Security News

Peristent XSS Vulnerability Plagues WordPress Plugin (Threatpost)
2015-04-07 18:37

A persistent cross-site scripting (XSS) vulnerability exists in some versions of a popular WordPress caching engine plugin.

Vulnerability Forces Mozilla to Disable Opportunistic Encryption in Firefox (Threatpost)
2015-04-07 14:27

Less than a week after introducing the new opportunistic encryption feature in Firefox, Mozilla has had to disable it because of a security vulnerability in the browser’s implementation of the...

Command Injection Vulnerability Found in BitTorrent Sync (SecurityWeek)
2015-04-06 15:25

VMWare issue updates for Java vulnerability (SC Magazine)
2015-04-03 19:22

VMware Fixes Java Information Disclosure Vulnerability (Threatpost)
2015-04-03 15:03

VMware has issued an update to a number of its products fixing an information disclosure bug in Oracle's Java runtime environment.

Vulnerability Note VU#924124 - X-Cart contains multiple vulnerabilities (Reddit)
2015-04-03 03:21

Vulnerability discovered that could allow for deletion of every YouTube video (SC Magazine)
2015-04-02 21:37

Multicast DNS Vulnerability Could Lead to DDOS Amplification Attacks (Threatpost)
2015-04-01 14:54

DHS warned of a serious vulnerability in Multicast DNS devices whereby leaked system information could be leveraged in a DDoS amplification attack.

MongoDB Patches Remote Denial-of-Service Vulnerability (Threatpost)
2015-03-31 15:46

Popular NoSQL database MongoDB has released an update that patches a critical denial-of-service vulnerability.

Hotel Wi-Fi Router Firmware Vulnerability (March 26, 2015) (SANS Newsbites)
2015-03-27 21:40