vulnerability
Cisco WebEx Player WRF file processing vulnerabilities
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) player. In some cases, exploitation of the vulnerabilities could allow a remote …
Infected MyBB release package offered for download
The development team of MyBB (MyBulletinBoard), a popular PHP and MySQL-based free forum package, warned its users about the fact that its latest version available for …
Bug allows remote code execution in Chrome
In September ACROS Security notified Google about a peculiar behavior of the Chrome browser that can be exploited for execution of remote code outside Chrome sandbox under …
Flash bug allows spying of website visitors through webcam
A slight variation of a previously designed clickjacking attack that used a Adobe Flash vulnerability has once again made it possible for website administrators to …
Don’t worry about zero-days, says Microsoft
Microsoft released its Security Intelligence Report volume 11 (SIRv11), which found that less than 1 percent of exploits in the first half of 2011 were against zero-day …
163 new advanced evasion techniques discovered
Stonesoft announced it has delivered 163 new advanced evasion technique (AET) samples for global vulnerability coordination. The new samples include AETs over a number of …
Patching strategies
Cybercriminals have initiated an arms race by refining the malware manufacturing and development process to systematically bypass defense mechanisms. There are many …
Critical vulnerabilities in Adobe Photoshop Elements 8
Critical vulnerabilities exist in Adobe Photoshop Elements 8.0 and earlier versions. These two buffer overflow vulnerabilities (CVE-2011-2443) could cause a crash and …
FFmpeg multiple vulnerabilities
Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a Denial of Service and potentially compromise a user’s …
HTC Android devices allow almost any app access to private data
It’s bad news all around for users of various HTC Android smartphones, as the private data collected by the logging tools recently introduced by the company is also …
Symantec IM Manager multiple vulnerabilities
Multiple vulnerabilities have been reported in Symantec IM Manager, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to …
Browser companies react to BEAST attack
As Juliano Rizzo and Thai Duong have demonstrated on Friday, the SSL/TLS encryption used by the great majority of websites has been cracked. Their BEAST (Browser Exploit …
Featured news
Resources
Don't miss
- GUI frontends for GnuPG, the free implementation of the OpenPGP standard
- Juniper enterprise routers backdoored via “magic packet” malware
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
- Defense strategies to counter escalating hybrid attacks