Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2022-43664: TALOS-2022-1673 || Cisco Talos Intelligence Group

A use-after-free vulnerability exists within the way Ichitaro Word Processor 2022, version 1.0.1.57600, processes protected documents. A specially crafted document can trigger reuse of freed memory, which can lead to further memory corruption and potentially result in arbitrary code execution. An attacker can provide a malicious document to trigger this vulnerability.

CVE
Open in Source
#vulnerability#windows#microsoft#cisco#js#intel#c++
Pentaho BA Server EE 9.3.0.0-428 Server-Side Template Injection / Remote Code Execution

Pentaho BA Server EE version 9.3.0.0-428 suffers from a remote code execution vulnerability via a server-side template injection flaw.

CVE-2023-26857: bug_report/RCE-1.md at main · ctg503/bug_report

An arbitrary file upload vulnerability in /admin/ajax.php?action=save_uploads of Dynamic Transaction Queuing System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.

CVE-2023-26856: bug_report/SQLi-1.md at main · ctg503/bug_report

Dynamic Transaction Queuing System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/ajax.php?action=login.

Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks

An unknown threat actor used a malicious self-extracting archive (SFX) file in an attempt to establish persistent backdoor access to a victim's environment, new findings from CrowdStrike show. SFX files are capable of extracting the data contained within them without the need for dedicated software to display the file contents. It achieves this by including a decompressor stub, a piece of code

Protect Your Company: Ransomware Prevention Made Easy

Every year hundreds of millions of malware attacks occur worldwide, and every year businesses deal with the impact of viruses, worms, keyloggers, and ransomware. Malware is a pernicious threat and the biggest driver for businesses to look for cybersecurity solutions.  Naturally, businesses want to find products that will stop malware in its tracks, and so they search for solutions to do that.

New Strain of Rorschach Ransomware Targeting US- Firms

By Deeba Ahmed Rorschach ransomware boasts advanced encryption technology and can spread automatically on the machine if executed on a domain controller.  This is a post from HackRead.com Read the original post: New Strain of Rorschach Ransomware Targeting US- Firms

CVE-2023-1856: bug_report/SQLi-1.md at main · Hackergrave/bug_report

A vulnerability has been found in SourceCodester Air Cargo Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/transactions/track_shipment.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224995.