Your search for vulnerability returned 1343 results.

For the second time this year, a security researcher has found websites certified as McAfee HackerSafe that contain vulnerabilities. Researcher Dan Kaminsky said he has discovered a browser vulnerability that potentially puts millions of users of wireless routers and other web-facing devices at risk to a domain name system (DNS) attack. An Italian researcher has identified a flaw in Apple's QuickTime media application that can allow an attacker to perform a DoS attack or take control of an affected PC. Researchers have developed a browser security system that protects against the recently-revealed DNS vulnerability and other Man-in-the-Middle (MitM) attacks. Microsoft this week warned Windows and Mac users that cyberattackers are remotely exploiting a flaw in Excel to take over computers. Microsoft has revealed that attackers are exploiting a zero-day ActiveX vulnerability in Microsoft Access.
WordPress, the popular blogging platform used by many businesses, has pushed out an update to remedy a low-risk vulnerability that permits hackers to edit the posts of other users. The Fortify offering is a software-based solution which is also a CASE (computer aided software engineering) utility. Any source code can be reviewed with the Source Code Analysis (SCA) suite. Hackers compromise a United Nations’ Asia Pacific AIDS information site using an emerging malicious technique which scans for multiple vulnerabilities.
The netVigilance SecureScout EagleBox SP 2.0 is a highly comprehensive vulnerability management product. The StillSecure VAM appliance is serious vulnerability management in a single device. Microsoft is investigating a zero-day vulnerability in Visual Studio. A major vulnerability in the BlackBerry Attachment Service could result in a takedown of the enterprise server that supports the popular mobile devices.
Apple on Wednesday released a new version of its QuickTime media player, patching a flaw in the application on both Windows and Mac OS X operating systems. A leading security researcher has discovered a vulnerability in Firefox that could compromise websites and browsers. NGS Software Typhon is more of a traditional network vulnerability assessment tool with some application intelligence built in. The utility was able to locate FTP-based vulnerabilities on our test system, but had difficulties with web assessment. The Fortify offering is a software-based solution which is also a CASE (computer aided software engineering) utility. A Switzerland-based company this week launched an eBay-like marketplace for buying and selling zero-day software vulnerabilities. As it turns out, Microsoft's emergency fix plugs a previously unknown Windows vulnerability that was being exploited in limited attacks. Impact 6.0 from Core Security is a pure penetration testing tool. It is optimised for production use and comes with a suite of pre-programmed exploits. The support agreement provides regular updates with new exploits. Users can write their own exploits and can add to existing ones in the library. Impact can perform pre-configured scenarios or individual exploits.