Several vulnerabilities have been discovered in gdk-pixbuf, a toolkit
for image loading and pixel buffer manipulation. A remote attacker can
take advantage of these flaws to cause a denial-of-service against an
application using gdk-pixbuf (application crash), or potentially, to
execute arbitrary code with the privileges of the user running the
application, if a malformed image is opened.
Monthly Archives: May 2016
CVE-2016-1404
Cisco UCS Invicta 4.3, 4.5, and 5.0.1 on Invicta appliances and Invicta Scaling System uses the same hardcoded GnuPG encryption key across different customers’ installations, which allows remote attackers to defeat cryptographic protection mechanisms by sniffing network traffic to an Autosupport server and leveraging knowledge of this key from another installation, aka Bug ID CSCur85504.
CVE-2016-1409
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS XE 2.1 through 3.17S, IOS XR 2.0.0 through 5.3.2, and NX-OS allows remote attackers to cause a denial of service (packet-processing outage) via crafted ND messages, aka Bug ID CSCuz66542, as exploited in the wild in May 2016.
Process Hacker DLL Hijacking
Process Hacker suffers from a DLL hijacking vulnerability.
DSA-3588 symfony – security update
Two vulnerabilities were discovered in Symfony, a PHP framework.
Comment on Do you Want to Install WhatsApp on Your PC? New Online Scam Announced on Facebook by sonto
I need to install whatsapp on my phone,plz 😞
What the CISSP? 20 years as a Certified Information Systems Security Professional
Reflecting on 20 years of CISSP, the Certified Information Systems Security Professional qualification from (ISC)2, the International Information System Security Certification Consortium.
The post What the CISSP? 20 years as a Certified Information Systems Security Professional appeared first on We Live Security.
Intex Wireless N150 Router CSRF / Insecure Transport
Intex Wireless N150 router suffers from cross site request forgery, credential management, insecure transport, and various other vulnerabilities.
CVE-2016-1379
Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted (1) LAN-to-LAN or (2) Remote Access VPN tunnel packets, aka Bug ID CSCuv70576.
CVE-2016-1410
Cisco WebEx Meeting Center Original Release Base allows remote attackers to obtain sensitive information about username validity by (1) attending or (2) hosting a meeting, aka Bug ID CSCux84312.