Vulnerabilities Weekly Summary Ending April 1
Apple reported three vulnerabilities with their Quicktime application running on OS X. CVE-2016-1767 and CVE-2016-1768 vulnerabilities allows remote attackers to execute arbitrary code or cause a ...
Posts for category: Vulnerabilities Weekly Summaries
Vulnerabilities Weekly Summary Ending March 18
VMware reported that a vulnerability, CVE-2016-2075 in their vRealize Automation and vRealize Business Advanced products may allow for a Cross-Site Scripting (XSS) attack which could lead to a ...
Vulnerabilities Weekly Summary Ending March 11
A vulnerability that affects the Android operating system was discovered, CVE-2016-0819 ("Vulnerability Summary....", March 12 2016). The issue is with the Qualcomm Snapdragon chips on the devices ...
Vulnerabilities Weekly Summary Ending March 4
A security research team has found a new type of attack on SSL, dubbed "DROWN". It allows an attacker to decrypt intercepted TLS connections by making specially crafted connections to an SSLv2 ...
Vulnerabilities Weekly Summary Ending February 26
The Bastille Threat Research team reported a vulnerability, called MouseJack, which affects wireless mouse and keyboards of various vendors that use a proprietary wireless protocol on the 2.4 GHz ...
Vulnerabilities Weekly Summary Ending February 19
During the week of February 14 - 20th, it was discovered that glibc is vulnerable to stack buffer overflow in DNS resolver. The bug in glibc was actually discovered last year, CVE-2015-7547, but it ...
Vulnerabilities Weekly Summary Ending February 12
Microsoft released their security bulletin for February. Everything from Windows local privilege-escalation exploits to Office remote memory-corruption vulnerability to SharePoint Cross Site ...