Document Title:===============Microsoft Skype v7.2, v7.35 & v7.36 - Stack Buffer Overflow VulnerabilityReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=2071MSRC ID: 38778 TRK ID: 0461000724Vulnerability Magazine: https://www.vulnerability-db.com/?q=articles/2017/05/28/stack-buffer-overflow-zero-day-vulnerabilit

Document Title:===============PayPal Inc BB #149 - (Gift) Insufficient Authentication VulnerabilityReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=1973ID EIBBP-34368Release Date:=============2017-06-21Vulnerability Laboratory ID (VL-ID):====================================1973Common Vulnerability Scoring System:==

Code for the open-source SigPloit framework has been published on GitHub by security researcher Loay Abdelrazek. SigPloit is a convenient framework for testing for vulnerabilities in telecommunication protocols. We cannot say state that this project will have a big effect on the security situation, but this is definitely one of the alarm bells that should be

Yes, such efforts matter. But depending on them can give a false sense of security. IT security has depended on vulnerability and patch management for decades, and conventional wisdom says these programs should be replicated to make industrial networks more secure. We only partially agree.Vulnerability and patch management programs have only modestly improve

Stack Clash is a local privilege escalation flaw in Linux, BSD, Solaris and other open source systems that allows an attacker to execute code as root. Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code as root. Stack Clash is a local privi

Document Title:===============Evolution Script CMS v5.3 - Cross Site Scripting VulnerabilityReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=2075Release Date:=============2017-06-07Vulnerability Laboratory ID (VL-ID):====================================2075Common Vulnerability Scoring System:=======================

Document Title:===============Composr CMS v10.0.0 - Cross Site Scripting VulnerabilityReferences (Source):====================https://www.vulnerability-lab.com/get_content.php?id=2066Release Date:=============2017-06-08Vulnerability Laboratory ID (VL-ID):====================================2066Common Vulnerability Scoring System:=============================

DefenseCode ThunderScan SAST Advisory WordPress No External Links Plugin Security VulnerabilityAdvisory ID: DC-2017-01-022Advisory Title: WordPress No External Links Plugin Security VulnerabilityAdvisory URL: http://www.defensecode.com/advisories.phpSoftware: WordPress No External Links PluginLanguage: PHPV

Faraday is the Integrated Multiuser Risk Environment you were lookingfor! It maps and leverages all the knowledge you generate in realtime, letting you track and understand your audits. Our dashboard forCISOs and managers uncovers the impact and risk being assessed by theaudit in real-time without the need for a single email. Developed witha specialized set

Multiple Local Privilege Escalation Vulnerabilities in Acunetix Web Vulnerability Scanner 11Metadata===============================================================================Release Date: 28-May-2017Author: Florian Bogner @ https://bogner.shAffected product: Acunetix Web Vulnerability Scanner 11 (https://www.acunetix.com/)Issue verified on: Windows 7Vul

Viber has fixed a vulnerability in the company's Windows client found by a group of security experts, which included a Positive Technologies researcher. This security bug enabled attackers to steal data needed for user authentication in Windows. Users urged to update to Viber version 6.7.2"In essence, when a link resembling http://host/img.jpg is sent during

A seven-year-old remote code execution vulnerability, tracked as CVE-2017-7494, affects all versions of the Samba software since 3.5.0. A seven-year-old remote code execution vulnerability affects all versions of the Samba software since 3.5.0. The flaw has been patched by the development team of the project. An attacker can exploit the CVE-2017-7494 RCE to

Two weeks into the WannaCry aftermath, response teams are getting back to normal, organizations are re-evaluating their infrastructures, and even the bitcoin payments the fraudsters were collecting have almost stopped trickling in. It’s time now to look into the data to find clues about what made WannaCry spread so rapidly and with such a wide scope.

DefenseCode ThunderScan SAST Advisory WordPress All In One Schema.org Rich Snippets Plugin Security VulnerabilityAdvisory ID: DC-2017-01-002Advisory Title: WordPress All In One Schema.org Rich Snippets Plugin Security VulnerabilityAdvisory URL: http://www.defensecode.com/advisories.phpSoftware:

DefenseCode ThunderScan SAST Advisory WordPress Huge-IT Video Gallery Plugin Security VulnerabilityAdvisory ID: DC-2017-01-009Advisory Title: WordPress Huge-IT Video Gallery plugin SQL injection vulnerabilityAdvisory URL: http://www.defensecode.com/advisories.phpSoftware: WordPress Huge-IT Video Gallery