Aggregator

DarkRaaS is Allegedly Selling Access to an Unidentified Indonesian Company

A vulnerability was found in Inter7 Qmailadmin up to 1.0.5 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument QMAILADMIN_TEMPLATEDIR as part of Environment Variable leads to memory corruption. This vulnerability is handled as CVE-2002-1414. An attack has to be approached locally. Furthermore, there is an exploit available.

DarkRaaS is Allegedly Selling VPN Access to an Unidentified Turkish Municipality

Fog and Akira ransomware operators have increased their exploitation efforts of CVE-2024-40766, a critical access control flaw that allows unauthorized access to resources on the SSL VPN feature of SonicWall SonicOS firewalls. [...]

A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /file/accept.php. The manipulation of the argument reqid leads to sql injection. This vulnerability was named CVE-2024-10415. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /file/cancel.php. The manipulation of the argument reqid leads to sql injection. The identification of this vulnerability is CVE-2024-10416. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /file/delete.php. The manipulation of the argument bid leads to sql injection. This vulnerability is traded as CVE-2024-10417. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Apple watchOS up to 3.1. It has been declared as problematic. This vulnerability affects unknown code of the component CoreText. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2017-2450. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. New Bumblebee Loader Infection Chain Signals Possible Resurgence    Trojanized Ethers Forks on npm Attempting to Steal Ethereum […]

%PDF-1.3%Äåòåë§ó ÐÄÆ3 0 obj<< /Filter /FlateDecode /Length 6527 >>streamx�\m“�7rþÎ_A-¹^jeRóÂ��u

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Chinese cyber spies targeted phones used by Trump and Vance Irish Data Protection Commission fined LinkedIn €310M for […]

A vulnerability, which was classified as critical, has been found in Positive H-Sphere 2.3 Rc3. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2003-1247. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Ehud Gavron Tracesroute 6.0/6.1/6.1.1. Affected by this vulnerability is an unknown functionality. The manipulation of the argument hostname leads to memory corruption. This vulnerability is known as CVE-2002-1386. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in BrowserCRM 5.002.00. It has been classified as critical. Affected is an unknown function. The manipulation of the argument bcrm_pub_root leads to code injection. This vulnerability is traded as CVE-2008-2689. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Com Yvcomment up to 1.4 on Joomla. This affects an unknown part of the file index.php. The manipulation of the argument ArticleID leads to sql injection. This vulnerability is uniquely identified as CVE-2008-2692. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in GWM Galatolo WebManager 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file result.php. The manipulation of the argument key leads to cross site scripting. This vulnerability is handled as CVE-2008-6108. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in XOOPS Uploader 1.1. Affected is an unknown function of the file index.php of the component Uploader. The manipulation of the argument filename leads to path traversal. This vulnerability is traded as CVE-2008-7178. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in phpInv 0.8.0. Affected is an unknown function of the file entry.php. The manipulation of the argument action leads to path traversal. This vulnerability is traded as CVE-2008-2695. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

注意：操作前建议安装谷歌翻译浏览器插件1、注册Github账号：【点击进入】2、登录Github，然后点击右上角的头像，再点击Your reposito