Lucene search
K

78 matches found

The Hacker News
The Hacker News
added 2024/03/21 12:48 p.m.75 views

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials

Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that's used to target Laravel applications and steal sensitive data. "It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio," Juniper Threat Labs...

9.8CVSS8AI score0.99999EPSS
Exploits178
Rapid7 Blog
Rapid7 Blog
added 2022/12/15 2:0 p.m.13 views

Spoiler Alert: Your Favorite Content Might Not Be Secure

Securing intellectual property in the age of consolidation Rapid7, of course, is not in the entertainment industry. However, we have worked with some clients out there in that golden land of dreams and enchantment—also known as Hollywood. Case in point: the company formerly known as Discovery, In...

6.8AI score
Exploits0
NVD
NVD
added 2022/08/25 2:15 a.m.18 views

CVE-2022-32427

PrinterLogic Windows Client through 25.0.0.676 allows attackers to execute directory traversal. Authenticated users with prior knowledge of the driver filename could exploit this to escalate privileges or distribute malicious content. This issue has been resolved in PrinterLogic Windows Client...

8.8CVSS0.01371EPSS
Exploits0References2
CVE
CVE
added 2022/08/25 1:26 a.m.64 views

CVE-2022-32427

The CVE-2022-32427 issue affects PrinterLogic Windows Client (versions up to 25.0.0.676). It enables directory traversal by authenticated users with prior knowledge of the driver filename, potentially allowing privilege escalation or distribution of malicious content. The root cause is a path tra...

8.8CVSS8.8AI score0.01371EPSS
Exploits0References2Affected Software1
Akamai Blog
Akamai Blog
added 2021/12/15 2:0 p.m.12 views

Livery Delivers a Seamless Low Latency Streaming Experience with Help from Akamai

Our new normal has ushered in the advent of hybrid events — a mix of in-person and virtual events. This has made seamless live streaming with active participation of the audience, both live and remote, more important than ever. Amsterdam-headquartered company Livery is an end-to-end SaaS solution...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2021/11/19 3:20 p.m.60 views

CVE-2021-41190

The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manifest or an index. ...

5CVSS6.1AI score0.02085EPSS
Exploits0References6
CVE
CVE
added 2021/11/17 7:20 p.m.267 views

CVE-2021-41190

CVE-2021-41190 affects Buildah (and related OCI tooling) with versions less than 1.41.4-2. Root cause: OCI Distribution Specification prior to 1.0.1 allowed ambiguity when documents contain both manifests and layers or config without a consistent Content-Type header; the mediaType in manifests/in...

5CVSS5.7AI score0.02085EPSS
Exploits0References11Affected Software2
Positive Technologies
Positive Technologies
added 2021/11/17 12:0 a.m.4 views

PT-2021-7848 · Unknown +7 · Oci Distribution Specification +7

Name of the Vulnerable Software and Affected Versions: OCI Distribution Specification versions 1.0.0 and prior Description: The issue concerns the OCI Distribution Specification, which defines an API protocol for content distribution. In versions 1.0.0 and prior, the Content-Type header alone was...

8.5CVSS6.8AI score0.27392EPSS
Exploits19References303
CNVD
CNVD
added 2021/11/13 12:0 a.m.18 views

Apache Traffic Control LDAP filter injection vulnerability

Apache Traffic Control is a distributed and scalable content distribution solution from the Apache Foundation. An LDAP injection vulnerability exists in Apache Traffic Control, which stems from the fact that a user can send a request with a crafted username to any API version of the POST/login...

9.8CVSS3.1AI score0.04431EPSS
Exploits0References1
CNVD
CNVD
added 2021/10/15 12:0 a.m.15 views

Apache Traffic Control input validation error vulnerability

Apache Traffic Control is a distributed and scalable content distribution solution from the Apache Foundation. Apache Traffic Control Traffic Ops is vulnerable to an input validation error, which is caused when an authenticated Apache Traffic Control Traffic Ops user with portal-level privileges...

4.3CVSS2.6AI score0.02734EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2019/10/23 8:22 a.m.107 views

New Cache Poisoning Attack Lets Attackers Target CDN Protected Sites

A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue could affect...

7.5CVSS8.5AI score0.03041EPSS
Exploits0
Akamai Blog
Akamai Blog
added 2019/10/11 8:0 p.m.228 views

Watermarking: A Content Owner's Mark to Prevent Piracy

Akamai Adds Edge Based Watermarking Support, Pre Integrated with leading 3rd Party Providers ... State of Online Piracy within Media and Entertainment Revenue losses and lost monetization opportunities by virtue of content theft and piracy continue to plague the media and entertainment industry...

0.5AI score
Exploits0
Akamai Blog
Akamai Blog
added 2018/10/04 2:21 p.m.33 views

Go Live! Addressable, Ad-Supported, Live Video At Scale

Live streaming poses a unique set of challenges and online audiences can only be monetized to the extent that they remain engaged. From an advertising perspective, the viewing experience between your live content and the ads needs to not only be seamless, but also highly targeted in order to...

1.2AI score
Exploits0
ThreatPost
ThreatPost
added 2018/08/17 1:46 p.m.16 views

ThreatList: Almost Half of the World’s Top Websites Deemed ‘Risky’

Nearly half of the world’s most popular websites are risky places to visit, according to a fresh analysis of top Alexa sites. Vulnerable code, the running of active content from risky background sites, and large amounts of code downloads marked a good chunk of the top 50 websites used in all of t...

0.5AI score
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

Osprey <= 1.0 GetRecord.php Remote File Include Vulnerability

No description provided by source. --------------------------------------------------------------------------- Osprey = 1.0 libdir Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team :...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2011/05/18 5:52 p.m.7 views

Hacking Demo On Facebook Photos Leads To Arrest and Privacy Questions

A public demonstration of a weakness in Facebook’s account security has attracted the attention of law enforcement in Australia and raised questions about the ability of social networks to protect user data. Security researcher Christian Heinrich conducted a brute force attack against the Faceboo...

2.1AI score
Exploits0References3
Drupal
Drupal
added 2010/02/17 12:0 a.m.10 views

SA-CONTRIB-2010-018 - Content Distribution - Multiple Vulnerabilities

Content Distribution module allows calling a method to delete particular nodes using a XML-RPC call. When this method is allowed to be called by anonymous users in user permissions, an attacker might delete a random node. In addition, certain actions require Content Distribution to temporarily...

6.9AI score
Exploits0References4
securityvulns
securityvulns
added 2005/12/22 12:0 a.m.24 views

WAXTRAPP XSS vuln.

WAXTRAPP XSS vuln. Vuln. discovered by : r0t Date: 22 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/waxtrapp-xss-vuln.html vendor:http://www.waxtrapp.com affected version:3.0.x already tested on 3.0.1 and previous versions. Product Description: WAXTRAPP is a development platform...

0.5AI score
Exploits0
Rows per page
Query Builder