- Advertisement -
Current Threats
Vuln: Apache Struts CVE-2016-1181 Remote Code Execution VulnerabilityVuln: JasPer Multiple Assertion Failures Denial of Service VulnerabilitiesVuln: JasPer ‘jpc_dec.c’ Denial of Service Vulnerability[papers] Windows Privilege EscalationsVuln: JasPer Multiple Denial of Service Vulnerabilities[webapps] Across DR-810 ROM-0 – Backup File DisclosureVuln: Oracle Enterprise Manager Base Platform CVE-2018-3303 Remote Security Vulnerability[webapps] i-doit CMDB 1.12 – Arbitrary File DownloadVuln: Oracle Hyperion BI+ CVE-2019-2415 Remote Security Vulnerability[webapps] i-doit CMDB 1.12 – SQL InjectionVuln: Oracle Communications Diameter Signaling Router CVE-2019-2399 Remote Security Vulnerability[papers] [Portuguese] Reverse Engineering 101 using Radare2Vuln: Oracle Hospitality Reporting and Analytics Multiple Local Security Vulnerabilities[webapps] Horde Imp – ‘imap_open’ Remote Command ExecutionVuln: Oracle Retail Xstore Payment Multiple Remote Security Vulnerabilities[webapps] Modern POS 1.3 – Arbitrary File Download[webapps] Modern POS 1.3 – SQL Injection[webapps] Twilio WEB To Fax Machine System Application 1.0 – SQL Injection[papers] Windows Debugging 101[webapps] Live Call Support Widget 1.5 – Cross-Site Request Forgery (Add Admin)[webapps] Live Call Support Widget 1.5 – Remote Code Execution / SQL Injection[local] xorg-x11-server < 1.20.3 – Local Privilege Escalation (Solaris 11 inittab)[remote] Hootoo HT-05 – Remote Code Execution (Metasploit)Ubuntu Security Notice USN-3858-1[webapps] Craigs Classified Ads CMS Theme 1.0.2 – SQL InjectionUbuntu Security Notice USN-3859-1[dos] 1Password < 7.0 – Denial of ServiceJoomla Simple RSS Feed Reader mod_jw_srfr 3.6.0 Open Redirection[local] Microsoft Windows VCF – Remote Code ExecutionModX Open Source CMS Babel 3.0.0 Open Redirection[webapps] ownDMS 4.7 – SQL InjectionVuln: GNU Binutils CVE-2018-20712 Heap Buffer Overflow VulnerabilityCraigs CMS 1.0.2 SQL Injection[shellcode] Linux/x86 – Bind (4444/TCP) Shell (/bin/sh) Shellcode (100 bytes)WordPress topcsstools 1.0 Open Redirection / Remote File Inclusion[webapps] Find a Place CMS Directory 1.5 – SQL InjectionLocations CMS 1.5 SQL Injection[webapps] Cleanto 5.0 – SQL InjectionVuln: Identicard Premisys Multiple Security VulnerabilitiesHucart CMS 5.7.4 Cross Site Request Forgery[webapps] Lenovo R2105 – Cross-Site Request Forgery (Command Execution)Vuln: Foreman CVE-2018-14664 Multiple HTML Injection VulnerabilitiesHootoo HT-05 Remote Code Execution[webapps] HealthNode Hospital Management System 1.0 – SQL InjectionUbuntu Security Notice USN-3856-1[webapps] Hucart CMS 5.7.4 – Cross-Site Request Forgery (Add Administrator Account)Ubuntu Security Notice USN-3857-1[local] Dokany 1.2.0.1000 – Stack-Based Buffer Overflow Privilege EscalationMicrosoft Windows SSPI Network Authentication Session 0 Privilege Escalation[local] Microsoft Windows 10 – SSPI Network Authentication Session 0 Privilege EscalationMicrosoft Windows DSSVC DSOpenSharedFile Arbitrary File Open Privilege Escalation[local] Microsoft Windows 10 – DSSVC DSOpenSharedFile Arbitrary File Open Privilege EscalationMicrosoft Windows DSSVC DSOpenSharedFile Arbitrary File Delete Privilege Escalation[local] Microsoft Windows 10 – DSSVC DSOpenSharedFile Arbitrary File Delete Privilege EscalationMicrosoft Windows DSSVC CanonicalAndValidateFilePath Security Feature Bypass[local] Microsoft Windows 10 – DSSVC CanonicalAndValidateFilePath Security Feature BypassMicrosoft Windows DSSVC MoveFileInheritSecurity Privilege Escalation[local] Microsoft Windows 10 – DSSVC MoveFileInheritSecurity Privilege EscalationMicrosoft Windows Browser Broker Cross Session Privilege Escalation[local] Microsoft Windows 10 – Browser Broker Cross Session Privilege EscalationMicrosoft Windows COM Desktop Broker Privilege Escalation[local] Microsoft Windows 10 – COM Desktop Broker Privilege Escalation[webapps] Portier Vision 4.4.4.2 / 4.4.4.6 – SQL Injection[webapps] AudioCode 400HD – Command Injection[webapps] ThinkPHP 5.X – Remote Command Execution[webapps] Real Estate Custom Script 2.0 – SQL Injection[webapps] Job Portal Platform 1.0 – SQL Injection[webapps] Umbraco CMS 7.12.4 – Authenticated Remote Code Execution[webapps] Bigcart – Ecommerce Multivendor System 1.0 – SQL InjectionVuln: etcd CVE-2018-16886 Authentication Bypass VulnerabilityUA-Parser Denial Of ServiceMicrosoft Windows VCF Remote Code ExecutionAudioCode 400HD Cross Site scriptingAudioCode 400HD Remote Command Injection[webapps] Adapt Inventory Management System 1.0 – SQL Injection[local] Code Blocks 17.12 – Local Buffer Overflow (SEH) (Unicode)[webapps] Joomla! Component JoomProject 1.1.3.2 – Information Disclosure[webapps] Joomla! Component JoomCRM 1.1.1 – SQL Injection[shellcode] Windows/x86 – Download With TFTP And Execute Shellcode (51-60 bytes) (Generator)[dos] Selfie Studio 2.17 – Denial of Service (PoC)[dos] Tree Studio 2.17 – Denial of Service (PoC)[dos] Paint Studio 2.17 – Denial of Service (PoC)[dos] Pixel Studio 2.17 – Denial of Service (PoC)[dos] Blob Studio 2.17 – Denial of Service (PoC)[dos] Luminance Studio 2.17 – Denial of Service (PoC)[dos] Liquid Studio 2.17 – Denial of Service (PoC)Ubuntu Security Notice USN-3853-1Ubuntu Security Notice USN-3852-1Hodorsec Linux Binary Encryption UtilityUbuntu Security Notice USN-3854-1RGui 3.5.0 Buffer OverflowVuln: OpenSSH CVE-2018-20685 Access Bypass VulnerabilityShield CMS 2.2 Cross Site Request Forgery / SQL InjectionVuln: Pilz PNOZmulti Configurator CVE-2018-19009 Local Information Disclosure VulnerabilityArchitectural CMS 1.0 SQL InjectionMatrix MLM Script 1.0 SQL InjectionVuln: Omron CX-Protocol CVE-2018-19027 Multiple Arbitrary Code Execution VulnerabilitiesdoitX 1.0 SQL InjectionVuln: systemd-journald CVE-2018-16864 Stack-Based Buffer Overflow VulnerabilityMatrix MLM Script 1.0 Information Disclosure

Cyber Watch

- Advertisement -

Deeper Learning