4443 matches found
Debian dla-3355 : libxapian-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3355 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3355-1 [email protected] https://www.debian.org/lts/security/...
Heap overflow
A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gfm2tsprocesssdt of the file mediatools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been...
GPAC 资源管理错误漏洞
GPAC is an open source multimedia framework. A resource management error vulnerability exists in GPAC version 2.3-DEV-rev35-gbbca86917-master, which stems from the presence of an unknown function in the file filters/loadtext.c, resulting in a buffer overflow...
PT-2023-9308 · Gpac +1 · Gpac +1
Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev35-gbbca86917-master Description: A vulnerability has been found in the function gf av1 reset state of the file media tools/av parsers.c, which leads to double free. The manipulation can be launched on the local host...
CVE-2021-36821
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPMU DEV Forminator allows Stored XSS.This issue affects Forminator: from n/a through 1.14.11...
Cross site scripting
Unauth. Stored Cross-Site Scripting XSS vulnerability in WPMU DEV Forminator – Contact Form, Payment Form & Custom Form Builder plugin = 1.14.11 versions...
CVE-2021-36821 WordPress Forminator plugin <= 1.14.11 - Stored Cross-Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPMU DEV Forminator allows Stored XSS.This issue affects Forminator: from n/a through 1.14.11...
CVE-2021-36821
Summary of CVE-2021-36821 – WordPress Forminator stored XSS : The vulnerability affects the Forminator plugin for WordPress, with versions up to and including 1.14.11. The underlying issue is improper neutralization of input during web page generation, resulting in stored Cross-Site Scripting (XS...
CVE-2021-36821 WordPress Forminator plugin <= 1.14.11 - Stored Cross-Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WPMU DEV Forminator allows Stored XSS.This issue affects Forminator: from n/a through 1.14.11...
Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily
An open source adversary-in-the-middle AiTM phishing kit has found a number of takers in the cybercrime world for its ability to orchestrate attacks at scale. The Microsoft Threat Intelligence team is tracking the threat actor behind the development of the kit under its emerging moniker DEV-1101...
DEV-1101 enables high-volume AiTM campaigns with open-source phishing kit
Adversary-in-the-middle AiTM phishing kits are part of an increasing trend that is observed supplanting many other less advanced forms of phishing. AiTM phishing is capable of circumventing multifactor authentication MFA through reverse-proxy functionality. DEV-1101 is an actor tracked by Microso...
CVE-2023-0628
Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL...
CVE-2023-0628
Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL...
Design/Logic Flaw
Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL...
CVE-2023-0628 Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL
Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL...
CVE-2023-0628 Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL
Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL...
PT-2023-2062 · Docker · Docker Desktop
Name of the Vulnerable Software and Affected Versions: Docker Desktop versions prior to 4.17.0 Description: The issue allows an attacker to execute arbitrary commands inside a Dev Environments container during initialization. This can be achieved by tricking a user into opening a crafted maliciou...
Debian: Security Advisory (DSA-2142-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-220-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-531-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...