113 matches found
Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
Microsoft has confirmed that the active exploitation of PaperCut servers is linked to attacks that are designed to deliver Cl0p and LockBit ransomware families. The tech giant's threat intelligence team is attributing a subset of the intrusions to a financially motivated actor it tracks under the...
New TrueBot Malware Variant Leveraging Netwrix Auditor Bug and Raspberry Robin Worm
Cybersecurity researchers have reported an increase in TrueBot infections, primarily targeting Mexico, Brazil, Pakistan, and the U.S. Cisco Talos said the attackers behind the operation have moved from using malicious emails to alternative delivery methods such as the exploitation of a now-patche...
Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints
The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot aka Silence, and Clop ransomware. It is "part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection...
Raspberry Robin worm part of larger ecosystem facilitating pre-ransomware activity
Microsoft has discovered recent activity indicating that the Raspberry Robin worm is part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread. These infections lead to follow-on...
CVE-2022-0950
Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4...
CVE-2022-0950
CVE-2022-0950 affects the ShowDoc project (GitHub star7th/showdoc) and is caused by an unrestricted upload of files with dangerous types via the upload feature, permitting .html extensions and enabling stored cross-site scripting. Affected versions are prior to 2.10.4. Remediation per the connect...
SUSE: Security Advisory (SUSE-SU-2019:0950-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Memory corruption
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0949, CVE-2020-0950...
CVE-2020-0950
CVE-2020-0950 is described as a memory corruption vulnerability in Windows Media Foundation caused by improper handling of memory objects, part of the Media Foundation Memory Corruption family alongside CVE-2020-0948 and CVE-2020-0949. The connected CNVD entries similarly refer to a Media Foundat...
KB4550930: Windows 10 April 2020 Security Update
The remote Windows host is missing security update 4550930. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections. An attacker who successfully exploited this vulnerability could...
CVE-2019-0950
creationtimestamp| type| source ---|---|--- 2019-05-16 19:50:32+00:00| seen| https://t.me/cvemitreorg/4...
CVE-2019-0950
The connected Nessus findings identify CVE-2019-0950 as a Spoofing vulnerability in Microsoft SharePoint Server , arising from the product’s failure to properly sanitize a specially crafted web request. Affected software includes SharePoint Server 2019 (builds older than 16.0.10345.12101) and Sha...
KLA11484 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
Security Bulletin: XML External Entity (XXE) vulnerabilities in ClearQuest (CVE-2014-0950)
Summary IBM Rational ClearQuese is vulnerable to XML external entity attacks. These attacks could cause denial of service or be used to attack other servers accessible from a client or server. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts...
CVE-2014-0950
Multiple XML external entity XXE vulnerabilities in 1 CQWeb / CM Server, 2 ClearQuest Native client, 3 ClearQuest Eclipse client, and 4 ClearQuest Eclipse Designer components in IBM Rational ClearQuest 7.1.1 through 7.1.1.9, 7.1.2 through 7.1.2.13, 8.0.0 through 8.0.0.10, and 8.0.1 through 8.0.1....
CVE-2014-0950
Concrete details found: CVE-2014-0950 affects IBM Rational ClearQuest components (CQWeb/CM Server, ClearQuest Native client, ClearQuest Eclipse client, ClearQuest Eclipse Designer). The root cause is XML External Entity (XXE) processing allowing remote attackers to cause a denial of service or ac...
CVE-2018-0950
creationtimestamp| type| source ---|---|--- 2018-04-18 17:50:13+00:00| published-proof-of-concept| https://t.me/alexmakus/1970...
CVE-2018-0950
An information disclosure vulnerability exists when Office renders Rich Text Format RTF email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique fr...
Information disclosure
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-0950...
CVE-2018-1007
CVE-2018-1007 refers to an information disclosure in Microsoft Office where memory contents are improperly disclosed when Office renders RTF/OLЕ objects (affecting Office components such as Word/Office). The root cause, per connected advisories, is an error in how memory contents are disclosed, e...