Lucene search
K

19 matches found

CVE
CVE
added 15 hours ago9 views

CVE-2026-14704

CVE-2026-14704 affects the Stephen-Kruger bluebox project up to version 4.5.12. The vulnerability arises from manipulation of an unnamed argument, enabling cross-site scripting. Exploitation is possible remotely, and public PoCs exist. The issue was brought to the project’s attention via an issue...

5.3CVSS4.4AI score
Exploits0References7
ATTACKERKB
ATTACKERKB
added 15 hours ago3 views

CVE-2026-14704

A vulnerability was found in stephen-kruger bluebox up to 4.5.12. Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument code results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could ...

5.3CVSS4.4AI score
Exploits0References7Affected Software1
EUVD
EUVD
added 15 hours ago8 views

EUVD-2026-41725

A vulnerability was found in stephen-kruger bluebox up to 4.5.12. Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument code results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could ...

5.3CVSS4.4AI score
Exploits0References7
0day.today
0day.today
added 2019/08/11 12:0 a.m.46 views

Mitel 6869i Voip Deskphone 4.2.2032 Command Injection Vulnerability

Mitel 6869i Voip Deskphone version 4.2.2032 suffer from an unauthenticated command injection vulnerability. Vendor: Mitel Affected Products: Mitel 6869i Voip Deskphone Version 4.2.2032 - SIP Not Affected: unknown Vulnerability: Mitel 6869i SIP Deskphone 4.2.2032: Unauthenticated Bash Command...

7.8AI score
Exploits0
Packet Storm
Packet Storm
added 2019/08/11 12:0 a.m.334 views

Mitel 6869i Voip Deskphone 4.2.2032 Command Injection

BlueBox Security http://www.bluebox-security.de/ securityatbluebox-security.de bbs-2019.001.txt 08-August-2019 Vendor: Mitel Affected Products: Mitel 6869i Voip Deskphone Version 4.2.2032 - SIP Not Affected: unknown Vulnerability: Mitel 6869i SIP Deskphone 4.2.2032: Unauthenticated Bash Command...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2015/03/30 6:46 a.m.11 views

5 Biggest Hosting Companies hacked by Syrian Electronic Army

Once again, Syrian Electronic Army SEA has gain media attention by compromising a number of popular web hosting brands of one of the leading web-hosting companies Endurance International Group INC that manages over 60 different hosting brands. SEA, a pro-hacker group supposed to be aligned with...

7AI score
Exploits0
myhack58
myhack58
added 2014/07/30 12:0 a.m.22 views

Android new vulnerability exposure: hack may fake and authentic applications-vulnerability warning-the black bar safety net

Ticker 7 on 3 0 September morning news, on Tuesday released a study on the display, the Google Android operating system has a security vulnerability that can allow a hacker to fake a trusted formal application, thereby hijacking the user's smartphone or tablet. The security company Bluebox Securi...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2014/07/29 11:17 p.m.10 views

Android "Fake ID" Vulnerability Allows Malware to Impersonate Trusted Apps

Due to the majority in the mobile platform, Google’s Android operating system has been a prior target for cybercriminals and a recently exposed weakness in the way the operating system handles certificate validation, left millions of Android devices open to attack. Researchers at BlueBox security...

6.8AI score
Exploits0
ThreatPost
ThreatPost
added 2014/07/29 8:0 a.m.9 views

Critical Android FakeID Bug Allows Attackers to Impersonate Trusted Apps

There is a critical vulnerability in millions of Android devices that allows a malicious app to impersonate a trusted application in a transparent way, enabling an attacker to take a number of actions, including inserting malicious code into a legitimate app or even take complete control of an...

0.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2013/08/05 12:17 p.m.17 views

Jeff Forristal on the Android Master-Key Vulnerability

When news of the Android master-key vulnerability began leaking out in early July, details were hard to come by, and that was done intentionally. The researchers at Bluebox Security, a mobile-security start-up, had discovered the vulnerability and were planning to disclose the details of the bug ...

0.6AI score
Exploits0References1
The Hacker News
The Hacker News
added 2013/07/16 6:59 p.m.9 views

Chinese Hackers discovered second Android master key vulnerability

Android Security Squad, the China-based group that uncovered a second Android master key vulnerability that might be abused to modify smartphone apps without breaking their digital signatures. The whole point of digitally signing a document or file is to prove the file hasn't been modified. The...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2013/07/16 7:59 a.m.16 views

Chinese Hackers discovered second Android master key vulnerability

Android Security Squad, the China-based group that uncovered a second Android master key vulnerability that might be abused to modify smartphone apps without breaking their digital signatures. The whole point of digitally signing a document or file is to prove the file hasn't been modified. The...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/07/15 3:43 p.m.10 views

Another Android Master Key Attack Published

A second Android Master Key attack has been reported that takes advantage of the vulnerability in the way Android reads APK files, enabling hackers to modify signed legitimate apps with malware. The vulnerability occurs in the way Android conducts integrity checks on APK files. An attacker could...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2013/07/09 2:1 p.m.11 views

Android Master Key Bug Details Made Public

The details of the Android vulnerability that enables an attacker to create a malicious update to an APK file without breaking its cryptographic signature have become public but it appears as though Google will have a patch ready for the flaw by the time it’s fully disclosed early next month. The...

6.9AI score
Exploits0References5
The Hacker News
The Hacker News
added 2013/07/09 7:40 a.m.18 views

Exploit for most critical Android vulnerability publicly released

What if hackers could take an existing legitimate app or update with a valid digital signature, and modify it in order to use it as a malicious Trojan to access everything on your Android phone or tablet? Last week, researchers from Bluebox Security announced that the Android operating system has...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2013/07/03 3:13 p.m.6 views

Android Vulnerability Bypasses App's Digital Signature

A vulnerability exists in the Android code base that would allow a hacker to modify a legitimate, digitally signed Android application package file APK and not break the app’s cryptographic signature—an action that would normally set off a red flag that something is amiss. Researchers at startup...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2012/06/19 2:22 p.m.8 views

Security Veterans Score Funding for New Startup Bluebox

Many people would consider themselves lucky to be a part of one successful start-up company, but for a select group of entrepreneurs, engineers and executives, that’s just the beginning. Such is the case for the team behind new mobile security firm Bluebox, a stealth-mode company that counts SPI...

7.3AI score
Exploits0References2
The Hacker News
The Hacker News
added 2012/04/15 6:58 p.m.14 views

Phone Phreaking using Bluebox Demonstrated in India

Phone Phreaking using Bluebox Demonstrated in India Christy Philip Mathew, an Indian Information Security Instructor and Hacker demonstrated Phone Phreaking using Bluebox in his lab. This time we have something really special that would remind us the phone phreaking. Actually Phone Phreaking...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2010/09/20 12:0 a.m.259 views

n.runs-SA-2010.002 - Alcatel-Lucent - arbitrary code execution on OmniVista 4760

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.002 20-September-2010 Vendor: Alcatel Affected Products: OmniVista 4760 server: all versions prior to release R5.1.06.03.cPatch3. Vulnerability: arbitrary code execution Risk: High CVE-Number: CVE-2010-3281 Vendor communication:...

5.4CVSS1.2AI score0.01872EPSS
Exploits0
Rows per page
Query Builder