MAL-2026-4569 Malicious code in gator-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1925735d02fb91f74a11718c3402ad0b10f551eecb8c6d88f02d475b3e0a799f On npm install via scripts.install: node index.js and on every require'gator-client', lib/core.js collects os.userInfo.username, os.hostname, and the...

Zscaler Client Connector hard-coded proxy configuration domain

RISK EVALUATION ZScaler Client Connector 4.7 and 4.8 on Microsoft Windows hard codes a domain used to retrieve proxy configuration information. An attacker with control of this domain could provide arbitrary proxy configurations and intercept, redirect or disrupt traffic. 2. RECOMMENDED...

CVE-2025-9110 QTS, QuTS hero

An exposure of sensitive system information to an unauthorized control sphere vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to read application data. We have already fixed the vulnerability in the followin...

WordPress plugin m1.DownloadList 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations

Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. "This activity is believed to be part of a long-term espionage campaign," Palo Alto Networks Unit ...

Malicious Google Play Store App Spotted Distributing Xenomorph Banking Trojan

Google has removed two new malicious dropper apps that have been detected on the Play Store for Android, one of which posed as a lifestyle app and was caught distributing the Xenomorph banking malware. "Xenomorph is a trojan that steals credentials from banking applications on users' devices,"...

Why hackers don’t fly coach

Physical security is relied on too heavily for cabin-based systems on the Airline Information Services Domain AISD. Whilst the Aircraft Control Domain ACD is separated, there are still plenty of interesting information, data and systems that are accessible from the cabin, for those who are prepar...

Getting a persistent shell on a 747 IFE

TL:DR The Coronavirus pandemic has hit the airline industry hard. One sad consequence was early retirement of most of the 747 passenger fleet. This does however create opportunities for aviation security research, as airframes are parked up before parting out in breakers yards. This 747 was flyin...

DEBIAN-CVE-2020-29568

An issue was discovered in Xen through 4.14.x. Some OSes such as Linux, FreeBSD, and NetBSD are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OO...

Card Skimmer Hits Australian Bushfire Donation Site

Concerned global citizens making donations to help fight the massive Australia bushfires have been caught up in a Magecart attack, after one of the groups implanted a payment-card skimmer on the check-out page of a legitimate online donation site. Researchers ran across the Magecart script, named...

OracleVM 3.2 : xen (OVMSA-2017-0159)

The remote OracleVM system is missing necessary patches to address critical security updates : - The code of OVM3.2.9 is quite old, there is no getpage/putpage pair to protect the ownership and references of page table page which is mapped in emulatemapdest. This patch fix it by adding getpage in...

xen-tools -- xenstore denial of service via repeated update

The Xen Project reports: Unprivileged guests may be able to stall progress of the control domain or driver domain, possibly leading to a Denial of Service DoS of the entire host...

How to change control domain memory using XenCenter in XenServer 7.1 and higher?

This article describes the method to change the amount of memory allocated to the Control Domain using XenCenter...

PVS 7.13: XenServer PVS-Accelerator Cache Storage Considerations

Note: This feature is only available in XenServer 7.1 and PVS 7.13 or later. PVS-Accelerator provides two cache modes: Memory only , in the Control Domain Dom0 Memory. When selecting Memory only, the feature will use up to the specified cache size in the Dom0 memory. This option is only available...

File System on Control Domain Full on XenServer

There are a variety of errors and symptoms that can be seen when the Control Domain file system becomes full. The errors and symptoms that you see might be different depending on the partition layout of your XenServer host. Possible errors can include the following errors or alerts might appear...

Citrix Hypervisor / XenServer Detection (SSH Login)

SSH login-based detection of Citrix Hypervisor / XenServer. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ocaml xenstored mishandles oversized message replies

ISSUE DESCRIPTION The Ocaml xenstored implementation "oxenstored" cannot correctly handle a message reply larger than XENSTOREPAYLOADSIZE when communicating with a client domain via the shared ring mechanism. When this situation occurs the connection to the client domain will be shutdown and cann...

CVE-2009-2282

The CVE-2009-2282 issue affects Sun Solaris 10 on SPARC and OpenSolaris snv_41–snv_108, where the Virtual Network Terminal Server daemon (vntsd) does not validate authorization for guest console access. This allows local control-domain users to obtain guest-domain privileges via unspecified vecto...