ATENTION‼ New - CVE-2012-1258
📖 Read
via "National Vulnerability Database".
cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters.📖 Read
via "National Vulnerability Database".
🔐 Patscan platform detects hidden weapons, chemicals and bombs 🔐
📖 Read
via "Security on TechRepublic".
At CES 2020, Patriot One Technologies explained its Patscan platform, which can detect hidden weapons and more without the perpetrator even knowing they've been scanned.📖 Read
via "Security on TechRepublic".
TechRepublic
Patscan platform detects hidden weapons, chemicals and bombs
At CES 2020, Patriot One Technologies explained its Patscan platform, which can detect hidden weapons and more without the perpetrator even knowing they've been scanned.
🕴 Chinese Malware Found Preinstalled on US Government-Funded Phones 🕴
📖 Read
via "Dark Reading: ".
Researchers found unremovable malware preinstalled in the Unimax U686CL, a budget Android device sold by Assurance Wireless.📖 Read
via "Dark Reading: ".
Darkreading
Chinese Malware Found Preinstalled on US Government-Funded Phones
Researchers found unremovable malware preinstalled in the Unimax U686CL, a budget Android device sold by Assurance Wireless.
ATENTION‼ New - CVE-2012-5558
📖 Read
via "National Vulnerability Database".
Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary web script or HTML via a smiley acronym.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-4434
📖 Read
via "National Vulnerability Database".
fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3810
📖 Read
via "National Vulnerability Database".
Samsung Kies before 2.5.0.12094_27_11 has registry modification.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3809
📖 Read
via "National Vulnerability Database".
Samsung Kies before 2.5.0.12094_27_11 has arbitrary directory modification.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3808
📖 Read
via "National Vulnerability Database".
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file modification.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3807
📖 Read
via "National Vulnerability Database".
Samsung Kies before 2.5.0.12094_27_11 has arbitrary file execution.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3806
📖 Read
via "National Vulnerability Database".
Samsung Kies before 2.5.0.12094_27_11 contains a NULL pointer dereference vulnerability which could allow remote attackers to perform a denial of service.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-3490
📖 Read
via "National Vulnerability Database".
The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-2950
📖 Read
via "National Vulnerability Database".
Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-2931
📖 Read
via "National Vulnerability Database".
PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-2226
📖 Read
via "National Vulnerability Database".
Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-2142
📖 Read
via "National Vulnerability Database".
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2012-1915
📖 Read
via "National Vulnerability Database".
EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.📖 Read
via "National Vulnerability Database".
ATENTION‼ New - CVE-2010-3282
📖 Read
via "National Vulnerability Database".
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log.📖 Read
via "National Vulnerability Database".
🕴 Attackers Increase Focus on North American Electric Utilities: Report 🕴
📖 Read
via "Dark Reading: ".
Electric utilities continue to be a target of nation-state attackers, even before the latest tensions between Iran and the United States, says a critical-infrastructure security firm.📖 Read
via "Dark Reading: ".
Darkreading
Attackers Increase Focus on North American Electric Utilities: Report
Electric utilities continue to be a target of nation-state attackers, even before the latest tensions between Iran and the United States, says a critical-infrastructure security firm.
⚠ Fake-review purge: Facebook boots 188 groups, eBay bans 140 shills ⚠
📖 Read
via "Naked Security".
After a poke from the UK's watchdog, the companies promised to beef up filters to strain out those who write, buy and sell fluffy nonsense.📖 Read
via "Naked Security".
Naked Security
Fake-review purge: Facebook boots 188 groups, eBay bans 140 shills
After a poke from the UK’s watchdog, the companies promised to beef up filters to strain out those who write, buy and sell fluffy nonsense.
⚠ Ransomware pounces on California schools, Las Vegas trounces attack ⚠
📖 Read
via "Naked Security".
We'll have one serving of whatever Las Vegas is eating and wish Pittsburg Unified School District good luck with getting unstuck.📖 Read
via "Naked Security".
Naked Security
Ransomware pounces on California schools, Las Vegas trounces attack
We’ll have one serving of whatever Las Vegas is eating and wish Pittsburg Unified School District good luck with getting unstuck.
⚠ Hackers use system weakness to rattle doors on Citrix systems ⚠
📖 Read
via "Naked Security".
Attackers are using a serious bug in Citrix products to scan the internet for weaknesses, according to experts.📖 Read
via "Naked Security".
Naked Security
Hackers use system weakness to rattle doors on Citrix systems
Attackers are using a serious bug in Citrix products to scan the internet for weaknesses, according to experts.