Posts for category: Vulnerabilities Weekly Summaries

Vulnerabilities Weekly Summary Ending March 18

VMware reported that a vulnerability, CVE-2016-2075 in their vRealize Automation and vRealize Business Advanced products may allow for a Cross-Site Scripting (XSS) attack which could lead to a ...

Vulnerabilities Weekly Summary Ending March 11

A vulnerability that affects the Android operating system was discovered, CVE-2016-0819 ("Vulnerability Summary....", March 12 2016). The issue is with the Qualcomm Snapdragon chips on the devices ...

Vulnerabilities Weekly Summary Ending March 4

A security research team has found a new type of attack on SSL, dubbed "DROWN".  It allows an attacker to decrypt intercepted TLS connections by making specially crafted connections to an SSLv2 ...

Vulnerabilities Weekly Summary Ending February 26

The Bastille Threat Research team reported a vulnerability, called MouseJack, which affects wireless mouse and keyboards of various vendors that use a proprietary wireless protocol on the 2.4 GHz ...

Vulnerabilities Weekly Summary Ending February 19

During the week of February 14 - 20th, it was discovered that glibc is vulnerable to stack buffer overflow in DNS resolver.  The bug in glibc was actually discovered last year, CVE-2015-7547, but it ...

Vulnerabilities Weekly Summary Ending February 12

Microsoft released their security bulletin for February.  Everything from Windows local privilege-escalation exploits to Office remote memory-corruption vulnerability to SharePoint Cross Site ...