- Advertisement -
Current Threats
Vuln: Multuiple GE Products CVE-2018-19003 Directory Traversal VulnerabilityDouble Your Bitcoin Script Automatic 2018 SQL InjectionUltraISO 9.7.1.3519 Output FileName Denial Of ServiceFacebook And Google Reviews System For Business 1.0 CSRFAngry IP Scanner 3.5.3 Denial Of ServiceHuawei Router HG532e Command Execution[webapps] Responsive FileManager 9.13.4 – Multiple VulnerabilitiesYSTS 2019 Call For Papers[webapps] Fortify Software Security Center (SSC) 17.10/17.20/18.10 – Information DisclosureMikrotik RouterOS Telnet Arbitrary Root File Creation[webapps] Fortify Software Security Center (SSC) 17.10/17.20/18.10 – Information Disclosure (2)GNU inetutils 1.9.4 telnet.c Overflows[webapps] Facebook And Google Reviews System For Businesses 1.1 – SQL InjectionFacebook And Google Reviews System For Businesses 1.1 SQL Injection[webapps] Facebook And Google Reviews System For Businesses 1.1 – Remote Code ExecutionFacebook And Google Reviews System For Businesses 1.1 Code Execution[remote] Safari – Proxy Object Type Confusion (Metasploit)[dos] UltraISO 9.7.1.3519 – ‘Output FileName’ Denial of Service (PoC)[webapps] Double Your Bitcoin Script Automatic – Authentication BypassCisco RV110W Password Disclosure / Command Execution[webapps] Huawei Router HG532e – Command ExecutionResponsive FileManager 9.13.4 XSS / File Manipulation / Traversal[webapps] Facebook And Google Reviews System For Businesses – Cross-Site Request Forgery (Change Admin Password)Zortam MP3 Media Studio 24.15 Local Buffer Overflow[dos] Angry IP Scanner 3.5.3 – Denial of Service (PoC)GNU Privacy Guard 2.2.12[local] Zortam MP3 Media Studio 24.15 – Local Buffer Overflow (SEH)[remote] Cisco RV110W – Password Disclosure / Command ExecutionVuln: QEMU CVE-2018-16872 Directory Traversal VulnerabilityVuln: Geutebrück GmbH E2 Series IP Cameras CVE-2018-19007 OS Command Injection VulnerabilityVuln: Pixar Tractor CVE-2018-5411 HTML Injection VulnerabilityWebKitGTK+ / WPE WebKit Memory Corruption / Code ExecutionSafari Proxy Object Type ConfusionWindows UAC Protection BypassFalco 0.13.0[dos] Linux – ‘userfaultfd’ Bypasses tmpfs File Permissions[dos] WebKit JIT – Int32/Double Arrays can have Proxy Objects in the Prototype Chains[local] CyberLink LabelPrint 2.5 – Stack Buffer Overflow (Metasploit)Vuln: FreeBSD Network File System Multiple Security VulnerabilitiesVuln: QEMU CVE-2018-16867 Directory Traversal VulnerabilityFortify SSC 17.10 / 17.20 / 18.10 Project Insecure Direct Object ReferenceFortify SSC 17.10 / 17.20 / 18.10 User Detail Insecure Direct Object ReferenceWebDAV Server Serving DLLMicrosoft Security Update Summary For December 11, 2018Microsoft Security Bulletin CVE Revision Increment For December, 2018Ubuntu Security Notice USN-3844-1WebKit JIT Proxy Object IssueLogitech Options Craft WebSocket Server Missing AuthenticationLinux userfaultfd tmpfs File Permission BypassCUPS Weak Session Cookie GenerationPrinterOn Enterprise 4.1.4 Arbitrary File DeletionLanSpy 2.0.1.159 Buffer OverflowSmartFTP Client 9.0.2623.0 Denial Of ServicePHP Source Code AnalysisLinux/x86 execve(/usr/bin/ncat -lvp 1337 -e /bin/bash) ShellcodeAlumni Tracer SMS Notification Cross Site Request Forgery / SQL InjectionVuln: phpMyAdmin CVE-2018-19968 Local File Include VulnerabilityTourism Website Blog Code Execution / SQL InjectionPrestaShop 1.6.x / 1.7.x Remote Code Execution[webapps] PrestaShop 1.6.x/1.7.x – Remote Code ExecutionTP-Link Archer C1200 Cross Site Scripting[papers] PHP Source Code AnalysisAdobe ColdFusion 2018 Shell Upload[dos] SmartFTP Client 9.0.2623.0 – Denial of Service (PoC)Vuln: Oracle Solaris CVE-2017-3623 Remote Code Execution VulnerabilityHuawei B315s-22 Information Disclosure[dos] LanSpy 2.0.1.159 – Local Buffer Overflow (PoC)ThinkPHP 5.x Remote Code Execution[webapps] PrinterOn Enterprise 4.1.4 – Arbitrary File DeletionWordPress AutoSuggest 0.24 SQL Injection[webapps] TP-Link wireless router Archer C1200 – Cross-Site ScriptingApache OFBiz 16.11.05 Cross Site Scripting[webapps] ZTE ZXHN H168N – Improper Access RestrictionsHotelDruid 2.3 SQL Injection[webapps] Sitecore CMS 8.2 – Cross-Site Scripting / Arbitrary File DisclosureWordPress Snap Creek Duplicator Code Injection[webapps] IceWarp Mail Server 11.0.0.0 – Cross-Site Scripting[webapps] HotelDruid 2.3.0 – ‘id_utente_mod’ SQL Injection[webapps] WordPress Plugin AutoSuggest 0.24 – ‘wpas_keys’ SQL Injection[webapps] ThinkPHP 5.0.23/5.1.31 – Remote Code Execution[webapps] Adobe ColdFusion 2018 – Arbitrary File Upload[shellcode] Linux/x86 – execve(/usr/bin/ncat -lvp 1337 -e /bin/bash)+Null-Free Shellcode (95 bytes)[webapps] Apache OFBiz 16.11.05 – Cross-Site Scripting[webapps] Huawei B315s-22 – Information LeakVuln: SAP Kernel and Change and Transport System CVE-2018-2441 Security Bypass Vulnerability[webapps] DomainMOD 4.11.01 – Cross-Site ScriptingVuln: Adobe Acrobat and Reader APSB18-41 Multiple Arbitrary Code Execution VulnerabilitiesUbuntu Security Notice USN-3837-2Vuln: Adobe Acrobat and Reader APSB18-41 Multiple Information Disclosure VulnerabilitiesZoho ManageEngine OpManager 12.3 Cross Site Scripting[webapps] Tourism Website Blog – Remote Code Execution / SQL InjectionVuln: SAP HANA CVE-2018-2497 Security Bypass VulnerabilityFaraday 3.4[webapps] Alumni Tracer SMS Notification – SQL Injection / Cross-Site Request ForgeryVuln: Ghostscript CVE-2018-19409 Security Bypass VulnerabilityMcAfee True Key 5.1.173.1 Privilege Escalation[local] XNU – POSIX Shared Memory Mappings have Incorrect Maximum ProtectionVuln: Kubernetes API Server of Gardener CVE-2018-2475 Unauthorized Access VulnerabilityCyberLink LabelPrint 2.5 Stack Buffer Overflow[local] McAfee True Key – McAfee.TrueKey.Service Privilege Escalation

Cyber Watch

- Advertisement -

Deeper Learning