11 matches found
EUVD-2025-21397
Malicious code in bioql PyPI...
CVE-2025-53839 DRACOON Branding Service vulnerable to Cross-site Scripting
DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...
CVE-2025-53839 DRACOON Branding Service vulnerable to Cross-site Scripting
DRACOON is a file sharing service, and the DRACOON Branding Service allows customers to customize their DRACOON interface with their brand. Versions of the DRACOON Branding Service prior to 2.10.0 are vulnerable to cross-site scripting. Improper neutralization of input from administrative users...
CVE-2025-53839
CVE-2025-53839 affects DRACOON Branding Service (pre-2.10.0). The vulnerability is cross-site scripting caused by improper neutralization of input from administrative users, potentially injecting HTML into the workflow for newly onboarded users. A fix was made available in version 2.10.0 and roll...
Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links
The Middle East and North Africa have become the target of a new campaign that delivers a modified version of a known malware called AsyncRAT since September 2024. "The campaign, which leverages social media to distribute malware, is tied to the region's current geopolitical climate," Positive...
Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting
We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies...
Password reset Vulnerability in Facebook Employees Secure Files Transfer service
Many be many of you are not aware about this, but Facebook having a Secure Files Transfer service for their Employees at https://files.fb.com and Hacker reported a very critical password reset vulnerability. Nir Goldshlager, a researcher told 'The Hacker News' that how he defeat Facebook's Secure...
BitTorrent / uTorrent Detection
The remote host is running BitTorrent or uTorrent, peer-to-peer file sharing applications. Note that, due to the peer-to-peer nature of these applications, any user connecting to the BitTorrent network may consume a large amount of bandwidth. C Tenable Network Security, Inc. include"compat.inc";...
AppleShare IP Server status query
File sharing service is available. Description : The remote host is running an AppleShare IP file service. By sending DSIGetStatus request on tcp port 548, it was possible to disclose information about the remote host. OpenVAS Vulnerability Test $Id: asip-status.nasl 7000 2017-08-24 11:51:46Z...
RHEL 3 : samba (RHSA-2004:064)
Updated Samba packages that fix a security vulnerability are now available. Samba provides file and printer sharing services to SMB/CIFS clients. The Samba team discovered an issue that affects version 3.0.0 and 3.0.1 of Samba. If an account for a user is created, but marked as disabled using the...
Apple Filing Protocol Server Detection
The remote service understands the Apple Filing Protocol AFP and responds to a 'FPGetSrvrInfo' 'DSIGetStatus' request with information about itself. AFP is used to offer file services for Mac OS X as well as the older Mac OS. In the past, it has also been known as 'AppleTalk Filing Protocol' and...