21 matches found
EUVD-2021-17883
Malware in sbrugna...
EUVD-2019-2921
Malware in sbrugna...
EUVD-2017-12996
Malware in sbrugna...
CVE-2024-20526
A vulnerability in the SSH server of Cisco Adaptive Security Appliance ASA Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition for the SSH server of an affected device. This vulnerability is due to a logic error when an SSH session is established. A...
CVE-2023-41926
The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possible to intercept their credentials...
CVE-2021-30966
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations...
Cyber Threats in Costume: When Attacks Hide Behind a Mask
Introduction As Halloween approaches, the idea of costumes and disguises takes center stage, but the spirit of deception isn’t limited to one night. In the digital world, cyberattacks can also wear masks, concealing their true intentions to slip past defenses. Just as a costume can obscure who’s...
PYSEC-2024-218
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker ca...
CVE-2024-47870 Race condition in update_root_in_config may redirect user traffic in Gradio
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker ca...
CVE-2024-47870 Race condition in update_root_in_config may redirect user traffic in Gradio
Gradio is an open-source Python package designed for quick prototyping. This vulnerability involves a race condition in the updaterootinconfig function, allowing an attacker to modify the root URL used by the Gradio frontend to communicate with the backend. By exploiting this flaw, an attacker ca...
CVE-2023-41926
The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possible to intercept their credentials...
CVE-2023-41926 Insufficiently protected credentials in Kiloview P1/P2 devices
The webserver utilizes basic authentication for its user login to the configuration interface. As encryption is disabled on port 80, it enables potential eavesdropping on user traffic, making it possible to intercept their credentials...
New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks
Google has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks in their managed device fleet. The search giant said it's introducing a second user setting to turn off support, at the model level, for null-ciphered cellular...
macOS 12.x < 12.1 Multiple Vulnerabilities (HT212978)
The remote host is running a version of macOS / Mac OS X that is 12.x prior to 12.1. It is, therefore, affected by multiple vulnerabilities: - An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.1. A device may be passively tracked via BSSIDs...
About the security content of macOS Monterey 12.1
About the security content of macOS Monterey 12.1 This document describes the security content of macOS Monterey 12.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or release...
Code injection
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations...
CVE-2021-30966
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. User traffic might unexpectedly be leaked to a proxy server despite PAC configurations...
Visma Public: HTTP Request Smuggling at app.workbox.dk
The researcher was able to find a HTTP request CL.TE smuggling vulnerability at app.workbox.dk. The likely consequences would have result in interfering with normal user traffic, leak 'Session Cookies, leak PII info...
Hotspot Shield VPN accused of redirecting user traffic to advertisers
By Waqas A renowned privacy group Center for Democracy Technology CDT has This is a post from HackRead.com Read the original post: Hotspot Shield VPN accused of redirecting user traffic to advertisers...
Cisco Nexus 9000 Series Switches Telnet Login Denial of Service Vulnerability (cisco-sa-20170315-nss)
A vulnerability in the Telnet remote login functionality of Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a Telnet process used for login to terminate unexpectedly and the login attempt to fail. There is no impact to user...