πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2015-0837

The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack."

πŸ“– Read

via "National Vulnerability Database".
50 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2014-9356

Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or (2) build in a Dockerfile.

πŸ“– Read

via "National Vulnerability Database".
48 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2014-3591

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.

πŸ“– Read

via "National Vulnerability Database".
47 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2013-7484

Zabbix before 5.0 represents passwords in the users table with unsalted MD5.

πŸ“– Read

via "National Vulnerability Database".
46 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2013-4410

ReviewBoard: has an access-control problem in REST API

πŸ“– Read

via "National Vulnerability Database".
48 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2012-5562

rhn-proxy: may transmit credentials over clear-text when accessing RHN Satellite

πŸ“– Read

via "National Vulnerability Database".
49 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2012-4576

FreeBSD: Input Validation Flaw allows local users to gain elevated privileges

πŸ“– Read

via "National Vulnerability Database".
50 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2012-4526

piwigo has XSS in password.php (incomplete fix for CVE-2012-4525)

πŸ“– Read

via "National Vulnerability Database".
53 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2012-4525

piwigo has XSS in password.php

πŸ“– Read

via "National Vulnerability Database".
56 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Leveraging the Cloud for Cyber Intelligence πŸ•΄

How fusing output datasets and sharing information can create a real-time understanding of suspicious activity across your enterprise.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
Cloud Security recent news | Dark Reading
Explore the latest news and expert commentary on Cloud Security, brought to you by the editors of Dark Reading
55 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2013-2228

SaltStack RSA Key Generation allows remote users to decrypt communications

πŸ“– Read

via "National Vulnerability Database".
54 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2013-2106

webauth before 4.6.1 has authentication credential disclosure

πŸ“– Read

via "National Vulnerability Database".
56 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2013-2103

OpenShift cartridge allows remote URL retrieval

πŸ“– Read

via "National Vulnerability Database".
53 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2013-2101

Katello has multiple XSS issues in various entities

πŸ“– Read

via "National Vulnerability Database".
51 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2012-4525

piwigo has XSS in password.php

πŸ“– Read

via "National Vulnerability Database".
51 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2012-4480

mom creates world-writable pid files in /var/run

πŸ“– Read

via "National Vulnerability Database".
54 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2012-4428

openslp: SLPIntersectStringList()' Function has a DoS vulnerability

πŸ“– Read

via "National Vulnerability Database".
57 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Siemens Offers Workarounds for Newly Found PLC Vulnerability πŸ•΄

An undocumented hardware-based special access feature recently found by researchers in Siemens' S7-1200 can be used by attackers to gain control of the industrial devices.

πŸ“– Read

via "Dark Reading: ".
Dark Reading
Siemens Offers Workarounds for Newly Found PLC Vulnerability
An undocumented hardware-based special access feature recently found by researchers in Siemens' S7-1200 can be used by attackers to gain control of the industrial devices.
61 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Critical Android Flaw Leads to β€˜Permanent DoS’ ❌

The December security update stomped out critical denial-of-service (DoS) and remote-code-execution (RCE) vulnerabilities in the Android operating system.

πŸ“– Read

via "Threatpost".
Threat Post
Critical Android Flaw Leads to β€˜Permanent DoS’
The December security update stomped out critical denial-of-service (DoS) and remote-code-execution (RCE) vulnerabilities in the Android operating system.
59 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2013-4486

Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging

πŸ“– Read

via "National Vulnerability Database".
58 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
ATENTIONβ€Ό New - CVE-2013-4411

Review Board: URL processing gives unauthorized users access to review lists

πŸ“– Read

via "National Vulnerability Database".
58 views