Lucene search
K

50 matches found

OSV
OSV
added 2019/09/23 1:33 p.m.4 views

USN-4134-2 ibus regression

USN-4134-1 fixed a vulnerability in IBus. The security fix introduced a regression when being used with Qt applications. This update reverts the security fix pending further investigation. Original advisory details: Simon McVittie discovered that IBus did not enforce appropriate access controls o...

7.1CVSS6.8AI score0.00365EPSS
Exploits0References2
OSV
OSV
added 2019/09/16 12:8 p.m.3 views

USN-4134-1 ibus vulnerability

Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user...

7.1CVSS6.8AI score0.00365EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2019/08/27 1:0 p.m.90 views

Oil and Gas Firms Targeted By New LYCEUM Threat Group

Researchers have identified a never-before-seen threat group targeting Middle East critical infrastructure organizations with novel malware, sent via spearphishing emails. The threat group, LYCEUM, was observed in 2019 sending spear phishing emails harboring malicious Microsoft Excel attachments ...

0.2AI score
Exploits0References6
Lenovo
Lenovo
added 2018/03/14 10:0 p.m.564 views

Synaptics Keyboard Driver Unprotected Debug Mode - us

Synaptics Keyboard Driver Unprotected Debug Mode Lenovo Security Advisory: LEN-18507 Potential Impact: Loss of confidentiality local to system Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2017-17556 Summary Description: A researcher discovered a vulnerability in Synaptics...

3.6CVSS5.3AI score0.00623EPSS
Exploits0
The Hacker News
The Hacker News
added 2017/10/05 7:40 a.m.8 views

FormBook—Cheap Password Stealing Malware Used In Targeted Attacks

It seems sophisticated hackers have changed the way they conduct targeted cyber operations—instead of investing in zero-days and developing their malware; some hacking groups have now started using ready-made malware just like script kiddies. Possibly, this could be a smart move for state-sponsor...

7.3AI score
Exploits0
OSV
OSV
added 2016/07/13 3:59 p.m.7 views

UBUNTU-CVE-2016-3100

kinit in KDE Frameworks before 5.23.0 uses weak permissions 644 for /tmp/xauth-xxx-y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file...

8.4CVSS7.2AI score0.00399EPSS
Exploits0References6
OSV
OSV
added 2016/03/14 1:59 a.m.7 views

CVE-2016-2856

ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...

8.4CVSS8.1AI score0.01081EPSS
Exploits2References9
CVE
CVE
added 2016/03/14 1:0 a.m.93 views

CVE-2016-2856

CVE-2016-2856 affects glibc//pt_chown and related packages across Debian/Ubuntu releases. Root cause: pt_chown lacks a namespace check for file-descriptor passing, enabling a local attacker to capture keystrokes, spoof data, and potentially gain privileges via pts read/write. Affected: Debian jes...

8.4CVSS8.6AI score0.01081EPSS
Exploits2References9Affected Software1
OSV
OSV
added 2016/03/13 12:0 a.m.4 views

UBUNTU-CVE-2016-2856

ptchown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc package before 2.21-0ubuntu4.2 on Ubuntu 15.10 and before 2.23-0ubuntu1 on Ubuntu 16.04 LTS and 16.10...

8.4CVSS7.3AI score0.01081EPSS
Exploits2References6
OSV
OSV
added 2015/03/09 12:59 a.m.3 views

UBUNTU-CVE-2011-5319

content/renderer/devicesensors/devicemotioneventpump.cc in Google Chrome before 41.0.2272.76 does not properly restrict access to high-rate accelerometer data, which makes it easier for remote attackers to capture keystrokes via a crafted web site that listens for ondevicemotion events, a differe...

5CVSS5.7AI score0.00964EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2015/01/16 12:0 a.m.28 views

Adobe Flash Player Multiple Vulnerabilities-01 (Jan 2015) - Linux

Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer";...

10CVSS6.4AI score0.08742EPSS
Exploits0References11
OpenVAS
OpenVAS
added 2013/04/19 12:0 a.m.24 views

Ubuntu Update for xorg-server USN-1803-1

Check for the Version of xorg-server OpenVAS Vulnerability Test $Id: gbubuntuUSN18031.nasl 8448 2018-01-17 16:18:06Z teissa $ Ubuntu Update for xorg-server USN-1803-1 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

2.1CVSS6.3AI score0.00376EPSS
Exploits0References2
NVD
NVD
added 2011/12/21 4:2 a.m.17 views

CVE-2011-3663

Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page...

4.3CVSS6.2AI score0.02067EPSS
Exploits1References14
Cvelist
Cvelist
added 2011/12/21 2:0 a.m.28 views

CVE-2011-3663

Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page...

9.3AI score0.02067EPSS
Exploits1References14
CVE
CVE
added 2011/12/21 2:0 a.m.127 views

CVE-2011-3663

CVE-2011-3663 affects Mozilla Firefox 4.x–8.0, Thunderbird 5.0–8.0, and SeaMonkey before 2.6. It allows remote attackers to capture keystrokes entered on a web page via SVG animation accessKey events, even when JavaScript is disabled. The description in the provided documents states the affected ...

4.3CVSS9.1AI score0.02067EPSS
Exploits1References14Affected Software1
UbuntuCve
UbuntuCve
added 2011/12/20 12:0 a.m.33 views

CVE-2011-3663

Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page...

4.3CVSS7.2AI score0.02067EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2011/10/18 4:16 p.m.9 views

New Research Shows Possibility of Using an iPhone as a Keylogger

Researchers from MIT and Georgia Tech have developed a new technique that enables them to use the accelerometer in an iPhone or other smartphone to capture keystrokes from a nearby PC and decipher the typed words with about 80 percent accuracy. The tactic, while quite complicated, could be used t...

0.1AI score
Exploits0References1
Metasploit
Metasploit
added 2011/02/26 4:54 a.m.81 views

Windows Capture Keystroke Recorder

This module can be used to capture keystrokes. To capture keystrokes when the session is running as SYSTEM, the MIGRATE option must be enabled and the CAPTURETYPE option should be set to one of Explorer, Winlogon, or a specific PID. To capture the keystrokes of the interactive user, the Explorer...

10AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/06/30 12:0 a.m.254 views

Ubuntu 8.04 LTS / 10.04 LTS : firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities (USN-930-1)

If was discovered that Firefox could be made to access freed memory. If a user were tricked into viewing a malicious site, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 8.0...

10CVSS8.9AI score0.11418EPSS
Exploits8References12
OpenVAS
OpenVAS
added 2010/03/30 12:0 a.m.28 views

Mozilla Products Multiple Vulnerabilities Mar-10 (Windows)

The host is installed with Mozilla Firefox/Seamonkey/Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodmozillaprdtsmultvulnmar10win.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products Multiple Vulnerabilities Mar-10 Windows Authors: Antu Sanadi...

9.3CVSS0.4AI score0.10514EPSS
Exploits5References5
Rows per page
Query Builder