alarmSecurity News

Beyond Biometrics: The Future of Authentication
2019-06-03 13h58
As organizations become more and more digitally connected, concerns about secure access seem to...
Inside GCHQ's Proposed Backdoor Into End-to-End Encryption
2019-06-03 13h35
The Open Technology Institute (OTI) has responded to GCHQ/NCSC's article on 'Principles for a...
AMCA Breach Hits 12 Million Quest Diagnostics Patients
2019-06-03 13h14
A data breach at billing collections service provider American Medical Collection Agency (AMCA)...
GandCrab Ransomware Authors Announce Shut Down
2019-06-03 13h08
The authors of the GandCrab ransomware have reportedly announced on underground forums that they...
How to install CA certificates in Ubuntu server
2019-06-03 13h08
Having trouble getting CA certificates installed and recognized in Ubuntu Server? Find out how...
New Attack Targets the Touchscreen of Smartphones, Researchers Reveal
2019-06-03 12h48
A group of researchers has devised a new proof-of-concept attack that targets the touchscreen of...
Smart-TV Bug Allows Rogue Broadcasts
2019-06-03 12h11
An attacker could gain remote access by chaining together an exploit for home routers with the TV flaw.
Lab Testing Firm Eurofins Scientific Hit by Ransomware
2019-06-03 11h04
Luxembourg-based laboratory testing services giant Eurofins Scientific on Monday revealed that...
GandCrab Ransomware Shutters Its Operations
2019-06-03 10h18
After a year of success, its operators say they earned millions -- and are ready to retire.
IEEE says it may have gone about things the wrong Huawei, lifts ban after US govt clearance
2019-06-03 09h50
Academic outfit U-turns on blacklisting Chinese bogeyman The US-based Institute of Electrical...

securityVulnerabilities by Risk-level

13% Critical
22% High
38% Moderate
27% Low

Vulnerabilities by Vendor

Vendor Last 12 months #
Google
86
Microsoft
72
Ibm
69
Cisco
48
Imagemagick
30

Latest Vulnerabilities

Cross-Site Scripting (XSS) vulnerability in Layerbb 1.1.3

2019-07-19 07h15
LayerBB 1.1.3 allows XSS via the application/commands/new.php pm_title variable, a related issue...

Cross-Site Scripting (XSS)
Medium

Unrestricted Upload of File with Dangerous Type vulnerability in Layerbb 1.1.3

2019-07-19 07h15
LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the custom_logo filename...

Unrestricted Upload of File...
High

SQL Injection vulnerability in Ovidentia 8.4.3

2019-07-19 07h15
Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php?tg=delegat&idx=mem request.

SQL Injection
Medium

Cross-Site Request Forgery (CSRF) vulnerability in Layerbb 1.1.3

2019-07-19 07h15
LayerBB 1.1.3 allows conversations.php/cmd/new CSRF.

Cross-Site Request Forgery (CSRF)
Medium

Cross-Site Scripting (XSS) vulnerability in Ovidentia 8.4.3

2019-07-19 07h15
index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y,...

Cross-Site Scripting (XSS)
Low

Latest Critical Vulnerabilities

SQL Injection vulnerability in Sertek Xpare 3.67

2019-07-17 20h15
An issue was discovered in Sertek Xpare 3.67. The login form does not sanitize input data....

SQL Injection
10.0

SQL Injection vulnerability in Foliovision FV Flowplayer Video Player

2019-07-17 16h15
A SQL injection vulnerability exists in the FolioVision FV Flowplayer Video Player plugin before...

SQL Injection
10.0

Data Handling vulnerability in Onosproject Onos 1.15.0

2019-07-17 03h15
In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java...

Data Handling
10.0

Improper Restriction of XML External Entity Reference ('XXE') vulnerability in NSA Ghidra 9.0.1

2019-07-17 03h15
NSA Ghidra before 9.0.1 allows XXE when a project is opened or restored, or a tool is imported,...

Improper Restriction of XML External...
9.4

Command Injection vulnerability in Citrix Netscaler SD WAN and SD WAN

2019-07-16 18h15
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input...

Command Injection
10.0

Command Injection vulnerability in Citrix Netscaler SD WAN and SD WAN

2019-07-16 18h15
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input...

Command Injection
10.0

Path Traversal vulnerability in Citrix Netscaler SD WAN and SD WAN

2019-07-16 18h15
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal.

Path Traversal
10.0

Command Injection vulnerability in Citrix Netscaler SD WAN and SD WAN

2019-07-16 18h15
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input...

Command Injection
9.0

Command Injection vulnerability in Citrix Netscaler SD WAN and SD WAN

2019-07-16 18h15
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input...

Command Injection
10.0

Command Injection vulnerability in Citrix Netscaler SD WAN and SD WAN

2019-07-16 18h15
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input...

Command Injection
9.0