117 matches found
EUVD-2019-11156
Malware in sbrugna...
CVE-2019-9978
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swpdebug=loadoptions swpurl parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro...
CVE-2019-20613
An issue was discovered on Samsung mobile devices with N7.x and O8.x software. There is time-based SQL injection in Contacts. The Samsung ID is SVE-2018-13452 March 2019...
CVE-2019-20616
An issue was discovered on Samsung mobile devices with N7.x and O8.x software. Gallery leaks a thumbnail of Private Mode content. The Samsung ID is SVE-2018-13563 March 2019...
CVE-2019-20614
An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. Allshare allows attackers to access sensitive information. The Samsung ID is SVE-2018-13453 March 2019...
CVE-2019-20619
An issue was discovered on Samsung mobile devices with P9.0 software. Secure Startup leaks keyboard suggested words. The Samsung ID is SVE-2019-13773 March 2019...
CVE-2019-20620
An issue was discovered on Samsung mobile devices with P9.0 software. The Settings application allows unauthenticated changes. The Samsung IDs are SVE-2019-13814, SVE-2019-13815 March 2019...
CVE-2019-20619
An issue was discovered on Samsung mobile devices with P9.0 software. Secure Startup leaks keyboard suggested words. The Samsung ID is SVE-2019-13773 March 2019...
CVE-2019-20618
An issue was discovered on Samsung mobile devices with P9.0 software. The Pin Window feature allows unauthenticated unpinning of an app. The Samsung ID is SVE-2018-13765 March 2019...
CVE-2019-20613
An issue was discovered on Samsung mobile devices with N7.x and O8.x software. There is time-based SQL injection in Contacts. The Samsung ID is SVE-2018-13452 March 2019...
Code injection
An issue was discovered on Samsung mobile devices with P9.0 software. The Settings application allows unauthenticated changes. The Samsung IDs are SVE-2019-13814, SVE-2019-13815 March 2019...
RSEvents! Pro (March 2019),Other
RSEvents! Pro March 2019,Other new version number 2.2.1 UpdateNotice URL https://www.rsjoomla.com/blog/view/468-csv-vulnerability-explained.html...
Wordpress Social Warfare Remote Code Execution
Title: RCE in Social Warfare Plugin Wordpress =3D3.5.2 Date: March, 2019 Researcher: Luka Sikic Exploit Author: hash3liZer Download Link: https://wordpress.org/plugins/social-warfare/ Reference:...
Popular Video Editing Software Website Hacked to Spread Banking Trojan
If you have downloaded the VSDC multimedia editing software between late February to late March this year, there are high chances that your computer has been infected with a banking trojan and an information stealer. The official website of the VSDC software — one of the most popular, free video...
Cisco IOS and IOS XE Software Short Message Service Denial of Service Vulnerability
A vulnerability in the implementation of the Short Message Service SMS handling functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition on an affected device. The vulnerability is due to improper...
Cisco IOS XE Software Catalyst 4500 Cisco Discovery Protocol Denial of Service Vulnerability
A vulnerability in the Easy Virtual Switching System VSS of Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an unauthenticated, adjacent attacker to cause the switches to reload. The vulnerability is due to incomplete error handling when processing Cisco Discovery Protocol CDP...
CVE-2019-9978
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swpdebug=loadoptions swpurl parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro...
RHEL 7 : .NET Core on Red Hat Enterprise Linux security update for March 2019 (Important) (RHSA-2019:0544)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0544 advisory. .NET Core is a managed-software framework. It implements the .NET standard APIs and several additional APIs, and it includes a CLR implementation. Ne...
CVE-2019-9692
creationtimestamp| type| source ---|---|--- 2019-03-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46546 2019-03-27 20:29:27+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/cmsmsshowtime2rce.rb 2019-03-28 00:00:00+00:00|...
Code injection
Data Leakage Attacks vulnerability in the web interface in McAfee Database Security prior to the 4.6.6 March 2019 update allows local users to expose passwords via incorrectly auto completing password fields in the admin browser login screen...