Aggregator

CVE-2000-0429 | Mcmurtrey Whitaker And Associates Cart32 2.6/3.0 backdoor (EDB-19881 / Nessus ID 10389)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Mcmurtrey Whitaker And Associates Cart32 2.6/3.0. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to backdoor. The identification of this vulnerability is CVE-2000-0429. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Threat Actors Attacking Job Seekers With Three New Unique Adversaries

Cyber Security News
2 months 2 weeks ago

A significant surge in sophisticated recruitment scams has emerged, with cybercriminals exploiting economic vulnerabilities and the competitive job market to target desperate job seekers. These scams employ increasingly refined social engineering tactics that blend legitimate recruitment practices with fraudulent schemes, making them particularly effective at evading detection while extracting money and personal information from victims. […]

The post Threat Actors Attacking Job Seekers With Three New Unique Adversaries appeared first on Cyber Security News.

Tushar Subhra Dutta

CVE-2020-3747 | Adobe Acrobat Reader out-of-bounds (APSB20-05)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Adobe Acrobat Reader up to 2015.006.30508/2017.011.30156/2019.021.20061 and classified as problematic. This issue affects some unknown processing. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2020-3747. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-8951 | Fiserv Accurate Reconciliation 2.19.0 Configuration Manager Parameter cross site scripting

Vuldb Updates
2 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in Fiserv Accurate Reconciliation 2.19.0. This affects an unknown part of the component Configuration Manager. The manipulation as part of Parameter leads to cross site scripting. This vulnerability is uniquely identified as CVE-2020-8951. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2020-8952 | Fiserv Accurate Reconciliation 2.19.0 logout.jsp timeOut cross site scripting

Vuldb Updates
2 months 2 weeks ago
A vulnerability has been found in Fiserv Accurate Reconciliation 2.19.0 and classified as problematic. This vulnerability affects unknown code of the file logout.jsp. The manipulation of the argument timeOut as part of Parameter leads to cross site scripting. This vulnerability was named CVE-2020-8952. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2019-15795 | python-apt MD5 apt/package.py risky encryption

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in python-apt. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file apt/package.py of the component MD5 Handler. The manipulation leads to risky cryptographic algorithm. This vulnerability is known as CVE-2019-15795. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2019-15796 | python-apt prior 1.9.0ubuntu1.2 Hash apt/package.py improper authentication

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in python-apt. It has been rated as critical. Affected by this issue is some unknown functionality of the file apt/package.py of the component Hash Handler. The manipulation leads to improper authentication. This vulnerability is handled as CVE-2019-15796. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-10968 | FasterXML jackson-databind up to 2.9.10.3 Gadget deserialization (Issue 2662)

Vuldb Updates
2 months 2 weeks ago
A vulnerability classified as critical has been found in FasterXML jackson-databind up to 2.9.10.3. This affects an unknown part of the component Gadget Handler. The manipulation leads to deserialization. This vulnerability is uniquely identified as CVE-2020-10968. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-10969 | FasterXML jackson-databind up to 2.9.10.3 Gadget deserialization (Issue 2642)

Vuldb Updates
2 months 2 weeks ago
A vulnerability classified as critical was found in FasterXML jackson-databind up to 2.9.10.3. This vulnerability affects unknown code of the component Gadget Handler. The manipulation leads to deserialization. This vulnerability was named CVE-2020-10969. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-5339 | Dell RSA Authentication Manager up to 8.4 P9 Security Console Stored cross site scripting (DSA-2020-052)

Vuldb Updates
2 months 2 weeks ago
A vulnerability has been found in Dell RSA Authentication Manager up to 8.4 P9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Security Console. The manipulation leads to cross site scripting (Stored). This vulnerability is known as CVE-2020-5339. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2020-5340 | Dell RSA Authentication Manager up to 8.4 P9 Security Console Stored cross site scripting (DSA-2020-052)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Dell RSA Authentication Manager up to 8.4 P9 and classified as problematic. Affected by this issue is some unknown functionality of the component Security Console. The manipulation leads to cross site scripting (Stored). This vulnerability is handled as CVE-2020-5340. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2020-8910 | Google Closure Library up to 20200224 URL Parser information disclosure

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Google Closure Library up to 20200224. It has been rated as problematic. This issue affects some unknown processing of the component URL Parser. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2020-8910. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-1800 | Huawei P30 up to 10.0.0 Access Control Crafted Application authorization (sa-20200325-02)

Vuldb Updates
2 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Huawei P30 up to 10.0.0. Affected is an unknown function of the component Access Control. The manipulation as part of Crafted Application leads to incorrect authorization. This vulnerability is traded as CVE-2020-1800. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-9066 | Huawei Smart Phone up to 10.0.1 Application improper authentication (sa-20200325-01)

Vuldb Updates
2 months 2 weeks ago
A vulnerability classified as critical was found in Huawei Smart Phone up to 10.0.1. Affected by this vulnerability is an unknown functionality. The manipulation as part of Application leads to improper authentication. This vulnerability is known as CVE-2020-9066. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Chinese Hackers Exploit SAP RCE Vulnerability to Upload Supershell Backdoors

Cyber Security News
2 months 2 weeks ago

A critical remote code execution vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324) is being actively exploited by a Chinese threat actor to compromise enterprise systems worldwide. The vulnerability allows attackers to achieve remote code execution by uploading malicious web shells through the vulnerable /developmentserver/metadatauploader endpoint. Exploitation has been observed primarily targeting manufacturing environments, where compromised […]

The post Chinese Hackers Exploit SAP RCE Vulnerability to Upload Supershell Backdoors appeared first on Cyber Security News.

Tushar Subhra Dutta

CVE-2001-1107 | Snapstream Personal Video Station 1.2a Password Storage SSD.ini cleartext storage (EDB-21035 / XFDB-6917)

Vuldb Updates
2 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Snapstream Personal Video Station 1.2a. This issue affects some unknown processing of the file SSD.ini of the component Password Storage. The manipulation leads to cleartext storage of sensitive information. The identification of this vulnerability is CVE-2001-1107. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad