Nikto Web Scanner 2.6.0

Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including thousands of potentially dangerous files/programs, checks for outdated versions of over 1500 server components, and version specific problems on hundreds of servers...

Unity Parsec Installed (macOS)

Binary data unityparsecmacinstalled.nbin...

Dell Digital Delivery Memory Misreference Vulnerability

Dell Digital Delivery is an application from Dell USA dedicated to Dell computer equipment for the online purchase of pre-installed software for computers. Dell Digital Delivery suffers from a memory misreference vulnerability that originates from a mix-up in the program's instructions responsibl...

CVE-2023-4802

A reflected cross-site scripting vulnerability in the UpdateInstalledSoftware endpoint of the Insider Threat Management ITM Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to...

Part III: Implementing Effective Cyber Security Metrics that Reduce Risk Realistically

We outlined some critical cybersecurity metrics in Part I of this three-part blog series. In the final blog post, we will delve into three crucial aspects outlined in Josh’s article: tactical metrics for operational teams, strategic metrics for leadership, and the metrics addressing the...

CVE-2023-38556

Improper input validation vulnerability in SEIKO EPSON printer Web Config allows a remote attacker to turned off the printer. Note Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers via a web browser. Web Config is pre-installed in som...

DEBIAN-CVE-2023-25729

Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such as downloading files or interacting with software already...

Mozilla: Extensions could have opened external schemes without user knowledge

The Mozilla Foundation Security Advisory describes this flaw as: Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such...

Mozilla: Extensions could have opened external schemes without user knowledge

The Mozilla Foundation Security Advisory describes this flaw as: Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such...

Mozilla: Extensions could have opened external schemes without user knowledge

The Mozilla Foundation Security Advisory describes this flaw as: Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such...

Mozilla: Extensions could have opened external schemes without user knowledge

The Mozilla Foundation Security Advisory describes this flaw as: Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such...

MAL-2022-5422 Malicious code in possnested (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5499bf98d70d34501138bf621598f52c8d37bd13386e067ef0f46d7e030468a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Utilizing the Adaptive Defense Model Against Information Stealers

Trellix Global Defenders: Utilizing the Adaptive Defense Model Against Information Stealers By Taylor Mullins · May 23, 2022 Trellix is continuing to observe the continued growth in usage and general availability of Information Stealers that have the functionality to collect passwords, cookies,...

Factual-Rules-Generator - An Open Source Project Which Aims To Generate YARA Rules About Installed Software From A Machine

Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a running operating system. The goal of the software is to be able to use a set of rules against collected or acquired digital forensic evidences and find installed software in a time...

Frictionless Assessment Asset Inventory Windows

Nessus collected information about the target host to create an inventory for Frictionless Assessment TRUSTED...

CVE-2021-30988

Description: A permissions issue was addressed with improved validation. This issue is fixed in iOS 15.2 and iPadOS 15.2. A malicious application may be able to identify what other applications a user has installed...

Frictionless Assessment Asset Inventory

Nessus collected information about the target host to create an inventory for Frictionless Assessment TRUSTED...

Backdoor.Win32.NerTe.772 Code Execution

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/464d7073f884b586b17950eef2908a6eB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NerTe.772 Vulnerability: Unauthenticated Remote Command Execution Description: The...

Multiplatform Installed Software Version Enumerator

This module, when run against a compromised machine, will gather details on all installed software, including their versions and if available, when they were installed, and will save it into a loot file for later use. Users can then use this loot file to determine what additional vulnerabilites m...

Samsung Mobile Device Information Disclosure Vulnerability (CNVD-2020-34732)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. Samsung mobile devices have an information disclosure vulnerability that can be exploited by an attacker to obtain access to log files to obtain contact information and list informatio...