maltrail

It is an offensive tool for network traffic analysis. The primary CVE ID is not present in the provided context, but the tool is designed to detect malicious traffic. The target product/service or framework is not explicitly stated, but it is likely a network traffic analysis system. The...

Threat Intelligence Sweeping now supports container security telemetry data

Threat Intelligence Sweeping starts to support sweep container security telemetry data. Users can now use the TI tool to identify possible malicious activity in their container-based environments. The trigger events are visible in workbench alert...

MAL-2024-10579 Malicious code in adandu (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5f79b041fd4b5d0177f66a15f603d406d6eaeae16e312194b27685e261ce50fc A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

MAL-2024-9407 Malicious code in j5gnpuiwerbngpiutbgn0iutb0p (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0e410a6e975b8a7d6930f2fbde2be25a08fd2bc8995fc57d1794fc12eaf1e019 According to the description, packages should demonstrate the dependency confusion attack. The realisation is, in fact, a spamming with packages having as the...

MAL-2024-8016 Malicious code in artifact-lab-3-package-f0727516 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4eda9e6e52c2a5a96b0b7053fcd9c738d037bc9a0c86b1a2bd7c74336691b958 Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...

MAL-2023-1031 Malicious code in command-launcher (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a7b891d069224249cbc33b96113ab88f41f6eb292cb9a94e8232641a2e2ddf9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Mitsubishi Electric FR Configurator2

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Low skill level to exploit Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric FR Configurator2 Vulnerabilities: Improper Restriction of XML External Entity Reference, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation...

Microsoft SharePoint Server CVE-2018-8252 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Technologies Affected Microsof...

Microsoft Excel CVE-2018-0796 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Microsoft Windows Graphics Component CVE-2017-11763 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of an affected system. Failed exploit attempts may result in a denial of service condition. Technologies Affected Microsoft Windows 10 Versi...

Microsoft Windows Uniscribe CVE-2017-0285 Information Disclosure Vulnerability

Description Microsoft Windows Uniscribe is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Office 2007 Service Pack 3 Microsoft Office 2010 Service Pack 2...

Microsoft Office CVE-2017-0019 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Microsoft Internet Explorer CVE-2015-1713 Remote Privilege Escalation Vulnerability

Description Microsoft Internet Explorer is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. Internet Explorer 11 is vulnerable. Technologies Affected Avaya CallPilot 4.0 Avaya...

Microsoft Internet Explorer CVE-2015-0027 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Sysmon v2.0 - System Activity Monitor for Windows

System Monitor Sysmon is a Windows system service and device driver that, once installed on a system, remains resident across system reboots to monitor and log system activity to the Windows event log. It provides detailed information about process creations, network connections, and changes to...

Microsoft Internet Explorer 'CCanvasRadialGradient' Objects Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2014-1779 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability due to a use-after-free condition. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service...

Microsoft Internet Explorer CVE-2014-1783 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...

Microsoft Word File Processing CVE-2014-1758 Remote Stack Buffer Overflow Vulnerability

Description Microsoft Word is prone to a remote stack-based buffer-overflow vulnerability. Successful exploits will allow attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...

Microsoft Word CVE-2014-1761 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...