VULNERABILITY MAGAZINE - Bug Bounties, Acknoweldgements & Security Research | VULNERABILITY MAGAZINE - Bug Bounties, Acknoweldgements & Security Research

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

Sunday, May 28, 2017

Posted by Editorial_Staff_Team

Reader's rate:

Stack Buffer Overflow Vulnerability in Skype v7.2, v7.35 & v7.36 Security researchers of the vulnerability laboratory core research team uncovered a critical vulnerability in skype v7.2, v7.35 & v7.36 for microsoft windows. The vulnerability was discovered during a team conference in... + continue reading

PayPal Inc announces 2 new Bug Bounty Program Domains

Tuesday, May 16, 2017

Posted by Editorial_Staff_Team

Bug Bounty

0 comment(s)

Reader's rate:

PayPal Inc - New Scope & Program Guidelines It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and designing new stable updates. Today in the morning the paypal inc company announced several new... + continue reading

Telekom Cloud & Web SSO vulnerable to Bypass & Persistent XSS Attacks

Tuesday, January 3, 2017

Posted by Editorial_Staff_Team

Bug Bounty

0 comment(s)

Reader's rate:

Telekom Cloud - MyworkPlace Business Frontend & Backend Vulnerabilities Researchers of the vulnerability laboratory core team discovered multiple persistent cross site scripting web vulnerabilities to the telekom cert team in mid december 2016. The security vulnerabilities was located in... + continue reading

Apple iOS 10.2 Notify Function vulnerable to Attacks via iDevice on iTunes & Appstore

Friday, December 23, 2016

Posted by Editorial_Staff_Team

Bug Bounty

2 comment(s)

Reader's rate:

How Super Mario Run helped a Security Research to identify a Vulnerability In september we got the first information about the new notify function within the new iOS 10.x version. The new notify function was mainly a secret to all the users until november 2016. Apple did not revealed how... + continue reading

Barracuda Networks adapts Bug Bounty Program to Cloud Product Services

Tuesday, November 15, 2016

Posted by Editorial_Staff_Team

Bug Bounty

0 comment(s)

Reader's rate:

New Cloud Services, High Severity Issues & Invitation Only In the last 6 years the public bug bounty program of barracuda networks helped to improve the security of their active product series. At the beginning the program was running independently but about 1 and a half year ago the... + continue reading

US Military starts official "Hack the Army" Bug Bounty Program

Monday, November 14, 2016

Posted by Editorial_Staff_Team

Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability

Thursday, November 10, 2016

Posted by Editorial_Staff_Team

Vulnerabilities & Bugs

0 comment(s)

Reader's rate:

Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability About some month ago the pentester and security researcher Benjamin Kunz Mejri was pentesting for the adobe security department the actual upcoming "Connect" web services and web-application. Due to his active... + continue reading

Wickr Inc - When honesty disappears behind the VCP Mountain

Thursday, October 27, 2016

Posted by Editorial_Staff_Team

Mobidea starts Exclusive Bug Bounty Program in the Vulnerability Lab

Friday, October 14, 2016

Posted by Editorial_Staff_Team

Featured Cooperative Security Articles

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

Sunday, 28/05/17 - 0 comment(s)

PayPal Inc announces 2 new Bug Bounty Program Domains

Tuesday, 16/05/17 - 0 comment(s)

This Week Most Popular

Wickr Inc - When honesty disappears behind the VCP Mountain

27/10/16 - 5 comment(s)

BMW Core Web Portal & ConnectedDrive - Exploitation of Car Configurations

07/07/16 - 3 comment(s)

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

28/05/17 - 0 comment(s)

BUG BOUNTY ISSUES

PayPal Inc announces 2 new Bug Bounty Program Domains

Tuesday, 16/05/17 - 0 comment(s)

Telekom Cloud & Web SSO vulnerable to Bypass & Persistent XSS Attacks

03/01/17 - 0 comment(s)

Apple iOS 10.2 Notify Function vulnerable to Attacks via iDevice on iTunes & Appstore

23/12/16 - 2 comment(s)

Barracuda Networks adapts Bug Bounty Program to Cloud Product Services

15/11/16 - 0 comment(s)

VULNERABILITIES & BUGS

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

Sunday, 28/05/17 - 0 comment(s)

Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability

10/11/16 - 0 comment(s)

Critical Vulnerabilities in Sparkassen Bank Server discovered by Researchers

06/09/16 - 1 comment(s)

Fortinet Patches Series of Remote Vulnerabilities in Appliance Products

08/08/16 - 2 comment(s)

BEST SECURITY VIDEOS

PayPal Inc patched medium severity Cross Site Request Forgery Issue

Tuesday, 25/08/15 - 0 comment(s)

PayPal Inc patched medium severity Cross Site Request Forgery Issue The independent and individual vulnerability laboratory researcher paresh parmar discovered during the participate in the... + continue reading

Shopify | Buy Button | Persistent Embed POST Inject Vulnerability

13/08/15 - 8 comment(s)

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

11/08/15 - 0 comment(s)

Ebay Inc coordinated patch of 3 Magento Vulnerabilities (IVE, XSS & CSRF)

23/06/15 - 1 comment(s)

LAB MAGAZINE ISSUES

Vulnerability Laboratory Magazine Issue #1 2014

Friday, 21/03/14 - 0 comment(s)

upgrades incoming ... + continue reading

Welcome to "Vulnerability Magazine"

12/03/14 - 1 comment(s)

IT-SECURITY EVENTS

Manchester City - Football Club hosts first Hackathon in July 2016

Tuesday, 05/07/16 - 0 comment(s)

Manchester City - Football Club hosts first Hackathon in July 2016 The city of football club ManchesterCity had organized a new event #HackMCFC, which will provide participants with access to... + continue reading

Hack in the Box | Amsterdam 2015 | HITB

31/05/15 - 3 comment(s)

Egyptian Workshop - Bug Bounty & Security Research

28/04/15 - 0 comment(s)

CeBIT 2015 (d!conomy) - Heise offers Slots in Open Developer World

10/11/14 - 0 comment(s)

ARTICLES - IMAGES GALLERY PREVIEW

Stack Buffer Overflow Zero Day Vulnerability uncovered in...

PayPal Inc announces 2 new Bug Bounty Program Domains

Telekom Cloud & Web SSO vulnerable to Bypass &...

Apple iOS 10.2 Notify Function vulnerable to Attacks via...

Barracuda Networks adapts Bug Bounty Program to Cloud...

US Military starts official "Hack the Army" Bug...

Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross...

Wickr Inc - When honesty disappears behind the VCP Mountain

Mobidea starts Exclusive Bug Bounty Program in the...

Facebook API v2.1 hit by RFC6749 Open Redirect Attack...

Vulnerability Lab hosts new Exclusive Bug Bounty &...

FaceDancer 21 Circuit Board - New Universal Case for...

Critical Vulnerabilities in Sparkassen Bank Server...

Parse HTTP Host Header Attack - Redirect Bug

Fortinet Patches Series of Remote Vulnerabilities in...

Apple Cupertino announces to startup official Bug Bounty...

BMW Core Web Portal & ConnectedDrive - Exploitation of...

Manchester City - Football Club hosts first Hackathon in...

Hack the Pentagon - More then 120 valid Security...

Hacking the Bugcrowd - Core Researcher scores in Main...

Sun

May

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

Submitted by Editorial_Staff_Team on Sun, 05/28/2017 - 18:38

Stack Buffer Overflow Vulnerability in Skype v7.2, v7.35 & v7.36

Security researchers of the vulnerability laboratory core research team uncovered a critical vulnerability in skype v7.2, v7.35 & v7.36 for microsoft windows. The vulnerability was discovered during a team conference in skype, when a crash occured during an interaction by the usual suspect Benjamin Kunz Mejri. Benjamin is well known for discovering vulnerabilities in skype software. In the last years, his researches on the software mainly stucked and no new public vulnerabilities were uncovered until 2014. The new detected vulnerability has indeed a critical impact to local and remote skype users and is explained as followed.

Tue

May

PayPal Inc announces 2 new Bug Bounty Program Domains

Submitted by Editorial_Staff_Team on Tue, 05/16/2017 - 13:37

PayPal Inc - New Scope & Program Guidelines

It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and designing new stable updates. Today in the morning the paypal inc company announced several new updates regarding the guidelines and scopes. The company decided, to expand the program conditions to followup with the program after years of successful public integration.

Tue

Jan

Telekom Cloud & Web SSO vulnerable to Bypass & Persistent XSS Attacks

Submitted by Editorial_Staff_Team on Tue, 01/03/2017 - 22:09

Telekom Cloud - MyworkPlace Business Frontend & Backend Vulnerabilities

Researchers of the vulnerability laboratory core team discovered multiple persistent cross site scripting web vulnerabilities to the telekom cert team in mid december 2016. The security vulnerabilities was located in the new telekom cloud business service and myworkplace for paying customers.The "Deutsche Telekom" offers the "Open Telekom Cloud" a secure Infrastructure as-a-service offering based on "OpenStack". The hosting is located in highly secure data centers of the telekom in germany.