Databáze Hot News - Úvod  Bugtraq  Malware   Phishing  Vulnerebility  SANS  Mobil Virus  Exploit  Útoky  IDS/IPS  Techniky hackerů

Rok -  2019  2018  2017  2016  2015  2014  2013  - 1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16  17  18  19  20  List  - 2018  2017  2016  2015  2014  2013 

 


2019


16.8.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploint

 

15.8.2019

Bugtraq

 

Malware

 

Phishing

Aine MARKHAM

15th August 2019

Pending Document

Vulnerebility

 

Exploint

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in FixSbitSubTableFormat1

Microsoft Font Subsetting - DLL Heap Corruption in MakeFormat12MergedGlyphList

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in WriteTableFromStructure

Microsoft Font Subsetting - DLL Heap Corruption in ReadAllocFormat12CharGlyphMapList

Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructure

Microsoft Font Subsetting - DLL Heap Corruption in FixSbitSubTables

Microsoft Font Subsetting - DLL Double Free in MergeFormat12Cmap / MakeFormat12MergedGlyphList

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in GetGlyphIdx

Microsoft Font Subsetting - DLL Returning a Dangling Pointer via MergeFontPackage

Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities

NSKeyedUnarchiver - Info Leak in Decoding SGBigUTF8String

Adobe Acrobat CoolType (AFDKO) - Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts

Adobe Acrobat CoolType (AFDKO) - Memory Corruption in the Handling of Type 1 Font load/store Operators

Adobe Acrobat Reader DC for Windows - Double Free due to Malformed JP2 Stream

Adobe Acrobat Reader DC for Windows - free() of Uninitialized Pointer due to Malformed JBIG2Globals Stream

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed JP2 Stream

Adobe Acrobat Reader DC for Windows - Heap-Based Memory Corruption due to Malformed TTF Font

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow in CoolType.dll

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed Font Stream

Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow While Processing Malformed PDF

Adobe Acrobat Reader DC for Windows - Use-After-Free due to Malformed JP2 Stream

Adobe Acrobat Reader DC for Windows - Heap-Based Out-of-Bounds read due to Malformed JP2 Stream

14.8.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploint

Windows PowerShell - Unsanitized Filename Command Execution

Microsoft Windows 10 AppXSvc Deployment Service - Arbitrary File Deletion

WordPress Plugin Download Manager 2.5 - Cross-Site Request Forgery

D-Link DIR-600M - Authentication Bypass (Metasploit)

TortoiseSVN 1.12.1 - Remote Code Execution

Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - 'customfields.php' SQL Injection

SugarCRM Enterprise 9.0.0 - Cross-Site Scripting

AZORult Botnet - SQL Injection

Agent Tesla Botnet - Arbitrary Code Execution

ABC2MTEX 1.6.1 - Command Line Stack Overflow

ManageEngine opManager 12.3.150 - Authenticated Code Execution

Agent Tesla Botnet - Arbitrary Code Execution (Metasploit)

13.8.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploint

Steam Windows Client - Local Privilege Escalation

WebKit - UXSS via XSLT and Nested Document Replacements

Linux - Use-After-Free Reads in show_numa_stats()

VxWorks 6.8 - TCP Urgent Pointer = 0 Integer Underflow

Joomla! Component JS Jobs (com_jsjobs) 1.2.5 - 'cities.php' SQL Injection

Ghidra (Linux) 9.0.4 - .gar Arbitrary Code Execution

Webmin 1.920 - Unauthenticated Remote Code Execution (Metasploit)

ManageEngine OpManager 12.4x - Unauthenticated Remote Command Execution (Metasploit)

ManageEngine Application Manager 14.2 - Privilege Escalation / Remote Command Execution (Metasploit)

ManageEngine OpManager 12.4x - Privilege Escalation / Remote Command Execution (Metasploit)

osTicket 1.12 - Persistent Cross-Site Scripting

osTicket 1.12 - Formula Injection

osTicket 1.12 - Persistent Cross-Site Scripting via File Upload

Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticket.php' Arbitrary File Deletion

Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 - 'ticketreply.php' SQL Injection

UNA 10.0.0 RC1 - 'polyglot.php' Persistent Cross-Site Scripting

Cisco Adaptive Security Appliance - Path Traversal (Metasploit)

BSI Advance Hotel Booking System 2.0 - 'booking_details.php Persistent Cross-Site Scripting

9.8.2019

Bugtraq

 

Malware

 

Phishing

PayPal

9th August 2019

Notice: Your account PayPaI
will be limited in 48h

Media Communications Departmen

9th August 2019

Brexit ToS Updates

Vulnerebility

 

Exploint

 

8.8.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploint

Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - SQL Injection

Adive Framework 2.0.7 - Cross-Site Request Forgery

Joomla! Component JS Support Ticket (component com_jssupportticket) 1.1.5 - Arbitrary File Download

Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)

Aptana Jaxer 1.0.3.4547 - Local File inclusion

Daily Expense Manager 1.0 - Cross-Site Request Forgery (Delete Income)

Open-School 3.0 / Community Edition 2.3 - Cross-Site Scripting

7.8.2019

Bugtraq

 

Malware

PHP/Agent.NGD

Phishing

PayPal

6th August 2019

Notice: Your account PayPaI
will be limited in 48h

Vulnerebility

 

Exploint

Google Chrome 74.0.3729.0 / 76.0.3789.0 - Heap Use-After-Free in blink::PresentationAvailabilityState::UpdateAvailability

WordPress Plugin JoomSport 3.3 - SQL Injection

6.8.2019

Bugtraq

 

Malware

 

Phishing

Chase Online

6th August 2019

URGENT Chase Confirmation

Vulnerebility

 

Exploint

 

5.8.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploint

macOS iMessage - Heap Overflow when Deserializing

Apache Tika 1.15 - 1.17 - Header Command Injection (Metasploit)

2.8.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploint

Sar2HTML 3.2.1 - Remote Command Execution

Rest - Cafe and Restaurant Website CMS - 'slug' SQL Injection

1CRM On-Premise Software 8.5.7 - Persistent Cross-Site Scripting

1.8.2019

Bugtraq

 

Malware

 

Phishing

HOOVER ONEPWR FloorMate JET

1st August 2019

Vacuum & Wash Hard Surfaces in
One Simple Step!

Vulnerebility

 

Exploint

Cisco Catalyst 3850 Series Device Manager - Cross-Site Request Forgery

WebIncorp ERP - SQL injection

Ultimate Loan Manager 2.0 - Cross-Site Scripting

31.7.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploint

Oracle Hyperion Planning 11.1.2.3 - XML External Entity

Redis 4.x / 5.x - Unauthenticated Code Execution (Metasploit)

30.7.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploint

iMessage - NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects

iMessage - Memory Corruption when Decoding NSKnownKeysDictionary1

iMessage - NSArray Deserialization can Invoke Subclass that does not Retain References

macOS / iOS JavaScriptCore - JSValue Use-After-Free in ValueProfiles

macOS / iOS JavaScriptCore - Loop-Invariant Code Motion (LICM) Leaves Object Property Access Unguarded

Amcrest Cameras 2.520.AC00.18.R - Unauthenticated Audio Streaming

Amcrest Cameras 2.520.AC00.18.R - Unauthenticated Audio Streaming

29.7.2019

Bugtraq

 

Malware

 

Phishing

ApplelD

29th July 2019

Reminder: your information has
been updated, login to
complete the request(July 29,
2019, 3:28 am).

Vulnerebility

 

Exploint

WP Database Backup < 5.2 - Remote Code Execution (Metasploit)

Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit)

GigToDo 1.3 - Cross-Site Scripting

WordPress Theme Real Estate 2.8.9 - Cross-Site Scripting

WordPress Plugin Simple Membership 3.8.4 - Cross-Site Request Forgery

26.7.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure Vulnerability
2019-07-26
http://www.securityfocus.com/bid/109320

Qualcomm Components CVE-2019-2307 Integer Underflow Vulnerability
2019-07-26
http://www.securityfocus.com/bid/109383

LibreOffice Remote Code Execution and Unauthorized Access Vulnerabilities
2019-07-26
http://www.securityfocus.com/bid/109374

Exploint

Ahsay Backup 7.x - 8.1.1.50 - XML External Entity Injection

Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload / Remote Code Execution (Metasploit)

Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload / Remote Code Execution

pdfresurrect 0.15 - Buffer Overflow

Moodle Filepicker 3.5.2 - Server Side Request Forgery

Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation

25.7.2019

Bugtraq

 

Malware

 

Phishing

Aol. Aol.

25th July 2019

2019 AOL OATH PRIVACY POLICY |
CUSTOMER SUPPORT 📧 AOL
(AOL@COMMS.AOL.NET)

Vulnerebility

KDE KAuth CVE-2017-8422 Local Privilege Escalation Vulnerability
2019-07-25
http://www.securityfocus.com/bid/98412

FreeBSD CVE-2019-5604 Out of Bounds Read Denial of Service Vulnerability
2019-07-25
http://www.securityfocus.com/bid/109369

Exploint

WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads

Ovidentia 8.4.3 - Cross-Site Scripting

Ovidentia 8.4.3 - SQL Injection

24.7.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Exim CVE-2019-13917 Privilege Escalation Vulnerability
2019-07-24
http://www.securityfocus.com/bid/109338

Exploint

Android 7-9 - Remote Code Execution

Apple iMessage - DigitalTouch tap Message Processing Out-of-Bounds Read

Trend Micro Deep Discovery Inspector IDS - Security Bypass

WordPress Plugin Hybrid Composer 1.4.6 - Improper Access Restrictions

Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery

NoviSmart CMS - SQL injection

23.7.2019

Bugtraq

 

Malware

 

Phishing

Microsoft Outlook

23rd July 2019

Hotmail Outlook Deactivation
Request

Vulnerebility

Scapy '_RADIUSAttrPacketListField' Class Remote Denial of Service Vulnerability
2019-07-23
http://www.securityfocus.com/bid/106674

FFmpeg CVE-2019-12730 Security Bypass Vulnerability
2019-07-23
http://www.securityfocus.com/bid/109317

Exploint

 

22.7.2019

Bugtraq

 

Malware

Ransom.Bitpaymer

Phishing

 

Vulnerebility

Linux Kernel CVE-2019-11811 Local Arbitrary Code Execution Vulnerability
2019-07-22
http://www.securityfocus.com/bid/108410

Exploint

Comtrend-AR-5310 - Restricted Shell Escape

BACnet Stack 0.8.6 - Denial of Service

Axway SecureTransport 5 - Unauthenticated XML Injection

19.7.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

GNOME gvfs CVE-2019-12795 Local Authorization Bypass Vulnerability
2019-07-19
http://www.securityfocus.com/bid/108741

Mozilla Firefox Multiple Security Vulnerabilities
2019-07-19
http://www.securityfocus.com/bid/109085

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2019-07-19
http://www.securityfocus.com/bid/109086

Squid CVE-2019-13345 Multiple Cross Site Scripting Vulnerabilities
2019-07-19
http://www.securityfocus.com/bid/109095

Exploint

Web Ofisi Firma Rehberi 1 - 'il' SQL Injection

Web Ofisi Emlak 3 - 'emlak_durumu' SQL Injection

Web Ofisi Emlak 2 - 'ara' SQL Injection

Web Ofisi Platinum E-Ticaret 5 - 'q' SQL Injection

Web Ofisi E-Ticaret 3 - 'a' SQL Injection

fuelCMS 1.4.1 - Remote Code Execution

MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow (EggHunter)

18.7.2019

Bugtraq

 

Malware

Win32/Crossza.A

Trojan.Tepok

Phishing

ICloud Inc..

18th July 2019

[RE] Confirmation
�DNJj%fDzFNj%b%�N�%hjLbfNrRK

Vulnerebility

CKEditor CVE-2018-9861 Cross Site Scripting Vulnerability
2019-07-18
http://www.securityfocus.com/bid/103924

Exploint

Microsoft Windows 10 1903/1809 - RPCSS Activation Kernel Security Callback Privilege Escalation

WordPress Plugin OneSignal 1.17.5 - 'subdomain' Persistent Cross-Site Scripting

17.7.2019

Bugtraq

 

Malware

Trojan.Burtopinam

Phishing

 

Vulnerebility

Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
2019-07-17
http://www.securityfocus.com/bid/91068

Apache Tomcat CVE-2018-1305 Security Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/103144

Apache HTTP Server CVE-2019-0190 Denial of Service Vulnerability
2019-07-17
http://www.securityfocus.com/bid/106743

Spring Security and Spring Framework CVE-2018-1258 Authorization Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/104222

Apache Tomcat CVE-2019-0199 Denial of Service Vulnerability
2019-07-17
http://www.securityfocus.com/bid/107674

Oracle Hospitality Simphony Multiple Local Security Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/109196

OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
2019-07-17
http://www.securityfocus.com/bid/101666

FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
2019-07-17
http://www.securityfocus.com/bid/103203

Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/98888

Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2019-07-17
http://www.securityfocus.com/bid/102376

Apache Solr CVE-2019-0192 Deserialization Remote Code Execution Vulnerability
2019-07-17
http://www.securityfocus.com/bid/107318

OpenSSL CVE-2018-0732 Denial of Service Vulnerability
2019-07-17
http://www.securityfocus.com/bid/104442

Apache ActiveMQ CVE-2018-11775 Man in the Middle Security Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/105335

FreeBSD Multiple Security Bypass Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/108395

cURL/libcURL CVE-2018-1000120 Buffer Overflow Vulnerability
2019-07-17
http://www.securityfocus.com/bid/103414

Apache CXF CVE-2018-8039 TLS Hostname Verification Security Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/106357

Perl Multiple Buffer Overflow Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/106145

Apache Batik CVE-2018-8013 Information Disclosure Vulnerability
2019-07-17
http://www.securityfocus.com/bid/104252

Oracle MySQL Server Cpujul2019 Multiple Security Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/109234

Multiple Dell EMC Products CVE-2018-11058 Buffer Overflow Vulnerability
2019-07-17
http://www.securityfocus.com/bid/108106

cURL/libcURL CVE-2018-16890 Heap Buffer Overflow Vulnerability
2019-07-17
http://www.securityfocus.com/bid/106947

Apache Tomcat CVE-2018-11784 Open Redirection Vulnerability
2019-07-17
http://www.securityfocus.com/bid/105524

OpenSSL CVE-2018-0734 Side Channel Attack Information Disclosure Vulnerability
2019-07-17
http://www.securityfocus.com/bid/105758

Apache Tika CVE-2018-17197 Denial of Service Vulnerability
2019-07-17
http://www.securityfocus.com/bid/106293

OWASP AntiSamy CVE-2017-14735 Cross Site Scripting Vulnerability
2019-07-17
http://www.securityfocus.com/bid/105656

FasterXML Jackson-databind CVE-2018-12023 Remote Code Execution Vulnerability
2019-07-17
http://www.securityfocus.com/bid/105659

FasterXML Jackson-databind Deserialization Multiple Remote Code Execution Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/107985

Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/67121

Oracle Primavera Unifier Multiple Security Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/104823

Apache Tomcat CVE-2019-0232 Remote Code Execution Vulnerability
2019-07-17
http://www.securityfocus.com/bid/107906

Exploint

Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit)

Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME

Oracle Siebel CRM 19.0 - Persistent Cross-Site Scripting

WinMPG iPod Convert 3.0 - 'Register' Denial of Service

MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow

16.7.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Cisco IOS and IOS XE Software CVE-2018-0197 Denial of Service Vulnerability
2019-07-16
http://www.securityfocus.com/bid/105424

Symantec Norton Password Manager CVE-2019-9700 IP Address Spoofing Vulnerability
2019-07-16
http://www.securityfocus.com/bid/108676

Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2019-07-16
http://www.securityfocus.com/bid/57778

OpenVPN CVE-2016-6329 Information Disclosure Vulnerability
2019-07-16
http://www.securityfocus.com/bid/92631

SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
2019-07-16
http://www.securityfocus.com/bid/49778

Pivotal Spring Security CVE-2019-11272 Authentication Bypass Vulnerability
2019-07-16
http://www.securityfocus.com/bid/108877

Linux Kernel 'crypto/af_alg.c' Use After Free Arbitrary Code Execution Vulnerability
2019-07-16
http://www.securityfocus.com/bid/107063

Schneider Electric Floating License Manager ICSA-19-192-07 Multiple Security Vulnerabilities
2019-07-16
http://www.securityfocus.com/bid/109155

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2019-07-16
http://www.securityfocus.com/bid/109086

Moodle CVE-2019-10188 Security Bypass Vulnerability
2019-07-16
http://www.securityfocus.com/bid/109178

Moodle CVE-2019-10187 Security Bypass Vulnerability
2019-07-16
http://www.securityfocus.com/bid/109174

Exploint

PHP Laravel Framework 5.5.40 / 5.6.x < 5.6.30 - token Unserialize Remote Command Execution (Metasploit)

Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation (Metasploit)

Microsoft Compiled HTML Help / Uncompiled .chm File - XML External Entity Injection

DameWare Remote Support 12.0.0.509 - 'Host' Buffer Overflow (SEH)

CentOS Control Web Panel 0.9.8.838 - User Enumeration

CentOS Control Web Panel 0.9.8.836 - Privilege Escalation

CentOS Control Web Panel 0.9.8.836 - Authentication Bypass

R 3.4.4 (Windows 10 x64) - Buffer Overflow SEH (DEP/ASLR Bypass)

15.7.2019

Bugtraq

 

Malware

Backdoor.Hannotog

Win32/TrojanDownloader.
Small.PET

Win32/Exploit.CVE-2018-0802.A

Win64/GoBot2

Win64/GoBot2

Phishing

 

Vulnerebility

VideoLAN VLC CVE-2019-13602 Heap Based Buffer Overflow Vulnerability
2019-07-14
http://www.securityfocus.com/bid/109158

Exploint

FlightPath < 4.8.2 / < 5.0-rc2 - Local File Inclusion

Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service (Metasploit)

Android 7 - 9 VideoPlayer - 'ihevcd_parse_pps' Out-of-Bounds Write

CISCO Small Business 200 / 300 / 500 Switches - Multiple Vulnerabilities

NETGEAR WiFi Router JWNR2010v5 / R6080 - Authentication Bypass

Streamripper 2.6 - 'Song Pattern' Buffer Overflow

14.7.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploint

Microsoft Windows 10.0.17134.648 - HTTP -> SMB NTLM Reflection Leads to Privilege Elevation

11.7.2019

Bugtraq

 

Malware

Trojan.Fenkrib

Phishing

 

Vulnerebility

Linux Kernel CVE-2019-11477 Integer Overflow Vulnerability
2019-07-12
http://www.securityfocus.com/bid/108801

Symantec Messaging Gateway CVE-2019-12751 Privilege Escalation Vulnerability
2019-07-12
http://www.securityfocus.com/bid/108925

Oracle July 2019 Critical Patch Update Multiple Vulnerabilities
2019-07-12
http://www.securityfocus.com/bid/109125

Exploint

Xymon 4.3.25 - useradm Command Execution (Metasploit)

Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData

Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution

Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting

Sahi Pro 8.0.0 - Remote Command Execution

MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting

Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting

11.7.2019

Bugtraq

 

Malware

 

Phishing

PayPal

11th July 2019

New Update Confirm information

Vulnerebility

Multiple F5 BIG-IP Products CVE-2019-6631 Denial of Service Vulnerability
2019-07-11
http://www.securityfocus.com/bid/109119

Exploint

Sitecore 9.0 rev 171002 - Persistent Cross-Site Scripting

SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow

10.7.2019

Bugtraq

 

Malware

Infostealer.Astaroth

Phishing

Chase Alerts

9th July 2019

Customer Service In Chase
Bank.

Vulnerebility

Symantec Messaging Gateway CVE-2019-12751 Privilege Escalation Vulnerability
2019-07-10
http://www.securityfocus.com/bid/108925s

Exploint

Microsoft DirectWrite / AFDKO - Heap-Based Out-of-Bounds Read/Write in OpenType Font Handling Due to Empty ROS Strings

Microsoft DirectWrite / AFDKO - NULL Pointer Dereferences in OpenType Font Handling While Accessing Empty dynarrays

Microsoft DirectWrite / AFDKO - Multiple Bugs in OpenType Font Handling Related to the "post" Table

Microsoft DirectWrite / AFDKO - Out-of-Bounds Read in OpenType Font Handling Due to Undefined FontName Index

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling While Processing CFF Blend DICT Operator

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readStrings

Microsoft DirectWrite / AFDKO - Heap-Based Out-of-Bounds Read/Write in OpenType Font Handling Due to Unbounded iFD

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow Due to Integer Overflow in readTTCDirectory

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readCharset

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readFDSelect

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readEncoding

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Incorrect Handling of blendArray

Microsoft DirectWrite / AFDKO - Interpreter Stack Underflow in OpenType Font Handling Due to Missing CHKUFLOW

Microsoft DirectWrite / AFDKO - Use of Uninitialized Memory While Freeing Resources in var_loadavar

Microsoft DirectWrite / AFDKO - Stack-Based Buffer Overflow in do_set_weight_vector_cube for Large nAxes

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Negative nAxes

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Negative cubeStackDepth

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling due to Out-of-Bounds cubeStackDepth

Mozilla Spidermonkey - Unboxed Objects Uninitialized Memory Access

Microsoft Windows - Font Subsetting DLL Heap-Based Out-of-Bounds Read in MergeFonts

9.7.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

SAP Commerce Cloud CVE-2019-0322 Unspecified Denial of Service Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109076

SAP ERP HCM CVE-2019-0325 Remote Authorization Bypass Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109075

SAP Gateway CVE-2019-0319 Content Injection Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109074

SAP BusinessObjects Business Intelligence Platform CVE-2019-0326 Cross Site Scripting Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109072

SAP NetWeaver AS Java CVE-2019-0327 Arbitrary File Upload Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109071

SAP Information Steward CVE-2019-0329 Cross Site Scripting Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109070

SAP Netweaver Application Server Java CVE-2019-0318 Information Disclosure Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109069

SAP Diagnostics Agent CVE-2019-0330 OS Command Injection Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109068

SAP NetWeaver Process Integration CVE-2019-0328 Code Injection Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109067

Exploint

Firefox 67.0.4 - Denial of Service

Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow (2)

8.7.2019

Bugtraq

 

Malware

 

Phishing

Microsoft Hotmail

8th July 2019

Termination Request For Your
Hotmail Outlook Account

Vulnerebility

Redhat Openshift Container Platform CVE-2019-3889 Cross Site Scripting Vulnerability
2019-07-08
http://www.securityfocus.com/bid/109062

Exploint

WordPress Plugin Like Button 1.6.0 - Authentication Bypass

Karenderia Multiple Restaurant System 5.3 - SQL Injection

5.7.2019

Bugtraq

 

Malware

 

Phishing

Chase Online

5th July 2019

Your Chase Online Access
placed on Restriction.

Vulnerebility

Red Hat Undertow CVE-2019-3888 Information Disclosure Vulnerability
2019-07-05
http://www.securityfocus.com/bid/108739

Exploint

Microsoft Exchange 2003 - base64-MIME Remote Code Execution

Karenderia Multiple Restaurant System 5.3 - Local File Inclusion

4.7.2019

Bugtraq

 

Malware

 

Phishing

Microsoft Hotmail

4th July 2019

Termination Request For Your
Hotmail Outlook Account

 

Vulnerebility

Linux Kernel CVE-2019-11478 Denial of Service Vulnerability
2019-07-04
http://www.securityfocus.com/bid/108798

Linux Kernel CVE-2019-11477 Integer Overflow Vulnerability
2019-07-04
http://www.securityfocus.com/bid/108801

Exploint

 

3.7.2019

Bugtraq

 

Malware

OSX.Netwire

Phishing

 

Vulnerebility

IBM Spectrum Protect Plus Multiple Security Vulnerabilities
2019-07-03
http://www.securityfocus.com/bid/109003

Exploint

Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit)

Serv-U FTP Server - prepareinstallation Privilege Escalation (Metasploit)

Symantec DLP 15.5 MP1 - Cross-Site Scripting

2.7.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

 

Exploint

Mac OS X TimeMachine - 'tmdiagnose' Command Injection Privilege Escalation (Metasploit)

Centreon 19.04 - Remote Code Execution

1.7.2019

Bugtraq

 

Malware

 

Phishing

 

Vulnerebility

Linux Kernel CVE-2019-11479 Denial of Service Vulnerability
2019-07-01
http://www.securityfocus.com/bid/108818

Linux Kernel CVE-2019-11478 Denial of Service Vulnerability
2019-07-01
http://www.securityfocus.com/bid/108798

Linux Kernel CVE-2019-11477 Integer Overflow Vulnerability
2019-07-01
http://www.securityfocus.com/bid/108801

ABB PB610 Multiple Security Vulnerabilities
2019-07-01
http://www.securityfocus.com/bid/108886

Multiple ABB Products CVE-2019-7225 Hardcoded Credentials Vulnerability
2019-07-01
http://www.securityfocus.com/bid/108922

Exploint

FaceSentry Access Control System 6.4.8 - Remote SSH Root

FaceSentry Access Control System 6.4.8 - Remote Root Exploit

FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery

FaceSentry Access Control System 6.4.8 - Remote Command Injection

CyberPanel 1.8.4 - Cross-Site Request Forgery

Sahi pro 8.x - Directory Traversal

SAP Crystal Reports - Information Disclosure

ZoneMinder 1.32.3 - Cross-Site Scripting

PowerPanel Business Edition - Cross-Site Scripting

Varient 1.6.1 - SQL Injection

Linux Mint 18.3-19.1 - 'yelp' Command Injection

CiuisCRM 1.6 - 'eventType' SQL Injection

WorkSuite PRM 2.4 - 'password' SQL Injection