January(56) February(146) March(137) April(491) May(161) June(162) July(242) August(171) September(238) October(161) November(135) December(70)
|
DATE |
NAME |
CATEGORY |
SUBCATEGORIES |
INFO |
|
28.4.23 |
CVE |
A post-authentication information exposure vulnerability in the CGI program of Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35 |
||
|
28.4.23 |
CVE |
A post-authentication command injection vulnerability in the “account_operator.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35 |
||
|
28.4.23 |
CVE |
A buffer overflow vulnerability in the library of the web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an unauthenticated attacker to execute some |
||
|
28.4.23 |
CVE |
The post-authentication command injection vulnerability in the CLI command of Zyxel ATP series firmware versions 4.32 through 5.35, |
||
|
28.4.23 |
CVE |
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, |
||
|
28.4.23 |
Stealer |
ViperSoftX: Hiding in System Logs and Spreading VenomSoftX |
||
|
28.4.23 |
RAT |
Targets of Interest - Russian Organizations Increasingly Under Attack By Chinese APTs |
||
|
28.4.23 |
Backdoor |
“PortDoor” is a Chinese Backdoor that targeted ministry and public organizations such as ministry agencies, and industrial plants in East Europe countries (Russia, Belarus and Ukraine) |
||
|
28.4.23 |
Crypto |
A typical infostealer, capable of obtaining credentials for browsers, crypto currency wallets, browser cookies, credit cards, and creates screenshots of the infected system. |
||
|
28.4.23 |
RAT |
Simple yet powerful RAT for Windows machines. This project is simple and easy to understand, It should give you a general knowledge about dotNET malwares and how it behaves. |
||
|
28.4.23 |
CWE-77 |
TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. |
||
|
28.4.23 |
Malware |
This PowerShell written malware is an in-memory dropper used by FIN7 to execute the included/embedded payload. |
||
|
28.4.23 |
CVE |
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. |
||
|
28.4.23 |
Linux |
Chinese Alloy Taurus Updates PingPull Malware |
||
|
28.4.23 |
Malware |
The name used by malware developers is BellaCiao, a reference to the Italian folk song about resistance fighting. |
||
|
27.4.23 |
CVE |
Session Validation attacks in Apache Superset versions up to and including 2.0.1. |
||
|
27.4.23 |
CVE |
VMware Aria Operations for Logs contains a deserialization vulnerability. |
||
|
27.4.23 |
CVE |
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation. |
||
|
27.4.23 |
CVE |
VMware Fusion contains a local privilege escalation vulnerability. |
||
|
27.4.23 |
CVE |
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. |
||
|
27.4.23 |
CVE |
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. |
||
|
27.4.23 |
Backdoor |
PowerLess is a PowerShell-based modular backdoor that has been used by Magic Hound since at least 2022. |
||
|
26.4.23 |
CVE |
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. |
||
|
26.4.23 |
OSX |
BlueNoroff APT group targets macOS with ‘RustBucket’ Malware |
||
|
26.4.23 |
RAT |
RAT |
||
|
26.4.23 |
Python |
Tomiris called, they want their Turla malware back |
||
|
26.4.23 |
RAT |
Information stealer which uses AutoIT for wrapping. |
||
|
26.4.23 |
Malware |
Github Repository: RATel |
||
|
26.4.23 |
Backdoor |
FireEye describes SUNBURST as a trojanized SolarWinds digitally-signed component of the Orion software framework that contains a backdoor that communicates via HTTP to third party servers. |
||
|
26.4.23 |
Backdoor |
Sunburst backdoor – code overlaps with Kazuar |
||
|
26.4.23 |
Malware |
Tomiris called, they want their Turla malware back |
||
|
26.4.23 |
Killer |
According to Sophos, the AuKill tool abuses an outdated version of the driver used by version 16.32 of the Microsoft utility, |
||
|
24.4.23 |
Stealer |
EvilExtractor (sometimes spelled Evil Extractor) is an attack tool designed to target Windows operating systems and extract data and files from endpoint devices. |
||
|
22.4.23 |
Quick post: Qakbot (Qbot) activity, distribution tags BB24 and obama254 |
This post documents the differences in distribution for BB-series Qakbot and for obama-series Qakbot |
||
|
22.4.23 |
CVE |
(CVSS score - 7.5) - MinIO Information Disclosure Vulnerability |
||
|
22.4.23 |
CVE |
(CVSS score - 9.8) - PaperCut MF/NG Improper Access Control Vulnerability |
||
|
22.4.23 |
CVE |
(CVSS score - TBD) - Google Chrome Skia Integer Overflow Vulnerability |
||
|
22.4.23 |
CVE |
VMware Aria Operations for Logs contains a command injection vulnerability. |
||
|
22.4.23 |
CVE |
Cisco Modeling Labs External Authentication Bypass Vulnerability |
||
|
22.4.23 |
CVE |
Cisco Industrial Network Director Vulnerabilities |
||
|
22.4.23 |
CVE |
Google patches another zero-day exploiting the Chrome browser |
||
|
21.4.23 |
ProjeQtOr Project Management System 10.3.2 - Remote Code Execution (RCE) |
|||
|
21.4.23 |
||||
|
21.4.23 |
FUXA V.1.1.13-1186 - Unauthenticated Remote Code Execution (RCE) |
|||
|
21.4.23 |
||||
|
21.4.23 |
||||
|
21.4.23 |
||||
|
21.4.23 |
||||
|
21.4.23 |
||||
|
21.4.23 |
Swagger UI 4.1.3 - User Interface (UI) Misrepresentation of Critical Information |
|||
|
21.4.23 |
||||
|
21.4.23 |
||||
|
21.4.23 |
||||
|
21.4.23 |
File Replication Pro 7.5.0 - Privilege Escalation/Password reset due Incorrect Access Control |
|||
|
21.4.23 |
Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution (RCE) |
|||
|
21.4.23 |
||||
|
21.4.23 |
Serendipity 2.4.0 - Remote Code Execution (RCE) (Authenticated) |
|||
|
20.4.23 |
Android |
Malware Analysis Report (AR19-252A) |
||
|
20.4.23 |
Win |
The Lazarus Constellation A study on North Korean malware |
||
|
20.4.23 |
CWE-502 |
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to |
||
|
20.4.23 |
Backdoor |
Tweet on some unknown threat actor dropping Mgbot, custom IIS modular backdoor and cobalstrike using exploiting ProxyShell |
||
|
20.4.23 |
RAT |
Unit 42 observed threat actor Tropical Scorpius using this RAT in operations where also Cuba ransomware was deployed. |
||
|
20.4.23 |
Stealer |
According to PCrisk, Rhadamanthys is a stealer-type malware, and as its name implies - it is designed to extract data from infected machines. |
||
|
20.4.23 |
CWE-119 |
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 |
||
|
20.4.23 |
Backdoor |
Drokbk Malware Uses GitHub as Dead Drop Resolver |
||
|
20.4.23 |
CWE-843 |
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
||
|
20.4.23 |
CVE |
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially |
||
|
20.4.23 |
Backdoor |
CharmPower is a PowerShell-based, modular backdoor that has been used by Magic Hound since at least 2022. |
||
|
20.4.23 |
CVE |
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. |
||
|
20.4.23 |
CVE |
vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. |
||
|
20.4.23 |
CVE |
There exists a vulnerability in source code transformer (exception sanitization logic) of vm2 for versions up to 3.9.15 |
||
|
20.4.23 |
Stealer |
First advertised as a Malware-as-a-Service (MaaS) on Russian-speaking underground forums in April 2022, Aurora Stealer is a Golang-based information stealer with downloading and remote access capabilities. |
||
|
19.4.23 |
Adware |
A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60 legitimate apps that collectively have over 100 million downloads. |
||
|
19.4.23 |
Spyware |
A First Look at Spyware Vendor QuaDream’s Exploits, Victims, and Customers |
||
|
19.4.23 |
Backdoor |
Ex-Conti and FIN7 Actors Collaborate with New Domino Backdoor |
||
|
17.4.23 |
Loader |
This loader abuses the benign service Notion for data exchange. |
||
|
17.4.23 |
Military Malware |
NOBELIUM Uses Poland's Ambassador’s Visit to the U.S. to Target EU Governments Assisting Ukraine |
||
|
16.4.23 |
Zip files are password-protected. If you don't know the password, see the "about" page of this website. |
|||
|
16.4.23 |
Zip files are password-protected. If you don't know the password, see the "about" page of this website. |
|||
|
16.4.23 |
Zip files are password-protected. If you don't know the password, see the "about" page of this website. |
|||
|
16.4.23 |
Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP |
|||
|
16.4.23 |
Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure |
|||
|
16.4.23 |
Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation |
|||
|
16.4.23 |
Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset |
|||
|
16.4.23 |
Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit |
|||
|
16.4.23 |
Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation |
|||
|
16.4.23 |
Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password |
|||
|
16.4.23 |
Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery |
|||
|
16.4.23 |
Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking |
|||
|
16.4.23 |
InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal |
|||
|
16.4.23 |
Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash (macOS) |
|||
|
16.4.23 |
||||
|
14.4.23 |
CVE |
(CVSS score: TBD) - Novi Survey Insecure Deserialization Vulnerability |
||
|
14.4.23 |
CVE |
(CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability |
||
|
14.4.23 |
RAT |
Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials |
||
|
14.4.23 |
|
Lazarus DeathNote campaign |
||
|
14.4.23 |
RAT |
According to SentinelOne, this RAT can gather and transmit a defined set of system features, create/terminate/manipulate processes and files, and has self-updating and deletion capability. |
||
|
14.4.23 |
OSX |
|
||
|
12.4.23 |
CVE |
Secure Boot Security Feature Bypass Vulnerability. |
||
|
12.4.23 |
CVE |
The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 |
||
|
12.4.23 |
CVE |
Microsoft Message Queuing Denial of Service Vulnerability |
||
|
12.4.23 |
CVE |
Microsoft Message Queuing Denial of Service Vulnerability |
||
|
12.4.23 |
CVE |
Microsoft Message Queuing Remote Code Execution Vulnerability |
||
|
12.4.23 |
CVE |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
||
|
12.4.23 |
CVE |
Windows Common Log File System Driver Elevation of Privilege Vulnerability |
||
|
12.4.23 |
MacOS |
Contains a monitor agent and the primary malware agent, both of which are Mach-O files written in Objective-C and Go, respectively. |
||
|
12.4.23 |
CVE |
3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. |
||
|
12.4.23 |
Stealer |
Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack |
||
|
12.4.23 |
Stealer |
Follow-up payload in 3CX supply chain incident, which according to Volexity is an infostealer collecting information about the system and browser using an embedded copy of the SQLite3 library. |
||
|
11.4.23 |
Microsoft Edge (Chromium-based) Webview2 1.0.1661.34 - Spoofing |
|||
|
11.4.23 |
Online Computer and Laptop Store 1.0 - Remote Code Execution (RCE) |
|||
|
11.4.23 |
||||
|
11.4.23 |
||||
|
11.4.23 |
||||
|
11.4.23 |
||||
|
11.4.23 |
Banking RAT |
Xenomorph is a Android Banking RAT developed by the Hadoken.Security actor. |
||
|
11.4.23 |
Android |
BEWARE: SOVA ANDROID BANKING TROJAN EMERGES MORE POWERFUL WITH NEW CAPABILITIES |
||
|
11.4.23 |
Stealer |
Analyzing Impala Stealer – Payload of the first NuGet attack campaign |
||
|
11.4.23 |
CVE |
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver |
||
|
11.4.23 |
CVE |
An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'. |
||
|
11.4.23 |
CVE |
(CVSS score: 8.8) - Veritas Backup Exec Agent Command Execution Vulnerability |
||
|
11.4.23 |
CVE |
(CVSS score: 8.2) - Veritas Backup Exec Agent Improper Authentication Vulnerability |
||
|
11.4.23 |
CVE |
(CVSS score: 8.1) - Veritas Backup Exec Agent File Access Vulnerability |
||
|
9.4.23 |
dotclear 2.25.3 - Remote Code Execution (RCE) (Authenticated) |
|||
|
9.4.23 |
||||
|
9.4.23 |
ESET Service 16.0.26.0 - 'Service ekrn' Unquoted Service Path |
|||
|
9.4.23 |
Pentaho BA Server EE 9.3.0.0-428 - Remote Code Execution (RCE) (Unauthenticated) |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting (XSS) |
|||
|
9.4.23 |
X2CRM v6.6/6.9 - Reflected Cross-Site Scripting (XSS) (Authenticated) |
|||
|
9.4.23 |
X2CRM v6.6/6.9 - Stored Cross-Site Scripting (XSS) (Authenticated) |
|||
|
9.4.23 |
||||
|
9.4.23 |
Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting (XSS) |
|||
|
9.4.23 |
Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting (XSS) |
|||
|
9.4.23 |
Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation |
|||
|
9.4.23 |
||||
|
9.4.23 |
Goanywhere Encryption helper 7.1.1 - Remote Code Execution (RCE) |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
RSA NetWitness Platform 12.2 - Incorrect Access Control / Code Execution |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Google Chrome 109.0.5414.74 - Code Execution via missing lib file (Ubuntu) |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution (RCE) |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Altenergy Power Control Software C1.2.5 - OS command injection |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Franklin Fueling Systems TS-550 - Exploit and Default Password |
|||
|
9.4.23 |
Schneider Electric v1.0 - Directory traversal & Broken Authentication |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Docker based datastores for IBM Instana 241-2 243-0 - No Authentication |
|||
|
9.4.23 |
||||
|
9.4.23 |
ESET Service 16.0.26.0 - 'Service ekrn' Unquoted Service Path |
|||
|
9.4.23 |
Pentaho BA Server EE 9.3.0.0-428 - Remote Code Execution (RCE) (Unauthenticated) |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
ZCBS/ZBBS/ZPBS v4.14k - Reflected Cross-Site Scripting (XSS) |
|||
|
9.4.23 |
X2CRM v6.6/6.9 - Reflected Cross-Site Scripting (XSS) (Authenticated) |
|||
|
9.4.23 |
X2CRM v6.6/6.9 - Stored Cross-Site Scripting (XSS) (Authenticated) |
|||
|
9.4.23 |
||||
|
9.4.23 |
Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting (XSS) |
|||
|
9.4.23 |
Symantec Messaging Gateway 10.7.4 - Stored Cross-Site Scripting (XSS) |
|||
|
9.4.23 |
Stonesoft VPN Client 6.2.0 / 6.8.0 - Local Privilege Escalation |
|||
|
9.4.23 |
||||
|
9.4.23 |
Goanywhere Encryption helper 7.1.1 - Remote Code Execution (RCE) |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
RSA NetWitness Platform 12.2 - Incorrect Access Control / Code Execution |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Google Chrome 109.0.5414.74 - Code Execution via missing lib file (Ubuntu) |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Microsoft Excel 365 MSO (Version 2302 Build 16.0.16130.20186) 64-bit - Remote Code Execution (RCE) |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Altenergy Power Control Software C1.2.5 - OS command injection |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Franklin Fueling Systems TS-550 - Exploit and Default Password |
|||
|
9.4.23 |
Schneider Electric v1.0 - Directory traversal & Broken Authentication |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing |
|||
|
9.4.23 |
||||
|
9.4.23 |
||||
|
9.4.23 |
Docker based datastores for IBM Instana 241-2 243-0 - No Authentication |
|||
|
9.4.23 |
CVE |
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. |
||
|
9.4.23 |
CVE |
An out-of-bounds write issue in IOSurfaceAccelerator that could enable an app to execute arbitrary code with kernel privileges. |
||
|
9.4.23 |
CVE |
A use after free issue in WebKit that could lead to arbitrary code execution when processing specially crafted web content. |
||
|
9.4.23 |
Stealer |
Recently Cyble Research and Intelligence Labs (CRIL) discovered a phishing site mimicking a Cryptocurrency mining platform that was spreading Creal Stealer. |
||
|
8.4.23 |
Stealer |
No Honor Among Thieves - Prynt Stealer’s Backdoor Exposed |
||
|
8.4.23 |
Stealer |
Typhon Reborn V2: Updated stealer features enhanced anti-analysis and evasion capabilities |
||
|
8.4.23 |
RAT |
Malicious Macros Adapt to Use Microsoft Publisher to Push Ekipa RAT |
||
|
8.4.23 |
Mobil |
Lookout researchers have discovered a new mobile surveillanceware family, FrozenCell. |
||
|
8.4.23 |
RAT |
ViperRAT is an active, advanced persistent threat (APT) that sophisticated threat actors are actively using to target and spy on the Israeli Defense Force. |
||
|
8.4.23 |
Backdoor |
Operation Bearded Barbie: APT-C-23 Campaign Targeting Israeli Officials |
||
|
8.4.23 |
Stealer |
This malware written in Delphi is an information stealing malware family dubbed "MICROPSIA". It has s wide range of data theft functionality built in. |
||
|
7.4.23 |
CryptoMining |
Hackers may hijack AWS infrastructure for a number of reasons. However, the most common motives are to facilitate illicit cryptomining or spamming. |
||
|
7.4.23 |
MacOS |
Being yet another infostealing malware surfacing in the cybercriminal arena within the latest month, MacStealer gains popularity on the underground forums due to its relatively low price and broad malicious capabilities. |
||
|
7.4.23 |
Linux |
The Next Gen PlugX/ShadowPad? A Dive into the Emerging China-Nexus Modular Trojan, Pangolin8RAT (slides) |
||
|
7.4.23 |
CVE |
3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. T |
||
|
7.4.23 |
CVE |
Service Fabric Explorer Spoofing Vulnerability |
||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
WIMAX SWC-5100W Firmware V(1.11.0.1 :1.9.9.4) - Authenticated RCE |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
Mitel MiCollab AWV 8.1.2.4 and 9.1.3 - Directory Traversal and LFI |
|||
|
6.4.23 |
Agilebio Lab Collector Electronic Lab Notebook v4.234 - Remote Code Execution (RCE) |
|||
|
6.4.23 |
Osprey Pump Controller 1.0.1 - (eventFileSelected) Command Injection |
|||
|
6.4.23 |
Osprey Pump Controller 1.0.1 - Unauthenticated Remote Code Execution Exploit |
|||
|
6.4.23 |
||||
|
6.4.23 |
Osprey Pump Controller 1.0.1 - Authentication Bypass Credentials Modification |
|||
|
6.4.23 |
Osprey Pump Controller v1.0.1 - Unauthenticated Reflected XSS |
|||
|
6.4.23 |
Osprey Pump Controller 1.0.1 - (userName) Blind Command Injection |
|||
|
6.4.23 |
Osprey Pump Controller 1.0.1 - (pseudonym) Semi-blind Command Injection |
|||
|
6.4.23 |
Osprey Pump Controller 1.0.1 - Administrator Backdoor Access |
|||
|
6.4.23 |
Osprey Pump Controller 1.0.1 - Unauthenticated File Disclosure |
|||
|
6.4.23 |
Osprey Pump Controller 1.0.1 - Predictable Session Token / Session Hijack |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
ABUS Security Camera TVIP 20000-21150 - LFI, RCE and SSH Root Access |
|||
|
6.4.23 |
||||
|
6.4.23 |
Simple Food Ordering System v1.0 - Cross-Site Scripting (XSS) |
|||
|
6.4.23 |
||||
|
6.4.23 |
Music Gallery Site v1.0 - SQL Injection on page view_music_details.php |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
Employee Task Management System v1.0 - SQL Injection on edit-task.php |
|||
|
6.4.23 |
Employee Task Management System v1.0 - SQL Injection on (task-details.php?task_id=?) |
|||
|
6.4.23 |
Employee Task Management System v1.0 - Broken Authentication |
|||
|
6.4.23 |
Auto Dealer Management System v1.0 - SQL Injection on manage_user.php |
|||
|
6.4.23 |
Auto Dealer Management System v1.0 - SQL Injection in sell_vehicle.php |
|||
|
6.4.23 |
||||
|
6.4.23 |
Auto Dealer Management System 1.0 - Broken Access Control Exploit |
|||
|
6.4.23 |
Best pos Management System v1.0 - Remote Code Execution (RCE) on File Upload |
|||
|
6.4.23 |
||||
|
6.4.23 |
Kimai-1.30.10 - SameSite Cookie-Vulnerability session hijacking |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
LDAP Tool Box Self Service Password v1.5.2 - Account takeover |
|||
|
6.4.23 |
||||
|
6.4.23 |
Simple Task Managing System v1.0 - SQL Injection (Unauthenticated) |
|||
|
6.4.23 |
Art Gallery Management System Project in PHP v 1.0 - SQL injection |
|||
|
6.4.23 |
atrocore 1.5.25 User interaction - Unauthenticated File upload - RCE |
|||
|
6.4.23 |
||||
|
6.4.23 |
Arris Router Firmware 9.1.103 - Remote Code Execution (RCE) (Authenticated) |
|||
|
6.4.23 |
TitanFTP 2.0.1.2102 - Path traversal to Remote Code Execution (RCE) |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE) |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
SOUND4 LinkAndShare Transmitter 1.1.2 - Format String Stack Buffer Overflow |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
Control Web Panel 7 (CWP7) v0.9.8.1147 - Remote Code Execution (RCE) |
|||
|
6.4.23 |
||||
|
6.4.23 |
Dell EMC Networking PC5500 firmware versions 4.1.0.22 and Cisco Sx / SMB - Information Disclosure |
|||
|
6.4.23 |
PostgreSQL 9.6.1 - Remote Code Execution (RCE) (Authenticated) |
|||
|
6.4.23 |
||||
|
6.4.23 |
bgERP v22.31 (Orlovets) - Cookie Session vulnerability & Cross-Site Scripting (XSS) |
|||
|
6.4.23 |
||||
|
6.4.23 |
D-Link DIR-846 - Remote Command Execution (RCE) vulnerability |
|||
|
6.4.23 |
Bus Pass Management System 1.0 - Stored Cross-Site Scripting (XSS) |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
Paid Memberships Pro v2.9.8 (WordPress Plugin) - Unauthenticated SQL Injection |
|||
|
6.4.23 |
GLPI Cartography Plugin v6.0.0 - Unauthenticated Remote Code Execution (RCE) |
|||
|
6.4.23 |
GLPI v10.0.2 - SQL Injection (Authentication Depends on Configuration) |
|||
|
6.4.23 |
GLPI Activity v3.1.0 - Authenticated Local File Inclusion on Activity plugin |
|||
|
6.4.23 |
||||
|
6.4.23 |
GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion |
|||
|
6.4.23 |
GLPI 4.0.2 - Unauthenticated Local File Inclusion on Manageentities plugin |
|||
|
6.4.23 |
Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution (RCE) via ssl_cert Upload |
|||
|
6.4.23 |
Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE) |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE |
|||
|
6.4.23 |
Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow |
|||
|
6.4.23 |
||||
|
6.4.23 |
Active eCommerce CMS 6.5.0 - Stored Cross-Site Scripting (XSS) |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
Art Gallery Management System Project v1.0 - SQL Injection (sqli) authenticated |
|||
|
6.4.23 |
Art Gallery Management System Project v1.0 - SQL Injection (sqli) Unauthenticated |
|||
|
6.4.23 |
Art Gallery Management System Project v1.0 - Reflected Cross-Site Scripting (XSS) |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
Chromacam 4.0.3.0 - PsyFrameGrabberService Unquoted Service Path |
|||
|
6.4.23 |
Solaris 10 libXm - Buffer overflow Local privilege escalation |
|||
|
6.4.23 |
||||
|
6.4.23 |
HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path |
|||
|
6.4.23 |
||||
|
6.4.23 |
Metform Elementor Contact Form Builder v3.1.2 - Unauthenticated Stored Cross-Site Scripting (XSS) |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
pimCore v5.4.18-skeleton - Sensitive Cookie with Improper SameSite Attribute |
|||
|
6.4.23 |
Art Gallery Management System Project v1.0 - SQL Injection (sqli) Unauthenticated |
|||
|
6.4.23 |
Art Gallery Management System Project v1.0 - Reflected Cross-Site Scripting (XSS) |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
Chromacam 4.0.3.0 - PsyFrameGrabberService Unquoted Service Path |
|||
|
6.4.23 |
Solaris 10 libXm - Buffer overflow Local privilege escalation |
|||
|
6.4.23 |
||||
|
6.4.23 |
HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path |
|||
|
6.4.23 |
||||
|
6.4.23 |
Metform Elementor Contact Form Builder v3.1.2 - Unauthenticated Stored Cross-Site Scripting (XSS) |
|||
|
6.4.23 |
||||
|
6.4.23 |
||||
|
6.4.23 |
pimCore v5.4.18-skeleton - Sensitive Cookie with Improper SameSite Attribute |
|||
|
6.4.23 |
CVE |
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0 |
||
|
6.4.23 |
CVE |
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used |
||
|
6.4.23 |
RAT |
Pupy rat is an open source tool for cross-platform remote administration (Windows, Linux, OSX, Android are supported as “clients”) and subsequent exploitation (post-exploitation). |
||
|
6.4.23 |
Linux |
Mélofée: a new alien malware in the Panda's toolset targeting Linux hosts |
||
|
6.4.23 |
IoC update: Qakbot (Qbot) TCP port 65400 traffic changes IP address |
Today's pcap has been carved and sanitized, but it's still the same host infected with Qakbot from 2023-03-31. |
||
|
4.4.23 |
Amadey is a botnet that appeared around October 2018 and is being sold for about 500$ on Russian-speaking hacking forums. |
|||
|
4.4.23 |
Android |
Unveil the evolution of Kimsuky targeting Android devices with newly discovered mobile malware |
||
|
4.4.23 |
BabyShark is Microsoft Visual Basic (VB) script-based malware family first seen in November 2018. |
|||
|
3.4.23 |
CVE |
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2.1, iOS 16.3.1 and iPadOS 16.3.1, Safari 16.3. |
||
|
3.4.23 |
Stealer |
The Uptycs Threat Research Team has discovered a new infostealer. Spread by multiple bundlers and new on cybercrime forums, HookSpoofer has keylogging and clipper abilities. |
||
|
3.4.23 |
Cryptocurrency |
Parallax RAT (aka, ParallaxRAT) has been distributed through spam campaigns or phishing emails (with attachments) since December 2019. |
||
|
3.4.23 |
Stealer |
The Uptycs threat research team recently discovered a campaign involving the Titan Stealer malware, which is being marketed and sold by a threat actor (TA) through a Telegram channel for cybercrime purposes. |
||
|
3.4.23 |
MacOS |
Dubbed MacStealer, it's the latest example of a threat that uses Telegram as a command-and-control (C2) platform to exfiltrate data. |
||
|
3.4.23 |
CVE |
In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the code.Product: AndroidVersions: Android kernelAndroid ID: A-264261868References: N/A |
||
|
3.4.23 |
CVE |
|
||
|
3.4.23 |
RAT |
Action RAT is a remote access tool written in Delphi that has been used by SideCopy since at least December 2021 against Indian and Afghani government personnel. |
||
|
3.4.23 |
Loader |
This Delphi loader misuses Cloud storage services, such as Google Drive to download the Delphi stager component. |
||
|
2.4.23 |
||||
|
2.4.23 |
NetIQ/Microfocus Performance Endpoint v5.1 - remote root/SYSTEM exploit |
|||
|
2.4.23 |
Yahoo User Interface library (YUI2) TreeView v2.8.2 - Multiple Reflected Cross Site Scripting (XSS) |
|||
|
2.4.23 |
AimOne Video Converter V2.04 Build 103 - Buffer Overflow (DoS) |
|||
|
2.4.23 |
Nexxt Router Firmware 42.103.1.5095 - Remote Code Execution (RCE) (Authenticated) |
|||
|
2.4.23 |
Centos Web Panel 7 v0.9.8.1147 - Unauthenticated Remote Code Execution (RCE) |
|||
|
2.4.23 |
||||
|
2.4.23 |
TP-Link TL-WR902AC firmware 210730 (V3) - Remote Code Execution (RCE) (Authenticated) |
|||
|
2.4.23 |
Hughes Satellite Router HX200 v8.3.1.14 - Remote File Inclusion |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
Textpattern 4.8.8 - Remote Code Execution (RCE) (Authenticated) |
|||
|
2.4.23 |
||||
|
2.4.23 |
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Unauthenticated Factory Reset |
|||
|
2.4.23 |
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Remote Command Execution (RCE) |
|||
|
2.4.23 |
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit |
|||
|
2.4.23 |
||||
|
2.4.23 |
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Denial Of Service (DoS) |
|||
|
2.4.23 |
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authorization Bypass (IDOR) |
|||
|
2.4.23 |
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Cross-Site Request Forgery |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
Judging Management System v1.0 - Remote Code Execution (RCE) |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
Bludit 3-14-1 Plugin 'UploadPlugin' - Remote Code Execution (RCE) (Authenticated) |
|||
|
2.4.23 |
CoolerMaster MasterPlus 1.8.5 - 'MPService' Unquoted Service Path |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
Zillya Total Security 3.0.2367.0 - Local Privilege Escalation |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
CrowdStrike Falcon AGENT 6.44.15806 - Uninstall without Installation Token |
|||
|
2.4.23 |
Device Manager Express 7.8.20002.47752 - Remote Code Execution (RCE) |
|||
|
2.4.23 |
||||
|
2.4.23 |
Lavasoft web companion 4.1.0.409 - 'DCIservice' Unquoted Service Path |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
Revenue Collection System v1.0 - Remote Code Execution (RCE) |
|||
|
2.4.23 |
||||
|
2.4.23 |
Internet Download Manager v6.41 Build 3 - Remote Code Execution (RCE) |
|||
|
2.4.23 |
Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting (XSS) |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
Inbit Messenger v4.9.0 - Unauthenticated Remote Command Execution (RCE) |
|||
|
2.4.23 |
Inbit Messenger v4.9.0 - Unauthenticated Remote SEH Overflow |
|||
|
2.4.23 |
Human Resource Management System 1.0 - SQL Injection (unauthenticated) |
|||
|
2.4.23 |
Book Store Management System 1.0.0 - Stored Cross-Site Scripting (XSS) |
|||
|
2.4.23 |
WP All Import v3.6.7 - Remote Code Execution (RCE) (Authenticated) |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
X-Skipper-Proxy v0.13.237 - Server Side Request Forgery (SSRF) |
|||
|
2.4.23 |
||||
|
2.4.23 |
Label Studio 1.5.0 - Authenticated Server Side Request Forgery (SSRF) |
|||
|
2.4.23 |
||||
|
2.4.23 |
Tapo C310 RTSP server v1.3.0 - Unauthorised Video Stream Access |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
Online shopping system advanced 1.0 - Multiple Vulnerabilities |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
MiniDVBLinux 5.4 Simple VideoDiskRecorder Protocol SVDRP - Remote Code Execution (RCE) |
|||
|
2.4.23 |
FortiOS, FortiProxy, FortiSwitchManager v7.2.1 - Authentication Bypass |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
WPN-XM Serverstack for Windows 0.8.6 - Multiple Vulnerabilities |
|||
|
2.4.23 |
Webgrind 1.1 - Reflected Cross-Site Scripting (XSS) & Remote Command Execution (RCE) |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
Zoneminder < v1.37.24 - Log Injection & Stored XSS & CSRF Bypass |
|||
|
2.4.23 |
||||
|
2.4.23 |
Zentao Project Management System 17.0 - Authenticated Remote Code Execution (RCE) |
|||
|
2.4.23 |
||||
|
2.4.23 |
eXtplorer<= 2.1.14 - Authentication Bypass & Remote Code Execution (RCE) |
|||
|
2.4.23 |
Sysax Multi Server 6.95 - 'Password' Denial of Service (PoC) |
|||
|
2.4.23 |
||||
|
2.4.23 |
Mediconta 3.7.27 - 'servermedicontservice' Unquoted Service Path |
|||
|
2.4.23 |
||||
|
2.4.23 |
||||
|
2.4.23 |
Zip files are password-protected. If you don't know the password, see the "about" page of this website. |
|||