science and technology Microsoft Windows 7 (x86) BlueKeep RDP Use-After-Free By packetstormsecurity.com Published On :: Tue, 19 Nov 2019 15:05:11 GMT Microsoft Windows 7 (x86) BlueKeep remote desktop protocol windows kernel use-after-free exploit. Full Article
science and technology Microsoft Teams Instant Messenger DLL Hijacking By packetstormsecurity.com Published On :: Mon, 16 Dec 2019 15:58:17 GMT Microsoft Teams Instant Messenger application on Windows 7 SP1 fully patched is vulnerable to remote DLL hijacking. Full Article
science and technology Plantronics Hub SpokesUpdateService Privilege Escalation By packetstormsecurity.com Published On :: Wed, 15 Jan 2020 17:07:53 GMT The Plantronics Hub client application for Windows makes use of an automatic update service SpokesUpdateService.exe which automatically executes a file specified in the MajorUpgrade.config configuration file as SYSTEM. The configuration file is writable by all users by default. This module has been tested successfully on Plantronics Hub version 3.13.2 on Windows 7 SP1 (x64). This Metasploit module has been tested successfully on Plantronics Hub version 3.13.2 on Windows 7 SP1 (x64). Full Article
science and technology Microsoft Windows 7 Screen Lock Shellcode By packetstormsecurity.com Published On :: Wed, 22 Jan 2020 16:02:06 GMT 9 bytes small Microsoft Windows 7 screen locking shellcode. Full Article
science and technology Windscribe WindscribeService Named Pipe Privilege Escalation By packetstormsecurity.com Published On :: Wed, 05 Feb 2020 18:54:05 GMT The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.pipeWindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested successfully on Windscribe versions 1.80 and 1.81 on Windows 7 SP1 (x64). Full Article
science and technology Red Hat Security Advisory 2019-1790-01 By packetstormsecurity.com Published On :: Tue, 16 Jul 2019 20:10:26 GMT Red Hat Security Advisory 2019-1790-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability. Full Article
science and technology Red Hat Security Advisory 2019-1942-01 By packetstormsecurity.com Published On :: Tue, 30 Jul 2019 18:17:37 GMT Red Hat Security Advisory 2019-1942-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability. Full Article
science and technology Red Hat Security Advisory 2019-2097-01 By packetstormsecurity.com Published On :: Tue, 06 Aug 2019 21:11:21 GMT Red Hat Security Advisory 2019-2097-01 - The Archive::Tar module provides a mechanism for Perl scripts to manipulate tar archive files. Issues addressed include a traversal vulnerability. Full Article
science and technology Red Hat Security Advisory 2019-2400-01 By packetstormsecurity.com Published On :: Wed, 07 Aug 2019 20:08:30 GMT Red Hat Security Advisory 2019-2400-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include a buffer overflow vulnerability. Full Article
science and technology Webmin 1.920 password_change.cgi Backdoor By packetstormsecurity.com Published On :: Fri, 23 Aug 2019 20:09:56 GMT This Metasploit module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForge downloads were backdoored, but they are listed as official downloads on the project's site. Unknown attacker(s) inserted Perl qx statements into the build server's source code on two separate occasions: once in April 2018, introducing the backdoor in the 1.890 release, and in July 2018, reintroducing the backdoor in releases 1.900 through 1.920. Only version 1.890 is exploitable in the default install. Later affected versions require the expired password changing feature to be enabled. Full Article
science and technology Gentoo Linux Security Advisory 201909-01 By packetstormsecurity.com Published On :: Fri, 06 Sep 2019 22:21:33 GMT Gentoo Linux Security Advisory 201909-1 - Multiple vulnerabilities have been found in Perl, the worst of which could result in the arbitrary execution of code. Versions less than 5.28.2 are affected. Full Article
science and technology Debian Security Advisory 4584-1 By packetstormsecurity.com Published On :: Mon, 16 Dec 2019 15:59:48 GMT Debian Linux Security Advisory 4584-1 - Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Full Article
science and technology Red Hat Security Advisory 2020-1616-01 By packetstormsecurity.com Published On :: Tue, 28 Apr 2020 20:22:15 GMT Red Hat Security Advisory 2020-1616-01 - Irssi is a modular IRC client with Perl scripting. Issues addressed include a use-after-free vulnerability. Full Article
science and technology Amadeus Airline Check-In Bug Exposed Boarding Passes By packetstormsecurity.com Published On :: Tue, 16 Jul 2019 13:53:49 GMT Full Article headline privacy data loss spyware terror
science and technology JetBlue Bomb Scare Set Off With Apple AirDrop By packetstormsecurity.com Published On :: Wed, 17 Jul 2019 13:08:16 GMT Full Article headline apple terror
science and technology It's Hacker Summer Camp This Week - Expect Searches For Guns In Your Hotel Room By packetstormsecurity.com Published On :: Mon, 05 Aug 2019 14:42:12 GMT Full Article headline hacker government usa terror conference
science and technology MS Catches Russian State Hackers Using IoT Devices For Breaches By packetstormsecurity.com Published On :: Tue, 06 Aug 2019 21:43:05 GMT Full Article headline hacker microsoft russia cyberwar spyware terror
science and technology Boeing Code Leak Exposes Security Flaws Deep In 787s By packetstormsecurity.com Published On :: Fri, 09 Aug 2019 16:04:18 GMT Full Article headline flaw terror
science and technology What Would Happen If The Whole Internet Just Shutdown All Of A Sudden? By packetstormsecurity.com Published On :: Mon, 19 Aug 2019 15:06:10 GMT Full Article headline data loss terror
science and technology US Hospitals Turn Away Patients As Ransomware Strikes By packetstormsecurity.com Published On :: Wed, 02 Oct 2019 14:54:59 GMT Full Article headline hacker malware cybercrime fraud terror
science and technology Planes, Gate, And Bags: How Hackers Can Hijack Your Local Airport By packetstormsecurity.com Published On :: Fri, 11 Oct 2019 14:57:26 GMT Full Article headline hacker terror
science and technology Lights That Warn Planes Of Obstacles Were Exposed To Open Internet By packetstormsecurity.com Published On :: Fri, 22 Nov 2019 15:38:21 GMT Full Article headline hacker flaw terror
science and technology Pensacola Hit With Cyber Attack Hours After Shooting At Naval Base By packetstormsecurity.com Published On :: Tue, 10 Dec 2019 14:57:35 GMT Full Article headline government usa terror
science and technology N.J. Hospital System Pays Up In Ransomware Attack By packetstormsecurity.com Published On :: Tue, 17 Dec 2019 15:37:08 GMT Full Article headline hacker malware cybercrime fraud terror cryptography
science and technology Hackers Steal Data For 15 Million Patients And Then Sell It Back By packetstormsecurity.com Published On :: Wed, 18 Dec 2019 13:57:18 GMT Full Article headline hacker cybercrime data loss fraud terror cryptography
science and technology Feds Once Again Demand Apple Unlock Encrypted iPhones By packetstormsecurity.com Published On :: Wed, 08 Jan 2020 16:25:50 GMT Full Article headline government privacy usa phone apple terror fbi cryptography
science and technology Barr Pushes Apple For Help To Unlock Gunman's Phone By packetstormsecurity.com Published On :: Tue, 14 Jan 2020 15:50:39 GMT Full Article headline government privacy usa phone apple terror
science and technology FBI Arrests Man Suspected Of Dozens Of Swatting Calls By packetstormsecurity.com Published On :: Wed, 15 Jan 2020 17:03:43 GMT Full Article headline fraud terror fbi
science and technology Fake SWAT Calls Hit Tech Execs By packetstormsecurity.com Published On :: Fri, 24 Jan 2020 16:52:11 GMT Full Article headline government facebook terror
science and technology Cybersecurity Lacking At Most Of The World's Major Airports By packetstormsecurity.com Published On :: Fri, 31 Jan 2020 15:28:20 GMT Full Article headline hacker privacy data loss flaw terror
science and technology Tesla Autopilot Duped By Phantom Images By packetstormsecurity.com Published On :: Wed, 05 Feb 2020 17:05:20 GMT Full Article headline flaw terror
science and technology US-Wanted Algerian Hacker Arrested In Thailand By packetstormsecurity.com Published On :: Mon, 07 Jan 2013 15:06:52 GMT Full Article headline hacker government usa thailand algeria
science and technology School ERP System 1.0 Cross Site Request Forgery By packetstormsecurity.com Published On :: Mon, 03 Feb 2020 16:16:46 GMT School ERP System version 1.0 suffers from a cross site request forgery vulnerability. Full Article
science and technology AVideo Platform 8.1 Cross Site Request Forgery By packetstormsecurity.com Published On :: Wed, 05 Feb 2020 18:33:56 GMT AVideo Platform version 8.1 suffers from a cross site request forgery vulnerability. Full Article
science and technology Online Job Portal 1.0 Cross Site Request Forgery By packetstormsecurity.com Published On :: Thu, 06 Feb 2020 17:43:41 GMT Online Job Portal version 1.0 suffers from a cross site request forgery vulnerability. Full Article
science and technology SOPlanning 1.45 Cross Site Request Forgery By packetstormsecurity.com Published On :: Sat, 15 Feb 2020 19:59:22 GMT SOPlanning version 1.45 suffers from a cross site request forgery vulnerability. Full Article
science and technology Ice HRM 26.2.0 Cross Site Request Forgery By packetstormsecurity.com Published On :: Sun, 16 Feb 2020 20:22:22 GMT Ice HRM version 26.2.0 suffers from a cross site request forgery vulnerability. Full Article
science and technology Easy2Pilot 7 Cross Site Request Forgery By packetstormsecurity.com Published On :: Thu, 20 Feb 2020 17:41:12 GMT Easy2Pilot version 7 suffers from a cross site request forgery vulnerability. Full Article
science and technology CandidATS 2.1.0 Cross Site Request Forgery By packetstormsecurity.com Published On :: Mon, 24 Feb 2020 09:24:01 GMT CandidATS version 2.1.0 suffers from a cross site request forgery vulnerability. Full Article
science and technology Easy2Pilot 8 SQL Injection / Cross Site Request Forgery By packetstormsecurity.com Published On :: Wed, 26 Feb 2020 04:44:44 GMT Easy2Pilot version 8 suffers from remote SQL injection, backdoor account, and cross site request forgery vulnerabilities. Full Article
science and technology Business Live Chat Software 1.0 Cross Site Request Forgery By packetstormsecurity.com Published On :: Wed, 26 Feb 2020 17:02:22 GMT Business Live Chat Software version 1.0 suffers from a cross site request forgery vulnerability. Full Article
science and technology WordPress Tutor LMS 1.5.3 Cross Site Request Forgery By packetstormsecurity.com Published On :: Mon, 02 Mar 2020 15:26:06 GMT WordPress Tutor LMS plugin version 1.5.3 suffers from a cross site request forgery vulnerability. Full Article
science and technology Wing FTP Server 6.2.3 Cross Site Request Forgery By packetstormsecurity.com Published On :: Wed, 11 Mar 2020 12:02:22 GMT Wing FTP Server version 2.3 suffers from a cross site request forgery vulnerability. Full Article
science and technology HRSALE 1.1.8 Cross Site Request Forgery By packetstormsecurity.com Published On :: Thu, 12 Mar 2020 19:47:06 GMT HRSALE version 1.1.8 suffers from a cross site request forgery vulnerability. Full Article
science and technology Enhanced Multimedia Router 3.0.4.27 Cross Site Request Forgery By packetstormsecurity.com Published On :: Mon, 16 Mar 2020 13:50:22 GMT Enhanced Multimedia Router version 3.0.4.27 suffers from a cross site request forgery vulnerability. Full Article
science and technology Exagate Sysguard 6001 Cross Site Request Forgery By packetstormsecurity.com Published On :: Fri, 20 Mar 2020 14:45:22 GMT Exagate Sysguard 6001 suffers from a cross site request forgery vulnerability. Full Article
science and technology ECK Hotel 1.0 Cross Site Request Forgery By packetstormsecurity.com Published On :: Fri, 27 Mar 2020 13:11:49 GMT ECK Hotel version 1.0 suffers from a cross site request forgery vulnerability. Full Article
science and technology Red Hat Security Advisory 2020-1050-01 By packetstormsecurity.com Published On :: Wed, 01 Apr 2020 15:05:46 GMT Red Hat Security Advisory 2020-1050-01 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. Issues addressed include a cross site request forgery vulnerability. Full Article
science and technology Prestashop 1.7.6.4 XSS / CSRF / Remote Code Execution By packetstormsecurity.com Published On :: Fri, 17 Apr 2020 21:26:17 GMT Prestashop versions 1.7.6.4 and below suffer from code execution, cross site request forgery, and cross site scripting vulnerabilities. Full Article
science and technology P5 FNIP-8x16A/FNIP-4xSH CSRF / Cross Site Scripting By packetstormsecurity.com Published On :: Tue, 21 Apr 2020 14:15:30 GMT P5 FNIP-8x16A / FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from cross site request forgery and cross site scripting vulnerabilities. Full Article
