What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-09-12 05:39:04 | Address Bar Spoofing Flaw Found in Edge, Safari (lien direct) | A researcher has discovered an address bar spoofing vulnerability in the Microsoft Edge and Apple Safari web browsers, but a patch is currently only available for the former. | Vulnerability | ||
|
2018-09-11 18:04:05 | SAP Patches Critical Vulnerability in Business Client (lien direct) | SAP today released its September 2018 set of patches to address a total of 14 vulnerabilities in its products, including a critical bug in SAP Business Client. | Vulnerability | ||
|
2018-09-10 20:04:05 | Zerodium Discloses Flaw That Allows Code Execution in Tor Browser (lien direct) | Exploit acquisition firm Zerodium has disclosed a NoScript vulnerability that can be exploited to execute arbitrary JavaScript code in the Tor Browser even if the maximum security level is used. | Vulnerability | ||
|
2018-09-10 15:02:04 | VPN Firms Release New Patches for Privilege Escalation Flaw (lien direct) | Virtual private network (VPN) service providers ProtonVPN and NordVPN have made another attempt to patch a potentially serious privilege escalation vulnerability that they first tried to address a few months ago. | Vulnerability | ||
|
2018-09-06 11:25:04 | Flaw in Schneider PLC Allows Significant Disruption to ICS (lien direct) | A vulnerability discovered in some of Schneider Electric's Modicon programmable logic controllers (PLCs) may allow malicious actors to cause significant disruption to industrial control systems (ICS). | Vulnerability | ||
|
2018-09-05 15:08:02 | Windows Zero-Day Exploited in Targeted Attacks by \'PowerPool\' Group (lien direct) | A threat group tracked by security firm ESET as “PowerPool” has been exploiting a Windows zero-day vulnerability to elevate the privileges of a backdoor in targeted attacks. | Vulnerability Threat | ||
|
2018-09-04 10:22:05 | (Déjà vu) Oracle Products Affected by Exploited Apache Struts Flaw (lien direct) | Oracle informed customers over the weekend that some of the company's products are affected by a critical Apache Struts 2 vulnerability that has been exploited in the wild. | Vulnerability | ||
|
2018-08-31 14:29:04 | Critical Vulnerability Patched in PHP Package Repository (lien direct) | A critical remote code execution vulnerability was recently addressed in packagist.org | Vulnerability | ||
|
2018-08-28 14:07:03 | Critical Apache Struts Vulnerability Exploited in Live Attacks (lien direct) | A Critical remote code execution vulnerability in Apache Struts 2 that was patched last week is already being abused in malicious attacks, threat intelligence firm Volexity warns. | Vulnerability Threat | ★★ | |
|
2018-08-28 11:21:03 | Exploit Published for Windows Task Scheduler Zero-Day (lien direct) | Details of an unpatched vulnerability in Microsoft's Windows 10 operating system were made public on Monday, via Twitter. | Vulnerability | ||
|
2018-08-27 09:52:02 | (Déjà vu) Exploit for Recent Critical Apache Struts Vulnerability Published (lien direct) | Exploit code for a | Vulnerability | ||
|
2018-08-20 13:40:00 | Vulnerability in IP Relay Service Impacts Major Canadian ISPs (lien direct) | A recently addressed local file disclosure vulnerability in the SOLEO IP Relay service impacted nearly all major Internet service providers (ISPs) in Canada, a security researcher has discovered. | Vulnerability | ||
|
2018-08-09 05:18:03 | Flaw in BIND Security Feature Allows DoS Attacks (lien direct) | The Internet Systems Consortium (ISC) revealed on Wednesday that the BIND DNS software is affected by a serious vulnerability that can be exploited for denial-of-service (DoS) attacks. | Vulnerability | ||
|
2018-08-07 14:39:00 | \'SegmentSmack\' Flaw in Linux Kernel Allows Remote DoS Attacks (lien direct) | A vulnerability in the Linux kernel can allow a remote attacker to trigger a denial-of-service (DoS) condition by sending specially crafted packets to the targeted system. The flaw could impact many companies. | Vulnerability | ★★★★★ | |
|
2018-07-25 14:13:03 | Researchers Resurrect Decade-Old Oracle Solaris Vulnerability (lien direct) | One of the Solaris vulnerabilities patched by Oracle with its July 2018 Critical Patch Update (CPU) exists due to an ineffective fix implemented by the company for a flaw first discovered in 2007. | Vulnerability | ||
|
2018-07-20 17:22:05 | Microsoft Addresses Serious Vulnerability in Translator Hub (lien direct) | A serious vulnerability in the Microsoft Translator Hub could be exploited to delete any or all of the 13000+ projects hosted by the service, a security researcher has discovered. | Vulnerability | ||
|
2018-07-20 10:57:03 | Adobe Patches Vulnerability Affecting Internal Systems (lien direct) | Adobe has patched what researchers describe as a potentially serious security issue in its internal systems, but the company has downplayed the impact of the vulnerability. | Vulnerability | ||
|
2018-07-19 09:28:05 | ABB to Patch Code Execution Flaw in HMI Tool (lien direct) | Swiss industrial tech company ABB is working on a patch for a serious arbitrary code execution vulnerability affecting one of its engineering tools. | Tool Vulnerability | ||
|
2018-07-18 18:18:05 | Vulnerability or Not? Pen Tester Quarrels With Software Maker (lien direct) | 
|
Vulnerability | ||
|
2018-06-27 11:25:02 | Unpatched WordPress Flaw Leads to Site Takeover, Code Execution (lien direct) | A file deletion vulnerability that remains unpatched 7 months after being reported allows for the complete takeover of WordPress sites and for arbitrary code execution. | Vulnerability | ||
|
2018-06-27 04:50:05 | Cisco ASA Flaw Exploited in DoS Attacks (lien direct) | Cisco has informed users that a recently patched vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software has been exploited in denial-of-service (DoS) attacks. | Vulnerability Threat | ||
|
2018-06-25 09:04:01 | Rockwell Patches Flaw Affecting Safety Controllers From Several Vendors (lien direct) | In April, at SecurityWeek's ICS Cyber Security Conference in Singapore, industrial cybersecurity firm Applied Risk disclosed the details of a serious denial-of-service (DoS) vulnerability affecting safety controllers from several major vendors. | Vulnerability | ||
|
2018-06-22 17:19:05 | "Wavethrough" Bug in Microsoft Edge Leaks Sensitive Information (lien direct) | A security vulnerability | Vulnerability | ||
|
2018-06-22 12:21:02 | Hackers Exploit Drupal Flaw for Monero Mining (lien direct) | Network attacks exploiting a recently patched Drupal vulnerability are attempting to drop Monero mining malware onto vulnerable systems, Trend Micro reports. | Malware Vulnerability |
To see everything:
Our RSS (filtrered)
