CVE-2016-15048 AMTT HiBOS Command Injection RCE via server_ping.php

AMTT Hotel Broadband Operation System HiBOS contains an unauthenticated command injection vulnerability in the /manager/radius/serverping.php endpoint. The application constructs a shell command that includes the user-supplied ip parameter and executes it without proper validation or escaping. An...

RansomHub A Rebranded Menace Exploiting the ZeroLogon Vulnerability

...

Crate has been renamed to `cosmrs`

The cosmossdk crate, which provides a basic Rust SDK for the Cosmos ecosystem, has rebranded to “CosmRS” in the spirit of other projects like CosmJS and CosmWasm. You can find the new home here: https://github.com/cosmos/cosmos-rust/tree/main/cosmrs The new crate name is cosmrs:...

Exclusive – Any Mitron (Viral TikTok Clone) Profile Can Be Hacked in Seconds

Mitron means "friends" in Hindi, you have been fooled again! Mitron is not really a 'Made in India' product, and the viral app contains a highly critical, unpatched vulnerability that could allow anyone to hack into any user account without requiring interaction from the targeted users or their...

VulnCheck KEV: CVE-2018-9995

TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin"...

Zoom RCE Flaw Also Affects Its Rebranded Versions RingCentral and Zhumu

The same security vulnerabilities that were recently reported in Zoom for macOS also affect two other popular video conferencing software that under the hood, are just a rebranded version of Zoom video conferencing software. Security researchers confirmed The Hacker News that RingCentral, used by...

Android Gets Security Makeover With Google Play Protect

Mobile operating system Android received a big security makeover Wednesday with the introduction of Google Play Protect. At Google I/O, Google’s annual developer conference, the company teased a major update to its security platform that consists of a mix of new features, a rebranding of existing...

Debian Security Advisory DSA 3018-1 (iceweasel - security update)

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. OpenVAS Vulnerability Test $Id: deb3018.nasl 6692 2017-07-12 09:57:43Z...

Dahua DVR Authentication Bypass - CVE-2013-6117

Dahua DVR Authentication Bypass - CVE-2013-6117 --Summary-- Dahua web-enabled DVRs and rebranded versions do not enforce authentication on their administrative services. Zhejiang Dahua Technology Co., Ltd. http://www.dahuasecurity.com --Affects-- Dahua web-enabled DVRs Dahua-rebranded web-enabled...