Смотрите также связанные темы 07.08.2018 LoveCMS 1.6.2 Final Update Settings Remote Exploit Цель: LoveCMS 1.6.2 Final Воздействие: Неавторизованное изменение данных
23.08.2018 Злоумышленники скомпрометировали сервера проекта Fedora и компании Red Hat Злоумышленникам удалось скомпрометировать сервера проектов Fedora и Red Hat и распространить пользователям злонамеренные пакеты.
25.08.2018 CVE-2008-3778 The remote management interface in SIP Enablement Services (SES) Server in Avaya SIP Enablement Services 5.0, and Communication Manager (CM) 5.0 on the S8300C with SES enabled, proceeds with Core router updates even when a login is invalid, which allows remote attackers to cause a denial of service (messaging outage) or gain privileges via an update request.
24.10.2018 Corporate News: Kaspersky Lab strongly recommends installing new Windows update Kaspersky Lab, a leading developer of secure content management solutions, is notifying computer users about the need to install the Windows operating system update MS08-067 (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx). The vulnerability that this new update patches is a...
28.10.2018 Corporate News: Kaspersky Lab Recommends Microsoft Windows Users Urgently Install New Windows Update to Remain Safe Online Failure To Run The Update Or Not Being Protected With Up To Date Internet Security May Leave Users Vulnerable To Attack
Kaspersky Lab, a leading provider of Internet security software solutions that protect against viruses, Trojans, worms, spyware, crimeware, rootkits, phishing, hacker attacks...
04.12.2018 CVE-2008-2086 Sun Java Web Start and Java Plug-in for JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allow remote attackers to execute arbitrary code via a crafted jnlp file that modifies the (1) java.home, (2) java.ext.dirs, or (3) user.home System Properties, aka "Java Web Start File Inclusion."
15.01.2018 CVE-2009-0125 ** DISPUTED ** NOTE: this issue has been disputed by the upstream vendor. nasl/nasl_crypto2.c in the Nessus Attack Scripting Language library (aka libnasl) 2.2.11 does not properly check the return value from the OpenSSL DSA_do_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077. NOTE: the upstream vendor has disputed this issue, stating "while we do misuse this function (this is a bug), it has absolutely no security ramification."
25.03.2018 CVE-2009-1107 The Java Plug-in in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing JLabel HTML parsing vulnerability," aka CR 6782871.
02.04.2018 April 1 Passes Without Major Conficker Incidents As the sun sets in California I thought I should provide an update on Conficker, the Windows computer worm that some predicted could wreak havoc on the Internet today.
Leading up to April 1st there has been a lot of speculation about a mass activation of the Conficker worm. Researchers at McAfee Avert Labs have [...]
19.06.2018 CVE-2012-0950 The Apport hook (DistUpgradeApport.py) in Update Manager, as used by Ubuntu 12.04 LTS, 11.10, and 11.04, uploads the /var/log/dist-upgrade directory when reporting bugs to Launchpad, which allows remote attackers to read repository credentials by viewing a public bug report. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0949.
|