SLH
You must login to view this content
Aggregator
SLH
3 weeks 2 days ago
You must login to view this content
cohenido
Tor Browser больше не гарантирует анонимность. Рассказываем о бреши, которая позволяет следить за пользователями без куки
3 weeks 2 days ago
Как заставить Firefox рассказать о себе всё без лишних вопросов.
Hackers Can Exploit Ollama Model Uploads to Leak Sensitive Server Data
3 weeks 2 days ago
A critical, unpatched vulnerability has been discovered in Ollama, a widely used open-source platform for running Large Language Models locally. Tracked as CVE-2026-5757, this severe memory leak allows unauthenticated remote attackers to extract sensitive data directly from a server’s heap. Discovered by security researcher Jeremy Brown via AI-assisted vulnerability research and disclosed publicly on April […]
The post Hackers Can Exploit Ollama Model Uploads to Leak Sensitive Server Data appeared first on Cyber Security News.
Abinaya
Hackers Abuse Compromised Routers to Hide China-Linked Cyber Operations
3 weeks 2 days ago
A new and fast-moving cyber threat has emerged, where hackers linked to China are quietly building large networks of compromised routers and edge devices to carry out covert cyber operations against organisations around the world. Rather than setting up their own infrastructure from scratch, these threat actors have taken a smarter and far cheaper approach. […]
The post Hackers Abuse Compromised Routers to Hide China-Linked Cyber Operations appeared first on Cyber Security News.
Tushar Subhra Dutta
Inside agenteV2: How Brazilian Attackers Use Fake Court Summons to Steal Banking Credentials in Real Time
3 weeks 2 days ago
Editor’s note: The analysis is authored by Moises Cerqueira, malware researcher & threat hunter. You can find Moises on LinkedIn and X. A new phishing campaign targeting Brazilian users demonstrates how modern financial malware has evolved from simple credential theft into full-scale, operator-driven fraud platforms. Disguised as a judicial summons, this campaign leverages social engineering, multi-stage malware delivery, and real-time […]
The post Inside agenteV2: How Brazilian Attackers Use Fake Court Summons to Steal Banking Credentials in Real Time appeared first on ANY.RUN's Cybersecurity Blog.
Moises Cerqueira (0xOlympus)
【安全圈】UNC6692 通过微软 Teams 冒充 IT 服务台部署 SNOW 恶意软件
3 weeks 2 days ago
关键词恶意软件一个此前未被记录的威胁活动集群 UNC6692,被发现通过微软 Teams 利用社会工程策略,在
【安全圈】黑客利用 Breeze Cache WordPress 插件文件上传漏洞发动攻击
3 weeks 2 days ago
关键词漏洞黑客正在积极利用 WordPress 的 Breeze Cache 插件中的一个严重漏洞,该漏洞可让
【安全圈】Bitwarden CLI 的 npm 包遭入侵,开发者凭证被盗
3 weeks 2 days ago
关键词入侵攻击者将一个含有窃取凭证有效载荷的恶意 @bitwarden/cli 包上传至 npm,致使 Bit
CVE-2006-5324 | IBM WebSphere Application Server up to 6.1.0.1 Remote Code Execution (ID 87065 / XFDB-29642)
3 weeks 2 days ago
A vulnerability was found in IBM WebSphere Application Server up to 6.1.0.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. Such manipulation leads to Remote Code Execution.
This vulnerability is referenced as CVE-2006-5324. It is possible to launch the attack remotely. No exploit is available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2006-5325 | Dimitri Seitz Security Suite IP Logger mkb.php phpbb_root_path file inclusion
3 weeks 2 days ago
A vulnerability was found in Dimitri Seitz Security Suite IP Logger. It has been rated as critical. Affected by this issue is some unknown functionality of the file mkb.php. Performing a manipulation of the argument phpbb_root_path results in file inclusion.
This vulnerability is identified as CVE-2006-5325. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2006-5326 | Phpbb Prillian French Language Pack up to 0.8.0 phpbb_root_path file inclusion (SA22430 / ADV-2006-4040)
3 weeks 2 days ago
A vulnerability categorized as critical has been discovered in Phpbb Prillian French Language Pack up to 0.8.0. This affects an unknown part. Executing a manipulation of the argument phpbb_root_path can lead to file inclusion.
This vulnerability is tracked as CVE-2006-5326. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2006-4819 | Opera Web Browser 9.0 memory corruption (VU#484380 / Nessus ID 22875)
3 weeks 2 days ago
A vulnerability identified as critical has been detected in Opera Web Browser 9.0. This vulnerability affects unknown code. The manipulation leads to memory corruption.
This vulnerability is listed as CVE-2006-4819. The attack may be initiated remotely. There is no available exploit.
You should upgrade the affected component.
vuldb.com
CVE-2006-5327 | OpenBase 7.0.15/8.0.4/9.1.5/10.0 memory corruption (ID 115658 / XFDB-29624)
3 weeks 2 days ago
A vulnerability labeled as problematic has been found in OpenBase 7.0.15/8.0.4/9.1.5/10.0. This issue affects some unknown processing. The manipulation results in memory corruption.
This vulnerability is cataloged as CVE-2006-5327. The attack must be initiated from a local position. Furthermore, there is an exploit available.
vuldb.com
CVE-2006-5328 | OpenBase 7.0.15/8.0.4/9.1.5/10.0 symlink (ID 115658 / XFDB-30115)
3 weeks 2 days ago
A vulnerability marked as problematic has been reported in OpenBase 7.0.15/8.0.4/9.1.5/10.0. Impacted is an unknown function. This manipulation causes symlink following.
This vulnerability is registered as CVE-2006-5328. The attack needs to be launched locally. Furthermore, an exploit is available.
vuldb.com
CVE-2006-5333 | Oracle Database Server 10.2.0.2 sql injection (Nessus ID 56054 / ID 19211)
3 weeks 2 days ago
A vulnerability described as critical has been identified in Oracle Database Server 10.2.0.2. The affected element is an unknown function. Such manipulation leads to sql injection.
This vulnerability is documented as CVE-2006-5333. The attack can be executed remotely. Additionally, an exploit exists.
There is ongoing doubt regarding the real existence of this vulnerability.
A patch should be applied to remediate this issue.
vuldb.com
CVE-2006-5334 | Oracle Database Server 9.0.1.5 relate sql injection (Nessus ID 56054 / ID 19211)
3 weeks 2 days ago
A vulnerability classified as critical has been found in Oracle Database Server 9.0.1.5. The impacted element is the function Relate. Performing a manipulation results in sql injection.
This vulnerability is reported as CVE-2006-5334. The attack is possible to be carried out remotely. Moreover, an exploit is present.
The real existence of this vulnerability is still doubted at the moment.
To fix this issue, it is recommended to deploy a patch.
vuldb.com
CVE-2006-5335 | Oracle Database Server 10.1.0.5 bump_sequence sql injection (VU#736324 / Nessus ID 56054)
3 weeks 2 days ago
A vulnerability classified as critical was found in Oracle Database Server 10.1.0.5. This affects the function bump_sequence. Executing a manipulation can lead to sql injection.
This vulnerability appears as CVE-2006-5335. The attack may be performed from remote. In addition, an exploit is available.
It is still unclear if this vulnerability genuinely exists.
It is advisable to implement a patch to correct this issue.
vuldb.com
CVE-2006-5336 | Oracle Database Server 9.2.0.7 sql injection (VU#446100 / Nessus ID 56054)
3 weeks 2 days ago
A vulnerability, which was classified as critical, has been found in Oracle Database Server 9.2.0.7. This impacts an unknown function. The manipulation leads to sql injection.
This vulnerability is traded as CVE-2006-5336. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
The actual existence of this vulnerability is currently in question.
Applying a patch is the recommended action to fix this issue.
vuldb.com
CVE-2006-5332 | Oracle Database 9.2.0.6/10.1.0.4 Packets sql injection (VU#717140 / Nessus ID 56054)
3 weeks 2 days ago
A vulnerability identified as critical has been detected in Oracle Database 9.2.0.6/10.1.0.4. The affected element is an unknown function of the component Packets. Performing a manipulation results in sql injection.
This vulnerability was named CVE-2006-5332. The attack may be initiated remotely. In addition, an exploit is available.
The existence of this vulnerability is still disputed at present.
Applying a patch is the recommended action to fix this issue.
vuldb.com