Security News

Vuln: JasPer 'jas_matrix_create()' Function Integer Overflow Vulnerability

Security Focus Vulnerabilities - 24 December, 2016 - 00:00
JasPer 'jas_matrix_create()' Function Integer Overflow Vulnerability

Vuln: Autodesk Design Review CVE-2015-8571 Remote Buffer Overflow Vulnerability

Security Focus Vulnerabilities - 8 December, 2016 - 00:00
Autodesk Design Review CVE-2015-8571 Remote Buffer Overflow Vulnerability

Vuln: mod_nss Module CVE-2015-5244 Security Bypass Vulnerability

Security Focus Vulnerabilities - 14 September, 2016 - 23:00
mod_nss Module CVE-2015-5244 Security Bypass Vulnerability

Bugtraq: [SYSS-2016-059] Microsoft Wireless Desktop 2000 - Insufficient Verification of Data Authenticity (CWE-345)

Security Focus Vulnerabilities - 57 min 2 sec ago
[SYSS-2016-059] Microsoft Wireless Desktop 2000 - Insufficient Verification of Data Authenticity (CWE-345)

Bugtraq: [SYSS-2016-047] Perixx PERIDUO-710W - Keystroke Injection Vulnerability

Security Focus Vulnerabilities - 57 min 2 sec ago
[SYSS-2016-047] Perixx PERIDUO-710W - Keystroke Injection Vulnerability

Bugtraq: [SYSS-2016-046] Perixx PERIDUO-710W - Missing Protection against Replay Attacks

Security Focus Vulnerabilities - 57 min 2 sec ago
[SYSS-2016-046] Perixx PERIDUO-710W - Missing Protection against Replay Attacks

Bugtraq: [SYSS-2016-044] Logitech K520 - Insufficient Protection against Replay Attacks

Security Focus Vulnerabilities - 57 min 2 sec ago
[SYSS-2016-044] Logitech K520 - Insufficient Protection against Replay Attacks

More rss feeds from SecurityFocus

Security Focus Vulnerabilities - 57 min 2 sec ago
News, Infocus, Columns, Vulnerabilities, Bugtraq ...

Re: "Nitro Zeus" whatever whatever.

Daily Dave - 1 hour 28 min ago

Posted by Ejovi Nuwere on Jul 29

This article in the New Yorker seems to align well with your explanation of cyberwar as a systemic disruption of
ideology.

http://www.newyorker.com/news/news-desk/the-real-paranoia-inducing-purpose-of-russian-hacks

Sent from my iPhone

[SYSS-2016-038] CHERRY B.UNLIMITED AES - Keystroke Injection Vulnerability

Bug Traq - 2 hours 2 min ago

Posted by matthias . deeg on Jul 29

Advisory ID: SYSS-2016-038
Product: CHERRY B.UNLIMITED AES
Manufacturer: Cherry GmbH
Affected Version(s): JD-0400EU-2/01
Tested Version(s): JD-0400EU-2/01
Vulnerability Type: Cryptographic Issues (CWE-310)
Keystroke Injection Vulnerability
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2016-05-04
Solution Date: -
Public Disclosure: 2016-07-29
CVE Reference: Not yet assigned
Authors of Advisory: Matthias Deeg...

[SYSS-2016-032] CHERRY B.UNLIMITED AES - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key)

Bug Traq - 2 hours 12 min ago

Posted by matthias . deeg on Jul 29

Advisory ID: SYSS-2016-032
Product: CHERRY B.UNLIMITED AES
Manufacturer: Cherry GmbH
Affected Version(s): JD-0400EU-2/01
Tested Version(s): JD-0400EU-2/01
Vulnerability Type: Insufficient Protection of Code (Firmware) and
Data (Cryptographic Key)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-04-22
Solution Date: -
Public Disclosure: 2016-07-29
CVE Reference: Not yet assigned
Authors of Advisory:...

Bugtraq: [S21SEC-047] Fotoware Fotoweb 8.0 Cross Site Scripting

Security Focus Vulnerabilities - 2 hours 17 min ago
[S21SEC-047] Fotoware Fotoweb 8.0 Cross Site Scripting

[SYSS-2016-031] CHERRY B.UNLIMITED AES - Missing Protection against Replay Attacks

Bug Traq - 2 hours 22 min ago

Posted by matthias . deeg on Jul 29

Advisory ID: SYSS-2016-031
Product: CHERRY B.UNLIMITED AES
Manufacturer: Cherry GmbH
Affected Version(s): JD-0400EU-2/01
Tested Version(s): JD-0400EU-2/01
Vulnerability Type: Cryptographic Issues (CWE-310)
Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-04-11
Solution Date: -
Public Disclosure: 2016-06-29
CVE Reference: Not yet assigned
Authors of Advisory:...

SAINTCON Security Conference

Daily Dave - 2 hours 31 min ago

Posted by Troy Jessup on Jul 29

SAINTCON 2016

SAINTCON is the Intermountain-West premiere Cybersecurity conference held in Provo, Utah. This conference is
dedicated to all things security and focuses on security discussions and trainings. If you live or work in the west,
this is your security con!

https://www.saintcon.org

[SYSS-2016-059] Microsoft Wireless Desktop 2000 - Insufficient Verification of Data Authenticity (CWE-345)

Bug Traq - 2 hours 32 min ago

Posted by matthias . deeg on Jul 29

Advisory ID: SYSS-2016-059
Product: Microsoft Wireless Desktop 2000
Manufacturer: Microsoft
Affected Version(s): Ver. A
Tested Version(s): Ver. A
Vulnerability Type: Insufficient Verification of Data Authenticity (CWE-345)
Mouse Spoofing Attack
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-06-28
Solution Date: -
Public Disclosure: 2016-07-29
CVE Reference: Not yet assigned
Authors of Advisory:...

[SYSS-2016-044] Logitech K520 - Insufficient Protection against Replay Attacks

Bug Traq - 2 hours 42 min ago

Posted by matthias . deeg on Jul 29

Advisory ID: SYSS-2016-044
Product: K520 (Keyboard of Wireless Combo MK520)
Manufacturer: Logitech
Affected Version(s): Model Y-R0012
Tested Version(s): Model Y-R0012
Vulnerability Type: Cryptographic Issues (CWE-310)
Insufficient Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-05-20
Solution Date: -
Public Disclosure: 2016-07-29
CVE Reference: Not yet assigned
Authors...

[SYSS-2016-045] Perixx PERIDUO-710W - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key)

Bug Traq - 2 hours 53 min ago

Posted by matthias . deeg on Jul 29

Advisory ID: SYSS-2016-045
Product: PERIDUO-710W
Manufacturer: Perixx Computer GmbH
Affected Version(s): Part No. KG-1027
Tested Version(s): Part No. KG-1027
Vulnerability Type: Insufficient Protection of Code (Firmware) and
Data (Cryptographic Key)
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-05-27
Solution Date: -
Public Disclosure: 2016-07-29
CVE Reference: Not yet assigned
Authors of Advisory:...

[SYSS-2016-047] Perixx PERIDUO-710W - Keystroke Injection Vulnerability

Bug Traq - 3 hours 3 min ago

Posted by matthias . deeg on Jul 29

Advisory ID: SYSS-2016-047
Product: PERIDUO-710W
Manufacturer: Perixx Computer GmbH
Affected Version(s): Part No. KG-1027
Tested Version(s): Part No. KG-1027
Vulnerability Type: Cryptographic Issues (CWE-310)
Keystroke Injection Vulnerability
Risk Level: High
Solution Status: Open
Manufacturer Notification: 2016-05-27
Solution Date: -
Public Disclosure: 2016-07-29
CVE Reference: Not yet assigned
Authors of Advisory: Matthias...

[SYSS-2016-046] Perixx PERIDUO-710W - Missing Protection against Replay Attacks

Bug Traq - 3 hours 13 min ago

Posted by matthias . deeg on Jul 29

Advisory ID: SYSS-2016-046
Product: PERIDUO-710W
Manufacturer: Perixx Computer GmbH
Affected Version(s): Part No. KG-1027
Tested Version(s): Part No. KG-1027
Vulnerability Type: Cryptographic Issues (CWE-310)
Missing Protection against Replay Attacks
Risk Level: Medium
Solution Status: Open
Manufacturer Notification: 2016-05-27
Solution Date: -
Public Disclosure: 2016-07-29
CVE Reference: Not yet assigned
Authors of Advisory:...

Bugtraq: Vicon Network Cameras - Authentication Bypass

Security Focus Vulnerabilities - 3 hours 17 min ago
Vicon Network Cameras - Authentication Bypass
Syndicate content