SecTeer VulnDetect Support Forum

    VulnDetect

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Download VulnDetect Installer
    1. Home
    2. General Discussion
    Log in to post
    • Newest to Oldest
    • Oldest to Newest
    • Most Posts
    • Most Votes
    • Most Views
    • T

      [0-day][Officially fixed] Microsoft Windows MSDT URI Handler Vulnerability aka "Follina" / CVE-2022-30190
      • Tom

      3
      0
      Votes
      3
      Posts
      1140
      Views

      T

      Microsoft has issued official fixes for the 0-day CVE-2022-30190 / Follina:
      https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30190

      As expected, Microsoft has classified it as a Windows vulnerability.

      You can see affected systems here:
      https://corporate.vulndetect.com/#/applications/versions?channelTag=microsoft.windows.endrule&status=insecure&title=Microsoft Windows

      Note that it requires a recent inspection, hosts that haven't inspected since 14-06-2022 20:00 CET will not report the missing KB update.

    • A

      Is VulnDetect dead?
      • Armin

      16
      0
      Votes
      16
      Posts
      1545
      Views

      A

      I am surprised (and very disappointed) that the feature "Additional Status for Update Available" (https://vulndetect.org/topic/492/additional-status-for-update-available) is not yet implemented or has at least the status "Work in progress".
      Seems like the guys at VulnDetect are busy with other stuff that has not such a great benefit than that feature.
      This is very very sad!

    • OLLI_S

      Ofiicial Chocolatey Packages
      • OLLI_S

      1
      0
      Votes
      1
      Posts
      159
      Views

      No one has replied

    • OLLI_S

      Apps that support Auto-Update (via VulnDetect)
      • OLLI_S

      1
      0
      Votes
      1
      Posts
      1192
      Views

      No one has replied

    • OLLI_S

      What Version Number to display
      version-number app-detection list-of-apps • • OLLI_S

      7
      0
      Votes
      7
      Posts
      1923
      Views

      OLLI_S

      Today an update for ToDoList was released.
      The old version was 7.2.7.0 and VulnDetect displayed 7.2.7 (VulnDetect left away the last digit for the last versions of ToDoList).

      But today the version 7.2.8.1 was released and here you should show the last digit!
      In Help -> About I see also the following information: ToDoList 7.2.8.1 (Stable Version).

    • B

      Manual?
      • Belboz

      3
      0
      Votes
      3
      Posts
      1674
      Views

      OLLI_S

      VulnDetect is installed as service and is running silently in the background.
      If you go to https://personal.vulndetect.com/#/applications and click on Configuration then you can set up when the automatic scan should start.
      The scan results you see at https://personal.vulndetect.com/#/applications.

      I am programming a small tool that offers a graphical UI and allows to start an immediate scan.
      The tool is called Toolbox for VulnDetect and can be found here: https://1drv.ms/f/s!AsiLVok82IpQg_pe63xK8K01XuPIAw (in the folder "Toolbox Beta).
      But I am a normal user, not an official of SecTeer (the programmers of VulnDetect) so use the tool at your own risk!

    • OLLI_S

      Feedback for the User-Interface
      • OLLI_S

      2
      0
      Votes
      2
      Posts
      1172
      Views

      OLLI_S

      Right now KeePass showed me that a new version is available:

      0_1537198130694_KeePass_Update_Check.png

      This Update Check window is simple, but shows all important information:

      Component (the name of the application) Status Installed Version Available Version (see Show Available Version)

      This should be an inspiration of VulnDetect.

    • OLLI_S

      Merchandise
      • OLLI_S

      1
      0
      Votes
      1
      Posts
      988
      Views

      No one has replied

    • T

      Secunia PSI Forum
      • Tom

      3
      3
      Votes
      3
      Posts
      27739
      Views

      A

      Tom, that's just cold seeing as how they discontinued our beloved psi anyway. I'm really pleased to hear that someone cares enough to try and build something similar. I like many other's used psi for years to help me keep vulnerable programs safe. Please forgive any typo's my vision isn't all that good anymore, lol. I hope you guys have a nice day. 🙂

    • V

      Vulnerability and Patch Information
      • VulnDetect

      2
      1
      Votes
      2
      Posts
      2282
      Views

      OLLI_S

      @Tom I am not sure if this topic should be in Suggestions?
      If yes, then add it to the category "Application detection" in the suggestions summary.

    • V

      IPv6 added for vulndetect.com (testing)
      • VulnDetect

      6
      0
      Votes
      6
      Posts
      19528
      Views

      V

      While troubleshooting my private IPv6 connectivity, I decided to enable an IPv6 and IPv4 specific access to the forum, so you and everybody else can test it:

      https://ipv4.vulndetect.org/
      https://ipv6.vulndetect.org/

      https://vulndetect.org/ is naturally dual-stack and most of us need not worry, once you have IPv6, you will use it automatically (if your ISP set it up correctly).

      It appears that my ISP currently has a routing issue, but then I could use my cellphone (just needed to enable dual-stack support in the APN under Mobile network).

      We also expect to enable dual-stack access to the VulnDetect backend, at some point during the tech preview stage.

    • V

      GDPR / Privacy Policy & System upgrade & Status
      • VulnDetect

      4
      0
      Votes
      4
      Posts
      2277
      Views

      V

      Todays change to the database required a small addition to our Privacy Policy, stating the fact, that MongoDB Cloud Services are managing the backend. Your data is still at the same facility, in Europe.

    • C

      Things I would look for in a new vulnerability detection program
      • CTaylor

      6
      6
      Votes
      6
      Posts
      3377
      Views

      B

      As mentioned by others, my wish is another vote to concentrate on programs where the current version has a security vulnerability. There are many other update managers that list any program with a newer version where many times that newer version is a PAID upgrade), but I'm perfectly happy with the current version and don't see any need to update unless there's a security issue.

      And if my version has a security issue, I'd prefer being pointed to the next secure version rather than the newest version, in case that version doesn't require a paid update. (This may be more difficult to automate, so I'm not making it a major priority, just a nice to have.)

    • T

      Passwords, identities and data breaches
      • Tom

      3
      1
      Votes
      3
      Posts
      2108
      Views

      T

      Thank you for your feedback.

      I agree, the "solution" I suggest, may not suit everybody. I did test out Lastpass at some point, one or two years ago, I didn't really like it, despite all the plugins to support my browsers (or perhaps, that was the very reason I didn't get comfortably with it, I like to keep the password manager far away from my browser).

      But I guess more users would find Lastpass easier to deal with, compared to the KeePass solution.

      I just noticed that Troy Hunt posted about his new collaboration with 1password, which allows checking if your credentials has been breached. A similar thing can be achieved with a plugin for KeePass, but again, the KeePass approach is less user friendly.

      In either case, a password manager will be a great step-up, for most of us. Choosing the right one is a matter of taste and preferences, and trust.

      I agree, there could be some perspective to Webauthn, though I always get a rash, when we all start relying on the same technology. Nonetheless, I will test it, once one of my favorite sites / services, offer Webauthn authentication.

    • V

      Welcome to the "new" Secunia PSI, feel free to discuss and comment and suggest
      • VulnDetect

      1
      0
      Votes
      1
      Posts
      1662
      Views

      No one has replied

    Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

    Please see our Privacy and Data Processing Policy
    Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
    Forum software by NodeBB