21 matches found
EUVD-2022-48652
Malicious code in bioql PyPI...
Red Teaming AI Red Teaming
Red teaming has evolved from its origins in military applications to become a widely adopted methodology in cybersecurity and AI. In this paper, we take a critical look at the practice of AI red teaming. We argue that despite its current popularity in AI governance, there exists a significant gap...
The vulnerability of the WebImageMonitor component of the microprogramming software for Ricoh multifunctional devices allows a hacker to execute arbitrary code.
The vulnerability of the WebImageMonitor component of the microsoftware for multifunctional Ricoh devices relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted network request remotely...
Binom3 Web Management Login Scanner, Config And Password File Dump
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Binom3 Web Management Login Scanner, Config and Password File Dump', 'Description' = % This module scans for Binom3 Multifunctional Revenue Energ...
PaperCut NG和PaperCut MF 后置链接漏洞
PaperCut MF and PaperCut NG are both products of PaperCut Australia.PaperCut MF is a multifunctional printer control software.PaperCut NG is a next-generation printer control software. PaperCut NG and PaperCut MF have a backlink vulnerability that originates from allowing the deletion of arbitrar...
Siemens SICAM Q200 Privilege Assignment Error Vulnerability
The SICAM Q200 is a multifunctional device for detecting, reporting and analyzing measured values and events. A privilege assignment error vulnerability exists in the Siemens SICAM Q200, which can be exploited by an attacker to impersonate a legitimate application user...
Sharp Digital Full-color Multifunctional System 命令注入漏洞
The Sharp Digital Full-color Multifunctional System is a series of digital full-color multifunctional printers from Sharp, Japan. A command injection vulnerability exists in the Sharp Digital Full-color Multifunctional System, which is not properly protected with a strong administrator password a...
PT-2022-27644 · Sharp · Sharp Digital Multifunctional System +1
Name of the Vulnerable Software and Affected Versions: SHARP Digital Full-color Multifunctional System versions 202 or earlier SHARP Digital Full-color Multifunctional System versions 120 or earlier SHARP Digital Full-color Multifunctional System versions 600 or earlier SHARP Digital Full-color...
Threat Roundup for July 15 to July 22
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 15 and July 22. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...
CVE-2021-20877
CVE-2021-20877 is a stored cross-site scripting (XSS) vulnerability affecting Canon laser printers and related small office multifunction devices (many LBP, MF, imageRUNNER series) sold in Japan, the US, and Europe. The issue allows remote attackers to inject arbitrary script via unspecified vect...
POWER METER SICAM Q100 Remote Code Execution Vulnerability
The POWER METER SICAM Q100 is a multifunctional device used to detect, report and analyze measured values and events.The POWER METER SICAM Q100 remote code execution vulnerability can be exploited by remote attackers to execute remote code...
Unauthorized Access Vulnerability in HP OfficeJet Pro 8210
The HP OfficeJet Pro 8210 is an all-in-one printer. An unauthorized access vulnerability exists in the HP OfficeJet Pro 8210, which can be exploited by an attacker to obtain sensitive information...
Weak password vulnerability in KYOCERA ECOSYS M5520cdn
The ECOSYS M5520cdn is an all-in-one printer. A weak password vulnerability exists in the KYOCERA ECOSYS M5520cdn, which can be exploited by an attacker to obtain sensitive information...
Command injection
Fuji Xerox multifunction devices and printers DocuCentre-VII C7773/C6673/C5573/C4473/C3373/C3372/C2273, DocuCentre-VII C7788/C6688/C5588, ApeosPort-VII C7773/C6673/C5573/C4473/C3373/C3372 C2273, ApeosPort-VII C7788/C6688/C5588, ApeosPort...
Threadtear - Multifunctional Java Deobfuscation Tool Suite
Threadtear is a multifunctional deobfuscation tool for java. Suitable for easier code analysis without worrying too much about obfuscation. Even the most expensive obfuscators like ZKM or Stringer are included. It also contains older deobfuscation tools from my github account, but it can also be...
Scranos: New Rapidly Evolving Rootkit-Enabled Spyware Discovered
A new powerful rootkit-enabled spyware operation has been discovered wherein hackers are distributing multifunctional malware disguised as cracked software or trojanized app posing as legitimate software like video players, drivers and even anti-virus products. While the rootkit malware—dubbed...
The vulnerability of the Wizard component in the microprogramming software of the RICOH MP multifunctional device allows a hacker to inject any code into the protected web page.
The vulnerability of the Wizard component file /web/entry/en/address/adrsSetUserWizard.cgi of the RICOH MP multifunctional device exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into...
Intercepter-NG v1.9 - Multifunctional Network Toolkit for Android
Intercepter-NG is a multifunctional network toolkit for various types of IT specialists. It has functionality of several famous separate tools and more over offers a good and unique alternative of Wireshark for android. The main features are: Network discovery with OS detection Network traffic...
CVE-2014-3894
Cross-site scripting XSS vulnerability in PHP Kobo Multifunctional MailForm Free 2014/1/28 and earlier allows remote attackers to inject arbitrary web script or HTML via an HTTP Referer header...
CVE-2014-3894
CVE-2014-3894 is a documented cross-site scripting (XSS) vulnerability in PHP Kobo’s Multifunctional MailForm Free (≤2014/1/28). The issue stems from how HTTP Referer headers are processed, allowing remote attackers to inject arbitrary scripts/HTML. Affected product: Multifunctional MailForm Free...