Смотрите также связанные темы
09.01.2018 CVE-2013-0001
The Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 4, and 4.5 does not properly initialize memory arrays, which allows remote attackers to obtain sensitive information via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages a pointer to an unmanaged memory location, aka "System Drawing Information Disclosure Vulnerability."
09.01.2018 CVE-2015-7115
libxml2 in Apple iOS before 9.2, OS X before 10.11.2, and tvOS before 9.1 allows remote attackers to obtain sensitive information or cause a denial of service (memory corruption) via a crafted XML document, a different vulnerability than CVE-2015-7116.
14.08.2018 CVE-2008-3675
Directory traversal vulnerability in classes/imgsize.php in Gelato 0.95 allows remote attackers to read arbitrary files via (1) a .. (dot dot) and possibly (2) full pathname in the img parameter. NOTE: some of these details are obtained from third party information.
05.09.2018 Achieving Enterprise Compliance Validation with SCAP
McAfee achieved a milestone last week when Policy Auditor received its Secure Content Automation Protocol (SCAP) Certification as a Federal Desktop Core Configuration (FDCC) Scanner, an Authenticated Configuration Scanner and an Authenticated Vulnerability and Patch Scanner.
What is SCAP and why was achieving a NIST SCAP certification a milestone? First the NIST Security Content Automation Protocol [...]
07.10.2018 CVE-2008-4489
Directory traversal vulnerability in ap-save.php in Atarone CMS 1.2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the theme_chosen parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
20.10.2018 CVE-2008-4635
Unspecified vulnerability in Hisanaga Electric Co, Ltd. hisa_cart 1.29 and earlier, a module for XOOPS, allows remote attackers to obtain sensitive user information via unknown vectors.
24.10.2018 Corporate News: Kaspersky Lab strongly recommends installing new Windows update
Kaspersky Lab, a leading developer of secure content management solutions, is notifying computer users about the need to install the Windows operating system update MS08-067 (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx). The vulnerability that this new update patches is a...
27.10.2018 CVE-2008-4766
SQL injection vulnerability in member.php in Oxygen Bulletin Board 1.1.3 allows remote attackers to execute arbitrary SQL commands via the member parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
05.11.2018 Companies Spend $250M on Microsoft Vulnerability…Unless They’re with McAfee
As most of you now know, on 10/23, Microsoft announced a critical out-of-cycle patch (MS08-067) to fix a flaw being exploited by hackers. The vulnerability affects all major versions of Microsoft Windows. In just a matter of moments, attackers can gain total remote control of a system and install malware, keyloggers, and Trojans. A successful [...]
27.01.2018 Google Yourself (and Your Kids)!
Google Yourself (and Your Kids)!
No, I haven’t changed my policy on using inappropriate language. Google is the search engine and information gathering phenomenon that collects bits and pieces of information available online. Kids have dubbed searching for yourself or others you have met, or want to meet, online as “Googling” someone. (You can just as [...]
|
