CVE-2014-8597
A reflected cross-site scripting (XSS) vulnerability in PHP-Fusion 7.02.07 allows remote attackers to inject arbitrary web script or HTML via the status parameter in the...
Tenable’s Acquisition Of Cymptom: An “Attack Path-Informed” Approach to Cybersecurity
Tenable’s recent acquisitions all had the same overarching goal: helping our customers gain better security insights across their cyberattack surface. At our investor day in...
SEC Consult SA-20220215 :: Multiple Critical Vulnerabilities in multiple Zyxel devices
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Feb 16 SEC Consult Vulnerability Lab Security Advisory < 20220215-0 > ======================================================================= title: Multiple Critical...
Trojan-Spy.Win32.Zbot.aawo.Zeus-Builder / Insecure Permissions
Posted by malvuln on Feb 16 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/fe0dacbc953d4301232b386fcb3afc23.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Prosti.b / Insecure Permissions
Posted by malvuln on Feb 16 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/8201ba6b542fc91c004110b2fc5395aa.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Email-Worm.Win32.Lama / Insecure Permissions
Posted by malvuln on Feb 16 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/1c255ef6fd44877700867f94a59875d2.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Backdoor.Win32.Prorat.lkt / Weak Hardcoded Password
Posted by malvuln on Feb 16 Discovery / credits: Malvuln - malvuln.com (c) 2022 Original source: https://malvuln.com/advisory/65a53a37843db2b86a67a9e23277c1bf.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat:...
Drupal core – Moderately critical – Information disclosure – SA-CORE-2022-004
Project: Drupal core Date: 2022-February-16 Security risk: Moderately critical 12∕25 AC:None/A:User/CI:Some/II:None/E:Theoretical/TD:Default Vulnerability: Information disclosure CVE IDs: CVE-2022-25270 Description: The Quick Edit module does not properly...
Drupal core – Moderately critical – Improper input validation – SA-CORE-2022-003
Project: Drupal core Date: 2022-February-16 Security risk: Moderately critical 14∕25 AC:Basic/A:None/CI:Some/II:Some/E:Theoretical/TD:Uncommon Vulnerability: Improper input validation CVE IDs: CVE-2022-25271 Description: Drupal core's form API has a...
ZDI-22-377: Apple macOS libFontParser TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the libFontParser library is required to exploit this...