What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-12-04 15:31:15 | VMware Rolls a Fix for Formerly Critical Zero-Day Bug (lien direct) | VMware has issued a full patch and revised the severity level of the NSA-reported vulnerability to "important." | Vulnerability | ||
|
2020-11-20 15:11:25 | Facebook Messenger Bug Allows Spying on Android Users (lien direct) | The company patched a vulnerability that could connected video and audio calls without the knowledge of the person receiving them. | Vulnerability | ||
|
2020-11-19 21:34:25 | German COVID-19 Contact-Tracing Vulnerability Allowed RCE (lien direct) | Bug hunters at GitHub Security Labs help shore up German contact tracing app security, crediting open source collaboration. | Vulnerability | ||
|
2019-05-14 12:58:02 | (Déjà vu) WhatsApp Zero-Day Exploited in Targeted Spyware Attacks (lien direct) | WhatsApp has patched a vulnerability that allowed attackers to install spyware on victims' phones. | Vulnerability | ||
|
2019-04-26 19:44:05 | Users Urged to Disable WordPress Plugin After Unpatched Flaw Disclosed (lien direct) | Yet another WordPress plugin vulnerability has put thousands of websites at risk. | Vulnerability | ★★★★★ | |
|
2019-04-11 17:19:04 | WordPress Urges Users to Uninstall Yuzo Plugin After Flaw Exploited (lien direct) | A vulnerability in the Yuzo Related Posts WordPress plugin, used by 60,000 websites, is being exploited in the wild. | Vulnerability | ||
|
2019-03-29 16:26:00 | Magento Patches Critical SQL Injection and RCE Vulnerabilities (lien direct) | Magento patched 37 flaws Thursday, including a stored cross-site scripting (XSS) vulnerability that could have let an attacker take over a site. | Vulnerability | ||
|
2019-03-26 13:54:01 | Apple iOS 12.2 Patches 51 Serious Flaws (lien direct) | Apple patched more than 50 flaws in iOS 12.2, including an array of bugs in Webkit and a vulnerability that allows apps to secretly listen to users. | Vulnerability | ||
|
2019-03-19 15:26:04 | Researcher Says NSA\'s Ghidra Tool Can Be Used for RCE (lien direct) | Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users. | Tool Vulnerability | ||
|
2019-03-15 14:46:05 | Unpatched Fujitsu Wireless Keyboard Bug Allows Keystroke Injection (lien direct) | An unpatched high-severity vulnerability allows keystroke injections in Fujitsu wireless keyboards. | Vulnerability | ||
|
2019-03-14 15:56:00 | Cisco Patches Critical \'Default Password\' Bug (lien direct) | Vulnerability allows adversaries to access monitoring system used for gathering info on operating systems and hardware. | Vulnerability | ||
|
2019-03-05 14:00:01 | RSAC 2019: Joomla! Mail Flaw Exploited to Create Mass Phishing Infrastructure (lien direct) | The Jmail Breaker attack leverages an old vulnerability in Joomla! along with a newly found flaw in the mail module. | Vulnerability | ||
|
2019-03-01 20:22:04 | Adobe Patches Critical ColdFusion Vulnerability With Active Exploit (lien direct) | Adobe has hurried out a patch for a critical arbitrary code execution vulnerability in its ColdFusion product. | Vulnerability | ||
|
2019-02-27 16:42:03 | Cisco Patches High-Severity Webex Vulnerability For Third Time (lien direct) | Third time's hopefully a charm for Cisco, which has patched a high-severity flaw once again in its Webex video conferencing platform. | Vulnerability | ||
|
2019-02-26 18:46:01 | \'Cloudborne\' IaaS Attack Allows Persistent Backdoors in the Cloud (lien direct) | A known vulnerability combined with a weakness in bare-metal server reclamation opens the door to powerful, high-impact attacks. | Vulnerability | ||
|
2019-02-26 14:51:00 | Critical WinRAR Flaw Found Actively Being Exploited (lien direct) | The spam campaign is being used to spread a malicious .exe file, taking advantage of a vulnerability in WinRAR which was patched in January. | Spam Vulnerability | ||
|
2019-02-21 17:05:03 | Adobe Re-Patches Critical Acrobat Reader Flaw (lien direct) | Adobe has issued yet another patch for a critical vulnerability in its Acrobat Reader - a week after the original fix. | Vulnerability | ||
|
2019-02-12 18:28:04 | Major Container Security Flaw Threatens Cascading Attacks (lien direct) | A fundamental component of container technologies like Docker, cri-o, containerd and Kubernetes contains an important vulnerability that could cause cascading attacks. | Vulnerability | Uber | |
|
2019-02-08 15:31:04 | FireOS Flaw Allowed Limited Content Injection in Amazon Tablets (lien direct) | A vulnerability in FireOS, the Amazon Fire Tablet's operating system, has been patched. | Vulnerability | ||
|
2019-02-06 15:24:05 | Microsoft Confirms Serious \'PrivExchange\' Vulnerability (lien direct) | The elevated privilege flaw exists in Microsoft Exchange and would allow a remote attacker to impersonate an administrator. | Vulnerability | ||
|
2019-01-23 12:00:03 | Microsoft Windows RCE Flaw Gets Temporary Micropatch (lien direct) | 0patch released the fix for the remote code execution vulnerability in Windows, which has a CVSS score of 7.8. | Vulnerability | ||
|
2019-01-18 19:58:01 | Fallout EK Retools for a Fresh New 2019 Look (lien direct) | The Fallout EK has added the latest Flash vulnerability to its bad of tricks, among other tune-ups. | Vulnerability | ||
|
2019-01-09 22:33:04 | Critical Flaw in Cisco\'s Email Security Appliance Enables \'Permanent DoS\' (lien direct) | A remote attacker could exploit the vulnerability simply by sending an email. | Vulnerability | ||
|
2018-12-24 17:28:01 | Critical Bug Patched in Schneider Electric Vehicle Charging Station (lien direct) | Vulnerability in electric car charging stations could allow attackers to compromise devices. | Vulnerability | ||
|
2018-12-05 15:18:00 | Adobe Patches Zero-Day Vulnerability in Flash Player (lien direct) | The vulnerability could lead to arbitrary code execution. | Vulnerability Guideline | ||
|
2018-11-29 16:11:05 | Cisco Patches Critical Bug in License Management Tool (lien direct) | The vulnerability could allow attacker to execute arbitrary SQL queries. | Tool Vulnerability | ||
|
2018-11-20 20:49:03 | Critical Adobe Flash Bug Impacts Windows, macOS, Linux and Chrome OS (lien direct) | Adobe issues patch for a Flash Player vulnerability that could lead to an arbitrary code execution on targeted systems. | Vulnerability Guideline | ||
|
2018-11-16 17:57:00 | Critical WordPress Flaw Grants Admin Access to Any Registered Site User (lien direct) | The privilege-escalation vulnerability would allow an attacker to inject malware, place ads and load custom code on an impacted website. | Vulnerability | ★★★★★ | |
|
2018-11-13 22:10:04 | Microsoft Patches Zero-Day Bug in Win7, Server 2008 and 2008 R2 (lien direct) | Microsoft's November Patch Tuesday fixes include mitigation against a zero-day vulnerability leaving Windows 7, Server 2008 and Server 2008 R2 open to attack. | Vulnerability | ||
|
2018-11-07 16:33:05 | WordPress Flaw Opens Millions of WooCommerce Shops to Takeover (lien direct) | A file delete vulnerability in WordPress can be elevated into a remote code execution vulnerability for plugins like WooCommerce. | Vulnerability | ||
|
2018-11-06 13:27:01 | Apache Struts Warns Users of Two-Year-Old Vulnerability (lien direct) | Users must update their vulnerable libraries manually. | Vulnerability | ||
|
2018-11-01 15:20:00 | Two Zero-Day Bugs Open Millions of Wireless Access Points to Attack (lien direct) | Called BleedingBit, this vulnerability impacts wireless networks used in a large percentage of enterprise companies. | Vulnerability | ||
|
2018-10-11 20:24:05 | New Drupalgeddon Attacks Enlist Shellbot to Open Backdoors (lien direct) | Drupalgeddon 2.0 vulnerability is being exploited again by attackers using a time-honored technique of Shellbot, or PerlBot. | Vulnerability | ||
|
2018-10-09 21:24:05 | Microsoft Patches Zero-Day Under Active Attack by APT (lien direct) | A zero-day vulnerability tied to the Window's Win32k component is under active attack, warns Microsoft. | Vulnerability | ||
|
2018-10-02 16:47:03 | Google Patches Critical Vulnerabilities in Android OS (lien direct) | The most dire vulnerability targets the Android framework and could allow an adversary to execute arbitrary code on targeted devices. | Vulnerability | ||
|
2018-09-27 16:00:02 | Local-Privilege Escalation Flaw in Linux Kernel Allows Root Access (lien direct) | Researchers said the vulnerability "is very easy to exploit." | Vulnerability | ||
|
2018-09-21 22:01:02 | Critical Vulnerability Found in Cisco Video Surveillance Manager (lien direct) | Cisco has patched vulnerability in its video surveillance manager software that could give an unauthenticated, remote attacker the ability to execute arbitrary commands on targeted systems. | Vulnerability | ||
|
2018-09-20 16:10:04 | Cisco Issues New Warning for 6-Month-Old Critical Bug in IOS XE (lien direct) | Vulnerability allowed an unauthenticated remote attacker to log in to a device at the time the system initially boots up. | Vulnerability | ||
|
2018-09-19 16:54:02 | Critical Out-of-Band Patch Issued for Adobe Acrobat Reader (lien direct) | Overall seven flaws were patched - including one critical vulnerability that could lead to arbitrary code execution. | Vulnerability Guideline | ||
|
2018-09-13 19:26:04 | ThreatList: Microsoft Macros Remain Top Vector for Malware Delivery (lien direct) | The second-most popular delivery method is CVE-2017-11882, a patched Microsoft vulnerability that allows the attacker to perform arbitrary code-execution. | Malware Vulnerability | ||
|
2018-09-05 17:03:00 | The Vulnerability Disclosure Process: Still Broken (lien direct) | Despite the advent to bug bounty programs and enlightened vendors, researchers still complain of abuse, threats and lawsuits. | Vulnerability |
To see everything:
Our RSS (filtrered)
