cure Terrorists Build Secure VoIP Over GPRS Network By packetstormsecurity.com Published On :: Tue, 01 May 2012 21:23:13 GMT Full Article headline phone voip terror
cure ScanGuard Antivirus Insecure Permissions By packetstormsecurity.com Published On :: Wed, 13 Nov 2019 17:22:05 GMT Scanguard versions through 2019-11-12 on Windows has insecure permissions for the installation directory, leading to privilege escalation via a trojan horse executable file. Full Article
cure VLC For iOS Insecure Direct Object Reference By packetstormsecurity.com Published On :: Fri, 27 Mar 2020 13:00:39 GMT VLC for iOS was vulnerable to an unauthenticated insecure direct object reference vulnerability allowing for an attacker to compromise media. This issue was patched in the March, 2020 release. Full Article
cure XMB - eXtreme Message Board 1.9.11.13 Weak Crypto / Insecure Password Storage By packetstormsecurity.com Published On :: Sat, 23 Jan 2016 13:03:33 GMT XMB - eXtreme Message Board version 1.9.11.13 suffers from weak crypto and insecure password storage vulnerabilities. Full Article
cure Data Of Nearly 700,000 Amex India Customers Exposed Via Unsecured MongoDB Server By packetstormsecurity.com Published On :: Wed, 07 Nov 2018 16:32:01 GMT Full Article headline privacy bank india cybercrime data loss fraud
cure UPLoad 7.0 Insecure Cookie Handling By packetstormsecurity.com Published On :: Tue, 16 Feb 2010 21:56:36 GMT UPLoad version 7.0 suffers from an insecure cookie handling vulnerability. Full Article
cure Newbie CMS Insecure Cookie Handling By packetstormsecurity.com Published On :: Thu, 25 Feb 2010 05:06:13 GMT Newbie CMS suffers from an insecure cookie handling vulnerability. Full Article
cure CuteNews 1.4.6 Insecure Cookie Handling By packetstormsecurity.com Published On :: Tue, 16 Mar 2010 23:26:53 GMT CuteNews version 1.4.6 suffers from an insecure cookie handling vulnerability. Full Article
cure Islamic Voice Insecure Cookie Handling By packetstormsecurity.com Published On :: Sat, 20 Mar 2010 02:20:37 GMT Islamic Voice suffers from an insecure cookie handling vulnerability. Full Article
cure Denapars Shop Script Bypass / Insecure Cookie / Shell Upload By packetstormsecurity.com Published On :: Wed, 31 Mar 2010 01:15:12 GMT Denapars Shop Script suffers from administrative bypass, shell upload, and insecure cookie handling vulnerabilities. Full Article
cure velBox 1.2 Insecure Cookie Handling By packetstormsecurity.com Published On :: Thu, 01 Apr 2010 23:22:33 GMT velBox version 1.2 suffers from an insecure cookie handling vulnerability. Full Article
cure Memorial Web Site Script Password Reset / Insecure Cookie By packetstormsecurity.com Published On :: Sat, 24 Apr 2010 02:58:12 GMT Memorial Web Site Script suffers from password reset and insecure cookie handling vulnerabilities. Full Article
cure [whem]-UPLoad 7.0 Insecure Cookie By packetstormsecurity.com Published On :: Wed, 23 Jun 2010 05:19:38 GMT [whem]-UPLoad version 7.0 suffers from an insecure cookie handling vulnerability. Full Article
cure My Book Insecure Cookie Handling By packetstormsecurity.com Published On :: Sat, 17 Jul 2010 02:15:44 GMT My Book suffers from an insecure cookie handling vulnerability. Full Article
cure AV Arcade 3 Insecure Cookie / SQL Injection By packetstormsecurity.com Published On :: Wed, 28 Jul 2010 17:44:53 GMT AV Arcade version 3 suffers from insecure cookie and SQL injection vulnerabilities. Full Article
cure Open Cart 0.6.5 Insecure Cookie By packetstormsecurity.com Published On :: Sat, 07 Aug 2010 15:46:38 GMT Open Cart version 0.6.5 suffers from an insecure cookie handling vulnerability. Full Article
cure Tornado 1.0 Insecure Cookie By packetstormsecurity.com Published On :: Tue, 17 Aug 2010 01:14:15 GMT Tornado version 1.0 suffers from an insecure cookie vulnerability. Full Article
cure Aleza Portal 1.6 Insecure Cookie By packetstormsecurity.com Published On :: Wed, 29 Sep 2010 00:32:20 GMT Aleza Portal version 1.6 suffers from an insecure cookie handling vulnerability that allows for SQL injection. Full Article
cure xWeblog 2.2 Insecure Cookie Handling By packetstormsecurity.com Published On :: Mon, 11 Oct 2010 00:50:01 GMT xWeblog version 2.2 suffers from an insecure cookie handling vulnerability. Full Article
cure PHP Hosting Directory 2.0 Insecure Cookie By packetstormsecurity.com Published On :: Mon, 11 Oct 2010 01:03:08 GMT PHP Hosting Directory version 2.0 suffers from an insecure cookie vulnerability that allows for administrative bypass. Full Article
cure WikiWebHelp 0.3.3 Insecure Cookie Handling By packetstormsecurity.com Published On :: Sun, 17 Oct 2010 22:31:47 GMT WikiWebHelp version 0.3.3 suffers from an insecure cookie handling vulnerability. Full Article
cure Babil CMS Insecure Cookie Handling By packetstormsecurity.com Published On :: Sat, 25 Dec 2010 17:52:42 GMT Babil CMS suffers from an insecure cookie handling vulnerability. Full Article
cure web.go Insecure Cookie By packetstormsecurity.com Published On :: Fri, 25 Feb 2011 17:23:34 GMT web.go suffers from an insecure cookie vulnerability. Their cookie is modeled after Tornado which had the same issue reported on in 2010. Full Article
cure PHPDirector 0.30 Insecure Cookie Handling By packetstormsecurity.com Published On :: Wed, 27 Apr 2011 17:11:11 GMT PHPDirector version 0.30 suffers from an insecure cookie handling vulnerability that allows for privilege escalation. Full Article
cure Paddelberg Topsite Script Insecure Cookie By packetstormsecurity.com Published On :: Mon, 09 Jan 2012 20:53:57 GMT Paddelberg Topsite Script version 1.2.3 suffers from an authentication bypass vulnerability due to insecure cookie handling. Full Article
cure ResourceSpace 6.4.5976 XSS / SQL Injection / Insecure Cookie Handling By packetstormsecurity.com Published On :: Thu, 11 Dec 2014 22:27:12 GMT ResourceSpace suffers from cross site scripting, html injection, insecure cookie handling, and remote SQL injection vulnerabilities. Versions 6.4.5976 and below are affected. Full Article
cure Totaljs CMS 12.0 Insecure Admin Session Cookie By packetstormsecurity.com Published On :: Tue, 03 Sep 2019 23:20:22 GMT Totaljs CMS version 12.0 mints an insecure cookie that can be used to crack the administrator password. Full Article
cure Hospitals Must Secure Vital Backend Networks Before It's Too Late By packetstormsecurity.com Published On :: Wed, 15 Apr 2020 18:06:46 GMT Full Article headline hacker privacy
cure Neowise CarbonFTP 1.4 Insecure Proprietary Password Encryption By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:18:20 GMT Neowise CarbonFTP version 1.4 suffers from an insecure proprietary password encryption implementation. Second version of this exploit that is updated to work with Python 3. Full Article
cure Linux 5.3 Insecure Root Path Handling By packetstormsecurity.com Published On :: Fri, 10 Apr 2020 22:01:02 GMT Linux versions 5.3 and above appear to have an issue where io_uring suffers from insecure handling of the root directory for path lookups. Full Article
cure Intel's Commitment To Making Its Stuff Secure Is Called Into Question By packetstormsecurity.com Published On :: Mon, 08 Oct 2018 14:48:27 GMT Full Article headline flaw intel
cure Brazil Whacks PRISM With Secure Email Plan By packetstormsecurity.com Published On :: Mon, 14 Oct 2013 15:21:08 GMT Full Article headline government privacy email usa spyware brazil nsa
cure Senate Passes King Bill To Secure Energy Grid By packetstormsecurity.com Published On :: Wed, 03 Jul 2019 15:45:57 GMT Full Article headline government usa cyberwar scada
cure Juniper Secure Access Cross Site Scripting By packetstormsecurity.com Published On :: Sat, 06 Mar 2010 15:42:52 GMT Juniper Secure Access suffers from a cross site scripting vulnerability. SA Appliances running Juniper IVE OS 6.0 or higher are affected. Full Article
cure Juniper Secure Access Cross Site Scripting By packetstormsecurity.com Published On :: Tue, 23 Jul 2013 14:44:44 GMT Juniper Secure Access software suffers from a reflective cross site scripting vulnerability. Full Article
cure Juniper Secure Access SSL VPN Privilege Escalation By packetstormsecurity.com Published On :: Sat, 22 Dec 2018 18:07:08 GMT Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 (build 9627) 4.2 Release (build 7631). This occurs because appropriate controls are not performed. Full Article
cure DevSecOps: A Secured Approach By packetstormsecurity.com Published On :: Mon, 02 Mar 2020 15:35:06 GMT Whitepaper called DevSecOps: A Secure Approach. Full Article
cure QRadar Community Edition 7.3.1.6 Insecure File Permissions By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 20:09:24 GMT QRadar Community Edition version 7.3.1.6 suffers from a local privilege escalation due to insecure file permissions with run-result-reader.sh. Full Article
cure LastPass Stores Passwords So Securely Users Cannot Access Them By packetstormsecurity.com Published On :: Tue, 21 Jan 2020 16:45:09 GMT Full Article headline denial of service password
cure Cisco AnyConnect Secure Mobility Client 4.8.01090 Privilege Escalation By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 20:36:17 GMT Cisco AnyConnect Secure Mobility Client for Windows version 4.8.01090 suffer from a privilege escalation vulnerability due to insecure handling of path names. Full Article
cure Chrome To Label FTP Sites Insecure By packetstormsecurity.com Published On :: Fri, 15 Sep 2017 14:44:47 GMT Full Article headline google chrome
cure Signal Is Finally Bringing Its Secure Messaging To The Masses By packetstormsecurity.com Published On :: Mon, 17 Feb 2020 16:25:07 GMT Full Article headline privacy phone cryptography
cure SolarWinds MSP PME Cache Service Insecure File Permissions / Code Execution By packetstormsecurity.com Published On :: Thu, 07 May 2020 15:17:54 GMT SolarWinds MSP PME Cache Service versions prior to 1.1.15 suffer from insecure file permission and code execution vulnerabilities. Full Article
cure How Does IS Communicate Securely? By packetstormsecurity.com Published On :: Tue, 17 Nov 2015 16:53:15 GMT Full Article headline government spyware france terror cryptography
cure France's Secure Telegram Replacement Hacked In An Hour By packetstormsecurity.com Published On :: Tue, 23 Apr 2019 16:22:03 GMT Full Article headline hacker government privacy phone flaw france
cure Max Secure Anti Virus Plus 19.0.4.020 Insecure Permissions By packetstormsecurity.com Published On :: Sat, 30 Nov 2019 22:42:30 GMT Max Secure Anti Virus Plus version 19.0.4.020 suffers from an insecure permission vulnerability. Full Article
cure Imperva SecureSphere 13.x PWS Command Injection By packetstormsecurity.com Published On :: Wed, 06 Mar 2019 18:19:49 GMT This Metasploit module exploits a command injection vulnerability in Imperva SecureSphere version 13.x. The vulnerability exists in the PWS service, where Python CGIs did not properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to command injection. Agent registration credential is required to exploit SecureSphere in gateway mode. This module was successfully tested on Imperva SecureSphere 13.0/13.1/13.2 in pre-ftl mode and unsealed gateway mode. Full Article
cure Scam Coronavirus Sites Selling Fake Cures Taken Down By packetstormsecurity.com Published On :: Thu, 07 May 2020 15:14:04 GMT Full Article headline virus cybercrime fraud science
cure How Secure Is Your Shell? At Many Enterprises, Not Very By packetstormsecurity.com Published On :: Sat, 03 Nov 2012 16:02:58 GMT Full Article headline ssh
cure Hawaiian Electric Companies issue largest clean energy procurement to date; aim to end coal use, replace oil By feedproxy.google.com Published On :: 2019-08-27T14:32:35Z Last week, the Hawaiian Electric Companies began Hawai‘i’s largest procurement effort for renewable energy resources to end the use of coal and reduce reliance on imported oil for power generation, moving the state closer to its goal of using 100 percent renewable energy by 2045. Full Article DER News Utility Scale DER Utility Integration
