Lucene search
K

572 matches found

Schneier on Security
Schneier on Security
added 2020/02/06 12:14 p.m.29 views

A New Clue for the Kryptos Sculpture

Jim Sanborn, who designed the Kryptos sculpture in a CIA courtyard, has released another clue to the still-unsolved part 4. I think he's getting tired of waiting. Did we mention Mr. Sanborn is 74? Holding on to one of the world's most enticing secrets can be stressful. Some would-be codebreakers...

7AI score
Exploits0
NVD
NVD
added 2019/10/29 7:15 p.m.13 views

CVE-2019-18608

Cezerin v0.33.0 allows unauthorized order-information modification because certain internal attributes can be overwritten via a conflicting name when processing order requests. Hence, a malicious customer can manipulate an order e.g., its payment status or shipping fee by adding additional...

7.5CVSS7.4AI score0.00971EPSS
Exploits1References1
Prion
Prion
added 2019/10/29 7:15 p.m.16 views

Information disclosure

Cezerin v0.33.0 allows unauthorized order-information modification because certain internal attributes can be overwritten via a conflicting name when processing order requests. Hence, a malicious customer can manipulate an order e.g., its payment status or shipping fee by adding additional...

5CVSS7.4AI score0.00971EPSS
Exploits1References1Affected Software1
Krebs on Security
Krebs on Security
added 2019/09/18 6:53 p.m.51 views

Before He Spammed You, this Sly Prince Stalked Your Mailbox

A reader forwarded what he briefly imagined might be a bold, if potentially costly, innovation on the old Nigerian prince scam that asks for help squirreling away millions in unclaimed fortune: It was sent via the U.S. Postal Service, with a postmarked stamp and everything. In truth these old...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2018/10/17 9:8 a.m.2 views

Google Will Charge Android Phone Makers to Use Its Apps In Europe

Would you prefer purchasing an Android device that doesn't have any apps or services from Google? No Google Maps, No Gmail, No YouTube! And NOT even the Google Play Store—from where you could have installed any Android apps you want Because if you live in Europe, from now on, you have to spend so...

6.7AI score
Exploits0
HackRead
HackRead
added 2018/08/06 12:59 p.m.15 views

Windows 10 May Not Be Free for Businesses Anymore

By Waqas Microsoft Launching Dedicated Program To Manage Windows 10 Related Updates… But with a Monthly Fee. Microsoft has always referred to Windows 10 as a service, which we suspected was a hint that the software giant may at some point start charging some fee for the maintenance of the OS. Now...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2018/06/12 6:56 a.m.20 views

Monero: Misreporting of received amount by show_transfers

Summary: A sender may cause showtransfers to report a higher amount that was actually sent on the recipient's showtransfers output. Description: Due to a flaw in processnewtransaction in wallet2.cpp, if the tx pubkey is present multiple times, it will decode outputs correctly as many times, and a...

6.9AI score
Exploits0
CNVD
CNVD
added 2018/06/08 12:0 a.m.2 views

Soar Labs Soar Coin Design Vulnerability

Soar Labs Soar Coin is an ethereum-based virtual cryptocurrency. A security vulnerability exists in the 'zerofeetransaction' function in Soar Labs Soar Coin git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f and previous versions. An attacker could exploit this vulnerability to steal Soar curren...

7.5CVSS7.5AI score0.00988EPSS
Exploits0References1
NVD
NVD
added 2018/06/06 7:29 p.m.15 views

CVE-2018-1000203

Soar Labs Soar Coin version up to and including git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f latest release as of Sept 2017 contains an intentional backdoor vulnerability in the function zerofeetransaction that can result in theft of Soar Coins by the "onlycentralAccount" Soar Labs after...

7.5CVSS7.5AI score0.00988EPSS
Exploits0References2
CNVD
CNVD
added 2018/04/27 12:0 a.m.3 views

SmartMesh smart contract 'transferProxy' function integer overflow vulnerability

SmartMesh is a blockchain-based underlying protocol for the Internet of Things IoT, targeting areas such as meshless communication and meshless payment. smart contract is one of the smart contracts. An integer overflow vulnerability exists in the 'transferProxy' function of the smart contract...

7.5CVSS7.1AI score0.01825EPSS
Exploits2References1
myhack58
myhack58
added 2018/04/25 12:0 a.m.29 views

SMT smart contract integer overflow vulnerability-vulnerability warning-the black bar safety net

! Vulnerability overview SmartMesh Token is based on the Ethereum contract tokens, referred to as SMT. Ethereum is an open source, public, distributed computing platform, SmartMesh tokens contract SmartMeshTokenContract based on ERC20Token standards. The vulnerability occurs in the transfer...

0.7AI score
Exploits0
Cisco Threats
Cisco Threats
added 2018/04/09 1:54 p.m.16 views

Threat Outbreak Alert RuleID32401: Email Messages Distributing Malicious Software on April 5, 2018

Medium Alert ID: 57426 First Published: 2018 April 9 13:54 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID32401 may contain the following files: Name | Siz...

Exploits0
Malwarebytes
Malwarebytes
added 2017/10/18 6:46 p.m.48 views

419 scammer offers USD $60 million—and a free child

Scammers often come crawling out of the woodwork in all sorts of places you wouldn't necessarily expect. This is to their advantage when trying to keep suspicion in check; after all, we're pretty much pre-programmed to think 419 scams will only wander into our inboxes. Twitter, though? That's a...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/08 3:0 p.m.47 views

Fake DHS email – “Give us $350 in the next 24 hours”

Who likes threats? Nobody, as it turns out. That hasn't stopped scammers from jumping on the menacing email train - next stop, your inbox. Every now and then, we see the 419 "Hitman deployed to kill you" missive doing the rounds. On a similar threatening note, we have a fake DHS notification...

6.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/09/06 11:0 p.m.93 views

Nigerian scams without the Nigerians

Users in English speaking countries are quite familiar with the Nigerian scam: an important guy in Nigeria needs your help getting his money out of the country and if you assist with some transaction fees, a chunk of his fortune could be yours. But what about non-English speaking countries? What...

6.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2017/04/11 3:30 p.m.19 views

Hot on the Credential Theft Trail: Tracking a Hacker from a Dropbox Phishing Campaign

We the Imperva Defense Center research team frequently investigate cases of credential theft to gain a deeper understanding of methods and tools used by cyber criminals—in particular, to learn how accounts are taken over once credentials are compromised through phishing campaigns. We recently cho...

7AI score
Exploits0
Citrix
Citrix
added 2017/04/11 12:0 a.m.6 views

How to request for XenMobile Service in Citrix Cloud

Citrix Cloud is a platform that hosts and administers Citrix services. It connects to your resources, via theCitrix Cloud Connector, on any cloud or infrastructure you choose. It allows you to create, manage, and deploy workspaces with apps and data to your end-users from a single console. The...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2016/11/01 12:0 a.m.20 views

School Registration And Fee System Authentication Bypass

Exploit Title.............. School Registration and Fee System Auth Bypass Google Dork................ N/A Date....................... 01/11/2016 Exploit Author............. opt1lc Vendor Homepage............ http://www.sourcecodester.com/php/10932/school-registration-and-fee-system.html Software...

0.4AI score
Exploits0
0day.today
0day.today
added 2016/11/01 12:0 a.m.16 views

School Registration and Fee System - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title.............. School Registration and Fee System Auth Bypass Google Dork................ N/A Date....................... 01/11/2016 Exploit Author............. opt1lc Vendor Homepage...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/01 12:0 a.m.21 views

School Registration and Fee System - Authentication Bypass

Exploit Title.............. School Registration and Fee System Auth Bypass Google Dork................ N/A Date....................... 01/11/2016 Exploit Author............. opt1lc Vendor Homepage............ http://www.sourcecodester.com/php/10932/school-registration-and-fee-system.html Software...

7.4AI score
Exploits0
Rows per page
Query Builder