15 matches found
MAL-2026-4821 Malicious code in pywingui (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db77876bf3b13e55750748761841f7ab77f17bd951bdc1c749e1e56d4416d7e pywingui 6.0.1 advertises itself as a Win32 UI automation framework but ships only Nuitka-compiled cp311-win32.pyd binaries the 4.py files are trivia...
EUVD-2018-7647
Malware in sbrugna...
EUVD-2014-9151
Malware in sbrugna...
Malicious code in eslint-plugin-panel-ops (npm)
Malware: Executes code on install, exfiltrates data via DNS to a suspicious domain. Contains a preinstall script and phone-home behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc1ea7508e63005e73356cfdb457f0050ebb7ae1f04cb319592c30a140c4e2f2 Any computer th...
What Data Does Veeam Kasten for Kubernetes Include in the Phone Home Reports
Purpose This article documents what data is included in the phone home reports sent by Veeam Kasten for Kubernetes. Solution The data is divided into the following sections Basic Data Infrastructure Data Run Time Data for Billing Purposes Additional Metrics Profiles Artifact Metrics Basic Data...
K16090: BIG-IP Automatic Update Check and ASM Automatic Signature Update man-in-the-middle vulnerability CVE-2014-9326
Security Advisory Description The automatic signature update functionality in the 1 Phone Home feature in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, GTM, and Link Controller 11.5.0 through 11.6.0, ASM 10.0.0 through 11.6.0, and PEM 11.3.0 through 11.6.0 and the 2 Call Home feature in ASM 10.0.0...
CVE-2018-15784
Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature which does not properly validate the server's certificate authority during TLS handshake. Use of an invalid or malicious certificate could potentially allow an attacker to spoof a trusted entity by...
Code injection
Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature which does not properly validate the server's certificate authority during TLS handshake. Use of an invalid or malicious certificate could potentially allow an attacker to spoof a trusted entity by...
CVE-2018-15784
Dell Networking OS10 versions prior to 10.4.3.0 contain a vulnerability in the Phone Home feature which does not properly validate the server's certificate authority during TLS handshake. Use of an invalid or malicious certificate could potentially allow an attacker to spoof a trusted entity by...
CVE-2018-1204
Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isiphonehome tool. A malicious compadmin may potentially exploit this vulnerability to execute arbitrary...
Disable Quartz Phone Home
Quartz's phone home has not yet been disabled in Crowd. http://quartz-scheduler.org/documentation/best-practices suggests setting org.terracotta.quartz.skipUpdateCheck=true as a system property to disable this check...
Disable Quartz Phone Home
Quartz's phone home has not yet been disabled in Crowd. http://quartz-scheduler.org/documentation/best-practices suggests setting org.terracotta.quartz.skipUpdateCheck=true as a system property to disable this check...
Code injection
The automatic signature update functionality in the 1 Phone Home feature in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, GTM, and Link Controller 11.5.0 through 11.6.0, ASM 10.0.0 through 11.6.0, and PEM 11.3.0 through 11.6.0 and the 2 Call Home feature in ASM 10.0.0 through 11.6.0 and PEM 11.3.0...
USPS Spam Campaign Drops Asprox Botnet Malware
A new spam campaign has emerged in support of the Asprox botnet. The scheme involves shipping receipt emails that contain malicious links and purport to come from the United States Postal Service USPS. Anyone who receives one of these emails and clicks on the link therein will have a zip file...
Etomite followup information
---------- Forwarded message ---------- From: Rick Elnor To: [email protected] Date: Sun, 29 Jan 2006 10:11:08 -0800 Subject: OSVDB Mods Change Request 22693: Etomite todo.inc.php cij Variable Arbitrary Command Execution Hello, I am Rick Elnor, the Etomite CMS security expert and owner ow...