Lucene search
K

18 matches found

CNNVD
CNNVD
added 2026/05/11 12:0 a.m.13 views

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from the extractname function being exploitable, leading to a heap buffer overflow. This allows attackers to inject fake DNS cache entries, potentially redirecting DNS queries to...

7.3CVSS6.1AI score0.00754EPSS
Exploits1References1
CNVD
CNVD
added 2026/03/24 12:0 a.m.4 views

Unspecified vulnerability in Discourse (CNVD-2026-17482)

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse has a security vulnerability that can be exploited by an attacker to cause a legitimate Discourse authorization page to display...

7.5CVSS5.7AI score0.00208EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2026/03/17 4:10 p.m.5 views

Fake Pudgy World site steals your crypto passwords

A phishing site impersonating the newly-launched Pudgy World browser game is targeting crypto users with a technique that goes well beyond a convincing logo and matching color scheme. Pudgy World is a free-to-play browser game built around the Pudgy Penguins NFT brand. Players explore a virtual...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2018-4419

Malware in sbrugna...

5.3CVSS5.5AI score0.00767EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/03/27 12:31 p.m.22 views

APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware

An advanced persistent threat APT group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has...

7.3AI score
Exploits0
Prion
Prion
added 2018/08/02 1:29 p.m.13 views

Design/Logic Flaw

Whale Browser before 1.3.48.4 displays no URL information but only a title of a web page on the browser's address bar when visiting a non-http page, which allows an attacker to display a malicious web page with a fake domain name...

5CVSS5.2AI score0.00767EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/08/02 1:29 p.m.21 views

CVE-2018-12448

Whale Browser before 1.3.48.4 displays no URL information but only a title of a web page on the browser's address bar when visiting a non-http page, which allows an attacker to display a malicious web page with a fake domain name...

5.3CVSS5.2AI score0.00767EPSS
Exploits0References1
OSV
OSV
added 2018/08/02 1:29 p.m.3 views

CVE-2018-12448

Whale Browser before 1.3.48.4 displays no URL information but only a title of a web page on the browser's address bar when visiting a non-http page, which allows an attacker to display a malicious web page with a fake domain name...

5.3CVSS5.8AI score0.00767EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/08/02 1:0 p.m.19 views

CVE-2018-12448

Whale Browser before 1.3.48.4 displays no URL information but only a title of a web page on the browser's address bar when visiting a non-http page, which allows an attacker to display a malicious web page with a fake domain name...

5.2AI score0.00767EPSS
Exploits0References1
NVD
NVD
added 2018/07/03 3:29 p.m.16 views

CVE-2018-7635

Whale Browser before 1.0.41.8 displays no URL information but only a title of a web page on the browser's address bar when visiting a blank page, which allows an attacker to display a malicious web page with a fake domain name...

5.3CVSS5.2AI score0.00776EPSS
Exploits0References1
OSV
OSV
added 2018/07/03 3:29 p.m.6 views

CVE-2018-7635

Whale Browser before 1.0.41.8 displays no URL information but only a title of a web page on the browser's address bar when visiting a blank page, which allows an attacker to display a malicious web page with a fake domain name...

5.3CVSS5.8AI score0.00776EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/07/03 3:0 p.m.17 views

CVE-2018-7635

Whale Browser before 1.0.41.8 displays no URL information but only a title of a web page on the browser's address bar when visiting a blank page, which allows an attacker to display a malicious web page with a fake domain name...

5.2AI score0.00776EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2017/05/10 4:3 p.m.12 views

Session Hijacking, Cookie-Stealing WordPress Malware Spotted

Researchers have identified a strain of cookie stealing malware injected into a legitimate JavaScript file, that masquerades as a WordPress core domain. Cesar Anjos, a security analyst at Sucuri, a firm that specializes in WordPress security, came across the malware during an incident response...

7.1AI score
Exploits0References3
Hacker One
Hacker One
added 2017/04/16 8:32 p.m.26 views

Brave Software: homograph-attack (unicode vuln)

Hi team Summary: Affacted product appears identicaly different websites domains attacker uses unicode to register domains that look identical to real domains ,These fake domains can be used to fool users into signing into a fake website, thereby handing over their login credentials to an...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/08/08 12:0 a.m.89 views

Microsoft Windows 7 (x86/x64) - Group Policy Privilege Escalation (MS16-072)

Exploit Title: Group Policy Elevation of Privilege Vulnerability Date: 08-08-2016 Exploit Author: Nabeel Ahmed Tested on: Windows 7 Professional x32/x64 CVE : CVE-2016-3223 Category: Privilege Escalation SPECIAL CONFIG: Standard Domain Member configuration with valid credentials. Standard Domain...

9.3CVSS8.1AI score0.21091EPSS
Exploits4
ThreatPost
ThreatPost
added 2015/08/06 1:46 p.m.10 views

Updated DGA Changer Malware Generates Fake Domain Stream

LAS VEGAS — The group behind the DGA Changer downloader has been pretty adept in modifying the malware to elude sandbox detection in particular. Researchers at Seculert today published a report on the latest twist to DGA Changer, which now is able to generate a fake stream of domains if it detect...

0.8AI score
Exploits0References4
Hacker One
Hacker One
added 2015/01/23 5:15 p.m.49 views

HackerOne: Improper way of validating a program

Hello HackerOne, I found out that it's easy to publish a program that isn't yours. January 20, 2015 I created a program named Puffer Bird and I leave the sandbox to prepare to launch the program. Then, I requested for a program review. January 21, 2014 at 1:08 AM I received an email from...

Exploits0
The Hacker News
The Hacker News
added 2011/11/29 4:16 a.m.2 views

Discovered the biggest Facebook phishing in French

Discovered the biggest Facebook phishing in French Two Days before we publish that Geeks at Security Web-Center Found 25 Facebook phishing sites. Security Web-Center found another biggest Facebook phishing site in French which steal more then 5000 usernames and passwords, using the fake domain...

6.6AI score
Exploits0
Rows per page
Query Builder