Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

Sunday, May 28, 2017
Posted by Editorial_Staff_Team
Vulnerabilities & Bugs
0 comment(s)
Reader's rate:
5
Stack Buffer Overflow Vulnerability in Skype v7.2, v7.35 & v7.36 Security researchers of the vulnerability laboratory core research team uncovered a critical vulnerability in skype v7.2, v7.35 & v7.36 for microsoft windows. The vulnerability was discovered during a team conference in... + continue reading

PayPal Inc announces 2 new Bug Bounty Program Domains

Tuesday, May 16, 2017
Posted by Editorial_Staff_Team
Bug Bounty
0 comment(s)
Reader's rate:
5
PayPal Inc - New Scope & Program Guidelines It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and designing new stable updates. Today in the morning the paypal inc company announced several new... + continue reading

Telekom Cloud & Web SSO vulnerable to Bypass & Persistent XSS Attacks

Tuesday, January 3, 2017
Posted by Editorial_Staff_Team
Bug Bounty
0 comment(s)
Reader's rate:
4.142855
Telekom Cloud - MyworkPlace Business Frontend & Backend Vulnerabilities Researchers of the vulnerability laboratory core team discovered multiple persistent cross site scripting web vulnerabilities to the telekom cert team in mid december 2016. The security vulnerabilities was located in... + continue reading

Apple iOS 10.2 Notify Function vulnerable to Attacks via iDevice on iTunes & Appstore

Friday, December 23, 2016
Posted by Editorial_Staff_Team
Bug Bounty
2 comment(s)
Reader's rate:
3.76923
How Super Mario Run helped a Security Research to identify a Vulnerability In september we got the first information about the new notify function within the new iOS 10.x version. The new notify function was mainly a secret to all the users until november 2016. Apple did not revealed  how... + continue reading

Barracuda Networks adapts Bug Bounty Program to Cloud Product Services

Tuesday, November 15, 2016
Posted by Editorial_Staff_Team
Bug Bounty
0 comment(s)
Reader's rate:
4.5
New Cloud Services, High Severity Issues & Invitation Only In the last 6 years the public bug bounty program of barracuda networks helped to improve the security of their active product series. At the beginning the program was running independently but about 1 and  a half year ago the... + continue reading

US Military starts official "Hack the Army" Bug Bounty Program

Monday, November 14, 2016
Posted by Editorial_Staff_Team
Top Stories
1 comment(s)
Reader's rate:
5
US Military starts official "Hack the Army" Bug Bounty Program Due to the last days "Eric Fanning" secretary of the us army announced, that the new "Hack the Army" Bug Bounty Program will start soon. In 2016 the "Hack the Pentagon" Program was disclosing... + continue reading

Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability

Thursday, November 10, 2016
Posted by Editorial_Staff_Team
Vulnerabilities & Bugs
0 comment(s)
Reader's rate:
3.4
Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability About some month ago the pentester and security researcher Benjamin Kunz Mejri was pentesting for the adobe security department the actual upcoming "Connect" web services and web-application. Due to his active... + continue reading

Wickr Inc - When honesty disappears behind the VCP Mountain

Thursday, October 27, 2016
Posted by Editorial_Staff_Team
Top Stories
5 comment(s)
Reader's rate:
5
Wickr Inc Secret Messenger - Bug Bounty Program Vulnerabilities by Design Today we would like to talk about the security of the american secret messenger called "Wickr - Secret Messenger". The company of the product is located in the united states and encrypts messaging context with... + continue reading

Mobidea starts Exclusive Bug Bounty Program in the Vulnerability Lab

Friday, October 14, 2016
Posted by Editorial_Staff_Team
Top Stories
2 comment(s)
Reader's rate:
4.333335
Mobidea - New Platforms & Mobile Applications in Scope Today we would like to present the security community a fresh and new partner "Mobidea" of our advanced network. Mobidea is a mobile programmatic affiliate network for media buyers and webmasters. The team of the... + continue reading

Featured Cooperative Security Articles

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

Sunday, 28/05/17 - 0 comment(s)
Stack Buffer Overflow Vulnerability in Skype v7.2, v7.35 & v7.36 Security researchers of the vulnerability laboratory core research team uncovered a critical vulnerability in skype v7.2, v7.35 & v7.36 for microsoft windows. The vulnerability was discovered during a team conference in skype, when a crash occured during an interaction by... + continue reading

PayPal Inc announces 2 new Bug Bounty Program Domains

Tuesday, 16/05/17 - 0 comment(s)
PayPal Inc - New Scope & Program Guidelines It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and designing new stable updates. Today in the morning the paypal inc company announced several new updates regarding the guidelines and scopes. The... + continue reading

Jump back to navigation

BUG BOUNTY ISSUES

PayPal Inc announces 2 new Bug Bounty Program Domains

Tuesday, 16/05/17 - 0 comment(s)
PayPal Inc - New Scope & Program Guidelines It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and... + continue reading

Telekom Cloud & Web SSO vulnerable to Bypass & Persistent XSS Attacks

03/01/17 - 0 comment(s)

Apple iOS 10.2 Notify Function vulnerable to Attacks via iDevice on iTunes & Appstore

23/12/16 - 2 comment(s)

Barracuda Networks adapts Bug Bounty Program to Cloud Product Services

15/11/16 - 0 comment(s)

+ View all
Jump back to navigation

VULNERABILITIES & BUGS

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

Sunday, 28/05/17 - 0 comment(s)
Stack Buffer Overflow Vulnerability in Skype v7.2, v7.35 & v7.36 Security researchers of the vulnerability laboratory core research team uncovered a critical vulnerability in skype v7.2, v7.... + continue reading

Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability

10/11/16 - 0 comment(s)

Critical Vulnerabilities in Sparkassen Bank Server discovered by Researchers

06/09/16 - 1 comment(s)

Fortinet Patches Series of Remote Vulnerabilities in Appliance Products

08/08/16 - 2 comment(s)

+ View all
Jump back to navigation

BEST SECURITY VIDEOS

PayPal Inc patched medium severity Cross Site Request Forgery Issue

Tuesday, 25/08/15 - 0 comment(s)
PayPal Inc patched medium severity Cross Site Request Forgery Issue The independent and individual vulnerability laboratory researcher paresh parmar discovered during the participate in the... + continue reading

Shopify | Buy Button | Persistent Embed POST Inject Vulnerability

13/08/15 - 8 comment(s)
UBNT Bug Bounty #3 - Persistent Filename Vulnerability

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

11/08/15 - 0 comment(s)

Ebay Inc coordinated patch of 3 Magento Vulnerabilities (IVE, XSS & CSRF)

23/06/15 - 1 comment(s)

+ View all
Jump back to navigation

IT-SECURITY EVENTS

Manchester City - Football Club hosts first Hackathon in July 2016

Tuesday, 05/07/16 - 0 comment(s)
Manchester City - Football Club hosts first Hackathon in July 2016 The city of football club ManchesterCity had organized a new event #HackMCFC, which will provide participants with access to... + continue reading

Hack in the Box | Amsterdam 2015 | HITB

31/05/15 - 3 comment(s)

Egyptian Workshop - Bug Bounty & Security Research

28/04/15 - 0 comment(s)

CeBIT 2015 (d!conomy) - Heise offers Slots in Open Developer World

10/11/14 - 0 comment(s)

+ View all
Jump back to navigation

Sun
28
May
Editorial_Staff_Team's picture

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

Submitted by Editorial_Staff_Team on Sun, 05/28/2017 - 15:38

Stack Buffer Overflow Vulnerability in Skype v7.2, v7.35 & v7.36

Security researchers of the vulnerability laboratory core research team uncovered a critical vulnerability in skype v7.2, v7.35 & v7.36 for microsoft windows. The vulnerability was discovered during a team conference in skype, when a crash occured during an interaction by the usual suspect Benjamin Kunz Mejri. Benjamin is well known for discovering vulnerabilities in skype software. In the last years, his researches on the software mainly stucked and no new public vulnerabilities were uncovered until 2014. The new detected vulnerability has indeed a critical impact to local and remote skype users and is explained as followed.

Tue
16
May
Editorial_Staff_Team's picture

PayPal Inc announces 2 new Bug Bounty Program Domains

Submitted by Editorial_Staff_Team on Tue, 05/16/2017 - 13:37

PayPal Inc - New Scope & Program Guidelines

It was a bit silent around the independent paypal inc bug bounty program within the last year, because the developers were silently programming and designing new stable updates. Today in the morning the paypal inc company announced several new updates regarding the guidelines and scopes. The company decided, to expand the program conditions to followup with the program after years of successful public integration.

Tue
03
Jan
Editorial_Staff_Team's picture

Telekom Cloud & Web SSO vulnerable to Bypass & Persistent XSS Attacks

Submitted by Editorial_Staff_Team on Tue, 01/03/2017 - 22:09

Telekom Cloud - MyworkPlace Business Frontend & Backend Vulnerabilities

Researchers of the vulnerability laboratory core team discovered multiple persistent cross site scripting web vulnerabilities to the telekom cert team in mid december 2016. The security vulnerabilities was located in the new telekom cloud business service and myworkplace for paying customers.The "Deutsche Telekom" offers the "Open Telekom Cloud" a secure Infrastructure as-a-service offering based on "OpenStack". The hosting is located in highly secure data centers of the telekom in germany.

Pages

Subscribe to VULNERABILITY MAGAZINE - Bug Bounties, Acknoweldgements & Security Research RSS

Recent comments

cool case
Smaggaer
pwned and logged like a boss
Roni
BMW is one of the most iconic
Montex Luis
You have touched some best
MichelMassey
Wickr
Mr..
iPad Mini 5
Ben Hogan
very nice indeed & the attack
Hajo
ingham
locksmith rockingham
excellent hunt !
deba fares akrem
Thank you!
Karan Arora

Syndicate

Subscribe to Syndicate