Lucene search
K

169 matches found

CVE
CVE
added 2021/12/07 7:35 p.m.49 views

CVE-2021-42980

NoMachine Cloud Server (versions > 4.0.346 and

8.8CVSS8.8AI score0.00464EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/12/07 7:33 p.m.25 views

CVE-2021-42979

NoMachine Cloud Server is affected by Integer Overflow. IOCTL Handler 0x22001B in the NoMachine Cloud Server above 4.0.346 and below 7.7.4 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request...

9AI score0.00481EPSS
Exploits1References1
CVE
CVE
added 2021/12/07 7:33 p.m.45 views

CVE-2021-42979

The CVE-2021-42979 entry concerns NoMachine Cloud Server where an Integer Overflow in the IOCTL Handler 0x22001B affects versions above 4.0.346 and below 7.7.4. The vulnerability can allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and...

8.8CVSS8.7AI score0.00481EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/12/07 12:0 a.m.4 views

Nomachine NoMachine 输入验证错误漏洞

NoMachine is a remote desktop access tool from NoMachine Nomachine Luxembourg. A security vulnerability exists in NoMachine Cloud Server, which can be exploited by an attacker to execute arbitrary code in kernel mode or cause a denial of service memory corruption and operating system crash via...

8.8CVSS6.4AI score0.00481EPSS
Exploits1References2
Kitploit
Kitploit
added 2021/11/21 11:30 a.m.39 views

SillyRAT - A Cross Platform Multifunctional (Windows/Linux/Mac) RAT

A Cross Platform multifunctional Windows/Linux/Mac RAT. Getting Started Description A cross platform RAT written in pure Python. The RAT accept commands alongside arguments to either perform as the server who accepts connections or to perform as the client/target who establish connections to the...

7.4AI score
Exploits0References1
OSV
OSV
added 2021/04/15 8:15 a.m.3 views

CVE-2021-23884

Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee Content Security Reporter CSR prior to 2.8.0 allows an ePO administrator to view the unencrypted password of the McAfee Web Gateway MWG or the password of the McAfee Web Gateway Cloud Server MWGCS read on...

4.3CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2021/04/15 8:15 a.m.25 views

CVE-2021-23884

Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee Content Security Reporter CSR prior to 2.8.0 allows an ePO administrator to view the unencrypted password of the McAfee Web Gateway MWG or the password of the McAfee Web Gateway Cloud Server MWGCS read on...

4.3CVSS0.00213EPSS
Exploits0References1
CVE
CVE
added 2021/04/15 7:30 a.m.52 views

CVE-2021-23884

CVE-2021-23884 affects the ePO Extension of McAfee Content Security Reporter (CSR). The issue stems from cleartext transmission that lets an ePO administrator view unencrypted credentials (MWG or MWGCS read-only user used for log retrieval). Affected: CSR versions prior to 2.8.0. Mitigation: upgr...

4.3CVSS4.6AI score0.00213EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/04/15 12:0 a.m.5 views

PT-2021-15586 · Mcafee · Mcafee Web Gateway +2

Name of the Vulnerable Software and Affected Versions: McAfee Content Security Reporter CSR versions prior to 2.8.0 Description: The issue allows an ePO administrator to view unencrypted passwords of the McAfee Web Gateway MWG or the McAfee Web Gateway Cloud Server MWGCS read-only user. This occu...

4.3CVSS4.3AI score0.00213EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2021/04/02 3:47 p.m.10 views

CVE-2020-11922

An issue was discovered in WiZ Colors A60 1.14.0. The device sends unnecessary information to the cloud controller server. Although this information is sent encrypted and has low risk in isolation, it decreases the privacy of the end user. The information sent includes the local IP address being...

6.3AI score0.01124EPSS
Exploits1References3
CNVD
CNVD
added 2020/12/31 12:0 a.m.3 views

SQL Injection Vulnerability in Lightbox Cloud Platform Pro

The Lightbox Cloud Platform Pro is an intelligent cloud server management system. Ltd. Lightboat Cloud Platform Pro has a SQL injection vulnerability that can be exploited by attackers to obtain sensitive information from the database...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2020/12/10 5:52 a.m.138 views

Stripo Inc: No rate limiting for confirmation email lead to huge Mass mailings

this Report based on 997070 Issue Description No rate limit means their is no mechanism to protect against the requests you made in a short frame of time. If the repetition doesn't give any error after 50, 100, 1000 repetitions then their will be no rate limit set. vulnerable has registred in...

Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2020/09/01 12:5 p.m.11 views

The Life Cycle of a Compromised (Cloud) Server

Trend Micro Research has developed a go-to resource for all things related to cybercriminal underground hosting and infrastructure. Today we released the second in this three-part series of reports which detail the what, how, and why of cybercriminal hosting see the first part here. As part of th...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2020/07/14 1:38 p.m.41 views

Leaked Details of 142 Million MGM Hotel Guests Found for Sale Online

Researchers have found 142 million personal details from former guests at the MGM Resorts hotels for sale on the dark web, evidence that a data leak from the hotel chain last summer may be far bigger in scope than previously thought. An advertisement on a hacker forum has put 142,479,937 details...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2020/05/29 4:45 p.m.69 views

NTT Communications Data Breach Affects Customers, Threatens Supply Chain

Japan-based systems integrator NTT Communications has disclosed a recent data breach that it said impacted hundreds of customers. The total affected comes to as many as 621 customers, the company said, but security experts worry about the impacts of the data breach due to the company’s positionin...

0.1AI score
Exploits0References9
ThreatPost
ThreatPost
added 2019/11/25 10:36 p.m.68 views

TrickBot Evolves to Go After SSH Keys

The TrickBot info-stealing malware has updated its password grabber to target data from OpenSSH and OpenVPN applications. OpenSSH is a connectivity tool for remote login with the SSH protocol; it encrypts all traffic to eliminate eavesdropping. OpenVPN meanwhile is used for secure private...

1.3AI score
Exploits0References8
CNVD
CNVD
added 2019/10/14 12:0 a.m.3 views

IBM InfoSphere Information Server on Cloud and IBM InfoSphere Information Server Information Disclosure Vulnerabilities

IBM InfoSphere Information Server on Cloud and IBM InfoSphere Information Server are both products of IBM Corporation, U.S.A. IBM InfoSphere Information Server on Cloud is a set of cloud-based data consolidation IBM InfoSphere Information Server is a data integration platform. IBM InfoSphere...

6AI score
Exploits0References1
The Hacker News
The Hacker News
added 2019/08/29 3:34 p.m.57 views

Capital One Hacker Also Accused of Hacking 30 More Companies and CryptoJacking

Former Amazon employee Paige Thompson, who was arrested last month in relation to the Capital One data breach, has been accused of hacking not only the U.S. credit card issuer, but also more than 30 other companies. An indictment unsealed on Wednesday revealed that Thompson not just stole data fr...

0.4AI score
Exploits0
OSV
OSV
added 2019/07/03 7:15 p.m.5 views

CVE-2019-9872

In several versions of JetBrains IntelliJ IDEA Ultimate, creating run configurations for cloud application servers leads to saving a cleartext unencrypted record of the server credentials in the IDE configuration files. If the Settings Repository plugin was then used and configured to synchronize...

8.1CVSS7.1AI score0.01153EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2019/05/01 3:51 p.m.43 views

Mysterious database exposed personal information of 80 million US households

Word has broken of yet another massive data trove exposed for anyone to see. A research team from vpnMentor discovered an exposed 24GB database hosted on a Microsoft cloud server containing the addresses, income levels, and marital statuses of users within 80 million US households. As we’ve seen...

7AI score
Exploits0
Rows per page
Query Builder