Vulnerabilities (Page 232)

United Airlines Slow to Patch Mobile App Vulnerability

On: November 25, 2015

A vulnerability reported to United Airlines that could have been exploited to manipulate flight reservations and customer data sat unpatched for almost six months before it was fixed 10 daysRead More →

VMware Patches Pesky XXE Bug in Flex BlazeDS

On: November 21, 2015

In: Vulnerabilities

VMware has patched an information disclosure vulnerability affecting a number of its products that use Flex BlazeDS. The original vulnerability was discovered and disclosed in August by Matthias Kaiser ofRead More →

LinkedIn patches serious persistent XSS vulnerability

On: November 20, 2015

In: Vulnerabilities

Developers at LinkedIn fixed a persistent cross site scripting vulnerability in the social network this week that could have been exploited to spread a worm on the service’s help forums.Read More →

Canonical Patches Nvidia Graphics Drivers Vulnerability in All Supported Ubuntu OSes

On: November 19, 2015

In: Vulnerabilities

In a new Ubuntu Security Notice (USN-2814-1), Canonical announced that they have patched a security vulnerability in the Nvidia proprietary graphics drivers for all supported Ubuntu Linux operating systems. AccordingRead More →

XSS in Hidden Input Fields

On: November 17, 2015

In: Vulnerabilities

At PortSwigger, we regularly run pre-release builds of Burp Suite against an internal testbed of popular web applications to make sure it’s behaving properly. Whilst doing this recently,Liam found aRead More →

RCE Vulnerability Fully Compromises Deutsche Telekom Server

On: November 16, 2015

In: Vulnerabilities

Attackers could have had full control over DT’s Web server. Independent Egyptian security researcher Ebrahim Hegazy has found another vulnerability, and this one affected the Web servers of Deutsche Telekom, Germany’sRead More →

PNG pongs: critical bug patched in ubiquitous libpng

On: November 16, 2015

In: Vulnerabilities

Crafted image crashes apps, server processes. This will not be fun: the graphics processing library libpng has a vulnerability and needs to be patched. The problem for that is thatRead More →

Oil and Gas Companies Indirectly Put at Risk by Vulnerabilities in ERP Systems

On: November 13, 2015

In: Vulnerabilities

Vulnerabilities in SAP and Oracle products expose companies to crippling attacks, oil market fraud or equipment sabotage. A talk delivered at the Black Hat Europe 2015 security conference in Amsterdam showsRead More →

Chrome for Android Has a Hidden Vulnerability, Quite Simple to Exploit

On: November 13, 2015

In: Vulnerabilities

Google’s Chrome staff got in contact with the security researcher and has already started working on a fix A Chinese security researcher has found a security vulnerability in Google’s ChromeRead More →

SAP Patches 12 SQL Injection, XSS Vulnerabilities in HANA

SAP Security Patch for November 2015 Released

On: November 12, 2015

In: Data Security, Vulnerabilities

This post by SAP Product Security Response Team shares information on Patch Day Security Notes* that are released on second Tuesday of every month and fix vulnerabilities discovered in SAPRead More →

Vulnerabilities (Page 232)

United Airlines Slow to Patch Mobile App Vulnerability

VMware Patches Pesky XXE Bug in Flex BlazeDS

LinkedIn patches serious persistent XSS vulnerability

Canonical Patches Nvidia Graphics Drivers Vulnerability in All Supported Ubuntu OSes

XSS in Hidden Input Fields

RCE Vulnerability Fully Compromises Deutsche Telekom Server

PNG pongs: critical bug patched in ubiquitous libpng

Oil and Gas Companies Indirectly Put at Risk by Vulnerabilities in ERP Systems

Chrome for Android Has a Hidden Vulnerability, Quite Simple to Exploit

SAP Security Patch for November 2015 Released

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

Massive NVIDIA GPU Exploit Found. How Hackers Can Take Down 35% of AI Systems in Cloud!

Blast-RADIUS Attack Exploting Critical RADIUS Flaw Could Compromise Your Network

14 Million Servers Vulnerable to Critical OpenSSH Bug: Become Remote Admin with CVE-2024-6387

How Safe is Your TinyProxy? Step-by-Step Guide to Exploiting Tinyproxy’s Zero Day Vulnerability

Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hacking Pagers to Explosions: Israel’s Covert Cyber-Physical Sabotage Operation Against Hezbollah!

Five Techniques for Bypassing Microsoft SmartScreen and Smart App Control (SAC) to Run Malware in Windows

How Millions of Phishing Emails were Sent from Trusted Domains: EchoSpoofing Explained

How to implement Principle of Least Privilege(Cloud Security) in AWS, Azure, and GCP cloud

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

Web-Based PLC Malware: A New Technique to Hack Industrial Control Systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Eternal Malware: CVE-2024-3400 Rootkits Persist Through Palo Alto Firewalls Updates and Resets

Major Python Infrastructure Breach – Over 170K Users Compromised. How Safe Is Your Code?

How to exploit Windows Defender Antivirus to infect a device with malware

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]