Microsoft Windows ODBC Driver code execution | CVE-2023-21732
NAME__________Microsoft Windows ODBC Driver code executionPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft Windows Server 2012...
Rust man-in-the-middle | CVE-2022-46176
NAME__________Rust man-in-the-middlePlatforms Affected:Rust Rust 1.66.0Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Rust is vulnerable to a man-in-the-middle attack, caused by not perform SSH host...
Google Chrome code execution | CVE-2023-0128
NAME__________Google Chrome code executionPlatforms Affected:Google Chrome 109.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Google Chrome could allow a remote attacker to execute arbitrary code...
Google Chrome buffer overflow | CVE-2023-0129
NAME__________Google Chrome buffer overflowPlatforms Affected:Google Chrome 109.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Google Chrome is vulnerable to a heap-based buffer overflow, caused by...
Microsoft Windows WDAC OLE DB provider for SQL Server code execution | CVE-2023-21681
NAME__________Microsoft Windows WDAC OLE DB provider for SQL Server code executionPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1...
Microsoft Windows Layer 2 Tunneling Protocol (L2TP) code execution | CVE-2023-21679
NAME__________Microsoft Windows Layer 2 Tunneling Protocol (L2TP) code executionPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft...
Google Chrome code execution | CVE-2023-0135
NAME__________Google Chrome code executionPlatforms Affected:Google Chrome 109.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Google Chrome could allow a remote attacker to execute arbitrary code...
Microsoft Windows Layer 2 Tunneling Protocol (L2TP) code execution | CVE-2023-21543
NAME__________Microsoft Windows Layer 2 Tunneling Protocol (L2TP) code executionPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft...
Microsoft SharePoint Server code execution | CVE-2023-21742
NAME__________Microsoft SharePoint Server code executionPlatforms Affected:Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 SP1 Microsoft SharePoint Server 2019...
Siemens SINEC INS directory traversal | CVE-2022-45092
NAME__________Siemens SINEC INS directory traversalPlatforms Affected:Risk Level:9.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Siemens SINEC INS could allow a remote authenticated attacker to traverse directories...
Microsoft Windows Cryptographic Services privilege escalation | CVE-2023-21561
NAME__________Microsoft Windows Cryptographic Services privilege escalationPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft Windows Server 2012...
Siemens Mendix SAML Module cross-site scripting | CVE-2022-46823
NAME__________Siemens Mendix SAML Module cross-site scriptingPlatforms Affected:Risk Level:9.3Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Siemens Mendix SAML Module is vulnerable to cross-site scripting. A remote...
Google Chrome buffer overflow | CVE-2023-0137
NAME__________Google Chrome buffer overflowPlatforms Affected:Google Chrome 109.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Google Chrome is vulnerable to a heap-based buffer overflow, caused by...
Microsoft Windows Workstation Service privilege escalation | CVE-2023-21549
NAME__________Microsoft Windows Workstation Service privilege escalationPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows Server 2012 Microsoft Windows 8.1 x64 Microsoft...
SAP Business Planning and Consolidation MS SQL injection | CVE-2023-0016
NAME__________SAP Business Planning and Consolidation MS SQL injectionPlatforms Affected:SAP Business Planning and Consolidation MS 10.0Risk Level:9.9Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________SAP Business Planning...
Microsoft Exchange Server spoofing | CVE-2023-21762
NAME__________Microsoft Exchange Server spoofingPlatforms Affected:Microsoft Exchange Server 2013 CU23 Microsoft Exchange Server 2016 CU22 Microsoft Exchange Server 2019 CU11 Microsoft...
Asus RT-AX82U security bypass | CVE-2022-35401
NAME__________Asus RT-AX82U security bypassPlatforms Affected:Risk Level:8.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Asus RT-AX82U could allow a remote attacker to bypass security restrictions, caused by...
Google Chrome buffer overflow | CVE-2023-0138
NAME__________Google Chrome buffer overflowPlatforms Affected:Google Chrome 109.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Google Chrome is vulnerable to a heap-based buffer overflow, caused by...
Microsoft Windows Secure Socket Tunneling Protocol (SSTP) code execution | CVE-2023-21535
NAME__________Microsoft Windows Secure Socket Tunneling Protocol (SSTP) code executionPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows 8.1 x32 Microsoft Windows 8.1...
Microsoft Windows Advanced Local Procedure Call (ALPC) privilege escalation | CVE-2023-21674
NAME__________Microsoft Windows Advanced Local Procedure Call (ALPC) privilege escalationPlatforms Affected:Microsoft Windows 8.1 x32 Microsoft Windows 8.1 x64 Microsoft Windows Server...
Microsoft Windows Secure Socket Tunneling Protocol (SSTP) code execution | CVE-2023-21548
NAME__________Microsoft Windows Secure Socket Tunneling Protocol (SSTP) code executionPlatforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft...
Daily Vulnerability Trends: Wed Jan 11 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41080Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique...
Malware Analysis – aurora – bd32b492f046674ced01789233a3c80f
Score: 10 MALWARE FAMILY: auroraTAGS:family:aurora, family:dcrat, family:djvu, family:icedid, family:smokeloader, family:vidar, botnet:19, campaign:3131022508, backdoor, banker, collection, discovery, infostealer, loader, persistence, ransomware,...
Malware Analysis – – 1e88c975002679baa36e7849701b102a
Score: 3 MALWARE FAMILY: TAGS:MD5: 1e88c975002679baa36e7849701b102aSHA1: 31dda2ec43357ee058df677c6f5908dd836b10c2ANALYSIS DATE: 2023-01-11T03:22:00ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
