Capesand Exploit Kit Landing Page

Capesand exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...

Mysterious malware that re-installs itself infected over 45,000 Android Phones

Over the past few months, hundreds of Android users have been complaining online of a new piece of mysterious malware that hides on the infected devices and can reportedly reinstall itself even after users delete it, or factory reset their devices. Dubbed Xhelper, the malware has already infected...

Tails 4.0 - Live System to Preserve Your Privacy and Anonymity

Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used fr...

CVE-2019-2944

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

Metasploit HTTP(S) handler DoS

This module exploits the Metasploit HTTPS handler by sending a specially crafted HTTP request that gets added as a resource handler. Resources which come from the external connections are evaluated as RegEx in the handler server. Specially crafted input can trigger Gentle, Soft and Hard DoS. Test...

Fedora 31 : 1:ImageMagick / rubygem-rmagick (2019-27b9b94805)

Bug fixes and security fixes. Better threading compile time option set. See: https://src.fedoraproject.org/rpms/ImageMagick/pull-request/2 Additional formats enabled. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

CVE-2019-2169

In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-118492282...

CVE-2019-11280

Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.18, 2.4.x prior to 2.4.14, 2.5.x prior to 2.5.10, and 2.6.x prior to 2.6.5, contains an invitations microservice which allows users to invite others to their organizations. A remote authenticated user can ga...

Design/Logic Flaw

Pivotal Apps Manager, included in Pivotal Application Service versions 2.3.x prior to 2.3.18, 2.4.x prior to 2.4.14, 2.5.x prior to 2.5.10, and 2.6.x prior to 2.6.5, contains an invitations microservice which allows users to invite others to their organizations. A remote authenticated user can ga...

Radio Exploit Kit Landing Page

Radio exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...

September 2019 Security Updates

We have released the September security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder,...

September 2019 Security Updates

We have released the September security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder,...

Capital One Hacker Also Accused of Hacking 30 More Companies and CryptoJacking

Former Amazon employee Paige Thompson , who was arrested last month in relation to the Capital One data breach, has been accused of hacking not only the U.S. credit card issuer, but also more than 30 other companies. An indictment unsealed on Wednesday revealed that Thompson not just stole data...

Lord Exploit Kit Landing Page

Lord exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Successful infection will allow the attacker to download additional malware to the target...

CVE-2018-20865

cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field SEC-459...

CVE-2018-20865

CVE-2018-20865 affects cPanel prior to 76.0.8, where a Self XSS flaw exists in the WHM Addtional Backup Destination field (SEC-459). Exploitation context is not detailed in the provided documents, but the vulnerability is tied to user-supplied content in the WHM backup destination setting, enabli...

ImageMagick < 7.0.8-56 Multiple vulnerabilities

The version of ImageMagick installed on the remote Windows host is prior to 7.0.8-56. It is, therefore, affected by multiple vulnerabilities: - An integer overflow condition exists in the TIFFSeekCustomStream function. An unauthenticated, remote attacker can exploit this, by convincing a user to...

Solaris 10 (x86) : 153061-01

Vulnerability in the Oracle Solaris product of Oracle Sun Systems Products Suite component: Common Desktop Environment. The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

July 2019 Security Update Release

We have released the July security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide...

Advantech WebAccess webvprcs IOCTL 10012 Stack Overflow

Binary data scadaadvantechwebaccesscve-2019-3953.nbin...