Lucene search
+L

243 matches found

The Hacker News
The Hacker News
added 2019/07/17 10:52 a.m.142 views

New Attack Lets Android Apps Capture Loudspeaker Data Without Any Permission

Earlier this month, The Hacker News covered a story on research revealing how over 1300 Android apps are collecting sensitive data even when users have explicitly denied the required permissions. The research was primarily focused on how app developers abuse multiple ways around to collect locati...

6.7AI score
Exploits0
Veracode
Veracode
added 2019/06/10 3:56 a.m.6 views

Malicious Package

leaflet-gpx contains malicious code. The code when executed in the browser would capture password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

6.9AI score
Exploits0
Veracode
Veracode
added 2019/06/10 3:55 a.m.11 views

Malicious Package

angular-location-update contains malicious code. The code when executed in the browser would capture password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

6.9AI score
Exploits0
Veracode
Veracode
added 2019/06/10 3:55 a.m.7 views

Malicious Package

geoheat contains malicious code. The code when executed in the browser would capture password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

6.9AI score
Exploits0
Veracode
Veracode
added 2019/06/10 3:55 a.m.11 views

Malicious Package

github-jquery-widgets contains malicious code. The code when executed in the browser would capture password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

6.9AI score
Exploits0
Veracode
Veracode
added 2019/06/10 3:55 a.m.10 views

Malicious Package

vue-backbone contains malicious code. The code when executed in the browser would capture password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

6.9AI score
Exploits0
Veracode
Veracode
added 2019/06/10 3:55 a.m.10 views

Malicious Package

mx-nested-menu contains malicious code. The code when executed in the browser would capture password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

6.9AI score
Exploits0
Veracode
Veracode
added 2019/06/10 3:42 a.m.16 views

Malicious Package

ngx-pica contains malicious code. The code when executed in the browser will capture password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

6.9AI score
Exploits0
Fedora
Fedora
added 2019/04/19 7:9 p.m.54 views

[SECURITY] Fedora 29 Update: wireshark-3.0.1-1.fc29

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. It has many powerful...

7.5CVSS7.2AI score0.17697EPSS
Exploits19
Fedora
Fedora
added 2019/03/21 9:47 p.m.58 views

[SECURITY] Fedora 29 Update: tcpflow-1.5.0-4.fc29

tcpflow is a program that captures data transmitted as part of TCP connections flows, and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually being...

5.5CVSS2.2AI score0.01302EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/11 4:15 p.m.24 views

Security Bulletin: IBM InfoSphere Change Data Capture is affected by a jackson-core open source library vulnerability (CVE-2018-0125)

Summary InfoSphere Data Replication has addressed the following vulnerability: CVE-2018-0125 Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow a remote attacker to execute arbitrary code on the system, caused by an incomplete input validation on user-controll...

10CVSS2.5AI score0.55409EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/02/11 4:15 p.m.30 views

Security Bulletin: IBM InfoSphere Change Data Capture is affected by Apache Commons Codec open source library vulnerabilities

Summary InfoSphere Data Replication has addressed the following vulnerabilities: CVE-2010-0001 CVE-2009-0001 Vulnerability Details CVEID: CVE-2010-0001 DESCRIPTION: GNU gzip could allow a remote attacker to execute arbitrary code on the system caused by an integer underflow in the unlzw function...

9.3CVSS1.8AI score0.06803EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 9:25 p.m.28 views

Security Bulletin: IBM InfoSphere Change Data Capture is affected by an Apache Derby open source library vulnerability (CVE-2015-1832)

Summary IBM InfoSphere Change Data Capture has addressed the following vulnerability: CVE-2015-1832 - Apache Derby could allow a remote attacker to obtain sensitive information, caused by a XML external entity XXE error when processing XML data by the XML datatype and XmlVTI. An attacker could...

9.1CVSS1AI score0.12173EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2018/12/20 12:0 a.m.6 views

Logic flaws exist in the OA system of Shandong Branch of Unicom Systems Integration Co.

Ltd. Shandong Province Branch is a wholly-owned listed branch of China Unicom, with a registered capital of RMB 550 million yuan at its headquarters, which is a large state-owned high-tech enterprise. There is a logic flaw vulnerability in the OA system of Unicom System Integration Ltd Shandong...

6.8AI score
Exploits0
n0where
n0where
added 2018/11/26 8:17 a.m.48 views

Track People on the Internet: trape

Trape is a OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their...

0.6AI score
Exploits0References1
Akamai Blog
Akamai Blog
added 2018/09/04 2:3 p.m.54 views

You bet your mobile app consumers are willing to pay with their smartphone

For almost 10 years, there has been a debate over mobile app versus mobile web. Which strategy is right for your business and will consumers really ever buy something with a mobile device? Some of these questions have been clearly answered with time, but some aspects of the debate continue. The...

6.8AI score
Exploits0
CNVD
CNVD
added 2018/08/14 12:0 a.m.5 views

Multiple Medtronic Product Information Disclosure Vulnerabilities

Medtronic MMT-508 MiniMed insulin pump and others are different models of insulin pumps from Medtronic, USA. An information disclosure vulnerability exists in several Medtronic products, which can be exploited by an attacker to capture the information passed between the controller and pump when t...

5.3CVSS5.2AI score0.00712EPSS
Exploits0References1
NVD
NVD
added 2018/07/26 7:29 p.m.18 views

CVE-2018-9068

The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Leno...

7.5CVSS7.2AI score0.01053EPSS
Exploits0References1
OSV
OSV
added 2018/07/26 7:29 p.m.5 views

CVE-2018-9068

The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Leno...

7.5CVSS5.8AI score0.01053EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/07/26 7:0 p.m.30 views

CVE-2018-9068

The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Leno...

7.2AI score0.01053EPSS
Exploits0References1
Rows per page
Query Builder