Lucene search
+L

668 matches found

threatpost
threatpost
added 2020/07/06 3:21 p.m.21503 views

Purple Fox EK Adds Microsoft Exploits to Arsenal

The Purple Fox exploit kit EK has added two new exploits targeting critical- and high-severity Microsoft vulnerabilities to its bag of tricks – and researchers say they expect more attacks to be added in the future. The Purple Fox EK was previously analyzed in September, when researchers said tha...

7.6CVSS8.4AI score0.86863EPSS
Exploits83References23
cnvd
cnvd
added 2020/04/25 12:0 a.m.1 views

SQL Injection Vulnerability in Shanghai Silverfox Information Technology Co.

Shanghai Silver Fox Information Technology Co., Ltd. is a high-tech company dedicated to enterprise information technology services. Shanghai Silverfox Information Technology Co., Ltd. station building system SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive...

7.5AI score
Exploits0
openbugbounty
openbugbounty
added 2020/02/25 6:20 a.m.10 views

fox-exe.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1103313 Security Researcher kun-fly Helped patch 719 vulnerabilities Received 7 Coordinated Disclosure badges Received 43 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting fox-exe.ru website and its...

0.2AI score
Exploits0
threatpost
threatpost
added 2020/02/18 7:48 p.m.53 views

Iran-Backed APTs Collaborate on 3-Year 'Fox Kitten' Global Spy Campaign

Two Iran-backed APTs could be working together on a sprawling, three-year campaign to compromise high-value organizations from the IT, telecom, oil and gas, aviation, government and security sectors in Israel and around the world, according to a report by researchers at ClearSky. They maintain,...

0.1AI score
Exploits0References11
hackread
hackread
added 2020/02/17 4:48 p.m.37 views

Iranian APT group hacking VPN servers for “Fox Kitten Campaign”

By Waqas An Iranian APT group ran a hacking campaign to hack VPN servers and install backdoors or bugs to access networks of firms across the globe. This is a post from HackRead.com Read the original post: Iranian APT group hacking VPN servers for “Fox Kitten Campaign”...

2.8AI score
Exploits0
zdt
zdt
added 2019/12/18 12:0 a.m.680 views

Telerik UI - Remote Code Execution via Insecure Deserialization Exploit

Exploit for asp platform in category web applications Telerik UI - Remote Code Execution via Insecure Deserialization Exploit See the full write-up at Bishop Fox, CVE-2019-18935: https://know.bishopfox.com/research/cve-2019-18935-remote-code-execution-in-telerik-ui, for a complete walkthrough of...

0.3AI score0.99737EPSS
Exploits16
exploitdb
exploitdb
added 2019/12/18 12:0 a.m.877 views

Telerik UI - Remote Code Execution via Insecure Deserialization

See the full write-up at Bishop Fox, CVE-2019-18935: https://know.bishopfox.com/research/cve-2019-18935-remote-code-execution-in-telerik-ui, for a complete walkthrough of vulnerability and exploit details for this issue along with patching instructions. Install git clone...

9.8CVSS9.8AI score0.99737EPSS
Exploits16
cnvd
cnvd
added 2019/12/11 12:0 a.m.3 views

SQL Injection Vulnerability in Jinhua Flying Fox Network System

Jinhua Flying Fox Network Technology Co., Ltd. for a set of domain name registration, web hosting, enterprise post office, website construction, network promotion as one of the comprehensive technology enterprises. Jinhua Flying Fox Network website builder system has a SQL injection vulnerability...

7.8AI score
Exploits0
checkpoint_advisories
checkpoint_advisories
added 2019/11/07 12:0 a.m.2 views

Purple Fox Exploit Kit Landing Page

Purple Fox exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...

2.4AI score
Exploits0
wpvulndb
wpvulndb
added 2018/12/07 12:0 a.m.10 views

Orbit Fox by ThemeIsle <= 2.6.3 -Does not properly Authenticate REST API Calls

Orbit Fox by Themeisle aka Themeisle Companion version = 2.6.3 does not properly authenticate REST API calls allowing unauthenticated users to execute several API calls. In some cases one of these calls can be used to upload arbitrary files which can lead to remote code execution...

5.3AI score
Exploits0Affected Software1
threatpost
threatpost
added 2018/08/21 1:58 p.m.12 views

Video: Bishop Fox on Device Threats and Layered Security

Threatpost talked to Christie Terrill, partner at Bishop Fox, about the top trends and security issues that were discussed at Black Hat USA in Las Vegas this month...

0.3AI score
Exploits0
openbugbounty
openbugbounty
added 2018/06/13 6:9 p.m.10 views

fox-honda.com XSS vulnerability

Open Bug Bounty ID: OBB-631313 Description| Value ---|--- Affected Website:| fox-honda.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
tibco
tibco
added 2018/06/06 10:37 p.m.41 views

TIBCO Security Advisory: June 12, 2018 - TIBCO Runtime Agent -2018-5434

XML eXternal Entity Expansion Vulnerabilities with TIBCO Runtime Agent Original release date: June 12,2018 Last revised: -- CVE-2018-5434 Source: TIBCO Software Inc. XML eXternal Entity Expansion Vulnerabilities with TIBCO Runtime Agent Original release date: June 12, 2018 Last revised: -- Source...

6.8CVSS6.4AI score0.01233EPSS
Exploits0Affected Software1
openbugbounty
openbugbounty
added 2018/03/22 4:41 a.m.11 views

foxrivervalleyhomes.com XSS vulnerability

Open Bug Bounty ID: OBB-584932 Description| Value ---|--- Affected Website:| foxrivervalleyhomes.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
openbugbounty
openbugbounty
added 2018/02/01 4:52 p.m.8 views

foxegyptnews.com XSS vulnerability

Open Bug Bounty ID: OBB-551008 Description| Value ---|--- Affected Website:| foxegyptnews.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.2AI score
Exploits0
malwarebytes
malwarebytes
added 2017/12/18 6:45 p.m.33 views

A week in security (December 11 – December 17)

Last week we explained what fast flux is and how it's being abused, we showed you all kinds of Bitcoin-related scams, presented a video recording of a tech support scammer trying to sell free software, and pointed out some free software to keep an eye on your Internet traffic. We also informed yo...

6.8AI score
Exploits0
thn
thn
added 2017/10/10 10:6 p.m.115 views

Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack

As part of its "October Patch Tuesday," Microsoft has today released a large batch of security updates to patch a total of 62 vulnerabilities in its products, including a severe MS office zero-day flaw that has been exploited in the wild. Security updates also include patches for Microsoft Window...

9.3CVSS8.6AI score0.81454EPSS
Exploits4
threatpost
threatpost
added 2017/10/10 2:0 p.m.41 views

Microsoft Patches Critical Windows DNS Client Vulnerabilities

Three critical Windows DNS client vulnerabilities were patched today by Microsoft, closing off an avenue where an attacker could relatively simply respond to DNS queries with malicious code and gain arbitrary code execution on Windows clients or Windows Server installations. The flaws were...

9.3CVSS0.4AI score0.33338EPSS
Exploits1References1
openvas
openvas
added 2017/08/07 12:0 a.m.1222 views

Niagara Fox (Flexible Object eXchange) Service Detection

A Niagara Fox Flexible Object eXchange service is running at this host. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7AI score
Exploits0References1
cnvd
cnvd
added 2017/05/14 12:0 a.m.2 views

Beijing Cloud Fox Times Android App Has Arbitrary Password Reset Vulnerability

Beijing Cloud Fox Times Technology Co., Ltd. is a cutting-edge domestic special intelligent equipment research and development company, is the industry terminal and service solution experts. Beijing Cloud Fox Times Android App exists arbitrary password reset vulnerability, through the other party...

6.7AI score
Exploits0
Rows per page
Query Builder