- Advertisement -
Current Threats
Microsoft Edge Chakra InitializeNumberFormat / InitializeDateTimeFormat Type ConfusionXen xen-netback xenvif_set_hash_mapping Integer OverflowOpenSSL Toolkit 1.1.0iDebian Security Advisory 4276-1Silver Peak EdgeConnect 8.1.4.9_65644 XSS / DoS / Disclosure / Traversal[webapps] ADM 3.1.2RHG1 – Remote Code ExecutionVuln: Cisco Web Security Appliance CVE-2018-0428 Local Privilege Escalation Vulnerability[dos] TP-Link WR840N 0.9.1 3.16 – Denial of Service (PoC)[local] WebkitGTK+ 2.20.3 – ‘ImageBufferCairo::getImageData()’ Buffer Overflow (PoC)[webapps] WordPress Plugin Export Users to CSV 1.1.1 – CSV Injection[dos] Central Management Software 1.4.13 – Denial of Service (PoC)[webapps] Pimcore 5.2.3 – SQL Injection / Cross-Site Scripting / Cross-Site Request ForgeryEasy RM To MP3 Converter 2.6 Stack Buffer OverflowPimcore 5.2.3 CSRF / Cross Site Scripting / SQL Injection[dos] ObserverIP Scan Tool 1.4.0.1 – Denial of Service (PoC)[dos] JioFi 4G M2S 1.0.2 – Denial of Service (PoC)Vuln: Adobe Flash Player CVE-2018-12825 Unspecified Security Bypass VulnerabilityVuln: Microsoft .NET Framework CVE-2018-8284 Remote Code Execution VulnerabilityVuln: Adobe Flash Player APSB18-25 Multiple Information Disclosure VulnerabilitiesVuln: Microsoft Windows Graphics Component CVE-2018-8344 Remote Code Execution VulnerabilityAtmosphere 1.x / 2.x Cross Site Scripting[webapps] ASUSTOR ADM 3.1.0.RFQ3 – Remote Command Execution / SQL InjectionownCloud iOS Application 3.7.3 Cross Site Scripting[webapps] ASUS-DSL N10 1.1.2.2_17 – Authentication BypassVuln: NTP CVE-2018-7184 Denial of Service VulnerabilityVuln: NTP CVE-2018-7185 Denial of Service VulnerabilityVuln: NTP CVE-2018-7183 Buffer Overflow VulnerabilityVuln: NTP CVE-2018-12327 Stack Buffer Overflow VulnerabilityVuln: NTP CVE-2016-1549 Remote Security VulnerabilityVuln: Multiple SAP Products Multiple Unspecified Security VulnerabilitiesVuln: Samba CVE-2018-1139 Remote Security Bypass Vulnerability[webapps] cgit 1.2.1 – Directory Traversal (Metasploit)Vuln: Multiple Intel Processors Side Channel Attack Multiple Information Disclosure VulnerabilitiesVuln: Adobe Flash Player CVE-2018-12828 Unspecified Privilege Escalation Vulnerability[webapps] Oracle GlassFish Server Open Source Edition 4.1 – Path Traversal (Metasploit)Vuln: OpenSSL CVE-2018-0732 Denial of Service Vulnerability[remote] Cloudme 1.9 – Buffer Overflow (DEP) (Metasploit)Vuln: OpenSSL CVE-2018-0737 Side Channel Attack Information Disclosure VulnerabilityVuln: Adobe Experience Manager CVE-2018-5005 Cross Site Scripting Vulnerability[webapps] IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 – Cross-Site ScriptingMicrosoft DirectX SDK (June 2010) Xact3.exe DLL Hijacking[local] Android – Directory Traversal over USB via Injection in blkid OutputLinux/x64 Add Root User (toor/toor) ShellcodeSwitch Port Mapping Tool 2.81.2 Denial Of ServiceAcunetix WVS 10.0 Build 20150623 Denial Of ServiceIP Finder 1.5 Denial Of Service[remote] Oracle Weblogic Server – Deserialization Remote Code Execution (Metasploit)IBM Sterling B2B Integrator 5.2.0.1 / 5.2.6.3 Cross Site ScriptingGoogle Android USB Directory TraversalPostgreSQL 9.4-0.5.3 Privilege EscalationIceWarp WebMail 12.0.3.1 Cross Site ScriptingPLC Wireless Router GPN2.4P21-C-CN Denial Of ServiceiSmartViewPro 1.5 Buffer OverflowOracle GlassFish Server 4.1 Directory TraversalBugtraq: [SECURITY] [DSA 4268-1] openjdk-8 security updateFireHOL 3.1.6Bugtraq: [SECURITY] [DSA 4269-1] postgresql-9.6 security update[dos] Switch Port Mapping Tool 2.81.2 – ‘Name Field’ Denial of Service (PoC)Vuln: Multiple CPU Hardware CVE-2018-3639 Information Disclosure Vulnerability[local] iSmartViewPro 1.5 – ‘Account’ Buffer Overflow[remote] Mikrotik WinBox 6.42 – Credential Disclosure (Metasploit)[webapps] TP-Link C50 Wireless Router 3 – Cross-Site Request Forgery (Remote Reboot)[webapps] Zimbra 8.6.0_GA_1153 – Cross-Site Scripting[webapps] MyBB Thank You/Like Plugin 3.0.0 – Cross-Site ScriptingiSmartViewPro 1.5 Password Buffer OverflowMyBB Like 3.0.0 Cross Site ScriptingMyBB Thank You / Like 3.0.0 Cross Site ScriptingZimbra 8.6.0_GA_1153 Cross Site ScriptingMachine Learning – Learning CybersecurityKernel Live Patch Security Notice LSN-0041-1[webapps] MyBB Like Plugin 3.0.0 – Cross-Site ScriptingOracle Weblogic Server Deserialization Remote Code ExecutionVuln: OpenSLP ‘SLPDProcessMessage()’ Function Double Free Denial of Service VulnerabilityVuln: VMware vCenter Server CVE-2015-2342 Remote Code Execution VulnerabilityVuln: Adobe Flash Player CVE-2018-4878 Use After Free Remote Code Execution VulnerabilityVuln: VMware vCenter Server CVE-2015-1047 Denial of Service Vulnerability[local] iSmartViewPro 1.5 – ‘Password’ Buffer Overflow[webapps] TP-Link C50 Wireless Router 3 – Cross-Site Request Forgery (Information Disclosure)Responsive File Manager 9.13.1 File DisclosureTP-Link C50 Wireless Router 3 Remote Reboot Cross Site Request ForgeryTP-Link C50 Wireless Router 3 Information Disclosure Cross Site Request Forgery[dos] reSIProcate 1.10.2 – Heap OverflowLinux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) Arbitrary File ReadLynis Auditing Tool 2.6.7[local] Linux Kernel 4.14.7 (Ubuntu 16.04 / CentOS 7) – (KASLR & SMEP Bypass) Arbitrary File ReadVuln: Apache CouchDB CVE-2018-11769 Remote Code Execution VulnerabilityVuln: Multiple Medtronic Isulin Pumps Authentication Bypass and Information Disclosure Vulnerabilities[webapps] LG-Ericsson iPECS NMS 30M – Directory TraversalQNap QVR Client 5.0.3.23100 Denial Of ServiceOpenEMR 5.0.1.3 Remote Code ExecutionBugtraq: [SECURITY] [DSA 4267-1] kamailio security updateWebKitGTK+ / WPE WebKit Code Execution / Denial Of Service[dos] TP-Link Wireless N Router WR840N – Denial of Service (PoC)CMS BUZZ 2.9 Cross Site ScriptingHashcat Advanced Password Recovery 4.2.1 Binary ReleaseHashcat Advanced Password Recovery 4.2.1 Source Codeman-cgi Local File InclusionreSIProcate 1.10.2 Heap OverflowLG-Ericsson iPECS NMS 30M Directory TraversalFwknop Port Knocking Utility 2.6.10

Cyber Watch

- Advertisement -

Deeper Learning