magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash).
CVE-2014-9840
ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file.
Hackers Threaten to Remotely Wipe 300 Million iPhones Unless Apple Pays Ransom
If you use iCloud to sync your Apple devices, your private data may be at risk of getting exposed or deleted by April 7th.
It has been found that a mischievous group of hackers claiming to have access to over 300 million iCloud accounts is threatening Apple to remotely wipe data from those millions of Apple devices unless Apple pays it $75,000 in crypto-currency or $100,000 worth of iTunes
Unpatchable 'DoubleAgent' Attack Can Hijack All Windows Versions — Even Your Antivirus!
A team of security researchers from Cybellum, an Israeli zero-day prevention firm, has discovered a new Windows vulnerability that could allow hackers to take full control of your computer.
Dubbed DoubleAgent, the new injecting code technique works on all versions of Microsoft Windows operating systems, starting from Windows XP to the latest release of Windows 10.
What’s worse? DoubleAgent
SysGauge SMTP Validation Buffer Overflow
This Metasploit module will setup an SMTP server expecting a connection from SysGauge 1.5.18 via its SMTP server validation. The module sends a malicious response along in the 220 service ready response and exploits the client, resulting in an unprivileged shell.
Ubuntu Security Notice USN-3239-2
Ubuntu Security Notice 3239-2 – USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2015-5180 introduced an internal ABI change within the resolver library. This update reverts the change. Please note that long-running services that were restarted to compensate for the USN-3239-1 update may need to be restarted again. Various other issues were also addressed.
Solar-Log CSRF / Information Disclosure / DoS / File Upload
Solare Datensysteme GmbH Solar-Log versions 250, 300, 500, 800e, 1000, 1000 PM+, 1200, and 2000 suffer from cross site request forgery, cross site scripting, file upload, information disclosure, and denial of service vulnerabilities.