5 matches found
PT-2025-27581
Name of the Vulnerable Software and Affected Versions: Apache Guacamole versions 1.5.5 and older Description: The issue is related to improper validation of console codes received from servers via text-based protocols like SSH. A malicious user with access to a text-based connection could execute...
ownCloud: Protocol Smuggling over LDAP password field
Privileges required: Admin Hi, "userldap" plugin can be leveraged to interact with internal services over various protocols. LDAP password field can be exploited with newline chars \r\n in order to communicate with protocols like SMTP, Redis and, generally speaking, with all services those speak...
Hackers can Spoof AT&T Phone Messages to steal your Information
Bad news for AT&T customers! You all are vulnerable to phishing scams – thanks to AT&T's text protocols. The actual problem lies in the way AT&T handles its customer alerts via text messages, as it’s very easy for cybercriminals to mimic. In "Phishing" attacks, scammers attempt to trick victims...
VDG Security SENSE 2.3.13 File Disclosure / Bypass / Buffer Overflow
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities product: VDG Security SENSE formerly DIVA vulnerable version: 2.3.13 fixed version: unknown - no vendor confirmation impact: critical...
Plex Media Server 0.9.9.10 CSRF / Disclosure
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Plex Media Server vulnerable version: confirmed in 0.9.9.10 fixed version: none impact: High homepage: http://www.plex.tv found:...