USN-3723-1 tomcat7, tomcat8 vulnerabilities

It was discovered that Tomcat incorrectly handled decoding certain UTF-8 strings. A remote attacker could possibly use this issue to cause Tomcat to crash, resulting in a denial of service. CVE-2018-1336 It was discovered that the Tomcat WebSocket client incorrectly performed hostname verificatio...

ANA App for iOS fails to validate SSL server certificate vulnerability

ANA App is an APP application. ANA App for iOS is vulnerable to a method-validated SSL server certificate vulnerability that could be exploited by an attacker to obtain and/or alter the content of a communication...

CVE-2018-5152

CVE-2018-5152 affects Firefox before 60. WebExtensions with appropriate permissions can inject content scripts into sites like accounts.firefox.com and monitor traffic via webRequest, enabling interception during login and exposure of username and encrypted password. The issue is limited to the l...

General Motors and Shanghai OnStar iOS Client Man-in-the-Middle Attack Vulnerability

General Motors GM and Shanghai OnStar SOS iOS Client is an iOS-based application for making SOS distress calls for drivers in the event of a motor vehicle collision. A security vulnerability exists in the GM and SOS iOS Client version 7.1. The vulnerability can be exploited by an attacker to...

CVE-2017-12697

A Man-in-the-Middle issue was discovered in General Motors GM and Shanghai OnStar SOS SOS iOS Client 7.1. Successful exploitation of this vulnerability may allow an attacker to intercept sensitive information when the client connects to the server...

Schneider Electric Pelco VideoXpert Missing Encryption Of Sensitive Information

Summary VideoXpert is a video management solution designed for scalability, fitting the needs surveillance operations of any size. VideoXpert Ultimate can also aggregate other VideoXpert systems, tying multiple video management systems into a single interface. Description The software transmits...

MikroTik RouterOS WPA2 Key Reinstallation Vulnerabilities - KRACK

WPA2 as used in MikroTik RouterOS is prone to multiple security weaknesses aka Key Reinstallation Attacks KRACK. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Hongyi Environmental Protection Android App Has Logic Design Flaws

Hongyi Environmental Android APP is an air purifier management tool. There is a logical design vulnerability in the Android APP of Hongyi Environmental Protection. Because the program fails to verify the verification code when performing registration, an attacker can bypass the verification code ...

WordPress: Stored xss via template injection

Hello Sir , I found Stored XSS in https://mercantile.wordpress.org/ POC is attached . Steps to reproduce: 1.Login to your account. 2. Go to https://mercantile.wordpress.org/my-account/edit-address/ & fill details , press save & intercept this request in burp suit. 3.change name to...

Bugs in Signal Messaging App Corrupt Attachments, Crash App

Makers of the mobile encrypted chat app Signal say they have fixed vulnerabilities in the Android version of the messaging app that allowed attackers to corrupt encrypted attachments and remotely crash the application. The vulnerabilities were discovered by Jean-Philippe Aumasson and Markus Vervi...

The vulnerability of the Internet Explorer browser allows attackers to gain unauthorized access to transmitted data.

The Internet Explorer browser contains a vulnerability related to improper certificate reconciliation during a TLS session. Exploiting this vulnerability allows a malicious actor to gain unauthorized access to data by intercepting the TLS connection that involves mutual authentication between the...

The vulnerability of the Cisco IOS operating system, which allows a malicious actor to trigger a “disconnection”

Cisco IOS software contains a vulnerability in the Open Shortest Path First OSPF and Routing Protocol Link State Advertisement LSA protocols. This vulnerability allows a malicious actor to send specially crafted OSPF packets, thereby causing a router to fail or intercept network traffic...

FantasyTote: Betting more than max amount

Hey Fantasytote, This is not really a security issue since this won't leak any data of other users or something like that but i still wanted to tell you this because there must be a reason you guys limit the max bet to 150 euro per bet. You can reproduce this issue by betting 150 euro, intercepti...

SSH Authentication Backdoor Vulnerability in Fortigate Firewalls

FortiGate Fita Firewall is a network firewall product from Fortinet Fita for defense against attacks such as network and malicious code at the network and content layers. Fortigate Firewall has an SSH authentication backdoor vulnerability. FortiGate firewall FortimanagerAccess user's password is...

Weaponized Drones For Police Now Legal In North Dakota

Drones also known as Unmanned Aerial Vehicles UAVs have contributed enormously by acting as an interface for conducting surveillance operations, or delivering products, or attacking a war site to name a few. We have seen Drones like 'Snoopy' that are capable to intercept data from your Smartphone...

金蝶销管家逻辑缺陷重置任意用户密码(工作人员账户测试/秒改)

简要描述： 可绕过验证码直接修改用户密码。 详细说明： 0x1:先信息收集一些工作人员的账户用来测试，来证明漏洞的危害性。 13580111111 13752248075 13456231475 13456879564 15578945623 13456231245 13456231245 13648776985 13400002111 13625668852 15018517663 15915533696 13888888888 13456789123 18090700000 13165454756 13654213923 13654213923 13760368754...

Hackers Exploit Zero-Day Magento Vulnerability to Steal Your Credit Cards

Hackers are increasingly exploiting an unknown flaw to siphon payment card information from e-commerce websites that use Magento, the most popular e-commerce platform owned by eBay. Security researchers at Sucuri are still investigating the attack vector, but they believe that cyber criminals are...

IBM WebSphere MQIPT Information Disclosure Vulnerability

IBM WebSphere MQ is a solution for providing messaging services in the enterprise. IBM WebSphere MQIPT fails to properly handle HTTP session IDs, allowing remote attackers to exploit the vulnerability to guess the session ID to intercept MQ message data...

Trio of Vulnerabilities Patched in Magneto Web App

A trio of vulnerabilities were recently patched in eBay’s Magento e-commerce web application that could have let attackers carry out a handful of exploits, including phishing, session hijacking, and data interception. Hadji Samir, a researcher at the firm Vulnerability Lab dug up the problems...

LFTP Man-in-the-Middle Information Disclosure Vulnerability

LFTP is a multi-platform , multi-mode ftp, ftps, http, https, hftp, etc. based on the command line FTP client . LFTP suffers from a man-in-the-middle information disclosure vulnerability, which allows attackers to exploit this vulnerability to conduct man-in-the-middle attacks and obtain sensitiv...