Magniber ransomware: exclusively for South Koreans

The Magnitude exploit kit has been pretty consistent over the last few months, dropping the same payload—namely, the Cerber ransomware—and targeting a few select countries in Asia. Strangely, Magnitude EK disappeared in late September, and for a while we wondered whether this was yet another...

Veeam ONE Business Shows Irrelevant Data

Challenge Veeam ONE Business View shows outdated data or no data at all Cause Veeam ONE Reporter collection task has stuck or failed Solution Running data collection manually You can run data collection for Veeam ONE Reporter and Veeam ONE Business View manually. This can be necessary when...

CVE-2017-15200

In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a private project of another user...

CVE-2017-15200

In Kanboard before 1.0.47, by altering form data, an authenticated user can add a new task to a private project of another user...

Authentication flaw

InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file...

CVE-2017-14972

InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file...

CVE-2017-14972

InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file...

CVE-2017-14972

InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by entering Control-Alt-Delete, and then using Task Manager to reach a file...

Fedora 26 : php-horde-nag (2017-041ee90a8b)

nag 4.2.17 - jan SECURITY: Fix unauthorized access to task exports. - jan Fix regression when exporting single tags to iCalendar CATEGORIES. - jan Officially support PHP 7. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

[SECURITY] Fedora 25 Update: php-horde-nag-4.2.17-1.fc25

Nag is a web-based application built upon the Horde Application Framework which provides a simple, clean interface for managing online task lists i.e., todo lists. It also includes strong integration with the other Horde applications and allows users to share task lists or enable light-weight...

[SECURITY] Fedora 27 Update: php-horde-nag-4.2.17-1.fc27

Nag is a web-based application built upon the Horde Application Framework which provides a simple, clean interface for managing online task lists i.e., todo lists. It also includes strong integration with the other Horde applications and allows users to share task lists or enable light-weight...

[SECURITY] Fedora 26 Update: php-horde-nag-4.2.17-1.fc26

Nag is a web-based application built upon the Horde Application Framework which provides a simple, clean interface for managing online task lists i.e., todo lists. It also includes strong integration with the other Horde applications and allows users to share task lists or enable light-weight...

CVE-2017-14717

In EPESI 1.8.2 rev20170830, there is Stored XSS in the Tasks Description parameter...

The vulnerability of the Task Manager service of the AmosConnect email delivery management system allows a perpetrator to execute arbitrary commands on the operating system’s host platform.

The vulnerability of the AmosConnect email delivery system management service is related to the use of immutable, pre-installed system accounts. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain full administrative privileges and execute arbitrary commands on the...

EulerOS 2.0 SP2 : qemu-kvm (EulerOS-SA-2017-1224)

According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds memory access issue was found in Quick Emulator QEMU in the VNC display driver. This flaw could occur while refreshing the VN...

Oilrig / Cleaver Malicious Scheduled Task Detection

This script tries to detect several indicators for malicious tools used by Iranian APT group SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Arbitrary File Deletion Vulnerability in MetInfo Version 5.3.18 Backend

MetInfo is a Content Management System CMS developed using PHP and Mysql. An arbitrary file deletion vulnerability exists in a function in MetInfo version 5.3.18 physical.php. An attacker can exploit this vulnerability to delete task files...

The vulnerability in the task management of the 1x Android operating system from the CAF repository allows a perpetrator to compromise privacy, integrity, and accessibility.

The vulnerability in the task management of the 1x Android operating system arises from reading beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to compromise privacy, integrity, and accessibility...

The vulnerability in the task management of the 1x Android operating system from the CAF repository allows a attacker to trigger a buffer overflow.

Vulnerability of task management in the 1x Android operating system from the CAF repository. Exploiting this vulnerability can allow a malicious actor to trigger buffer overflows during task processing...

[SECURITY] Fedora 25 Update: php-horde-nag-4.2.15-1.fc25

Nag is a web-based application built upon the Horde Application Framework which provides a simple, clean interface for managing online task lists i.e., todo lists. It also includes strong integration with the other Horde applications and allows users to share task lists or enable light-weight...