Aggregator

CVE-2012-1182 | Samba up to 3.6.x ReportEventW numeric error (ZDI-12-072 / EDB-21850)

Vuldb Updates
2 months 4 weeks ago
A vulnerability, which was classified as very critical, has been found in Samba up to 3.6.x. This issue affects the function ReportEventW. The manipulation leads to numeric error. The identification of this vulnerability is CVE-2012-1182. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2009-2674 | Sun JRE/JDK 1.5.0 javaws.exe access control (Nessus ID 43774 / ID 185074)

Vuldb Updates
2 months 4 weeks ago
A vulnerability, which was classified as critical, has been found in Sun JRE and JDK 1.5.0. Affected by this issue is some unknown functionality of the file javaws.exe. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2009-2674. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-34115 | Adobe Substance 3D Stager SKP File Parser out-of-bounds write

Vuldb Updates
2 months 4 weeks ago
A vulnerability classified as critical has been found in Adobe Substance 3D Stager. This affects an unknown part of the component SKP File Parser. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2024-34115. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-2092 | Elementor Addon Elements Plugin up to 1.13.3 on WordPress Twitter Widget cross site scripting

Vuldb Updates
2 months 4 weeks ago
A vulnerability was found in Elementor Addon Elements Plugin up to 1.13.3 on WordPress. It has been classified as problematic. This affects an unknown part of the component Twitter Widget. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-2092. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2024-5892 | badhonrocks Divi Torque Lite Plugin up to 3.6.6 on WordPress support_unfiltered_files_upload cross site scripting

Vuldb Updates
2 months 4 weeks ago
A vulnerability, which was classified as problematic, has been found in badhonrocks Divi Torque Lite Plugin up to 3.6.6 on WordPress. Affected by this issue is the function support_unfiltered_files_upload. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-5892. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2024-3492 | Events Manager Plugin up to 6.4.7.3 on WordPress Shortcode event_category cross site scripting

Vuldb Updates
2 months 4 weeks ago
A vulnerability classified as problematic has been found in Events Manager Plugin up to 6.4.7.3 on WordPress. Affected is the function event_category of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-3492. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

CVE-2024-5739 | LINE Client up to 14.9.0 on iOS In-app Browser cross site scripting

Vuldb Updates
2 months 4 weeks ago
A vulnerability was found in LINE Client up to 14.9.0 on iOS. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component In-app Browser. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-5739. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-3925 | bdthemes Element Pack Elementor Addons Plugin up to 5.6.7 on WordPress cross site scripting

Vuldb Updates
2 months 4 weeks ago
A vulnerability was found in bdthemes Element Pack Elementor Addons Plugin up to 5.6.7 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-3925. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2024-4924 | Social Sharing Plugin up to 3.3.62 on WordPress Setting cross site scripting

Vuldb Updates
2 months 4 weeks ago
A vulnerability, which was classified as problematic, was found in Social Sharing Plugin up to 3.3.62 on WordPress. This affects an unknown part of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-4924. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-5897 | SourceCodester Employee and Visitor Gate Pass Logging System 1.0 Master.php?f=log_visitor Name cross site scripting

Vuldb Updates
2 months 4 weeks ago
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=log_visitor. The manipulation of the argument Name leads to cross site scripting. This vulnerability is known as CVE-2024-5897. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-21320 | Microsoft Windows up to Server 2022 Themes information disclosure (EDB-52092)

Vuldb Updates
2 months 4 weeks ago
A vulnerability was found in Microsoft Windows. It has been classified as problematic. Affected is an unknown function of the component Themes. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-21320. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

伪装成 DeepSeek 的 Android 恶意软件窃取用户登录凭证

嘶吼
2 months 4 weeks ago

最近,一种伪装成 DeepSeek AI 应用程序的 Android 恶意软件出现,构成了严重的网络安全威胁。

该恶意软件旨在诱使用户下载 DeepSeek 应用程序的虚假版本,进而通过窃取登录凭据等敏感信息,危害用户设备的安全。

恶意软件传播和安装

该恶意软件通过网络钓鱼链接传播,如 hxxps://deepsekk [.] sbs,这些链接会引导用户下载以哈希值命名的恶意 APK 文件 DeepSeek.apk(哈希值为 e1ff086b629ce744a7c8dbe6f3db0f68)。

下载页面

一旦安装,该应用程序会与真正的 DeepSeek 图标一同出现在设备的应用程序抽屉中,致使用户难以将其与合法版本区分开来。

启动虚假应用程序后,系统会提示用户进行更新,而这一操作需要用户启用 “允许来自此来源” 选项,并安装附加应用程序。这一过程会导致设备上安装两个恶意软件实例,且每个实例都有不同的软件包名称,分别为 com.hello.world 和 com.vgsupervision_kit291。

技术分析和影响

该恶意应用程序采用了先进的规避技术,其中包括对 APK 文件进行密码保护,这使得使用 APKTool 和 Jadx 等标准工具进行分析变得极为复杂。不过,Android SDK 工具 aapt 能够成功解析该应用程序。

名为 com.vgsupervision_kit29 的儿童应用程序,频繁提示用户启用辅助服务,以获取在设备上提升权限的许可。

儿童应用安装过程

根据 K7 安全实验室的报告,该应用程序运用域生成算法(DGA)进行命令和控制(C2)通信,这使得跟踪和阻止其活动变得更加困难。

该恶意软件会扫描设备中已安装的应用程序,并将这些信息传输至 C2 服务器,进一步侵犯用户隐私。

为防范此类威胁,建议用户仅从 Google Play 和 App Store 等信誉良好的平台下载应用程序,并及时使用最新的安全补丁更新设备。此外,利用信誉良好的移动安全产品,如 K7 Mobile Security,也有助于检测和防范这些类型的恶意软件攻击。

山卡拉

CVE-2001-0150 | Microsoft Internet Explorer 5.0.1/5.5 SFU Telnet Client privileges management (MS01-015 / EDB-20680)

Vuldb Updates
2 months 4 weeks ago
A vulnerability has been found in Microsoft Internet Explorer 5.0.1/5.5 and classified as critical. This vulnerability affects unknown code of the component SFU Telnet Client. The manipulation leads to improper privilege management. This vulnerability was named CVE-2001-0150. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Managed ad