25 matches found
CVE-2026-24714
Some end of service NETGEAR products provide "TelnetEnable" functionality, which allows a magic packet to activate telnet service on the box...
CVE-2019-7357
Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins...
EIP-7702 Phishing Attack
EIP-7702 introduces a delegation-based authorization mechanism that allows an externally owned account EOA to authenticate a single authorization tuple, after which all subsequent calls are routed to arbitrary delegate code. We show that this design enables a qualitatively new class of phishing...
EUVD-2020-28722
Malware in sbrugna...
EUVD-2024-37757
Malicious code in bioql PyPI...
The vulnerability of the DCOM Remote Cross-Session Activation component of the Windows operating system allows attackers to increase their privileges.
The vulnerability of the DCOM Remote Cross-Session Activation component in the Windows operating system is related to access control deficiencies. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
CVE-2024-38061
DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability...
DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability
...
PT-2024-4743 · Microsoft · Active Directory Domain Services +3
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient access control in the DCOM Remote Cross-Session Activation component of the Windows operating system. This can be exploited by a remote attacker to...
WordPress Plugin Freshdesk 输入验证错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. An input validation error vulnerability...
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom
More than a dozen security flaws have been disclosed in E11, a smart intercom product made by Chinese company Akuvox. "The vulnerabilities could allow attackers to execute code remotely in order to activate and control the device's camera and microphone, steal video and images, or gain a network...
CVE-2019-7357
Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins...
Code injection
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...
CVE-2020-7705
The CVE-2020-7705 entry concerns MintegralAdSDK (iOS) with malicious functionality that tracks every opened URL and reports it to an external server, performing ad-attribution fraud even if ads are not served. It can remotely activate hooks on UIKit components (UIApplication, openURL, SKStoreProd...
CVE-2020-7705 Malicious Package
This affects the package MintegralAdSDK from 0.0.0. The SDK distributed by the company contains malicious functionality that tracks any URL opened by the app and reports it back to the company, along with performing advertisement attribution fraud. Mintegral can remotely activate hooks on the...
The vulnerability of Google Chrome’s ServiceWorker script allows a hacker to gain unauthorized access to protected information.
The vulnerability of Google Chrome’s ServiceWorker script relates to the ability for “ServiceWorker” to periodically send an activation event to itself. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
Design/Logic Flaw
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the...
CVE-2017-11402
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the...
CVE-2017-11402
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the...
NetSarang Xshell 5 Backdoor Trojan (ShadowPad)
The Xshell 5, a terminal emulator for Windows, installed on the remote host has a nssock2.dll file identified by its MD5 hash that is infected with a trojan backdoor. The affected file includes an encrypted payload that could be remotely activated by a knowledgeable attacker. C Tenable Network...