Tag Archives: component vulnerabilities

Vulnerability database infected for at least two months


March 19, 2013 By
The Vigilant Application Owner

Downed US vuln catalog infected for at least TWO MONTHS. A vulnerability in Adobe’s ColdFusion software allowed the National Vulnerability Database and other National Institute for Standards and Technology (NIST) Web sites to be infected with malware, prompting NIST to take them offline. Source: http://www.theregister.co.uk/2013/03/14/adobe_coldfusion_vulns_compromise_us_malware_catalog/

Continue reading...

NIST National Vulnerability Database down


By
The Vigilant Application Owner

Malware identified on two Web servers. The National Institute of Standards and Technology (NIST) took down several of their Web sites, including the National Vulnerability Database (NVD) after malware was found on them. Source: http://news.softpedia.com/news/NIST-National-Vulnerability-Database-DownMalware-Identified-on-Two-Web-Servers-337103.shtml

Continue reading...

Browsers downed again on first day of Pwn2Own contest


March 8, 2013 By
The Vigilant Application Owner

Major browsers, Java hacked on the first day of Pwn2Own 2013.Researchers participating in the first day of  Pwn2Own 2013 discovered security vulnerabilities in Firefox, Chrome, and Internet Explorer 10 Web browsers, as well as in Java. Source: http://news.softpedia.com/news/Major-Browsers-Java-Hacked-on-theFirst-Day-of-Pwn2Own-2013-335279.shtml

Continue reading...

Oracle confirms Java 7 Update 15


By
The Vigilant Application Owner

Oracle confirms Java 7 Update 15 vulnerability, but researchers are still unhappy. Researchers urged Oracle to reevaluate their submissions of weaknesses in the Java 7 Update 15 after the company acknowledged only one of the two vulnerabilities discovered regarding a full sandbox bypass is a concern, and simply determined the second vulnerability to be accepted […]

Continue reading...

Hacker Gains Access to Foxconn Databases, Just Wants to Prove Lack of Security


February 5, 2013 By
The Vigilant Application Owner

Softpedia – (International) Hacker gains access to Foxconn databases, just wants to prove lack of security. The hacker known as D35m0nd142 exploited and blind SQL injection vulnerability on a site belonging to manufacturer Foxconn, and brought the vulnerability to the company’s attention. Source: http://news.softpedia.com/news/Hacker-Gains-Access-to-Foxconn-Databases-Just-Wants-to-Prove-Lack-of-Security-326942.shtml

Continue reading...

Ruby On Rails 3.0.20 and 2.3.16 Released to Address Extremely Critical Vulnerability


January 29, 2013 By
The Vigilant Application Owner

Softpedia – (International) Ruby on Rails 3.0.20 and 2.3.16 released to address extremely critical vulnerability. The developers of Ruby on Rails released versions 3.0.20 and 2.3.16 and advised users to immediately apply the update to close a major vulnerability in past versions. Source: http://news.softpedia.com/news/Ruby-on-Rails-3-0-20-and-2-3-16-Released-to-Address-Extremely-Critical-Vulnerability-324866.shtml

Continue reading...