CVE-2026-32634 Glances Central Browser Autodiscovery Leaks Reusable Credentials to Zeroconf-Spoofed Servers

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised server name and the discovered IP address for dynamic servers, but later builds connection URIs from the untrusted advertised name instead ...

kernel: NULL pointer dereference in nvmet_tcp_build_iovec

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service...

Proxyware Services Open Orgs to Abuse – Report

Services that allow consumers to resell their own internet bandwidth for profit to businesses that want to resell it are ripe for abuse, according to researchers. The burgeoning business model is growing in popularity with consumers who earn about $1 for every 10GB of their bandwidth shared with...

A week in security (February 19 – February 25)

Last week on Malwarebytes Labs, we gave readers a primer on encryption, took a stab at that Deepfakes tool Internet users seem to be interested in, and started a new series that talks about GDPR. We also looked at a drive-by download campaign that starts in booby-trapped Chinese websites that dro...

CommuniGatePro 6.2 Missing XIMSS Tag Validation

Exploit Title: CommuniGatePro 6.2 - Missing XIMSS tags validation Date: 02/01/2018 Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.stalker.com/ Software Link: http://www.stalker.com/ paid product Version: 6.2.x tags by tags and vice versa, ending up...

CVE-2016-9755

An attacker on a network could abuse a flaw in the IPv6 stack fragment reassembly code to induce kernel memory corruption on the system, possibly leading to a system crash...

Firefox < 1.5.0.11 / 2.0.0.3 Multiple Vulnerabilities

The FTP client support in the installed version of Firefox has a flaw that could allow a remote attacker with control of an FTP server to perform a rudimentary port scan of, for example, the user's internal network. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid2487...

smtp.acct.probing.txt

http://www.l8r.com/nwa/nwa1.htm Network Abuse Information SMTP Server abuse Software: GeoList Pro Author: www.earthonline.com SPECIAL UPDATE: 03/08/99 GeoList Pro is being pulled from distribution. Details can be found at EarthOnline's Site. Use the URL above. Jump to Updates Original Posting:...