Cobalt Stike Beacon Detected – 45[.]148[.]10[.]66:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brazilian trojan impacting Portuguese users and using the same capabilities seen in other Latin American threats
Brazilian trojan impacting Portuguese users and using the same capabilities seen in other Latin American threats Introduction A new variant...
A week in security (March 7 – March 13)
Last week on Malwarebytes Labs: The struggle to reduce bug-fixing time is realUpdate now! Mozilla patches two actively exploited vulnerabilitiesGoogle...
Cisco security advisory-CVE-2022-20703
NAME Cisco - Multiple Platforms Affected:MultipleRisk Level:mediumCVE Type:Out-of-bounds write DESCRIPTION CVE-2022-20703 is an out-of-bounds write vulnerability impacting Cisco Small Business...
Exim security update-CVE-2019-16928
NAME Exim - Exim Platforms Affected:EximRisk Level:mediumCVE Type:Buffer overflow DESCRIPTION CVE-2019-16928 is a buffer overflow vulnerability impacting Exim versions 4.92...
Cisco security advisory-CVE-2022-20701
NAME Cisco - Multiple Platforms Affected:MultipleRisk Level:mediumCVE Type:Out-of-bounds write DESCRIPTION CVE-2022-20701 is an out-of-bounds write vulnerability impacting Cisco Small Business...
Zabbix security update-CVE-2022-23134
NAME Zabbix - Zabbix Platforms Affected:ZabbixRisk Level:mediumCVE Type:Improper authorization DESCRIPTION CVE-2022-23134 is an improper authorization vulnerability impacting Zabbix versions 5.4.0...
Vendor security update-CVE-2018-8581
NAME Microsoft - Exchange Server Platforms Affected:Exchange ServerRisk Level:highCVE Type:Privilege escalation DESCRIPTION CVE-2018-8581 is a privilege escalation vulnerability impacting Microsoft...
Litexmedia Audio Conversion Wizard buffer overflow |
NAME Litexmedia Audio Conversion Wizard buffer overflow Platforms Affected:Litexmedia Audio Conversion Wizard 2.01Risk Level:8.4Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Litexmedia Audio...
FLEX-1080 Web and FLEX-1085 Web information disclosure |
NAME FLEX-1080 Web and FLEX-1085 Web information disclosure Platforms Affected:TEM Industria Eletronica FLEX-1085 Web 1.6.0 TEM Industria Eletronica FLEX-1080 Web...
Schneider Electric APC Smart-UPS security bypass | CVE-2022-0715
NAME Schneider Electric APC Smart-UPS security bypass Platforms Affected:Schneider Electric SMT Series 1015 UPS 04.5 Schneider Electric SMC Series 1018...
Employee Performance Evaluation System email SQL injection |
NAME Employee Performance Evaluation System email SQL injection Platforms Affected:Sourcecodester Employee Performance Evaluation System 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Employee Performance...
PTC Axeda agent and Axeda Desktop Server security bypass | CVE-2022-25250
NAME PTC Axeda agent and Axeda Desktop Server security bypass Platforms Affected:PTC Axeda agent PTC Axeda Desktop ServerRisk Level:9.8Exploitability:UnprovenConsequences:Bypass Security...
Siemens Mendix Forgot Password Appstore module security bypass | CVE-2022-26313
NAME Siemens Mendix Forgot Password Appstore module security bypass Platforms Affected:Siemens Mendix Forgot Password Appstore module 3.3.0 Siemens Mendix Forgot...
F-Secure products code execution | CVE-2021-44750
NAME F-Secure products code execution Platforms Affected:F-Secure Email and Server Security F-Secure Elements Agent F-Secure MDR F-Secure Client Security F-Secure...
PTC Axeda agent and Axeda Desktop Server code execution | CVE-2022-25247
NAME PTC Axeda agent and Axeda Desktop Server code execution Platforms Affected:PTC Axeda agent PTC Axeda Desktop ServerRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access...
Schneider Electric APC Smart-UPS buffer overflow | CVE-2022-22805
NAME Schneider Electric APC Smart-UPS buffer overflow Platforms Affected:Schneider Electric SMT Series 1015 UPS 04.5 Schneider Electric SMC Series 1018...
Zabbix items.php file upload |
NAME Zabbix items.php file upload Platforms Affected:Zabbix Zabbix 5.0.17Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Zabbix could allow a remote authenticated...
Printix Secure Cloud Print Management privilege escalation | CVE-2022-25090
NAME Printix Secure Cloud Print Management privilege escalation Platforms Affected:Printix Secure Cloud Print Management 1.3.1035.0Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Privileges DESCRIPTION...
PTC Axeda agent and Axeda Desktop Server default account | CVE-2022-25246
NAME PTC Axeda agent and Axeda Desktop Server default account Platforms Affected:PTC Axeda agent PTC Axeda Desktop ServerRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access...
UltraVNC privilege escalation | CVE-2022-24750
NAME UltraVNC privilege escalation Platforms Affected:UltraVNC UltraVNC 1.3.7.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION UltraVNC could allow a local authenticated attacker to gain...
Google Android privilege escalation | CVE-2021-39708
NAME Google Android privilege escalation Platforms Affected:Google Android 12Risk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Google Android could allow a remote attacker to...
Node.js @advanced-rest-client/base module privilege escalation |
NAME Node.js @advanced-rest-client/base module privilege escalation Platforms Affected:Node.js @advanced-rest-client/base 0.1.9Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Node.js @advanced-rest-client/base module could allow a remote...
Schneider Electric APC Smart-UPS security bypass | CVE-2022-22806
NAME Schneider Electric APC Smart-UPS security bypass Platforms Affected:Schneider Electric SMT Series 1015 UPS 04.5 Schneider Electric SMC Series 1018...
