Qilin
You must login to view this content
Aggregator
Qilin
10 months ago
You must login to view this content
cohenido
Qilin
10 months ago
You must login to view this content
cohenido
CVE-2008-2375 | vsftpd up to 2.0.4 resource management (Nessus ID 67721 / ID 155091)
10 months ago
A vulnerability classified as critical has been found in vsftpd. Affected is an unknown function. The manipulation leads to improper resource management.
This vulnerability is traded as CVE-2008-2375. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2008-2374 | bluez Bluez Utils up to 3.32 improper validation of specified quantity in input (Nessus ID 67723 / ID 117266)
10 months ago
A vulnerability, which was classified as critical, was found in bluez Bluez Utils up to 3.32. Affected is an unknown function. The manipulation leads to improper validation of specified quantity in input.
This vulnerability is traded as CVE-2008-2374. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2008-5660 | GNOME vinagre up to 2.24.1 vinagre_utils_show_error format string (EDB-7401 / Nessus ID 40148)
10 months ago
A vulnerability, which was classified as critical, has been found in GNOME vinagre up to 2.24.1. Affected by this issue is the function vinagre_utils_show_error. The manipulation leads to format string.
This vulnerability is handled as CVE-2008-5660. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Attackers are mapping your attack surface—are you?
10 months ago
Attackers are mapping your infrastructure before you even realize what's exposed. Sprocket ASM flips the script — giving you the same recon capabilities they use, plus change detection and actionable insights to close gaps fast. See your attack surface the way hackers do and beat them to it. [...]
Sponsored by Sprocket Security
A Defense-in-Depth Approach for the Modern Era
10 months ago
By integrating intelligent network policies, zero-trust principles, and AI-driven insights, enterprises can create a robust defense against the next generation of cyber threats.
Micah Bartell
Streamline SCA with Sonatype’s build-safe automation
10 months ago
As open source adoption accelerates across the enterprise, so too does its complexity. Development teams are building software with hundreds of components, each carrying its own risks, release cycles, and dependencies.
The post Streamline SCA with Sonatype’s build-safe automation appeared first on Security Boulevard.
Aaron Linskens
CVE-2008-0850 | Dokeos 1.8.4 whoisonline.php tutor_name sql injection (EDB-31200 / Nessus ID 31116)
10 months ago
A vulnerability classified as critical was found in Dokeos 1.8.4. This vulnerability affects unknown code of the file whoisonline.php. The manipulation of the argument tutor_name leads to sql injection.
This vulnerability was named CVE-2008-0850. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Victoria’s Secret website down as company investigates security incident
10 months ago
The retailer's domain now features a brief message to customers explaining that it has “identified and are taking steps to address a security incident.”
WEP协议安全解析:设计缺陷与破解原理
10 months ago
本文借WEP协议的背景、原理、机制和破解来说明,即便是全球性的组织,即便是汇聚了众多顶级的专家,当安全意识和安全设计不被大家所重视的时候,其设计的产物也会存在非常薄弱的安全问题。
CVE-2023-37888 | Averta Shortcodes and Extra Features for Phlox Theme up to 2.14.0 on WordPress path traversal
10 months ago
A vulnerability, which was classified as critical, was found in Averta Shortcodes and Extra Features for Phlox Theme up to 2.14.0 on WordPress. This affects an unknown part. The manipulation leads to path traversal.
This vulnerability is uniquely identified as CVE-2023-37888. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
Windows 11 File Explorer Vulnerability Enables NTLM Hash Theft
10 months ago
A newly disclosed vulnerability, CVE-2025-24071, has been identified in Windows File Explorer, specifically affecting Windows 11 (23H2) and earlier versions that support .library-ms files and the SMB protocol. This flaw enables attackers to capture NTLM (New Technology LAN Manager) authentication hashes simply by tricking a user into extracting a malicious ZIP archive—no further interaction is […]
The post Windows 11 File Explorer Vulnerability Enables NTLM Hash Theft appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Anupriya
VirtualBox теперь на GitHub. И да, Windows 11 под Arm — официально
10 months ago
Установка стала проще, а возможности — шире.
New Browser Exploit Technique Undermines Phishing Detection
10 months ago
Fullscreen Browser-in-the-Middle attacks are making it harder for users to detect malicious websites
Dark Partner Hackers Leverage Fake AI, VPN, and Crypto Sites to Target macOS and Windows Users
10 months ago
A group dubbed “Dark Partners” by cybersecurity researchers has launched a sophisticated malware campaign targeting both macOS and Windows users through a network of deceptive websites impersonating well-known AI, VPN, and software brands. This operation, which has been active for several months, employs meticulously crafted landing pages mimicking services such as Haiper, TradingView, Windscribe, and […]
The post Dark Partner Hackers Leverage Fake AI, VPN, and Crypto Sites to Target macOS and Windows Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers
10 months ago
Cybersecurity researchers have taken the wraps off an unusual cyber attack that leveraged malware with corrupted DOS and PE headers, according to new findings from Fortinet.
The DOS (Disk Operating System) and PE (Portable Executable) headers are essential parts of a Windows PE file, providing information about the executable.
While the DOS header makes the executable file backward compatible
The Hacker News
Microsoft Authenticator Phases Out Password Features and Apple Watch Support
10 months ago
Microsoft is phasing out password features in Authenticator. Transition to Edge for autofill and explore passwordless authentication. Learn more!
The post Microsoft Authenticator Phases Out Password Features and Apple Watch Support appeared first on Security Boulevard.
Pradeep Singh
19 Billion Passwords Leaked: Protect Yourself from Cyber Threats
10 months ago
Discover the implications of the 19 billion passwords leaked in the RockYou2024 breach. Learn essential actions to secure your accounts now!
The post 19 Billion Passwords Leaked: Protect Yourself from Cyber Threats appeared first on Security Boulevard.
Gopal Ghelot