Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:28 a.m.5 views

CVE-2023-36462

Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 2.6.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, an attacker can craft a verified profile link using specific formatting to conceal arbitrary parts of the link, enabling it to appear to link to a...

5.4CVSS6.9AI score0.00622EPSS
Exploits0References1
NVD
NVD
added 2021/06/01 7:15 p.m.28 views

CVE-2021-3424

A flaw was found in keycloak as shipped in Red Hat Single Sign-On 7.4 where IDN homograph attacks are possible. A malicious user can register himself with a name already registered and trick admin to grant him extra privileges...

5.3CVSS0.00774EPSS
Exploits0References1
Prion
Prion
added 2021/06/01 7:15 p.m.20 views

Design/Logic Flaw

A flaw was found in keycloak as shipped in Red Hat Single Sign-On 7.4 where IDN homograph attacks are possible. A malicious user can register himself with a name already registered and trick admin to grant him extra privileges...

5CVSS5.8AI score0.00774EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/06/01 6:43 p.m.131 views

CVE-2021-3424

CVE-2021-3424 describes an IDN homograph attack in Keycloak as shipped with Red Hat Single Sign-On 7.4, enabling a malicious user to register a name already in use and potentially trick an admin into granting extra privileges. Connected advisories confirm this vulnerability is addressed by Red Ha...

5.3CVSS5.2AI score0.00774EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2021/03/08 1:33 p.m.37 views

CVE-2021-3424

A flaw was found in keycloak, where IDN homograph attacks are possible. This flaw allows a malicious user to register a name that already exists and then tricking an admin to grant extra privileges. The highest threat from this vulnerability is to integrity...

5.3CVSS3.5AI score0.00774EPSS
Exploits0References4
Kitploit
Kitploit
added 2021/02/08 11:30 a.m.64 views

Ditto - A Tool For IDN Homograph Attacks And Detection

Ditto is a small tool that accepts a domain name as input and generates all its variants for an homograph attack as output, checking which ones are available and which are already registered. PoC domains https://tᴡitter.com/ https://clᴏudflare.com Using with Docker The image on docker hub is...

7.4AI score
Exploits0References1
The Hacker News
The Hacker News
added 2020/11/11 10:50 a.m.36 views

Over 2800 e-Shops Running Outdated Magento Software Hit by Credit Card Hackers

A wave of cyberattacks against retailers running the Magento 1.x e-commerce platform earlier this September has been attributed to one single group, according to the latest research. "This group has carried out a large number of diverse Magecart attacks that often compromise large numbers of...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/09/02 8:54 a.m.29 views

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

Cybercriminal groups are constantly evolving to find new ways to pilfer financial information, and the latest trick in their arsenal is to leverage the messaging app Telegram to their benefit. In what's a new tactic adopted by Magecart groups, the encrypted messaging service is being used to send...

0.4AI score
Exploits0
Rows per page
Query Builder