Lucene search
+L

6 matches found

cvelist
cvelist
added 2023/10/11 12:53 p.m.20 views

CVE-2023-37538 HCL Digital Experience is susceptible to cross site scripting (XSS)

HCL Digital Experience is susceptible to cross site scripting XSS. One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism email, other web site...

9.3CVSS8.9AI score0.00359EPSS
Exploits0References1
trellix
trellix
added 2023/07/31 12:0 a.m.31 views

Old Loader, New Threat: Exploring XWorm RAT's Distribution and Tactics 

Old Loader, New Threat: Exploring XWorm RAT's Distribution and Tactics By Pratik Pachpor and Adarsh S · July 31, 2023 Executive Summary: In March-April 2023, we detected a malicious email campaign delivering .Net based XWorm RAT in which embedded blogspot.com URLs were used as an entry point. Thi...

7.4AI score
Exploits0
mssecure
mssecure
added 2021/09/15 11:40 p.m.278 views

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability

In August, Microsoft Threat Intelligence Center MSTIC identified a small number of attacks less than 10 that attempted to exploit a remote code execution vulnerability in MSHTML using specially crafted Microsoft Office documents. These attacks used the vulnerability, tracked as CVE-2021-40444, as...

6.8CVSS0.96843EPSS
Exploits38
thn
thn
added 2021/03/03 12:56 p.m.35 views

Hackers Now Hiding ObliqueRAT Payload in Images to Evade Detection

Cybercriminals are now deploying remote access Trojans RATs under the guise of seemingly innocuous images hosted on infected websites, once again highlighting how threat actors quickly change tactics when their attack methods are discovered and exposed publicly. New research released by Cisco Tal...

7.8AI score
Exploits0
cvelist
cvelist
added 2020/11/05 4:52 p.m.29 views

CVE-2020-14222

HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting XSS. One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism email, other web site...

6.1AI score0.00634EPSS
Exploits0References1
malwarebytes
malwarebytes
added 2017/08/09 3:54 p.m.41 views

Cerber ransomware delivered in format of a different order of Magnitude

As a follow up to our study into the Magnitude exploit kit and its gate which we profiled in a previous blog post, we take a look at an interesting technique used to distribute the Cerber ransomware. Exploit kits are a very effective means of serving malicious payloads and an important aspect is...

7.4AI score
Exploits0
Rows per page
Query Builder