Lucene search
K

22 matches found

The Hacker News
The Hacker News
added 2026/02/24 2:21 p.m.9 views

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor's targeting beyond Ukraine and into entities...

6.2AI score
Exploits0
CNNVD
CNNVD
added 2025/08/01 12:0 a.m.3 views

Synactis PDF In-The-Box 安全漏洞

Synactis PDF In-The-Box is a PDF generation and manipulation component from the French company Synactis. A security vulnerability exists in Synactis PDF In-The-Box that stems from a buffer overflow in the ConnectToSynactis method, which could lead to remote code execution...

7.5CVSS8AI score0.01124EPSS
Exploits0References6
OSV
OSV
added 2023/02/11 12:6 p.m.11 views

MAL-2023-1879 Malicious code in idscord-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3d39786f116b2209474d5d52204c264d399788c719092dfa47594e44efc33802 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/02/10 8:24 p.m.5 views

MAL-2023-1966 Malicious code in ppytorch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d60189f9e54fe7d869b9bca2411c34aee3347b295fbcecd459027ae95065fba1 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2021/07/26 7:33 p.m.83 views

Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC

Microsoft was quick to respond with a fix to an attack dubbed “PetitPotam” that could force remote Windows systems to reveal password hashes that could then be easily cracked. To thwart an attack, Microsoft recommends system administrators stop using the now deprecated Windows NT LAN Manager NTLM...

7.6AI score
Exploits0References9
CNVD
CNVD
added 2020/06/17 12:0 a.m.7 views

Unspecified vulnerability in KUKA controller KR C4

The KUKA controller KR C4 is a robot control system from the German company KUKA. A security vulnerability exists in KUKA controller KR C4. An attacker can exploit the vulnerability to stop the manipulator from running by terminating critical services from the Windows Task Manager...

6.1CVSS6.8AI score0.00309EPSS
Exploits0References1
NVD
NVD
added 2020/06/16 6:15 p.m.17 views

CVE-2020-10268

Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that...

6.1CVSS0.00309EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/16 5:55 p.m.20 views

CVE-2020-10268 RVD#2550: Terminate Critical Services in KUKA controller KR C4

Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that...

6.3AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2020/06/16 5:55 p.m.51 views

CVE-2020-10268

CVE-2020-10268 affects the KUKA KR C4 robot controller. A vulnerability allows terminating critical services from Windows Task Manager, causing the manipulator to halt. Recovery requires recalibration of brakes, which must be performed by a KUKA technician or using KUKA calibration hardware. The ...

6.1CVSS6.2AI score0.00309EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2018/12/07 6:35 p.m.10 views

TA505 Crooks are Now Targeting US Retailers with Personalized Campaigns

Cybercriminals behind the notorious Dridex and Locky ransomware have a new target in their sights – large retail, restaurant and grocery chains located in the US. Researchers are warning the well-known financial criminal group TA505 is behind a new wave of email campaigns distributing personalize...

1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2018/08/02 4:46 p.m.14 views

Phishing Campaign Steals Money From Industrial Companies

Industrial production companies are the targets in a large-scale spear-phishing email campaign aimed at installing legitimate remote administration software on victims’ systems. Researchers with Kaspersky Lab said that emails purporting to be commercial offers were the conduit to enabling attacke...

1.8AI score
Exploits0References2
CNVD
CNVD
added 2016/10/20 12:0 a.m.2 views

Wordpress simple-image-manipulator plugin remote file download vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. simple-image-manipulator is one of the image manipulator plugin. A remote file download vulnerability exists in Wordpress simple-image-manipulator plugin v1.0, which can be exploited by...

7.5CVSS7AI score0.07038EPSS
Exploits2References1
Prion
Prion
added 2016/10/06 2:59 p.m.12 views

Remote file inclusion

Remote file download in simple-image-manipulator v1.0 wordpress plugin...

5CVSS7.2AI score0.07038EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2016/10/06 2:0 p.m.25 views

CVE-2015-1000010

Remote file download in simple-image-manipulator v1.0 wordpress plugin...

7.7AI score0.07038EPSS
Exploits2References2
BDU FSTEC
BDU FSTEC
added 2016/07/05 12:0 a.m.6 views

The vulnerability of the Linux operating system, which allows a malicious individual to trigger a local service failure

In the HID driver for the Zeroplus gaming manipulator, there is no mechanism for cleaning the entered information, which leads to local service failure...

4.7CVSS6.5AI score0.00419EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2015/08/10 12:0 a.m.6 views

WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download

Simple Image Manipulator plugin is prone to an arbitrary file download vulnerability. It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Upgrade the plugin...

3.9AI score
Exploits0References1Affected Software1
0day.today
0day.today
added 2015/08/09 12:0 a.m.23 views

WordPress Simple Image Manipulator 1.0 File Download Vulnerability

WordPress Simple Image Manipulator plugin version 1.0 suffers from an arbitrary remote file download vulnerability. Title: Remote file download in simple-image-manipulator v1.0 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-16 Download Site:...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2015/08/05 12:0 a.m.20 views

WordPress Simple Image Manipulator 1.0 File Download

Title: Remote file download in simple-image-manipulator v1.0 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-16 Download Site: https://wordpress.org/plugins/simple-image-manipulator Vendor: https://profiles.wordpress.org/kevartpatel/ Vendor Notified: 2015-07-16 Vendor Contact:...

0.3AI score
Exploits0
wpexploit
wpexploit
added 2015/08/02 12:0 a.m.23 views

simple-image-manipulator <= 1.0 - Remote File Download

Plugin is still affected and has been closed. In ./simple-image-manipulator/controller/download.php no checks are made to authenticate the user or sanitize input when determining file location. $ curl...

5CVSS1.6AI score0.07038EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2015/03/25 12:0 a.m.30 views

WordPress Marketplace 2.4.0 Add Administrator

!/usr/bin/python Exploit Name: WP Marketplace 2.4.0 Remote Command Execution Vulnerability discovered by Kacper Szurek http://security.szurek.pl Exploit written by Claudio Viviani -------------------------------------------------------------------- The vulnerable function is located on...

0.6AI score
Exploits0
Rows per page
Query Builder