Yan&Co Security Vulnerabilities

Weak Password Vulnerability in the Application Basic Service Management System of Xiamen Nalon Health Technology Co.

Founded in 2002, Xiamen Nalon Health Science & Technology Co., Ltd. is a high-tech enterprise integrating the research and development, production, sales and software service of medical electronic instruments and equipment. A weak password vulnerability exists in the application infrastructure...

U.S., U.K., Australia Sanction Russian REvil Hacker Behind Medibank Breach

Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider Medibank. Alexander Ermakov (aka blade_runner, GistaveDore, GustaveDore, or JimJones), 33, has been tied to....

CVE-2023-51419 WordPress BERTHA AI Plugin <= 1.11.10.7 is vulnerable to Arbitrary File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in Bertha.Ai BERTHA AI. Your AI co-pilot for WordPress and Chrome.This issue affects BERTHA AI. Your AI co-pilot for WordPress and Chrome: from n/a through...

Mitsubishi Electric CNC Series (Update E)

EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: CNC Series devices Vulnerability: Classic Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a malicious remote attacker to...

CVE-2023-51767

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...

Command Execution Vulnerability in EG2000GE of Beijing StarNet Ruijie Network Technology Co.

Beijing StarNet Ruijie Network Technology Co., Ltd EG2000GE is a router product. A command execution vulnerability exists in the Beijing StarNet Ruijie Network Technology Co., Ltd EG2000GE, which can be exploited by an attacker to gain control of the...

Warning: GravityRAT Android Trojan Steals WhatsApp Backups and Deletes Files

An updated version of an Android remote access trojan dubbed GravityRAT has been found masquerading as messaging apps BingeChat and Chatico as part of a narrowly targeted campaign since June 2022. "Notable in the newly discovered campaign, GravityRAT can exfiltrate WhatsApp backups and receive...

Buffer overflow

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at...

Rapid7 in Prague: Pete Rubio Shares Insights and Excitement for the New Office

_As we continue to grow our customer base here at Rapid7, we’re growing our offices as well – this time with a new location in the Czech Republic. With a successful history of building innovation hubs from Boston to Belfast, our teams can’t wait to bring new talent from Prague into the business....

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisaitong Technology Development Co., Ltd (CNVD-2023-99981)

Ltd. is a leading provider of Data Leakage Protection (DLP) products, solutions and security services in China. A command execution vulnerability exists in the electronic document security management system of Beijing Yisetong Technology Development Co., Ltd. that can be exploited by an attacker...

CVE-2023-51767

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...

CVE-2021-26887

An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting another....

CVE-2021-26887

An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting another....

Information leakage vulnerability in retail terminal operation and maintenance management platform of Shanghai Bojun Software Technology Co.

Shanghai BJ Software Technology Co., Ltd (BJST), founded in 1999, provides digital business consulting and system implementation for large and medium-sized enterprises, supporting the construction of omni-channel middle office, ERP, e-commerce OMS and other systems, covering a wide range of retail....

SQL Injection Vulnerability in Intelligent Logistics Unattended System of Taiyuan ECS Software Technology Co. Ltd (CNVD-2023-99600)

Intelligent logistics unattended system is an intelligent information platform for the unified control of raw material procurement, finished product sales and in-plant logistics for process manufacturing enterprises. There is a SQL injection vulnerability in the Intelligent Logistics Unattended...

eXtplorer 'ext_find_user()' Function Authentication Bypass Vulnerability - Active Check

eXtplorer is prone to an authentication-bypass...

CVE-2023-50469

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at...

CVE-2023-50469

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at...

SQL Injection Vulnerability in Mobile Phone Service Management Backend of Zhengzhou Zhengda Information Technology Co.

Zhengzhou Zhengda Information Technology Co., Ltd. is a supply chain-industrial chain digitization and financial service solution provider. Zhengzhou Zhengda Information Technology Co., Ltd. mobile service management backend has a SQL injection vulnerability, which can be exploited by attackers to....

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 15, 2024 to January 21, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 84 vulnerabilities disclosed in 67...

CVE-2023-50469

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at...

MacMaster - MAC Address Changer

MacMaster is a versatile command line tool designed to change the MAC address of network interfaces on your system. It provides a simple yet powerful solution for network anonymity and testing. Features Custom MAC Address: Set a specific MAC address to your network interface. Random MAC Address:...

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But there is a...

Cross site scripting

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui allows Stored XSS.This issue affects Author Box, Guest Author and Co-Authors for Your Posts – Molongui: from n/a through.....

Applying the Tyson Principle to Cybersecurity: Why Attack Simulation is Key to Avoiding a KO

Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong shield. Sadly, this image of fortitude remains a pipe dream despite its comforting nature. In the security world, preparedness is not just a luxury but a...

Buffer overflow

Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode...

Tickets CAD Multiple Vulnerabilities

Tickets CAD is prone to multiple vulnerabilities. A Reflected XSS vulnerability exists in the search function, search.php within the application. A Stored XSS vulnerability exists in log.php while creating a new log entry. Information disclosure exist which allows users even the guest...

CVE-2021-20778

Improper access control vulnerability in EC-CUBE 4.0.6 (EC-CUBE 4 series) allows a remote attacker to bypass access restriction and obtain sensitive information via unspecified...

The Anatomy of HTML Attachment Phishing

The Anatomy of HTML Attachment Phishing: One Code, Many Variants By Mathanraj Thangaraju, Niranjan Hegde, and Sijo Jacob · June 14, 2023 Introduction Phishing is the malevolent practise of pretending to be a reliable entity in electronic communication to steal sensitive data, such as login...

CVE-2020-5590

Directory traversal vulnerability in EC-CUBE 3.0.0 to 3.0.18 and 4.0.0 to 4.0.3 allows remote authenticated attackers to delete arbitrary files and/or directories on the server via unspecified...

CVE-2023-49695

OS command injection vulnerability in WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and earlier, and WRC-X3000GSA v1.0.24 and earlier allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command by sending a specially crafted request to the...

TensorFlow vulnerable to segfault in `BlockLSTMGradV2`

Impact The implementation of BlockLSTMGradV2 does not fully validate its inputs. - wci, wcf, wco, b must be rank 1 - w, cs_prev,h_prevmust be rank 2 -x` must be rank 3 This results in a a segfault that can be used to trigger a denial of service attack. ```python import tensorflow as tf...

Information leakage vulnerability in EG2000SE of Beijing StarNet Ruijie Network Technology Co. Ltd (CNVD-2023-94098)

EG2000SE is a router product. An information disclosure vulnerability exists in the EG2000SE of Beijing StarNet Ruijie Network Technology Company Limited, which can be exploited by attackers to obtain sensitive...

XSS Vulnerability in PageOffice of Beijing Zhuozheng Zhiyuan Software Co.

PAGEOFFICE is an Internet private cloud OFFICE technology solution independently developed by Zhuozheng Software. PageOffice of Beijing Zhuozheng Zhiyuan Software Co., Ltd. exists XSS vulnerability, attackers can use the vulnerability to obtain sensitive information such as user...

Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset

Information stealing malware are actively taking advantage of an undocumented Google OAuth endpoint named MultiLogin to hijack user sessions and allow continuous access to Google services even after a password reset. According to CloudSEK, the critical exploit facilitates session persistence and...

SQL Injection Vulnerability in ECS Unattended Intelligent Logistics System of Taiyuan ECS Software Technology Company Limited (CNVD-2023-96352)

Taiyuan ECS Software Technology Co., Ltd. is a software developer dedicated to the field of coal and coke in China. Taiyuan ECS Software Technology Co., Ltd ECS Unattended Intelligent Logistics System suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain...

New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections

Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The approach...

CVE-2021-25630

"loolforkit" is a privileged program that is supposed to be run by a special, non-privileged "lool" user. Before doing anything else "loolforkit" checks, if it was invoked by the "lool" user, and refuses to run with privileges, if it's not the case. In the vulnerable version of "loolforkit" this...

nyir-co-klima.hu Cross Site Scripting vulnerability OBB-3630805

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Design/Logic Flaw

Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and intercept the communication. As for the affected...

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining

Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks. "Threat.....

CVE-2023-39921

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui allows Stored XSS.This issue affects Author Box, Guest Author and Co-Authors for Your Posts – Molongui: from n/a through.....

CVE-2023-39921

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Molongui Author Box, Guest Author and Co-Authors for Your Posts – Molongui allows Stored XSS.This issue affects Author Box, Guest Author and Co-Authors for Your Posts – Molongui: from n/a through.....

CVE-2023-47307

Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode...

CVE-2023-47307

Buffer Overflow vulnerability in /apply.cgi in Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 allows attackers to cause a denial of service via the ApCliAuthMode...

CVE-2022-1347

Stored XSS in the "Username" & "Email" input fields leads to account takeover of Admin & Co-admin users in GitHub repository causefx/organizr prior to 2.1.1810. Account takeover and privilege...

CVE-2020-24930

Beijing Wuzhi Internet Technology Co., Ltd. Wuzhi CMS 4.0.1 is an open source content management system. The five fingers CMS backend in***.php file has arbitrary file deletion vulnerability. Attackers can use vulnerabilities to delete arbitrary...

CVE-2019-9848

LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc. LibreOffice is typically also bundled with LibreLogo, a programmable turtle vector graphics script, which can be manipulated into executing arbitrary....

CVE-2022-24781

Geon is a board game based on solving questions about the Pythagorean Theorem. Malicious users can obtain the uuid from other users, spoof that uuid through the browser console and become co-owners of the target session. This issue is patched in version 1.1.0. No known workaround...

CVE-2019-9854

LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Scripts/python sub-directories of the LibreOffice...