Lucene search
K

1134 matches found

NVD
NVD
added 2 days ago4 views

CVE-2026-22093

The EVbee Service Android app uses TLS encrypted communication HTTPS, but does not validate the certificate provided by the server. This allows an attacker on the network path between the app and EVbee server to intercept and manipulate the communication between the app and server. The traffic is...

9.5CVSS0.00203EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-22093 Adversary-in-the-Middle (AitM) attack vulnerability in EVbee Service app

The EVbee Service Android app uses TLS encrypted communication HTTPS, but does not validate the certificate provided by the server. This allows an attacker on the network path between the app and EVbee server to intercept and manipulate the communication between the app and server. The traffic is...

9.5CVSS0.00203EPSS
Exploits0References1
CVE
CVE
added 2 days ago9 views

CVE-2026-22093

CVE-2026-22093 affects EVbee Service app (v1.4.101.00). The issue arises because the Android app performs TLS/HTTPS communication but does not validate the server certificate, enabling a man‑in‑the‑middle attacker on the network path to intercept and manipulate traffic. Additionally, the app is d...

9.5CVSS6.1AI score0.00203EPSS
Exploits0References1
Metasploit
Metasploit
added 5 days ago19 views

FTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/vncinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago28 views

FTP Fetch, Windows Upload/Execute, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Listen for a connection Module Options msf use payload/cmd/windows/ftp/x86/upexec/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago21 views

FTP Fetch, Windows shellcode stage, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/custom/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago18 views

FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/dllinject/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...show and se...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago17 views

FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/patchupdllinject/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf payloadreversetcprc4dns show...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago35 views

FTP Fetch, Windows Command Shell, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/shell/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago22 views

FTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/peinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago22 views

FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/peinject/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...show and set...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago14 views

FTP Fetch, Windows x64 Command Shell, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an FTP server. Spawn a piped command shell Windows x64 staged. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/shell/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 5 days ago13 views

FTP Fetch, Windows shellcode stage, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an FTP server. Custom shellcode stage. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/custom/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show...

6.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/02 12:0 a.m.5 views

Malicious code in @marketfront/blenderdevtool (npm)

The @marketfront/blenderdevtool package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6AI score
Exploits0References2
OSV
OSV
added 2026/07/02 12:0 a.m.6 views

MAL-2026-6772 Malicious code in @marketfront/customdealsfeed (npm)

The @marketfront/customdealsfeed package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.2AI score
Exploits0References2
OSV
OSV
added 2026/07/02 12:0 a.m.7 views

MAL-2026-6765 Malicious code in @marketfront/bannerpopup (npm)

The @marketfront/bannerpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/02 12:0 a.m.11 views

Malicious code in @marketfront/dynamicpageparams (npm)

The @marketfront/dynamicpageparams package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and u...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/07/02 12:0 a.m.3 views

MAL-2026-6785 Malicious code in @marketfront/madvpopup (npm)

The @marketfront/madvpopup package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and use...

6.2AI score
Exploits0References2
OSV
OSV
added 2026/07/02 12:0 a.m.7 views

MAL-2026-6786 Malicious code in @marketfront/mychatspreloader (npm)

The @marketfront/mychatspreloader package is part of a 25-package malicious campaign batch-published to the @marketfront npm scope by npm user 'marketfront' [email protected] within a roughly 3-minute window on 2026-07-01. All packages in the campaign were published at version 7.0.0 and us...

6.2AI score
Exploits0References2
Mageia
Mageia
added 2026/06/27 5:16 p.m.10 views

Updated krb5 packages fix security vulnerabilities

CVE-2025-3576, A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity...

7.5CVSS5.8AI score0.00501EPSS
Exploits2References6
Rows per page
Query Builder