129 matches found
SUSE CVE-2011-0989
The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, does not properly restrict data types, which allows remote attackers to modify internal read-only data structures, and cause a denial of service plugin crash or...
SUSE CVE-2011-0992
Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service plugin crash or obtain sensitive information via vectors related to member data in a resurrected MonoThread instance...
SUSE CVE-2011-0991
Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to finalizing and then resurrecting a DynamicMethod instance...
moonlight-tours.bpt.me Cross Site Scripting vulnerability OBB-2823086
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
moonlight-embedded -- multiple vulnerabilities
The moonlight-embedded project reports: Moonlight Embedded v2.6.1 fixed CVE-2023-42799, CVE-2023-42800, and CVE-2023-42801...
Moonlight Trust Management Issue Vulnerability
Moonlight is an open source implementation of the NVIDIA GameStream protocol for iOS and tvOS platforms, which is primarily used for streaming game video to supported devices. A security vulnerability exists in Moonlight versions prior to 4.0.1 iOS/tvOS. An attacker can exploit the vulnerability ...
CVE-2020-11024
In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS...
CVE-2020-11024
In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS...
Code injection
In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS...
CVE-2020-11024
CVE-2020-11024 concerns Moonlight on iOS/tvOS prior to 4.0.1, where the pairing process is vulnerable to a man-in-the-middle attack. The issue is fixed in Moonlight v4.0.1 for iOS and tvOS. Connected documents consistently describe the affected product as Moonlight iOS/tvOS and identify the root ...
CVE-2020-11024 Man-in-the-middle attack in Moonlight iOS/tvOS
In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS...
moonlightmotelanaheim.com XSS vulnerability
Open Bug Bounty ID: OBB-674320 Description| Value ---|--- Affected Website:| moonlightmotelanaheim.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Why VPNFilter is like a Moonlight Maze
On May 25, the FBI issued a public service announcement asking every Internet ready American to reboot their routers. The PSA specifically warned small and home office owners that they are particularly vulnerable to “foreign cyber actors” A.K.A. spies that are using malware called VPNFilter to...
Kaspersky Security Bulletin: Review of the Year 2017
Introduction The end of the year is a good time to take stock of the main cyberthreat incidents that took place over the preceding 12 months or so. To reflect on the impact these events had on organizations and individuals, and consider what they could mean for the overall evolution of the threat...
IT threat evolution Q2 2017
Targeted attacks and malware campaigns Back to the future: looking for a link between old and new APTs This year's Security Analyst Summit SAS included interesting research findings on several targeted attack campaigns. For example, researchers from Kaspersky Lab and King's College London present...
Security Analyst Summit 2017 Day One Recap
SINT MAARTEN—Mike Mimoso and Chris Brook recap the first day of this year’s Security Analyst Summit, including Mark Dowd’s memory corruption bug keynote, Thomas Rid, Daniel Moore, Juan Andres Guerrero-Saade, and Costin Raiu’s Moonlight Maze talk, ATM hacking, and the Lazarus APT. Download:...
Russian-Speaking Turla Joins APT Elite
SINT MAARTEN—In the waning moments of his 2016 talk at the Security Analyst Summit, Thomas Rid had a drop-the-mic moment when he disclosed there were likely links between the infamous Moonlight Maze cyberespionage operation of the mid- and late-1990s and the modern-day Turla APT. Today during thi...
PJ Masks: Moonlight Heroes - Exported ContentProvider, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application PJ Masks: Moonlight Heroes published at the 'play' market has multiple vulnerabilities...
openSUSE Security Update : libmoon-devel (openSUSE-SU-2011:0313-1)
Moonlight was prone to several security problems : CVE-2011-0989: modification of read-only values via RuntimeHelpers.InitializeArray CVE-2011-0990: buffer overflow due to race condition in in Array.FastCopy CVE-2011-0991: use-after-free due to DynamicMethod resurrection CVE-2011-0992: informatio...
openSUSE Security Update : libmoon-devel (openSUSE-SU-2011:0313-1)
Moonlight was prone to several security problems : CVE-2011-0989: modification of read-only values via RuntimeHelpers.InitializeArray CVE-2011-0990: buffer overflow due to race condition in in Array.FastCopy CVE-2011-0991: use-after-free due to DynamicMethod resurrection CVE-2011-0992: informatio...