Vulnerability News
@VulnerabilityNews
4.78K subscribers
2 photos
42K links
Every day new posts about vulnerabilities and cybersecurity news. Get the latest news about the cyberspace!

Group: @VulnerabilityNewsGroup
Download Telegram
About
Blog
Apps
Platform
Join
Vulnerability News
4.78K subscribers
Vulnerability News
It was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name.
Published at: July 16, 2018 at 03:29PM
View on website
72 views
Vulnerability News
The atlassian-http library, as used in various Atlassian products, before version 2.0.2 allows remote attackers to spoof web content in the Mozilla Firefox Browser through uploaded files that have a content-type of application/mathml+xml.
Published at: July 18, 2018 at 04:29PM
View on website
76 views
Vulnerability News
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates feature.
Published at: July 16, 2018 at 10:29PM
View on website
80 views
Vulnerability News
Venmo users: time to hide your drug deals and excessive pizza consumption
Read More
74 views
Vulnerability News
Automated money-laundering scheme found in free-to-play games
Read More
75 views
Vulnerability News
Trends in malware – ransomware, cryptojacking, what next? [PODCAST]
Read More
73 views
Vulnerability News
Privacy Advocates Say Kelsey Smith Act Gives Police Too Much Power
Read more
71 views
Vulnerability News
[webapps] WordPress Plugin All In One Favicon 4.6 - Cross-Site Scripting
Read More
72 views
Vulnerability News
Google hit with $5.1b fine in EU’s Android antitrust case
Read More
68 views
Vulnerability News
[webapps] MyBB New Threads Plugin 1.1 - Cross-Site Scripting
Read More
72 views
Vulnerability News
Critical Authentication Flaws in Cisco Policy Suite Patched
Read more
73 views
Vulnerability News
nss before version 3.30 is vulnerable to a remote denial of service during the session handshake when using SessionTicket extension and ECDHE-ECDSA.
Published at: July 19, 2018 at 03:29PM
View on website
67 views
Vulnerability News
[local] Linux - BPF Sign Extension Local Privilege Escalation (Metasploit)
Read More
71 views
Vulnerability News
Number of Retailers Impacted by Breaches Doubles
Read More
68 views
Vulnerability News
Beyond Passwords: Why Your Company Should Rethink Authentication
Read More
68 views
Vulnerability News
How Cyber Insurance Changes the Conversation Around Risk
Read more
67 views
Vulnerability News
6 Ways to Tell an Insider Has Gone Rogue
Read More
62 views
Vulnerability News
New Scanner Aims to Protect Home Networks
Read More
61 views
Vulnerability News
GangWang GPS Navigation Attack Leads Unsuspecting Drivers Astray
Read more
59 views
Vulnerability News
The Fundamental Flaw in Security Awareness Programs
Read More
59 views
Vulnerability News
The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x before 6.3.8-s1 allows remote attackers to conduct PHP Object Injection attacks by intercepting a request to update.webedition.org.
Published at: July 19, 2018 at 07:29PM
View on website
61 views