CVE-2023-34844

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

CVE-2023-34844

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

CVE-2023-34844

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

Code injection

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

CVE-2023-34844

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

Play With Docker 安全漏洞

Play With Docker is an easy, interactive and fun training ground for learning Docker. A security vulnerability exists in Play With Docker versions prior to 0.0.2 that stems from having an insecure CAPSYSADMIN privilege pattern that causes Docker containers to escape...

Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland

A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023. "The actors behind Anatsa aim to steal credentials used to authorize customers in mobile banking...

Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland

A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023. "The actors behind Anatsa aim to steal credentials used to authorize customers in mobile banking...

VulnCheck KEV: CVE-2019-17621

D-Link DIR-859 router contains a command execution vulnerability in the UPnP endpoint URL, /gena.cgi. Exploitation allows an unauthenticated remote attacker to execute system commands as root by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local...

Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign

Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as part of a new targeted campaign. Cybersecurity firm Cyfirma attributed the campaign with moderate confidence to a threat actor known as DoNot Team, which is also tracked as...

CVE-2023-2492

CVE-2023-2492 affects the WordPress plugin QueryWall: Plug'n Play Firewall, version

WordPress plugin Play Firewall SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

CVE-2023-34733

A lack of exception handling in the Volkswagen Discover Media Infotainment System Software Version 0876 allows attackers to cause a Denial of Service DoS via supplying crafted media files when connecting a device to the vehicle's USB plug and play feature...

CVE-2023-34733

A lack of exception handling in the Volkswagen Discover Media Infotainment System Software Version 0876 allows attackers to cause a Denial of Service DoS via supplying crafted media files when connecting a device to the vehicle's USB plug and play feature...

PT-2023-24988 · Volkswagen · Volkswagen Discover Media Infotainment System

Name of the Vulnerable Software and Affected Versions: Volkswagen Discover Media Infotainment System Software version 0876 Description: A lack of exception handling in the software allows attackers to cause a Denial of Service DoS via supplying crafted media files when connecting a device to the...

CVE-2023-34733

A lack of exception handling in the Volkswagen Discover Media Infotainment System Software Version 0876 allows attackers to cause a Denial of Service DoS via supplying crafted media files when connecting a device to the vehicle's USB plug and play feature...

CVE-2023-33443

Incorrect access control in the administrative functionalities of BES--6024PB-I50H1 VideoPlayTool v2.0.1.0 allow attackers to execute arbitrary administrative commands via a crafted payload sent to the desired endpoints...

BES--6024PB-I50H1 VideoPlayTool 安全漏洞

BESDER IP Camera VideoPlayTool is a BESDER IP Camera VideoPlayTool from BESDER China. A security vulnerability exists in BES--6024PB-I50H1 VideoPlayTool version v2.0.1.0, which originates from incorrect access control in the administration function. An attacker could exploit the vulnerability to...

PT-2023-7362 · Docker · Play With Docker

Name of the Vulnerable Software and Affected Versions: Play With Docker versions prior to 0.0.2 Description: The issue is related to an insecure CAP SYS ADMIN privileged mode in Play With Docker, which is associated with inadequate access control. This can be exploited by a remote attacker to...

Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices

Thousands of adware apps for Android have been found to masquerade as cracks or modded versions of popular applications to serve unwanted ads to users as part of a campaign ongoing since October 2022. "The campaign is designed to aggressively push adware to Android devices with the purpose to dri...