Lucene search
K

5470 matches found

Malwarebytes
Malwarebytes
added 2020/06/17 5:30 p.m.23 views

Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature

This blog post was authored by Hossein Jazi and Jérôme Segura On June 10, we found a malicious Word document disguised as a resume that uses template injection to drop a .Net Loader. This is the first part of a multi-stage attack that we believe is associated to an APT attack. In the last stage,...

8AI score
Exploits0
OpenVAS
OpenVAS
added 2020/06/13 12:0 a.m.31 views

Debian: Security Advisory (DLA-2247-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.4AI score0.01537EPSS
Exploits1References3
OSV
OSV
added 2020/06/12 11:58 p.m.4 views

MGASA-2020-0258 Updated libreoffice packages fix security vulnerability

This update increase Libreoffice to version 6.4.4.2 It fixes Security issues and add kf5 support. If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If...

5.3CVSS5.7AI score0.01255EPSS
Exploits0References5
Mageia
Mageia
added 2020/06/12 11:58 p.m.36 views

Updated libreoffice packages fix security vulnerability

This update increase Libreoffice to version 6.4.4.2 It fixes Security issues and add kf5 support. If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If...

5.3CVSS2.9AI score0.01255EPSS
Exploits0References4
Debian
Debian
added 2020/06/12 12:19 p.m.52 views

[SECURITY] [DLA 2247-1] thunderbird security update

Package : thunderbird Version : 1:68.9.0-1deb8u2 CVE ID : CVE-2020-12398 CVE-2020-12399 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the...

9.3CVSS6.9AI score0.01537EPSS
Exploits1
Cvelist
Cvelist
added 2020/06/12 8:25 a.m.21 views

CVE-2020-3929 GeoVision Door Access Control Device - Shared cryptographic keys

GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted messages...

5.9CVSS5.9AI score0.00507EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/06/12 12:0 a.m.37 views

Debian DSA-4702-1 : thunderbird - security update

Multiple security issues have been found in Thunderbird which could result in the setup of a non-encrypted IMAP connection, denial of service or potentially the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

9.3CVSS7.5AI score0.01537EPSS
Exploits1References9
OpenVAS
OpenVAS
added 2020/06/12 12:0 a.m.47 views

Debian: Security Advisory (DSA-4702-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS7.4AI score0.01537EPSS
Exploits1References4
Debian
Debian
added 2020/06/11 5:45 p.m.67 views

[SECURITY] [DSA 4702-1] thunderbird security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4702-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 11, 2020 https://www.debian.org/security/faq -...

9.3CVSS7.9AI score0.01537EPSS
Exploits1
OSV
OSV
added 2020/06/08 10:22 a.m.6 views

OPENSUSE-SU-2020:0786-1 Security update for libreoffice

This update for libreoffice to 6.4.4.2 fixes the following issues: Security issue fixed: - CVE-2020-12801: Fixed an issue with encrypted MSOffice documents that could be accidentally saved unencrypted bsc1171997. Non-security issues fixed: - Elements on title page mixed up bsc1160687. - Image...

5.3CVSS6.7AI score0.01255EPSS
Exploits0References6
OSV
OSV
added 2020/06/04 8:14 a.m.5 views

SUSE-SU-2020:1530-1 Security update for libreoffice

This update for libreoffice to 6.4.4.2 fixes the following issues: Security issue fixed: - CVE-2020-12801: Fixed an issue with encrypted MSOffice documents that could be accidentally saved unencrypted bsc1171997. Non-security issues fixed: - Elements on title page mixed up bsc1160687. - Image...

5.3CVSS5.6AI score0.01255EPSS
Exploits0References6
OSV
OSV
added 2020/06/03 1:15 p.m.2 views

CVE-2020-2198

Jenkins Project Inheritance Plugin 19.08.02 and earlier does not redact encrypted secrets in the 'getConfigAsXML' API URL when transmitting job config.xml data to users without Job/Configure...

6.5CVSS6.6AI score
Exploits0References2
Prion
Prion
added 2020/06/03 1:15 p.m.16 views

Code injection

Jenkins Project Inheritance Plugin 19.08.02 and earlier does not redact encrypted secrets in the 'getConfigAsXML' API URL when transmitting job config.xml data to users without Job/Configure...

4CVSS6.3AI score0.00798EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2020/06/03 12:40 p.m.27 views

CVE-2020-2198

Jenkins Project Inheritance Plugin 19.08.02 and earlier does not redact encrypted secrets in the 'getConfigAsXML' API URL when transmitting job config.xml data to users without Job/Configure...

6.5CVSS3.1AI score0.00798EPSS
Exploits0References2
Securelist
Securelist
added 2020/06/03 10:0 a.m.956 views

Cycldek: Bridging the (air) gap

Key findings While investigating attacks related to a group named Cycldek post 2018, we were able to uncover various pieces of information on its activities that were not known thus far. In this blog post we aim to bridge the knowledge gap on this group and provide a more thorough insight into it...

9.3CVSS0.99966EPSS
Exploits48
NVD
NVD
added 2020/06/02 3:15 p.m.25 views

CVE-2020-3645

Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

7.8CVSS7.7AI score0.00658EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/02 3:5 p.m.33 views

CVE-2020-3645

Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

7.7AI score0.00658EPSS
Exploits0References1
CVE
CVE
added 2020/06/02 3:5 p.m.67 views

CVE-2020-3645

CVE-2020-3645 affects Qualcomm/Qualcomm-based WLAN firmware used across Snapdragon Compute, Connectivity, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, Mobile, and related SoCs (e.g., IPQ6018, IPQ8074, Kamorta, Nicobar, QCA63xx, QCN7xxx, SC7xxx, SDM8xx, SXR1x0, etc.). The vulne...

7.8CVSS7.7AI score0.00658EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2020/06/01 11:34 a.m.4 views

Joomla Resources Directory (JRD) Portal Suffers Data Breach

Joomla, one of the most popular Open-source content management systems CMS, last week announced a new data breach impacting 2,700 users who have an account with its resources directory JRD website, i.e., resources.joomla.org. The breach exposed affected users' personal information, such as full...

5.8AI score
Exploits0
ThreatPost
ThreatPost
added 2020/05/22 3:35 p.m.63 views

Home Chef Serves Up Data Breach for 8 Million Records

Mail-order meal kits have become even more popular as the coronavirus pandemic has kept people home and cooking on a regular basis. Unfortunately, one of these, the popular Kroger’s Home Chef service, recently served up a side of data breach along with its perfectly measured ingredients. Accordin...

7.4AI score
Exploits0References11
Rows per page
Query Builder