684 matches found
CVE-2023-20267
A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability b...
CVE-2023-20267
A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability b...
CVE-2023-20267
CVE-2023-20267 affects Snort 3’s IP geolocation rules where misparsing the configuration can let an unauthenticated, remote attacker spoof an IP to bypass location-based IP restrictions. The issue stems from how IP geolocation rules are parsed. A successful exploit could bypass restrictions witho...
Cisco Firepower Threat Defense Software Snort 3 Geolocation IP Filter Bypass Vulnerability
A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability b...
PT-2023-17424 · Snort · Snort
Name of the Vulnerable Software and Affected Versions: Snort 3 affected versions not specified Description: A vulnerability in the IP geolocation rules could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This issue exists because the configuration for IP...
Cisco Firepower Threat Defense Security Vulnerability
Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services. A security vulnerability exists in Cisco Firepower Threat Defense that stems from a flaw in the Snort 3 IP geolocation rules. The vulnerability could allow an...
GHSA-7XVC-V44J-46FH geokit-rails Command Injection vulnerability
Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialisation of YAML within the 'geolocation' cookie. This issue can be exploited remotely via a malicious cookie value. Note: An attacker can use this vulnerability to execute commands on the...
New "Whiffy Recon" Malware Triangulates Infected Device Location via Wi-Fi Every Minute
The SmokeLoader malware is being used to deliver a new Wi-Fi scanning malware strain called Whiffy Recon on compromised Windows machines. "The new malware strain has only one operation. Every 60 seconds it triangulates the infected systems' positions by scanning nearby Wi-Fi access points as a da...
Sensitive Data Exposure
answerdev/answer is vulnerable to Sensitive Data Exposure. The vulnerability is due to not sanitizing EXIF Exchangeable Image File Format image while uploading the image in profile or comment section.This can lead to attacker extract EXIF metadata containing Geolocation and many other image...
European Bank Customers Targeted in SpyNote Android Trojan Campaign
Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. "The spyware is distributed through email phishing or smishing campaigns and the fraudulent activities are executed with a...
Esri ArcGIS Server Cross-Site Scripting Vulnerability
Esri ArcGIS Server is Esri's Web-oriented enterprise software platform for providing geolocation services. A cross-site scripting vulnerability exists in Esri ArcGIS Server that stems from the application's lack of effective filtering and escaping of user-supplied data; no details of the...
The vulnerability of the Windows Geolocation service in the Windows operating system allows a perpetrator to execute arbitrary code.
The vulnerability of the Windows Geolocation service in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability allows a perpetrator to execute arbitrary code using a specially created file...
Add Unique Asset Context with Custom Attributes in CSAM
There is no such thing as “too much context” when it comes to asset management. Continuous discovery and comprehensive, normalized asset data create the foundation for streamlined risk detection and response. The more reliable asset data a security team has, the better it can operationalize an...
CVE-2023-36853
In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. The attacker could abuse this to load a DLL with SYSTEM privileges...
CVE-2023-36853
In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. The attacker could abuse this to load a DLL with SYSTEM privileges...
CVE-2023-34394
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition...
CVE-2023-34394
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition...
Design/Logic Flaw
?In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. The attacker could abuse this to load a DLL with SYSTEM privileges...
Input validation
In Keysight Geolocation Server v2.4.2 and prior, an attacker could upload a specially crafted malicious file or delete any file or directory with SYSTEM privileges due to an improper path validation, which could result in local privilege escalation or a denial-of-service condition...
CVE-2023-36853 Keysight Geolocation Server Exposed Dangerous Method or Function
In Keysight Geolocation Server v2.4.2 and prior, a low privileged attacker could create a local ZIP file containing a malicious script in any location. The attacker could abuse this to load a DLL with SYSTEM privileges...