Baby Golang-Based Botnet Already Pulling in $3K/Month for Operators

There’s a new, still-under-development, Golang-based botnet called Kraken with a level of brawn that belies its youth: It’s using the SmokeLoader malware loader to spread like wildfire and is already raking in a tidy USD $3,000/month for its operators, researchers report. Though its name may soun...

Rocky Linux 8 : firefox (RLSA-2021:4123)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4123 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or...

AlmaLinux 8 : firefox (ALSA-2021:4123)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4123 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigati...

AlmaLinux 8 : thunderbird (ALSA-2021:4130)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4130 advisory. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigati...

Mageia: Security Advisory (MGASA-2021-0505)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Pwndora - Massive IPv4 Scanner, Find And Analyze Internet-Connected Devices In Minutes, Create Your Own IoT Search Engine At Home

Pwndora is a massive and fast IPv4 address range scanner, integrated with multi-threading. Using sockets, it analyzes which ports are open, and collects more information about targets, each result is stored in Elasticsearch. You can integrate with Kibana to be able to visualize and manipulate dat...

CVE-2022-21878

Windows Geolocation Service Remote Code Execution Vulnerability...

CVE-2022-21878

Windows Geolocation Service Remote Code Execution Vulnerability...

CVE-2022-21878

Windows Geolocation Service Remote Code Execution Vulnerability...

Remote code execution

Windows Geolocation Service Remote Code Execution Vulnerability...

CVE-2022-21878

CVE-2022-21878 is a Windows Geolocation Service Remote Code Execution Vulnerability. Affected software: Windows Geolocation Service component; root cause and exact exploit path are not detailed in the provided documents. CVSS2 score is 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C); CVSS3.1 score is 7.8 (AV:L/...

CVE-2022-21878 Windows Geolocation Service Remote Code Execution Vulnerability

...

Windows Geolocation Service Remote Code Execution Vulnerability

...

PT-2022-1658 · Microsoft · Windows Geolocation Service +1

Name of the Vulnerable Software and Affected Versions: Windows Geolocation Service affected versions not specified Description: The issue is related to incorrect code generation management in the Windows Geolocation Service of Windows operating systems. It allows remote attackers to execute...

Microsoft Windows 代码注入漏洞

Microsoft Windows is a suite of operating systems for personal device use from Microsoft Corporation USA. A code injection vulnerability exists in Microsoft Windows Geolocation Service, which arises from a network system or product not properly filtering specific elements of externally entered da...

in livehelperchat/livehelperchat

Description When updating the geolocation detection configuration, we're given the option to specify a file location of a city database file, this can be used to determine if files exist or not. We are not able to see the contents of the file, but we are indeed able to determine if the file exist...

CVE-2021-38508

By displaying a form validity message in the correct location at the same time as a permission prompt such as for geolocation, the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability affects Firefox 94,...

DEBIAN-CVE-2021-38508

By displaying a form validity message in the correct location at the same time as a permission prompt such as for geolocation, the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability affects Firefox 94,...

Design/Logic Flaw

By displaying a form validity message in the correct location at the same time as a permission prompt such as for geolocation, the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability affects Firefox 94,...

CVE-2021-38508

By displaying a form validity message in the correct location at the same time as a permission prompt such as for geolocation, the validity message could have obscured the prompt, resulting in the user potentially being tricked into granting the permission. This vulnerability affects Firefox 94,...