SAP HANA SPS09 1.00.091.00.14186593 allows local users to obtain sensitive information by leveraging the EXPORT statement to export files, aka SAP Security Note 2252941.
Monthly Archives: August 2016
CVE-2016-6150
The multi-tenant database container feature in SAP HANA does not properly encrypt communications, which allows remote attackers to bypass intended access restrictions and possibly have unspecified other impact via unknown vectors, aka SAP Security Note 2233550.
Davolink DV-2051 Missing Access Control
Davolink DV-2051 suffers from a missing access control vulnerability.
This ATM Hack Allows Crooks to Steal Money From Chip-and-Pin Cards
Forget about security! It turns out that the Chip-and-PIN cards are just as easy to clone as magnetic stripe cards.
It took researchers just a simple chip and pin hack to withdraw up to $50,000 in cash from an ATM in America in under 15 minutes.
We have been told that EMV (Europay, MasterCard and Visa) chip-equipped cards provides an extra layer of security which makes these cards more secure
PHP Power Browse 1.2 Path Traversal
PHP Power Browse version 1.2 suffers from a path traversal vulnerability.
ntop 2.5 Cross Site Request Forgery / Command Execution
ntop versions 2.3 through 2.5 suffer from cross site request forgery and multiple command execution vulnerabilities.
Torrentz.eu Shuts Down Forever! End of Biggest Torrent Search Engine
Over two weeks after the shutdown of Kickass Torrents and arrest of its admin in Poland, the world’s biggest BitTorrent meta-search engine Torrentz.eu has apparently shut down its operation.
The surprise shutdown of Torrentz marks the end of an era.
<!– adsense –>
Torrentz.eu was a free, fast and powerful meta-search engine that hosted no torrents of its own, but combined results from dozens
Kaspersky Lab Becomes the Latest Member of the Family Online Safety Institute
Kaspersky Lab announced today that it has become the newest member of The Family Online Safety Institute (FOSI)
Hack Apple & Get Paid up to $200,000 Bug Bounty Reward
So finally, Apple will pay you for your efforts of finding bugs in its products.
While major technology companies, including Microsoft, Facebook and Google, have launched bug bounty programs over last few years to reward researchers and hackers who report vulnerabilities in their products, Apple remained a holdout.
But, not now.
On Thursday, Apple announced at the Black Hat security
FortiCloud – (Reports Summary) Multiple Persistent Vulnerabilities
Posted by Vulnerability Lab on Aug 05
Document Title:
===============
FortiCloud – (Reports Summary) Multiple Persistent Vulnerabilities
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1735
Release Date:
=============
2016-08-05
Vulnerability Laboratory ID (VL-ID):
====================================
1735
Common Vulnerability Scoring System:
====================================
3.6
Product & Service Introduction:…