161 matches found
War-Driving Technique Allows Wi-Fi Password-Cracking at Scale
War-driving – the process of driving around mapping residential Wi-Fi networks in hopes of finding a vulnerability to exploit – can still pay off for attackers, apparently: A CyberArk researcher recently found he could easily slice open about 70 percent of Wi-Fi network passwords in one Tel Aviv...
Rapid7 Acquires Leading Kubernetes Security Provider, Alcide
Organizations around the globe continue to embrace the flexibility, speed, and agility of the cloud. Those that have adopted it are able to accelerate innovation and deliver real value to their customers faster than ever before. However, while the cloud can bring a tremendous amount of benefits t...
CVE-2020-35652
An issue was discovered in respjsipdiversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is...
CVE-2020-35652
An issue was discovered in respjsipdiversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is...
Design/Logic Flaw
An issue was discovered in respjsipdiversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is...
UBUNTU-CVE-2020-35652
An issue was discovered in respjsipdiversion.c in Sangoma Asterisk before 13.38.0, 14.x through 16.x before 16.15.0, 17.x before 17.9.0, and 18.x before 18.1.0. A crash can occur when a SIP message is received with a History-Info header that contains a tel-uri, or when a SIP 181 response is...
PT-2021-11818 · Asterisk +1 · Asterisk +1
Name of the Vulnerable Software and Affected Versions: Asterisk versions prior to 13.38.0 Asterisk versions 14.x through 16.x before 16.15.0 Asterisk versions 17.x before 17.9.0 Asterisk versions 18.x before 18.1.0 Description: An issue was discovered in res pjsip diversion.c. A crash can occur...
Sangoma Asterisk Multiple Product Security Vulnerabilities
Digium Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR, and more. A security vulnerability exists in several Sangoma Asterisk products that stems from a crash...
Charming Kitten Returns with WhatsApp, LinkedIn Effort
The Iran-affiliated APT known as Charming Kitten is back with a new approach, impersonating Persian-speaking journalists via WhatsApp and LinkedIn, in order to con victims into opening malicious links. The targets are Israeli scholars from Haifa and Tel Aviv universities, and U.S. government...
Intellian / Sea Tel / SAILOR VSAT / RedPort maritime Exploit Pack
ever wondered how can someone hack into a ship/vessel/carrier/yacht? well here is the bundle targeting 3 major companies specialized in maritime satellite networks. in this bundle you get Intellian 3 root backdoors seatel 1 DOS sailor 2 sensitive information disclosure redport 1 admin busybox RCE...
CVE-2019-16320
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...
CVE-2019-16320
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...
Information disclosure
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...
CVE-2019-16320
Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the public SNMP community...
CVE-2019-16320
Cobham Sea Tel satellite terminals, models v170 224521 through v194 225444, are vulnerable to information disclosure via the public SNMP community, enabling potential exposure of vessel latitude/longitude. The root cause is exposure of SNMP read privileges to unauthenticated users. Exploitation d...
CVE-2019-9593
A reflected Cross-site scripting XSS vulnerability in ShoreTel Connect ONSITE 18.82.2000.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter...
Slack: URL filter bypass in Enterprise Grid
URL filter bypass in Enterprise Grid Description Slack Enterprise Grid seems to be able to add arbitrary column to the profile of the account. In my company there is a おすすめランチ My Favorite Lunch column, and we can set the URL of the website and Display text. F429131 F429132 Only the http: or https...
toptravelfind.com XSS vulnerability
Open Bug Bounty ID: OBB-651072 Description| Value ---|--- Affected Website:| toptravelfind.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Cobham Sea Tel Information Disclosure Vulnerability (CNVD-2018-03967)
Cobham Sea Tel is a suite of wireless communication terminals from Cobham UK. An information disclosure vulnerability exists in Cobham Sea Tel version 121 build 222701. A remote attacker can exploit this vulnerability by sending a /cgi-bin/getSysStatus request to obtain sensitive information...
CVE-2018-5728
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details...