Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410.
Monthly Archives: December 2015
CVE-2015-6395
Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly restrict access to web pages, which allows remote attackers to modify the configuration via a direct request, aka Bug ID CSCuw48188.
CVE-2015-6417
Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CSCuv87025.
Windows Authentication UI DLL side loading vulnerability
Posted by Securify B.V. on Dec 12
————————————————————————
Windows Authentication UI DLL side loading vulnerability
————————————————————————
Yorick Koster, August 2015
————————————————————————
Abstract
————————————————————————
A DLL side loading vulnerability was found in the Windows…
Event Viewer Snapin multiple DLL side loading vulnerabilities
Posted by Securify B.V. on Dec 12
————————————————————————
Event Viewer Snapin multiple DLL side loading vulnerabilities
————————————————————————
Yorick Koster, August 2015
————————————————————————
Abstract
————————————————————————
Multiple DLL side loading vulnerabilities were found in the…
COM+ Services DLL side loading vulnerability
Posted by Securify B.V. on Dec 12
————————————————————————
COM+ Services DLL side loading vulnerability
————————————————————————
Yorick Koster, August 2015
————————————————————————
Abstract
————————————————————————
A DLL side loading vulnerability was found in the COM+ Services
component…
Anonymous Declares War On Donald Trump — #OpTrump
After targeting the Islamic State (ISIS) group in the wake of Deadly terror attacks in Paris, hacktivist group Anonymous has now turned its attention to controversial US presidential candidate Donald Trump.
The hacktivist group has declared war against Donald Trump following his recent radical speech stating he wanted to ban Muslims from entering the United States.<!– adsense –>
Anonymous vs.
Apple Releases Security Update for iTunes
Original release date: December 11, 2015
Apple has released a security update for Apple iTunes to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.
Users and administrators are encouraged to review information on iTunes 12.3.2 and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
Bugtraq: WordPress <=v4.4 Username Exists Information Disclosure
WordPress <=v4.4 Username Exists Information Disclosure
Bugtraq: ORGIN STUDIOS Cms Multiple Vulnerability
ORGIN STUDIOS Cms Multiple Vulnerability