The goal of this project is to make virtual world a safer and better place without child pornography, major computer crime and RIAA.
Login As
You can log in if you are registered at one of these services:
Security Bulletins
Latest Malware Updates

Infostealer.Posteal

02/26/2015

Downloader.Busadom

02/26/2015

Trojan.Ladocosm

02/26/2015

SONAR.SuspDocRun

02/25/2015

SONAR.SuspHelpRun

02/25/2015
Security News

CVE-2017-12892

Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.

08/16/2017

CVE-2017-8248

A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.

08/16/2017

CVE-2017-8243

A buffer overflow can occur when processing a firmware image file in all Qualcomm products with Android releases from CAF using the Linux kernel.

08/16/2017

CVE-2017-7551

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.

08/16/2017

CVE-2017-7548

PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service.

08/16/2017

CVE-2017-7547

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so.

08/16/2017

CVE-2017-7546

PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password.

08/16/2017

CVE-2017-6421

In the touch controller function in all Qualcomm products in all Android releases from CAF using the Linux kernel, a variable may be controlled by the user and can lead to a buffer overflow.

08/16/2017

CVE-2017-12880

In PyJWT 1.5.0 and below the \'invalid_strings\' check in \'HMACAlgorithm.prepare_key\' does not account for all PEM encoded public keys. Specifically, the PKCS1 PEM encoded format would be allowed because it is prefaced with the string \'-----BEGIN RSA PUBLIC KEY-----\' which is not accounted for. This enables symmetric/asymmetric key confusion attacks against users using the PKCS1 PEM encoded public keys, which would allow an attacker to craft JWTs from scratch.

08/16/2017

CVE-2016-5867

In a sound driver in all Qualcomm products with Android releases from CAF using the Linux kernel, some variables are from userspace and values can be chosen that could result in stack overflow.

08/16/2017

CVE-2016-5864

In an audio driver function in all Qualcomm products with Android releases from CAF using the Linux kernel, some parameters are from userspace, and if they are set to a large value, integer overflow is possible followed by buffer overflow. In another function, a missing check for a lower bound may result in an out of bounds memory access.

08/16/2017

CVE-2016-5863

In an ioctl handler in all Qualcomm products with Android releases from CAF using the Linux kernel, several sanity checks are missing which can lead to out-of-bounds accesses.

08/16/2017

CVE-2016-5862

When a control related to codec is issued from userspace in all Qualcomm products with Android release from CAF using the Linux kernel, the type casting is done to the container structure instead of the codec\'s individual structure, resulting in a device restart after kernel crash occurs.

08/16/2017

CVE-2016-5861

In a display driver in all Qualcomm products with Android releases from CAF using the Linux kernel, a variable controlled by userspace is used to calculate offsets and sizes for copy operations, which could result in heap overflow.

08/16/2017

CVE-2016-5860

In an audio driver in all Qualcomm products with Android releases from CAF using the Linux kernel, if a function is called with a very large length, an integer overflow could occur followed by a heap buffer overflow.

08/16/2017

CVE-2016-5859

In a sound driver in all Qualcomm products in all Android releases from CAF using the Linux kernel, if a function is called with a very large length, an integer overflow could occur followed by a buffer overflow.

08/16/2017

CVE-2016-5858

In an ioctl handler in all Qualcomm products with Android releases form CAF using the Linux kernel, if a user supplies a value too large, then an out-of-bounds read occurs.

08/16/2017

CVE-2016-5855

In a driver, in all Qualcomm product with Android releases from CAF using the Linux kernel, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough.

08/16/2017

CVE-2016-5854

In a driver in all Qualcomm products with Android releases from CAF using the Linux kernel, kernel heap memory can be exposed to userspace.

08/16/2017

CVE-2017-8248

A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.

08/16/2017

Security News 1 - 20 of 108161
First | Prev. | 1 2 3 4 5 | Next | Last All
Security Advisories Database

Remote Code Execution Vulnerability in Microsoft OpenType Font Driver

A remote attacker can execute arbitrary code on the target system.

07/21/2015

SQL Injection Vulnerability in Piwigo

SQL inection vulnerability has been discovered in Piwigo.

02/05/2015

Cross-site Scripting Vulnerability in DotNetNuke

A cross-site scripting (XSS) vulnerability has been discovered in DotNetNuke.

02/05/2015

Cross-site Scripting Vulnerability in Hitachi Command Suite

A cross-site scripting vulnerability was found in Hitachi Command Suite.

02/02/2015

Denial of service vulnerability in FreeBSD SCTP RE_CONFIG Chunk Handling

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Apache Traffic Server HTTP TRACE Max-Forwards

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in MalwareBytes Anti-Exploit "mbae.sys"

An attacker can perform a denial of service attack.

01/30/2015

Denial of service vulnerability in Linux Kernel splice

An attacker can perform a denial of service attack.

01/29/2015

Denial of service vulnerability in Python Pillow Module PNG Text Chunks Decompression

An attacker can perform a denial of service attack.

01/20/2015