146 matches found
CVE-2021-45545
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R7850 before 1.0.5.74, R7900P before 1.4.2.84, R7960P before 1.4.2.84, R8000 before 1.0.4.74, R8000P before 1.4.2.84, RAX200 before 1.0.4.120, RAX75 before 1.0.4.120, RAX80 before 1.0.4.120, RBK852...
CVE-2020-9819
creationtimestamp| type| source ---|---|--- 2021-11-08 08:58:17+00:00| seen| MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422 2021-11-20 09:53:52+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-12-24 20:24:51+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2971141 2025-02-23...
SUSE: Security Advisory (SUSE-SU-2019:13999-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FIN8 Resurfaces with Revamped Backdoor Malware
The FIN8 cyberattack group has resurfaced after a period of relative quiet, researchers have found. The gang is using new versions of the BadHatch backdoor to compromise companies in the chemical insurance, retail and technology industries. The attacks have been seen hitting organizations around...
SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3764-1)
The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-15436: Fixed a use after free vulnerability in fs/blockdev.c which could have allowed local users to gain privileges or cause a denial of service...
Design/Logic Flaw
Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frmsplitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frmsplitcollapse.aspx, /LDMS/alertlog.aspx, /LDMS/ServerList.aspx, /LDMS/frmcoremainfrm.aspx, /LDMS/frmfindfrm.aspx, /LDMS/frmtaskfrm.aspx, and /LDMS/querybrowsecomp.aspx...
[SECURITY] Fedora 32 Update: ark-20.04.3-5.fc32
Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed...
[SECURITY] Fedora 32 Update: ark-20.04.3-3.fc32
Ark is a program for managing various archive formats. Archives can be viewed, extracted, created and modified from within Ark. The program can handle various formats such as tar, gzip, bzip2, zip, rar and lha if appropriate command-line programs are installed...
Ordasoft CCK, 6.1.12 Various
Ordasoft CCK, 6.1.12 Various,,Other new version number...
Userrecon-Py v2.0 - Username Recognition On Various Websites
Username recognition on various websites. Installation Withpip3 Linux sudo -H pip3 install git+https://github.com/decoxviii/userrecon-py.git --upgrade userrecon-py --help Build from source Linux git clone https://github.com/decoxviii/userrecon-py.git ; cd userrecon-py sudo -H pip3 install -r...
CVE-2017-5030
creationtimestamp| type| source ---|---|--- 2019-09-25 08:28:15+00:00| seen| MISP/5d8b23ae-50d0-4a09-86da-4dc9950d210f 2020-10-09 14:30:50+00:00| seen| MISP/bbad3705-75de-41f7-980c-0e90136909de 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-05 09:10:50+00:00|...
CVE-2016-10988
The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebookmessage, facebooklinkname, facebookcaption, facebookdescription, defaultimage, or wphttpreferer...
Microsoft Windows Transaction Manager CVE-2019-1219 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
CVE-2019-12133
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current directory upon syst...
Mimikatz v2.2.0 - A Post-Exploitation Tool to Extract Plaintexts Passwords, Hash, PIN Code from Memory
mimikatz is a tool I've made to learn C and make somes experiments with Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. But that's not all!...
Denial Of Service (DoS)
libssh2.so is vulnerable to denial of service. A malicious server is able to crash the process from an out-of-bounds read by sending malicious response packet to various commands such as the sha1 and sha226 key exchange, user auth list, user auth password, public key auth etc...
[SECURITY] Fedora 29 Update: mingw-SDL2_image-2.0.4-1.fc29
Simple DirectMedia Layer SDL2 is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This package contains a simple library for loading images of various formats BMP, PPM, PCX, GIF, JPEG, PNG as SDL2 surfaces...
[SECURITY] Fedora 28 Update: mingw-SDL2_image-2.0.4-1.fc28
Simple DirectMedia Layer SDL2 is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device. This package contains a simple library for loading images of various formats BMP, PPM, PCX, GIF, JPEG, PNG as SDL2 surfaces...
SUSE-SU-2018:2062-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2014-3688: The SCTP implementation allowed remote attackers to cause a denial of service memory consumption by triggering a large number of chunks in an...
SUSE-SU-2018:1762-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-3665: Prevent disclosure of FPU registers including XMM and AVX registers between processes. These registers might contain encryption keys when doin...