EUVD-2016-7336

Malware in sbrugna...

EUVD-1999-0788

Malware in sbrugna...

ROS-2-994

2.994 Mozilla Firefox browser vulnerability CVE-2021-29970, CVE-2021-29976 1. Vulnerability description: CVE-2021-29970 A vulnerability in the Mozilla Firefox browser, is related to a release error in accessibility functions when processing HTML content. Exploitation of the vulnerability could...

SecuriDropper: New Android Dropper-as-a-Service Bypasses Google's Defenses

Cybersecurity researchers have shed light on a new dropper-as-a-service DaaS for Android called SecuriDropper that bypasses new security restrictions imposed by Google and delivers the malware. Dropper malware on Android is designed to function as a conduit to install a payload on a compromised...

CVE-2022-27581

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version v2.25 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...

CVE-2022-46832

CVE-2022-46832 affects SICK RFU62x firmware pre-2.21. The issue arises when a user requests encryption with a weak cipher suite via SSH, enabling a low-privilege remote attacker to decrypt data due to use of a broken/risky cryptographic algorithm. A patch/update to version 2.21 or later is availa...

CVE-2022-46833

The CVE-2022-46833 entry describes a vulnerability in SICK RFU63x firmware prior to version 2.21 where requesting weak cipher suites via SSH enables a low-privileged remote attacker to decrypt data due to use of a broken/risky cryptographic algorithm. Impact is confidentiality loss (C:H) with net...

ROS-2-1324

2.1324 Vulnerability in Mozilla Firefox browser CVE-2021-29967 1. Vulnerability description: Vulnerability in the Mozilla Firefox browser that allows an attacker to execute arbitrary code on the target system.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: 2...

ROS-2-1275

2.1275 Multiple vulnerabilities in PostgreSQL CVE-2021-32027, CVE-2021-32028, CVE-2021-32029 1. Vulnerability Description: CVE-2021-32027 The vulnerability allows a remote attacker to execute arbitrary code on the target system. CVE-2021-32028, CVE-2021-32029 Vulnerability allows a remote user to...

Driver Disk for Intel i40e 2.0.23 - For XenServer 7.x CR

Who Should Install this Driver Disk? Customers running a Citrix XenServer 7.x Current Release who use Intel's i40e driver and wish to use the latest version of the following: Driver Module| Version ---|--- i40e| 2.0.23 Issues Resolved In this Driver Disk Includes general enhancements and bug fixe...

CVE-2020-27613

The installation procedure in BigBlueButton before 2.2.28 or earlier uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access...

CVE-2020-27613

The installation procedure in BigBlueButton before 2.2.28 or earlier uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access...

Default credentials

The installation procedure in BigBlueButton before 2.2.28 or earlier uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access...

CVE-2020-27610

The installation procedure in BigBlueButton before 2.2.28 or earlier exposes certain network services to external interfaces, and does not automatically set up a firewall configuration to block external access...

Remote code execution

Remote code execution vulnerability in /cmsms-2.1.6-install.php/index.php in CMS Made Simple version 2.1.6 allows remote attackers to inject arbitrary PHP code via the "timezone" parameter in step 4 of a fresh installation procedure...

CVE-2017-6732

A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd47343. Known Affected Releases: 4.22.1PP1 4.23.0PP6 4.30.0PP4 4.31.0PP2. Known Fixed Releases: 4.32...

Design/Logic Flaw

A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd47343. Known Affected Releases: 4.22.1PP1 4.23.0PP6 4.30.0PP4 4.31.0PP2. Known Fixed Releases: 4.32...

CVE-2017-6732

A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. More Information: CSCvd47343. Known Affected Releases: 4.22.1PP1 4.23.0PP6 4.30.0PP4 4.31.0PP2. Known Fixed Releases: 4.32...

Cisco Prime Network Privilege Escalation Vulnerability

A vulnerability in the installation procedure for Cisco Prime Network Software could allow an authenticated, local attacker to elevate their privileges to root privileges. The vulnerability is due to the use of incorrect installation and permission settings for binary files when the affected...

CVE-2016-6470

A vulnerability in the installation procedure of the Cisco Hybrid Media Service could allow an authenticated, local attacker to elevate privileges to the root level. More Information: CSCvb81344. Known Affected Releases: 1.0...