Advisories Archives - Page 370 of 1618

USN-6669-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could...

March 4, 2024

Advisories

DSA-5635-1 yard – security update

Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was vulnerable to cross-site scripting. https://security-tracker.debian.org/tracker/DSA-5635-1...

March 4, 2024

Advisories

SEC Consult SA-20240226-0 :: Local Privilege Escalation via DLL Hijacking in Qognify VMS Client Viewer

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Mar 02 SEC Consult Vulnerability Lab Security Advisory < 20240226-0 > ======================================================================= title: Local Privilege...

March 3, 2024

Advisories

JetStream Smart Switch – TL-SG2210P v5.0/ Improper Access Control / CVE-2023-43318

Posted by Shaikh Shahnawaz on Mar 02 [+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC [+] twitter.com/_striv3r_ [Vendor] Tp-Link (http://tp-link.com) [Product] JetStream Smart...

March 3, 2024

Advisories

Multiple XSS Issues in boidcmsv2.0.1

Posted by Andrey Stoykov on Mar 02 # Exploit Title: Multiple XSS Issues in boidcmsv2.0.1 # Date: 3/2024 # Exploit Author: Andrey Stoykov # Version:...

March 3, 2024

Advisories

XAMPP 5.6.40 – Error Based SQL Injection

Posted by Andrey Stoykov on Mar 02 # Exploit Title: XAMPP - Error Based SQL Injection # Date: 02/2024 # Exploit Author: Andrey Stoykov #...

March 3, 2024

Advisories

BACKDOOR.WIN32.AGENT.AMT / Authentication Bypass

Posted by malvuln on Mar 02 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/2a442d3da88f721a786ff33179c664b7.txt Contact: malvuln13 () gmail com Media:...

March 3, 2024

Advisories

Backdoor.Win32.Jeemp.c / Cleartext Hardcoded Credentials

Posted by malvuln on Mar 02 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/d6b192a4027c7d635499133ca6ce067f.txt Contact: malvuln13 () gmail com Media:...

March 3, 2024

Advisories

BACKDOOR.WIN32.AUTOSPY.10 / Unauthenticated Remote Command Execution

Posted by malvuln on Mar 02 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/b012704cad2bae6edbd23135394b9127.txt Contact: malvuln13 () gmail com Media:...

March 3, 2024

Advisories

BACKDOOR.WIN32.ARMAGEDDON.R / Hardcoded Cleartext Credentials

Posted by malvuln on Mar 02 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/68d135936512e88cc0704b90bb3839e0.txt Contact: malvuln13 () gmail com Media:...

March 3, 2024

Friday Squid Blogging: Squid-A-Rama in Des Moines

Pro-Russian Hacktivists Target South Korea as North Korea Joins Ukraine War

AI Industry is Trying to Subvert the Definition of “Open Source AI”

Major Oilfield Supplier Hit by Ransomware Attack

North Korean Actor Deploys Novel Malware Campaign Against Crypto Firms

Androxgh0st Botnet Adopts Mozi Payloads, Expands IoT Reach

Interlock Ransomware Targets US Healthcare, IT and Government Sectors

Prompt Injection Defenses Against LLM Cyberattacks

CIS Benchmarks November 2024 Update

Category: Advisories

USN-6669-1: Thunderbird vulnerabilities

DSA-5635-1 yard – security update

SEC Consult SA-20240226-0 :: Local Privilege Escalation via DLL Hijacking in Qognify VMS Client Viewer

JetStream Smart Switch – TL-SG2210P v5.0/ Improper Access Control / CVE-2023-43318

Multiple XSS Issues in boidcmsv2.0.1

XAMPP 5.6.40 – Error Based SQL Injection

BACKDOOR.WIN32.AGENT.AMT / Authentication Bypass

Backdoor.Win32.Jeemp.c / Cleartext Hardcoded Credentials

BACKDOOR.WIN32.AUTOSPY.10 / Unauthenticated Remote Command Execution

BACKDOOR.WIN32.ARMAGEDDON.R / Hardcoded Cleartext Credentials