>> ARCHIVE: 2015-10

A component of Kaspersky Internet Security that’s enabled by default is called the “Network Attack Blocker”, described as “protects the computer against dangerous network activity”. This researcher examined the implementation,…

An authentication bypass vulnerability in the web interface of a Buffalo LinkStation Duo Network Attached Storage (NAS) device allows unauthenticated attackers to gain administrative privileges. This puts the confidentiality and…

Veeam Backup and Replications versions 6 through 8 suffer from log disclosure and broken password security vulnerabilities.

Joomla! CMS versions 3.4.0 through 3.4.3 suffer from a cross site scripting vulnerability.

Belkin N300 Wifi N Router F9K1010 suffers from an arbitrary file disclosure vulnerability.

This Metasploit module exploits a command injection vulnerability discovered in HP SiteScope 11.30 and earlier versions (tested in 11.26 and 11.30). The vulnerability exists in the DNS Tool allowing an…

An independent vulnerability laboratory researcher discovered a remote code execution vulnerability in the official FreemakeVideo Converter v4.1.7 software.

The Vulnerability Laboratory Core Research Team discovered a session fixation web Vulnerability in the official PayPal Inc (France) online service web-application.