11 matches found
EUVD-2020-6685
Malware in sbrugna...
K000150999: Oracle MySQL vulnerabilities CVE-2025-30695 and CVE-2025-30699
Security Advisory Description CVE-2025-30695 Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via...
CVE-2025-30355
CVE-2025-30355 affects the Synapse Matrix homeserver. A malicious server can craft events that cause Synapse up to v1.127.0 to fail federating with other servers. The root cause is an input validation issue in how events are processed (notably with a depth value outside the allowed range in Canon...
Denial of Service Vulnerability in Various festo Products
MSE6-D2M-5000-CBUS-S-RG-BAR-VCB-AGD,MSE6-E2M-5000-FB13-AGD,MSE6-E2M-5000-FB37-AGD and so on are industrial control components. A denial of service vulnerability exists in several festo products, which can be exploited by attackers to gain control of a server...
Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors
An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits. "The list of its victims includes high-value targets such as government and educational...
When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
Note: In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covered the evolution of the threat, how it spreads, and how it impacts organizations. Part 2 provides a deep dive on the attacker...
XStream Code Execution Vulnerability (CNVD-2021-28333)
XStream is a simple Java-based library , Java objects serialized to xml and vice versa i.e. : Java objects and xml documents can easily be converted to each other . A code execution vulnerability exists in XStream, which can be exploited by an attacker to manipulate the processed input stream and...
Eternal Champion Exploit Analysis
Recently, a group named the ShadowBrokers published several remote server exploits targeting various protocols on older versions of Windows. In this post we are going to look at the EternalChampion exploit in detail to see what vulnerabilities it exploited, how it exploited them, and how the late...
Eternal Champion Exploit Analysis
Recently, a group named the ShadowBrokers published several remote server exploits targeting various protocols on older versions of Windows. In this post we are going to look at the EternalChampion exploit in detail to see what vulnerabilities it exploited, how it exploited them, and how the late...
shadowbroker
This repository, kaleozhou/shadowbroker, is an offensive tool repository containing exploits for various vulnerabilities in different software and systems. The exploits are categorized into several types, including SMB Server Message Block exploits, email server exploits, and others. The reposito...
pmachineExec.txt
This is a multi-part message in MIME format. ------=NextPart000000001C516AC.9C269F50 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit pMachine Pro / pMachine Free Remote Code Execution vendor website: http://www.pmachine.com I. BACKGROUND PMachine is one of the most...