2294 matches found
New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks
A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon. Dubbed KV-botnet by the Black Lotus Labs team at Lumen...
HTTP NTLM Information Disclosure
Windows New Technology LAN Manager NTLM is a suite of Microsoft security protocols designed to offer authentication, integrity and confidentiality to users. In Windows environments, NTLM authentication is often supported over HTTP in order to protect access to specific resources. During the...
Directory traversal
An issue was discovered in server.js in etcd-browser 87ae63d75260. By supplying a /../../../ Directory Traversal input to the URL's GET request while connecting to the remote server port specified during setup, an attacker can retrieve local operating system files from the remote system...
CVE-2023-46307
An issue was discovered in server.js in etcd-browser 87ae63d75260. By supplying a /../../../ Directory Traversal input to the URL's GET request while connecting to the remote server port specified during setup, an attacker can retrieve local operating system files from the remote system...
CVE-2023-46307
Summary: CVE-2023-46307 affects etcd-browser (build 87ae63d75260). The vulnerability is in server.js and enables a directory traversal by supplying a /../../../ path in the URL in a remote-connection context, allowing retrieval of local operating system files on the remote system. Impact: potenti...
Important: squid
Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...
GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability
The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that's capable of remotely commandeering the infected hosts. The attacks involve th...
GLSA-202311-12 : MiniDLNA: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202311-12 MiniDLNA: Multiple Vulnerabilities - A DNS rebinding issue in ReadyMedia formerly MiniDLNA before 1.3.1 allows a remote web server to exfiltrate media files. CVE-2022-26505 - ReadyMedia MiniDLNA versions from 1.1.15 up t...
Rocky Linux 8 : squid:4 (RLSA-2021:4292)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4292 advisory. - An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a buffer-management bug, it allows a denial of service. When resolving a...
Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2023-31122)
Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...
SUSE CVE-2017-7488
Authconfig version 6.2.8 is vulnerable to an Information exposure while using SSSD to authenticate against remote server resulting in the leak of information about existing usernames...
Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server
Summary IBM Db2 is shipped with IBM WebSphere Remote Server. Information about security vulnerabilities affecting IBM Db2 have been published in a security bulletin CVE-2023-39976, CVE-2023-40373, CVE-2023-40372, CVE-2023-30987, CVE-2023-38719, CVE-2023-38740, CVE-2023-30991, CVE-2023-38720,...
CVE-2023-38312
A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client with remote control access to a game server to read arbitrary files from the underlying server via the motdfile console variable...
Malicious Package
Overview ZendeskApi.Client.V2 is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's...
Malicious Package
Overview Kraken.Exchange is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine,...
Malicious Package
Overview Pathoschild.Stardew.Mod.BuildConfig is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on t...
Malicious Package
Overview SolanaWallet is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine, al...
Malicious Package
Overview IAmRoot is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine, all whi...
Malicious Package
Overview Monero is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine, all whil...
Malicious Package
Overview DiscordsRpc is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine, all...