Lucene search
K

113 matches found

The Hacker News
The Hacker News
added 2020/12/02 9:20 a.m.484 views

Multiple Botnets Exploiting Critical Oracle WebLogic Bug — PATCH NOW

Multiple botnets are targeting thousands of publicly exposed and still unpatched Oracle WebLogic servers to deploy crypto miners and steal sensitive information from infected systems. The attacks are taking aim at a recently patched WebLogic Server vulnerability, which was released by Oracle as...

10CVSS0.4AI score0.99997EPSS
Exploits43
Carbon Black Blog
Carbon Black Blog
added 2020/07/24 9:39 p.m.60 views

TAU Threat Discovery: Cryptocurrency Clipper Malware Evolves

Clipper malware is designed to steal cryptocurrency from victims by replacing wallet addresses in the victim’s clipboard with wallet addresses that belong to the attacker. This stealthy technique is designed to silently trick the victim when making what appears to be a legitimate cryptocurrency...

8AI score
Exploits0
NVD
NVD
added 2019/08/15 5:15 p.m.13 views

CVE-2018-12101

CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields...

5.4CVSS5.3AI score0.01256EPSS
Exploits1References3
OSV
OSV
added 2019/08/15 5:15 p.m.10 views

CVE-2018-12101

CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields...

5.4CVSS6AI score
Exploits0References3
Prion
Prion
added 2019/08/15 5:15 p.m.14 views

Design/Logic Flaw

CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields...

3.5CVSS5.3AI score0.01256EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/08/15 4:47 p.m.20 views

CVE-2018-12101

CMS Clipper 1.3.3 has XSS in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields...

5.3AI score0.01256EPSS
Exploits1References3
CVE
CVE
added 2019/08/15 4:47 p.m.46 views

CVE-2018-12101

CVE-2018-12101 affects CMS Clipper 1.3.3 with cross-site scripting in the Security tab search, User Groups, Resource Groups, and User/Resource Group Links fields. The available documents do not specify the exact vulnerability type (stored vs. reflected), root cause, affected components beyond tho...

5.4CVSS5.2AI score0.01256EPSS
Exploits1References3Affected Software1
Check Point Advisories
Check Point Advisories
added 2019/06/23 12:0 a.m.8 views

Evernote Web Clipper Cross-Site Scripting (CVE-2019-12592)

A cross-site scripting vulnerability exists in Evernote Web Clipper Extension. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary commands on the affected system...

4.3CVSS4.4AI score0.01076EPSS
Exploits0
OSV
OSV
added 2019/06/18 9:15 p.m.1 views

CVE-2019-12592

A universal Cross-site scripting UXSS vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows remote attackers to run arbitrary web script or HTML in the context of any loaded 3rd-party IFrame...

6.1CVSS6.7AI score0.01076EPSS
Exploits0References2
NVD
NVD
added 2019/06/18 9:15 p.m.14 views

CVE-2019-12592

A universal Cross-site scripting UXSS vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows remote attackers to run arbitrary web script or HTML in the context of any loaded 3rd-party IFrame...

6.1CVSS6.2AI score0.01076EPSS
Exploits0References2
Prion
Prion
added 2019/06/18 9:15 p.m.11 views

Cross site scripting

A universal Cross-site scripting UXSS vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows remote attackers to run arbitrary web script or HTML in the context of any loaded 3rd-party IFrame...

4.3CVSS6.2AI score0.01076EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/06/18 8:38 p.m.79 views

CVE-2019-12592

CVE-2019-12592 affects the Evernote Web Clipper Chrome extension (pre-7.11.1). The vulnerability arises from a mis-handled URL construction in the extension’s iframe/injection framework, allowing a remote site to inject scripts via postMessage and inject a payload into all frames, effectively cau...

6.1CVSS6.1AI score0.01076EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/06/18 8:38 p.m.19 views

CVE-2019-12592

A universal Cross-site scripting UXSS vulnerability in the Evernote Web Clipper extension before 7.11.1 for Chrome allows remote attackers to run arbitrary web script or HTML in the context of any loaded 3rd-party IFrame...

6.2AI score0.01076EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2019/02/11 11:15 a.m.99 views

First Android Clipboard Hijacking Crypto Malware Found On Google Play Store

A security researcher has discovered yet another cryptocurrency-stealing malware on the official Google Play Store that was designed to secretly steal bitcoin and cryptocurrency from unwitting users. The malware, described as a "Clipper," masqueraded as a legitimate cryptocurrency app and worked ...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2019/02/11 11:15 a.m.2 views

First Android Clipboard Hijacking Crypto Malware Found On Google Play Store

A security researcher has discovered yet another cryptocurrency-stealing malware on the official Google Play Store that was designed to secretly steal bitcoin and cryptocurrency from unwitting users. The malware, described as a "Clipper ," masqueraded as a legitimate cryptocurrency app and worked...

6.5AI score
Exploits0
HackRead
HackRead
added 2019/02/09 11:6 p.m.258 views

Clipper malware on Play Store replaces users BTC & ETH wallet address

By Waqas This is the first ever Clipper malware found on Play Store. Another day another Android malware on Google Play Store - This time the IT security researchers at ESET have discovered a malware known for replacing the content of clipboard on the targeted device. This type of malware is call...

1.9AI score
Exploits0
hackapp
hackapp
added 2016/04/01 9:0 a.m.8 views

Hair Clipper - MIT license, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Hair Clipper published at the 'play' market has multiple vulnerabilities...

0.9AI score
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2015/02/24 1:59 p.m.13 views

NSA Could Be Hoping For Clipper Chip Redux

The NSA has a new director, a slew of new challenges and any number of new capabilities at its disposal. But it seems that the agency is intent on fighting the same old battles. Even as fresh revelations about the extent of the NSA’s efforts to get access to encryption keys for mobile...

7.2AI score
Exploits0References1
NVD
NVD
added 2015/02/01 2:59 a.m.13 views

CVE-2015-0870

Cross-site scripting XSS vulnerability in hb.cgi in Nishishi Factory Fumy News Clipper 2.x before 2.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01161EPSS
Exploits0References4
Prion
Prion
added 2015/02/01 2:59 a.m.10 views

Cross site scripting

Cross-site scripting XSS vulnerability in hb.cgi in Nishishi Factory Fumy News Clipper 2.x before 2.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01161EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder