메뉴 건너뛰기

메리메리쩜넷넷

Since 2002

Python || Malware || Security News Grabber

Do NOT Hack this machine!!

컨텐츠 보기기

   보안뉴스 | 최신기사
   보안뉴스 | 긴급경보
   AhnLab 최신 보안뉴스
   AhnLab 악성코드 정보
   NIST NDV
   Krebs On Security
  • CVE-2018-11806 (qemu)

    2018년 6월 14일

    m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

  • CVE-2018-11688 (igniterealtime)

    2018년 6월 14일

    Ignite Realtime Openfire 3.7.1 is vulnerable to cross-site scripting, caused by improper validation of u

  • CVE-2018-12292 (pale_moon)

    2018년 6월 13일

    A use-after-free vulnerability exists in DOMProxyHandler::Ens-ureExpandoObject in Pale Moon before 27.9.3

  • CVE-2018-12291 (synapse)

    2018년 6월 13일

    The on_get_missing_event-s function in handlers/federation.-py in Matrix Synapse before 0.31.1 has a secur

  • CVE-2018-5434 (runtime_agent)

    2018년 6월 13일

    The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime Agent for z

  • CVE-2018-5433 (administrator)

    2018년 6월 13일

    The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Editi

  • CVE-2018-5432 (administrator)

    2018년 6월 13일

    The TIBCO Administrator server component of of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Ed

  • CVE-2018-12268 (acccheck.pl)

    2018년 6월 13일

    acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metacharacters in a username or passwor

  • CVE-2018-5718 (softcontrol_enterprise_suite, softcontrol_syswatch, softcontrol_tpsecure)

    2018년 6월 13일

    Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftCont

  • CVE-2011-4182 (sysconfig)

    2018년 6월 13일

    Missing escaping of ESSID values in sysconfig of SUSE Linux Enterprise allows attackers controlling an a

  • CVE-2018-12228 (open_source)

    2018년 6월 12일

    An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/T

  • CVE-2018-5185 (debian_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_eus, enterprise_linux_workstation, thunderbird, thunderbird_esr, ubuntu_linux)

    2018년 6월 12일

    Plaintext of decrypted emails can leak through by user submitting an embedded form. This vulnerability a

  • CVE-2018-5170 (debian_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_eus, enterprise_linux_workstation, thunderbird, thunderbird_esr, ubuntu_linux)

    2018년 6월 12일

    It is possible to spoof the filename of an attachment and display an arbitrary attachment name. This cou

  • CVE-2018-5162 (debian_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_eus, enterprise_linux_workstation, thunderbird, thunderbird_esr, ubuntu_linux)

    2018년 6월 12일

    Plaintext of decrypted emails can leak through the src attribute of remote images, or links. This vulner

  • CVE-2018-5161 (debian_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_eus, enterprise_linux_workstation, thunderbird, thunderbird_esr, ubuntu_linux)

    2018년 6월 12일

    Crafted message headers can cause a Thunderbird process to hang on receiving the message. This vulnerabi

  • CVE-2018-5157 (debian_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_eus, enterprise_linux_workstation, firefox, firefox_esr, ubuntu_linux)

    2018년 6월 12일

    Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messa

  • CVE-2018-5153 (firefox, ubuntu_linux)

    2018년 6월 12일

    If websocket data is sent with mixed text and binary in a single message, the binary data can be corrupt

  • CVE-2018-5147 (debian_linux, firefox, firefox_esr)

    2018년 6월 12일

    The libtremor library has the same flaw as CVE-2018-5146. This library is used by Firefox in place of li

  • CVE-2018-5136 (firefox, ubuntu_linux)

    2018년 6월 12일

    A shared worker created from a "data:" URL in one tab can be shared by another tab with a different orig

  • CVE-2017-7778 (debian_linux, firefox, firefox_esr, graphite2, thunderbird)

    2018년 6월 12일

    A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer ove

  • CVE-2017-7770 (firefox)

    2018년 6월 12일

    A mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered

  • CVE-2017-7768 (firefox, firefox_esr)

    2018년 6월 12일

    The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary

  • CVE-2017-7767 (firefox, firefox_esr)

    2018년 6월 12일

    The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary files with

  • CVE-2017-7766 (firefox, firefox_esr)

    2018년 6월 12일

    An attack using manipulation of "updater.ini" contents, used by the Mozilla Windows Updater, and privile

  • CVE-2017-7765 (firefox, firefox_esr, thunderbird)

    2018년 6월 12일

    The "Mark of the Web" was not correctly saved on Windows when files with very long names were downloaded

  • CVE-2017-7764 (debian_linux, firefox, firefox_esr, thunderbird)

    2018년 6월 12일

    Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other unicode b

  • CVE-2017-7763 (debian_linux, firefox, firefox_esr, thunderbird)

    2018년 6월 12일

    Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar as part

  • CVE-2017-7761 (firefox, firefox_esr)

    2018년 6월 12일

    The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-p

  • CVE-2017-7760 (firefox, firefox_esr)

    2018년 6월 12일

    The Mozilla Windows updater modifies some files to be updated by reading the original file and applying

  • CVE-2017-5395 (firefox)

    2018년 6월 12일

    Malicious sites can display a spoofed location bar on a subsequently loaded page when the existing locat

  • Hanging Up on Mobile in the Name of Security

    Br
    2018년 8월 17일

    An entrepreneur and virtual currency investor is suing AT&T for $224 million, claiming the wireless

  • Patch Tuesday, August 2018 Edition

    Br
    2018년 8월 15일

    Adobe and Microsoft each released security updates for their software on Tuesday. Adobe plugged five sec

  • FBI Warns of ‘Unlimited’ ATM Cashout Blitz

    Br
    2018년 8월 13일

    The Federal Bureau of Investigation (FBI) is warning banks that cybercriminals are preparing to carry ou

  • Florida Man Arrested in SIM Swap Conspiracy

    Br
    2018년 8월 8일

    Police in Florida have arrested a 25-year-old man accused of being part of a multi-state cyber fraud rin

  • Credit Card Issuer TCM Bank Leaked Applicant Data for 16 Months

    Br
    2018년 8월 4일

    TCM Bank, a company that helps more than 750 small and community U.S. banks issue credit cards to their

  • The Year Targeted Phishing Went Mainstream

    Br
    2018년 8월 3일

    A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real passw

  • Reddit Breach Highlights Limits of SMS-Based Authentication

    Br
    2018년 8월 2일

    Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and

  • State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China

    Br
    2018년 7월 28일

    Here's a timely reminder that email isn't the only vector for phishing attacks: Several U.S. state and l

  • LifeLock Bug Exposed Millions of Customer Email Addresses

    Br
    2018년 7월 26일

    Identity theft protection firm LifeLock -- a company that's built a name for itself based on the promise

  • Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

    Br
    2018년 7월 24일

    Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eigh

   AlienVault
   TheHackerNews
  • Do You Take Security Seriously?

    2018년 8월 16일

    Well Javvad Malik has created another awesome report taking on what taking security seriously actua

  • Discovering CVE-2018-11512 - wityCMS 0.6.1 Persistent XSS

    2018년 8월 15일

    Content Management Systems (CMS) are usually good to check out for security issues, especially if the

  • Improving Threat Detection through Managed Security Service Providers (MSSPs)

    2018년 8월 14일

    Executive Summary: Cybersecurity is a growing concern as breaches continue to increase in frequency

  • The Black Hat Recap

    2018년 8월 14일

    BlackHat is always one of the most interesting conferences of the year. Firmly sandwiched between Bsid

  • What You Need to Look for When Choosing a Hosting Company for Your Startup

    2018년 8월 9일

    Whether you sell clothes online or have recently set up a financial services firm, every startup nee

  • USM Central Product Roundup and Look Ahead

    2018년 8월 7일

    We have an audacious goal on the USM Central Product team. We believe that we can create the most p

  • Black Hat 2018 will be Phenomenal!

    2018년 8월 6일

    The AlienVault team is ready to meet and greet visitors at Black Hat USA 2018, August 8th and 9th at t

  • Things I Hearted this Week, 3rd Aug 2018

    2018년 8월 3일

    It’s August already. The kids are off on their summer vacations telling me how bored they are ev

  • Standing Out as an Information Security Student

    2018년 8월 2일

    As students, we get told that college is enough to land us anything we want, I can honestly say fro

  • Off-the-shelf RATs Targeting Pakistan

    2018년 8월 1일

    Introduction We’ve identified a number of spear phishing campaigns with Pakistani themed docume

위로