π΄ Poll Results: Security Pros Are Not Only Smart -- They're Generous, Too π΄
π Read
via "Dark Reading: ".
Altruism is alive and well among Edge readers, who seek to share their security expertise with causes they care about.π Read
via "Dark Reading: ".
Dark Reading
Poll Results: Security Pros Are Not Only Smart -- They're Generous, Too
Altruism is alive and well among Edge readers, who seek to share their security expertise with causes they care about.
ATENTIONβΌ New - CVE-2014-4559
π Read
via "National Vulnerability Database".
Multiple cross-site scripting (XSS) vulnerabilities in test-plugin.php in the Swipe Checkout for WP e-Commerce plugin 3.1.0 and earlier for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) api_key, (2) payment_page_url, (3) merchant_id, (4) api_url, or (5) currency parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2014-4525
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in the Ebay Feeds for WordPress plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2014-4523
π Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in the Easy Career Openings plugin 0.4 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.π Read
via "National Vulnerability Database".
β Google Chrome Affected By Magellan 2.0 Flaws β
π Read
via "Threatpost".
Researchers warn that five vulnerabilities that stem from SQLite could enable remote code execution.π Read
via "Threatpost".
Threat Post
Google Chrome Affected By Magellan 2.0 Flaws
Researchers warn that five vulnerabilities that stem from SQLite could enable remote code execution.
ATENTIONβΌ New - CVE-2016-1000029
π Read
via "National Vulnerability Database".
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would potentially impact other admins (Tenable IDs 5218 and 5269).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2016-1000028
π Read
via "National Vulnerability Database".
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the Nessus UI, and would only potentially impact other admins. (Tenable ID 5198).π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4695
π Read
via "National Vulnerability Database".
Winamp 5.63: Invalid Pointer Dereference leading to Arbitrary Code Executionπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4693
π Read
via "National Vulnerability Database".
WordPress Xorbin Digital Flash Clock 1.0 has XSSπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4691
π Read
via "National Vulnerability Database".
Sencha Labs Connect has XSS with connect.methodOverride()π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4665
π Read
via "National Vulnerability Database".
SPBAS Business Automation Software 2012 has CSRF.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4664
π Read
via "National Vulnerability Database".
SPBAS Business Automation Software 2012 has XSS.π Read
via "National Vulnerability Database".
β Christmas malware uses βSupport Greta Thunbergβ as a lure β
π Read
via "Naked Security".
You're invited to a climate demonstration... but to find the time and place, you need to open an attachment. Don't do it!π Read
via "Naked Security".
Naked Security
Christmas malware uses βSupport Greta Thunbergβ as a lure
Youβre invited to a climate demonstrationβ¦ but to find the time and place, you need to open an attachment. Donβt do it!
π Friday Five: 12/27 Edition π
π Read
via "Subscriber Blog RSS Feed ".
A phishing attack targets PayPal customers, two bugs are discovered in the Twitter Android app, and a cyber attack causes flight cancellations in Alaska - catch up on the week's news with the Friday Five.π Read
via "Subscriber Blog RSS Feed ".
Digital Guardian
Friday Five: 12/27 Edition
A phishing attack targets PayPal customers, two bugs are discovered in the Twitter Android app, and a cyber attack causes flight cancellations in Alaska - catch up on the week's news with the Friday Five.
ATENTIONβΌ New - CVE-2013-5027
π Read
via "National Vulnerability Database".
Collabtive 1.0 has incorrect access controlπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4985
π Read
via "National Vulnerability Database".
Multiple Vivotek IP Cameras remote authentication bypass that could allow access to the video streamπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4982
π Read
via "National Vulnerability Database".
AVTECH AVN801 DVR has a security bypass via the administration login captchaπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4976
π Read
via "National Vulnerability Database".
Hikvision DS-2CD7153-E IP Camera has security bypass via hardcoded credentialsπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4975
π Read
via "National Vulnerability Database".
Hikvision DS-2CD7153-E IP Camera has Privilege Escalationπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4868
π Read
via "National Vulnerability Database".
Karotz API 12.07.19.00: Session Token Information Disclosureπ Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2013-4867
π Read
via "National Vulnerability Database".
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijackingπ Read
via "National Vulnerability Database".