Search Results

Four new vulnerabilities in the Cisco products Four Cisco security products are vulnerable to the DDoS and XSS attacks. Four new vulnerabilities have been found in the Cisco products. Affected Products: Nexus 9000 Series Switches (CVE-2015-0686 DDoS vulnerability) Catalyst 4500 Series (CVE-2015-0687 DDoS vulnerability) Aggregation Services Routers (CVE-2015-0688 DDoS vulnerability) Wireless LAN Controller (CVE-2015-0690 XSS […]

Three new vulnerabilities have been found in the Linux Kernel CVE-2014-3673, CVE-2014-3687, and CVE-2014-3688. These vulnerabilities allows a remote user to cause a denial of service (Kernel panic). Denial of service in the Linux Kernel Danger level: Middle The presence of fixes: Yes The number of vulnerabilities: 3

The researchers emphasize that the gaps in the free app puts at risk the safety of hundreds of thousands of web resources. According to the Walter Hop’s notification, a security researcher and founder of Netherlands-based Web development company Slik, he was able to find a number of vulnerabilities in popular free application InfiniteWP Admin Panel, […]

Dangerous vulnerability in the popular (around 850,000 downloads) WordPress Download Manager plugin. The vulnerability was discovered and disclosed last week. Exploitation of this vulnerability allows an attacker to take remotely control of the target web-site through the introduction of backdoors and modify user passwords. Specialists of the company Sucuri found dangerous vulnerability in the WordPress […]

Privilege escalation and potential Object Injection vulnerability. The vulnerability allows a remote user to cause a denial of service and data manipulation. Danger level: average The presence of fixes: Yes The number of vulnerabilities: 1 CVSSv2 rating: (AV: N / AC: L / Au: N / C: N / I: P / A: P / […]

New multiple vulnerabilities have been discovered in WordPress Content Management System which allows a remote user to take control of the affected system. Danger level: Medium Availability of fixes: Yes Number of vulnerabilities: 4 CVE ID: No Information Vector of operation: Remote Impact: Cross-site scripting, Denial of service, Security Bypass

Multiple Vulnerabilities in Apple OS X, Apple iOS, and Apple TV Danger level: High Availability fixes: Yes Number of vulnerabilities: 7 CVE ID: CVE-2014-4451, CVE-2014-4452, CVE-2014-4453, CVE-2014-4458, CVE-2014-4459, CVE-2014-4462, CVE-2014-4463 Vector of operation: Remote Impact: Disclosure of sensitive data, Security Bypass, system compromise Affected Products: Apple Macintosh OS X, Apple iOS 8.x, Apple TV 7.x […]

Buffer Overflow vulnerability in Info-Zip utility A local user can elevate their privileges on the target system. Danger level: Low Availability fixes: Yes Number of vulnerabilities: 1 CVSSv2 Rating: (AV: L / AC: M / Au: N / C: C / I: C / A: C / E: U / RL: O / RC: C) […]

Multiple vulnerabilities in Cerberus FTP Server There are three vulnerabilities (Denial of service and Security Bypass) fixed in the Windows-based FTP Server (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568). Danger level: Middle Availability fixes: Yes Number of vulnerabilities: 3 CVSSv2 Rating: (AV: N / AC: L / Au: N / C: N / I: N / A: C / […]

Of special interest this half year: the increasing use of exploit-based attacks targeted against the Java development platform. Four of five most frequently exploited vulnerabilities are present in Java. Java was the most targeted development platform for exploit attacks during the first half of the year. Finnish antivirus developer F-Secure has published a report on […]