gmail com)
[SECURITY] [DSA 3353-1] openslp-dfsg security update 2015-09-05
Alessandro Ghedini (ghedo debian org)
JSPMySQL Administrador CSRF & XSS Vulnerabilities 2015-09-05
apparitionsec gmail com
Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)
Avira Mobile Security iOS Application - Cleartext Credentials Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)
Defense in depth -- the Microsoft way (part 32): yet another (trivial) UAC bypass resp. privilege escalation 2015-09-04
Stefan Kanthak (stefan kanthak nexgo de)
Oracle Hyperion password disclosure... 2015-09-04
Jeff Kayser (jeff kayser jibeconsulting com)
Malware
TrojanSpy:Win32/Banker.AOT
TrojanSpy:Win32/Banker.AOS
TrojanSpy:Win32/Banker.AOP
Phishing
Nobel Trust Ltd. | 3rd September 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Endian Firewall Proxy Password Change Command Injection
NETGEAR Wireless Management System 2.1.4.15 (Build 1236) - Privilege Escalation
JSPMySQL Administrador - Multiple Vulnerabilities
Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities
WordPress Contact Form Generator <= 2.0.1 - Multiple CSRF Vulnerabilities
FireEye Appliance Unauthorized File Disclosure
Elastix < 2.5 , PHP Code Injection Exploit
AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow
Disconnect.me Mac OS X Client <= 2.0 - Local Privilege Escalation
ActiveState Perl.exe x64 Client 5.20.2 - Crash PoC
5.9.2015
Bugtraq
Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)
Avira Mobile Security iOS Application - Cleartext Credentials Vulnerability 2015-09-04
David Coomber (davidcoomber infosec gmail com)
Defense in depth -- the Microsoft way (part 32): yet another (trivial) UAC bypass resp. privilege escalation 2015-09-04
Stefan Kanthak (stefan kanthak nexgo de)
Oracle Hyperion password disclosure... 2015-09-04
Jeff Kayser (jeff kayser jibeconsulting com)
[SECURITY] [DSA 3352-1] screen security update 2015-09-04
Laszlo Boszormenyi (gcs debian org)
Malware
VBA / TrojanDownloader.Agent.AAV
VBA / TrojanDownloader.Agent.AAL
VBA / TrojanDownloader.Agent.AAK
VBA / TrojanDownloader.Agent.AAZ
Phishing
Vulnerebility
SANS News
Threatpost
Attacker Compromised Mozilla Bug System, Stole Private Vulnerability Data - See more at: https://threatpost.com/attacker-compromised-mozilla-bug-system-stole-private-vulnerability-data/114552/#sthash.0WvwhP3t.dpuf
Attacker Compromised Mozilla Bug System, Stole Private Vulnerability Data - See more at: https://threatpost.com/attacker-compromised-mozilla-bug-system-stole-private-vulnerability-data/114552/#sthash.0WvwhP3t.dpuf
Attacker Compromised Mozilla Bug System, Stole Private Vulnerability Data
Exploit
4.9.2015
Bugtraq
[SECURITY] [DSA 3352-1] screen security update 2015-09-04
Laszlo Boszormenyi (gcs debian org)
[slackware-security] seamonkey (SSA:2015-246-01) 2015-09-03
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3351-1] chromium-browser security update 2015-09-03
Michael Gilbert (mgilbert debian org)
[CVE-2014-7216] Yahoo! Messenger emoticons.xml Multiple Key Value Handling Local Buffer Overflow 2015-09-03
Julien Ahrens (info rcesecurity com)
ESA-2015-144: EMC Documentum Content Server Privilege Escalation Vulnerability 2015-09-03
Security Alert (Security_Alert emc com)
Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities 2015-09-03
Vulnerability Lab (research vulnerability-lab com)
Checkmarx CxQL Sandbox bypass (CVE-2014-8778) 2015-09-03
hdau deloitte fr
[SYSS-2015-016] Avaya one-X® Agent - Hard-coded Cryptographic Key 2015-09-03
sven freund syss de
[slackware-security] bind (SSA:2015-245-01) 2015-09-02
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3350-1] bind9 security update 2015-09-02
Moritz Muehlenhoff (jmm debian org)
FreeBSD Security Advisory FreeBSD-SA-15:23.bind 2015-09-02
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 3348-1] qemu security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3349-1] qemu-kvm security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)
Malware
Phishing
Vulnerebility
SANS News
Port Scanners: The Good and The Bad
Threatpost
Citovat Wassenaar, HP vytáhne z Mobile Pwn2Own
Federálové Change Policy vyžadovat rozkaz k použití Stingrays
Exploit
3.9.2015
Bugtraq
[SECURITY] [DSA 3348-1] qemu security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3349-1] qemu-kvm security update 2015-09-02
Salvatore Bonaccorso (carnil debian org)
Cisco Security Advisory: Cisco Integrated Management Controller Supervisor and Cisco UCS Director Remote File Overwrite Vulnerability 2015-09-02
Cisco Systems Product Security Incident Response Team (psirt cisco com)
[SECURITY] [DSA 3347-1] pdns security update 2015-09-02
Sébastien Delafond (seb debian org)
ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability 2015-09-02
Security Alert (Security_Alert emc com)
Malware
TrojanDownloader:Win32/Contaskitar.B
TrojanDownloader:Win32/Retkwark.A
TrojanDownloader:Win32/Qulkonwi.D
TrojanDownloader:Win32/Lophistdol.A
Backdoor:Win32/NetWiredRC.D
TrojanSpy:Win32/Banker.AOO
Backdoor:Win32/Farfli.BJ
TrojanDownloader:Win32/Upatre.BY
TrojanDownloader:Win32/Upatre.BX
TrojanDownloader:Win32/Scadmacs.A
SoftwareBundler:Win32/Owsair
SoftwareBundler:Win32/LoadArcher.A
SoftwareBundler:Win32/LoadArcher
TrojanDownloader:Win32/Upatre.CB
Phishing
Service 2015 | 2nd September 2015 |
Administrator Online® | 2nd September 2015 |
Yvonne Perry | 2nd September 2015 |
Tesco Bank | 1st September 2015 |
Mohamed Abdel | 1st September 2015 |
email update | 1st September 2015 |
Mona Yates | 1st September 2015 |
Vulnerebility
SANS News
Querying the DShield API from RTIR
Threatpost
New Versions of Carbanak Banking Malware Seen Hitting Targets in U.S. and Europe
New Android Ransomware Communicates over XMPP
Cisco Patches File Overwrite Bug in IMC Supervisor and UCS Director
Exploit
SphereFTP Server 2.0 - Crash PoC
2.9.2015
Bugtraq
[SECURITY] [DSA 3347-1] pdns security update 2015-09-02
Sébastien Delafond (seb debian org)
ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability 2015-09-02
Security Alert (Security_Alert emc com)
Cross-Site Request Forgery in Cerb 2015-09-02
High-Tech Bridge Security Research (advisory htbridge ch)
[slackware-security] gdk-pixbuf2 (SSA:2015-244-01) 2015-09-01
Slackware Security Team (security slackware com)
CVE-2015-5603: JIRA and the HipChat For JIRA plugin - Velocity Template Injection 2015-09-02
David Black (dblack atlassian com)
KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation 2015-09-01
KoreLogic Disclosures (disclosures korelogic com)
KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation 2015-09-01
KoreLogic Disclosures (disclosures korelogic com)
[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities 2015-09-01
CORE Advisories Team (advisories coresecurity com)
Malware
Phishing
Tesco Bank | 1st September 2015 |
Mohamed Abdel | 1st September 2015 |
email update | 1st September 2015 |
Mona Yates | 1st September 2015 |
IT管ç†ä¸å¿ƒ | 1st September 2015 |
ã€ç½‘络è¿è¥éƒ¨ã€‘关于EMI | |
Wells Fargo Bank | 1st September 2015 |
Vulnerebility
SANS News
What's the situation this week for Neutrino and Angler EK?
Threatpost
Encryption, Lock Mechanism Vulnerabilities Plague AppLock
Google Patches Critical Vulnerabilities in Chrome 45
Victims of June OPM Hack Still Haven’t Been Notified
Netflix Sleepy Puppy Awakens XSS Vulnerabilities in Secondary Applications
Exploit
Bedita 3.5.1 - XSS Vulnerabilities
Edimax BR6228nS/BR6228nC - Multiple Vulnerabilities
Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow
SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where PoC
XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write PoC
Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow
SphereFTP Server 2.0 - Crash PoC
OS X x64 /bin/sh Shellcode, NULL Byte Free, 34 bytes
Cerb 7.0.3 - CSRF Vulnerability
GPON Home Router FTP G-93RG1 - CSRF Command Execution Vulnerability
Thomson Wireless VoIP Cable Modem TWG850-4B ST9C.05.08 - Authentication Bypass
1.9.2015
Bugtraq
[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities 2015-09-01
CORE Advisories Team (advisories coresecurity com)
[security bulletin] HPSBMU03339 rev.1 - HP LoadRunner Controller, Local Execution of Arbitrary Code 2015-09-01
security-alert hp com
[security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information 2015-08-31
security-alert hp com
[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information 2015-08-31
security-alert hp com
Malware
Phishing
Mohamed Abdel | 1st September 2015 |
email update | 1st September 2015 |
Mona Yates | 1st September 2015 |
IT管ç†ä¸å¿ƒ | 1st September 2015 |
ã€ç½‘络è¿è¥éƒ¨ã€‘关于EMI | |
Wells Fargo Bank | 1st September 2015 |
PayPol Services | 31st August 2015 |
CASE ID : 1389795465 | PLEASE | |
PayPal - Customer | 31st August 2015 |
Natwest | 29th August 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
Bedita 3.5.1 - XSS Vulnerabilities
Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow
31.8.2015
Bugtraq
[security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information 2015-08-31
security-alert hp com
[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information 2015-08-31
security-alert hp com
Dogma India dogmaindia CMS - Auth Bypass Vulnerability 2015-08-28
Vulnerability Lab (research vulnerability-lab com)
Jenkins 1.626 - Cross Site Request Forgery / Code Execution 2015-08-28
smash devilteam pl
LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability 2015-08-28
Vulnerability Lab (research vulnerability-lab com)
PayPal Bug Bounty #119 - Stored Cross Site Scripting Vulnerability 2015-08-28
Vulnerability Lab (research vulnerability-lab com)
[security bulletin] HPSBGN03407 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Modification, Disclosure of Information 2015-08-28
security-alert hp com
[security bulletin] HPSBGN03387 rev.1 - HP Intelligent Provisioning, Remote Code Execution, Unauthorized Access 2015-08-28
security-alert hp com
[SECURITY] [DSA 3346-1] drupal7 security update 2015-08-31
Alessandro Ghedini (ghedo debian org)
[security bulletin] HPSBMU03416 rev.1 - HP Data Protector, Remote Disclosure of Information 2015-08-28
security-alert hp com
[SECURITY] [DSA 3345-1] iceweasel security update 2015-08-29
Salvatore Bonaccorso (carnil debian org)
[slackware-security] mozilla-firefox (SSA:2015-241-01) 2015-08-29
Slackware Security Team (security slackware com)
Re: Re: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host 2015-08-30
kev r yahoo com
[SECURITY] [DSA 3344-1] php5 security update 2015-08-27
Sebastien Delafond (seb debian org)
Malware
TrojanDownloader:Win32/ExtenBro.A
BrowserModifier:Win32/Diplugem
DDoS:Win32/Nitol.J
TrojanDownloader:Win32/Olutall.B
TrojanDownloader:AutoIt/Fadef
SoftwareBundler:Win32/FakeDiX
Phishing
Vulnerebility
SANS News
Detecting file changes on Microsoft systems with FCIV
Threatpost
CoreBot Malware Steals Credentials-For Now
CERT Warns of Slew of Bugs in Belkin N600 Routers
NSF Awards $6M Grants for Internet of Things Security
CoreBot Malware Steals Credentials-For Now
Exploit
PhpWiki 1.5.4 - Multiple Vulnerabilities
Edimax PS-1206MF - Web Admin Auth Bypass
Ganglia Web Frontend < 3.5.1 - PHP Code Execution
Cyberoam Firewall CR500iNG-XP - 10.6.2 MR-1 - Blind SQL Injection Vulnerability
Apple OS X Entitlements Rootpipe Privilege Escalation
Microsoft Office 2007 - msxml5.dll Crash PoC
Viber 4.2.0 - Non-Printable Characters Handling Denial of Service Vulnerability
30.8.2015
Bugtraq
Malware
BrowserModifier:Win32/Diplugem
TrojanDownloader:Win32/ExtenBro.A
DDoS:Win32/Nitol.J
TrojanDownloader:Win32/Olutall.B
TrojanDownloader:AutoIt/Fadef
SoftwareBundler:Win32/FakeDiX
Phishing
Natwest | 29th August 2015 |
Vulnerebility
SANS News
Automating Metrics using RTIR REST API
Threatpost
Appeals Court Vacates Lower Court’s Decision on National Security Letters
Exploit
MS SQL Server 2000/2005 SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer Exploit
Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure
Sysax Multi Server 6.40 SSH Component Denial of Service
28.8.2015
Bugtraq
[SECURITY] [DSA 3344-1] php5 security update 2015-08-27
Sebastien Delafond (seb debian org)
[security bulletin] HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of Information 2015-08-27
security-alert hp com
UAC Bypass Vulnerability on "Windows 7" in Windows Script Host 2015-08-27
vozzie gmail com (1 replies)
Malware
TrojanDownloader:Win32/Banload.BDQ
TrojanSpy:Win32/Bancos.ANS
TrojanDownloader:Win32/Banload.BDN
TrojanDownloader:Win32/Banload.BDL
PWS:Win32/Fareit.AF
TrojanDownloader:Win32/Zegost.H
Exploit:Win32/CVE-2015-2426
TrojanDownloader:MSIL/Winpud.A
Phishing
Barclays PLC. | 27th August 2015 |
Silvia Ribas. | 27th August 2015 |
Vulnerebility
SANS News
Test File: PDF With Embedded DOC Dropping EICAR
Threatpost
Adobe Hotfix Patches XXE Vulnerability in ColdFusion
Scanner Finds Malicious Android Apps at Scale
Google to Pause Flash Ads in Chrome Starting Next Week
FBI: Social Engineering, Hacks Lead to Millions Lost to Wire Fraud
Exploit
WordPress Responsive Thumbnail Slider Plugin 1.0 - Arbitrary File Upload
Jenkins 1.626 - Cross Site Request Forgery / Code Execution
Wolf CMS Arbitrary File Upload To Command Execution
Photo Transfer (2) 1.0 iOS - Denial of Service Vulnerability
27.8.2015
Bugtraq
UAC Bypass Vulnerability on "Windows 7" in Windows Script Host 2015-08-27
vozzie gmail com
[security bulletin] HPSBHF03408 rev.1 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code 2015-08-26
security-alert hp com
[security bulletin] HPSBGN03411 rev.1 - HP Operations Agent Virtual Appliance, Remote Unauthorized Disclosure of Information 2015-08-26
security-alert hp com
CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins 2015-08-26
grajalerts noreply gmail com
[security bulletin] HPSBGN03405 rev.1 - HP Integration Adaptor, Remote Unauthorized Modification, Disclosure of Information 2015-08-26
security-alert hp com
Malware
TrojanDownloader:Win32/Gratem.A
BrowserModifier:Win32/IstartSurf!lnk
BrowserModifier:Win32/DeltaHomes!lnk
BrowserModifier:Win32/OurSurfing!lnk
Phishing
Silvia Ribas. | 27th August 2015 |
PayPal | 27th August 2015 |
Vulnerebility
SANS News
Threatpost
Target Says SEC Won’t Pursue Enforcement Action as a Result of Data Breach
Patched Ins0mnia Vulnerability Keeps Malicious iOS Apps Hidden
Endress+Hauser Patches Buffer Overflow In Dozens of ICS Products
Exploit
Magento eCommerce - Remote Code Execution
VLC Media Player 2.2.1 - m3u8/m3u Crash PoC
FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution
Xion Audio Player 1.5 build 155 Stack Based Buffer Overflow
QEMU Programmable Interrupt Timer Controller Heap Overflow
26.8.2015
Bugtraq
[security bulletin] HPSBMU03397 rev.1 - HP Version Control Agent (VCA) on Windows and Linux, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03413 rev.1 - HP Virtual Connect Enterprise Manager SDK, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03396 rev.1 - HP Version Control Repository Manager (VCRM) on Windows and Linux, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities 2015-08-24
security-alert hp com
Malware
VBA / TrojanDownloader.Agent.AAC
VBA / TrojanDownloader.Agent.ZX
VBA / TrojanDownloader.Agent.ZS
Phishing
Natwest | 26th August 2015 |
PayPal | 26th August 2015 |
Vulnerebility
SANS News
Actor that tried Neutrino exploit kit now back to Angler
Threatpost
CERT Warns of Hard-Coded Credentials in DSL SOHO Routers
Researchers Uncover New Italian RAT uWarrior
Exploit
VLC Media Player 2.2.1 - m3u8/m3u Crash PoC
25.8.2015
Bugtraq
[security bulletin] HPSBMU03397 rev.1 - HP Version Control Agent (VCA) on Windows and Linux, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03413 rev.1 - HP Virtual Connect Enterprise Manager SDK, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03396 rev.1 - HP Version Control Repository Manager (VCRM) on Windows and Linux, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities 2015-08-24
security-alert hp com
[security bulletin] HPSBGN03404 rev.1 - HP Service Health Reporter, Remote Unauthorized Modification 2015-08-24
security-alert hp com
[security bulletin] HPSBMU03345 rev.1 - HP Network Node Manager i (NNMi) and Smart Plugins (iSPIs) for HP-UX, Linux, Solaris, and Windows, Remote Disclosure of Information, Unauthorized Modification 2015-08-24
security-alert hp com
[SYSS-2015-026] Denial of Service (CWE-730) and Overly Restrictive Account Lockout Mechanism (CWE-645) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
[SYSS-2015-027] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
[SYSS-2015-028] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
[SYSS-2015-029] Insecure Direct Object Reference (CWE-932) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
[SYSS-2015-032] Broken Authentication and Session Management (CWE-930) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
[SYSS-2015-030] Improper Handling of Insufficient Privileges (CWE-274) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
SYSS-2015-033: Missing Function Level Access Control (CWE-935) in Page2Flip Premium App 2.5 2015-08-24
erlijn vangenuchten syss de
Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation 2015-08-24
ajs swordshield com
Cross site request forgery vulnerability in Linksys WAG120N 2015-08-23
DonVallejo . (j v vallejo gmail com)
[SYSS-2015-025] Netop Remote Control - Insufficiently Protected Credentials 2015-08-24
matthias deeg syss de
Malware
Phishing
service@paypal.co.uk | 24th August 2015 |
ACTION REQUIRED -YOUR BANK HAS | |
Vulnerebility
SANS News
Dropbox Phishing via Compromised Wordpress Site
Threatpost
Charlie Miller to Leave Twitter Security Team
AutoIt Used in Targeted Attacks to Move RATs
Exploit
Microsoft Office 2007 OneTableDocumentStream Invalid Object
Microsoft Office 2007 Malformed Document Stack-Based Buffer Overflow
Firefox PDF.js Privileged Javascript Injection
Pligg CMS 2.0.2 - CSRF Add Admin Exploit
WordPress GeoPlaces3 Theme - Arbitrary File Upload Vulnerbility
Mock SMTP Server 1.0 Remote Crash PoC
GOM Audio 2.0.8 - (.gas) Crash POC
Keeper IP Camera 3.2.2.10 - Authentication Bypass
24.8.2015
Bugtraq
Cross site request forgery vulnerability in Linksys WAG120N 2015-08-23
DonVallejo . (j v vallejo gmail com)
[SYSS-2015-025] Netop Remote Control - Insufficiently Protected Credentials 2015-08-24
matthias deeg syss de
Logstash vulnerability CVE-2015-5619 2015-08-21
Suyog Rao (suyog elastic co)
Malware
Phishing
SUPPORT | 24th August 2015 |
Microsoft | 24th August 2015 |
sales | 23rd August 2015 |
Chase Bank | 23rd August 2015 |
USAA | 23rd August 2015 |
Vulnerebility
SANS News
Are You Protecting your "Backdoor" ?
Threatpost
White House Support for CISA Worries Privacy Advocates - See more at: https://threatpost.com/#sthash.N0mq2Ham.dpuf
White House Support for CISA Worries Privacy Advocates
AlienSpy RAT Resurfaces as JSocket
Vulnerabilities Identified in Dolphin, Mercury Android Browsers
Exploit
Easy File Sharing Web Server 6.9 - USERID Remote Buffer Overflow
Easy Address Book Web Server 1.6 - USERID Remote Buffer Overflow
24.8.2015
Bugtraq
Logstash vulnerability CVE-2015-5619 2015-08-21
Suyog Rao (suyog elastic co)
[security bulletin] HPSBUX03410 SSRT102175 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-21
security-alert hp com
Re: [SECURITY] [DSA 3325-2] apache2 regression update 2015-08-21
franzskinn gmail com
APPLE-SA-2015-08-20-1 QuickTime 7.7.8 2015-08-20
Apple Product Security (product-security-noreply lists apple com)
Re: Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability 2015-08-20
anonymous yahoo com
[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege 2015-08-20
security-alert hp com
[SECURITY] [DSA 3342-1] vlc security update 2015-08-20
Alessandro Ghedini (ghedo debian org)
[oCERT-2015-009] VLC arbitrary pointer dereference 2015-08-20
Andrea Barisani (lcars ocert org)
UBNT Bug Bounty #3 - Persistent Filename Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
WebSolutions India Design CMS - SQL Injection Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
ChiefPDF Software v2.x - Buffer Overflow Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Malware
Phishing
Chase Bank | 23rd August 2015 |
USAA | 23rd August 2015 |
Lloyds Bank | 22nd August 2015 |
Lloyds | 22nd August 2015 |
Vulnerebility
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-08-22
http://www.securityfocus.com/bid/73684
Symantec Endpoint Protection Manager CVE-2015-1487 Arbitrary File Write Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76094
Linux Kernel 'perf_callchain_user_64()' Function Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76401
Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-08-22
http://www.securityfocus.com/bid/76288
Adobe FlashPlayer and AIR APSB15-19 Type Confusion Multiple Remote Code Execution Vulnerabilities
2015-08-22
http://www.securityfocus.com/bid/76287
Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76194
IBM WebSphere Application Server CVE-2015-1885 Remote Privilege Escalation Vulnerability
2015-08-22
http://www.securityfocus.com/bid/74219
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76249
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76092
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75157
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75154
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75890
Symantec Endpoint Protection Manager CVE-2015-1489 Remote Privilege Escalation Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76078
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/73237
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/73225
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/73231
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-08-22
http://www.securityfocus.com/bid/73232
Symantec Endpoint Protection Manager CVE-2015-1486 Authentication Bypass Vulnerability
2015-08-22
http://www.securityfocus.com/bid/76074
IBM Security Directory Server CVE-2015-0138 Man in the Middle Security Bypass Vulnerability
2015-08-22
http://www.securityfocus.com/bid/73326
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-08-22
http://www.securityfocus.com/bid/71936
Apple Mac OS X Multiple Privilege Escalation Vulnerabilities
2015-08-22
http://www.securityfocus.com/bid/76421
Elasticsearch CVE-2015-5377 Remote Code Execution Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75938
Elasticsearch CVE-2015-5531 Directory Traversal Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75935
IBM WebSphere Application Server CVE-2015-1927 Remote Privilege Escalation Vulnerability
2015-08-22
http://www.securityfocus.com/bid/75486
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-08-22
http://www.securityfocus.com/bid/72165
Oracle Java SE CVE-2015-0437 Remote Java SE Vulnerability
2015-08-22
http://www.securityfocus.com/bid/72146
Oracle Java SE CVE-2015-0412 Remote Java SE Vulnerability
2015-08-22
http://www.securityfocus.com/bid/72136
Oracle Java SE CVE-2015-0408 Remote Java SE Vulnerability
2015-08-22
http://www.securityfocus.com/bid/72140
Oracle Java SE CVE-2015-0395 Remote Java SE Vulnerability
2015-08-22
http://www.securityfocus.com/bid/72142
SANS News
Threatpost
Exploit
Microsoft Office 2007 wwlib.dll fcPlcfFldMom Uninitialized Heap Usage
Microsoft Office 2007 wwlib.dll Type Confusion
Microsoft Office 2007 OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write
Microsoft Office 2007 MSO.dll Arbitrary Free
Microsoft Office 2007 MSO.dll Use-After-Free
Windows win32k.sys TTF Font Processing win32k!fsc_BLTHoriz Out-of-Bounds Pool Write
Windows win32k.sys TTF Font Processing win32k!fsc_RemoveDups Out-of-Bounds Pool Memory Access
Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed FDSelect Offset in the CFF Table
Windows ATMFD.DLL Out-of-Bounds Read Due to Malformed Name INDEX in the CFF Table
Windows win32k.sys TTF Font Processing win32k!scl_ApplyTranslation Pool-Based Buffer Overflow
Windows win32k.sys TTF Font Processing IUP[] Program Instruction Pool-Based Buffer Overflow
Windows ATMFD.DLL Write to Uninitialized Address Due to Malformed CFF Table
Windows ATMFD.DLL CFF table (ATMFD+0x3440b / ATMFD+0x3440e) Invalid Memory Access
Windows ATMFD.DLL CFF table (ATMFD+0x34072 / ATMFD+0x3407b) Invalid Memory Access
Windows ATMFD.DLL CharString Stream Out-of-Bounds Reads
Microsoft Office 2007 MSPTLS Heap Index Integer Underflow
21.8.2015
Bugtraq
[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege 2015-08-20
security-alert hp com
[SECURITY] [DSA 3342-1] vlc security update 2015-08-20
Alessandro Ghedini (ghedo debian org)
[oCERT-2015-009] VLC arbitrary pointer dereference 2015-08-20
Andrea Barisani (lcars ocert org)
UBNT Bug Bounty #3 - Persistent Filename Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
WebSolutions India Design CMS - SQL Injection Vulnerability 2015-08-20
Vulnerability Lab (research vulnerability-lab com)
Malware
Win32/TrojanDownloader.Small.ACX
Phishing
Microsoft | 21st August 2015 |
HM Revenue & Customs | 21st August 2015 |
@aol.com | 20th August 2015 |
Amazon Support | 20th August 2015 |
Amazon Support | 19th August 2015 |
Vulnerebility
Multiple Zend Products CVE-2015-5161 XML External Entity Injection Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76177
Apache Subversion CVE-2015-0248 Multiple Denial of Service Vulnerabilities
2015-08-21
http://www.securityfocus.com/bid/74260
Apache Subversion CVE-2015-3184 Information Disclosure Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76274
Apache Subversion CVE-2014-8108 Remote Denial of Service Vulnerability
2015-08-21
http://www.securityfocus.com/bid/71725
Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76273
Apache Subversion 'deadprops.c' Security Bypass Vulnerability
2015-08-21
http://www.securityfocus.com/bid/74259
Apache Subversion CVE-2014-3580 Remote Denial of Service Vulnerability
2015-08-21
http://www.securityfocus.com/bid/71726
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75867
Microsoft Internet Explorer CVE-2015-2444 Remote Memory Corruption Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76194
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-08-21
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75796
Oracle Java SE CVE-2015-2625 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75895
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-2613 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75871
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-08-21
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-2590 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75818
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75823
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75861
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-4731 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75812
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75784
WordPress WP OAuth Server Plugin Multiple Predictable Random Number Generator Weaknesses
2015-08-21
http://www.securityfocus.com/bid/76363
Linux Kernel CVE-2015-3212 Local Security Bypass Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76082
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-08-21
http://www.securityfocus.com/bid/76092
ISC BIND CVE-2014-8500 Remote Denial of Service Vulnerability
2015-08-21
http://www.securityfocus.com/bid/71590
Huawei Mate 7 Smartphone Multiple Local Privilege Escalation Vulnerabilities
2015-08-21
http://www.securityfocus.com/bid/74742
Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75849
Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
2015-08-21
http://www.securityfocus.com/bid/75837
SANS News
A recent decline in traffic associated with Operation Windigo
Threatpost
Uptick in Neutrino Exploit Kit Traffic Doesn’t Mean Angler Reign Over
Details Surface on Patched Sandbox Violation Vulnerability in iOS
Facebook Updates Information-Sharing Platform
Exploit
WordPress MDC Private Message Plugin 1.0.0 - Persistent XSS
Valhala Honeypot 1.8 - Stack-Based Buffer Overflow
Win2003 x64 - Token Stealing shellcode - 59 bytes
20.8.2015
Bugtraq
[security bulletin] HPSBUX03400 SSRT102211 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-19
security-alert hp com
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability 2015-08-19
Christofer Dutz (cdutz apache org)
Privilege escalation through RPC commands in EMC Documentum Content Server (incomplete fix in CVE-2015-4532) 2015-08-19
andrew panfilov tel
Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19
Asher995 gmail com (2 replies)
Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19
paul szabo sydney edu au
RE: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19
Chillman, Paul, Vodafone UK (Paul Chillman vodafone com)
[SYSS-2015-041] XSS in OpenText Secure MFT 2015-08-19
adrian vollmer syss de
Malware
Phishing
Amazon Support | 20th August 2015 |
Amazon Support | 19th August 2015 |
PayPal Inc | 19th August 2015 |
[PAYPAL VERIFICATION] ✉ LAST | |
Vulnerebility
Linux Kernel CVE-2015-3212 Local Security Bypass Vulnerability
2015-08-20
http://www.securityfocus.com/bid/76082
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-08-20
http://www.securityfocus.com/bid/76092
ISC BIND CVE-2014-8500 Remote Denial of Service Vulnerability
2015-08-20
http://www.securityfocus.com/bid/71590
Huawei Mate 7 Smartphone Multiple Local Privilege Escalation Vulnerabilities
2015-08-20
http://www.securityfocus.com/bid/74742
Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75849
Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75837
Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75802
Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75830
Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75822
Oracle MySQL Server CVE-2015-0433 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74089
Oracle MySQL Server CVE-2015-0505 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74112
Oracle MySQL Server CVE-2015-0441 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74103
Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75759
Oracle MySQL Server CVE-2015-0432 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72217
Oracle MySQL Server CVE-2015-0499 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74115
Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75751
Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72210
Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72191
Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72214
Oracle MySQL Server CVE-2015-2571 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74095
Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72205
Oracle MySQL Server CVE-2015-2568 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74073
Oracle MySQL Server CVE-2015-2573 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74078
Oracle MySQL Server CVE-2015-0374 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72227
Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/72200
Oracle MySQL Server CVE-2015-0501 Remote Security Vulnerability
2015-08-20
http://www.securityfocus.com/bid/74070
Drupal Acquia Cloud Site Factory Connector Module Open Redirection Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75280
Drupal LABjs Module Open Redirection Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75279
Drupal Shibboleth authentication Module Cross Site Scripting Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75410
Drupal HybridAuth Social Login Module Access Bypass Vulnerability
2015-08-20
http://www.securityfocus.com/bid/75412
SANS News
Actor using Angler exploit kit switched to Neutrino
Threatpost
Holes Patched in Online Bookmarking App Pocket
Web.com Loses 93,000 Credit Card Numbers in Breach
Inside the Unpatched OS X Vulnerabilities
Exploit
Aruba Mobility Controller 6.4.2.8 - Multiple vulnerabilities
Vifi Radio v1 - CSRF Vulnerability
up.time 7.5.0 Superadmin Privilege Escalation Exploit
up.time 7.5.0 XSS And CSRF Add Admin Exploit
up.time 7.5.0 Arbitrary File Disclose And Delete Exploit
up.time 7.5.0 Upload And Execute File Exploit
19.8.2015
Bugtraq
[SYSS-2015-041] XSS in OpenText Secure MFT 2015-08-19
adrian vollmer syss de
Trend Micro Deep Discovery XSS 2015-08-19
apparitionsec gmail com
Trend Micro Deep Discovery Authentication Bypass 2015-08-19
apparitionsec gmail com
Re: Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-08-18
aabbccdd05407 gmail com
CVE-2015-5699 - Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation 2015-08-18
Gregory Pickett (gpickett71 yahoo com)
FreeBSD Security Advisory FreeBSD-SA-15:20.expat 2015-08-18
FreeBSD Security Advisories (security-advisories freebsd org)
[SECURITY] [DSA 3338-1] python-django security update 2015-08-18
Alessandro Ghedini (ghedo debian org)
Malware
TrojanDownloader:Win32/Upatre.BR
TrojanDownloader:MSIL/Torwofun.B
PWS:Win32/QQpass.GR
PWS:MSIL/Facepass.A
SoftwareBundler:Win32/Bestof
PWS:O97M/Wipha.A
Phishing
admin email | 19th August 2015 |
Lisa | 18th August 2015 |
285$ | 18th August 2015 |
Tesco Bank | 18th August 2015 |
Tracy Allen | 18th August 2015 |
Natwest | 18th August 2015 |
Mail Administrator | 18th August 2015 |
Arlene Horton | 18th August 2015 |
Unlimited | 18th August 2015 |
FRESH TOOLS / ONLINE LIVE | |
Apple | 18th August 2015 |
YOUR APPLE ID WAS USED TO SIGN | |
Vulnerebility
Oracle MySQL Server CVE-2015-0381 Remote Security Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72214
Oracle MySQL Server CVE-2015-0411 Remote Security Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72191
Oracle MySQL Server CVE-2015-0391 Remote Security Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72205
Oracle MySQL Server CVE-2015-0382 Remote Security Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72200
Adobe Flash Player and AIR CVE-2015-5560 Unspecified Integer Overflow Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76289
Adobe FlashPlayer and AIR APSB15-19 Type Confusion Multiple Remote Code Execution Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/76287
Adobe Flash Player and AIR APSB15-19 Multiple Use After Free Remote Code Execution Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/76288
Adobe Flash Player and AIR APSB15-19 Multiple Memroy Corruption Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/76291
Oracle MySQL Server CVE-2014-6568 Remote Security Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72210
Adobe Flash Player and AIR CVE-2015-5124 Unspecified Memory Corruption Vulnerability
2015-08-19
http://www.securityfocus.com/bid/75959
Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/75087
Adobe FlashPlayer and AIR APSB15-19 Multiple Unspecified Heap Buffer Overflow Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/76282
Adobe Flash Player ActionScript 3 BitmapData Use After Free Remote Memory Corruption Vulnerability
2015-08-19
http://www.securityfocus.com/bid/75710
Adobe Flash Player CVE-2015-5122 Use After Free Remote Memory Corruption Vulnerability
2015-08-19
http://www.securityfocus.com/bid/75712
OpenSSH Login Handling Security Bypass Weakness
2015-08-19
http://www.securityfocus.com/bid/75990
OpenSSH 'x11_open_helper()' Function Security Bypass Vulnerability
2015-08-19
http://www.securityfocus.com/bid/75525
Net-SNMP snmptrapd CVE-2014-3565 Remote Denial of Service Vulnerability
2015-08-19
http://www.securityfocus.com/bid/69477
Fortinet FortiOS SSL-VPN Man in The Middle Security Bypass Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76065
Linux Kernel 'get_bitmap_file()' Function Local Information Disclosure Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76066
GNU glibc 'getaddrinfo.c' Remote Code Execution Vulnerability
2015-08-19
http://www.securityfocus.com/bid/72710
Linux Kernel Multiple Remote Denial of Service Vulnerability
2015-08-19
http://www.securityfocus.com/bid/75510
Mozilla Firefox CVE-2015-4492 Use After Free Memory Corruption Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76297
Mozilla Firefox Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/76294
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76249
Icecast Remote Denial of Service Vulnerability
2015-08-19
http://www.securityfocus.com/bid/73965
libgadu CVE-2014-3775 Memory Corruption Vulnerability
2015-08-19
http://www.securityfocus.com/bid/67471
Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2015-08-19
http://www.securityfocus.com/bid/65188
libgadu SSL Certificate Validation CVE-2013-4488 Security Bypass Vulnerability
2015-08-19
http://www.securityfocus.com/bid/63473
SQLite Versions Prior to 3.8.9 Multiple Security Vulnerabilities
2015-08-19
http://www.securityfocus.com/bid/74228
Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
2015-08-19
http://www.securityfocus.com/bid/76273
SANS News
Microsoft Security Bulletin MS15-093 - Critical OOB - Internet Explorer RCE
Threatpost
Emergency IE Patch Fixes Vulnerability Under Attack
IRS Hack May Implicate Three Times As Many Taxpayers Than Expected
Apple Zero Day Remains Unpatched
Core Infrastructure Initiative Launches Open Source Security Badge Program
Adobe Patches XXE Vulnerability in LiveCycle Data Services
Exploit
Flash Broker-Based Sandbox Escape via Forward Slash Instead of Backslash
Flash Broker-Based Sandbox Escape via Unexpected Directory Lock
Flash Broker-Based Sandbox Escape via Timing Attack Against File Moving
Flash Boundless Tunes - Universal SOP Bypass Through ActionSctipt's Sound Object
Flash PCRE Regex Compilation Zero-Length Assertion Arbitrary Bytecode Execution
Flash Player Integer Overflow in Function.apply
Flash AVSS.setSubscribedTags Use After Free Memory Corruption
Flash Uninitialized Stack Variable MPD Parsing Memory Corruption
Flash Issues in DefineBitsLossless and DefineBitsLossless2 Leads to Using Uninitialized Memory
Flash AS2 Use After Free in TextField.filters
Flash AS2 Use After Free While Setting TextField.filters
Flash Use-After-Free in Display List Handling
Flash Use-After-Free in NetConnection.connect
Adobe Flash Use-After-Free When Setting Variable
Flash AS2 Use After Free in DisplacementMapFilter.mapBitmap
Flash Use-After-Free with MovieClip.scrollRect in AS2
Adobe Flash Use-After-Free When Setting Value
Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File
Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated SWF File (2)
Adobe Flash Out-of-Bounds Memory Read While Parsing a Mutated TTF File Embedded in SWF
Adobe Flash Use-After-Free in XML.childNodes
Easy File Management Web Server 5.6 - USERID Remote Buffer Overflow
FTP Commander 8.02 - SEH Overwrite
OS X 10.10.5 - XNU Local Privilege Escalation
18.8.2015
Bugtraq
Re: [SECURITY] [DSA 3336-1] nss security update 2015-08-17
miguelmellolopes gmail com
EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532) 2015-08-17
andrew panfilov tel
[SECURITY] [DSA 3336-1] nss security update 2015-08-17
Salvatore Bonaccorso (carnil debian org)
sysadmin privilege in EMC Documentum Content Server 2015-08-17
andrew panfilov tel
Insufficient certificate validation in EMC Secure Remote Services Virtual Edition 2015-08-17
Securify B.V. (lists securify nl)
Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal 2015-08-17
Securify B.V. (lists securify nl)
[ERPSCAN-15-013] SAP NetWeaver AS Java CIM UPLOAD â?? XXE 2015-08-17
ERPScan inc (erpscan online gmail com)
[ERPSCAN-15-012] SAP Afaria 7 XComms â?? Buffer Overflow 2015-08-17
ERPScan inc (erpscan online gmail com)
ESA-2015-130: EMC Documentum WebTop and WebTop Clients Cross-Site Request Forgery Vulnerability 2015-08-17
Security Alert (Security_Alert emc com)
ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities 2015-08-17
Security Alert (Security_Alert emc com)
Malware
PWS:O97M/Wipha.A
PWS:Win32/Wipha.A
TrojanDownloader:Win32/Tembatch.B
Exploit:VBS/CVE-2014-6332
Exploit:SWF/CVE-2014-6332
Phishing
Barclays | 18th August 2015 |
TalkTalk | 17th August 2015 |
The payment for your latest | |
NEWF#CKFRIEND | 17th August 2015 |
6367$ | 17th August 2015 |
No need to stay awake all | |
Vulnerebility
Linux Kernel 'get_bitmap_file()' Function Local Information Disclosure Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76066
GNU glibc 'getaddrinfo.c' Remote Code Execution Vulnerability
2015-08-18
http://www.securityfocus.com/bid/72710
Linux Kernel Multiple Remote Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/75510
Mozilla Firefox CVE-2015-4492 Use After Free Memory Corruption Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76297
Mozilla Firefox Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/76294
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76249
Icecast Remote Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/73965
libgadu CVE-2014-3775 Memory Corruption Vulnerability
2015-08-18
http://www.securityfocus.com/bid/67471
Pidgin 'gg_http_watch_fd()' Function Buffer Overflow Vulnerability
2015-08-18
http://www.securityfocus.com/bid/65188
libgadu SSL Certificate Validation CVE-2013-4488 Security Bypass Vulnerability
2015-08-18
http://www.securityfocus.com/bid/63473
SQLite Versions Prior to 3.8.9 Multiple Security Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/74228
Apache Subversion CVE-2015-3187 Information Disclosure Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76273
Apache Subversion 'deadprops.c' Security Bypass Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74259
Apache Subversion CVE-2015-0248 Multiple Denial of Service Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/74260
IBM Domino Remote Cross Site Scripting Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74908
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-08-18
http://www.securityfocus.com/bid/72169
Linux Kernel 'x86/entry/entry_64.S' Local Privilege Escalation Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76004
Linux Kernel CVE-2015-3212 Local Security Bypass Vulnerability
2015-08-18
http://www.securityfocus.com/bid/76082
Linux Kernel CVE-2014-9731 Local Information Disclosure Vulnerability
2015-08-18
http://www.securityfocus.com/bid/75001
Linux Kernel KVM 'kvm_apic_has_events()' Function Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/75142
Linux Kernel '/arch/x86/net/bpf_jit_comp.c' CVE-2015-4700 Local Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/75356
Linux Kernel UDF File System Multiple Local Denial of Service Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/74964
Linux Kernel 'ozwpan' Driver Multiple Heap Buffer Overflow Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/74672
Linux Kernel 'vhost/scsi.c' Local Memory Corruption Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74664
Linux Kernel 'ozwpan' Driver Multiple Denial of Service Vulnerabilities
2015-08-18
http://www.securityfocus.com/bid/74668
Linux Kernel 'fs/udf/inode.c' Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74963
Linux Kernel CVE-2015-3636 Local Privilege Escalation Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74450
Linux Kernel 'fs/fhandle.c' Local Race Condition Vulnerability
2015-08-18
http://www.securityfocus.com/bid/72357
Linux Kernel 'sk_dst_get()' Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/72435
Linux Kernel CVE-2015-2922 Denial of Service Vulnerability
2015-08-18
http://www.securityfocus.com/bid/74315
SANS News
Tool Tip: Kansa Stafford released, PowerShell for DFIR
Threatpost
Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched
Exploit
Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched - See more at: https://threatpost.com/#sthash.fuC1gXrv.dpuf
Risky Schneider Electric SCADA Vulnerabilities Remain Unpatched
Uber to Quadruple Security Staff by 2016
Werkzeug Debug Shell Command Execution
Symantec Endpoint Protection Manager Authentication Bypass and Code Execution
VideoCharge Studio Buffer Overflow (SEH)
FTP Commander 8.02 - SEH Overwrite
Cisco Unified Communications Manager - Multiple Vulnerabilities
vBulletin < 4.2.2 - Memcache Remote Code Execution
Nuts CMS Remote PHP Code Injection / Execution
Magento CE < 1.9.0.1 Post Auth RCE
PHPfileNavigator 2.3.3 - XSS Vulnerabilities
PHPfileNavigator 2.3.3 - CSRF Vulnerability
Sagemcom F@ST 3864 V2 - Get Admin Password
17.8.2015
Bugtraq
Poor security in SOHO routers, again. Changing configuration parameters with a click. 2015-08-17
DonVallejo . (j v vallejo gmail com)
Re: Multiple vulnerabilites in vendor IKE implementations, including Cisco, 2015-08-16
arash yazdanfare gmail com
Re: NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE 2015-08-16
13669185678 139 com
Malware
PWS:Win32/Rugond.A
TrojanDropper:Win32/Notdinoti.B
TrojanDropper:Win32/Strakupa.A
TrojanSpy:Win32/Gucotut.A
TrojanDownloader:Win32/Lentrigy.A
TrojanDownloader:MSIL/Runtk.A
Backdoor:Win32/Venik.K
Phishing
FindMeAndF#ckMe | 17th August 2015 |
PayPal | 17th August 2015 |
ROCKSTAR SERVER | 15th August 2015 |
Vulnerebility
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-08-17
http://www.securityfocus.com/bid/75161
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/75157
cURL/libcURL 'fix_hostname()' Function Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/74300
Todd Miller Sudo 'validate_env_vars()' Local Privilege Escalation Vulnerability
2015-08-17
http://www.securityfocus.com/bid/65997
Todd Miller Sudo CVE-2014-9680 Local Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/72649
GNU Troff pdfroff Insecure Temporary File Creation and Arbitrary File Access Vulnerabilities
2015-08-17
http://www.securityfocus.com/bid/36381
tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71150
tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71153
Todd Miller Sudo CVE-2013-1775 Local Authentication Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/58203
Todd Miller Sudo CVE-2013-2776 Local Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/62741
Python 'ZipExtFile._read2()' Method Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/65179
Python 'sock_recvfrom_into()' Function Buffer Overflow Vulnerability
2015-08-17
http://www.securityfocus.com/bid/65379
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71701
Perl CVE-2013-7422 Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/75704
Python CVE-2014-9365 TLS Certificate Validation Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71639
cURL/libcURL CVE-2015-3145 Out of Bounds Read Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/74303
cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2015-08-17
http://www.securityfocus.com/bid/70988
cURL/libcURL CVE-2015-3148 Remote Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/74301
cURL/libcURL CVE-2015-3153 Information Disclosure Vulnerability
2015-08-17
http://www.securityfocus.com/bid/74408
cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/69742
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71964
Todd Miller Sudo CVE-2013-1776 Local Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/58207
tcpdump CVE-2014-9140 Buffer Overflow Vulnerability
2015-08-17
http://www.securityfocus.com/bid/71468
cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/69748
cURL/libcURL NTLM connection CVE-2015-3143 Remote Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/74299
PostgreSQL CVE-2014-8161 Information Disclosure Vulnerability
2015-08-17
http://www.securityfocus.com/bid/72538
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/75158
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-08-17
http://www.securityfocus.com/bid/75156
PostgreSQL CVE-2015-0244 Security Bypass Vulnerability
2015-08-17
http://www.securityfocus.com/bid/72543
PostgreSQL 'to_char()' Function Buffer Overflow Vulnerability
2015-08-17
http://www.securityfocus.com/bid/72540
SANS News
Tool Tip: Kansa Stafford released, PowerShell for DFIR
Threatpost
Apple Patches Critical OS X DYLD Flaw in Monster Update - See more at: https://threatpost.com/#sthash.1zChwKF7.dpuf
Apple Patches Critical OS X DYLD Flaw in Monster Update - See more at: https://threatpost.com/#sthash.1zChwKF7.dpuf
AT&T Facilitated NSA Surveillance Efforts, Reports
Using BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks
Exploit
Microsoft Windows HTA (HTML Application) - Remote Code Execution (MS14-064)
Sagemcom F@ST 3864 V2 - Get Admin Password
MASM321 11 Quick Editor (.qeditor) 4.0g- .qse SEH Based Buffer Overflow (ASLR & SAFESEH bypass)
XMPlay 3.8.1.12 - .pls Local Crash PoC
16.8.2015
Bugtraq
Malware
Phishing
ROCKSTAR SERVER | 15th August 2015 |
PayPal | 15th August 2015 |
Apple Inc. | 15th August 2015 |
Vulnerebility
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-08-16
http://www.securityfocus.com/bid/75161
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/75157
cURL/libcURL 'fix_hostname()' Function Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/74300
Todd Miller Sudo 'validate_env_vars()' Local Privilege Escalation Vulnerability
2015-08-16
http://www.securityfocus.com/bid/65997
Todd Miller Sudo CVE-2014-9680 Local Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/72649
GNU Troff pdfroff Insecure Temporary File Creation and Arbitrary File Access Vulnerabilities
2015-08-16
http://www.securityfocus.com/bid/36381
tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71150
tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71153
Todd Miller Sudo CVE-2013-1775 Local Authentication Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/58203
Todd Miller Sudo CVE-2013-2776 Local Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/62741
Python 'ZipExtFile._read2()' Method Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/65179
Python 'sock_recvfrom_into()' Function Buffer Overflow Vulnerability
2015-08-16
http://www.securityfocus.com/bid/65379
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71701
Perl CVE-2013-7422 Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/75704
Python CVE-2014-9365 TLS Certificate Validation Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71639
cURL/libcURL CVE-2015-3145 Out of Bounds Read Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/74303
cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2015-08-16
http://www.securityfocus.com/bid/70988
cURL/libcURL CVE-2015-3148 Remote Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/74301
cURL/libcURL CVE-2015-3153 Information Disclosure Vulnerability
2015-08-16
http://www.securityfocus.com/bid/74408
cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/69742
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71964
Todd Miller Sudo CVE-2013-1776 Local Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/58207
tcpdump CVE-2014-9140 Buffer Overflow Vulnerability
2015-08-16
http://www.securityfocus.com/bid/71468
cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/69748
cURL/libcURL NTLM connection CVE-2015-3143 Remote Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/74299
PostgreSQL CVE-2014-8161 Information Disclosure Vulnerability
2015-08-16
http://www.securityfocus.com/bid/72538
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/75158
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-08-16
http://www.securityfocus.com/bid/75156
PostgreSQL CVE-2015-0244 Security Bypass Vulnerability
2015-08-16
http://www.securityfocus.com/bid/72543
PostgreSQL 'to_char()' Function Buffer Overflow Vulnerability
2015-08-16
http://www.securityfocus.com/bid/72540
SANS News
Threatpost
Apple Patches Critical OS X DYLD Flaw in Monster Update
Exploit
15.8.2015
Bugtraq
Malware
Phishing
Apple Inc. | 15th August 2015 |
webmaster | 14th August 2015 |
EMail from Easy Biz (EARN $500 | |
Ashley Johnston | 14th August 2015 |
Vulnerebility
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-08-15
http://www.securityfocus.com/bid/75161
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/75157
cURL/libcURL 'fix_hostname()' Function Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/74300
Todd Miller Sudo 'validate_env_vars()' Local Privilege Escalation Vulnerability
2015-08-15
http://www.securityfocus.com/bid/65997
Todd Miller Sudo CVE-2014-9680 Local Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/72649
GNU Troff pdfroff Insecure Temporary File Creation and Arbitrary File Access Vulnerabilities
2015-08-15
http://www.securityfocus.com/bid/36381
tcpdump 'olsr_print()' Function Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71150
tcpdump CVE-2014-8769 Out-of-bounds Memory Access Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71153
Todd Miller Sudo CVE-2013-1775 Local Authentication Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/58203
Todd Miller Sudo CVE-2013-2776 Local Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/62741
Python 'ZipExtFile._read2()' Method Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/65179
Python 'sock_recvfrom_into()' Function Buffer Overflow Vulnerability
2015-08-15
http://www.securityfocus.com/bid/65379
BSD mailx CVE-2014-7844 Local Arbitrary Command Execution Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71701
Perl CVE-2013-7422 Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/75704
Python CVE-2014-9365 TLS Certificate Validation Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71639
cURL/libcURL CVE-2015-3145 Out of Bounds Read Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/74303
cURL/libcURL 'curl_easy_duphandle()' Function Heap Memory Corruption Vulnerability
2015-08-15
http://www.securityfocus.com/bid/70988
cURL/libcURL CVE-2015-3148 Remote Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/74301
cURL/libcURL CVE-2015-3153 Information Disclosure Vulnerability
2015-08-15
http://www.securityfocus.com/bid/74408
cURL/libcURL CVE-2014-3620 Cookies Handling Remote Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/69742
cURL/libcURL CVE-2014-8150 Remote Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71964
Todd Miller Sudo CVE-2013-1776 Local Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/58207
tcpdump CVE-2014-9140 Buffer Overflow Vulnerability
2015-08-15
http://www.securityfocus.com/bid/71468
cURL/libcURL CVE-2014-3613 Remote Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/69748
cURL/libcURL NTLM connection CVE-2015-3143 Remote Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/74299
PostgreSQL CVE-2014-8161 Information Disclosure Vulnerability
2015-08-15
http://www.securityfocus.com/bid/72538
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/75158
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-08-15
http://www.securityfocus.com/bid/75156
PostgreSQL CVE-2015-0244 Security Bypass Vulnerability
2015-08-15
http://www.securityfocus.com/bid/72543
PostgreSQL 'to_char()' Function Buffer Overflow Vulnerability
2015-08-15
http://www.securityfocus.com/bid/72540
SANS News
Threatpost
OwnStar Attack Now Aimed at BMW, Chrysler, Mercedes Cars
Apple Patches Critical OS X DYLD Flaw in Monster Update
Exploit
Gkplugins Picasaweb - Download File
TOTOLINK Routers - Backdoor and RCE Exploit PoC
Joomla com_memorix component - SQL Injection vulnerability
Microsoft HTML Help Compiler 4.74.8702.0 - SEH Based Overflow
Firefox < 39.03 - pdf.js Same Origin Policy Exploit
Ability FTP Server 2.1.4 - afsmain.exe USER Command Remote DoS
Ability FTP Server 2.1.4 - Admin Panel AUTHCODE Command Remote DoS
Ubuntu 14.04 NetKit FTP Client - Crash/DoS PoC
14.8.2015
Bugtraq
Nuance PowerPDF Advanced Metadata Information Disclosure Vulnerability (low|local) 2015-08-13
Christopher Hudel (christopher hudel com)
APPLE-SA-2015-08-13-4 OS X Server v4.1.5 2015-08-13
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006 2015-08-13
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-08-13-3 iOS 8.4.1 2015-08-13
Apple Product Security (product-security-noreply lists apple com)
APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 2015-08-13
Apple Product Security (product-security-noreply lists apple com)
[security bulletin] HPSBGN03393 rev.1 - HP Operations Manager i, Remote Code Execution 2015-08-12
security-alert hp com
Malware
Phishing
Amazon | 13th August 2015 |
WebTeam | 13th August 2015 |
JAMES F. ENTWISTLE | 13th August 2015 |
PayPal | 13th August 2015 |
[PayPal Support] Your Account | |
Vulnerebility
ISC BIND CVE-2015-5477 Remote Denial of Service Vulnerability
2015-08-14
http://www.securityfocus.com/bid/76092
WordPress Prior to 4.2.4 Multiple Security Vulnerabilities
2015-08-14
http://www.securityfocus.com/bid/76160
WordPress Prior to 4.2.3 Multiple Security Vulnerabilities
2015-08-14
http://www.securityfocus.com/bid/76011
Mozilla Firefox CVE-2015-4492 Use After Free Memory Corruption Vulnerability
2015-08-14
http://www.securityfocus.com/bid/76297
Mozilla Firefox Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-08-14
http://www.securityfocus.com/bid/76294
SANS News
More patches! This time from Apple to Safari, OS X and OS X server
Microsoft patch tuesday problem with Symantec Cloud Endpoint protection?
Threatpost
Stagefright Patch Incomplete Leaving Android Devices Still Exposed
Salesforce Patches XSS on a Subdomain
Zero Day in Android’s Google Admin App Can Bypass Sandbox
Exploit
13.8.2015
Bugtraq
phpipam-1.1.010 XSS Vulnerability 2015-08-12
apparitionsec gmail com
PHPfileNavigator v2.3.3 CSRF Add Arbitrary Users 2015-08-12
apparitionsec gmail com
phpipam-1.1.010 XSS Vulnerability 2015-08-12
apparitionsec gmail com
Malware
Phishing
iLOTTO INTERNET LOTTERY | 13th August 2015 |
iLOTTO INTERNET LOTTERY | 13th August 2015 |
iLOTTO INTERNET LOTTERY | 12th August 2015 |
Alexandra Smith | 12th August 2015 |
Vulnerebility
WordPress Prior to 4.2.4 Multiple Security Vulnerabilities
2015-08-13
http://www.securityfocus.com/bid/76160
WordPress Prior to 4.2.3 Multiple Security Vulnerabilities
2015-08-13
http://www.securityfocus.com/bid/76011
Mozilla Firefox CVE-2015-4492 Use After Free Memory Corruption Vulnerability
2015-08-13
http://www.securityfocus.com/bid/76297
Mozilla Firefox Out of Bounds Multiple Memory Corruption Vulnerabilities
2015-08-13
http://www.securityfocus.com/bid/76294
SANS News
Yes Virginia, Stored XSS's Do Exist!
Threatpost
Facebook Awards $100,000 for New Class of Vulnerabilities and Detection Tool
Exploit
Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability (MS15-079)
Windows 8.1 DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076)
Linux x86 - /bin/sh ROL/ROR Encoded Shellcode
12.8.2015
Bugtraq
[slackware-security] mozilla-firefox (SSA:2015-219-01) 2015-08-08
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3330-1] activemq security update 2015-08-07
Moritz Muehlenhoff (jmm debian org)
QNAP crypto keys logged on unencrypted disk partition in world accessible files 2015-08-07
Andreas Steinmetz (ast domdv de)
[slackware-security] mozilla-nss (SSA:2015-219-02) 2015-08-08
Slackware Security Team (security slackware com)
Device Inspector v1.5 iOS - Command Inject Vulnerabilities 2015-08-07
Vulnerability Lab (research vulnerability-lab com)
Ferrari - PHP CGI Argument Injection (RCE) Vulnerability 2015-08-07
Vulnerability Lab (research vulnerability-lab com)
Malware
VBA / TrojanDownloader.Agent.ZH
VBA / TrojanDownloader.Agent.ZC
VBA / TrojanDownloader.Agent.YX
VBA / TrojanDownloader.Agent.YW
Phishing
noreply@intipaypal | 12th August 2015 |
PayPal | 12th August 2015 |
Mail Delivery Service | 11th August 2015 |
Wells Fargo | 11th August 2015 |
MS linda | 11th August 2015 |
linda lin | 11th August 2015 |
USAA | 11th August 2015 |
Vulnerebility
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-08-11
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-08-11
http://www.securityfocus.com/bid/74147
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-08-11
http://www.securityfocus.com/bid/74111
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-08-11
http://www.securityfocus.com/bid/71936
FreeType Versions Prior to 2.5.4 Multiple Remote Vulnerabilities
2015-08-11
http://www.securityfocus.com/bid/72986
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/73231
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2015-0293 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/73232
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75156
Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/74475
IBM WebSphere Application Server CVE-2015-1920 Remote Code Execution Vulnerability
2015-08-11
http://www.securityfocus.com/bid/74439
Froxlor 'class.Database.php' Information Disclosure Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76097
Remind 'var.c' Buffer Overflow Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76099
Apache Groovy CVE-2015-3253 Remote Code Execution Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75919
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75157
OpenSSL CVE-2015-1791 Race Condition Security Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75161
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75154
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-08-11
http://www.securityfocus.com/bid/74733
PHP 'cgi_main.c' Out of Bounds Read Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/71833
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75158
Google Stagefright Media Playback Engine Multiple Remote Code Execution Vulnerabilities
2015-08-11
http://www.securityfocus.com/bid/76052
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76249
XMLTooling-C CVE-2015-0851 Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76134
Linux Kernel 'x86/entry/entry_64.S' Local Privilege Escalation Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76004
Mozilla Firefox OS Graphics Buffer Management Memory Corruption Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76253
Mozilla Firefox OS Same Origin Policy Security Bypass Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76255
Mozilla Firefox OS USB Mass Storage handling Local Security Bypass Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76254
Linux Kernel '/arch/x86/net/bpf_jit_comp.c' CVE-2015-4700 Local Denial of Service Vulnerability
2015-08-11
http://www.securityfocus.com/bid/75356
Linux Kernel 'path_openat()' Function Use After Free Memory Corruption Vulnerability
2015-08-11
http://www.securityfocus.com/bid/76142
SANS News
Threatpost
Huge Flash Update Patches More Than 30 Vulnerabilities
Sen. Warren Worried About Banks’ New Encrypted Messaging Platform
Patched Android ‘Serialization’ Vulnerability Affects 55 Percent of Devices
Oracle CSO: You ‘Must Not Reverse Engineer Our Code’
Hack-Fueled ‘Unprecedented’ Insider Trading Ring Nets $100M
Microsoft Patches Critical Vulnerabilities in New Edge Browser
Exploit
Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability (MS15-079)
11.8.2015
Bugtraq
[slackware-security] mozilla-firefox (SSA:2015-219-01) 2015-08-08
Slackware Security Team (security slackware com)
[SECURITY] [DSA 3330-1] activemq security update 2015-08-07
Moritz Muehlenhoff (jmm debian org)
QNAP crypto keys logged on unencrypted disk partition in world accessible files 2015-08-07
Andreas Steinmetz (ast domdv de)
[slackware-security] mozilla-nss (SSA:2015-219-02) 2015-08-08
Slackware Security Team (security slackware com)
Device Inspector v1.5 iOS - Command Inject Vulnerabilities 2015-08-07
Vulnerability Lab (research vulnerability-lab com)
Ferrari - PHP CGI Argument Injection (RCE) Vulnerability 2015-08-07
Vulnerability Lab (research vulnerability-lab com)
Thomson Reuters FATCA - Arbitrary File Upload 2015-08-07
jakub palaczynski ingservicespolska pl
[SECURITY] [DSA 3329-1] linux security update 2015-08-07
Salvatore Bonaccorso (carnil debian org)
Malware
Trojan:Win32/Hucnak.D!plock
Trojan:Win32/Hucnak.C!plock
Trojan:Win32/Hucnak.B!plock
Trojan:Win32/Hucnak.A!plock
Phishing
United Arab | 11th August 2015 |
USAA.Web.Services | 11th August 2015 |
Barclays Online | 10th August 2015 |
PayPal Inc | 10th August 2015 |
PayPal Inc | 10th August 2015 |
Account Notification | 9th August 2015 |
Vulnerebility
SANS News
.COM.COM Used For Malicious Typo Squatting
Threatpost
Exploit
10.8.2015
Bugtraq
Malware
TrojanDownloader:Win32/Zeagle.G
TrojanDownloader:Win32/Upatre.BW
Phishing
Account Notification | 9th August 2015 |
@aol.com | 8th August 2015 |
Apple Inc | 8th August 2015 |
ACCOUNT TEMPORARILY SUSPENDED | |
NatWest | 8th August 2015 |
Vulnerebility
SANS News
What Was Old is New Again: Honeypots!
Threatpost
Mozilla Patches Bug Used in Active Attacks
Privacy Badger 1.0 Released With Support For EFF Do Not Track Policy
Darkhotel APT Latest to Use Hacking Team Zero Day
Exploit
WordPress Video Gallery 2.7 SQL Injection
WordPress WPTF Image Gallery 1.03 - Aribtrary File Download
WordPress Recent Backups Plugin 0.7 - Arbitrary File Download
WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download
WordPress Video Gallery 2.7 SQL Injection
WordPress Candidate Application Form Plugin 1.0 - Arbitrary File Download
Havij Pro - Crash POC ,Linux x86 Egg Hunter Shellcode (19 bytes)
8.8.2015
Bugtraq
Thomson Reuters FATCA - Arbitrary File Upload 2015-08-07
jakub palaczynski ingservicespolska pl
[SECURITY] [DSA 3329-1] linux security update 2015-08-07
Salvatore Bonaccorso (carnil debian org)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de) (2 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Reindl Harald (h reindl thelounge net)
RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Steve Friedl (steve unixwiz net) (1 replies)
RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Frank Waarsenburg (fwaarsenburg ram-it nl) (1 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Jakob Holderbaum (hi jakob io) (1 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Teddy A PURWADI (teddyap access net id)
Malware
Phishing
NatWest | 7th August 2015 |
MBNA Limited | 6th August 2015 |
Account Support | 6th August 2015 |
TD Bank via Me | 6th August 2015 |
Vulnerebility
SANS News
Threatpost
Manipulating WSUS to Own Enterprises
Exploit
PCMan FTP Server 2.0.7 - PUT Command Buffer Overflow
Froxlor Server Management Panel 0.9.33.1 - MySQL Login Information Disclosure
PHP News Script 4.0.0 - SQL Injection
Microweber 1.0.3 - Stored XSS And CSRF Add Admin Exploit
Microweber 1.0.3 File Upload Filter Bypass Remote PHP Code Execution
WordPress Job Manager Plugin 0.7.22 - Persistent XSS
Heroes of Might and Magic III .h3m Map file Buffer Overflow
Linux x86 Memory Sinkhole Privilege Escalation PoC
Windows NDProxy Privilege Escalation XP SP3 x86 and 2003 SP2 x86 (MS14-002)
Dell Netvault Backup 10.0.1.24 - Denial of Service
7.8.2015
Bugtraq
Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de) (2 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Reindl Harald (h reindl thelounge net)
RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Steve Friedl (steve unixwiz net) (1 replies)
RE: [FD] Mozilla extensions: a security nightmare 2015-08-07
Frank Waarsenburg (fwaarsenburg ram-it nl) (1 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
Jakob Holderbaum (hi jakob io)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
Stefan Kanthak (stefan kanthak nexgo de)
Malware
TrojanDownloader:Win32/Tembatch.A
TrojanDownloader:MSIL/Beldex.A
TrojanDownloader:MSIL/Golomak.A
TrojanDropper:Win32/Dexel.A
TrojanSpy:MSIL/Golroted.D
Phishing
MBNA Limited | 6th August 2015 |
Account Support | 6th August 2015 |
Vulnerebility
SANS News
Sigcheck and virustotal-search
Threatpost
Feasible ‘Going Dark’ Crypto Solution Nowhere to be Found
Updated DGA Changer Malware Generates Fake Domain Stream
BLEKey Device Breaks RFID Physical Access Controls
‘Prohibition Era’ Of Security Research May Be Ahead
Exploit
6.8.2015
Bugtraq
[security bulletin] HPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of Information 2015-08-05
security-alert hp com
Re: [FD] Mozilla extensions: a security nightmare 2015-08-05
Stefan Kanthak (stefan kanthak nexgo de) (1 replies)
Re: [FD] Mozilla extensions: a security nightmare 2015-08-05
Ansgar Wiechers (bugtraq planetcobalt net)
SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network 2015-08-05
SEC Consult Vulnerability Lab (research sec-consult com)
[SECURITY] [DSA 3328-2] wordpress regression update 2015-08-04
Thijs Kinkhorst (thijs debian org)
Malware
TrojanDropper:Win32/Dexel.A
TrojanSpy:MSIL/Golroted.D
TrojanDownloader:MSIL/Bladabindi.I
Adware:Win32/Peapoon
TrojanDownloader:Win32/Paxer.A
TrojanDownloader:Win32/Upatre.BS
TrojanDownloader:Win32/Syten.A
Worm:Win32/Gamarue.AU
Phishing
TD Bank via Me | 6th August 2015 |
@aol.com | 5th August 2015 |
Vulnerebility
SANS News
Nuclear EK traffic patterns in August 2015
Threatpost
Feasible ‘Going Dark’ Crypto Solution Nowhere to be Found
Google Plans Monthly Security Updates for Nexus Phones
APT Group Gets Selective About Data it Steals
Government Asks for Security Community’s Help on Technical Issues
Granick: Dream of Internet Freedom ‘Dying’
‘Software Liability Is Inevitable’
Exploit
Linux Privilege Escalation Due to Nested NMIs Interrupting espfix64
5.8.2015
Bugtraq
[SECURITY] [DSA 3328-2] wordpress regression update 2015-08-04
Thijs Kinkhorst (thijs debian org)
Mozilla extensions: a security nightmare 2015-08-04
Stefan Kanthak (stefan kanthak nexgo de)
[SECURITY] [DSA 3328-1] wordpress security update 2015-08-04
Thijs Kinkhorst (thijs debian org)
[SECURITY] [DSA 3327-1] squid3 security update 2015-08-03
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3326-1] ghostscript security update 2015-08-02
Salvatore Bonaccorso (carnil debian org)
Malware
Adware:Win32/Peapoon
TrojanDownloader:Win32/Paxer.A
TrojanDownloader:Win32/Upatre.BS
TrojanDownloader:Win32/Syten.A
Worm:Win32/Gamarue.AU
TrojanDownloader:Win32/Mavradoi.C
TrojanDropper:Win32/Banload.BAX
TrojanSpy:Win32/Banker.VCW
TrojanDownloader:Win32/Banload.BCV
TrojanDownloader:Win32/Banload.ZEQ
Phishing
Pamela Hicks | 4th August 2015 |
Chase | 4th August 2015 |
全国楼凤å°?å§å…¼èŒè‰¯å®¶ | 4th August 2015 |
Natwest | 4th August 2015 |
Smtpmercantile.in | 4th August 2015 |
Melanie Clark | 4th August 2015 |
Apple | 3rd August 2015 |
USAA | 3rd August 2015 |
Vulnerebility
SANS News
Whatever Happened to tmUnblock.cgi ("Moon Worm")
Threatpost
Researchers Uncover ‘Terracotta’ Chinese VPN Service Used by APT Crews for Cover
Updated Rig Exploit Kit Closing in on 1 Million Victims
Exploit
4.8.2015
Bugtraq
[SECURITY] [DSA 3326-1] ghostscript security update 2015-08-02
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3325-1] apache2 security update 2015-08-01
Stefan Fritsch (sf debian org)
[SECURITY] [DSA 3324-1] icedove security update 2015-08-01
Alessandro Ghedini (ghedo debian org)
[SECURITY] [DSA 3323-1] icu security update 2015-08-01
Laszlo Boszormenyi (gcs debian org)
Multiple XSS vulnerabilities in FortiSandbox WebUI 2015-08-01
hyp3rlinx lycos com
Malware
TrojanDropper:Win32/Banload.BAX
TrojanSpy:Win32/Banker.VCW
TrojanDownloader:Win32/Banload.BCV
TrojanDownloader:Win32/Banload.ZEQ
Phishing
Melanie Clark | 4th August 2015 |
Apple | 3rd August 2015 |
USAA | 3rd August 2015 |
Discover | 2nd August 2015 |
Vulnerebility
SANS News
Threatpost
Windows 10 Upgrade Spam Carries CTB-Locker Ransomware
EFF, AdBlock and Others Launch New Do Not Track Standard
Thunderstrike 2 OS X Firmware Attack Self-Replicates to Peripherals
DHS Raises Privacy Concerns With Senate Cyber Threat Sharing Bill
Exploit
3.8.2015
Bugtraq
phpFileManager 0.9.8 Remote Command Execution 2015-07-31
hyp3rlinx lycos com
HP ArcSight Logger provides incorrect/invalid/incomplete results for queries with boolean operators 2015-07-31
roberto logsat com
[SECURITY] [DSA 3321-1] xmltooling security update 2015-07-30
Alessandro Ghedini (ghedo debian org)
viagra generic singapore 2015-07-30
info fast-isotretinoin com
Malware
Worm:Win32/NeksMiner.A
TrojanDropper:Win32/Bunitu.G
TrojanSpy:MSIL/Irstil.A
Worm:Win32/Xtrat.D
Worm:Win32/Xtrat.C
Phishing
USAA | 3rd August 2015 |
Discover | 2nd August 2015 |
Microsoft | 2nd August 2015 |
Nancy Morales | 2nd August 2015 |
Paypal Support | 2nd August 2015 |
Service Account | 2nd August 2015 |
SUPPORT | 2nd August 2015 |
Ashok Tools | 2nd August 2015 |
FRESH TOOLS / ONLINE LIVE | |
Chase Online | 1st August 2015 |
Vulnerebility
SANS News
Threatpost
Exploit
1.8.2015
Bugtraq
phpFileManager 0.9.8 Remote Command Execution 2015-07-31
hyp3rlinx lycos com
HP ArcSight Logger provides incorrect/invalid/incomplete results for queries with boolean operators 2015-07-31
roberto logsat com
[SECURITY] [DSA 3321-1] xmltooling security update 2015-07-30
Alessandro Ghedini (ghedo debian org)
Malware
Phishing
PayPal | 31st July 2015 |
iTunes | 31st July 2015 |
Vulnerebility
SANS News
Tech tip follow-up: Using the data Invoked with R's system command
Threatpost
FBI Warns of Increase in DDoS Extortion Scams
Unusual Re-Do of US Wassenaar Rules Applauded
Exploit
KMPlayer 3.9.x - .srt Crash PoC
T-Mobile Internet Manager - Contact Name Crash PoC
31.7.2015
Bugtraq
viagra generic singapore 2015-07-30
info fast-isotretinoin com
[SECURITY] [DSA 3320-1] openafs security update 2015-07-30
Sebastien Delafond (seb debian org)
Cisco Security Advisory: Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability 2015-07-30
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Dell Netvault Backup Remote Denial of Service 2015-07-30
epoide gmail com
FreeBSD Security Advisory FreeBSD-SA-15:16.openssh [REVISED] 2015-07-30
FreeBSD Security Advisories (security-advisories freebsd org)
[security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29
security-alert hp com
Malware
Win32/TrojanDownloader.Nymaim.AY
Win32/TrojanDownloader.Small.CBA
Phishing
Microsoft | 31st July 2015 |
Apple | 30th July 2015 |
Verified by | 29th July 2015 |
Vulnerebility
Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74111
Debian OpenJDK CVE-2014-8873 Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/76019
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75823
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75890
SANS News
Tech tip: Invoke a system command in R
Threatpost
Cisco Fixes DoS Vulnerability in ASR 1000 Routers
Writing Advanced OS X Malware an ‘Elegant’ Solution to Improving Detection
Moonpig Warns Customers of ‘Security Issue’
Exploit
30.7.2015
Bugtraq
[security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29
security-alert hp com
Cross-Site Scripting (XSS) in qTranslate WordPress Plugin 2015-07-29
High-Tech Bridge Security Research (advisory htbridge ch)
[security bulletin] HPSBGN03367 rev.1 - HP TransactionVision with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29
security-alert hp com
phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability 2015-07-29
apparitionsec gmail com
[slackware-security] bind (SSA:2015-209-01) 2015-07-28
Slackware Security Team (security slackware com)
FreeBSD Security Advisory FreeBSD-SA-15:17.bind 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-15:16.openssh 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-15:15.tcp 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)
FreeBSD Security Advisory FreeBSD-SA-15:14.bsdpatch 2015-07-28
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
TrojanSpy:MSIL/Irstil.A
Worm:Win32/Xtrat.D
Worm:Win32/Xtrat.C
TrojanClicker:Win32/Frosparf.G
TrojanClicker:Win32/Frosparf.F
TrojanDropper:Win32/Zbot.D
Phishing
Verified by | 29th July 2015 |
NatWest CreditCard | 29th July 2015 |
Vulnerebility
SANS News
Threatpost
Click-Malware Podvod Šíření přes JavaScript Přílohy
Yahoo touts Úspěch Bug Bounty Programu
Nový Chrome rozšíření pomáhá v boji klávesnice Biometrické profilování
Výzkumníci Manipulovat pušky Precision Cílení System
Exploit
phpFileManager 0.9.8 - CSRF Vulnerability
Tendoo CMS 1.3 - XSS Vulnerabilities
Heroes of Might and Magic III - Map Parsing Arbitrary Code Execution
29.7.2015
Bugtraq
[SECURITY] [DSA 3319-1] bind9 security update 2015-07-28
Salvatore Bonaccorso (carnil debian org)
SEC Consult SA-20150728-0 :: McAfee Application Control Multiple Vulnerabilities 2015-07-28
SEC Consult Vulnerability Lab (research sec-consult com)
Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne 2015-07-28
Samuel Lavitt - CVE-2015-0942 (CVE-2015-0942 precipice fi)
Malware
TrojanSpy:MSIL/Irstil.A
Worm:Win32/Xtrat.D
Worm:Win32/Xtrat.C
TrojanClicker:Win32/Frosparf.G
TrojanClicker:Win32/Frosparf.F
TrojanDropper:Win32/Zbot.D
Phishing
Lloyds Bank | 29th July 2015 |
Capital One | 28th July 2015 |
PayPal | 28th July 2015 |
Vulnerebility
redcarpet CVE-2015-5147 Stack Buffer Overflow Vulnerability
2015-07-30
http://www.securityfocus.com/bid/75508
Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74111
Debian OpenJDK CVE-2014-8873 Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/76019
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75823
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75796
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-0470 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74149
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74119
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-07-28
http://www.securityfocus.com/bid/71936
LXC '/lxc/attach.c' Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75998
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0460 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74097
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72165
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75588
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75784
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74147
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-28
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75861
Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74475
Oracle Java SE CVE-2015-4729 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75892
Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72717
Apache HTTP Server CVE-2015-3183 Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75963
SANS News
Guest Diary: Xavier Mertens - Integrating VirusTotal within ELK
Android Stagefright multimedia viewer prone to remote exploitation
Threatpost
White House Says No Thanks to Snowden Pardon Petition
Exploit
phpFileManager 0.9.8 - Remote Command Execution Vulnerability
28.7.2015
Bugtraq
Apple iTunes & AppStore - Filter Bypass & Persistent Invoice Vulnerability 2015-07-27
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3318-1] expat security update 2015-07-26
Laszlo Boszormenyi (gcs debian org)
[SECURITY] [DSA 3317-1] lxc security update 2015-07-25
Salvatore Bonaccorso (carnil debian org)
[SECURITY] [DSA 3316-1] openjdk-7 security update 2015-07-25
Moritz Muehlenhoff (jmm debian org)
Malware
TrojanDropper:Win32/Zbot.D
Trojan:Win32/Blakamba.gen!A
Phishing
Chase | 27th July 2015 |
Chase | 27th July 2015 |
Vulnerebility
redcarpet CVE-2015-5147 Stack Buffer Overflow Vulnerability
2015-07-30
http://www.securityfocus.com/bid/75508
Novius OS 'tab' parameter Local File Include Vulnerability
2015-07-29
http://www.securityfocus.com/bid/75533
Oracle Java SE CVE-2015-0488 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74111
Debian OpenJDK CVE-2014-8873 Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/76019
Oracle Java SE CVE-2015-4732 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75823
Oracle Java SE CVE-2015-0469 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74072
Oracle Java SE CVE-2015-2601 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75867
Oracle Java SE CVE-2015-4749 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75890
Oracle Java SE CVE-2015-2628 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75796
Oracle Java SE CVE-2015-2621 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75874
Oracle Java SE CVE-2015-0470 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74149
Oracle Java SE CVE-2015-4733 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75832
Oracle Java SE CVE-2015-0477 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74119
OpenSSL CVE-2015-0204 Man in the Middle Security Bypass Vulnerability
2015-07-28
http://www.securityfocus.com/bid/71936
LXC '/lxc/attach.c' Remote Code Execution Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75998
Oracle Java SE CVE-2014-6593 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72169
Oracle Java SE CVE-2015-0460 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74097
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74733
Oracle Java SE CVE-2015-0410 Remote Java SE, Java SE Embedded, JRockit Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72165
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75588
Oracle Java SE CVE-2015-4748 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75854
Oracle Java SE CVE-2015-0480 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74104
Oracle Java SE CVE-2015-4760 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75784
Oracle Java SE CVE-2015-0478 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74147
SSL/TLS RC4 CVE-2015-2808 Information Disclosure Weakness
2015-07-28
http://www.securityfocus.com/bid/73684
Oracle Java SE CVE-2015-2632 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75861
Apache Tomcat CVE-2014-0230 Denial of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/74475
Oracle Java SE CVE-2015-4729 Remote Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75892
Apache Tomcat CVE-2014-0227 Chunk Request Remote Denial Of Service Vulnerability
2015-07-28
http://www.securityfocus.com/bid/72717
Apache HTTP Server CVE-2015-3183 Security Vulnerability
2015-07-28
http://www.securityfocus.com/bid/75963
SANS News
Threatpost
Valve Patches Password Reset Vulnerability in Steam - See more at: https://threatpost.com/#sthash.hA8elqhb.dpuf
Census Bureau Says Breach Didn’t Compromise Sensitive Data
PHP File Manager Riddled With Vulnerabilities, Including Backdoor
Pair of Bugs Open Honeywell Home Controllers Up to Easy Hacks
Valve Patches Password Reset Vulnerability in Steam
Exploit
Hawkeye-G v3.0.1.4912 Persistent XSS & Information Leakage
WordPress Unite Gallery Lite Plugin 1.4.6 - Multiple Vulnerabilities
WordPress Count Per Day Plugin 3.4 - SQL Injection
Xceedium Xsuite - Multiple Vulnerabilities
Foxit Reader - PNG Conversion Parsing tEXt Chunk Arbitrary Code Execution
Libuser Library - Multiple Vulnerabilities
27.7.2015
Bugtraq
Malware
Backdoor:MSIL/Povbop.A
TrojanDownloader:Win32/Codumwis.A
Phishing
Tesco Bank Plc | 26th July 2015 |
Chase | 26th July 2015 |
Barclays | 25th July 2015 |
Ebay customer service | 25th July 2015 |
PayPal | 24th July 2015 |
Service PayPal | 24th July 2015 |
Vulnerebility
SANS News
Threatpost
Car Hacking Gets the Attention of Detroit and Washington
Google Helps Lead Effort Against Automated Traffic From Data Centers
Class Action Suit Against Neiman Marcus Over Data Breach Revived
Exploit
25.7.2015
Bugtraq
Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-07-24
apparitionsec gmail com
[SECURITY] [DSA 3315-1] chromium-browser security update 2015-07-24
Michael Gilbert (mgilbert debian org)
Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878 2015-07-24
apparitionsec gmail com
[SECURITY] [DSA 3314-1] typo3-src end of life 2015-07-23
Moritz Muehlenhoff (jmm debian org)
Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser 2015-07-23
Qualys Security Advisory (qsa qualys com)
Malware
Phishing
Ebay customer service | 25th July 2015 |
PayPal | 24th July 2015 |
Service PayPal | 24th July 2015 |
PayPal | 23rd July 2015 |
Vulnerebility
SANS News
Threatpost
Stakeholders Argue Against Restrictive Wassennaar Proposal - See more at: https://threatpost.com/#sthash.0U326EDO.dpuf
Stakeholders Argue Against Restrictive Wassennaar Proposal - See more at: https://threatpost.com/#sthash.0U326EDO.dpuf
Stakeholders Argue Against Restrictive Wassennaar Proposal - See more at: https://threatpost.com/#sthash.0U326EDO.dpuf
Zúčastněné strany argumentovat proti omezujících Wassennaar Návrh
Fiat Chrysler připomíná, 1,4 milionů automobilů Po Software Bug je Odhalení
Exploit
Hawkeye-G v3.0.1.4912 CSRF Vulnerability
24.7.2015
Bugtraq
Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser 2015-07-23
Qualys Security Advisory (qsa qualys com)
ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability 2015-07-23
Vulnerability Lab (research vulnerability-lab com)
[SECURITY] [DSA 3313-1] linux security update 2015-07-23
Salvatore Bonaccorso (carnil debian org)
Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
ESA-2015-118: EMC Avamar Directory Traversal Vulnerability 2015-07-22
Security Alert (Security_Alert emc com)
Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] 2015-07-22
modzero (security modzero ch)
Malware
TrojanSpy:MSIL/Tese.A
TrojanSpy:MSIL/Nitwil.A
TrojanDownloader:Win32/Banload.BCM
TrojanDownloader:Win32/Banload.BCL
TrojanDownloader:Win32/Banload.BCH
TrojanDownloader:Win32/Banload.BCA
TrojanSpy:Win32/Bholog.B
Backdoor:Win32/PcClient.CQ
Backdoor:Win32/Zegost.C
Backdoor:Win32/Dodiw.A
Phishing
PayPal | 23rd July 2015 |
PayPal | 22nd July 2015 |
PayPal | 21st July 2015 |
Order confirmation:Thank you | |
Vulnerebility
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73231
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71935
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-07-22
http://www.securityfocus.com/bid/71939
X.Org libXfont 'bitmap/bdfread.c' Local Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73280
nbd CVE-2013-7441 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/74808
X.Org libXfont 'bitmap/bdfread.c' Out of Bounds Local Buffer Overflow Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73277
X.Org libXfont BDF Font File Handling CVE-2015-1804 Buffer Overflow Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73279
Network Block Device Server 'strncmp()' Function Access Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/64002
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75158
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75157
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75154
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75156
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/74733
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73237
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73239
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73227
OpenSSL CVE-2015-0205 Man in the Middle Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71941
OpenSSL 'dtls1_buffer_record()' Function Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71940
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75588
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71942
JQuery 'combobox.html' Cross Site Scripting Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71107
JQuery 'ui/jquery.ui.dialog.js' Cross Site Scripting Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71106
Wireshark TLS/SSL Decryption CVE-2015-0564 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71922
Wireshark NCP Dissector CVE-2014-8713 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71073
Wireshark TNEF Dissector CVE-2015-2191 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/72941
Wireshark DEC DNA Routing Protocol Dissector CVE-2015-0562 Remote Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71921
SANS News
Searching Through the VirusTotal Database
Threatpost
Several Critical Flaws Patched in Drupal Module
WordPress Patches Critical XSS Vulnerability in All Builds
Four Zero Days Disclosed in Internet Explorer Mobile
Bartalex Variants Spotted Dropping Pony, Dyre Malware
Exploit
23.7.2015
Bugtraq
Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability 2015-07-22
Cisco Systems Product Security Incident Response Team (psirt cisco com)
ESA-2015-118: EMC Avamar Directory Traversal Vulnerability 2015-07-22
Security Alert (Security_Alert emc com)
Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] 2015-07-22
modzero (security modzero ch)
Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin 2015-07-22
High-Tech Bridge Security Research (advisory htbridge ch)
SQL Injection in Count Per Day WordPress Plugin 2015-07-22
High-Tech Bridge Security Research (advisory htbridge ch)
[SECURITY] [DSA 3312-1] cacti security update 2015-07-22
Alessandro Ghedini (ghedo debian org)
NetCracker Resource Management 8.0 - SQL Injection Vulnerability 2015-07-22
jychia sec gmail com
NetCracker Resource Management 8.0 - XSS Vulnerability 2015-07-22
jychia sec gmail com
Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities 2015-07-22
apparitionsec gmail com
FreeBSD Security Advisory FreeBSD-SA-15:13.tcp 2015-07-22
FreeBSD Security Advisories (security-advisories freebsd org)
Malware
TrojanDownloader:Win32/Banload.BCM
TrojanDownloader:Win32/Banload.BCL
TrojanDownloader:Win32/Banload.BCH
TrojanDownloader:Win32/Banload.BCA
TrojanSpy:Win32/Bholog.B
Backdoor:Win32/PcClient.CQ
Backdoor:Win32/Zegost.C
Backdoor:Win32/Dodiw.A
TrojanSpy:MSIL/Grelog.A
PWS:Win32/Zbot!VM
Phishing
PayPal | 23rd July 2015 |
PayPal | 22nd July 2015 |
Vulnerebility
OpenSSL 'pk7_doit.c' NULL Pointer Dereference Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73231
OpenSSL Certificate Fingerprints CVE-2014-8275 Local Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71935
OpenSSL 'ASN1_TYPE_cmp()' Function Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73225
OpenSSL CVE-2014-3570 Unspecified Security Weakness
2015-07-22
http://www.securityfocus.com/bid/71939
X.Org libXfont 'bitmap/bdfread.c' Local Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73280
nbd CVE-2013-7441 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/74808
X.Org libXfont 'bitmap/bdfread.c' Out of Bounds Local Buffer Overflow Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73277
X.Org libXfont BDF Font File Handling CVE-2015-1804 Buffer Overflow Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73279
Network Block Device Server 'strncmp()' Function Access Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/64002
OpenSSL DTLS CVE-2014-8176 Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75159
OpenSSL CVE-2015-1788 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75158
OpenSSL CVE-2015-1790 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75157
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75154
OpenSSL CVE-2015-1789 Out of Bounds Read Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75156
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/74733
OpenSSL CVE-2015-0288 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73237
OpenSSL CVE-2015-0209 Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73239
OpenSSL 'tasn_dec.c' Remote Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73227
OpenSSL CVE-2015-0205 Man in the Middle Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71941
OpenSSL 'dtls1_buffer_record()' Function Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71940
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75588
OpenSSL CVE-2014-3572 Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71942
JQuery 'combobox.html' Cross Site Scripting Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71107
JQuery 'ui/jquery.ui.dialog.js' Cross Site Scripting Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71106
Wireshark TLS/SSL Decryption CVE-2015-0564 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71922
Wireshark NCP Dissector CVE-2014-8713 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71073
Wireshark TNEF Dissector CVE-2015-2191 Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/72941
Wireshark DEC DNA Routing Protocol Dissector CVE-2015-0562 Remote Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/71921
SANS News
Threatpost
Exploit
OS X 10.10 DYLD_PRINT_TO_FILE Local Privilege Escalation
Counter-Strike 1.6 'GameInfo' Query Reflection DoS PoC
22.7.2015
Bugtraq
WorldCIST'2016 - Brazil: Call for Workshops Proposals - Best Papers published by ISI/SCI Journals 2015-07-21
Maria Lemos (marialemos72 gmail com)
CVE-2015-5379: Axigen XSS vulnerability for html attachments 2015-07-21
Ioan Indreias (ioan indreias axigen com)
[security bulletin] HPSBMU03380 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities 2015-07-20
security-alert hp com
Malware
Backdoor:Win32/Dodiw.A
TrojanSpy:MSIL/Grelog.A
PWS:Win32/Zbot!VM
TrojanDownloader:MSIL/Bassit.A
Backdoor:Win32/Venik.L
TrojanProxy:MSIL/Mictanort.A
TrojanSpy:Win32/Flancos.A
TrojanProxy:Win32/Mediana
TrojanDownloader:Win32/Mytonel.D
Backdoor:Win32/Chaapt.A
Phishing
PayPal | 21st July 2015 |
Order confirmation:Thank you | |
H0rnyBuddyAlert | 21st July 2015 |
Natwest Bank | 21st July 2015 |
Support-Team™ | 21st July 2015 |
PayPal | 21st July 2015 |
YOUR ACCOUNT PAYPAL IS LIMITED | |
Barclays Online | 21st July 2015 |
Access to your Barclays | |
Vulnerebility
Oracle MySQL Server CVE-2015-4752 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75849
Oracle MySQL Server CVE-2015-4771 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75835
Oracle MySQL Server CVE-2015-4757 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75759
Oracle MySQL Server CVE-2015-2611 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75762
Oracle MySQL Server CVE-2015-4767 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75844
Oracle MySQL Server CVE-2015-2641 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75815
Oracle MySQL Server CVE-2015-2620 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75837
Oracle MySQL Server CVE-2015-2639 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75760
Oracle MySQL Server CVE-2015-2617 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75774
Oracle MySQL Server CVE-2015-4761 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75770
Oracle MySQL Server CVE-2015-4769 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75753
Oracle MySQL Server CVE-2015-2582 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75751
Oracle MySQL Server CVE-2015-4737 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75802
Oracle MySQL Server CVE-2015-2648 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75822
Oracle MySQL Server CVE-2015-2661 Local Security Server Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75813
Oracle MySQL Server CVE-2015-2643 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75830
Oracle MySQL Server CVE-2015-4772 Remote Security Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75781
ISC BIND 'isselfsigned()' Function Remote Denial of Service Vulnerability
2015-07-22
http://www.securityfocus.com/bid/75588
Mozilla Firefox/Thunderbird Multiple Security Vulnerabilities
2015-07-22
http://www.securityfocus.com/bid/75541
SSL/TLS LogJam Man in the Middle Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/74733
Mozilla Firefox/Thunderbird CVE-2014-1565 Out of Bounds Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/69521
Mozilla Firefox/Thunderbird CVE-2015-0813 Use After Free Memory Corruption Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73463
Mozilla Firefox Firefox ESR and Thunderbird Multiple Memory Corruption Vulnerabilities
2015-07-22
http://www.securityfocus.com/bid/74615
Mozilla Firefox and Thunderbird MFSA 2015-48 through -58 Multiple Vulnerabilities
2015-07-22
http://www.securityfocus.com/bid/74611
Mozilla Firefox Firefox ESR and Thunderbird CVE-2015-0816 Privilege Escalation Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73461
Mozilla Firefox Firefox ESR and Thunderbird CVE-2015-0815 Multiple Memory Corruption Vulnerabilities
2015-07-22
http://www.securityfocus.com/bid/73466
Mozilla Firefox/Thunderbird 'sendBeacon()' Function Cross-Site Request Forgery Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73457
Mozilla Firefox/Thunderbird CVE-2015-0801 Same Origin Policy Security Bypass Vulnerability
2015-07-22
http://www.securityfocus.com/bid/73455
SANS News
Searching Through the VirusTotal Database
Exploit
SysAid Help Desk 'rdslogs' Arbitrary File Upload
Internet Download Manager - OLE Automation Array Remote Code Execution
Joomla! Helpdesk Pro Plugin < 1.4.0 - Multiple Vulnerabilities