40 matches found
Securing Remote Server Access: Why VPNs Matter for Administrators
VPNs help secure remote server access by encrypting traffic, restricting entry to authorized users, and reducing exposure of critical systems to the internet...
EUVD-2004-1075
Malware in sbrugna...
EUVD-1999-0737
Malware in sbrugna...
EUVD-2009-0048
Malware in sbrugna...
EUVD-2021-2007
Malware in sbrugna...
EUVD-2020-7364
Malware in sbrugna...
EUVD-2019-2472
Malware in sbrugna...
EUVD-2013-0042
Malware in sbrugna...
EUVD-2023-32153
Malicious code in bioql PyPI...
EUVD-2024-16551
Malicious code in bioql PyPI...
EUVD-2022-2584
Malicious code in bioql PyPI...
CVE-2019-10290
A missing permission check in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpldoValidateAPI form validation method allowed attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
Device Code Phishing
This isn't new, but it's increasingly popular: The technique is known as device code phishing. It exploits "device code flow," a form of authentication formalized in the industry-wide OAuth standard. Authentication through device code flow is designed for logging printers, smart TVs, and similar...
CVE-2023-38312
A directory traversal vulnerability in Valve Counter-Strike 8684 allows a client with remote control access to a game server to read arbitrary files from the underlying server via the motdfile console variable...
CVE-2022-45432
Some Dahua software products have a vulnerability of unauthenticated search for devices. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could unauthenticated search for devices in range of IPs from remote DSS Serve...
SAP Manufacturing Execution Path Traversal Vulnerability
SAP Manufacturing Execution is an integrated Manufacturing Execution System MES solution for discrete manufacturing processes from SAP. Enables MES functionality to be customized specifically for the management and control of production environments. A path traversal vulnerability exists in SAP...
DEBIAN-CVE-2022-33980
Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.configuration2.interpol.Lookup that performs the...
CVE-2022-1574
The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when importing files, and does not validate them, as a result, unauthenticated attackers can upload arbitrary files such as PHP on the remote server...
Malicious Package
Overview All versions of plutov-slack-client contain malicious code. Upon installation the package opens a shell to a remote server. The package affects both Windows and nix systems. Recommendation Any computer that has this package installed or running should be considered fully compromised. All...
CVE-2020-15369
Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remo...