NVD

CVE-2016-2388

February 16, 2016 007admin

The Universal Worklist Configuration in SAP NetWeaver 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.

NVD

CVE-2016-2389

February 16, 2016 007admin

Directory traversal vulnerability in the Manufacturing Integration and Intelligence (xMII) component in SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2230978.

Avira

My father is being held for ransom

February 16, 2016 007admin

It’s enough to make the blood run cold of every computer user – a family member calling for help: “I can’t use my computer anymore! All I see are strange messages and I can’t open ANYTHING!” Here is what one Avira employee did, didn’t do, and why the FBI can be very, very wrong:

The post My father is being held for ransom appeared first on Avira Blog.

Full Disclosure

Redaxo CMS contains multiple vulnerabilities

February 16, 2016 007admin

Posted by LSE-Advisories on Feb 16

=== LSE Leading Security Experts GmbH – Security Advisory 2016-01-18 ===

Redaxo CMS contains multiple vulnerabilities
————————————————————-

Problem Overview
================
Technical Risk: high
Likelihood of Exploitation: medium
Vendor: https://www.redaxo.org/
Tested version: Redaxo CMS v5.0.0
Credits: LSE Leading Security Experts GmbH employee Tim Herres
Advisory URL:…

Security