Cybersecurity and cybercrime are a hot political topic in America these days, but a history of ignoring warning signs suggests a lack of commitment to acting on the rhetoric.
The post Cybersecurity and commitment: issues in the fight against cybercrime appeared first on We Live Security.
WordPress Bretheon theme suffers from an arbitrary file download vulnerability.
WebGUI version 7.10.29 suffers from a cross site scripting vulnerability.
Posted by Thomas Hibbert on Jan 18
( , ) (,
. ‘.’ ) (‘. ‘,
). , (‘. ( ) (
(_,) .’), ) _ _,
/ _____/ / _ ____ ____ _____
____ ==/ /_ _/ ___/ _ /
/ / | \ __( <_> ) Y Y
/______ /___|__ / ___ >____/|__|_| /
/ /.-. / /:wq
(x.0)
‘=.|w|.=’
_=”””=….
Posted by Veysel hataş on Jan 18
Title : VLC Player 2.1.5 DEP Access Violation Vulnerability
Discoverer: Veysel HATAS (@muh4f1z)
Web page : www.binarysniper.net
Vendor : VideoLAN VLC Project
Test: Windows XP SP3
Status: Not Fixed
Severity : High
CVE ID : CVE-2014-9597
OSVDB ID : 116450 <http://osvdb.org/show/osvdb/116450>
VLC Ticket : 13389 <https://trac.videolan.org/vlc/ticket/13389>
Discovered : 24 November 2014
Reported : 26 December 2014
Published : 9…
Posted by Steffen Rösemann on Jan 18
Advisory: Reflecting XSS vulnerability in CMS Websitebaker v.2.8.3 SP3
Advisory ID: SROEADV-2015-03
Author: Steffen Rösemann
Affected Software: CMS Websitebaker v.2.8.3 SP3
Vendor URL: http://www.websitebaker.org/de/home.php
Vendor Status: Vendor did not respond
CVE-ID: CVE-2015-0553
Tested with:
– Firefox 34
– Mac OS X 10.10
==========================
Vulnerability Description:
==========================
In the administrative backend of the…
Posted by admin () evolution-sec com on Jan 18
Document Title:
===============
Pandora FMS v5.1 SP1 – Persistent SNMP Editor Vulnerability
References (Source):
====================
http://vulnerability-lab.com/get_content.php?id=1356
Release Date:
=============
2015-01-14
Vulnerability Laboratory ID (VL-ID):
====================================
1356
Common Vulnerability Scoring System:
====================================
3.4
Product & Service Introduction:…
Posted by David Coomber on Jan 18
McAfee Advanced Threat Defense – Sandbox Fingerprinting & Bypass
John Houwer discovered a way to cause xdg-open, a tool that automatically
opens URLs in a user’s preferred application, to execute arbitrary
commands remotely.
McAfee Advanced Threat Defense suffers from sandbox fingerprinting and bypass vulnerabilities.
