• »
  • Latest Threats
  • Desktop
  • Server
  • Critical Severity
  • High Severity
  • Low Severity

Latest Threats

Server

IN DEPTH ANALYSIS
Hospira Drug Infusion Pump multiple vulnerabilities including no auth required for root over TELNET
SEVERITY:
critical (Can fully compromise system)
AFFECTS:
Hospira LifeCare PCA Infusion System before 7.0
SYNOPSIS:
Hospira Drug Infusion Pump multiple vulnerabilities including no auth required for root over TELNET
OpenSSL flaw allows an attacker to bypass certain checks on untrusted certificates
SEVERITY:
critical (Can fully compromise system)
AFFECTS:
OpenSSL 1.0.2b, 1.0.2c, 1.0.1n, 1.0.1o
SYNOPSIS:
OpenSSL flaw allows an attacker to bypass certain checks on untrusted certificates
Critical vulnerability in Cisco Unified Communications Domain Manager Platform Software
SEVERITY:
critical (Can fully compromise system)
AFFECTS:
Cisco Unified Communications Domain Manager Platform prior to 4.4.5
Cisco Unified Communications Domain Manager 8.x
SYNOPSIS:
A vulnerability in the Cisco Unified Communications Domain Manager Platform Software could allow an unauthenticated, remote attacker to login with the privileges of the root user and take full control of the affected system
Windows Server vulnerability allows attacker to elevate privileges to administrator
SEVERITY:
critical (Can fully compromise system)
AFFECTS:
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
SYNOPSIS:
A flaw in the Kerberos KDC protocol for Windows Server versions since 20013 allows a malicious user to elevate privileges to administrator level
APT flaws allow remote attackers to execute arbitrary code via crafted package and more
SEVERITY:
high (Can partially compromise system)
AFFECTS:
APT before 1.0.9
SYNOPSIS:
Several security vulnerabilities commandline package manager APT allow remote attackers to execute code via crafted packages and more
Vulnerability found in security and load balancing appliance FortiADC E
SEVERITY:
high (Can partially compromise system)
AFFECTS:
FortiADC-E with firmware 3.1.1 and prior
Coyote Point Equalizer with firmware 10.2.0a
SYNOPSIS:
Vulnerability in FortiNet FortiADC-E with firmware 3.1.1 allows remote attackers to obtain access to arbitrary subnets via unspecified vectors.
WGET bug allows remote FTP servers to write to arbitrary files and therefore execute arbitrary commands
SEVERITY:
critical (Can fully compromise system)
AFFECTS:
GNU WGET versions 1.15 and prior
SYNOPSIS:
WGET bug related to symlinks allows remote FTP servers to write to arbitrary files and therefore execute arbitrary commands
19 Vulnerabilities in McAfee Network Data Loss Prevention allow remote and local attackers to obtain sensitive information
SEVERITY:
high (Can partially compromise system)
AFFECTS:
McAfee Network Data Loss Prevention before 9.2.2
McAfee Network Data Loss Prevention before 9.3
SYNOPSIS:
19 Vulnerabilities in McAfee Network Data Loss Prevention allow remote and local attackers to obtain sensitive information
Issues in various FreeBSD daemons and functions can be used as attack vectors for causing Denial of Service
SEVERITY:
high (Can partially compromise system)
AFFECTS:
routed: FreeBSD 8.4 through 10.1-RC2
rtsold: FreeBSD 9.1 through 10.1-RC2
namei: FreeBSD 9.1 through 10.1-RC2
SYNOPSIS:
Issues in FreeBSD daemons rtsold and routed, and namei functions can be used as remote attack vectors for causing Denial of Service
Vulnerability in IT infrastructure software Centreon allows remote attackers to execute arbitrary commands via shell metacharacters
SEVERITY:
critical (Can fully compromise system)
AFFECTS:
Centreon 2.5.1
Centreon Enterprise Server 2.2
SYNOPSIS:
displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterprise Server 2.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) session_id or (2) template_id parameter, related to the command_line variable.

Desktop

IN DEPTH ANALYSIS
Windows Vista 7 and 8 vulnerability allows attacker to elevate privileges to administrator
SEVERITY:
critical (Can fully compromise system)
AFFECTS:
Windows Vista
Windows 7
Windows 8
Windows 8.1
Windows RT
Windows RT 8.1
SYNOPSIS:
A flaw in the Kerberos KDC protocol for Windows versions since Vista allows a malicious user to elevate privileges to administrator level.
Adobe Flash and Air vulnerabilities patched on October 14 are already in exploit kits
SEVERITY:
critical (Can fully compromise system)
AFFECTS:
Adobe Flash Player 15.0.0.167 and earlier versions
Adobe Flash Player 13.0.0.244 and earlier 13.x versions
Adobe Flash Player 11.2.202.406 and earlier versions for Linux
Adobe AIR desktop runtime 15.0.0.249 and earlier versions
Adobe AIR SDK 15.0.0.249 and earlier versions
Adobe AIR SDK & Compiler 15.0.0.249 and earlier versions
Adobe AIR 15.0.0.252 and earlier versions for Android
SYNOPSIS:
Adobe Flash and Adobe Air vulnerabilities, patched and released with Adobe security bulletin APSB14-22, have already been found in the arsenal of Fiesta Exploit Kit and Angler Exploit Kit
Bug in legacy SSL protocol allows MITM attacker to view https data stream as cleartext
SEVERITY:
high (Can partially compromise system)
AFFECTS:
Legacy Systems and Browsers
SSL 3.0
SYNOPSIS:
The legacy SSL 3.0 protocol can allow a man-in-the-middle attacker to view https data stream as cleartext or decrypt a secure cookie using the oracle-padding attack, a.k.a "POODLE"

Live Feed

AGGREGATED