Cyber Intelligence Report News Feeds

News: Information Warfare



      News: HIPPA

      News: SCADA

      News: Cyber Laws & Legislation

      News: Computer Forensics

      Exploits

      CVE Advisories
      • CVE-2015-2790.
      • 2015-03-30
        Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted (1) Ubyte Size in a DataSubBlock structure or (2) LZWMinimumCodeSize in a GIF image. (CVSS:4.3) (Last Update:2016-12-02)
      • CVE-2015-2789.
      • 2015-03-30
        Unquoted Windows search path vulnerability in the Foxit Cloud Safe Update Service in the Cloud plugin in Foxit Reader 6.1 through 7.0.6.1126 allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. (CVSS:4.4) (Last Update:2016-12-02)
      • CVE-2015-2701.
      • 2015-03-25
        Cross-site request forgery (CSRF) vulnerability in CS-Cart 4.2.4 allows remote attackers to hijack the authentication of users for requests that change a user password via a request to profiles-update/. (CVSS:6.8) (Last Update:2016-12-02)
      • CVE-2015-2680.
      • 2015-03-23
        Cross-site request forgery (CSRF) vulnerability in MetalGenix GeniXCMS before 0.0.2 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a request in the users page to gxadmin/index.php. (CVSS:6.8) (Last Update:2016-12-02)
      • CVE-2015-2679.
      • 2015-03-23
        Multiple SQL injection vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to execute arbitrary SQL commands via the (1) page parameter to index.php or (2) username parameter to gxadmin/login.php. (CVSS:7.5) (Last Update:2016-12-02)
      • CVE-2015-2678.
      • 2015-03-23
        Multiple cross-site scripting (XSS) vulnerabilities in MetalGenix GeniXCMS before 0.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter in the categories page to gxadmin/index.php or (2) page parameter to index.php. (CVSS:4.3) (Last Update:2016-12-02)
      • CVE-2015-2564.
      • 2015-03-20
        SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php. (CVSS:6.5) (Last Update:2015-03-23)
      • CVE-2015-2275.
      • 2015-03-12
        Cross-site scripting (XSS) vulnerability in WoltLab Community Gallery 2.0 before 2014-12-26 allows remote attackers to inject arbitrary web script or HTML via the parameters[data][7][title] parameter in a saveImageData action to index.php/AJAXProxy. (CVSS:4.3) (Last Update:2016-12-02)
      • CVE-2015-2218.
      • 2015-03-05
        Multiple cross-site scripting (XSS) vulnerabilities in the wp_ajax_save_item function in wonderpluginaudio.php in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) item[name] or (2) item[customcss] parameter in a wonderplugin_audio_save_item action to wp-admin/admin-ajax.php or the itemid parameter in the (3) wonderplugin_audio_show_item or (4) wonderplugin_audio_edit_item page to wp-admin/admin.php. (CVSS:4.3) (Last Update:2016-12-02)
      • CVE-2015-2216.
      • 2015-03-05
        SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prod_id parameter. (CVSS:7.5) (Last Update:2016-12-02)
      • CVE-2015-2208.
      • 2015-03-12
        The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter. (CVSS:7.5) (Last Update:2015-03-12)
      • CVE-2015-2199.
      • 2015-03-03
        Multiple SQL injection vulnerabilities in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow (1) remote authenticated users to execute arbitrary SQL commands via the item[id] parameter in a wonderplugin_audio_save_item action to wp-admin/admin-ajax.php or remote administrators to execute arbitrary SQL commands via the itemid parameter in the (2) wonderplugin_audio_show_item, (3) wonderplugin_audio_show_items, or (4) wonderplugin_audio_edit_item page to wp-admin/admin.php. (CVSS:6.5) (Last Update:2015-03-04)
      • CVE-2015-2198.
      • 2015-03-03
        Multiple cross-site scripting (XSS) vulnerabilities in edit_prefs.php in Beehive Forum 1.4.4 allow remote attackers to inject arbitrary web script or HTML via the (1) homepage_url, (2) pic_url, or (3) avatar_url parameter, which are not properly handled in an error message. (CVSS:4.3) (Last Update:2015-03-04)
      • CVE-2015-2196.
      • 2015-03-03
        SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php. (CVSS:7.5) (Last Update:2015-03-04)
      • CVE-2015-2184.
      • 2015-03-10
        ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to admin/, which calls the phpinfo function. (CVSS:5.0) (Last Update:2015-03-11)


      Advisories
      • WebKitGTK+ Code Execution / DoS / UXSS.
      • Sat, 27 May 2017 15:24:08 GMT
        WebKitGTK+ suffers from code execution, denial of service, memory corruption, and various other vulnerabilities.
      • Microsoft Security Bulletin CVE Update For May, 2017.
      • Sat, 27 May 2017 13:22:22 GMT
        This bulletin summary lists multiple CVE additions for the May, 2017 security bulletin release.
      • Veritas Backup Exec Remote Agent For Windows Use-After-Free.
      • Sat, 27 May 2017 03:01:47 GMT
        Veritas Backup Exec Remote Agent for Windows suffers from a use-after-free vulnerability. All versions before Backup Exec 16 FP1, Backup Exec 15 14.2.1180.3160, and Backup Exec 2014 14.1.1187.1126 are affected.
      • Ubuntu Security Notice USN-3300-1.
      • Sat, 27 May 2017 02:58:00 GMT
        Ubuntu Security Notice 3300-1 - Ryan Beisner discovered juju did not set permissions on a Unix domain socket. A local attacker could use this flaw to gain administrative privileges.
      • HP Security Bulletin HPESBHF03730 1.
      • Sat, 27 May 2017 02:57:51 GMT
        HP Security Bulletin HPESBHF03730 1 - Potential security vulnerabilities have been identified in HPE Aruba ClearPass Policy Manager. The vulnerabilities could be remotely exploited to allow access restriction bypass, arbitrary command execution, cross site scripting (XSS), escalation of privilege and disclosure of information. Revision 1 of this advisory.
      • HP Security Bulletin HPESBHF03754 1.
      • Sat, 27 May 2017 02:57:43 GMT
        HP Security Bulletin HPESBHF03754 1 - A potential security vulnerability has been identified in HPE ML10 Gen 9 Server using Intel Xeon E3-1200 v5 Processor. The vulnerability could be remotely exploited to allow access restriction bypass. **Note:** On May 1st, 2017, Intel disclosed a new vulnerability with their Intel Manageability Firmware which is utilized on some systems containing Intel processors. This vulnerability allows an unprivileged network or local attacker to gain control of the remote manageability features of Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT) platforms. Do not attempt to upgrade the ME FW without following the instructions detailed in the Resolution section. Refer to the "Platform Specific Information" section in the Resolution for more specific information on upgrades for specific ProLiant servers. Revision 1 of this advisory.
      • Red Hat Security Advisory 2017-1285-01.
      • Fri, 26 May 2017 13:25:46 GMT
        Red Hat Security Advisory 2017-1285-01 - collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files. Because the daemon does not start up each time it updates files, it has a low system footprint. The following packages have been upgraded to a newer upstream version: collectd. Security Fix: collectd contains an infinite loop due to how the parse_packet() and parse_part_sign_sha256() functions interact. If an instance of collectd is configured with "SecurityLevel None" and with empty "AuthFile" options an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of service.
      • Ubuntu Security Notice USN-3298-2.
      • Fri, 26 May 2017 13:25:39 GMT
        Ubuntu Security Notice 3298-2 - USN-3298-1 fixed a vulnerability in MiniUPnP. This update provides the corresponding update for Ubuntu 17.04. It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library. Various other issues were also addressed.
      • Ubuntu Security Notice USN-3296-1.
      • Fri, 26 May 2017 13:25:32 GMT
        Ubuntu Security Notice 3296-1 - It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code.
      • HP Security Bulletin HPESBHF03750 1.
      • Fri, 26 May 2017 13:25:15 GMT
        HP Security Bulletin HPESBHF03750 1 - Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5, Comware 7 and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or unauthorized modification, or locally exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.
      • Gentoo Linux Security Advisory 201705-14.
      • Fri, 26 May 2017 13:24:24 GMT
        Gentoo Linux Security Advisory 201705-14 - A vulnerability in Smb4K could allow local attackers to execute commands as root. Versions less than 1.2.3-r1=E2=80=88 are affected.
      • Gentoo Linux Security Advisory 201705-13.
      • Fri, 26 May 2017 13:24:18 GMT
        Gentoo Linux Security Advisory 201705-13 - Teeworlds client vulnerability in snap handling could result in execution of arbitrary code. Versions less than 0.6.4 are affected.
      • Gentoo Linux Security Advisory 201705-12.
      • Fri, 26 May 2017 13:24:01 GMT
        Gentoo Linux Security Advisory 201705-12 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 25.0.0.171 are affected.
      • Ubuntu Security Notice USN-3297-1.
      • Fri, 26 May 2017 13:23:53 GMT
        Ubuntu Security Notice 3297-1 - Bingchang Liu discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. It was discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly disclose sensitive information. Various other issues were also addressed.
      • Debian Security Advisory 3863-1.
      • Fri, 26 May 2017 13:23:40 GMT
        Debian Linux Security Advisory 3863-1 - handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed RLE, ART, JNG, DDS, BMP, ICO, EPT, SUN, MTV, PICT, XWD, PCD, SFW, MAT, EXR, DCM, MNG, PCX or SVG files are processed.


      Published Website Defacements

      Ethical Hacker job postings

      - ...

      Contact us for more information