Play
You must login to view this content
Aggregator
Play
9 months ago
You must login to view this content
cohenido
Play
9 months ago
You must login to view this content
cohenido
Play
9 months ago
You must login to view this content
cohenido
Weekly Threat Landscape Digest – Week 19
9 months ago
This week’s cyber threat outlook reveals a surge in attacker sophistication, marked by the exploitation of recent and unpatched security […]
The post Weekly Threat Landscape Digest – Week 19 appeared first on HawkEye.
HawkEye
Google Chrome to use on-device AI to detect tech support scams
9 months ago
Google is implementing a new Chrome security feature that uses the built-in 'Gemini Nano' large-language model (LLM) to detect and block tech support scams while browsing the web. [...]
Bill Toulas
Police dismantles botnet selling hacked routers as residential proxies
9 months ago
Law enforcement authorities have dismantled a botnet that infected thousands of routers over the last 20 years to build two networks of residential proxies known as Anyproxy and 5socks. [...]
Sergiu Gatlan
Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands
9 months ago
A seemingly innocent Python package has been unmasked as a sophisticated remote access trojan (RAT) targeting the Discord developer community. On March 21, 2022, a package named ‘discordpydebug’ appeared on the Python Package Index (PyPI) under the innocuous description “Discord py error logger.” While presenting itself as a helpful debugging utility for developers working with […]
The post Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands appeared first on Cyber Security News.
Tushar Subhra Dutta
CVE-2025-24977
9 months ago
Currently trending CVE - Hype Score: 1 - OpenCTI is an open cyber threat intelligence (CTI) platform. Prior to version 6.4.11 any user with the capability `manage customizations` can execute commands on the underlying infrastructure where OpenCTI is hosted and can access internal server side secrets by misusing the ...
CVE-2025-4052
9 months ago
Currently trending CVE - Hype Score: 20 - Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-43019 | OpenCATS 0.9.6 getDataGridPager deserialization
9 months ago
A vulnerability, which was classified as critical, was found in OpenCATS 0.9.6. This affects the function getDataGridPager. The manipulation leads to deserialization.
This vulnerability is uniquely identified as CVE-2022-43019. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2013-4253 | Red Hat OpenShift 1 Add-on Script temp file
9 months ago
A vulnerability has been found in Red Hat OpenShift 1 and classified as critical. This vulnerability affects unknown code of the component Add-on Script. The manipulation leads to insecure temporary file.
This vulnerability was named CVE-2013-4253. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2022-43020 | OpenCATS 0.9.6 Tag Update tag_id sql injection
9 months ago
A vulnerability was found in OpenCATS 0.9.6. It has been classified as critical. This affects an unknown part of the component Tag Update Handler. The manipulation of the argument tag_id leads to sql injection.
This vulnerability is uniquely identified as CVE-2022-43020. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2022-43021 | OpenCATS 0.9.6 entriesPerPage sql injection
9 months ago
A vulnerability was found in OpenCATS 0.9.6. It has been declared as critical. This vulnerability affects unknown code. The manipulation of the argument entriesPerPage leads to sql injection.
This vulnerability was named CVE-2022-43021. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2022-43022 | OpenCATS 0.9.6 Tag Delete tag_id sql injection
9 months ago
A vulnerability was found in OpenCATS 0.9.6. It has been rated as critical. This issue affects some unknown processing of the component Tag Delete Handler. The manipulation of the argument tag_id leads to sql injection.
The identification of this vulnerability is CVE-2022-43022. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2022-43023 | OpenCATS 0.9.6 Import Error importID sql injection
9 months ago
A vulnerability classified as critical has been found in OpenCATS 0.9.6. Affected is an unknown function of the component Import Error Handler. The manipulation of the argument importID leads to sql injection.
This vulnerability is traded as CVE-2022-43023. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2022-43024 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 Parameter SetVirtualServerCfg list stack-based overflow
9 months ago
A vulnerability classified as critical was found in Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01. Affected by this vulnerability is an unknown functionality of the file /goform/SetVirtualServerCfg of the component Parameter Handler. The manipulation of the argument list leads to stack-based buffer overflow.
This vulnerability is known as CVE-2022-43024. Access to the local network is required for this attack. There is no exploit available.
vuldb.com
CVE-2022-43025 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 /goform/SetPptpServerCfg startIp stack-based overflow
9 months ago
A vulnerability, which was classified as critical, has been found in Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01. Affected by this issue is some unknown functionality of the file /goform/SetPptpServerCfg. The manipulation of the argument startIp leads to stack-based buffer overflow.
This vulnerability is handled as CVE-2022-43025. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com
CVE-2022-43026 | Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 /goform/SetPptpServerCfg endIp stack-based overflow
9 months ago
A vulnerability, which was classified as critical, was found in Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01. This affects an unknown part of the file /goform/SetPptpServerCfg. The manipulation of the argument endIp leads to stack-based buffer overflow.
This vulnerability is uniquely identified as CVE-2022-43026. The attack needs to be approached within the local network. There is no exploit available.
vuldb.com
CVE-2022-40884 | Axiomatic Bento4 1.6.0 mp4fragment memory leak (Issue 759)
9 months ago
A vulnerability was found in Axiomatic Bento4 1.6.0 and classified as problematic. This issue affects some unknown processing of the component mp4fragment. The manipulation leads to memory leak.
The identification of this vulnerability is CVE-2022-40884. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com