Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2019-01-15 13:30:03 |
PoC for Windows VCF zero-day published online (lien direct) |
Microsoft said it would fix the vulnerability in Windows 19H1, in April. |
Vulnerability
|
|
★★★★★
|
|
2018-12-18 01:38:00 |
Twitter discloses suspected state-sponsored attack (lien direct) |
Twitter says data leak occurred after an attack targeting a vulnerability in its support form system. |
Vulnerability
|
|
★★
|
|
2018-12-14 23:49:02 |
SQLite bug impacts thousands of apps, including all Chromium-based browsers (lien direct) |
New 'Magellan' vulnerability will haunt the app ecosystem for years to come. |
Vulnerability
|
|
|
|
2018-11-29 15:00:00 |
Hackers can exploit this bug in surveillance cameras to tamper with footage (lien direct) |
Researchers have uncovered a vulnerability which can be used to completely compromise surveillance cameras and feeds. |
Vulnerability
|
|
|
|
2018-11-21 16:59:00 |
German eID card system vulnerable to online identity spoofing (lien direct) |
Vulnerability in web library lets attackers spoof electronic ID card identities. |
Vulnerability
|
|
|
|
2018-11-06 10:18:04 |
Evernote for Windows patch resolves stored XSS vulnerability (lien direct) |
The severe flaw permitted attackers to create a persistent XSS issue. |
Vulnerability
|
|
|
|
2018-11-02 12:19:01 |
Intel CPUs impacted by new PortSmash side-channel vulnerability (lien direct) |
Vulnerability confirmed on Skylake and Kaby Lake CPU series. Researchers suspect AMD processors are also impacted. |
Vulnerability
|
|
|
|
2018-11-01 01:39:00 |
Cisco zero-day exploited in the wild to crash and reload devices (lien direct) |
No patch available,yet. Vulnerability affects devices running ASA 9.4+ and FTD 6.0+ software. |
Vulnerability
|
|
|
|
2018-10-17 19:11:00 |
Tumblr discloses vulnerability but says \'no evidence that this bug was abused\' (lien direct) |
Bug hunter finds security flaw in Tumblr's "Recommended Blogs" widget. |
Vulnerability
|
|
|
|
2018-10-17 06:42:00 |
Security flaw in libssh leaves thousands of servers at risk of hijacking (lien direct) |
Vulnerability not as bad as it gets, as most servers use the openssh library to support server-side SSH logins. |
Vulnerability
|
|
|
|
2018-10-15 13:14:00 |
Apple VoiceOver iOS vulnerability permits hacker access to user photos (lien direct) |
The bug can be exploited to gain access to photos stored on a user's device. |
Vulnerability
|
|
|
|
2018-10-13 07:25:01 |
Microsoft JET vulnerability still open to attacks, despite recent patch (lien direct) |
Microsoft's patch for a JET database engine zero-day deemed incomplete. |
Vulnerability
|
|
|
|
2018-10-08 10:33:00 |
MikroTik vulnerability climbs up the severity scale, new attack permits root access (lien direct) |
A bug previously deemed medium in severity may actually be as "bad as it gets" due to a new attack technique. |
Vulnerability
|
|
|
|
2018-10-08 09:37:01 |
Code execution bug in malicious repositories resolved by Git Project (lien direct) |
The critical vulnerability can lead to the execution of code on a vulnerable system. |
Vulnerability
Guideline
|
|
|
|
2018-10-04 21:24:05 |
Hacker wastes entire day hacking Pigeoncoin cryptocurrency only to make $15,000 (lien direct) |
Pigeoncoin hack confirms that the CVE-2018-17144 vulnerability fixed in the Bitcoin source code in mid-September was, indeed, as bad as it gets. |
Hack
Vulnerability
|
|
|
|
2018-09-28 23:23:00 |
Facebook says it detected security breach after traffic spike (lien direct) |
Facebook says the vulnerability hackers exploited was actually a combination of three bugs. |
Vulnerability
|
|
★★★★
|
|
2018-09-27 11:07:05 |
How automakers are tackling connected vehicle vulnerability management (lien direct) |
A new report suggests that front-end security in smart vehicles is improving but the back-end is a different story. |
Vulnerability
|
|
|
|
2018-09-27 10:00:00 |
Researchers find vulnerability in Apple\'s MDM DEP process (lien direct) |
Vulnerability could lead to attackers enrolling malicious devices in enterprise networks, researchers say. |
Vulnerability
Guideline
|
|
|
|
2018-09-24 16:21:00 |
Apple MacOS Mojave zero-day privacy bypass vulnerability revealed (lien direct) |
The latest update of the Mac operating system is expected to hit today -- potentially alongside a zero-day bug which circumvents OS privacy controls. |
Vulnerability
|
|
|
|
2018-09-24 07:37:05 |
Western Digital resolves year-old password bypass bug in My Cloud NAS devices (lien direct) |
The vulnerability can be exploited to give unauthenticated hackers full access to a device. |
Vulnerability
|
|
|
|
2018-09-21 08:23:00 |
Google Zero Day team discloses unpatched Microsoft Jet RCE vulnerability (lien direct) |
Exploit of the security flaw can lead to the remote execution of malicious code. |
Vulnerability
Guideline
|
|
|
|
2018-09-17 16:00:01 |
Hackers hijack surveillance camera footage with \'Peekaboo\' zero-day vulnerability (lien direct) |
The previously unknown security flaw in Nuuo software is thought to impact hundreds of thousands of devices worldwide. |
Vulnerability
|
|
|
|
2018-09-15 22:33:00 |
Nasty piece of CSS code crashes and restarts iPhones (lien direct) |
Vulnerability most likely affects any iOS and macOS app that uses the WebKit rendering engine to display web pages. Apple is investigating. |
Vulnerability
|
|
|
|
2018-09-14 23:04:00 |
FragmentSmack vulnerability also affects Windows, but Microsoft patched it (lien direct) |
FragmentStack can drive CPU usage up through the roof, jamming servers bombarded with malformed IP packets. Just the ideal vulnerability for DDoS attacks on Windows servers. |
Vulnerability
|
|
|
|
2018-09-14 15:28:03 |
Blockchain betting app mocks competitor for getting hacked. Gets hacked four days later (lien direct) |
Hacker steals roughly $125,000 from blockchain-based online gambling app by exploiting vulnerability in EOS smart contract (game's source code). |
Vulnerability
|
|
|
|
2018-09-06 13:01:03 |
Vulnerabilities found in the remote management interface of Supermicro servers (lien direct) |
Eclypsium researchers disclose second vulnerability affecting Supermicro servers in the past three months |
Vulnerability
|
|
|
|
2018-09-06 10:00:00 |
Schneider Electric Modicon vulnerability impacts ICS operation in industrial settings (lien direct) |
The security flaw, if left unpatched, has the potential to cause unnecessary reboots. |
Vulnerability
|
|
★★★★★
|
|
2018-08-30 11:02:00 |
Misfortune Cookie vulnerability returns to impact medical devices (lien direct) |
The four-year-old security flaw has reared its head once again but this time medical equipment, and not routers, are at risk. |
Vulnerability
|
|
|
|
2018-08-30 10:13:02 |
Android \'API breaking\' vulnerability leaks device data, allows user tracking (lien direct) |
A vulnerability in the Android operating system can be used to track users without their knowledge. |
Vulnerability
|
|
|
|
2018-08-28 09:41:04 |
Facebook patches critical server remote code execution vulnerability (lien direct) |
The exploit took advantage of instability in the server's system. |
Vulnerability
|
|
★★
|
|
2018-08-28 08:36:00 |
Fortnite Epic Games CEO rails against Google vulnerability disclosure (lien direct) |
Circumventing the Google Play Store has not gone completely to plan. |
Vulnerability
|
|
|
|
2018-08-16 16:38:00 |
Severe vulnerability exposes WordPress websites to attack (lien direct) |
Researchers say the PHP security flaw could leave countless WordPress websites open to exploit. |
Vulnerability
|
|
|
|
2018-08-13 10:28:00 |
Apple macOS vulnerability paves the way for system compromise with a single click (lien direct) |
Tampering with two lines of code unveiled a serious bug which could lead to full system compromise. |
Vulnerability
Guideline
|
|
|
|
2018-08-12 22:00:01 |
Hackers can steal data from the enterprise using only a fax number (lien direct) |
Fax machines are still widely used by businesses and a communications protocol vulnerability is leaving them exposed to cyberattacks. |
Vulnerability
|
|
|
|
2018-08-09 08:54:05 |
BIND DNS software vulnerability which could lead to DoS attacks exposed (lien direct) |
The bug impacts multiple versions of the open-source software. |
Vulnerability
|
|
|
|
2018-07-24 13:00:00 |
Apache OpenWhisk critical information leak vulnerability exposed (lien direct) |
The security flaws allow remote attackers to underwrite source code. |
Vulnerability
|
|
|