Browsing Tag: vulnerabilities

OpenVPN Warns Customers of CSRF Bug in Access Server Desktop Client

OpenVPN is advising users of its Desktop Client to upgrade as soon as possible to avoid attacks against a CSRF vulnerability that can allow remote code execution. The vulnerability lies in a product that the company no longer supports and considers obsolete. An attacker could exploit the vulnerability if a user running a vulnerable version visits[...]

Read more...

Flaw Lets Attackers Bypass PayPal Two-Factor Authentication

There’s a vulnerability in the way that PayPal handles certain requests from mobile clients that can allow an attacker to bypass the two-factor authentication mechanism for the service and transfer money from a victim’s account to any recipient he chooses.

Read more...