Lucene search
K

80 matches found

Kaspersky
Kaspersky
added 2020/11/17 12:0 a.m.70 views

KLA12010 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, perform cross-site scripting attack, spoof user interface, execute arbitrary code, bypass security restrictions. Bel...

9.6CVSS10AI score0.5063EPSS
Exploits3References4
Kitploit
Kitploit
added 2020/08/02 9:30 p.m.92 views

DeimosC2 - A Golang Command And Control Framework For Post-Exploitation

DeimosC2 is a post-exploitation Command & Control C2 tool that leverages multiple communication methods in order to control machines that have been compromised. DeimosC2 server and agents works on, and has been tested on, Windows, Darwin, and Linux. It is entirely written in Golang with a front e...

7.6AI score
Exploits0References11
Kitploit
Kitploit
added 2020/06/09 9:30 p.m.182 views

BabyShark - Basic C2 Server

This is a basic C2 generic server written in Python and Flask. This code has based ideia to GTRS, which uses Google Translator as a proxy for sending commands to the infected host. The BabyShark project aims to centralize reverse connections with agents, creating a way to centralize several types...

7.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/05/14 3:53 p.m.70 views

Microsoft Adds DNS-Over-HTTPS Support for Windows 10 Insiders

Microsoft has announced the first testable version of DNS-Over-HTTPS DoH support, available for its Windows 10 operating system. Support for the DoH protocol, which Microsoft first announced in November, is available in the Windows 10 Insider Preview Build 19628. This is accessible for members of...

6.9AI score
Exploits0References16
Akamai Blog
Akamai Blog
added 2020/03/24 11:30 a.m.35 views

Simplifying the ISP Transition to DNS Encryption

New protocols to encrypt DNS traffic, DNS over HTTPS DoH and DNS over TLS DoT, have been a visible Internet topic for the past two years. Akamai participated in the definition of DoH/DoT standards and recently released support in the high-performance CacheServe resolver. Major features include:...

0.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2020/02/13 12:0 a.m.11 views

DNS over HTTPS

DNS over HTTPS DoH is a protocol for performing remote Domain Name System DNS resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks1 by using the HTTPS protocol to...

6.7AI score
Exploits0References7
Akamai Blog
Akamai Blog
added 2020/02/12 9:41 p.m.32 views

DNS Encryption at DNS OARC 32

The DNS DNS Operations, Analysis, and Research Center DNS OARC is an organization that, in their own words, works to "improve the security, stability, and understanding of the Internet's DNS infrastructure." They hold regular workshops where deployment experts, software developers, researchers, a...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2020/01/09 12:0 a.m.29 views

openSUSE: Security Advisory for MozillaFirefox, MozillaFirefox-branding-SLE (openSUSE-SU-2019:2451-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.9AI score0.06643EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.34 views

openSUSE Security Update : MozillaFirefox / MozillaFirefox-branding-SLE (openSUSE-2019-2459)

This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues : Changes in MozillaFirefox : Security issues fixed : - CVE-2019-15903: Fixed a heap overflow in the expat library bsc1149429. - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB...

8.8CVSS7.6AI score0.06643EPSS
Exploits3References17
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.38 views

openSUSE Security Update : MozillaFirefox / MozillaFirefox-branding-SLE (openSUSE-2019-2451)

This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues : Changes in MozillaFirefox : Security issues fixed : - CVE-2019-15903: Fixed a heap overflow in the expat library bsc1149429. - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB...

8.8CVSS7.6AI score0.06643EPSS
Exploits3References17
OpenVAS
OpenVAS
added 2019/11/10 12:0 a.m.34 views

openSUSE: Security Advisory for MozillaFirefox, MozillaFirefox-branding-SLE (openSUSE-SU-2019:2459-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.9AI score0.06643EPSS
Exploits3References2
OPENSUSE Linux
OPENSUSE Linux
added 2019/11/09 12:0 a.m.241 views

Security update for MozillaFirefox, MozillaFirefox-branding-SLE (important)

openSUSE Security Update: Security update for MozillaFirefox, MozillaFirefox-branding-SLE Announcement ID: openSUSE-SU-2019:2459-1 Rating: important References: 1104841 1129528 1137990 1149429 1151186 1153423 1153869 1154738 Cross-References: CVE-2019-11757 CVE-2019-11758 CVE-2019-11759...

8.8CVSS6.8AI score0.06643EPSS
Exploits3References8
OSV
OSV
added 2019/10/31 7:49 a.m.8 views

SUSE-SU-2019:2871-1 Security update for MozillaFirefox, MozillaFirefox-branding-SLE

This update for MozillaFirefox, MozillaFirefox-branding-SLE fixes the following issues: Changes in MozillaFirefox: Security issues fixed: - CVE-2019-15903: Fixed a heap overflow in the expat library bsc1149429. - CVE-2019-11757: Fixed a use-after-free when creating index updates in IndexedDB...

8.8CVSS8AI score0.06643EPSS
Exploits3References18
Hacker One
Hacker One
added 2019/09/14 8:45 p.m.11 views

curl: Resource leak when using a normal site as DOH server

Summary: If a DOH server is used, which is not really a DOH server but just a normal web server, the DNS request is sent but the reply will not be the expected DNS payload. In that case, curl correctly thinks DNS resolution failed, but it does not clean up allocated memory properly. Steps To...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2019/09/11 10:58 a.m.4 views

Google to Experiment 'DNS over HTTPS' (DoH) Feature in Chrome 78

Immediately after Mozilla announced its plan to soon enable 'DNS over HTTPS ' DoH by default for Firefox users in the United States, Google today says it is planning an experiment with the privacy-focused technology in its upcoming Chrome 78. Under development since 2017, 'DNS over HTTPS' perform...

6.4AI score
Exploits0
ThreatPost
ThreatPost
added 2019/09/09 7:2 p.m.51 views

PsiXBot Adds PornModule, Google DNS Service to Its Arsenal

The PsiXBot malware has made a few changes in recent weeks, including implementing Google’s DNS over HTTPS DoH and adding the blackmail-ready “PornModule” to its bag of tricks. PsiXBot is a multi-use Windows malware that has a range of capabilities, including keylogging, stealing passwords and...

1.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2019/06/26 10:33 p.m.121 views

Google Announces DNS over HTTPS 'General Availability'

Google announced general availability of its Public DNS-over-HTTPS service Wednesday, based on the Internet Engineering Task Force’s RFC 8484 standard. The move is a culmination of three years of Google fine-tuning DNS over HTTPS, otherwise known as DoH. “Today we are announcing general...

6.9AI score
Exploits0References10
CVE
CVE
added 2018/09/06 5:0 p.m.172 views

CVE-2018-1000665

CVE-2018-1000665 affects the Dojo Dojo Objective Harness (DOH) prior to version 1.14. The vulnerability is an XSS in unit.html and related tests (testsDOH/_base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/_base/i18nExhaustive.js) that can cause a victim’s browser to execute injected s...

6.1CVSS5.8AI score0.01286EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2018/09/06 5:0 p.m.27 views

CVE-2018-1000665

Dojo Dojo Objective Harness DOH version prior to version 1.14 contains a Cross Site Scripting XSS vulnerability in unit.html and testsDOH/base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/base/i18nExhaustive.js in the DOH that can result in Victim attacked through their browser - deliv...

6.1CVSS6.3AI score0.01286EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2017/09/19 5:0 p.m.7 views

playdoh.hasbro.com XSS vulnerability

Vulnerable URL: https://playdoh.hasbro.com/en-gb/video/Play-Doh-Animated-Short---Ant-Farm?playlistid=4702548390001=%3C/script%3E%22%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Ran...

6.3AI score
Exploits0
Rows per page
Query Builder