Security Bulletin: TDI is vulnerable to do not reject out of range writes due to uuid-11.1.0 - CVE-2026-41907

Summary portal-tdi, portal-tdl and portal gcm uses carbon data table and this library requires uuid 11.1.0 the same library have this CVE-2026-41907 Vulnerability Details CVEID:CVE-2026-41907 DESCRIPTION: uuid is for the creation of RFC9562 formerly RFC4122 UUIDs. Prior to 14.0.0, v3, v5, and v6...

tdl.com XSS vulnerability

Open Bug Bounty ID: OBB-401691 Description| Value ---|--- Affected Website:| tdl.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...

Shylock/Caphaw Banking Malware Infections on the Rise

Two dozen major U.S. and European banks are in the crosshairs of the Shylock, or Caphaw, financial malware of late, and victims who trade with one of the 24 financial institutions are at risk of giving up their credentials and losing assets in their accounts. Malware researchers have noticed a ri...

Fedora Update for heat-jeos FEDORA-2013-9715

Check for the Version of heat-jeos OpenVAS Vulnerability Test Fedora Update for heat-jeos FEDORA-2013-9715 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

[SECURITY] Fedora 19 Update: heat-jeos-9-1.fc19

This is a project for creating Just Enough Operating System images for heat. This project supports the following features: - Creates TDL files for use with oz - Creates compressed qcow2 files for use with libvirt/glance - Registers image files with glance...

Fedora Update for heat-jeos FEDORA-2013-9708

Check for the Version of heat-jeos OpenVAS Vulnerability Test Fedora Update for heat-jeos FEDORA-2013-9708 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

[SECURITY] Fedora 18 Update: heat-jeos-9-1.fc18

This is a project for creating Just Enough Operating System images for heat. This project supports the following features: - Creates TDL files for use with oz - Creates compressed qcow2 files for use with libvirt/glance - Registers image files with glance...

Peer-to-Peer Botnet Takedowns a Challenge

The FBI, Justice Department and technology companies have had success shutting down botnets that rely on a centralized infrastructure and command and control servers to communicate with bots, steal data or send malicious commands. Peer-to-peer botnets, however, have proven more difficult to take...

PushDo Malware Returns with Domain Generation Algorithm

Four times since 2008, authorities and technology companies have taken the prolific PushDo malware and Cutwail spam botnet offline. Yet much like the Energizer Bunny, it keeps coming back for more. In early March, researchers at Damballa discovered a new version of the malware that had adopted a...

New Iteration of TDSS/TDL-4 Botnet Uses Domain Fluxing to Avoid Detection

A new version of the TDSS/TDL-4 botnet is rapidly growing, primarily because it’s having great success using an evasion technique known as a domain generation algorithm DGA to avoid detection, researchers at Damballa Security revealed today. The algorithm helps the latest version of the botnet...

Rootkit: TDLv4

TDL-4 is the fourth generation of the TDL botnet, originated in 2008. The TDL-4 botnet could be used to send out spam, steal individuals data or used for malicious attacks. TDL-4 features an improved algorithm that encrypts communications between infected computers and the botnet's C&C.; TDL-4 al...

Researchers Discover the World's Most Complicated Piece of Malware

Researchers from Kaspersky Labs claim to have discovered the most sophisticated piece of malware available on the Web. Detected by their antivirus product as TDSS, the Trojan employs a number of methods to avoid detection, including the use of encryption between the botnet command and control...

TDSS rootkit infects 1.5 million US computers

TDSS rootkit infects 1.5 million US computers Millions of PCs around the world infected by the dangerous TDSS 'super-malware' rootkit as part of a campaign to build a giant new botnet. The report is presented by researchers from security firm Kaspersky Lab. TDSS also known as 'TDL' and sometimes ...