11 matches found
EUVD-2019-7851
Malware in sbrugna...
EUVD-2023-55519
Malicious code in bioql PyPI...
CVE-2023-50786
Dradis through 4.16.0 allows referencing external images resources over HTTPS, instead of forcing the use of embedded uploaded images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network...
CVE-2023-50786
Dradis through 4.16.0 allows referencing external images resources over HTTPS, instead of forcing the use of embedded uploaded images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network...
PT-2025-28033 · Dradis · Dradis
Name of the Vulnerable Software and Affected Versions: Dradis versions through 4.16.0 Description: Dradis allows referencing external images over HTTPS instead of requiring the use of embedded images. This can be exploited by an authorized author to attempt to steal the Net-NTLM hashes of other...
CVE-2023-50786
CVE-2023-50786 affects Dradis 4.16.0 and earlier, where references to external HTTPS images are allowed instead of forcing embedded images. This can enable an authorized author to attempt theft of Net-NTLM hashes from other authors on a Windows domain network. Remediation: upgrade to a version th...
CVE-2019-9565
Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 before 10.1.2147 allows remote attackers to steal NTLM hashes or perform SMB relay attacks upon a direct launch of the product, or upon an indirect launch via an integration such as Chrome, Firefox, Word, Outlook, etc. This occu...
CVE-2019-17497
Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files a related issue to CVE-2018-4993. For example, an NTLM hash is sent for a link to \\192.168.0.2\C$\file.pdf without user interaction...
CVE-2024-29851
Veeam Backup Enterprise Manager allows high-privileged users to steal NTLM hash of Enterprise manager service account...
PT-2019-15171 · Pdf Xchange · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor versions prior to 8.0.330.0 Description: The issue allows for NTLM SSO hash theft using crafted FDF or XFDF files. This can occur when a link to a file, such as '192.168.0.2C$file.pdf', is accessed without user interaction,...
Microsoft Windows FxCop 12 XXE Injection
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MS-WINDOWS-FXCOP-XML-EXTERNAL-ENTITY-INJECTION.txt + ISR: Apparition Security Greetz: indoushka|Eduardo|Dirty0tis Vendor: ======== www.microsoft.com Product: =========== Microsoft Windows...