HackDig : Dig high-quality web security articles for hacker

Microsoft Skype v7.2, v7.35 & v7.36 - Stack Buffer Overflow Vulnerability

Document Title:===============Microsoft Skype v7.2, v7.35 & v7.36 - Stack Buffer Overflow VulnerabilityReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=2071MSRC ID: 38778 TRK ID: 0461000724Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2017/05/28/stack-buffer-overflow-zero-day-vulnerabilit
Publish At:2017-06-26 09:00 | Read:105 | Comments:0 | Tags: Vulnerability

PayPal Inc BB #149 - (Gift) Insufficient Authentication Vulnerability

Document Title:===============PayPal Inc BB #149 - (Gift) Insufficient Authentication VulnerabilityReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=1973ID EIBBP-34368Release Date:=============2017-06-21Vulnerability Laboratory ID (VL-ID):====================================1973Common Vulnerability Scoring System:==
Publish At:2017-06-22 12:55 | Read:109 | Comments:0 | Tags: Vulnerability

SigPloit framework published: telecom vulnerability testing of SS7, GTP, Diameter, and SIP made easy

Code for the open-source SigPloit framework has been published on GitHub by security researcher Loay Abdelrazek. SigPloit is a convenient framework for testing for vulnerabilities in telecommunication protocols. We cannot say state that this project will have a big effect on the security situation, but this is definitely one of the alarm bells that should be
Publish At:2017-06-21 14:05 | Read:178 | Comments:0 | Tags: Vulnerability

The Folly of Vulnerability & Patch Management for ICS Networks

Yes, such efforts matter. But depending on them can give a false sense of security. IT security has depended on vulnerability and patch management for decades, and conventional wisdom says these programs should be replicated to make industrial networks more secure. We only partially agree.Vulnerability and patch management programs have only modestly improve
Publish At:2017-06-21 11:25 | Read:161 | Comments:0 | Tags: Vulnerability

Stack Clash vulnerability allows an attacker to execute code as root

Stack Clash is a local privilege escalation flaw in Linux, BSD, Solaris and other open source systems that allows an attacker to execute code as root. Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code as root. Stack Clash is a local privi
Publish At:2017-06-20 05:25 | Read:148 | Comments:0 | Tags:Breaking News Hacking BSD LINUX Solaris Stack Clash Vulnerab

Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability

Document Title:===============Evolution Script CMS v5.3 - Cross Site Scripting VulnerabilityReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=2075Release Date:=============2017-06-07Vulnerability Laboratory ID (VL-ID):====================================2075Common Vulnerability Scoring System:=======================
Publish At:2017-06-12 13:31 | Read:292 | Comments:0 | Tags: Vulnerability

Composr CMS v10.0.0 - Cross Site Scripting Vulnerability

Document Title:===============Composr CMS v10.0.0 - Cross Site Scripting VulnerabilityReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=2066Release Date:=============2017-06-08Vulnerability Laboratory ID (VL-ID):====================================2066Common Vulnerability Scoring System:=============================
Publish At:2017-06-12 13:30 | Read:250 | Comments:0 | Tags: Vulnerability

DefenseCode ThunderScan SAST Advisory: WordPress No External Links Plugin Security Vulnerability

DefenseCode ThunderScan SAST Advisory WordPress No External Links Plugin Security VulnerabilityAdvisory ID: DC-2017-01-022Advisory Title: WordPress No External Links Plugin Security VulnerabilityAdvisory URL: http://www.defensecode.com/advisories.phpSoftware: WordPress No External Links PluginLanguage: PHPV
Publish At:2017-06-02 07:10 | Read:239 | Comments:0 | Tags: Vulnerability

Faraday v2.5: Collaborative Penetration Test and Vulnerability Management Platform

Faraday is the Integrated Multiuser Risk Environment you were lookingfor! It maps and leverages all the knowledge you generate in realtime, letting you track and understand your audits. Our dashboard forCISOs and managers uncovers the impact and risk being assessed by theaudit in real-time without the need for a single email. Developed witha specialized set
Publish At:2017-05-30 05:25 | Read:286 | Comments:0 | Tags: Vulnerability

Multiple Local Privilege Escalation Vulnerabilities in Acunetix Web Vulnerability Scanner 11

Multiple Local Privilege Escalation Vulnerabilities in Acunetix Web Vulnerability Scanner 11Metadata===============================================================================Release Date: 28-May-2017Author: Florian Bogner @ https://bogner.shAffected product: Acunetix Web Vulnerability Scanner 11 (https://www.acunetix.com/)Issue verified on: Windows 7Vul
Publish At:2017-05-30 05:25 | Read:256 | Comments:0 | Tags: Vulnerability

Positive Technologies expert helps to fix vulnerability in Viber for Windows

Viber has fixed a vulnerability in the company's Windows client found by a group of security experts, which included a Positive Technologies researcher. This security bug enabled attackers to steal data needed for user authentication in Windows. Users urged to update to Viber version 6.7.2"In essence, when a link resembling http://host/img.jpg is sent during
Publish At:2017-05-26 23:20 | Read:417 | Comments:0 | Tags: Vulnerability

CVE-2017-7494 Samba vulnerability, patch your installation now!

A seven-year-old remote code execution vulnerability, tracked as CVE-2017-7494, affects all versions of the Samba software since 3.5.0. A seven-year-old remote code execution vulnerability affects all versions of the Samba software since 3.5.0. The flaw has been patched by the development team of the project. An attacker can exploit the CVE-2017-7494 RCE to
Publish At:2017-05-25 14:40 | Read:316 | Comments:0 | Tags:Breaking News Hacking CVE-2017-7494 RCE Remote Code Executio

Unwrapping the Mystery: Did a Big, Slimy Internet Worm Make Hundreds of Organizations WannaCry?

Two weeks into the WannaCry aftermath, response teams are getting back to normal, organizations are re-evaluating their infrastructures, and even the bitcoin payments the fraudsters were collecting have almost stopped trickling in. It’s time now to look into the data to find clues about what made WannaCry spread so rapidly and with such a wide scope.
Publish At:2017-05-25 13:35 | Read:298 | Comments:0 | Tags:Advanced Threats Incident Response Threat Intelligence IBM X

DefenseCode ThunderScan SAST Advisory: WordPress All In One Schema.org Rich Snippets Plugin Security Vulnerability

DefenseCode ThunderScan SAST Advisory WordPress All In One Schema.org Rich Snippets Plugin Security VulnerabilityAdvisory ID: DC-2017-01-002Advisory Title: WordPress All In One Schema.org Rich Snippets Plugin Security VulnerabilityAdvisory URL: http://www.defensecode.com/advisories.phpSoftware:
Publish At:2017-05-24 20:30 | Read:121 | Comments:0 | Tags: Vulnerability

DefenseCode ThunderScan SAST Advisory: WordPress Huge-IT Video Gallery Plugin Security Vulnerability

DefenseCode ThunderScan SAST Advisory WordPress Huge-IT Video Gallery Plugin Security VulnerabilityAdvisory ID: DC-2017-01-009Advisory Title: WordPress Huge-IT Video Gallery plugin SQL injection vulnerabilityAdvisory URL: http://www.defensecode.com/advisories.phpSoftware: WordPress Huge-IT Video Gallery
Publish At:2017-05-24 20:30 | Read:217 | Comments:0 | Tags: Vulnerability

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud