Tag Archives: vulnerabilities

Vulnerability Update, February 17, 2015

The Vulnerability Update from Secunia Total number of new vulnerabilities in the Top 20* over the 3 month period: 1,357 Vendor with most vulnerable products in the 3 month period: IBM Product with the most vulnerabilities: X.Org XServer And 2015

Adobe critical zero day vulnerability to patch

flash player

Adobe has released over this week security updates to fix critical vulnerabilities in Adobe Flash. The patches are going to address 18 vulnerabilities 15 of them allows remote code execution. CVE 2015-0313 is actively used by attackers to compromise systems

Researchers released a script to decrypt and extract LastPass Master Password

master password

On DefCamp 2014 conference in Romania security researcher Alex Balan demonstrated a new way that allows attacker to grab master password on LastPass system which integrate itself in browser, mobile app or webapp. this technology gives user to have a

OpenSSL Released a fix to four vulnerabilities

openssl

OpenSSL have an update for the encryption package, the new version comes to fix four security vulnerabilities including a high severity vulnerability that allows attacker to perform a denial of service attack on vulnerable servers.this bug can be exploited by parsing

Shellshock DHCP client exploitation

Vulnerabilities

Over this week the infosec community are busy in testing the bash shellshock vulnerability. Geoff Walton a senior security consultant for TrustedSec have posted the way to exploit the bash bug in the DHCP protocol. the DHCP is widely used in most

Bypassing Lockscreen Vulnerability on Ubuntu 14.04 Patched

On the 16th of April a vulnerability report has been issued for Ubuntu operating system that allow user to bypass lock screen interface password protection. The system can be accessed without authorization, payload or any code while all what you

NSS Labs suggests increasing the cost of zero-days

NSS Labs released a new study looking at the 0day vulnerability market. The research calculated how many exploits purchased through open iDefense Vulnerability Contributor Program (VCP) and HP TippingPoint’s Zero Day Initiative (ZDI). The 2 projects are widely known for