MINI-2657-VGX9-4PX2

Bulletin has no description...

Microsoft Warns of 'Payroll Pirates' Hijacking HR SaaS Accounts to Steal Employee Salaries

A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of diverting salary payments to attacker-controlled accounts. "Storm-2657 is actively targeting a range of U.S.-based organizations, particularly employees in sectors like higher education, to gain...

Investigating targeted “payroll pirate” attacks affecting US universities

Microsoft Threat Intelligence has observed a financially motivated threat actor that we track as Storm-2657 compromising employee accounts to gain unauthorized access to employee profiles and divert salary payments to attacker-controlled accounts. These types of attacks have been dubbed “payroll...

CVE-2023-2657

A vulnerability classified as problematic was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument search leads to cross site scripting. The attack can be launched...

CVE-2022-2657

The Multivendor Marketplace Solution for WooCommerce WordPress plugin before 3.8.12 is lacking authorisation and CSRF in multiple AJAX actions, which could allow any authenticated users, such as subscriber to call them and suspend vendors reporter by the submitter or update arbitrary order status...

CVE-2019-2657

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2009-2657

nilfs-utils before 2.0.14 installs multiple programs with unnecessary setuid privileges, which allows local users to execute arbitrary commands via the device string in a -c command line option to mkfs.nilfs2...

CVE-2025-2657

creationtimestamp| type| source ---|---|--- 2025-03-23 22:19:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ll3bl5ud3b2l 2025-03-23 22:20:17+00:00| seen| https://t.me/cvedetector/20919...

CVE-2025-2657

CVE-2025-2657 affects Projectworlds Apartment Visitors Management System 1.0. The vulnerability is an SQL injection in the file /front.php, triggered by manipulating the rid parameter, with remote exploitation described as possible. Multiple sources (NVD, Red Hat, CVE lists, CNNVD) corroborate th...

CVE-2025-2657 projectworlds Apartment Visitors Management System front.php sql injection

A vulnerability classified as critical was found in projectworlds Apartment Visitors Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /front.php. The manipulation of the argument rid leads to sql injection. The attack can be launched remotely. The...

Linux Distros Unpatched Vulnerability : CVE-2012-2657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the SQLDriverConnect function in unixODBC 2.0.10, 2.3.1, and earlier allows local users to cause a denial of service crash via a long string ...

Amazon Linux 2 : pcp (ALAS-2024-2657)

The version of pcp installed on the remote host is prior to 4.3.2-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2657 advisory. A vulnerability was found in Performance Co-Pilot PCP. This flaw can only be exploited if an attacker has access to a compromised PCP...

RHEL 4 : unixodbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unixODBC: possible buffer overrun in SQLDriverConnect CVE-2011-1145 - Buffer overflow in the...

RHEL 6 : unixodbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c CVE-2018-7485 -...

RHEL 5 : unixodbc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c CVE-2018-7485 -...

RHEL 6 : oracle_jdk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Oracle JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 Security CVE-2018-2783 -...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Tivoli Netcool Configuration Manager (ITNCM)

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 6, 7, 8 and IBM® Runtime Environment Java™ Technology Edition, Versions 6, 7, 8 used by IBM Tivoli Netcool Configuration Manager. These issues were disclosed as part of the IBM Java SDK updates in January...

CVE-2023-2657

creationtimestamp| type| source ---|---|--- 2023-05-11 18:15:27+00:00| seen| https://t.me/cibsecurity/63893...

CVE-2023-2657

A vulnerability classified as problematic was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument search leads to cross site scripting. The attack can be launched...

CVE-2023-2657

The CVE-2023-2657 entry concerns SourceCodester Online Computer and Laptop Store 1.0. The vulnerability is a cross-site scripting flaw in the file products.php triggered by manipulating the search argument, allowing remote exploitation. Affected functionality is unknown but centered on the produc...