34 matches found
EUVD-2013-4991
Malware in sbrugna...
EUVD-2011-0184
Malware in sbrugna...
EUVD-2013-4992
Malware in sbrugna...
EUVD-2008-0739
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-4611
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service memory...
What We Learned from the 2023 Imperva Bad Bot Report
The 2023 Imperva Bad Bot Report is now available. The 10th edition of the annual report takes a deep dive into the latest bad bot statistics and trends from the past year, providing meaningful information and guidance about the nature and impact of bots. Understanding the risks of unmanaged bot...
SUSE CVE-2016-4733
WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, a different vulnerability than CVE-2016-4611, CVE-2016-4730, CVE-2016-4734, and CVE-2016-4735...
Bots Hide Behind User Privacy – Should You Be Concerned?
Bot operators are perpetually devising innovative techniques to sneak past security as they go about their dubious, often downright illegal business. Emulating human behavior and traffic patterns are key elements of their strategy. One of the many layers comprising this strategy is reporting thei...
JITSploitation I: A JIT Bug
By Samuel Groß, Project Zero This three-part series highlights the technical challenges involved in finding and exploiting JavaScript engine vulnerabilities in modern web browsers and evaluates current exploit mitigation technologies. The exploited vulnerability, CVE-2020-9802, was fixed in iOS...
UBUNTU-CVE-2017-7096
An issue was discovered in certain Apple products. iOS before 11 is affected. Safari before 11 is affected. iCloud before 7.0 on Windows is affected. iTunes before 12.7 on Windows is affected. tvOS before 11 is affected. The issue involves the "WebKit" component. It allows remote attackers to...
Apple iOS 10.3 Fixes Safari Flaw Used in JavaScript-based Ransomware Campaign
If you own an iPhone or iPad, it's possible you could see popup windows in a sort of endless cycle on your Safari browser, revealing your browser has been locked and asking you to pay a fee to unlock it. Just do not pay any ransom. A new ransomware campaign has been found exploiting a flaw in...
iOS 10.1.x Certificate File Memory Corruption
iOS 10.1.x Remote memory corruption through certificate file Credit: Maksymilian Arciemowicz from https://cxsecurity.com -------------------------------------------------------------------------------------- 0. Short description Special crafted certificate file may lead to memory corruption of...
iOS 10.1.x - Certificate File Memory Corruption
iOS 10.1.x - Certificate File Memory Corruption Source: https://cxsecurity.com/issue/WLB-2016110046 iOS 10.1.x Remote memory corruption through certificate file Credit: Maksymilian Arciemowicz from https://cxsecurity.com...
CVE-2016-4731
WebKit in Apple iOS before 10 and Safari before 10 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, a different vulnerability than CVE-2016-4729...
Apple-iPhone-Mobile-Safari-Memory-Exhaustion
Attackers can exploit this issue by enticing an unsuspecting user to view a maliciously crafted webpage. Successful attacks cause a kernel panic, crashing the device. Given the nature of this issue, remote code execution may also be possible, but this has not been confirmed. iPhone 1.1.2 and 1.1....
CoreGraphics CCITT Memory Corruption - CVE-2014-4481
Apple CoreGraphics framework fails to validate the input when parsing CCITT group 3 encoded data resulting in a heap overflow condition. A small heap memory allocation can be overflowed with controlled data from the input resulting in arbitrary code execution in the context of Mobile Safari. Usin...
UBUNTU-CVE-2014-1345
WebKit in Apple iOS before 7.1.2 and Apple Safari before 6.1.5 and 7.x before 7.0.5 does not properly encode domain names in URLs, which allows remote attackers to spoof the address bar via a crafted web site...
Code injection
Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site...
CVE-2013-5152
Mobile Safari in Apple iOS before 7 allows remote attackers to spoof the URL bar via a crafted web site...
Cross site scripting
Mobile Safari in Apple iOS before 7 does not prevent HTML interpretation of a document served with a text/plain content type, which allows remote attackers to conduct cross-site scripting XSS attacks by uploading a file...