Raspberry Robin worm infects Multiple Windows Network Devices

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The Raspberry Robin worm spreads via USB devices and shared folders to infect Windows installers and QNAP devices using compromised QNAP devices as stagers. Majority of the victims in Europe are being targeted...

CVE-2021-26620

An improper authentication vulnerability leading to information leakage was discovered in iptime NAS2dual. Remote attackers are able to steal important information in the server by exploiting vulnerabilities such as insufficient authentication when accessing the shared folder and changing user’s...

Keybase 路径遍历漏洞

Keybase is a PGP technology-based social networking platform that supports end-to-end encryption.Keybase Client for Windows prior to version 5.7.0 is vulnerable to a path traversal vulnerability that stems from a networked system or product failing to properly filter special elements in a resourc...

openSUSE Security Update : virtualbox (openSUSE-2021-630)

This update for virtualbox fixes the following issues : - Version bump to 6.1.20 released April 20 2021 by Oracle Fixes boo1183329 'virtualbox 6.1.18 crashes when it runs nested VM' Fixes boo1183125 'Leap 15.3 installation in Virtualbox without VBox integration' Fixes CVE-2021-2264 and boo1184542...

Security update for virtualbox (important)

openSUSE Security Update: Security update for virtualbox Announcement ID: openSUSE-SU-2021:0630-1 Rating: important References: 1181197 1181198 1183125 1183329 1184542 Cross-References: CVE-2021-2074 CVE-2021-2129 CVE-2021-2264 CVSS scores: CVE-2021-2074 NVD : 8.2...

OPENSUSE-SU-2021:0630-1 Security update for virtualbox

This update for virtualbox fixes the following issues: - Version bump to 6.1.20 released April 20 2021 by Oracle Fixes boo1183329 'virtualbox 6.1.18 crashes when it runs nested VM' Fixes boo1183125 'Leap 15.3 installation in Virtualbox without VBox integration' Fixes CVE-2021-2264 and boo1184542...

Nextcloud: User can delete data in shared folders he's not autorized to access

Steps to reproduce 1. create a group folder named TEST and share with "admin group" and "test group", marking the advanced permission flag 2. create two folders inside the main share: visible and invisible 3. inside "invisible" folder create a test file let's say something like "test.txt" 4. set...

Workspace: Managing Personal Folders and Shared Folders

This article explains the differences between Personal Folders and Shared Folders and how to manage them...

Cross site scripting

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions...

Cross site scripting

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing Shared Folders via JavaScript in Shared Folders' names...

CVE-2018-13357

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing Shared Folders via JavaScript in Shared Folders' names...

CVE-2018-13335

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions...

CVE-2018-13357

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing Shared Folders via JavaScript in Shared Folders' names...

CVE-2018-13335

CVE-2018-13335 affects TerraMaster TOS 3.1.03: Cross-site scripting in the Control Panel enables crafted folder descriptions to inject JavaScript when viewing shared folders. The information in the NVD entry and related advisories confirms the vulnerable component (Control Panel) and the nature o...

CVE-2018-13335

Cross-site scripting in Control Panel in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript when viewing shared folders via their descriptions...

VMware Tools Shared Folders Out-of-bounds read Vulnerability - Windows

VMware Tools is prone to an out of bounds read vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:tools";...

VMware Tools update addresses an out-of-bounds read vulnerability

VMware Tools for Windows VMware Tools Shared Folders out-of-bounds read vulnerability VMware Tools for Windows contains an out-of-bounds read vulnerability in the Shared Folders feature. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate...

VMSA-2018-0017:VMware Tools update addresses an out-of-bounds read vulnerability

VMSA-2018-0017.4 VMware Tools update addresses an out-of-bounds read vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0017.4 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Tools update addresses an out-of-bounds read...

CVE-2018-9177

Twonky Server before 8.5.1 has XSS via a folder name on the Shared Folders screen...

CVE-2018-9177

Twonky Server before 8.5.1 has XSS via a folder name on the Shared Folders screen...