A component of Kaspersky Internet Security that’s enabled by default is called the “Network Attack Blocker”, described as “protects the computer against dangerous network activity”. This researcher examined the implementation, and determined that it’s actually a simple stateless packet filter with a pattern-matching signature system.
An authentication bypass vulnerability in the web interface of a Buffalo LinkStation Duo Network Attached Storage (NAS) device allows unauthenticated attackers to gain administrative privileges. This puts the confidentiality and integrity of the stored data as well as the integrity of the device configuration at high risk.
Veeam Backup and Replications versions 6 through 8 suffer from log disclosure and broken password security vulnerabilities.
Joomla! CMS versions 3.4.0 through 3.4.3 suffer from a cross site scripting vulnerability.
Belkin N300 Wifi N Router F9K1010 suffers from an arbitrary file disclosure vulnerability.
This Metasploit module exploits a command injection vulnerability discovered in HP SiteScope 11.30 and earlier versions (tested in 11.26 and 11.30). The vulnerability exists in the DNS Tool allowing an attacker to execute arbitrary commands in the context of the service. By default, HP SiteScope installs and runs as SYSTEM in Windows and does not […]
An independent vulnerability laboratory researcher discovered a remote code execution vulnerability in the official FreemakeVideo Converter v4.1.7 software.
The Vulnerability Laboratory Core Research Team discovered a session fixation web Vulnerability in the official PayPal Inc (France) online service web-application.
