Aggregator

A vulnerability classified as critical has been found in Oracle OpenSolaris Snv 134. Affected is an unknown function. The manipulation leads to Local Privilege Escalation. This vulnerability is traded as CVE-2010-0882. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in Oracle Secure Backup 10.3.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper authentication. This vulnerability is known as CVE-2010-0904. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Oracle OpenSolaris Snv 01/Snv 98. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. This vulnerability is traded as CVE-2010-0890. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in LimeWire 4.1.2/4.5.6 and classified as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2005-0788. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber attacks, monitor and detect suspicious activities across your network. Am I Isolated: Open-source container security benchmark Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. Argus: Open-source information gathering toolkit Argus is an open-source toolkit that simplifies information gathering and reconnaissance. It features a user-friendly … More →

The post Don’t let these open-source cybersecurity tools slip under your radar appeared first on Help Net Security.

In this episode, we discuss the latest issues with data brokers, focusing on a breach at Gravy Analytics that leaked 30 million location data points online. We also explore a vulnerability in Subaru’s Starlink system that allows unrestricted access to vehicle controls and customer data using just a last name and license plate number. Co-host […]

The post Gravy Analytics Breach, Subaru Starlink Vulnerability Exposed appeared first on Shared Security Podcast.

The post Gravy Analytics Breach, Subaru Starlink Vulnerability Exposed appeared first on Security Boulevard.

In this episode, we discuss t

A vulnerability classified as problematic was found in Google Chrome up to 2.0.172.32. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2010-0650. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Internet Key Exchange. It has been classified as critical. This affects an unknown part. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2018-5389. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Oracle M3000, M4000, M5000, M8000 and M9000 and classified as problematic. This issue affects some unknown processing of the component XCP Firmware. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2016-7431. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in ntpd up to 4.2.8p8. This issue affects some unknown processing of the component Origin Timestamp Protection. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2016-7431. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Oracle M10-1, M10-4, M10-4S, M12-1, M12-2 and M12-2S and classified as problematic. This vulnerability affects unknown code of the component XCP Firmware. The manipulation leads to improper input validation. This vulnerability was named CVE-2016-7431. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Adobe Flash Player up to 25.0.0.127 and classified as critical. This vulnerability affects unknown code of the component SWF Parser. The manipulation leads to memory corruption. This vulnerability was named CVE-2017-3061. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

The APT group designated Mustang Panda has targeted governments around the world, including the U.S., Mongolia, Myanmar, Hong Kong, Japan, and Thailand.

A vulnerability classified as problematic was found in JBOSS up to 4.0.2. Affected by this vulnerability is an unknown functionality of the component Installation. The manipulation leads to information disclosure. This vulnerability is known as CVE-2005-2006. The attack can be launched remotely. Furthermore, there is an exploit available.

This week on the Lock and Code podcast…It’s Data Privacy Week right