EUVD-2022-45388

Malicious code in bioql PyPI...

QBot banker delivered through business correspondence

In early April, we detected a significant increase in attacks that use banking Trojans of the QBot family aka QakBot, QuackBot, and Pinkslipbot. The malware would be delivered through e-mail letters written in different languages — variations of them were coming in English, German, Italian, and...

SUSE CVE-2017-9433

Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx...

CVE-2023-24524

SAP S/4 HANA Map Treasury Correspondence Format Data does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to delete the data with a high impact to availability...

Authorization

SAP S/4 HANA Map Treasury Correspondence Format Data does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to delete the data with a high impact to availability...

How to configure EPA with one-to-one correspondence between usernames and mac addresses

This article address a configuration sample toconfigure EPA with one-to-one correspondence between usernames and mac addresses...

Newgen Correspondence Management System eGov 12.0 Insecure Direct Object Reference

Exploit Title: Newgen Correspondence Management System corms eGov 12.0 - IDOR Date: 29 Dec 2020 Exploit Author: ALI AL SINAN Vendor Homepage: https://newgensoft.com Software Link: https://newgensoft.com/solutions/industries/government/e-gov-office/ Version: eGov 12.0 Tested on: JBoss EAP 7 CVE :...

Newgen Correspondence Management System (corms) eGov 12.0 - IDOR

Exploit Title: Newgen Correspondence Management System corms eGov 12.0 - IDOR Date: 29 Dec 2020 Exploit Author: ALI AL SINAN Vendor Homepage: https://newgensoft.com Software Link: https://newgensoft.com/solutions/industries/government/e-gov-office/ Version: eGov 12.0 Tested on: JBoss EAP 7 CVE :...

CVE-2020-35737

In Correspondence Management System corms in Newgen eGov 12.0, an attacker can modify other users' profile information by manipulating the unvalidated UserIndex parameter, aka Insecure Direct Object Reference...

Design/Logic Flaw

In Correspondence Management System corms in Newgen eGov 12.0, an attacker can modify other users' profile information by manipulating the unvalidated UserIndex parameter, aka Insecure Direct Object Reference...

CVE-2020-35737

In Correspondence Management System corms in Newgen eGov 12.0, an attacker can modify other users' profile information by manipulating the unvalidated UserIndex parameter, aka Insecure Direct Object Reference...

CVE-2020-35737

CVE-2020-35737 affects Newgen eGov 12.0, specifically the Correspondence Management System (corms). The vulnerability is an Insecure Direct Object Reference caused by an unvalidated UserIndex parameter in the personal settings page, allowing an attacker to modify other users’ profile information....

Newgen Egov Correspondence Management System Security Breach

Newgen Egov Correspondence Management System is a correspondence management software for office environments from Newgen USA. A security vulnerability exists in Newgen eGov 12.0 Correspondence Management System, which can be exploited by an attacker to modify another user's personal information...

Anti-NATO Disinformation Campaign Leveraged CMS Compromises

Researchers have uncovered a widespread influence campaign that aims to discredit the Northern Atlantic Treaty Organization NATO, an intergovernmental military alliance between 30 North American and European countries. According to new research from FireEye, the campaign has been ongoing since at...

QQ Mail hijacking account 0day Exploit

Using 0day exploit you can hijack any account and take possession of the correspondence...

Forging a Relationship With Tyler Barriss, the Internet’s Most Hated Swatter

Journalist Brendan Koerner strikes up a jail-cell correspondence with a man charged with instigating a fatal shooting. “Only by peering into the abyss of human malice can we divine how we can muster the strength to forgive the truly lost," he writes...

UBUNTU-CVE-2017-9433

Document Liberation Project libmwaw before 2017-04-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the MsWrd1Parser::readFootnoteCorrespondance function in lib/MsWrd1Parser.cxx...

DEDECMS v5. 7(2013-06-07) xss+csrf 0day-vulnerability warning-the black bar safety net

Bookmark management existxss+csrf http://localhost/dedecms/member/flinkmain.php xss:http://localhost/dedecms/member/flinkmain.php?dopost=addnew&title=test' onmouseover=alert1;'&url=test' onmouseover=alert1;' CSRF:img...

Hacker Exposes former US President Bush Family Photos and Emails

The hacker, known as Guccifer, targeted several e-mail accounts and exposed personal photos and sensitive correspondence from members of the former US President Bush family, including both former U.S. presidents. Hacked Emails includes the AOL account of his daughter Dorothy Bush Koch; family...

CVE-2011-2084

Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to read 1 hashes of former passwords and 2 ticket correspondence history by leveraging access to a privileged account...