Search
Keyword: possible
SAP BusinessObjects is prone to multiple URI-redirection issues and multiple cross-site scripting issues because it fails to sufficiently sanitize user-supplied input.
A...
XXE vulnerability in SAP BW can lead to arbitrary file reading or an SMBRelay attack. By exploiting this vulnerability, an internal or external attacker will be able to access any files located in ...
Apache Struts2 is prone to a remote arbitrary file-upload vulnerability because it fails to sufficiently sanitize user-supplied input.
Attackers can exploit this issue to...
Oracle Business Transaction Management Server is prone to a vulnerability that may allow attackers to write to arbitrary local files. Successful ex...
The web interface for VLC version 2.1.3 suffers from a cross site scripting vulnerability. Using a specially crafted HTTP request, it is possible to exploit a lack in the neutralization of the error page ...
VMware vCenter Server contains a remotely accessible JMX RMI service that is not securely configured. An unauthenticated remote attacker that is able to connect t...
On June 25, 2013, South Korea was hit with a cyber attack that affected several local government and news sites. We managed to track some of the attacks that made up this event: (1) the co...
Using rogue software and applications is already an old trick in the malware book. Some malware families such as FAKEAV are best known for using convincing graphical user interfaces (GUI) to trick us...
This Trojan serves as a loader for other possible malicious files. It checks for components. It then creates processes where it will inject its components. It also attempts to execute a file. As a result, malicious routines of executed files are also...
Flash Player is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successful exploits allow remote attackers to execute ar...
Trend Micro researchers discovered this Android vulnerability that can modify MMS/SMS when exploited successfully. This bug came from “MessageStatusReceiver” service found in AndroidManifest.XML file. Attackers...
SAP BusinessObjects is prone to multiple input-validation vulnerabilities, including cross-site scripting issues, remote URI-redirection issues, and information-disclosure issues, because ...
SquirrelMail is prone to multiple vulnerabilities, including HTML-injection issues, cross-site scripting issues, and a security-bypass issue.
Attackers...
Apache OFBiz (Open For Business) is prone to multiple cross-site-scripting and HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input befo...
Multiple vendors' web browsers are prone a cross-site scripting vulnerability that arises because the software fails to handle specially crafted files served using the FTP prot...
From: Various random namesSubject: You can read anyone's SMS, Keep a spy eye on your Girlfriend's mobileRead his messages http:// www. {BLOCKED}vesms.com
===
Do you want to catch a cheating girlfriend?h...
TrendLabs engineers spotted circulating spammed messages pretending to be emails from NACHA. NACHA manages the development, administration and governance of the Automated Clearing House (ACH) network. The email is supp...
With Father’s Day just around the corner, spammers are capitalizing on the said special event for their malicious activities. Spammed messages promoting replica products as gifts for fathers are making rounds today. It even en...
The attack explores an incomplete parsing of the submitted data done by an intermediary HTTP system working as a proxy. consists of sending a specially formatted HTTP request that w...
An email that poses as a notification of a possible account compromise carries an attachment that is detected as DRIDEX malware. To convince users to open the attachment, it instructs reci...