Fedora 39 : nodejs18 (2024-8d548b8c96)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-8d548b8c96 advisory. 2024-04-10, Version 18.20.2 'Hydrogen' LTS, @RafaelGSS This is a security release. Notable Changes CVE-2024-27980 - Command injection via args parameter of...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions of Rust prior to 1.77.2 that stems from not properly escaping parameters of a batch file on Windows, which could allow an attacker to execute arbitrary shell commands ...

CVE-2023-43870

When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...

CVE-2023-43870

When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...

VulnCheck KEV: CVE-2019-17503

An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL...

OpenSupports Security Vulnerabilities

OpenSupports is a simple open source ticketing platform. A security vulnerability exists in OpenSupports version v4.11.0, which can be exploited to execute arbitrary code or create a reverse shell, due to a security restriction that can be bypassed by an attacker via annotations and uploading a...

MULTI#STORM Campaign Targets India and U.S. with Remote Access Trojans

A new phishing campaign codenamed MULTISTORM has set its sights on India and the U.S. by leveraging JavaScript files to deliver remote access trojans on compromised systems. "The attack chain ends with the victim machine infected with multiple unique RAT remote access trojan malware instances, su...

SUSE CVE-2005-0230

Firefox 1.0 does not prevent the user from dragging an executable file to the desktop when it has an image/gif content type but has a dangerous extension such as .bat or .exe, which allows remote attackers to bypass the intended restriction and execute arbitrary commands via malformed GIF files...

Italian Users Warned of Malware Attack Targeting Sensitive Information

A new malware campaign has been observed targeting Italy with phishing emails designed to deploy an information stealer on compromised Windows systems. "The info-stealer malware steals sensitive information like system info, crypto wallet and browser histories, cookies, and credentials of crypto...

BlueNoroff introduces new methods bypassing MoTW

BlueNoroff group is a financially motivated threat actor eager to profit from its cyberattack capabilities. We have published technical details of how this notorious group steals cryptocurrency before. We continue to track the groups activities and this October we observed the adoption of new...

Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware

The notorious Emotet botnet has been linked to a new wave of malspam campaigns that take advantage of password-protected archive files to drop CoinMiner and Quasar RAT on compromised systems. In an attack chain detected by Trustwave SpiderLabs researchers, an invoice-themed ZIP file lure was foun...

Trojan-Spy.Win32.Pophot.bsl MVID-2022-0635 Insecure Permissions

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/8c0e6ec6b8ac9eb1169e63df71f24456.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.Pophot.bsl Vulnerability: Insecure Permissions Description: The malware...

ZOHO ManageEngine Desktop Central MSP has an unspecified vulnerability

ZOHO ManageEngine Desktop Central MSP is a suite of desktop and mobile device management software for MSPs Managed Service Providers from ZOHO. A security vulnerability exists in versions prior to Zoho ManageEngine Desktop Central 10.0.662, which is caused by a program that launches an executable...

CVE-2021-46165

Zoho ManageEngine Desktop Central before 10.0.662, during startup, launches an executable file from the batch files, but this file's path might not be properly defined...

ZOHO ManageEngine Desktop Central MSP 安全漏洞

ZOHO ManageEngine Desktop Central MSP is a suite of desktop and mobile device management software for MSPs Managed Service Providers from ZOHO. A security vulnerability exists in versions prior to Zoho ManageEngine Desktop Central 10.0.662, which is caused by a program that launches an executable...

Mekotio Banking Trojan Resurges with Tweaked Code, Stealthy Campaign

The Mekotio Latin American banking trojan is bouncing back after several of the gang that operates it were arrested in Spain. More than 100 attacks in recent weeks have featured a new infection routine, indicating that the group continues to actively retool. “The new campaign started right after...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox in that if a user downloads a file without an extension on Windows, and then "opens" it in the download panel, the executable will be launched if the...

CVE-2020-14022

Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts "Import Contacts" functionality from a file. It is possible to upload an executable or .bat file that can be executed with the help of a functionality E.g. the "Application Starter" module...

Microsoft Outlook Users Targeted By Gamaredon's New VBA Macro

The Gamaredon threat group has given its post-compromise toolset a facelift with the addition of a new Visual Basic for Applications VBA macro. The VBA macro leverages compromised victims’ Microsoft Outlook email accounts to send spear-phishing emails to their contacts – rapidly widening the...

TAU Threat Analysis: Medusa Locker Ransomware

In recent weeks Carbon Black’s Threat Analysis Unit TAU has seen an increase in the number of infections attributed to the Medusa Locker ransomware family. There were notable traits exhibited by Medusa Locker in these attacks that warranted further investigation to determine behavioral tactics th...