Skyhigh Secure Web Gateway security bypass | CVE-2022-2310
NAME Skyhigh Secure Web Gateway security bypass Platforms Affected:Trellix Skyhigh Secure Web Gateway 11.0 Trellix Skyhigh Secure Web Gateway 11.2.0...
Node.js wm-accounts-auth module code execution |
NAME Node.js wm-accounts-auth module code execution Platforms Affected:Node.js wm-accounts-authRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js wm-accounts-auth module could allow a remote attacker...
Node.js @acrontum/filesystem-template module command execution | CVE-2022-21186
NAME Node.js @acrontum/filesystem-template module command execution Platforms Affected:Node.js @acrontum/filesystem-template 0.0.1Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Node.js @acrontum/filesystem-template module could allow...
WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2486
NAME WAVLINK WN535K2 and WN535K3 command execution Platforms Affected:Wavlink WN535K2 Wavlink WN535K3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WAVLINK WN535K2 and WN535K3 could...
Node.js elementor-developers-docs module code execution |
NAME Node.js elementor-developers-docs module code execution Platforms Affected:Node.js elementor-developers-docsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js elementor-developers-docs module could allow a remote attacker...
Node.js route-sonar module code execution |
NAME Node.js route-sonar module code execution Platforms Affected:Node.js route-sonarRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js route-sonar module could allow a remote attacker...
Node.js lido-dao-test-dp module code execution |
NAME Node.js lido-dao-test-dp module code execution Platforms Affected:Node.js lido-dao-test-dpRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js lido-dao-test-dp module could allow a remote attacker...
Node.js stripe-demo-connect-standard-saas-platform module code execution |
NAME Node.js stripe-demo-connect-standard-saas-platform module code execution Platforms Affected:Node.js stripe-demo-connect-standard-saas-platformRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js stripe-demo-connect-standard-saas-platform module could allow a remote attacker...
Node.js bitmovin-internal module code execution |
NAME Node.js bitmovin-internal module code execution Platforms Affected:Node.js bitmovin-internalRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js bitmovin-internal module could allow a remote attacker...
WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2487
NAME WAVLINK WN535K2 and WN535K3 command execution Platforms Affected:Wavlink WN535K2 Wavlink WN535K3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WAVLINK WN535K2 and WN535K3 could...
PATLITE NHL-3FB2/NHP-3FB2 buffer overflow | CVE-2022-35911
NAME PATLITE NHL-3FB2/NHP-3FB2 buffer overflow Platforms Affected:PATLITE NHL-3FB2/NHP-3FB2 1.46 PATLITE NHL-3FB2/NHP-3FB2 1.45Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION PATLITE NHL-3FB2/NHP-3FB2 is vulnerable to...
Node.js twilio-bugcrowd-poc-twilio-flex-ui-sample module code execution |
NAME Node.js twilio-bugcrowd-poc-twilio-flex-ui-sample module code execution Platforms Affected:Node.js twilio-bugcrowd-poc-twilio-flex-ui-sampleRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js twilio-bugcrowd-poc-twilio-flex-ui-sample module could allow a remote attacker...
WAVLINK WN535K2 and WN535K3 command execution | CVE-2022-2488
NAME WAVLINK WN535K2 and WN535K3 command execution Platforms Affected:Wavlink WN535K2 Wavlink WN535K3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION WAVLINK WN535K2 and WN535K3 could...
Node.js shaikh-test module code execution |
NAME Node.js shaikh-test module code execution Platforms Affected:Node.js shaikh-testRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js shaikh-test module could allow a remote attacker...
Update Google Chrome now! New version includes 11 important security patches
The latest Google Chrome update includes 11 security fixes, some of which could be exploited by an attacker to take...
Lock down your Neopets account: Data breach being investigated
Bad news for players of long-time virtual pet management title Neopets. Word is spreading of a compromise claimed to have...
Zero Day attacks target online stores using PrestaShop
Thera actors are exploiting a zero-day vulnerability to steal payment information from sites using the open source e-commerce platform PrestaShop. Threat actors are...
Daily Vulnerability Trends: Tue Jul 26 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2294 No description provided CVE-2022-25277 No description provided CVE-2022-1040An authentication bypass vulnerability...
CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit
Introduction Rootkits are malware implants which burrow themselves in the deepest corners of the operating system. Although on paper they...
Empire
Today we wanted to cover one of the lesser-known functions in Empire, the ReverseShell stager. The name may not be...
CosmicStrand, a new sophisticated UEFI firmware rootkit linked to China
Kaspersky uncovered a new UEFI firmware rootkit, tracked as CosmicStrand, which it attributes to an unknown Chinese-speaking threat actor. Researchers...
Cobalt Stike Beacon Detected – 120[.]78[.]168[.]137:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]46[.]207[.]85:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]199[.]162[.]174:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
