ATENTION‼ New - CVE-2013-3945
📖 Read
via "National Vulnerability Database".
The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a nband tag.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2013-3944
📖 Read
via "National Vulnerability Database".
Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2013-3941
📖 Read
via "National Vulnerability Database".
Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2013-3939
📖 Read
via "National Vulnerability Database".
xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2013-3937
📖 Read
via "National Vulnerability Database".
Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2013-3932
📖 Read
via "National Vulnerability Database".
SQL injection vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to execute arbitrary SQL commands via the id parameter in an editProfile action to administrator/index.php.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2013-3931
📖 Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to inject arbitrary web script or HTML via the property_name parameter, related to editing property details.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2013-3247
📖 Read
via "National Vulnerability Database".
Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2013-3246
📖 Read
via "National Vulnerability Database".
Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2010-3782
📖 Read
via "National Vulnerability Database".
obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api implementation.📖 Read
via "National Vulnerability Database".
🕴 Ransomware Scuttles Coast Guard Facility for 30+ Hours 🕴
📖 Read
via "Dark Reading: ".
The attack on the unnamed facility began with a malicious email link.📖 Read
via "Dark Reading: ".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
🔐 How to install and use git-secret 🔐
📖 Read
via "Security on TechRepublic".
Learn how to gain more security in your git repository with the help of the git-secret tool.📖 Read
via "Security on TechRepublic".
TechRepublic
How to install and use git-secret
Learn how to gain more security in your git repository with the help of the git-secret tool.
🕴 CCPA Kickoff: What Businesses Need to Know 🕴
📖 Read
via "Dark Reading: ".
The California Consumer Privacy Act is in full effect, prompting organizations to think about how they'll remain compliant.📖 Read
via "Dark Reading: ".
Dark Reading
CCPA Kickoff: What Businesses Need to Know
The California Consumer Privacy Act is in full effect, prompting organizations to think about how they'll remain compliant.
🕴 Time for Insider-Threat Programs to Grow Up 🕴
📖 Read
via "Dark Reading: ".
Immature programs attempting to protect against damaging attacks by insiders run the risk of alienating employees.📖 Read
via "Dark Reading: ".
Dark Reading
Time for Insider-Threat Programs to Grow Up
Immature programs attempting to protect against damaging attacks by insiders run the risk of alienating employees.
ATENTION‼ New - CVE-2013-1642
📖 Read
via "National Vulnerability Database".
Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) dir, (2) item, (3) order, (4) searchitem, (5) selitems[], or (6) srt parameter to index.php or (7) the QUERY_STRING to index.php.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2013-1420
📖 Read
via "National Vulnerability Database".
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to backup-edit.php; (2) title or (3) menu parameter to edit.php; or (4) path or (5) returnid parameter to filebrowser.php in admin/. NOTE: the path parameter in admin/upload.php vector is already covered by CVE-2012-6621.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2013-0737
📖 Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the fieldnames parameter.📖 Read
via "National Vulnerability Database".
⚠ Python is dead. Long live Python! ⚠
📖 Read
via "Naked Security".
Is Python 2 *really* dead. Or is it just shagged out after a long squawk?📖 Read
via "Naked Security".
Naked Security
Python is dead. Long live Python!
Is Python 2 *really* dead. Or is it just shagged out after a long squawk?
❌ Google Boots Security Camera Maker From Nest Hub After Private Images Go Public ❌
📖 Read
via "Threatpost".
The issue came to light after a Reddit user claimed being able to see strangers on his Xiaomi Mijia smart camera.📖 Read
via "Threatpost".
Threat Post
Google Boots Security Camera Maker From Nest Hub After Private Images Go Public
The issue came to light after a Reddit user claimed being able to see strangers on his Xiaomi Mijia smart camera.
🕴 Organizations May 'Uncloud' Over Security, Budgetary Concerns 🕴
📖 Read
via "Dark Reading: ".
While most cloud vendors forecast continued adoption and growth, some customers are taking a harder look at the cloud services they're using📖 Read
via "Dark Reading: ".
Dark Reading
Organizations May 'Uncloud' Over Security, Budgetary Concerns
While most cloud vendors forecast continued adoption and growth, some customers are taking a harder look at the cloud services they're using
🕴 Continental Drift: Is Digital Sovereignty Splitting Global Data Centers? 🕴
📖 Read
via "Dark Reading: ".
The recent proposal by Germany, backed by France, to fuse the infrastructures of Europe's cloud providers could challenge every data center storing a European's data.📖 Read
via "Dark Reading: ".
Dark Reading
Continental Drift: Is Digital Sovereignty Splitting Global Data Centers?
The recent proposal by Germany, backed by France, to fuse the infrastructures of Europe's cloud providers could challenge every data center storing a European's data.