Advertise

Author

Profile of Anthony Vecchione

News & Commentary Posts: 1

Anthony Vecchione is a veteran health/medical journalist with extensive experience writing and editing news and feature stories as well as breaking news for both print and online editions.

Articles by Anthony Vecchione

View Content By Month

Johns Hopkins Embraces Single-Sign On Technology

6/15/2012
Simple badge taps let medical personnel quickly and securely log on to any of the institution's hundreds of publicly accessed hospital workstations.
Post a Comment

Content by Month
June 2012 - 1
[close this box]

Hot Topics

Editors' Choice

More Than Half of Users Reuse Passwords

Curtis Franklin Jr., Senior Editor at Dark Reading, 5/24/2018

Is Threat Intelligence Garbage?

Chris McDaniels, Chief Information Security Officer of Mosaic451, 5/23/2018

Pet Tracker Flaws Expose Pets and Their Owners to Cybercrime

Dark Reading Staff 5/22/2018

Webinars

Learn About Cyber Attackers & How They Target Your Organization

Migrating Security Controls to the Cloud

Strategy Session: Coping with the IT Security Skill Shortage

Webinar Archives

White Papers

Privileged Access Managed Service

The Real Cost of Insider Threats: 2018 Ponemon Report Highlights

2018 Security Report

Phishing Response Trends: It's a Cluster

Left of Breach

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

The Changing Role of the CISO

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

[Strategic Security Report] Navigating the Threat Intelligence Maze

Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.

Download Now!

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

The State of Ransomware

0 comments

The Dark Reading Security Spending Survey

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-11505
PUBLISHED: 2018-05-26

The Werewolf Online application 0.8.8 for Android allows attackers to discover the Firebase token by reading logcat output.

CVE-2018-6409
PUBLISHED: 2018-05-26

An issue was discovered in Appnitro MachForm before 4.2.3. The module in charge of serving stored files gets the path from the database. Modifying the name of the file to serve on the corresponding ap_form table leads to a path traversal vulnerability via the download.php q parameter.

CVE-2018-6410
PUBLISHED: 2018-05-26

An issue was discovered in Appnitro MachForm before 4.2.3. There is a download.php SQL injection via the q parameter.

CVE-2018-6411
PUBLISHED: 2018-05-26

An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensions can be bypassed through ap_form_elements SQL Injection.

CVE-2018-11500
PUBLISHED: 2018-05-26

An issue was discovered in PublicCMS V4.0.20180210. There is a CSRF vulnerability in "admin/sysUser/save.do?callbackType=closeCurrent&navTabId=sysUser/list" that can add an admin account.

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]