22 matches found
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware
A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor's targeting beyond Ukraine and into entities...
Synactis PDF In-The-Box 安全漏洞
Synactis PDF In-The-Box is a PDF generation and manipulation component from the French company Synactis. A security vulnerability exists in Synactis PDF In-The-Box that stems from a buffer overflow in the ConnectToSynactis method, which could lead to remote code execution...
MAL-2023-1879 Malicious code in idscord-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3d39786f116b2209474d5d52204c264d399788c719092dfa47594e44efc33802 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-1966 Malicious code in ppytorch (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx d60189f9e54fe7d869b9bca2411c34aee3347b295fbcecd459027ae95065fba1 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC
Microsoft was quick to respond with a fix to an attack dubbed “PetitPotam” that could force remote Windows systems to reveal password hashes that could then be easily cracked. To thwart an attack, Microsoft recommends system administrators stop using the now deprecated Windows NT LAN Manager NTLM...
Unspecified vulnerability in KUKA controller KR C4
The KUKA controller KR C4 is a robot control system from the German company KUKA. A security vulnerability exists in KUKA controller KR C4. An attacker can exploit the vulnerability to stop the manipulator from running by terminating critical services from the Windows Task Manager...
CVE-2020-10268
Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that...
CVE-2020-10268 RVD#2550: Terminate Critical Services in KUKA controller KR C4
Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that...
CVE-2020-10268
CVE-2020-10268 affects the KUKA KR C4 robot controller. A vulnerability allows terminating critical services from Windows Task Manager, causing the manipulator to halt. Recovery requires recalibration of brakes, which must be performed by a KUKA technician or using KUKA calibration hardware. The ...
TA505 Crooks are Now Targeting US Retailers with Personalized Campaigns
Cybercriminals behind the notorious Dridex and Locky ransomware have a new target in their sights – large retail, restaurant and grocery chains located in the US. Researchers are warning the well-known financial criminal group TA505 is behind a new wave of email campaigns distributing personalize...
Phishing Campaign Steals Money From Industrial Companies
Industrial production companies are the targets in a large-scale spear-phishing email campaign aimed at installing legitimate remote administration software on victims’ systems. Researchers with Kaspersky Lab said that emails purporting to be commercial offers were the conduit to enabling attacke...
Wordpress simple-image-manipulator plugin remote file download vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. simple-image-manipulator is one of the image manipulator plugin. A remote file download vulnerability exists in Wordpress simple-image-manipulator plugin v1.0, which can be exploited by...
Remote file inclusion
Remote file download in simple-image-manipulator v1.0 wordpress plugin...
CVE-2015-1000010
Remote file download in simple-image-manipulator v1.0 wordpress plugin...
The vulnerability of the Linux operating system, which allows a malicious individual to trigger a local service failure
In the HID driver for the Zeroplus gaming manipulator, there is no mechanism for cleaning the entered information, which leads to local service failure...
WordPress Simple Image Manipulator Plugin 1.0 - Arbitrary File Download
Simple Image Manipulator plugin is prone to an arbitrary file download vulnerability. It allows an attacker to download arbitrary files from the web server and get potentially sensitive information. Solution Upgrade the plugin...
WordPress Simple Image Manipulator 1.0 File Download Vulnerability
WordPress Simple Image Manipulator plugin version 1.0 suffers from an arbitrary remote file download vulnerability. Title: Remote file download in simple-image-manipulator v1.0 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-16 Download Site:...
WordPress Simple Image Manipulator 1.0 File Download
Title: Remote file download in simple-image-manipulator v1.0 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-16 Download Site: https://wordpress.org/plugins/simple-image-manipulator Vendor: https://profiles.wordpress.org/kevartpatel/ Vendor Notified: 2015-07-16 Vendor Contact:...
simple-image-manipulator <= 1.0 - Remote File Download
Plugin is still affected and has been closed. In ./simple-image-manipulator/controller/download.php no checks are made to authenticate the user or sanitize input when determining file location. $ curl...
WordPress Marketplace 2.4.0 Add Administrator
!/usr/bin/python Exploit Name: WP Marketplace 2.4.0 Remote Command Execution Vulnerability discovered by Kacper Szurek http://security.szurek.pl Exploit written by Claudio Viviani -------------------------------------------------------------------- The vulnerable function is located on...