Aggregator

CVE-2024-57081 | underscore-contrib 0.3.0 lib.fromQuery prototype pollution (EUVD-2024-53524)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in underscore-contrib 0.3.0. It has been classified as problematic. This affects the function lib.fromQuery. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability is uniquely identified as CVE-2024-57081. The attack needs to be approached within the local network. There is no exploit available.
vuldb.com

CVE-2024-57082 | rpldy uploader 1.8.1 lib.createUploader prototype pollution (EUVD-2024-53525)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in rpldy uploader 1.8.1. It has been declared as problematic. This vulnerability affects the function lib.createUploader. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability was named CVE-2024-57082. The attack can only be done within the local network. There is no exploit available.
vuldb.com

CVE-2024-57078 | cli-util 1.1.27 lib.merge prototype pollution (EUVD-2024-53521)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in cli-util 1.1.27. It has been classified as problematic. Affected is the function lib.merge. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability is traded as CVE-2024-57078. The attack can only be initiated within the local network. There is no exploit available.
vuldb.com

CVE-2024-57084 | dot-properties 1.0.1 lib.parse prototype pollution (EUVD-2024-53526)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in dot-properties 1.0.1. It has been declared as problematic. Affected by this vulnerability is the function lib.parse. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability is known as CVE-2024-57084. The attack needs to be done within the local network. There is no exploit available.
vuldb.com

How to Tame Your Multi-Cloud Attack Surface with Pentesting

Security Boulevard
2 months 3 weeks ago

Let’s face it most organizations aren’t using just one cloud provider anymore. Maybe your dev team loves AWS. Your analytics team prefers GCP. And someone else decided Azure was better...

The post How to Tame Your Multi-Cloud Attack Surface with Pentesting appeared first on Strobes Security.

The post How to Tame Your Multi-Cloud Attack Surface with Pentesting appeared first on Security Boulevard.

strobes

CVE-2005-4823 | HP HTTP Server up to 5.0 memory corruption (Nessus ID 17997 / ID 86772)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as very critical, has been found in HP HTTP Server up to 5.0. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2005-4823. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2005-4805 | Sun Java System Application Server 7.x JSP Source Code information disclosure (ID 86721 / SBV-12987)

Vuldb Updates
2 months 3 weeks ago
A vulnerability has been found in Sun Java System Application Server 7.x and classified as critical. This vulnerability affects unknown code of the component JSP Source Code Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2005-4805. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2005-4799 | YaPIG 0.92b/0.93u/0.94u/0.95/0.95b view.php cross site scripting (Nessus ID 19515 / ID 12200)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in YaPIG 0.92b/0.93u/0.94u/0.95/0.95b. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view.php. The manipulation leads to basic cross site scripting. This vulnerability is known as CVE-2005-4799. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2005-4838 | Apache Jakarta Tomcat up to 5.5.6 Messenger functions.jsp cross site scripting (Nessus ID 43840 / ID 86780)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Apache Jakarta Tomcat up to 5.5.6. It has been declared as critical. This vulnerability affects unknown code of the file examples/jsp2/el/functions.jsp of the component Messenger. The manipulation leads to cross site scripting. This vulnerability was named CVE-2005-4838. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2006-0001 | Microsoft Publisher 2000/2002/2003 PUB File memory corruption (MS06-054 / VU#406236)

Vuldb Updates
2 months 3 weeks ago
A vulnerability classified as problematic was found in Microsoft Publisher 2000/2002/2003. Affected by this vulnerability is an unknown functionality of the component PUB File Handler. The manipulation leads to memory corruption. This vulnerability is known as CVE-2006-0001. The attack can only be done within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

APT Attackers Leverage Microsoft ClickOnce to Run Malware as Trusted Applications

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
2 months 3 weeks ago

The Trellix Advanced Research Center has exposed a highly sophisticated Advanced Persistent Threat (APT) malware campaign dubbed “OneClik,” specifically targeting the energy, oil, and gas sectors. This operation, which exhibits traits potentially linked to Chinese-affiliated threat actors, employs phishing attacks and exploits Microsoft ClickOnce a .NET deployment technology meant for self-updating applications to execute malicious […]

The post APT Attackers Leverage Microsoft ClickOnce to Run Malware as Trusted Applications appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2002-0693 | Microsoft Windows NT 4.0/2000/XP HTML Help ActiveX Control hhctrl.ocx alink memory corruption (MS02-055 / EDB-21902)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Microsoft Windows NT 4.0/2000/XP. It has been declared as critical. This vulnerability affects the function alink of the file hhctrl.ocx of the component HTML Help ActiveX Control. The manipulation leads to memory corruption. This vulnerability was named CVE-2002-0693. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Qilin

Dark Feed IO
2 months 3 weeks ago

You must login to view this content

cohenido

CVE-2017-6020 | LCDS LTDA ME LAquis SCADA up to 4.1.0 path traversal (EDB-42885 / BID-97055)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in LCDS LTDA ME LAquis SCADA up to 4.1.0 and classified as critical. This issue affects some unknown processing. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2017-6020. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Weekoverzicht Defensieoperaties

Defensie.nl - Nieuwsberichten
2 months 3 weeks ago
Apache-gevechtshelikopters bewaken het luchtruim boven ‘vesting’ Den Haag. Marineschepen beveiligen de Noordzee en de kust en als het moet draait het  luchtverdedigingssysteem Patriot overuren. Het is maar een fractie van de Defensie-inzet voor de NAVO-top. Totaal zijn 5.000 militairen, reservisten en burgermedewerkers in touw. Daarnaast voert de marechaussee politietaken uit. Een overzicht van Defensieoperaties in de week van 18 tot en met 24 juni 2025.

Managed ad