Lucene search
K

129 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.3 views

SUSE CVE-2011-0989

The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, does not properly restrict data types, which allows remote attackers to modify internal read-only data structures, and cause a denial of service plugin crash or...

5.8CVSS6.8AI score0.02692EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.2 views

SUSE CVE-2011-0992

Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service plugin crash or obtain sensitive information via vectors related to member data in a resurrected MonoThread instance...

5.8CVSS6.9AI score0.02692EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.3 views

SUSE CVE-2011-0991

Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to finalizing and then resurrecting a DynamicMethod instance...

6.8CVSS7.7AI score0.02928EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2022/08/01 12:41 p.m.15 views

moonlight-tours.bpt.me Cross Site Scripting vulnerability OBB-2823086

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
FreeBSD
FreeBSD
added 2022/01/11 12:0 a.m.51 views

moonlight-embedded -- multiple vulnerabilities

The moonlight-embedded project reports: Moonlight Embedded v2.6.1 fixed CVE-2023-42799, CVE-2023-42800, and CVE-2023-42801...

8.8CVSS7.1AI score0.01657EPSS
Exploits3References3
CNVD
CNVD
added 2020/04/30 12:0 a.m.2 views

Moonlight Trust Management Issue Vulnerability

Moonlight is an open source implementation of the NVIDIA GameStream protocol for iOS and tvOS platforms, which is primarily used for streaming game video to supported devices. A security vulnerability exists in Moonlight versions prior to 4.0.1 iOS/tvOS. An attacker can exploit the vulnerability ...

8.2CVSS6.6AI score0.00802EPSS
Exploits0
NVD
NVD
added 2020/04/29 9:15 p.m.13 views

CVE-2020-11024

In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS...

8.2CVSS6.4AI score0.00802EPSS
Exploits0References3
OSV
OSV
added 2020/04/29 9:15 p.m.10 views

CVE-2020-11024

In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS...

8.2CVSS6.4AI score
Exploits0References3
Prion
Prion
added 2020/04/29 9:15 p.m.21 views

Code injection

In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS...

4.9CVSS7.7AI score0.00802EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2020/04/29 8:55 p.m.51 views

CVE-2020-11024

CVE-2020-11024 concerns Moonlight on iOS/tvOS prior to 4.0.1, where the pairing process is vulnerable to a man-in-the-middle attack. The issue is fixed in Moonlight v4.0.1 for iOS and tvOS. Connected documents consistently describe the affected product as Moonlight iOS/tvOS and identify the root ...

8.2CVSS6.7AI score0.00802EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/04/29 8:55 p.m.19 views

CVE-2020-11024 Man-in-the-middle attack in Moonlight iOS/tvOS

In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS...

6.1CVSS7.9AI score0.00802EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2018/09/08 9:29 a.m.14 views

moonlightmotelanaheim.com XSS vulnerability

Open Bug Bounty ID: OBB-674320 Description| Value ---|--- Affected Website:| moonlightmotelanaheim.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/06/28 1:52 p.m.26 views

Why VPNFilter is like a Moonlight Maze

On May 25, the FBI issued a public service announcement asking every Internet ready American to reboot their routers. The PSA specifically warned small and home office owners that they are particularly vulnerable to “foreign cyber actors” A.K.A. spies that are using malware called VPNFilter to...

0.3AI score
Exploits0
Securelist
Securelist
added 2017/12/05 10:0 a.m.30 views

Kaspersky Security Bulletin: Review of the Year 2017

Introduction The end of the year is a good time to take stock of the main cyberthreat incidents that took place over the preceding 12 months or so. To reflect on the impact these events had on organizations and individuals, and consider what they could mean for the overall evolution of the threat...

6.9AI score
Exploits0
Securelist
Securelist
added 2017/08/15 9:0 a.m.149 views

IT threat evolution Q2 2017

Targeted attacks and malware campaigns Back to the future: looking for a link between old and new APTs This year's Security Analyst Summit SAS included interesting research findings on several targeted attack campaigns. For example, researchers from Kaspersky Lab and King's College London present...

9.3CVSS7.2AI score0.50703EPSS
Exploits0
ThreatPost
ThreatPost
added 2017/04/03 6:53 p.m.13 views

Security Analyst Summit 2017 Day One Recap

SINT MAARTEN—Mike Mimoso and Chris Brook recap the first day of this year’s Security Analyst Summit, including Mark Dowd’s memory corruption bug keynote, Thomas Rid, Daniel Moore, Juan Andres Guerrero-Saade, and Costin Raiu’s Moonlight Maze talk, ATM hacking, and the Lazarus APT. Download:...

1.4AI score
Exploits0References4
ThreatPost
ThreatPost
added 2017/04/03 12:9 p.m.19 views

Russian-Speaking Turla Joins APT Elite

SINT MAARTEN—In the waning moments of his 2016 talk at the Security Analyst Summit, Thomas Rid had a drop-the-mic moment when he disclosed there were likely links between the infamous Moonlight Maze cyberespionage operation of the mid- and late-1990s and the modern-day Turla APT. Today during thi...

Exploits0References9
hackapp
hackapp
added 2017/03/10 5:9 p.m.10 views

PJ Masks: Moonlight Heroes - Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application PJ Masks: Moonlight Heroes published at the 'play' market has multiple vulnerabilities...

1AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.30 views

openSUSE Security Update : libmoon-devel (openSUSE-SU-2011:0313-1)

Moonlight was prone to several security problems : CVE-2011-0989: modification of read-only values via RuntimeHelpers.InitializeArray CVE-2011-0990: buffer overflow due to race condition in in Array.FastCopy CVE-2011-0991: use-after-free due to DynamicMethod resurrection CVE-2011-0992: informatio...

6.8CVSS8.5AI score0.02928EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.26 views

openSUSE Security Update : libmoon-devel (openSUSE-SU-2011:0313-1)

Moonlight was prone to several security problems : CVE-2011-0989: modification of read-only values via RuntimeHelpers.InitializeArray CVE-2011-0990: buffer overflow due to race condition in in Array.FastCopy CVE-2011-0991: use-after-free due to DynamicMethod resurrection CVE-2011-0992: informatio...

6.8CVSS8.5AI score0.02928EPSS
Exploits0References6
Rows per page
Query Builder