IT Security Tools
News Kategorien unterhalb von IT Security Tools: 0x
News RSS Feeds dieser IT Security Tools Kategorie: IT Security Tools
Benutze Feedly zum Abonieren.
Download RSS Feed App für Windows 10 Store (Leider gibt es nicht mehr viele Extensions mit welchen Sie RSS-Feeds in einer Software abonieren können. Der Browser Support für RSS-Feeds wurde eingestellt (Firefox,Chrome).
Eigene IT Security Webseite / Blog / Quelle hinzufügen
Microsoft Office Equation Editor Code Execution
This Metasploit module exploits a flaw in how the Equation Editor handles OLE objects in memory to execute arbitrary code using RTF files without interaction.
Ubuntu Security Notice USN-3504-1
Ubuntu Security Notice 3504-1 - Wei Lei discovered that libxml2 incorrectly handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.
Ubuntu Security Notice USN-3504-2
Ubuntu Security Notice 3504-2 - USN-3504-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service. Various other issues were also addressed.
Red Hat Security Advisory 2017-3384-01
Red Hat Security Advisory 2017-3384-01 - Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through tables that support a rule or dictionary based approach. Liblouis also supports math braille. Security Fix: A missing fix for one stack-based buffer overflow in findTable() for CVE-2014-8184 was discovered. An attacker could cause denial of service or potentially allow arbitrary code execution.
WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS
WordPress Smart Marketing SMS and Newsletters Forms plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.
VirtualBox suffers from a remote code execution vulnerability due to downloading updates over HTTP.
Claymore's Dual Miner 10.1 Stack Buffer Overflow
Claymore's Dual ETH + DCR/SC/LBC/PASC GPU Miner versions 10.1 and below suffer from a stack buffer overflow vulnerability.
WordPress WP Mailster 126.96.36.199 Cross Site Scripting
WordPress WP Mailster plugin version 188.8.131.52 suffers from a persistent cross site scripting vulnerability.
BSides SF 2018 Call For Papers
BSides SF is soliciting papers and presentations for the 2018 annual BSidesSF conference. It will be located at City View at the Metreon in downtown San Francisco April 15th through the 16th, 2018.
WordPress Z-URL Preview 1.6.1 Cross Site Scripting
WordPress Z-URL Preview plugin version 1.6.1 suffers from a persistent cross site scripting vulnerability.
WordPress Super Simple Custom CSS 1.2 Cross Site Scripting
WordPress Super Simple Custom CSS plugin version 1.2 suffers from a persistent cross site scripting vulnerability.
WordPress 3rd-Party Inject Results 0.2 Cross Site Scripting
WordPress 3rd-Party Inject Results plugin version 0.2 suffers from a persistent cross site scripting vulnerability.
Chakra CFG Bypass Due To Bug In ServerFreeAllocation
Charka suffers from a CFG bypass due to a bug in ServerFreeAllocation.
Chakra CFG Bypass With leafInterpreterFrame
Arq Backup 5.9.7 Local Root Privilege Escalation
Arq Backup versions 5.9.7 and below suffer from a local root privilege escalation vulnerability.
Arq Backup 5.9.6 Local Root Privilege Escalation
Arq Backup versions 5.9.6 and below suffer from a local root privilege escalation vulnerability.
Ubuntu Security Notice USN-3503-1
Ubuntu Security Notice 3503-1 - It was discovered that Evince incorrectly handled printing certain DVI files. If a user were tricked into opening and printing a specially-named DVI file, an attacker could use this issue to execute arbitrary code.
Ubuntu Security Notice USN-3498-2
Ubuntu Security Notice 3498-2 - USN-3498-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that curl incorrectly handled FTP wildcard matching. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. Various other issues were also addressed.
Red Hat Security Advisory 2017-3382-01
Red Hat Security Advisory 2017-3382-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.5.1 ESR. Security Fix: A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared when exiting and would persist across multiple sessions. A malicious website could exploit the flaw to bypass private-browsing protections and uniquely fingerprint visitors.
Red Hat Security Advisory 2017-3379-01
Red Hat Security Advisory 2017-3379-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Security Fix: It was found that sssd's sysdb_search_user_by_upn_res() function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.
Red Hat Security Advisory 2017-3375-01
Red Hat Security Advisory 2017-3375-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 7.2 was retired as of November 30, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 7.2 EUS after November 30, 2017.
Red Hat Security Advisory 2017-3376-01
Red Hat Security Advisory 2017-3376-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Telecommunications Update Service for Red Hat Enterprise Linux 6.5 was retired as of November 30, 2017, and active support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.5 TUS after November 30, 2017.
Amazon Audible DLL Hijacking
Amazon Audible suffers from a dll hijacking vulnerability.
0d1n is a web security tool for fuzzing various HTTP/S payloads. It's written in C and uses libcurl.
TOR Virtual Network Tunneling Tool 0.3.1.9
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
Red Hat Security Advisory 2017-3372-01
Red Hat Security Advisory 2017-3372-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.5.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
OpenEMR 5.0.0 Command Injection / Cross Site Scripting
OpenEMR version 5.0.0 suffers from code execution and cross site scripting vulnerabilities.
WAGO PFC 200 Series Authentication Bypass
WAGO PFC 200 Series suffers from multiple unauthenticated access bypass vulnerabilities.
FortiGate SSL VPN Portal 5.x Cross Site Scripting
FortiGate SSL VPN Portal versions 5.6.2 and below, 5.4.6 and below, 5.2.12 and below, and 5.0 and below suffer from a cross site scripting vulnerability.
Asterisk Project Security Advisory - AST-2017-013
Asterisk Project Security Advisory - If the chan_skinny (AKA SCCP protocol) channel driver is flooded with certain requests it can cause the asterisk process to use excessive amounts of virtual memory eventually causing asterisk to stop processing requests of any kind.
WinduCMS 3.1 Local File Disclosure
WinduCMS versions 3.1 and below suffer from a local file disclosure vulnerability.
HP iMC Plat 7.2 Remote Code Execution
HP iMC Plat version 7.2 suffers from a remote code execution vulnerability.
Jobs2Careers / Coroflot Clone SQL Injection
Jobs2Careers / Coroflot Clone suffer from a remote SQL injection vulnerability.
Abyss Web Server Memory Heap Corruption
Abyss Web Server versions prior to 2.11.6 suffer from a memory heap corruption vulnerability.
SeitennavigationSeite 237 von 269 Seiten (Bei Beitrag 8260 - 8295)
9.407x Beiträge in dieser Kategorie
Auf Seite 236 zurück | Nächste 238 Seite | Letzte Seite
[ 232 ] [ 233 ] [ 234 ] [ 235 ] [ 236 ]  [ 238 ] [ 239 ] [ 240 ] [ 241 ] [ 242 ] [ 243 ] [ 244 ] [ 245 ] [ 246 ] [ 247 ]