Lucene search
K

11 matches found

BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.11 views

The vulnerability in the `create_unbound_ad_servers.sh` component relates to the Unbound DNS server, allowing a attacker to compromise data integrity.

The vulnerability of the createunboundadservers.sh script, executed by the Unbound DNS server, is related to insufficient elimination of certain elements in the request. Exploiting this vulnerability allows a remote attacker to compromise the integrity of data...

7.1CVSS6.8AI score0.01339EPSS
Exploits0References8Affected Software3
OSV
OSV
added 2021/04/27 6:15 a.m.2 views

DEBIAN-CVE-2019-25031

Unbound before 1.9.5 allows configuration injection in createunboundadservers.sh upon a successful man-in-the-middle attack against a cleartext HTTP session. NOTE: The vendor does not consider this a vulnerability of the Unbound software. createunboundadservers.sh is a contributed script from the...

5.9CVSS6.8AI score0.01339EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2021/04/20 10:41 a.m.38 views

120 Compromised Ad Servers Target Millions of Internet Users

An ongoing malvertising campaign tracked as "Tag Barnakle" has been behind the breach of more than 120 ad servers over the past year to sneakily inject code in an attempt to serve malicious advertisements that redirect users to rogue websites, thus exposing victims to scamware or malware. Unlike...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2021/01/19 12:51 p.m.223 views

Revive Adserver: Open redirect in ck.php and lg.php

An opportunity for open redirects has been available by design since the early versions of Revive Adserver's predecessors in the impression and click tracking scripts to allow third party ad servers to track such metrics when delivering ads. Historically the display advertising industry has...

5.8CVSS1.2AI score0.66141EPSS
Exploits3
Talos Blog
Talos Blog
added 2019/07/31 8:36 a.m.97 views

Malvertising: Online advertising's darker side

By Nick Biasini, Chris Neal and Matt Valites. Executive summary One of the trickiest challenges enterprises face is managing the balance between aggressively blocking malicious advertisements aka malvertising and allowing content to remain online, accessible for the average user. The days of...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2019/06/26 6:30 p.m.115 views

GreenFlash Sundown exploit kit expands via large malvertising campaign

Exploit kit activity has been relatively quiet for some time, with the occasional malvertising campaign reminding us that drive-by downloads are still a threat. However, during the past few days we noticed a spike in our telemetry for what appeared to be a new exploit kit. Upon closer inspection ...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2018/12/10 4:30 p.m.16 views

Volkswagen Giveaway Scam Peddles Ad Networks

A fake Volkswagen campaign is making its way across social media platforms, luring in victims with promises of a free Volkswagen car giveaway – but instead redirecting them to third-party ad servers. Victims are first sent messages via WhatsApp or Facebook, purporting to be from Volkswagen and...

0.5AI score
Exploits0References6
FireEye
FireEye
added 2017/03/15 8:48 a.m.18 views

Still Getting Served: A Look at Recent Malvertising Campaigns Involving Exploit Kits

Malvertising occurs when an online advertising network knowingly or unknowingly serves up malicious advertisements on a website. Malvertisements are a type of “drive-by” threat that tend to result in users being infected with malware for simply visiting a website. The victims of this threat are...

6.6AI score
Exploits0
CVE
CVE
added 2015/07/02 2:42 p.m.61 views

CVE-2015-4228

CVE-2015-4228 affects Cisco Digital Content Manager (DCM) 15.0.0. The issue arises from the DCM’s handling of malformed ad messages from the ad server, which can be exploited by a remote attacker to cause a denial of service via a system reboot (DoS). Root cause: processing malformed ad content l...

5.4CVSS6.8AI score0.00837EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2012/09/19 8:8 p.m.27 views

Exploit Released for Internet Explorer zero-day attacks : CVE-2012-4969

Microsoft has confirmed reports that a zero-day vulnerability in its Internet Explorer browser is being actively attacked in the wild. Four active exploits of a zero-day vulnerability in the browser exists. Microsoft will push out an out-of-cycle Windows patch to temporarily fix the critical...

9.3CVSS7.3AI score0.81716EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.42 views

Fedora 12 : krb5-1.7.1-2.fc12 (2010-1722)

This update adds the upstream patch to avoid a potential denial of service in the KDC in versions 1.7 and later CVE-2010-0283. It obsoletes a previous pending update to version 1.7.1, which incorporates a fix to avoid accidentally tripping account lockout logic on AD servers when the user types i...

7.8CVSS7AI score0.02429EPSS
Exploits0References3
Rows per page
Query Builder