MAECO-Lite: Modular Ontology for Dynamic Malware Analysis

Capturing dynamic malware behavior in a practical but still semantically precise manner remains a significant challenge in cyber threat intelligence. While standards such as MAEC and STIX provide widely adopted vocabularies for describing malware artifacts and observations, they represent data wi...

WordPress N7 | Golf Club Sports & Events theme <= 2.16.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme N7 | Golf Club Sports & Events versions = 2.16.0...

EUVD-2014-1294

Malware in sbrugna...

CVE-2023-28829

A vulnerability has been identified in SIMATIC NET PC Software V14 All versions, SIMATIC NET PC Software V15 All versions, SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions, SIMATIC WinCC All versions V8.0, SINAUT Software ST7sc All versions. Before...

WordPress plugin WP BASE Booking of Appointments, Services and Events 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability exists in the WordPress plugi...

CVE-2024-6552

The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.2. This is due to the plugin utilizing Symfony and leaving displayerrors on within test files. This makes it possible for unauthenticated...

WordPress Plugin Booking for Appointments and Events Calendar Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

Siemens SIMATIC WinCC using obsolete function vulnerability

SIMATIC NET PC software is a separately sold software product that implements the SIMATIC NET communication products.SIMATIC PCS 7 is a centralized control system DCS that integrates SIMATIC WinCC, SIMATIC Batch, SIMATIC Route control, OpenPCS 7 and other components.SIMATIC WinCC is a Supervisory...

CVE-2023-28829

A vulnerability has been identified in SIMATIC NET PC Software V14 All versions, SIMATIC NET PC Software V15 All versions, SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions, SIMATIC WinCC All versions V8.0, SINAUT Software ST7sc All versions. Before...

Design/Logic Flaw

An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages structured with XML...

CVE-2022-38744 FactoryTalk Alarm and Events Server Vulnerable to Denial-Of-Service Attack

An unauthenticated attacker with network access to a victim's Rockwell Automation FactoryTalk Alarm and Events service could open a connection, causing the service to fault and become unavailable. The affected port could be used as a server ping port and uses messages structured with XML...

Rockwell Automation FactoryTalk Alarm and Events Server 授权问题漏洞

The Rockwell Automation FactoryTalk Alarm and Events Server from Rockwell Automation provides a means of connecting to Rockwell's FactoryTalk service to filter alarms from configured A&E servers. Alarms. A security vulnerability exists in the Rockwell Automation FactoryTalk Alarm and Events Serve...

Mimikatz v2.2.0 - A Post-Exploitation Tool to Extract Plaintexts Passwords, Hash, PIN Code from Memory

mimikatz is a tool I've made to learn C and make somes experiments with Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. But that's not all!...

Rockwell Automation FactoryTalk Alarms and Events Detection (Windows SMB Login)

SMB login-based detection of Rockwell Automation FactoryTalk Alarms and Events. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...

Joomla! Component DT Register 3.2.7 - id SQL Injection

Joomla! Component DT Register 3.2.7 - id SQL Injection Exploit Title: Joomla! Component DT Register 3.2.7 - SQL Injection Dork: N/A Date: 16.02.2018 Vendor Homepage: https://www.dthdevelopment.com/ Software Link:...

Input validation

An Improper Input Validation issue was discovered in Rockwell Automation FactoryTalk Alarms and Events, Version 2.90 and earlier. An unauthenticated attacker with remote access to a network with FactoryTalk Alarms and Events can send a specially crafted set of packets packet to Port 403/TCP the...

Rockwell Automation FactoryTalk Alarms and Events

CVSS v3 7.5 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Rockwell Automation Equipment: FactoryTalk Alarms and Events Vulnerability: Improper Input Validation AFFECTED PRODUCTS The following versions of FactoryTalk Alarms and Events, a component of the Factory Talk Services...