Backdoor.Win32.Delf.yj MVID-2024-0693 Information Disclosure

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/f991c25f1f601cc8d14dca4737415238.txt Contact: [email protected] Media: x.com/malvuln Threat: Backdoor.Win32.Delf.yj Vulnerability: Information Disclosure Description: The malware listens on...

Backdoor.Win32.Delf.gj MVID-2022-0663 Information Disclosure

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/8872c2ec49ff3382240762a029631684.txt Contact: [email protected] Media: twitter.com/malvuln Backup media: infosec.exchange/@malvuln Threat: Backdoor.Win32.Delf.gj Vulnerability: Information...

Win32.MarsStealer Web Panel Information Disclosure

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/8abb41f6e7010d70c90f65fd9a740faa.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Win32.MarsStealer Web Panel Vulnerability: Unauthenticated Remote Information Disclosure Description...

Google Chrome 资源管理错误漏洞

Chrome is a simple and efficiently designed web browsing tool developed by Google. A post-release reuse vulnerability exists in screen captures in versions prior to Google Chrome 89.0.4389.114. A programmed attacker can exploit this vulnerability to cause heap damage via a crafted HTML page...

Code injection

DISPUTED PyBitmessage through 0.6.3.2 allows attackers to write screen captures to Potentially Unwanted Directories via a crafted apinotifypath value. NOTE: the discoverer states "security mitigation may not be necessary as there is no evidence yet that these screen intercepts are actually...

CVE-2021-26917

PyBitmessage through 0.6.3.2 allows attackers to write screen captures to Potentially Unwanted Directories via a crafted apinotifypath value. NOTE: the discoverer states "security mitigation may not be necessary as there is no evidence yet that these screen intercepts are actually transported awa...

CVE-2021-26917

PyBitmessage (versions up to 0.6.3.2) is affected by CVE-2021-26917. A crafted apinotifypath value can cause the application to write screen captures to potentially unwanted directories on the local host. The public descriptions note that there is no evidence these screen intercepts are transport...

PT-2021-17174 · Unknown · Pybitmessage

Name of the Vulnerable Software and Affected Versions: PyBitmessage versions 0.6.3.2 and earlier Description: The issue allows attackers to write screen captures to potentially unwanted directories via a crafted apinotifypath value. It is noted that security mitigation may not be necessary as the...

ExpressionEngine: Import File Converter - local File inclusion

@lawrenceamer discovered a local file inclusion vulnerability that logged in users with access to the control panel and permission to access developer utilities may be able to exploit. @lawrenceamer gave a detailed report with step-by-step instructions for replicating and screen captures of a the...

macOS Fruitfly Backdoor Analysis Renders New Spying Capabilities

LAS VEGAS—The FruitFly backdoor became a known entity in January, but it’s a good bet that for years it had been in the wild, undetected by analysts and security software. The macOS and OS X malware has a number of insidious spying capabilities that would make anyone uneasy, and a variant recentl...

aolXSS.txt

Title: AOL Multiple Cross Site Scripting Author: Simo Ben youssef aka 6mOHaCk Discovered: 26 December 2005 Published: 7 January 2006 MorX Security Research Team http://www.morx.org Service: Web Vendor: AOL.com Vulnerability: Cross Site Scripting / Cookie-Theft / Relogin attacks Severity:...