SQL injection vulnerability in GBgallery.php in the GB Gallery Slideshow plugin 1.5 for WordPress allows remote administrators to execute arbitrary SQL commands via the selected_group parameter in a gb_ajax_get_group action to wp-admin/admin-ajax.php.
Monthly Archives: October 2014
CVE-2014-7140
Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway 10.x before 10.1-129.11 and 10.5 before 10.5-50.10 allows remote attackers to execute arbitrary code via unknown vectors.
Myths about malware: an exploit is the same as malware
In this post we want to share with you a question that arose from the first post in this series: whether exploits are the same as malware. What are we talking about? The best way to debunk any myth is to start by understanding what it is we are talking about.
The post Myths about malware: an exploit is the same as malware appeared first on We Live Security.
Google Adds Hardware Security Key For Account Protection
Google is introducing an improved two-factor authentication system for Gmail and its other services that uses a tiny hardware token that will only work on legitimate Google sites. The new Security Key system is meant to help defeat attacks that rely on highly plausible fake sites that are designed to capture users’ credentials. Attackers often go […]
NSA Clears The Galaxy Note 4 And Galaxy S5 For Government Use
California Woman Charged With Using Spyware To Tap A Cop's Phone
Palo Alto Networks Boxes Spray Firewall Creds Across The Net
Staples Investigators Frantically Pushing Easy Button After Possible Credit Card Breach
Kaspersky Lab and INTERPOL Survey Reports: 60 Percent of Android Attacks Use Financial Malware
[ MDVSA-2014:201 ] kernel
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2014:201 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : kernel Date : October 21, 2014 Affected: Business Server 1.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities has been found and corrected in the Linux kernel: The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table mappings (CVE-2014-3122). Multiple stack-based buffer overflows in the magicmouse_raw_event function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in th