FAQ: Citrix Secure Mail APNS for IT Admins

This article provides answers to frequently asked questions onCitrix Secure Mail APNS forIT Admins.For more information on Push Notifications for Secure Mail, refer to Citrix Documentation - Rich Push Notifications for Secure Mail for iOS. General Overview Q1: Why does Secure Mail for iOS require...

Real-Time Two-Factor Phishing Tool: ReelPhish

2FA adds an extra layer of authentication on top of the typical username and password. Two common 2FA implementations are one-time passwords and push notifications. One-time passwords are generated by a secondary device, such as a hard token, and tied to a specific user. These passwords typically...

php: Null pointer dereference in php_wddx_push_element

The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...

Adobe PhoneGap Push plugin code execution vulnerability

Adobe PhoneGap Push Plugin is a messaging push plugin for Adobe products from the American company Audobee Adobe. A code execution vulnerability exists in Adobe PhoneGap Push Plugin version 1.8.0 and earlier. A remote attacker can exploit this vulnerability by tricking a user into performing a...

APSB18-15 Security update available for the Adobe PhoneGap Push plugin

Adobe has released an update for the Adobe PhoneGap Push plugin. This update resolves a Same-Origin Method Execution SOME vulnerability CVE-2018-4943 that exists in PhoneGap apps built with the affected version of the Push plugin. This vulnerability could be exploited to trick users of PhoneGap...

Apple iOS APNs Man-in-the-Middle Attack Vulnerability

Apple iOS is an operating system developed by Apple Inc. for mobile devices.APNs are a component of the push notification service. A security vulnerability exists in the APNs component in versions of Apple iOS prior to 11. An attacker can exploit this vulnerability to conduct a man-in-the-middle...

CVE-2017-13863

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "APNs" component. It allows man-in-the-middle attackers to track users by leveraging the transmission of client certificates...

UBUNTU-CVE-2018-9165

The pushdup function in util/decompile.c in libming through 0.4.8 does not recognize the need for ActionPushDuplicate to perform a deep copy when a String is at the top of the stack, making the library vulnerable to a util/decompile.c getName NULL pointer dereference, which may allow attackers to...

Gitlab system_hook_push Remote Code Execution Vulnerability

GitLab is a set of open source applications developed using Ruby on Rails to implement a self-hosted Git version control system project repository, which has similar functionality to Github, with access to a project's file contents, commit history, bug lists, etc. The GitLab Community Edition CE ...

Information Disclosure

maven-scm-api is vulnerable to information disclosure attacks. If a git push command failed, the password is printed in plaintext to the logs...

Mozilla Firefox Denial of Service Vulnerability (CNVD-2018-07046)

Mozilla Firefox, commonly known as "Firefox" in Chinese, is a free and open-source web browser that uses the Gecko typography engine and supports a variety of operating systems, such as Windows, Mac OS X and GNU/Linux, among others. Mozilla Firefox suffers from a denial-of-service vulnerability,...

CVE-2018-5141

A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service DOS attack or to display unwanted content from arbitrary URLs to users. This vulnerabili...

UBUNTU-CVE-2018-5141

A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service DOS attack or to display unwanted content from arbitrary URLs to users. This vulnerabili...

Security vulnerabilities fixed in Firefox 59 — Mozilla

A buffer overflow can occur when manipulating the SVG animatedPathSegList through script. This results in a potentially exploitable crash. A use-after-free vulnerability can occur when manipulating elements, events, and selection ranges during editor operations. This results in a potentially...

Code Execution Vulnerability in Coupon Pusher CMS v1.8

Push Couponer CMS is a PHP Taobao coupon website developed in PHP+MySQL. A code execution vulnerability exists in PushCoupon CMS v1.8, which is caused by the system failing to adequately filter the values of uninvited parameters and cached files. An attacker can exploit this vulnerability to uplo...

m.milanoo.com XSS vulnerability

Open Bug Bounty ID: OBB-554276 Description| Value ---|--- Affected Website:| m.milanoo.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

dou1ryabinka-push.edumsko.ru XSS vulnerability

Open Bug Bounty ID: OBB-549390 Description| Value ---|--- Affected Website:| dou1ryabinka-push.edumsko.ru Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Linux/x86 - Bind TCP (64713/TCP) Shell (/bin/sh) Shellcode (83 bytes)

/ linux/x86 portbind /bin/sh port 64713 83 bytes http://www.gonullyourself.org sToRm / char shellcode = // : "\x6a\x66" // push $0x66 "\x58" // pop %eax "\x31\xdb" // xor %ebx,%ebx "\x53" // push %ebx "\x43" // inc %ebx "\x53" // push %ebx "\x6a\x02" // push $0x2 "\x89\xe1" // mov %esp,%ecx...

UBUNTU-CVE-2017-17934

ImageMagick 7.0.7-17 Q16 x8664 has memory leaks in coders/msl.c, related to MSLPopImage and ProcessMSLScript, and associated with mishandling of MSLPushImage calls...

Apple iCloud for Windows and iTunes for Windows APNs Server Security Bypass Vulnerability

Apple iCloud for Windows and iTunes for Windows are both products of Apple Inc. Apple iCloud for Windows is a Windows-based cloud service that supports the storage of music, photos, apps, contacts, and more. iTunes for Windows is a suite of media player applications based on the Windows platform...