Over 3 million mail servers without encryption exposed to sniffing attacks
Over three million POP3 and IMAP mail servers without TLS encryption are currently exposed on the Internet and vulnerable to network sniffing attacks. [...]
Aggregator
Fireside chat with Graham Cluley about risks of AI adoption in 2025
8 months ago
Skip to content
总结-顺便聊聊bug bounty中的一些问题
8 months ago
赏金$3133的漏洞
8 months ago
总结-顺便聊聊bug bounty中的一些问题
8 months ago
总结-顺便聊聊bug bounty中的一些问题正文一眨眼功夫,2024年过去了,时间飞逝,近几年越来越感受到时间走的越来越快,现在对时间也越发珍惜.回到正题,整体来说,2024年和以前相比有了一定程度
赏金$3133的漏洞
8 months ago
某一天悠闲的午后,白帽小哥Atikqur坐在办公桌前,在 Google Slides 上准备着一场活动的演讲稿。幻灯片准备好后,开始点击演示者视图来预览它们,由于白帽小哥想与观众进行现场问答环节,因此
CVE-2012-1058 | Flyspray 0.9.9.6 index.php cross-site request forgery (EDB-18468 / ID 87110)
8 months ago
A vulnerability, which was classified as problematic, was found in Flyspray 0.9.9.6. Affected is an unknown function of the file index.php. The manipulation leads to cross-site request forgery.
This vulnerability is traded as CVE-2012-1058. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2012-1059 | osCommerce Online Merchant 3.0.2 value_title cross site scripting (EDB-18455 / ID 12620)
8 months ago
A vulnerability has been found in osCommerce Online Merchant 3.0.2 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument value_title leads to cross site scripting.
This vulnerability is known as CVE-2012-1059. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2012-1088 | Linux Kernel iproute stnes link following (Bug 797878 / Nessus ID 69671)
8 months ago
A vulnerability classified as problematic has been found in Linux Kernel. This affects the function stnes of the component iproute. The manipulation leads to link following.
This vulnerability is uniquely identified as CVE-2012-1088. An attack has to be approached locally. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2012-1117 | Joomla CMS 2.5.0/2.5.2 Highlight Plugin cross site scripting (ID 12733 / XFDB-73700)
8 months ago
A vulnerability, which was classified as critical, was found in Joomla CMS 2.5.0/2.5.2. Affected is an unknown function of the component Highlight Plugin. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2012-1117. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2012-1099 | Ruby on Rails up to 3.0.3 form_options_helper.rb cross site scripting (Bug 799276 / Nessus ID 59060)
8 months ago
A vulnerability was found in Ruby on Rails up to 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality in the library actionpack/lib/action_view/helpers/form_options_helper.rb. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2012-1099. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Alleged Data Leak of Kroll Export to FTX Crypto
8 months ago
Alleged Data Leak of Kroll Export to FTX Crypto
Dark Web Informer - Cyber Threat Intelligence
CVE-2012-1151 | Perl 2.17.1-2+squeeze1 DBD::Pg Module dbdimp.c pg_warn format string (Nessus ID 74579 / ID 350635)
8 months ago
A vulnerability classified as critical has been found in Perl 2.17.1-2+squeeze1. This affects the function pg_warn of the file dbdimp.c of the component DBD::Pg Module. The manipulation leads to format string.
This vulnerability is uniquely identified as CVE-2012-1151. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2012-1151 | Perl up to 2.1-5 DBD::Pg Module dbdimp.c dbd_st_prepare format string (Nessus ID 74579 / ID 350635)
8 months ago
A vulnerability classified as critical was found in Perl. This vulnerability affects the function dbd_st_prepare of the file dbdimp.c of the component DBD::Pg Module. The manipulation leads to format string.
This vulnerability was named CVE-2012-1151. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2012-1153 | appRain up to 0.1.5 File Upload memory corruption (EDB-18922 / ID 12664)
8 months ago
A vulnerability, which was classified as critical, was found in appRain up to 0.1.5. This affects an unknown part of the component File Upload. The manipulation leads to memory corruption.
This vulnerability is uniquely identified as CVE-2012-1153. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2012-1190 | phpMyAdmin up to 3.4.10.0 Replication Setup cross site scripting (Nessus ID 74557 / ID 12545)
8 months ago
A vulnerability was found in phpMyAdmin. It has been declared as problematic. This vulnerability affects unknown code of the component Replication Setup. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2012-1190. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2012-1350 | Cisco IOS 12.4jdd denial of service (Nessus ID 61574 / ID 43275)
8 months ago
A vulnerability has been found in Cisco IOS 12.4jdd and classified as critical. This vulnerability affects unknown code. The manipulation leads to denial of service.
This vulnerability was named CVE-2012-1350. The attack can be initiated remotely. There is no exploit available.
vuldb.com
Alleged VPN Access Sale to an Unidentified Italian Automotive Retail Industry
8 months ago
Alleged VPN Access Sale to an Unidentified Italian Automotive Retail Industry
Dark Web Informer - Cyber Threat Intelligence
CertiK Hack3D: Web3.0 年度安全报告(2024)
8 months ago
2024年Web3.0领域因安全事件导致的总损失超过23.63亿美元,同比增幅达31.61%。全年共发生760起安全事件,其中网络钓鱼和私钥泄露是两大主要攻击手段。
拟议更新HIPAA安全规则授权,以在72小时内恢复某些相关电子信息系统和数据的丢失
8 months ago
安全客