ThreatChat ThreatHistory Video Feed

Blast from the past! Windows XP source code allegedly leaked online

SMS phishing scam pretends to be Apple “chatbot” – don’t fall for it!

Naked Security Live – “The Zerologon hole: are you at risk?”

A real-life Maze ransomware attack – “If at first you don’t succeed…”

Zerologon – hacking Windows servers with a bunch of zeros

Naked Security Live – “Should you worry about your wallpaper?”

Serious Security: Hacking Windows passwords via your wallpaper

Fake web alerts – how to spot and stop them

Monday review – catch up on our latest articles and videos

Phishing tricks – the Top Ten Treacheries of 2020

Ring's Flying In-Home Camera Drone Escalates Privacy Worries

Feds Hit with Successful Cyberattack, Data Stolen

Cisco Patch-Palooza Tackles 29 High-Severity Bugs

Alien Android Banking Trojan Sidesteps 2FA

Bug Bounty FAQ: Top Questions, Expert Answers

FortiGate VPN Default Config Allows MitM Attacks

Industrial Cyberattacks Get Rarer but More Complex

Microsoft Kills 18 Azure Accounts Tied to Nation-State Attacks

Free Apple iPhone 12? Chatbot Phish Spreads Via Texts

Known Citrix Workspace Bug Open to New Attack Vector

Gamer Credentials Now a Booming, Juicy Target for Hackers

Critical Industrial Flaws Pose Patching Headache For Manufacturers

Microsoft Overhauls ‘Patch Tuesday’ Security Update Guide

A Cyber 'Vigilante' is Sabotaging Emotet's Return

Black Hat USA 2020: Critical Meetup.com Flaws Reveal Common AppSec Holes

Encryption Under ‘Full-Frontal Nuclear Assault’ By U.S. Bills

Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware

Chris Vickery: AI Will Drive Tomorrow’s Data Breaches

Google Cloud Buckets Exposed in Rampant Misconfiguration

Fileless Malware Tops Critical Endpoint Threats for 1H 2020

SecOps Teams Wrestle with Manual Processes, HR Gaps

QR Codes Serve Up a Menu of Security Concerns

Vulnerability Disclosure: Ethical Hackers Seek Best Practices

Disinformation Spurs a Thriving Industry as U.S. Election Looms

News Wrap: AWS Cryptojacking Worm, IBM Privacy Lawsuit and More

Researchers Warn of Active Malware Campaign Using HTML Smuggling

New Global Threat Landscape Report Reveals 'Unprecedented' Cyberattacks

Podcast: Learning to ‘Speak the Language’ of OT Security Teams

Black Hat USA 2020 Preview: Election Security, COVID Disinformation and More

Podcast: Security Lessons Learned In Times of Uncertainty

The Enemy Within: How Insider Threats Are Changing

BEC Gang Exploits G Suite, Long Domain Names in Cyberattacks

Fake Skype, Signal Apps Used to Spread Surveillanceware

Tokyo Olympics Postponed, But 5G Security Lessons Shine

Cloud Misconfig Mistakes Show Need For DevSecOps

2020 Cybersecurity Trends to Watch

Top Mobile Security Stories of 2019

Facebook Security Debacles: 2019 Year in Review

Biggest Malware Threats of 2019

Top 10 IoT Disasters of 2019

2019 Malware Trends to Watch

Top 2018 Security and Privacy Stories

2019: The Year Ahead in Cybersecurity

2018: A Banner Year for Breaches

6 Things to Know About the Microsoft 'Zerologon' Flaw

Navigating the Asia-Pacific Threat Landscape: ...

Getting Over the Security-to-Business Communication ...

COVID-19: Latest Security News & Commentary

RASP 101: Staying Safe With Runtime Application ...

WannaCry Has IoT in Its Crosshairs

Malware Attacks Declined But Became More Evasive in Q2

Bluetooth Security Weaknesses Pile Up, While ...

Critical Instagram Flaw Could Let Attackers Spy on ...

Solving the Problem With Security Standards

CrowdStrike Agrees to Acquire Preempt Security for ...

Microsoft Warns of Attackers Now Exploiting ...

Since Remote Work Isn't Going Away, Security Should ...

Gaming Industry Hit With 10B+ Attacks In Past Two Years

Shopify's Employee Data Theft Underscores Risk of ...

Google Cloud Debuts Threat-Detection Service

India's Cybercrime and APT Operations on the Rise

Microsoft's Azure Defender for IoT Uses CyberX Tech

My Journey Toward SAP Security

Making the Case for Medical Device Cybersecurity

Texas Software Provider Reports Cyber-attack

US Federal Agency Compromised by Cyber-Actor

Student Arrested Over Cyber-attacks on Indiana Schools

Elderly People in the UK Lost Over £4m to Cybercrime Last Year

Facebook Takes Down More Beijing-Backed Fake Accounts

#COVID19 Pushes More Fraud Online

Zerologon Windows Server Flaw Used in Active Attacks

A Better Defense: Does Modern Security Fit With Modern Attacks?

Lessons Learned from the Twitter Spear Phishing Attack

What an Insider Threat Strategy Should Consist of for Effective Detection

Utilizing Native IaaS Controls to Ensure and Achieve Continuous Security

How to manage open source risk

Faster Detection and Response with MITRE ATT&CK;

Does Phishing Prevention Require Better Technology, Detection or Strategy?

Securing Remote Access to Critical Infrastructure: The Key to Industrial Digital Transformation

Identity Management for a Dynamic Workforce: Zero Trust Versus Risk-Based Security

Building a Diverse, Skilled and Evolved Security Team

Mobile and Web App Security: Mitigating Risks and Protecting APIs

Key Technologies, Strategies and Tactics to Fight Phishing

Most Workers Not Interested in Switching to a Cybersecurity Role

Credential Stuffing: the Culprit of Recent Attacks

Evasive Malware Threats on the Rise Despite Decline in Overall Attacks

How to Mitigate Insider Security Risks in the Current Landscape

Extended Threat Detection and Response: Critical Steps and a Critical System

Cyberwarfare: the New Frontier of Wars Between Countries

Report Outlines Importance of Providing Engaging User Awareness Training

Attacks Against Oil and Gas Industry on the Rise

US Customs and Border Protection Failed to Safeguard Data

America Moves to Protect Free Speech Online

Repairing SQL Database Corruption with CHECKDB Repair? You Can Lose Your Data Forever

Bug Fixes Take Twice as Long for Manufacturing Firms

Millions Exposed in COVID-19 Surveillance Platform Snafu

Meet the researcher who wants employers to write better infosec help wanted ads

Twitter bug may have exposed API keys, access tokens

What one company’s deal with the feds tells us about the long tail of data breaches

Instagram flaw shows importance of managing third-party apps, images

Federal watchdog agency pushes proposed White House cyber role into spotlight

Microsoft already seeing exploit of Zerologon in the wild

Shopify breach: Help center employees are a unique breed of insider threat

Watch: actionable threat intelligence

The Twitter hack exposed the need for more effective PAM security

Build security by expanding cyber awareness

Why the $26 billion in BEC scams are worse than you think

Lessons combating COVID-19 healthcare security challenges

Beware CISOs: attack vectors are coming from inside the house

Corporate VPNs in danger as vishing attacks target home workers

Supply chain weak security link for 92 percent of US companies

Google rolls out new automated threat detection tool

Leaked FinCEN files expose poor data security

Lessons from a ransomware death: Cyber emergency preparedness critical

Security teams struggle with ransomware, cloud services

Big or small, organizations typically remediate 1 of 10 discovered vulnerabilities

Instagram flaw shows importance of managing third-party apps, images

Update now: Cisco warns over 25 high-impact flaws in its IOS and IOS XE software

Cambridge Analytica's ex-CEO banned from running companies for 7 years

Alien Android Banking Trojan Sidesteps 2FA

Apple Security Advisory 2020-09-24-1

Ubuntu Security Notice USN-4540-1

BigTree CMS 4.4.10 Remote Code Execution

Anchor CMS 0.12.7 Cross Site Scripting

Ubuntu Security Notice USN-4539-1

Falco 0.26.0

Simple Online Food Ordering System 1.0 SQL Injection

Ubuntu Security Notice USN-4536-1

Ubuntu Security Notice USN-4538-1

Ubuntu Security Notice USN-4537-1

Red Hat Security Advisory 2020-3835-01

Red Hat Security Advisory 2020-3832-01

Red Hat Security Advisory 2020-3836-01

Red Hat Security Advisory 2020-3833-01

Red Hat Security Advisory 2020-3834-01

Ubuntu Security Notice USN-4535-1

Red Hat Security Advisory 2020-3806-01

Red Hat Security Advisory 2020-3807-01

Ubuntu Security Notice USN-4534-1

Red Hat Security Advisory 2020-3809-01

Red Hat Security Advisory 2020-3808-01

Red Hat Security Advisory 2020-3817-01

Ubuntu Security Notice USN-4533-1

Amazon unveils flying Ring security drone and Luna games service

Facebook says fake accounts tied to Russia posed as journalists and promoted other websites

Twitter prepares for US election with new security training, penetration tests

Microsoft leaks 6.5TB in Bing search data via unsecured Elastic server. *Insert 'Wow... that much?' joke here* • The Register

Leaked FinCEN files expose poor data security

Microsoft Overhauls ‘Patch Tuesday’ Security Update Guide

OldGremlin Ransomware Group Bedevils Russian Orgs

The fight over the fight for California’s privacy future

Massive dark web bust seizes $6.5 million from 179 alleged drug dealers

Healthcare lags behind in critical vulnerability management, banks hold their ground

This Is the (Next-to) Last Smartcontracts Case You’ll Ever Read | by Joshua Fairfield | The Startup | Sep, 2020 | Medium

Apple VPN Is the Next Big Thing. Forget smartphones and notebooks… | by Shubh Patni | Data Driven Investor | Sep, 2020 | Medium

Data Driven Investor – Medium

How to Keep Google from Stealing Your Data and Tracking You | by Jason Weiland | Freethinkr | Sep, 2020 | Medium

Jason Weiland – Medium

How to Keep Google from Stealing Your Data and Tracking You | by Jason Weiland | Freethinkr | Sep, 2020 | Medium

The ‘Nerd Rapture’ Could Create Technology that Will Cure Mental Illness | by Jason Weiland | Freethinkr | Sep, 2020 | Medium

Addiction is Easy — Quitting is the Difficult Part | by Jason Weiland | Invisible Illness | Sep, 2020 | Medium

Create Secure Clients and Servers in Golang Using HTTPS | by Richard Youngkin | Better Programming | Sep, 2020 | Medium

Richard Youngkin – Medium

Better Programming – Medium

How to Implement Refresh-Token Functionality (Front-End). | by Ifeanyi Ibekie | The Startup | Sep, 2020 | Medium

Zoom Privacy and Security issues. An alternative for video collaboration: | by James | Sep, 2020 | Medium

James – Medium

3 Ways to Secure IT and OT Environments in the Era of Convergence | by International Society of Automation - ISA Official | Sep, 2020 | Medium

International Society of Automation - ISA Official – Medium

How to Protect Your Passwords: The Dangers of Plain Text Storage | by Practicum by Yandex | Practicum by Yandex | Sep, 2020 | Medium

Practicum by Yandex – Medium

Web Anonymization Techniques 101. “Anonymity is a shield from the tyranny… | by Ian Barwise | The Startup | Sep, 2020 | Medium

Rubberhose cryptography and the idea behind Wikileaks: Julian Assange as a physics student | by Niraj Lal | Sep, 2020 | Medium

Apple VPN Is the Next Big Thing. Forget smartphones and notebooks… | by Shubh Patni | Data Driven Investor | Sep, 2020 | Medium

React Authentication: How to Store JWT in a Cookie | by Ryan Chenkie | Medium

GitHub - liamg/gitjacker: 🔪 Leak git repositories from misconfigured websites

Friday Squid Blogging: COVID-19 Found on Chinese Squid Packaging - Schneier on Security

Office365 Advanced Threat Protection

Defend Your Web Apps from Cross-Site Scripting (XSS)

Court rules NSA phone snooping illegal — after 7-year delay

Detailed Audit of Voatz' Voting App Confirms Security Flaws

CEO of NS8 Charged with Securities Fraud - Schneier on Security

Akhil Kumar 🎖 BE-MBA-CAIIB★ITIL-PMP-MCSE-CISA-CISSP-OCP★ on LinkedIn: CISSP Cheat sheet | 83 comments

COVID-19 Cyber Attacks - WebARX Security

This hacked coffee maker demands ransom, highlights IoT vulnerability

Kernel exploitation: weaponizing CVE-2020-17382 MSI Ambient Link driver :: — uf0

September 25, 2020

Redefining Impossible: XSS without arbitrary JavaScript | PortSwigger Research

Serrated Pins Got You Stuck? Give Em The Ole Jiggle Test!

Beware of the Shadowbunny - Using virtual machines to persist and evade detections · wunderwuzzi blog

Firefox to remove support for the FTP protocol | ZDNet

Exploiting SIGRed (CVE-2020–1350) on Windows Server 2012/2016/2019 | by Datafarm | Sep, 2020 | Medium

Introducing “YAYA”, a New Threat Hunting Tool From EFF Threat Lab | Electronic Frontier Foundation

(ENG-070) Lockpicking a Burg Wächter Alutitan 770 60 SB

Phishing Your Password Manager. Discovering and Exploiting a Common… | by Curtis Brazzell | Sep, 2020 | Medium

Google exploring using location info to slow coronavirus spread

Say yes to life: that is lndia

Iranian Government Hacking Android - Schneier on Security

The U.S. wants smartphone location data to fight coronavirus. Privacy advocates are worried.

Stop The EARN IT Bill Before It Breaks Encryption | EFF Action Center

Pastebin adds 'Burn After Read' and 'Password Protected Pastes' to the dismay of the infosec community | ZDNet

virusbtn: VB2020 localhost is coming in just four days! For the latest & best research on malware, malicious actors & threat intelligence and the company of your fellow security researchers around the world - in the comfort of your own home - register now for FREE: https://t.co/9hIcvKWxEH https://t.co/fDiSx3I0Xv

virusbtn: Sophos researchers analysed how the reflective loading technique was used to deliver the MoDi RAT https://t.co/j90aAmPCer https://t.co/NB7QKxUKf6

virusbtn: CISA report details how a malicious actor managed to compromise a US federal agency https://t.co/T3NY29QTWH https://t.co/YIYhCc1lFy

virusbtn: Government entities, telcos impersonated in multi-stage phishing campaign https://t.co/nvRpCroay1 https://t.co/QsyQY5C6Ei

virusbtn: Cisco Talos researchers look at the significant rise of academic fraud sites and services https://t.co/JXG5d6sNRY https://t.co/io8eVqQxEA

MITREattack: In collaboration with research partners, our friends at the Center for Threat-Informed Defense have released the Adversary Emulation Library (https://t.co/ey6bx2Kx3d). Check out the first emulation plan, which focuses on FIN6 (https://t.co/CXYVS2N5wO).

MITREattack: We now have the rest of our November-January lineup posted along side registration for our October session at https://t.co/AhhWguxNMq. ATT&CKcon Power Hour kicks off in just a little over two weeks from now on October 9th at 1PM ET. Hope you're able to join us! https://t.co/VNABUfwIyk

SpecterOps: Yesterday @_D00mfist released "Are You Docking Kidding Me?" In this post, Leo walks through a macOS persistence method through Dock modification. He also discusses detections for this persistence method and osascript C2. Check it out: https://t.co/Fpq8UhDek0

TalosSecurity: Have you checked out our deep dive into Cobalt Strike detection? If not, you're missing out on new Snort and ClamAV rules, and a complete dissection of the tool threat actors are using more every day https://t.co/KRikMle5c0 https://t.co/uvM8QFbbub

TalosSecurity: Our IR group encounters dual-use tools in many of the intrusions they investigate. How educated are you on these threats and how to detect them? Our upcoming webinar provides a deep dive on them and how they are being abused in the wild! Sign up here! https://t.co/VfnAVzuKsA https://t.co/Piv4f6QgjE

TalosSecurity: There are many apps and sites out there that promise to do students' homework for them. But many of these are scams and some even deliver malware https://t.co/b0ym5sJHSG https://t.co/Whe3Mc5poW

TalosSecurity: @k4otix @Cisco Welcome to the team @k4otix !

TalosSecurity: This week's episode of Talos Takes builds on our recent Cobalt Strike research paper. Find out how the author write new coverage, go behind the scenes on research and learn more about our Snort rules https://t.co/sCTAV3Kswh https://t.co/y6JvBmjD4g

MBThreatIntel: #Emotet spam run for 2020-09-25. IOCs: https://t.co/zjhPcV48hz https://t.co/uhWAsXs7QM

MBThreatIntel: Taurus Project stealer now spreading via malvertising campaign https://t.co/6Vp53vEd8B #TaurusStealer #FalloutEK https://t.co/mFblbEP958

MBThreatIntel: #SpelevoEK via same TDS responsible for .tk scams drops #Dridex onto Spanish users. Thanks @FaLconIntel for posting the geofencing restriction. Payload: ef6f5c2dd343a6663a60e3627280fc6cb87735d369ba9f806a3474fd8c904295 https://t.co/xExgpQtJ9v

MBThreatIntel: #Malsmoke malvertising campaign continues on xhamster and other top sites. Also, #FalloutEK seems to have added a new anti-vm check that returns a 404 on the payload session. If your sandbox looks good, that last session should return a 200 and contain the binary. https://t.co/qPaF6z9PKt

MBThreatIntel: A small collection of #TechSupportScams sites for 2020-09-21 https://t.co/wHaBLRKjJS https://t.co/JX0nkEyxWM

anyrun_app: Friday update of the #emotet maldoc template! Stay on top of malware updates with ANYRUN's Public Submissions! Take a look at all emotet maldocs under the emotet-doc cluster! https://t.co/3VXw0sBbSX https://t.co/v2R2bcigdr

anyrun_app: ANYRUN has been updated! 🚀 ✅ Service interface redesign ✅ Process tree's and network block's work optimization ✅ Service usability improvements ✅ Specific monitors sizes support improvement Check out the release details in our blog post https://t.co/NrhJdbrTMh

anyrun_app: New wave of the #dridex malspam arrived! Dridex still uses a debug output loop to postpone execution. Save your time! Just look at ANYRUN's "Debug" tab! regsvr32 sends gibberish into debug? Sure Dridex Also С2 doesn't send payload to systems with Windows 7 https://t.co/6Guzoqbs2k https://t.co/vnHsFQgxea

anyrun_app: Yet another emotet-doc cluster update with fresh #emotet maldoc template! To collect URLs from the tasks fast use ANYRUN's feature "Fake Net". It intercepts HTTP requests and returns 404, forcing malware to reveal its C2 links. Make your analysis easier! https://t.co/4uneDExOpM https://t.co/LVgIp4vvx9

abuse_ch: Sharing is caring ❤️🇨🇭 https://t.co/5ZeOymuryQ

abuse_ch: @malwrhunterteam @tolisec Yeah, URLhaus is so sexy ❤️

QuoIntelligence: Check out Chaz on @thecyberwire speaking about #GoldenChickens #MaaS provider. We keep seeing this MaaS becoming more and more popular between threat actors, such as #FIN6 and #Evilnum. Subscribe to our newsletter to get a taste on the latest developments #ThreatIntel #more_eggs https://t.co/S4VR4ZrQdP

QuoIntelligence: This week we cover #OldGremlin conducting #ransomware campaigns targeting Russian entities, the indictment of China-linked #cyber actors associated with #Winnti Group, and other insightful cyber & geopolitical events. Details here: https://t.co/tx5VDG60rs #ThreatIntel #CyberNews

QuoIntelligence: Our declassified #ThreatIntelligence analysis on a #APT28 spear phishing campaign delivering #Zebrocy #malware to target at least a government body in the Middle East using a @NATO course as a lure. View here: https://t.co/Puf5oZi8Ni #ThreatIntel #CyberSecurity #CyberNews

JAMESWT_MHT: @SttyK @James_inthe_box @malwrhunterteam looks like a false positive " command line tool to download image galleries/collections from several image hosting sites" from 1 AvVendor sample submission answer

JAMESWT_MHT: #AgentTesla #DHL #Italy "DHL Express Shipment Confirmation" ZIP https://t.co/5DeSlIjZKH Exe https://t.co/KcTqwsB25m >alex.kzsun@caisvn[.com cc @malwrhunterteam @guelfoweb @AgidCert @FBussoletti @verovaleros @Arkbird_SOLG https://t.co/0cwdeQFgR2

JAMESWT_MHT: #EMOTET #Italy 25_09_2020 "Fatture #ENEL energia" "Fattura #Telecom Italia 09'2020" Doc https://t.co/Hozzk409E6 https://t.co/3e9RXZt322 Urls https://t.co/JRDH5k5tJ1 https://t.co/peD5jcqOnl @malwrhunterteam @AgidCert @FBussoletti @JRoosen @Cryptolaemus1 @guelfoweb https://t.co/McCVuXDRWa

makflwana: @joakimkennedy @malwrhunterteam @demonslay335 @JAMESWT_MHT @VK_Intel Yup think it was couple of days or weeks back

makflwana: #malware #opendir #lokibot #azorult hxxp://adtechsolutions.in/bin/

cyb3rops: I‘d like to see 100+ Sigma rules covering these 100+ persistence methods (many of type registry_event) so that 1000+ analysts can save valuable working time https://t.co/68u5kF1EoE

cyb3rops: @williballenthin Still waiting for a function that transforms a string into all possible forms of cAsiNg

cyb3rops: BTW, does anyone know what this is that only CrowdStrike Falcon and we are able to detect? https://t.co/6RctapTjbU https://t.co/Y0IffctZSL

cyb3rops: Yes, isn’t hard to bypass. It’s never hard to bypass a rule. Still catches interesting samples: https://t.co/8mfkddtK08 https://t.co/XxAfa4Rt3r

ransomleaks: @NatSecGeek I'm still learning to read

ransomleaks: #Sodinokibi/#REvil claimed Vard Group AS as a victim. 🇳🇴 Vard (a Fincantieri co) is a designer and shipbuilder of specialized vessels. Vard - 9k employees, $1B revenue, Norway HQ Fincantieri - 19k employees, $6B revenue, Italy HQ 🇮🇹 https://t.co/07mdD3SaDD

ransomleaks: #Sodinokibi/#REvil claimed Global Cloud Xchange as a victim and threaten to leak 600GB of data. Headquartered in London, United Kingdom, Global Cloud Xchange provides network services for enterprises, new media providers and telecoms carriers. 1.5k employees, $517m revenue https://t.co/3ldoTwPyJW

ransomleaks: #MountLocker #Ransomware claimed Makalot Industrial Co. as a victim. 🇹🇼 Makalot is a leader in the garmenting industry with customers like @walmart @UnderArmour @ASICSamerica @SKECHERSUSA @TOMS @Gap 33k employees, $741m revenue https://t.co/Qkstd5SBJC

ransomleaks: #MountLocker claimed Memry as a victim. Established in 1983, Memry is HQ'd in Connecticut. They provide Nitonol components including products for laser cutting, grinding and surface finishing. $108m revenue, 400 employees https://t.co/p8MNDC8hev

inj3ct0r: #0daytoday #Jenkins 2.56 CLI Deserialization / Code Execution #Exploit #RCE https://t.co/yaRVP07ImP

inj3ct0r: #0daytoday #ArticaProxy 4.30.000000 Authentication #Bypass / Command Injection #Exploit https://t.co/cjRzHc8rzW

inj3ct0r: #0daytoday #Framer Preview 12 Content Injection #Vulnerability https://t.co/6jBl7EOCrj

inj3ct0r: #0daytoday #Flatpress Add Blog 1.0.3 - Persistent Cross-Site Scripting #Vulnerability #XSS https://t.co/e3XhxgpdHZ

inj3ct0r: #0daytoday #Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution #Exploit #RCE https://t.co/whQ6zT3QJj

0dayDB: @WauchulaGhost you

malwrhunterteam: Interesting targeting/theme, but not that quality work... 🤔 https://t.co/QkYFnXsKJo

malwrhunterteam: "dl2_trivial.exe": bec20ac8a134a12e75da2c091e0ff228a2d230b2498991b1689e6b44db94cd58 From: http://emploimed[.]com/dl2_trivial.exe That filename... 🤔 It is another "Retalit LLC" signed sample, and not surprisingly it is not well detected... cc @VK_Intel @bryceabdo @JAMESWT_MHT https://t.co/MqQzUwvk3B

malwrhunterteam: "AndroidGuncellemesi.apk": a5fbf233edc7a0f67720b747b28aeb07ac45add22efedb831471d62c260bd384 From: https://tunneltrack[.]info/download/ https://t.co/WwT8KJFgSf

malwrhunterteam: "counter-strike-global_0.3.apk": 2836ee1f925b77d4eef114df9d623289b77ae10f69d79270b3afdca5c7417f69 From: https://bitbucket[.]org/666-prorok/templates/downloads/counter-strike-global_0.3.apk @Spam404 https://t.co/fudyq7xKNl

malwrhunterteam: "eGiftcardFUD signed.apk": bffec9de525c65fe0cd26883357c22b6ae0e8729d7e4b567f430160a40de6c4d Not really FUD... 😂 https://t.co/vXoQIAPVSB

malware_traffic: 2020-09-25 (Friday) - Generated an #Emotet infection earlier today that had #Trickbot gtag mor124 as the follow-up malware - Trickbot sample available at: https://t.co/dxZJWpcxkB or https://t.co/khz7NvHNmm or https://t.co/JI0eKqT0vX or https://t.co/36kgPhelXV https://t.co/ZEs9TRJX66

malware_traffic: 2020-09-25 - Traffic Analysis Exercise - Trouble Alert - With a #pcap and some alerts, you're asked to write an incident report - Join the fun at: https://t.co/ut8ROnueNE #TrafficAnalysisExercise - You can't see it in this picture, but Batman is sipping from a flask of bourbon. https://t.co/CZxfexUCxa

malware_traffic: Like this one https://t.co/b3aWQt1h4u

malware_traffic: I think this format has potential... Here's a blank template. It's perfect for "dad jokes." https://t.co/vlVjMNdipe

malware_traffic: I can't be the only one who's thought of this... https://t.co/vTwcH7uBuo

James_inthe_box: @KorbenD_Intel @pastebin @pmelson Oh dear...🤦

James_inthe_box: @bad_packets @StopMalvertisin https://t.co/WKEgo5R1UT

James_inthe_box: @fumik0_ @cocaman @Anti_Expl0it @FewAtoms Also some #nanocore (abu.exe).

James_inthe_box: Fresh #bazaloader via sendgrid #malspam: https://t.co/wrZKAFFp5u Subject: Re: <firstname>, our meeting

pmelson: @malcomvetter Hex bar DLs are way more thigh-friendly.

pmelson: @shad0wbits RIP Romero

pmelson: @KyleTDavis1 Brene Brown has said, “Clear is kind. Unclear is unkind.” There’s art in choosing our words, but honesty and kindness go together.

pmelson: @r0wdy_ I had to read that twice. https://t.co/OhoQ2WxhMt

pmelson: @marcusjcarey Probably the best deal in Japanese whisky (in the US anyway). Anything I’ve had that’s better is double the price and much harder to find now.

demonslay335: Sample: https://t.co/vHtCXo1UPD

demonslay335: @Jan0fficial Even back then, teachers never took that as an excuse though. There were signs in my computer labs that you had to backup your work... in 3rd grade, ~20 years ago...

demonslay335: @Jan0fficial Modern day "my floppy disk won't read" from the '00s. 🤣

demonslay335: 🚨 ATTENTION STUDENTS. 🎓 👏 BACKUP 👏 YOUR 👏 DAMN 👏 SCHOOLWORK 👏 Oh you have this super-important-for-your-degree thesis you've slaved over for months? Why the hell can't you take 2 SECONDS to email it to someone? Back it up to a flash drive? PRINT IT for all I care.

hackerfantastic: @GeorgeProfonde3 Sorry I don’t, tho most Apple photo products include facial recognition you could use on a batch of images. It’s not something I’ve ever needed todo at scale or had much interest in.

hackerfantastic: I sense a great disturbance in the force, as if a million threat intelligence analysts just cried out in horror ... https://t.co/LQOUPRYLWD

hackerfantastic: 🤦‍♂️ https://t.co/4CNgD96wCR

Cyb3rWard0g: @FuzzySec I will take you on that! 🤗 Yeah it is going to get crazy 🙈🙊 https://t.co/ZmQrKhfvKJ

VK_Intel: 2020-09-23: ☁️🔥[Dark Insight] "Anatomy of Network Intrusion: Cyberspies-for-Hire Tradecraft: From Amazon AWS EC2 Intrusion to #CloudTrail CSV Injection Lateral Movement & Elevation" via @y_advintel & @IntelAdvanced Team ("#Andariel" Product) https://t.co/WhhFJujNwN

VK_Intel: @Marco_Ramilli Thank you, Marco, for the kind words!

VK_Intel: 2020-09-24: 📚[Review] Let's Learn: In-Depth Reversing of Recent #Gozi #ISFB 🏦 Banking Malware Version 2.16/2.17 (portion of ISFB v3) & "loader.dll/client.dll" Hooking Method "EnableHook" {"spdy" relax} | Process Injection | Inject Processor + #YARA https://t.co/vecUPhvRpo https://t.co/O9KqFSbNXc

securitydoggo: @Cybor_Tooth @MicroFocusSec I'm always going to be camp ArcSight but boy does it need a lot of quality of life upgrades...

securitydoggo: So @MicroFocusSec's #ArcSightESM doesn't tell you which active list resource is bugging out when you try to export a backup; ended up having to create a new package, divide out half of the lists to export, and repeating until the problem list is isolated #FridayFun #infosec

DrunkBinary: https://t.co/2ICm4YxhV5 https://t.co/RdJJDaCtHY

Arkbird_SOLG: @0xthreatintel @shotgunner101 @malwrhunterteam @JAMESWT_MHT @bad_packets Yep that ATM malware FastCash already disclosed to public by CISA report (26th August 2020) https://t.co/DCvayUFLrJ

Arkbird_SOLG: @0xthreatintel @VK_Intel @bad_packets @shotgunner101 @malwrhunterteam @JAMESWT_MHT @UnderTheBreach Yep that also know as Machete group, all samples are available here : https://t.co/0Izx8IsNrT https://t.co/lVGe0zysoC Have close the FTP access too, you can add it as reference if reused in the future. cc : @ShadowChasing1 @Rmy_Reserve https://t.co/WjgTocnhxe

KorbenD_Intel: @ARCYBER @FBI @CISAgov @politico @ericgeller Terrible byline. Cyber hacking != physical mail fraud.

KorbenD_Intel: @James_inthe_box @pastebin @pmelson 😭

KorbenD_Intel: @pastebin LOL @pmelson @James_inthe_box

KorbenD_Intel: @James_inthe_box @malwrhunterteam @JAMESWT_MHT @Arkbird_SOLG https://t.co/XC4UES06wW

KorbenD_Intel: @James_inthe_box @malwrhunterteam @JAMESWT_MHT @Arkbird_SOLG 159f74b67152f168f20877ebf2ca19bd EML 13/58 VT scan detections, interesting attachment. Upped to Malshare: https[:]//malshare[.]com/sample.php?action=detail&hash=159f74b67152f168f20877ebf2ca19bd

ShadowChasing1: ITW:AA7C27927CDC2752FB19ED5EBEF77C2E Filename:Оперативне зведення станом на 28 липня 2020 року (за матеріалами ДЗНД та регіональних органів СБУ).lnk URL:http[:]//sort.freedynamicdns.org/home/key.html https://t.co/XQ8YRuZICs

ShadowChasing1: Today our researchers have found new activity which belongs to #Gamaredon #APT group ITW: B826DF9DD8241B1F5DDD24AE445F71B5 filename:Оперативне зведення.eml ITW:BDC37774A976E27D9C5BD178F3AC215F filename:зведення.rar https://t.co/wfretStfc7

ShadowChasing1: ITW: 02AAE0F838095A9D70004DAE8D600AA1 filename:Доповідь за даними звіту СММ ОБСЄ від 08.09.2020 214-2020.lnk URL:http[:]//forkasimov.hopto.org/beau/updates.html https://t.co/pYH1N48N0o

ShadowChasing1: Today our researchers have found new activity which belongs to #Gamaredon #APT group ITW:5cdffa171623bc0c749b493b11533eec filename:ДОПОВІДЬ.eml ITW:6425B64778257C2924849935D81AC626 filename:Доповідь.zip https://t.co/Z8B2Ipo2bM

ShadowChasing1: Today our researchers have found Remote Template Injection sample which belongs to #Gamaredon #APT group ITW:73bed71d29b5fd7145d269c01959b50b filename:Про неправомірні дії слідчого СБ України.docx Template URL:https://t.co/zPzEakFBP9

ItsReallyNick: 🗳✅ https://t.co/yvc8tScXS2

ItsReallyNick: Hey! This thread is relevant again! New security features are here! Waaaait a second... 👀🥴 https://t.co/BDQ2HBj0FK

Manu_De_Lucia: In a paper originally designed for the Malware Analyst Conference 2020,(postponed to next year due covid19) I talked about #malware threats against Internet Service Providers. #ISP #APT30 #APT34 #APT https://t.co/hkm5wzACd8

DeadlyLynn: #APT #SideWinder md5:ea0b79cd48fe50cec850e8b9733d11b2 filename:Audit_Observation2019.zip C2: fbr-gov.aws-pk[.]net & cdn-aws-s2[.]net

58_158_177_102: 曇り https://t.co/tRxV7w7lVg

58_158_177_102: 初めてポケモンも週間150キロ超え https://t.co/wC1foux0t0

58_158_177_102: まあまあ歩きました https://t.co/8rKZCHJrl1

58_158_177_102: 食べなさすぎると筋肉減るので夜食に沖縄おでんと、すぐお店で売り切れるマグロ ハラゴ https://t.co/p7eA1hccwr

58_158_177_102: 夜そば https://t.co/xwca52QwbN

IntezerLabs: Russian APT Detector — This YARA rules-based scanning tool can be used by anyone to scan a specific file, a folder, or a whole file system and search for infections by Russian hackers https://t.co/cs9HNATH9k https://t.co/JoGXVdIaBN

IntezerLabs: One year ago today we released this open-source interactive map with @_CPResearch_ that reveals 22,000 code connections & counting between Russian APTs https://t.co/jxqjwDQodU https://t.co/EPanFv4yvJ

IntezerLabs: 🆕 #ELF #Winnti group samples (PWNLNX tool), share code with files reported in @BlackBerry's article from last April 4278ab79c34ea92788259fb43e535aa3 8e7488555351c6d4811a4dd17d9c53c6 C2: a[.]sqlyon[.]net a[.]sqlyon[.]com a[.]bingtok[.]com https://t.co/ikEj7qcn2m 🔥🔥 https://t.co/nwVb8YGkPU

IntezerLabs: Not just cryptominers. Linux and cloud servers have been targeted by APT actors for at least a decade. We looked back on these attacks https://t.co/KoPtlJS6ZL Subscribe to our weekly Linux threat feed: https://t.co/OV34R6PglA https://t.co/0HP07Flbbl

IntezerLabs: 🆕 Custom pizza themed Dumpert OST used for memory dumping! https://t.co/THVQixOicY Want to learn more about OSTs? Attend @polarply presentation 'Advanced Pasta Threat' at @virusbtn: https://t.co/2O0N8EiVtf 🔥🔥 https://t.co/t1bxLFQJDs

aboutsecurity: @SANSInstitute @ErikVaBu Congrats Erik!!

aboutsecurity: @FireEye https://t.co/svhAoXpOef

aboutsecurity: @randymarchany You’re too kind Randy! It’s easier when you have great content from co-authors like @eric_conrad & @SecurityMapper. Means a lot to me coming from you though 😉

kyleehmke: Late on this one, but suspicious domain vividhoneybottles[.]com was registered through MonoVM on 6/22 using genovesi_97@protonmail[.]com and currently resolves to MivoCloud IP 94.158.245[.]156. https://t.co/W9egOvfxSZ

kyleehmke: Suspicious domain teamsworkspace[.]com was registered through Web4Africa on 4/25 and just recently began resolving to a probable dedicated server at 46.101.5[.]144. https://t.co/PwJVQUpEiI

kyleehmke: Cont... juvmhpig[.]com (5.181.156[.]74) pulishcx[.]com (185.163.45[.]93) kxcvmifo[.]com (5.252.179[.]54) Don't know who/what this infrastructure is associated with, but it most likely is all related to the same actor/group based on registration and hosting consistencies. https://t.co/xuGlnr6Ra1

kyleehmke: Series of suspicious domains registered through ITitch over the last month where the www subs resolve to MivoCloud IPs: dlaxpcmghd[.]com (185.225.17[.]39) nullxpcmd[.]com (185.225.19[.]28) juvmhpin[.]com (prev. 185.225.19[.]120)... In @ThreatConnect: https://t.co/E2ILpgUtET https://t.co/huLSKMnutP

kyleehmke: Suspicious domain dna-citrix[.]com was registered through Njalla on 9/19 and is hosted on a probable dedicated server at 46.17.96[.]24. https://t.co/NZlc0LhXxk

DissectMalware: @cyberw01f You can use --password if you know the password. Currently, It does not use a dictionary or brute force to crack the password

DissectMalware: @sans_isc @decalage2 Excellent. deobfuscate_string_format.py can also be handy to decode this type of #PowerShell obfuscations: https://t.co/e561DsCtAv * Change utf_16 to utf_8 based on the input format https://t.co/xcxiQlrLRT

DissectMalware: @reecdeep Fantastic! Thanks for sharing. Seems it is fixed. https://t.co/t3kcgUYCVp

Hexacorn: @neu5ron not in my experience but code to handle them can be found inside richedit and msftedit dlls

Hexacorn: and the final one... keyboard shortcuts don't work until this bad UI design pattern disappears https://t.co/eWAe7xfVOU

Hexacorn: one more pic.... https://t.co/Ghr49QC3Am

Hexacorn: https://t.co/wyI1WJdkdo

Hexacorn: https://t.co/rhQYZDw5Zl

JCyberSec_: @musalbas And that is fair enough. I agree some parts are broken and some orgs peddle useless features. There are secure ways to share data but with the continued abuse of pastebin this is only adding wood to a fire.

JCyberSec_: Come on people. Let's not start attacking other people's professions. We are all working hard within our own areas of expertise. Support, guidance, and advise. Not insults, abuse, and attacks. https://t.co/ywE9iZqC4m

JCyberSec_: @musalbas Comments like this show a high level of unprofessionalism and a disrespect for an industry working to ensure innocent victims are protected. We all have different remits and roles in this world. We need to work together to at all levels not infighting between sectors.

JCyberSec_: @StevenFolek @urlscanio I'd assume it would be a 404 for a single view paste and a 401/403 for a passworded paste.

JCyberSec_: @0xkyle Love one of the Exfil addresses is to a protonmail address. Phish and store their own users on their platform. @ProtonMail want to remove this user id suggest.

nullcookies: @Viking_Sec Demons

nullcookies: @IanBarwise @nickthetait This is art.

campuscodi: German-made FinSpy spyware found in Egypt, and Mac and Linux versions revealed https://t.co/nqcNHwUaXp https://t.co/dONnREZt6Y

SBousseaden: @Tarek_Radah https://t.co/yaiMNWA199

SBousseaden: one way to check windows machines with UAC turned off is to notify on explorer.exe with high integrity level. related but not valid for all situations explorer.exe with cmdline NOUACCHEK (observed while logged in with default admin) https://t.co/XBxyN6ymc4

SBousseaden: added also a packet capture example for the spoolsample technique to the PCAP-ATTACK repo https://t.co/83rwaoPyab https://t.co/Ch68VvxFIs https://t.co/aZEd3E3r0t

SBousseaden: Some core Windows process have almost no executable file creation activity #detection #ThreatHunting https://t.co/jHA3JRZNH4 https://t.co/BN8bKHMhjY

424f424f: @C0axx Nope.

lazyactivist192: @VirgoMenace @excel187 @EdGonza67974098 @reasonableman20 @SuzanneAldrich @mjhegar I try not to make it an automatic attack, but I'm sorry if it didn't read like that. I think the reason automatic attacks happen is because text based communication removes an emotional expression that a lot of us depend on to identify context/meaning (if that makes sense?)

lazyactivist192: @VirgoMenace @excel187 @EdGonza67974098 @reasonableman20 @SuzanneAldrich @mjhegar Fair, but now I have to ask, if my opinions are based on personal observations, are they facts? Because some of the most successful people I know have tattoos.

lazyactivist192: @MalwareJake Ah like Saturday cartoons! This'll go swell!

lazyactivist192: @MalwareJake ... how do you even get any work done?

lazyactivist192: @VirgoMenace @excel187 @EdGonza67974098 @reasonableman20 @SuzanneAldrich @mjhegar "It makes you look dirty" is an opinion. The rest of the comment was an observation, but he definitely stated an opinion in the beginning.

FewAtoms: #malware #cybersecurity #opendir #infosec #threathunting hxxp://thdyprivatecloudshareandfileprotectgent.duckdns.org/receipt/ https://t.co/KKOiB28fEv

FewAtoms: @moonbas3 @pmelson @James_inthe_box thank you all for this party :)) https://t.co/wiPBXwAPOy

FewAtoms: @James_inthe_box thanks

reecdeep: #Gozi #Malware #ISFB targets #Italy 🇮🇹 "Organizzazione Mondiale della Sanità - Italia" ➡️hxxp://service.idealfurnitureoutlet.com/servizi.dll c2 🔥 1⃣web.cindycrawfordgroup.]com 2⃣sertificatkey[.com/upload/iputil.rar 3⃣https://t.co/b0Q7WPftyI @AgidCert #infosec #CyberSecurity https://t.co/h03Pgh7266

reecdeep: 😈#Malware #xpertrat #trojan targets #Italy 🇮🇹 "Buongiorno In allegato invio copia del bonifico in quanto il mio collega non è al lavoro Distint saluti" c2🔥 91.193].75.200 79.134.]225.97 https://t.co/eRaHR4FJj9 @guelfoweb @csirt_it @VirITeXplorer #CyberSecurity #infosec https://t.co/wkIOXAcQMH

reecdeep: 🆒XLM DEOBFUSCATOR by @DissectMalware has been fixed to open all recent XLS files in recent campaigns like "AGENZIA DELLE ENTRATE" "INPS" 👏A very big thank you Mr. @DissectMalware 👏 @guelfoweb @Marco_Ramilli @VirITeXplorer #CyberSecurity #infosec https://t.co/S3dwepdjz8

luc4m: And .... 😅😅🤣 https://t.co/3v8Amo81GG https://t.co/aV6j9jvHdB

3xp0rtblog: The mentioned function is adding clipper to startup tasks.

3xp0rtblog: Attention! "InjReg.CopyAndShelduderInizialize();" function gives error when debugging and executing because it wants to delete not exists folder. File without "InjReg.CopyAndShelduderInizialize()" instruction executing: https://t.co/Xcze8qBHKW https://t.co/ufS0Cvi4Wu https://t.co/FkHpS9D7MF

3xp0rtblog: @58_158_177_102 @Abjuri5t @Amigo_A_ @Bank_Security @BleepinComputer @Jan0fficial @LawrenceAbrams @abuse_ch @anyrun_app @campuscodi @malwareforme @sS55752750

----Vulners.com High Sev. Last 3 Days----

CVSS: 6.8 Security update for chromium (important)

CVSS: 7.5 Security update for libqt4 (moderate)

CVSS: 6.8 Ubuntu 16.04 LTS : Gnuplot vulnerabilities (USN-4541-1)

CVSS: 7.1 Ubuntu 16.04 LTS : libquicktime vulnerabilities (USN-4545-1)

CVSS: 6.8 Ubuntu 20.04 LTS : Sanitize vulnerability (USN-4543-1)

CVSS: 6.8 Security update for chromium (important)

CVSS: 9.3 Security update for samba (important)

CVSS: 6.8 Security update for jasper (moderate)

CVSS: 7.5 Ubuntu 18.04 LTS : atftpd vulnerabilities (USN-4540-1)

CVSS: 7.2 Cisco IOS XR Software Authenticated User Privilege Escalation (cisco-sa-iosxr-LJtNFjeN)

CVSS: 6.8 Microsoft Edge (Chromium) < 85.0.564.44 RCE

CVSS: 6.8 Sanitize vulnerability

CVSS: 7.1 libquicktime vulnerabilities

CVSS: 6.8 Gnuplot vulnerabilities

CVSS: 9.3 openSUSE Security Update : samba (openSUSE-2020-1513)

CVSS: 9.0 Citrix SD-WAN WANOP Multiple Vulnerabilities (CTX281474)

CVSS: 8.5 Xen PCI Passthrough Code Reading Back Hardware Registers DoS (XSA-337)

CVSS: 9.0 Citrix ADC and Citrix NetScaler Gateway Multiple Vulnerabilities (CTX281474)

CVSS: 7.5 Debian DSA-4766-1 : rails - security update

CVSS: 7.1 Node.js multiple vulnerabilities (September 2020 Security Releases).

CVSS: 7.5 Feds Hit with Successful Cyberattack, Data Stolen

CVSS: 7.5 Security update for roundcubemail (moderate)

CVSS: 6.8 Security update for jasper (moderate)

CVSS: 9.3 Security update for samba (important)

CVSS: 7.5 CVE-2020-13508

CVSS: 7.5 CVE-2020-13500

CVSS: 7.5 CVE-2020-13507

CVSS: 7.5 CVE-2020-13503

CVSS: 7.5 CVE-2020-13505

CVSS: 7.5 CVE-2020-13499

CVSS: 7.5 CVE-2020-13501

CVSS: 7.2 (RHSA-2020:3836) Important: kernel security update

CVSS: 6.8 Major Instagram App Bug Could've Given Hackers Remote Access to Your Phone

CVSS: 9.3 Fedora 32 : 2:samba (2020-0be2776ed3)

CVSS: 7.8 olcne nginx security update

CVSS: 7.8 Linux kernel vulnerabilities

CVSS: 10.0 3S CoDeSys (Update A)

CVSS: 6.5 Ubuntu 18.04 LTS : SPIP vulnerabilities (USN-4536-1)

CVSS: 9.3 HP iLO 3 < 1.93 / HP iLO 4 < 2.75 / HP iLO 5 < 2.18 Ripple20 Multiple vulnerabilities

CVSS: 7.2 RHEL 6 : kernel (RHSA-2020:3836)

CVSS: 6.8 VMware Fusion 11.x Privilege Escalation (VMSA-2020-0020)

CVSS: 7.5 atftpd vulnerabilities

CVSS: 6.5 SPIP vulnerabilities

----NVD Last 3 Days----

CVE#: CVE-2015-4719 Published Date: 2020-09-24 CVSS: NO CVSS Description: The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request.

CVE#: CVE-2016-11086 Published Date: 2020-09-24 CVSS: NO CVSS Description: lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.

CVE#: CVE-2017-17477 Published Date: 2020-09-25 CVSS: NO CVSS Description: Pexip Infinity before 17 allows an unauthenticated remote attacker to achieve stored XSS via management web interface views.

CVE#: CVE-2018-10432 Published Date: 2020-09-25 CVSS: NO CVSS Description: Pexip Infinity before 18 allows Remote Denial of Service (TLS handshakes in RTMP).

CVE#: CVE-2018-10585 Published Date: 2020-09-25 CVSS: NO CVSS Description: Pexip Infinity before 18 allows remote Denial of Service (XML parsing).

CVE#: CVE-2018-6447 Published Date: 2020-09-25 CVSS: NO CVSS Description: A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.

CVE#: CVE-2018-6448 Published Date: 2020-09-25 CVSS: NO CVSS Description: A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host.

CVE#: CVE-2018-6449 Published Date: 2020-09-25 CVSS: NO CVSS Description: Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers

CVE#: CVE-2019-11556 Published Date: 2020-09-25 CVSS: NO CVSS Description: Pagure before 5.6 allows XSS via the templates/blame.html blame view.

CVE#: CVE-2019-16211 Published Date: 2020-09-25 CVSS: NO CVSS Description: Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability.

CVE#: CVE-2019-16212 Published Date: 2020-09-25 CVSS: NO CVSS Description: A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated attacker to conduct an LDAP injection. The vulnerability could allow a remote attacker to bypass the authentication process.

CVE#: CVE-2019-7177 Published Date: 2020-09-25 CVSS: NO CVSS Description: Pexip Infinity before 20.1 allows Code Injection onto nodes via an admin.

CVE#: CVE-2019-7178 Published Date: 2020-09-25 CVSS: NO CVSS Description: Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup.

CVE#: CVE-2020-11805 Published Date: 2020-09-25 CVSS: NO CVSS Description: Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN.

CVE#: CVE-2020-12280 Published Date: 2020-09-24 CVSS: NO CVSS Description: iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php.

CVE#: CVE-2020-12281 Published Date: 2020-09-24 CVSS: NO CVSS Description: iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php.

CVE#: CVE-2020-12282 Published Date: 2020-09-24 CVSS: NO CVSS Description: iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)

CVE#: CVE-2020-12811 Published Date: 2020-09-24 CVSS: NO CVSS Description: An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting (XSS) via the Identify Provider name field.

CVE#: CVE-2020-12815 Published Date: 2020-09-24 CVSS: NO CVSS Description: An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject script related HTML tags via IPv4/IPv6 address fields.

CVE#: CVE-2020-12816 Published Date: 2020-09-24 CVSS: NO CVSS Description: An improper neutralization of input vulnerability in FortiNAC before 8.7.2 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users.

CVE#: CVE-2020-12817 Published Date: 2020-09-24 CVSS: NO CVSS Description: An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacker to inject script related HTML tags via Name parameter of Storage Connectors.

CVE#: CVE-2020-12818 Published Date: 2020-09-24 CVSS: NO CVSS Description: An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed.

CVE#: CVE-2020-12824 Published Date: 2020-09-25 CVSS: NO CVSS Description: Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP.

CVE#: CVE-2020-12837 Published Date: 2020-09-24 CVSS: NO CVSS Description: ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used.

CVE#: CVE-2020-12838 Published Date: 2020-09-24 CVSS: NO CVSS Description: ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php.

CVE#: CVE-2020-12839 Published Date: 2020-09-24 CVSS: NO CVSS Description: ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php.

CVE#: CVE-2020-12840 Published Date: 2020-09-24 CVSS: NO CVSS Description: ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php

CVE#: CVE-2020-12841 Published Date: 2020-09-24 CVSS: NO CVSS Description: ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php

CVE#: CVE-2020-12842 Published Date: 2020-09-24 CVSS: NO CVSS Description: ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php.

CVE#: CVE-2020-12843 Published Date: 2020-09-24 CVSS: NO CVSS Description: ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used.

CVE#: CVE-2020-13119 Published Date: 2020-09-24 CVSS: NO CVSS Description: ismartgate PRO 1.5.9 is vulnerable to clickjacking.

CVE#: CVE-2020-13387 Published Date: 2020-09-25 CVSS: NO CVSS Description: Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323.

CVE#: CVE-2020-13499 Published Date: 2020-09-24 CVSS: 5.9 Description: An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks.

CVE#: CVE-2020-13500 Published Date: 2020-09-24 CVSS: 5.9 Description: SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks.

CVE#: CVE-2020-13501 Published Date: 2020-09-24 CVSS: 5.9 Description: An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable to unauthenticated SQL injection attacks.

CVE#: CVE-2020-13502 Published Date: 2020-09-24 CVSS: NO CVSS Description: An exploitable SQL injection vulnerability exists in the DNAPoints.asmx web Service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. A specially crafted SOAP web request can cause an SQL injection resulting in data compromise. An attacker can send an unauthenticated HTTP request to trigger this vulnerability.

CVE#: CVE-2020-13503 Published Date: 2020-09-24 CVSS: NO CVSS Description: Parameter AttFilterName in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.

CVE#: CVE-2020-13504 Published Date: 2020-09-24 CVSS: NO CVSS Description: Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.

CVE#: CVE-2020-13505 Published Date: 2020-09-24 CVSS: NO CVSS Description: Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.

CVE#: CVE-2020-13507 Published Date: 2020-09-24 CVSS: NO CVSS Description: An SQL injection vulnerability exists in the Alias.asmx Web Service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Parameter OrigID in Alias.asmx is vulnerable to unauthenticated SQL injection attacks An attacker can send unauthenticated HTTP requests to trigger this vulnerability.

CVE#: CVE-2020-13508 Published Date: 2020-09-24 CVSS: NO CVSS Description: An SQL injection vulnerability exists in the Alias.asmx Web Service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Parameter AliasName in Alias.asmx is vulnerable to unauthenticated SQL injection attacks. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.

CVE#: CVE-2020-13521 Published Date: 2020-09-24 CVSS: NO CVSS Description: Parameter psAttribute in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks.Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. An attacker can send unauthenticated HTTP requests to trigger this vulnerability.

CVE#: CVE-2020-13991 Published Date: 2020-09-24 CVSS: NO CVSS Description: vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register.

CVE#: CVE-2020-13995 Published Date: 2020-09-25 CVSS: NO CVSS Description: U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable (sBuffer) leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as DES_info or image_info. By controlling that pointer, one achieves an arbitrary write when its fields are assigned. The data written is from a potentially untrusted NITF file in the form of an integer. The attacker can gain control of the instruction pointer.

CVE#: CVE-2020-14495 Published Date: 2020-09-25 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

CVE#: CVE-2020-15160 Published Date: 2020-09-24 CVSS: NO CVSS Description: PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8

CVE#: CVE-2020-15161 Published Date: 2020-09-24 CVSS: NO CVSS Description: In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. The problem is fixed in 1.7.6.8

CVE#: CVE-2020-15162 Published Date: 2020-09-24 CVSS: NO CVSS Description: In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files. These attachments allowed people to input malicious JavaScript which triggered an XSS payload. The problem is fixed in version 1.7.6.8.

CVE#: CVE-2020-15190 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `tf.raw_ops.Switch` operation takes as input a tensor and a boolean and outputs two tensors. Depending on the boolean value, one of the tensors is exactly the input tensor whereas the other one should be an empty tensor. However, the eager runtime traverses all tensors in the output. Since only one of the tensors is defined, the other one is `nullptr`, hence we are binding a reference to `nullptr`. This is undefined behavior and reported as an error if compiling with `-fsanitize=null`. In this case, this results in a segmentation fault The issue is patched in commit da8558533d925694483d2c136a9220d6d49d843c, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15191 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to `dlpack.to_dlpack` the expected validations will cause variables to bind to `nullptr` while setting a `status` variable to the error condition. However, this `status` argument is not properly checked. Hence, code following these methods will bind references to null pointers. This is undefined behavior and reported as an error if compiling with `-fsanitize=null`. The issue is patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8 and is released in TensorFlow versions 2.2.1, or 2.3.1.

CVE#: CVE-2020-15192 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to `dlpack.to_dlpack` there is a memory leak following an expected validation failure. The issue occurs because the `status` argument during validation failures is not properly checked. Since each of the above methods can return an error status, the `status` value must be checked before continuing. The issue is patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8 and is released in TensorFlow versions 2.2.1, or 2.3.1.

CVE#: CVE-2020-15193 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing in a Python object instead of a tensor. The uninitialized memory address is due to a `reinterpret_cast` Since the `PyObject` is a Python object, not a TensorFlow Tensor, the cast to `EagerTensor` fails. The issue is patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8 and is released in TensorFlow versions 2.2.1, or 2.3.1.

CVE#: CVE-2020-15194 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `SparseFillEmptyRowsGrad` implementation has incomplete validation of the shapes of its arguments. Although `reverse_index_map_t` and `grad_values_t` are accessed in a similar pattern, only `reverse_index_map_t` is validated to be of proper shape. Hence, malicious users can pass a bad `grad_values_t` to trigger an assertion failure in `vec`, causing denial of service in serving installations. The issue is patched in commit 390611e0d45c5793c7066110af37c8514e6a6c54, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1."

CVE#: CVE-2020-15195 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` uses a double indexing pattern. It is possible for `reverse_index_map(i)` to be an index outside of bounds of `grad_values`, thus resulting in a heap buffer overflow. The issue is patched in commit 390611e0d45c5793c7066110af37c8514e6a6c54, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15196 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow version 2.3.0, the `SparseCountSparseOutput` and `RaggedCountSparseOutput` implementations don't validate that the `weights` tensor has the same shape as the data. The check exists for `DenseCountSparseOutput`, where both tensors are fully specified. In the sparse and ragged count weights are still accessed in parallel with the data. But, since there is no validation, a user passing fewer weights than the values for the tensors can generate a read from outside the bounds of the heap buffer allocated for the weights. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

CVE#: CVE-2020-15197 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the `indices` tensor has rank 2. This tensor must be a matrix because code assumes its elements are accessed as elements of a matrix. However, malicious users can pass in tensors of different rank, resulting in a `CHECK` assertion failure and a crash. This can be used to cause denial of service in serving installations, if users are allowed to control the components of the input sparse tensor. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

CVE#: CVE-2020-15198 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the `indices` tensor has the same shape as the `values` one. The values in these tensors are always accessed in parallel. Thus, a shape mismatch can result in accesses outside the bounds of heap allocated buffers. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

CVE#: CVE-2020-15199 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the `splits` tensor has the minimum required number of elements. Code uses this quantity to initialize a different data structure. Since `BatchedMap` is equivalent to a vector, it needs to have at least one element to not be `nullptr`. If user passes a `splits` tensor that is empty or has exactly one element, we get a `SIGABRT` signal raised by the operating system. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

CVE#: CVE-2020-15200 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the `splits` tensor generate a valid partitioning of the `values` tensor. Thus, the code sets up conditions to cause a heap buffer overflow. A `BatchedMap` is equivalent to a vector where each element is a hashmap. However, if the first element of `splits_values` is not 0, `batch_idx` will never be 1, hence there will be no hashmap at index 0 in `per_batch_counts`. Trying to access that in the user code results in a segmentation fault. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

CVE#: CVE-2020-15201 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the `splits` tensor generate a valid partitioning of the `values` tensor. Hence, the code is prone to heap buffer overflow. If `split_values` does not end with a value at least `num_values` then the `while` loop condition will trigger a read outside of the bounds of `split_values` once `batch_idx` grows too large. The issue is patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02 and is released in TensorFlow version 2.3.1.

CVE#: CVE-2020-15202 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. However, there are several places in TensorFlow where a lambda taking `int` or `int32` arguments is being used. In these cases, if the amount of work to be parallelized is large enough, integer truncation occurs. Depending on how the two arguments of the lambda are used, this can result in segfaults, read/write outside of heap allocated arrays, stack overflows, or data corruption. The issue is patched in commits 27b417360cbd671ef55915e4bb6bb06af8b8a832 and ca8c013b5e97b1373b3bb1c97ea655e69f31a575, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15203 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a `printf` call is constructed. This may result in segmentation fault. The issue is patched in commit 33be22c65d86256e6826666662e40dbdfe70ee83, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15204 Published Date: 2020-09-25 CVSS: NO CVSS Description: In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling `tf.raw_ops.GetSessionHandle` or `tf.raw_ops.GetSessionHandleV2` results in a null pointer dereference In linked snippet, in eager mode, `ctx->session_state()` returns `nullptr`. Since code immediately dereferences this, we get a segmentation fault. The issue is patched in commit 9a133d73ae4b4664d22bd1aa6d654fec13c52ee1, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15205 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after `ee ff` are contents from the memory stack. Since these can contain return addresses, this data leak can be used to defeat ASLR. The issue is patched in commit 0462de5b544ed4731aa2fb23946ac22c01856b80, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15206 Published Date: 2020-09-25 CVSS: NO CVSS Description: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using `tensorflow-serving` or other inference-as-a-service installments. Fixed were added in commits f760f88b4267d981e13f4b302c437ae800445968 and fcfef195637c6e365577829c4d67681695956e7d (both going into TensorFlow 2.2.0 and 2.3.0 but not yet backported to earlier versions). However, this was not enough, as #41097 reports a different failure mode. The issue is patched in commit adf095206f25471e864a8e63a0f1caef53a0e3a6, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15207 Published Date: 2020-09-25 CVSS: NO CVSS Description: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses `ResolveAxis` to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debug builds. If the `DCHECK` does not trigger, then code execution moves ahead with a negative index. This, in turn, results in accessing data out of bounds which results in segfaults and/or data corruption. The issue is patched in commit 2d88f470dea2671b430884260f3626b1fe99830a, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15208 Published Date: 2020-09-25 CVSS: NO CVSS Description: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can craft cases where this is larger than that of the second tensor. In turn, this would result in reads/writes outside of bounds since the interpreter will wrongly assume that there is enough data in both tensors. The issue is patched in commit 8ee24e7949a203d234489f9da2c5bf45a7d5157d, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15209 Published Date: 2020-09-25 CVSS: NO CVSS Description: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one. The runtime assumes that these buffers are written to before a possible read, hence they are initialized with `nullptr`. However, by changing the buffer index for a tensor and implicitly converting that tensor to be a read-write one, as there is nothing in the model that writes to it, we get a null pointer dereference. The issue is patched in commit 0b5662bc, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15210 Published Date: 2020-09-25 CVSS: NO CVSS Description: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. We have patched the issue in d58c96946b and will release patch releases for all versions between 1.15 and 2.3. We recommend users to upgrade to TensorFlow 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.

CVE#: CVE-2020-15211 Published Date: 2020-09-25 CVSS: NO CVSS Description: In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices for the tensors, indexing into an array of tensors that is owned by the subgraph. This results in a pattern of double array indexing when trying to get the data of each tensor. However, some operators can have some tensors be optional. To handle this scenario, the flatbuffer model uses a negative `-1` value as index for these tensors. This results in special casing during validation at model loading time. Unfortunately, this means that the `-1` index is a valid tensor index for any operator, including those that don't expect optional inputs and including for output tensors. Thus, this allows writing and reading from outside the bounds of heap allocated arrays, although only at a specific offset from the start of these arrays. This results in both read and write gadgets, albeit very limited in scope. The issue is patched in several commits (46d5b0852, 00302787b7, e11f5558, cd31fd0ce, 1970c21, and fff2c83), and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to the model loading code to ensure that only operators which accept optional inputs use the `-1` special value and only for the tensors that they expect to be optional. Since this allow-list type approach is erro-prone, we advise upgrading to the patched code.

CVE#: CVE-2020-15212 Published Date: 2020-09-25 CVSS: NO CVSS Description: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to `segment_ids_data` can alter `output_index` and then write to outside of `output_data` buffer. This might result in a segmentation fault but it can also be used to further corrupt the memory and can be chained with other vulnerabilities to create more advanced exploits. The issue is patched in commit 204945b19e44b57906c9344c0d00120eeeae178a and is released in TensorFlow versions 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to the model loading code to ensure that the segment ids are all positive, although this only handles the case when the segment ids are stored statically in the model. A similar validation could be done if the segment ids are generated at runtime between inference steps. If the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.

CVE#: CVE-2020-15213 Published Date: 2020-09-25 CVSS: NO CVSS Description: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor, attackers can use a very large value to trigger a large allocation. The issue is patched in commit 204945b19e44b57906c9344c0d00120eeeae178a and is released in TensorFlow versions 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to limit the maximum value in the segment ids tensor. This only handles the case when the segment ids are stored statically in the model, but a similar validation could be done if the segment ids are generated at runtime, between inference steps. However, if the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.

CVE#: CVE-2020-15214 Published Date: 2020-09-25 CVSS: NO CVSS Description: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the dimensionality of output tensor. This results in allocating insufficient memory for the output tensor and in a write outside the bounds of the output array. This usually results in a segmentation fault, but depending on runtime conditions it can provide for a write gadget to be used in future memory corruption-based exploits. The issue is patched in commit 204945b19e44b57906c9344c0d00120eeeae178a and is released in TensorFlow versions 2.2.1, or 2.3.1. A potential workaround would be to add a custom `Verifier` to the model loading code to ensure that the segment ids are sorted, although this only handles the case when the segment ids are stored statically in the model. A similar validation could be done if the segment ids are generated at runtime between inference steps. If the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.

CVE#: CVE-2020-15222 Published Date: 2020-09-24 CVSS: NO CVSS Description: In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.31.0, when using "private_key_jwt" authentication the uniqueness of the `jti` value is not checked. When using client authentication method "private_key_jwt", OpenId specification says the following about assertion `jti`: "A unique identifier for the token, which can be used to prevent reuse of the token. These tokens MUST only be used once, unless conditions for reuse were negotiated between the parties". Hydra does not seem to check the uniqueness of this `jti` value. This problem is fixed in version 0.31.0.

CVE#: CVE-2020-15223 Published Date: 2020-09-24 CVSS: NO CVSS Description: In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.34.0, the `TokenRevocationHandler` ignores errors coming from the storage. This can lead to unexpected 200 status codes indicating successful revocation while the token is still valid. Whether an attacker can use this for her advantage depends on the ability to trigger errors in the store. This is fixed in version 0.34.0

CVE#: CVE-2020-15369 Published Date: 2020-09-25 CVSS: NO CVSS Description: Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remote host.

CVE#: CVE-2020-15370 Published Date: 2020-09-25 CVSS: NO CVSS Description: Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. The vulnerability is due to incorrectly logging the user password in log files.

CVE#: CVE-2020-15371 Published Date: 2020-09-25 CVSS: NO CVSS Description: Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability.

CVE#: CVE-2020-15372 Published Date: 2020-09-25 CVSS: NO CVSS Description: A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging.

CVE#: CVE-2020-15373 Published Date: 2020-09-25 CVSS: NO CVSS Description: Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks.

CVE#: CVE-2020-15374 Published Date: 2020-09-25 CVSS: NO CVSS Description: Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input.

CVE#: CVE-2020-15394 Published Date: 2020-09-25 CVSS: NO CVSS Description: The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution.

CVE#: CVE-2020-15521 Published Date: 2020-09-25 CVSS: NO CVSS Description: Zoho ManageEngine Applications Manager before 14 build 14730 has no protection against jsp/header.jsp Cross-site Scripting (XSS) .

CVE#: CVE-2020-15604 Published Date: 2020-09-24 CVSS: NO CVSS Description: An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. CWE-494: Update files are not properly verified.

CVE#: CVE-2020-15840 Published Date: 2020-09-24 CVSS: NO CVSS Description: In Liferay Portal before 7.3.1, Liferay Portal 6.2 EE, and Liferay DXP 7.2, DXP 7.1 and DXP 7.0, the property 'portlet.resource.id.banned.paths.regexp' can be bypassed with doubled encoded URLs.

CVE#: CVE-2020-15843 Published Date: 2020-09-24 CVSS: NO CVSS Description: ActFax Version 7.10 Build 0335 (2020-05-25) is susceptible to a privilege escalation vulnerability due to insecure folder permissions on %PROGRAMFILES%\ActiveFax\Client\, %PROGRAMFILES%\ActiveFax\Install\ and %PROGRAMFILES%\ActiveFax\Terminal\. The folder permissions allow "Full Control" to "Everyone". An authenticated local attacker can exploit this to replace the TSClientB.exe binary in the Terminal directory, which is executed on logon for every user. Alternatively, the attacker can replace any of the binaries in the Client or Install directories. The latter requires additional user interaction, for example starting the client.

CVE#: CVE-2020-15850 Published Date: 2020-09-24 CVSS: NO CVSS Description: Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. This occurs because the database containing the users of the web application and the password-recovery secret value is readable.

CVE#: CVE-2020-15851 Published Date: 2020-09-24 CVSS: NO CVSS Description: Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. It is also possible to create or delete backup repositories.

CVE#: CVE-2020-15930 Published Date: 2020-09-24 CVSS: NO CVSS Description: An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag.

CVE#: CVE-2020-16147 Published Date: 2020-09-24 CVSS: NO CVSS Description: The login page in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell access via Unauthenticated code injection over the network.

CVE#: CVE-2020-16148 Published Date: 2020-09-24 CVSS: NO CVSS Description: The ping page of the administration panel in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell access via authenticated code injection over the network.

CVE#: CVE-2020-16242 Published Date: 2020-09-25 CVSS: NO CVSS Description: The affected product is vulnerable to cross-site scripting (XSS), which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts.

CVE#: CVE-2020-17365 Published Date: 2020-09-24 CVSS: NO CVSS Description: Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access. The vulnerability allows a local user to corrupt system files: a local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.

CVE#: CVE-2020-19447 Published Date: 2020-09-24 CVSS: NO CVSS Description: SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter.

CVE#: CVE-2020-19450 Published Date: 2020-09-25 CVSS: NO CVSS Description: SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter.

CVE#: CVE-2020-19451 Published Date: 2020-09-25 CVSS: NO CVSS Description: SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter.

CVE#: CVE-2020-19455 Published Date: 2020-09-25 CVSS: NO CVSS Description: SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter.

CVE#: CVE-2020-22453 Published Date: 2020-09-24 CVSS: NO CVSS Description: Untis WebUntis before 2020.9.6 allows XSS in multiple functions that store information.

CVE#: CVE-2020-23837 Published Date: 2020-09-25 CVSS: NO CVSS Description: A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS allows remote attackers to add admin (or other) users after an authenticated admin visits a third-party site or clicks on a URL.

CVE#: CVE-2020-24365 Published Date: 2020-09-24 CVSS: NO CVSS Description: An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices. The Monitor Diagnostic network page allows an authenticated attacker to execute a command directly on the target machine. Commands are executed as the root user (uid 0). (Even if a login is required, most routers are left with default credentials.)

CVE#: CVE-2020-24560 Published Date: 2020-09-24 CVSS: NO CVSS Description: An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. CWE-295: Improper server certificate verification in the communication with the update server.

CVE#: CVE-2020-24592 Published Date: 2020-09-25 CVSS: NO CVSS Description: Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.

CVE#: CVE-2020-24593 Published Date: 2020-09-25 CVSS: NO CVSS Description: Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation.

CVE#: CVE-2020-24594 Published Date: 2020-09-25 CVSS: NO CVSS Description: Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session.

CVE#: CVE-2020-24595 Published Date: 2020-09-25 CVSS: NO CVSS Description: Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control.

CVE#: CVE-2020-24615 Published Date: 2020-09-25 CVSS: NO CVSS Description: Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP.

CVE#: CVE-2020-24621 Published Date: 2020-09-25 CVSS: NO CVSS Description: A remote code execution (RCE) vulnerability was discovered in the htmlformentry (aka HTML Form Entry) module before 3.11.0 for OpenMRS. By leveraging path traversal, a malicious Velocity Template Language file could be written to a directory. This file could then be accessed and executed.

CVE#: CVE-2020-24692 Published Date: 2020-09-25 CVSS: NO CVSS Description: The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could allow an attacker to gain access to a user session.

CVE#: CVE-2020-24718 Published Date: 2020-09-25 CVSS: NO CVSS Description: bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.

CVE#: CVE-2020-25084 Published Date: 2020-09-25 CVSS: NO CVSS Description: QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.

CVE#: CVE-2020-25085 Published Date: 2020-09-25 CVSS: NO CVSS Description: QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.

CVE#: CVE-2020-25130 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. Sending an improper variable type of Array allows a bypass of core SQL Injection sanitization. Authenticated users are able to inject malicious SQL queries. This vulnerability leads to full database leak including ckeys that can be used in the authentication process without knowing the username and cleartext password. This can occur via the ajax/actions.php group_id field.

CVE#: CVE-2020-25131 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the role_name or role_descr parameter to the roles/ URI.

CVE#: CVE-2020-25132 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. Sending the improper variable type Array allows a bypass of core SQL Injection sanitization. Users are able to inject malicious statements in multiple functions. This vulnerability leads to full authentication bypass: any unauthorized user with access to the application is able to exploit this vulnerability. This can occur via the Cookie header to the default URI, within includes/authenticate.inc.php.

CVE#: CVE-2020-25133 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php extension. Inclusion of other files (even though limited to the mentioned extension) can lead to Remote Code Execution. This can occur via /ports/?format=../ URIs to pages/ports.inc.php.

CVE#: CVE-2020-25134 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php extension. Inclusion of other files (even though limited to the mentioned extension) can lead to Remote Code Execution. This can occur via /settings/?format=../ URIs to pages/settings.inc.php.

CVE#: CVE-2020-25135 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the graph_title parameter to the graphs/ URI.

CVE#: CVE-2020-25136 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php extension. Inclusion of other files (even though limited to the mentioned extension) can lead to Remote Code Execution. This can occur via /device/device=345/?tab=routing&proto=../ URIs to device/routing.inc.php.

CVE#: CVE-2020-25137 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via the alert_name or alert_message parameter to the /alert_check URI.

CVE#: CVE-2020-25138 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via /alert_check/action=delete_alert_checker/alert_test_id= because of pages/alert_check.inc.php.

CVE#: CVE-2020-25139 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via la_id to the /syslog_rules URI for delete_syslog_rule, because of syslog_rules.inc.php.

CVE#: CVE-2020-25140 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur in pages/contacts.inc.php.

CVE#: CVE-2020-25141 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via a /device/device=140/tab=wifi/view= URI.

CVE#: CVE-2020-25142 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable if any links and forms lack an unpredictable CSRF token. Without such a token, attackers can forge malicious requests, such as for adding Device Settings via the /addsrv URI.

CVE#: CVE-2020-25143 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. This can occur via /ajax/device_entities.php?entity_type=netscalervsvr&device_id[]= because of /ajax/device_entities.php.

CVE#: CVE-2020-25144 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php extension. Inclusion of other files (even though limited to the mentioned extension) can lead to Remote Code Execution. This can occur via /apps/?app=../ URIs.

CVE#: CVE-2020-25145 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php extension. Inclusion of other files (even though limited to the mentioned extension) can lead to Remote Code Execution. This can occur via /device/device=345/?tab=ports&view=../ URIs because of device/port.inc.php.

CVE#: CVE-2020-25146 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via la_id to the /syslog_rules URI for edit_syslog_rule.

CVE#: CVE-2020-25147 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to SQL Injection due to the fact that it is possible to inject malicious SQL statements in malformed parameter types. This can occur via username[0] to the default URI, because of includes/authenticate.inc.php.

CVE#: CVE-2020-25148 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. this can occur via /iftype/type= because of pages/iftype.inc.php.

CVE#: CVE-2020-25149 Published Date: 2020-09-25 CVSS: NO CVSS Description: An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to directory traversal and local file inclusion due to the fact that there is an unrestricted possibility of loading any file with an inc.php extension. Inclusion of other files (even though limited to the mentioned extension) can lead to Remote Code Execution. This can occur via /device/device=345/?tab=health&metric=../ because of device/health.inc.php.

CVE#: CVE-2020-25203 Published Date: 2020-09-25 CVSS: NO CVSS Description: The Framer Preview application 12 for Android exposes com.framer.viewer.FramerViewActivity to other applications. By calling the intent with the action set to android.intent.action.VIEW, any other application is able to load any website/web content into the application's context, which is shown as a full-screen overlay to the user.

CVE#: CVE-2020-25223 Published Date: 2020-09-25 CVSS: NO CVSS Description: A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11

CVE#: CVE-2020-25625 Published Date: 2020-09-25 CVSS: NO CVSS Description: hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.

CVE#: CVE-2020-25726 Published Date: 2020-09-25 CVSS: NO CVSS Description: A Directory Traversal issue was discovered on Hak5 WiFi Pineapple Mark VII 1.x before 1.0.1-beta.2020091914551 devices. An unauthenticated user can connect to the wireless management network, including the open wireless network, and access all files and subdirectories under /pineapple/ui, regardless of file permissions.

CVE#: CVE-2020-25747 Published Date: 2020-09-25 CVSS: NO CVSS Description: The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the camera, rotate the camera, change some settings (brightness, clarity, time), restart the camera, or reset it to factory settings.

CVE#: CVE-2020-25748 Published Date: 2020-09-25 CVSS: NO CVSS Description: A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NTP and RTSP servers and force the camera to use the changed values.

CVE#: CVE-2020-25749 Published Date: 2020-09-25 CVSS: NO CVSS Description: The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static password. The Telnet service cannot be disabled and this password cannot be changed via standard functionality.

CVE#: CVE-2020-26088 Published Date: 2020-09-24 CVSS: NO CVSS Description: A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.

CVE#: CVE-2020-26098 Published Date: 2020-09-25 CVSS: NO CVSS Description: cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).

CVE#: CVE-2020-26099 Published Date: 2020-09-25 CVSS: NO CVSS Description: cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491).

CVE#: CVE-2020-26100 Published Date: 2020-09-25 CVSS: NO CVSS Description: chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).

CVE#: CVE-2020-26101 Published Date: 2020-09-25 CVSS: NO CVSS Description: In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).

CVE#: CVE-2020-26102 Published Date: 2020-09-25 CVSS: NO CVSS Description: In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550).

CVE#: CVE-2020-26103 Published Date: 2020-09-25 CVSS: NO CVSS Description: In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).

CVE#: CVE-2020-26104 Published Date: 2020-09-25 CVSS: NO CVSS Description: In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).

CVE#: CVE-2020-26105 Published Date: 2020-09-25 CVSS: NO CVSS Description: In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).

CVE#: CVE-2020-26106 Published Date: 2020-09-25 CVSS: NO CVSS Description: cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558).

CVE#: CVE-2020-26107 Published Date: 2020-09-25 CVSS: NO CVSS Description: cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).

CVE#: CVE-2020-26108 Published Date: 2020-09-25 CVSS: NO CVSS Description: cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).

CVE#: CVE-2020-26109 Published Date: 2020-09-25 CVSS: NO CVSS Description: cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification (SEC-557).

CVE#: CVE-2020-26110 Published Date: 2020-09-25 CVSS: NO CVSS Description: cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC interfaces (SEC-564).

CVE#: CVE-2020-26111 Published Date: 2020-09-25 CVSS: NO CVSS Description: cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interface (SEC-566).

CVE#: CVE-2020-26112 Published Date: 2020-09-25 CVSS: NO CVSS Description: The email quota cache in cPanel before 90.0.10 allows overwriting of files.

CVE#: CVE-2020-26113 Published Date: 2020-09-25 CVSS: NO CVSS Description: cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces (SEC-569).

CVE#: CVE-2020-26114 Published Date: 2020-09-25 CVSS: 2.7 Description: cPanel before 90.0.10 allows self XSS via the Cron Jobs interface (SEC-573).

CVE#: CVE-2020-26115 Published Date: 2020-09-25 CVSS: 2.7 Description: cPanel before 90.0.10 allows self XSS via the Cron Editor interface (SEC-574).

CVE#: CVE-2020-3141 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE#: CVE-2020-3359 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper validation of mDNS packets. An attacker could exploit this vulnerability by sending a crafted mDNS packet to an affected device. A successful exploit could cause a device to reload, resulting in a DoS condition.

CVE#: CVE-2020-3390 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition on an affected device. The vulnerability is due to the lack of input validation of the information used to generate an SNMP trap in relation to a wireless client connection. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, causing a DoS condition.

CVE#: CVE-2020-3393 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the application-hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. The attacker could execute IOS XE commands outside the application-hosting subsystem Docker container as well as on the underlying Linux operating system. These commands could be run as the root user. The vulnerability is due to a combination of two factors: (a) incomplete input validation of the user payload of CLI commands, and (b) improper role-based access control (RBAC) when commands are issued at the command line within the application-hosting subsystem. An attacker could exploit this vulnerability by using a CLI command with crafted user input. A successful exploit could allow the lower-privileged attacker to execute arbitrary CLI commands with root privileges. The attacker would need valid user credentials to exploit this vulnerability.

CVE#: CVE-2020-3396 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive (SSD) for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections. The vulnerability occurs because the USB 3.0 SSD control data is not stored on the internal boot flash. An attacker could exploit this vulnerability by removing the USB 3.0 SSD, modifying or deleting files on the USB 3.0 SSD by using another device, and then reinserting the USB 3.0 SSD on the original device. A successful exploit could allow the attacker to remove container protections and perform file actions outside the namespace of the container with root privileges.

CVE#: CVE-2020-3399 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient input validation during CAPWAP packet processing. An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device, resulting in a buffer over-read. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

CVE#: CVE-2020-3400 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.The vulnerability is due to insufficient authorization of web UI access requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web UI. A successful exploit could allow the attacker to utilize parts of the web UI for which they are not authorized. This could allow a Read-Only user to perform actions of an Admin user.

CVE#: CVE-2020-3403 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to inject a command to the underlying operating system that will execute with root privileges upon the next reboot of the device. The authenticated user must have privileged EXEC permissions on the device. The vulnerability is due to insufficient protection of values passed to a script that executes during device startup. An attacker could exploit this vulnerability by writing values to a specific file. A successful exploit could allow the attacker to execute commands with root privileges each time the affected device is restarted.

CVE#: CVE-2020-3404 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient enforcement of the consent token in authorizing shell access. An attacker could exploit this vulnerability by authenticating to the persistent Telnet/SSH CLI on an affected device and requesting shell access. A successful exploit could allow the attacker to gain shell access on the affected device and execute commands on the underlying OS with root privileges.

CVE#: CVE-2020-3407 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the RESTCONF and NETCONF-YANG access control list (ACL) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect processing of the ACL that is tied to the RESTCONF or NETCONF-YANG feature. An attacker could exploit this vulnerability by accessing the device using RESTCONF or NETCONF-YANG. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

CVE#: CVE-2020-3408 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

CVE#: CVE-2020-3409 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted PROFINET packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to crash and reload, resulting in a DoS condition on the device.

CVE#: CVE-2020-3414 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect processing of IPv4 or IPv6 traffic to or through an affected device. An attacker could exploit this vulnerability by sending IP traffic to or through an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

CVE#: CVE-2020-3416 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. These vulnerabilities are due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit these vulnerabilities by copying a specific file to the local file system of an affected device and defining specific ROMMON variables. A successful exploit could allow the attacker to run arbitrary code on the underlying operating system (OS) with root privileges. To exploit these vulnerabilities, an attacker would need to have access to the root shell on the device or have physical access to the device.

CVE#: CVE-2020-3417 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable. A successful exploit could allow the attacker to execute persistent code on the underlying OS. To exploit this vulnerability, the attacker would need access to the root shell on the device or have physical access to the device.

CVE#: CVE-2020-3418 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state. The vulnerability is due to an incomplete access control list (ACL) being applied prior to RUN state. An attacker could exploit this vulnerability by connecting to the associated service set identifier (SSID) and sending ICMPv6 traffic. A successful exploit could allow the attacker to send ICMPv6 traffic prior to RUN state.

CVE#: CVE-2020-3421 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. The vulnerabilities are due to incomplete handling of Layer 4 packets through the device. An attacker could exploit these vulnerabilities by sending a certain sequence of traffic patterns through the device. A successful exploit could allow the attacker to cause the device to reload or stop forwarding traffic through the firewall, resulting in a denial of service. For more information about these vulnerabilities, see the Details section of this advisory.

CVE#: CVE-2020-3422 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing port, resulting in a denial of service (DoS) condition. The vulnerability exists because the IP SLA responder could consume a port that could be used by another feature. An attacker could exploit this vulnerability by sending specific IP SLA control packets to the IP SLA responder on an affected device. The control packets must include the port number that could be used by another configured feature. A successful exploit could allow the attacker to cause an in-use port to be consumed by the IP SLA responder, impacting the feature that was using the port and resulting in a DoS condition.

CVE#: CVE-2020-3423 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the implementation of the Lua interpreter that is integrated in Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code with root privileges on the underlying Linux operating system (OS) of an affected device. The vulnerability is due to insufficient restrictions on Lua function calls within the context of user-supplied Lua scripts. An attacker with valid administrative credentials could exploit this vulnerability by submitting a malicious Lua script. When this file is processed, an exploitable buffer overflow condition could occur. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying Linux OS of the affected device.

CVE#: CVE-2020-3425 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVE#: CVE-2020-3426 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. The vulnerability is due to a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. An attacker could exploit this vulnerability by supplying crafted packets to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data or cause the VLPWA interface of the affected device to shut down, resulting in DoS condition.

CVE#: CVE-2020-3428 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect parsing of HTTP packets while performing HTTP-based endpoint device classifications. An attacker could exploit this vulnerability by sending a crafted HTTP packet to an affected device. A successful exploit could cause an affected device to reboot, resulting in a DoS condition.

CVE#: CVE-2020-3429 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect packet processing during the WPA2 and WPA3 authentication handshake when configured for dot1x or pre-shared key (PSK) authentication key management (AKM) with 802.11r BSS Fast Transition (FT) enabled. An attacker could exploit this vulnerability by sending a crafted authentication packet to an affected device. A successful exploit could cause an affected device to reload, resulting in a DoS condition.

CVE#: CVE-2020-3465 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. The vulnerability is due to incorrect handling of certain valid, but not typical, Ethernet frames. An attacker could exploit this vulnerability by sending the Ethernet frames onto the Ethernet segment. A successful exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

CVE#: CVE-2020-3474 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

CVE#: CVE-2020-3475 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these vulnerabilities, see the Details section of this advisory.

CVE#: CVE-2020-3476 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system.

CVE#: CVE-2020-3477 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. The vulnerability is due to insufficient application of restrictions during the execution of a specific command. An attacker could exploit this vulnerability by using a specific command at the command line. A successful exploit could allow the attacker to obtain read-only access to files that are located on the flash: filesystem that otherwise might not have been accessible.

CVE#: CVE-2020-3479 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of Border Gateway Protocol (BGP) update messages that contain crafted EVPN attributes. An attacker could exploit this vulnerability by sending BGP update messages with specific, malformed attributes to an affected device. A successful exploit could allow the attacker to cause an affected device to crash, resulting in a DoS condition.

CVE#: CVE-2020-3480 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. The vulnerabilities are due to incomplete handling of Layer 4 packets through the device. An attacker could exploit these vulnerabilities by sending a certain sequence of traffic patterns through the device. A successful exploit could allow the attacker to cause the device to reload or stop forwarding traffic through the firewall, resulting in a denial of service. For more information about these vulnerabilities, see the Details section of this advisory.

CVE#: CVE-2020-3486 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

CVE#: CVE-2020-3487 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

CVE#: CVE-2020-3488 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

CVE#: CVE-2020-3489 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

CVE#: CVE-2020-3492 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of certain parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by spoofing the address of an existing Access Point on the network and sending a Control and Provisioning of Wireless Access Points (CAPWAP) packet that includes a crafted Flexible NetFlow Version 9 record to an affected device. A successful exploit could allow the attacker to cause a process crash that would lead to a reload of the device.

CVE#: CVE-2020-3493 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

CVE#: CVE-2020-3494 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

CVE#: CVE-2020-3497 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

CVE#: CVE-2020-3503 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could exploit this vulnerability by connecting to an affected device's guest shell, and accessing or modifying restricted files. A successful exploit could allow the attacker to view or modify restricted information or configurations that are normally not accessible to system administrators.

CVE#: CVE-2020-3508 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition. The vulnerability is due to insufficient error handling when an affected device has reached platform limitations. An attacker could exploit this vulnerability by sending a malicious series of IP ARP messages to an affected device. A successful exploit could allow the attacker to exhaust system resources, which would eventually cause the affected device to reload.

CVE#: CVE-2020-3509 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed. An attacker could exploit this vulnerability by sending a malicious DHCPv4 message to or through a WAN interface of an affected device. A successful exploit could allow the attacker to cause a reload of the affected device. Note: On Cisco cBR-8 Converged Broadband Routers, all of the following are considered WAN interfaces: 10 Gbps Ethernet interfaces 100 Gbps Ethernet interfaces Port channel interfaces that include multiple 10 and/or 100 Gbps Ethernet interfaces

CVE#: CVE-2020-3510 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device. The vulnerability is due to insufficient error handling when parsing DNS requests. An attacker could exploit this vulnerability by sending a series of malicious DNS requests to an Umbrella Connector client interface of an affected device. A successful exploit could allow the attacker to cause a crash of the iosd process, which triggers a reload of the affected device.

CVE#: CVE-2020-3511 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient input validation when the ISDN Q.931 messages are processed. An attacker could exploit this vulnerability by sending a malicious ISDN Q.931 message to an affected device. A successful exploit could allow the attacker to cause the process to crash, resulting in a reload of the affected device.

CVE#: CVE-2020-3512 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

CVE#: CVE-2020-3513 Published Date: 2020-09-24 CVSS: NO CVSS Description: Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. These vulnerabilities are due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit these vulnerabilities by copying a specific file to the local file system of an affected device and defining specific ROMMON variables. A successful exploit could allow the attacker to run arbitrary code on the underlying operating system (OS) with root privileges. To exploit these vulnerabilities, an attacker would need to have access to the root shell on the device or have physical access to the device.

CVE#: CVE-2020-3516 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. The vulnerability is due to insufficient input validation during authentication. An attacker could exploit this vulnerability by entering unexpected characters during a valid authentication. A successful exploit could allow the attacker to crash the web server on the device, which must be manually recovered by disabling and re-enabling the web server.

CVE#: CVE-2020-3524 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. The vulnerability is due to the presence of a debugging configuration option in the affected software. An attacker could exploit this vulnerability by connecting to an affected device through the console, forcing the device into ROMMON mode, and writing a malicious pattern using that specific option on the device. A successful exploit could allow the attacker to break the chain of trust and load a compromised software image on the affected device. A compromised software image is any software image that has not been digitally signed by Cisco.

CVE#: CVE-2020-3526 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a malformed COPS message to the device. A successful exploit could allow the attacker to crash the device.

CVE#: CVE-2020-3527 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device. The vulnerability is due to insufficient packet size validation. An attacker could exploit this vulnerability by sending jumbo frames or frames larger than the configured MTU size to the management interface of this device. A successful exploit could allow the attacker to crash the device fully before an automatic recovery.

CVE#: CVE-2020-3552 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.

CVE#: CVE-2020-3559 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper handling of clients that are trying to connect to the AP. An attacker could exploit this vulnerability by sending authentication requests from multiple clients to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

CVE#: CVE-2020-3560 Published Date: 2020-09-24 CVSS: NO CVSS Description: A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by sending a series of crafted UDP packets to a specific port on an affected device. A successful exploit could either allow the attacker to tear down the connection between the AP and the wireless LAN controller, resulting in the affected device not being able to process client traffic, or cause the vulnerable device to reload, triggering a DoS condition. After the attack, the affected device should automatically recover its normal functions without manual intervention.

CVE#: CVE-2020-4531 Published Date: 2020-09-25 CVSS: NO CVSS Description: IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 182715.

CVE#: CVE-2020-4727 Published Date: 2020-09-25 CVSS: NO CVSS Description: IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim.

CVE#: CVE-2020-5929 Published Date: 2020-09-25 CVSS: NO CVSS Description: In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. Similar error messages when PMS starts with 0 byte coupled with very precise timing measurement observation may also expose this vulnerability.

CVE#: CVE-2020-5930 Published Date: 2020-09-25 CVSS: NO CVSS Description: In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 and BIG-IQ 5.2.0-7.1.0, unauthenticated attackers can cause disruption of service via undisclosed methods.

CVE#: CVE-2020-6020 Published Date: 2020-09-24 CVSS: NO CVSS Description: Check Point Security Management's Internal CA web management before Jumbo HFAs R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator.

CVE#: CVE-2020-6153 Published Date: 2020-09-24 CVSS: NO CVSS Description: An exploitable SQL injection vulnerability exists in the FavoritesService.asmx Web Service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. A specially crafted SOAP web request can cause an SQL injection resulting in data compromise. An attacker can send an unauthenticated HTTP request to trigger this vulnerability.

CVE#: CVE-2020-7735 Published Date: 2020-09-25 CVSS: 5.9 Description: The package ng-packagr before 10.1.1 are vulnerable to Command Injection via the styleIncludePaths option.

CVE#: CVE-2020-8325 Published Date: 2020-09-24 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

CVE#: CVE-2020-8328 Published Date: 2020-09-24 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

CVE#: CVE-2020-8333 Published Date: 2020-09-24 CVSS: NO CVSS Description: A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution

CVE#: CVE-2020-8343 Published Date: 2020-09-24 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

CVE#: CVE-2020-8344 Published Date: 2020-09-24 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

CVE#: CVE-2020-8347 Published Date: 2020-09-24 CVSS: NO CVSS Description: A reflective cross-site scripting (XSS) vulnerability was reported in Lenovo Enterprise Network Disk prior to version 6.1 patch 6 hotfix 4 that could allow execution of code in an authenticated user's browser if a crafted url is visited, possibly through phishing.

CVE#: CVE-2020-8348 Published Date: 2020-09-24 CVSS: NO CVSS Description: A DOM-based cross-site scripting (XSS) vulnerability was reported in Lenovo Enterprise Network Disk prior to version 6.1 patch 6 hotfix 4 that could allow execution of code in an authenticated user's current browser session if a crafted url is visited, possibly through phishing.

----#MALWARE----

abhimirzapur: What is despising ? It's size 421 mb but folder at no any file . Is my system hack ? #Hacked #hackingthevirus… https://t.co/TBepZDiJTA Link with Tweet

CBRN_Analyst: RT @DailyOsint: Domain IPs with malicious executables ➡️https://t.co/Lpb0FFjmhv #osint #domain #blacklist #malicious #malware #cybersec ht… Link with Tweet

cyber_spanish: RT @Norton: School districts from CA to NJ that have been victimized in a rash of #ransomware attacks. Student devices can introduce #malwa…

RuthSilva: RT @threatpost: The #cyberattack featured a unique, multistage #malware and a likely PulseSecure VPN exploit. https://t.co/AAfk4F9izL Link with Tweet

66Iot: RT @WindowOnTech: MT @fisher85m Copy: @MikeQuindazzi @antgrasso What's the Anatomy of a #botnet #attack? #cybercrime #cyberrisk #Hackers…

HeliosCert: Sample submitted 2020-09-27 03:45:02 Dionaea Honeypot Protocol: smbd Sources: ::ffff:49.32.62.95 e3ffc8cc1a73e81… https://t.co/dF0ECXw298 Link with Tweet

SecurityXTV: RT @WindowOnTech: MT @fisher85m Copy: @MikeQuindazzi @antgrasso What's the Anatomy of a #botnet #attack? #cybercrime #cyberrisk #Hackers…

----#PHISHING----

CyberSecDN: Organizations facing nearly 1,200 #phishing attacks each month https://t.co/4BEDae2Pa8 via @Sec_Cyber Link with Tweet

JEMPradio: Phish - Everything's Right>thru>Carini (12-1-19) #CommunityRadio #Phish https://t.co/s9i3jkbCBt Link with Tweet

JEMPradio: Toots & The Maytals - Back On The Train #CommunityRadio #Phish https://t.co/s9i3jkbCBt Link with Tweet

CBRN_Analyst: RT @DailyOsint: OpenPhish gives you real-time phishing activity of the last 24 hours. Top 3 targeted brands by phishing seem to be Outlook…

JEMPradio: Phish - The Moma Dance (8-14-15) #CommunityRadio #Phish https://t.co/s9i3jkbCBt Link with Tweet

turnerburns: RT @livemusicblog: .@Phish will show the Polaris '99 show from Columbus, OH for their next #DinnerAndAMovie livestream this coming Wednesda…

JEMPradio: The Hollies - Don't Let Me Down (1965) #CommunityRadio #Phish https://t.co/s9i3jkbCBt Link with Tweet

JEMPradio: Phish - Paul and Silas (7-22-16) #CommunityRadio #Phish https://t.co/s9i3jkbCBt Link with Tweet

cephalopodluke2: RT @keepnetlabs: The Services That Were Used For Ransomware Infection? https://t.co/VCWVcNkRXB #Security #infosec #spearphishing #phishing… Link with Tweet

----#OSINT----

cyscol: RT @ludoblock: There is so much (more) to learn from URLs, see this very comprehensive talk by @_RyanBenson on Unfurl: https://t.co/zRXl4ub…

Mivax0: Trending tweet RT OSINTtechniques: #OSINT Resources from the OSINT Framework jnordine https://t.co/wtKzAJfUg5… https://t.co/GPPHag3JI1 Link with Tweet Link with Tweet

cyscol: RT @lautyb: [#OSINT] [#linkedIn] A guide to searching LinkedIn by email address https://t.co/jLlvJdLn7J Link with Tweet

cyscol: RT @dutch_osintguy: Opsec tip: If there is no need for it, do not post pictures your desks, computers etc while working from home during #C…

CBRN_Analyst: RT @ludoblock: There is so much (more) to learn from URLs, see this very comprehensive talk by @_RyanBenson on Unfurl: https://t.co/zRXl4ub…

Dataeternum: RT @secou: [OSINT] OSINT tools explained in detail, for investigative journalists, and EVERYONE else! (pdf, 52 p.) https://t.co/GJrOnJpcIi… Link with Tweet

Dataeternum: RT @dutch_osintguy: Tip: Looking for a specific video within your online #osint investigation? Try https://t.co/y24POU0cPM and search in ov… Link with Tweet

CBRN_Analyst: RT @DailyOsint: Searching in over 150 social networks #CheckUserNames tells you what social account an individual or a brand company is usi…

CBRN_Analyst: RT @DailyOsint: In order to find possible #services run by the company, you can check its Google Analytics ID in #dnslytics, and find other…

CBRN_Analyst: RT @DailyOsint: Enter a product name, or the CVE ID if you know it, and get as much detail as possible #service #vulnerability #CVE #CVEd…

CBRN_Analyst: RT @DailyOsint: OpenPhish gives you real-time phishing activity of the last 24 hours. Top 3 targeted brands by phishing seem to be Outlook…

RyansNotAHacker: If you're up, you can help #OSINT #missingpersons #OSINTforGood @TraceLabs @wondersmith_rae anybody local that can… https://t.co/DOZTdnwkc1 Link with Tweet

CBRN_Analyst: RT @DailyOsint: Domain IPs with malicious executables ➡️https://t.co/Lpb0FFjmhv #osint #domain #blacklist #malicious #malware #cybersec ht… Link with Tweet

Tere3452: RT @osintcombine: Excited to release a FREE new Reddit tool to allow for rapid review of posts. View content, sentiment & users in a tabula…

CBRN_Analyst: RT @dutch_osintguy: Opsec tip: If there is no need for it, do not post pictures your desks, computers etc while working from home during #C…

----#THREATINTEL----

Fabriciosx: RT @KirkDBorne: .@Rapid7 was named a @Gartner_inc Magic Quadrant Leader for Security Information & Event Management #SIEM. Get the report F…

ineelbot: RT @KirkDBorne: .@Rapid7 was named a @Gartner_inc Magic Quadrant Leader for Security Information & Event Management #SIEM. Get the report F…

botnowa: RT @KirkDBorne: .@Rapid7 was named a @Gartner_inc Magic Quadrant Leader for Security Information & Event Management #SIEM. Get the report F…

KirkDBorne: .@Rapid7 was named a @Gartner_inc Magic Quadrant Leader for Security Information & Event Management #SIEM. Get the… https://t.co/tiFWE2a2h9 Link with Tweet

MrMikeRobertson: RT @bad_packets: Mass scanning activity detected from 185.64.105.27 (🇱🇹) checking for F5 BIG-IP servers vulnerable to remote code execution…

RDSWEB: RT @thisisgulshan: Iranian #hacker group developed #Android #malware to steal 2FA SMS codes #CyberSecurity #osint #infosec #cyberthreats…

0xthreatintel: INTL: "Android Trojan " IP: 3.234.101[.]92 Subnet: 3.224.0[.]0/12 Host: AS 14618 ( Amazon[.]com, Inc. ) US [ 🇺🇸]… https://t.co/g5B5UiVWdu Link with Tweet

techopcode: RT @thisisgulshan: Iranian #hacker group developed #Android #malware to steal 2FA SMS codes #CyberSecurity #osint #infosec #cyberthreats…

tinni_cfi: RT @bad_packets: Mass scanning activity detected from 185.64.105.27 (🇱🇹) checking for F5 BIG-IP servers vulnerable to remote code execution…

ro0ted: RT @bad_packets: Mass scanning activity detected from 185.64.105.27 (🇱🇹) checking for F5 BIG-IP servers vulnerable to remote code execution…

cyberreport_io: Fermenting Yogurt With The Help Of Hardware https://t.co/2MdSuGIwJS #cybersecurity #threatintelligence #cybernews https://t.co/CUWBWRTmyC Link with Tweet

RedPacketSec: SharpSecDump - .Net Port Of The Remote SAM + LSA Secrets Dumping Functionality Of Impacket'S… https://t.co/bTIEyjcMxe Link with Tweet

RedPacketSec: Velociraptor - Endpoint Visibility and Collection Tool - https://t.co/gmlqHAXKEW #Hacking #OSINT #Security… https://t.co/SV9dAqNF9D Link with Tweet Link with Tweet

Wulf_9: RT @bad_packets: Mass scanning activity detected from 159.69.15.131 (🇩🇪) checking for Citrix (NetScaler) servers vulnerable to CVE-2019-197…

Wulf_9: RT @bad_packets: Mass scanning activity detected from 185.64.105.27 (🇱🇹) checking for F5 BIG-IP servers vulnerable to remote code execution…

----#RANSOMWARE----

cyberinform: Neutralizing #Ransomware: The medicine you need to better protect your business https://t.co/SnJFtnlqBH… https://t.co/n0Yyi7woeG Link with Tweet Link with Tweet

LogRhythm: In this webcast, Randy Franklin Smith from Ultimate Windows Security shares insights of recent high-profile attacks… https://t.co/3QR7O5hwEv Link with Tweet

slnged: Ransom. Appliances hacked! A possibility in IoT. #cybersecurity #IoT #ConnectedDevices #technology #Ransomware https://t.co/NKber4HiBh Link with Tweet

cyber_spanish: RT @Norton: School districts from CA to NJ that have been victimized in a rash of #ransomware attacks. Student devices can introduce #malwa…

Greg42nato: RT @Cohesity: Legacy approaches to #backup aren't equipped to solve the needs of the modern organization, including meeting demanding SLAs…

Fabriciosx: RT @thisisgulshan: Top 6 Books On #CyberSecurity and #Ransomware for Pros. #BigData #Analytics #DataScience #AI #CISO #infosec #MachineLear…

cyscol: RT @thisisgulshan: Top 6 Books On #CyberSecurity and #Ransomware for Pros. #BigData #Analytics #DataScience #AI #CISO #infosec #MachineLear…

fredrosewag: RT @Cohesity: Look closely. Your legacy data backup system is hiding something. It’s time for a modern backup and data management solution…

cephalopodluke2: RT @keepnetlabs: The Services That Were Used For Ransomware Infection? https://t.co/VCWVcNkRXB #Security #infosec #spearphishing #phishing… Link with Tweet

Gurgling_MrD: RT @keepnetlabs: The Services That Were Used For Ransomware Infection? https://t.co/VCWVcNkRXB #Security #infosec #spearphishing #phishing… Link with Tweet

JasonJoder: RT @Cohesity: Look closely. Your legacy data backup system is hiding something. It’s time for a modern backup and data management solution…

LlnuxBot: RT @thisisgulshan: Top 6 Books On #CyberSecurity and #Ransomware for Pros. #BigData #Analytics #DataScience #AI #CISO #infosec #MachineLear…

MaltrakN: RT @keepnetlabs: The Services That Were Used For Ransomware Infection? https://t.co/VCWVcNkRXB #Security #infosec #spearphishing #phishing… Link with Tweet

javascript_bot_: RT @thisisgulshan: Top 6 Books On #CyberSecurity and #Ransomware for Pros. #BigData #Analytics #DataScience #AI #CISO #infosec #MachineLear…

-----#OPENDIR----

3XS0: #opendir #formbook hxxp://serv.webpaybox[.]com/~pahkeysc/ https://t.co/8v5t0bREfz https://t.co/xadXikyLwp Link with Tweet

ecarlesi: Possible threat on hxxp://decsoftutils[.]com #opendir

ecarlesi: Threat on hxxps://asgsaaw21[.]com/9fdebdbc3335291e1eeb41fcc2d0c8ef/16Shop-PP-V1[.]4[.]zip #phishing #opendir

ecarlesi: Possible threat on hxxp://efgl-online[.]com/en/about-us_files[.]zip #phishing #opendir

ecarlesi: Possible threat on hxxps://efgl-online[.]com/ebanking/register[.]php #phishing #opendir

stefan47162232: RT @FewAtoms: #malware #cybersecurity #opendir #infosec #threathunting hxxp://thdyprivatecloudshareandfileprotectgent.duckdns.org/receipt/…

CyberCh4r0n: RT @Marco_Ramilli: Nice #phishingkit with #opendir 🔗: fb-copyright-reviews100051374 .com 🖊: help/step1.txt 👹: ahmedhetta9@ gmail .com 👹:…

ecarlesi: Possible threat on hxxps://telemachus-mentor[.]com/20200925_telemachus_c2439a41d15f826d3258_20200926112131_archive[.]zip #phishing #opendir

phishunt_io: RT @Marco_Ramilli: Nice #phishingkit with #opendir 🔗: fb-copyright-reviews100051374 .com 🖊: help/step1.txt 👹: ahmedhetta9@ gmail .com 👹:…

Marco_Ramilli: Nice #phishingkit with #opendir 🔗: fb-copyright-reviews100051374 .com 🖊: help/step1.txt 👹: ahmedhetta9@ gmail .co… https://t.co/A7kbTtsna2 Link with Tweet

ecarlesi: Threat on hxxps://ygerevyigr[.]com/Support/mazon/780c8/ #phishing #opendir

ecarlesi: Threat on hxxps://ygerevyigr[.]com/Support/mazon/ #phishing #opendir

ecarlesi: Possible threat on hxxps://daivaradhana[.]com/live[.]zip #phishing #opendir

ecarlesi: Possible threat on hxxp://daivaradhana[.]com/live[.]zip #phishing #opendir

ecarlesi: Threat on hxxp://leaflettransmission[.]com/recover-page/FREAKZBROTHERS-V2[.]1[.]zip #phishing #opendir

-----#MALSPAM----

3XS0: #AgentTesla #Malware from #Malspam XLSM > VBS > EXE https://t.co/xjqUsd7sPj 1⃣p://198.12.66.108/jojo.exe 2⃣s://… https://t.co/vD5mWs9Ps7 Link with Tweet Link with Tweet

Orelpery: RT @James_inthe_box: Fresh #bazaloader via sendgrid #malspam: https://t.co/wrZKAFFp5u Subject: Re: <firstname>, our meeting Link with Tweet

iamthefrogy: RT @InQuest: We have been busy collating #maldoc coercive lures. Do any look familiar? Does anyone have any additions to the gallery? ht…

Malwaredev: RT @James_inthe_box: Fresh #bazaloader via sendgrid #malspam: https://t.co/wrZKAFFp5u Subject: Re: <firstname>, our meeting Link with Tweet

James_inthe_box: Fresh #bazaloader via sendgrid #malspam: https://t.co/wrZKAFFp5u Subject: Re: <firstname>, our meeting Link with Tweet

Ali_Saif_Aldeen: RT @malware_traffic: 2020-09-24 (Wed) - FedEx-themed #malspam with links for #Dridex - Dridex installer is an EXE file with an .scr file ex…

slaughterjames: RT @malware_traffic: 2020-09-24 (Wed) - FedEx-themed #malspam with links for #Dridex - Dridex installer is an EXE file with an .scr file ex…

JAMESWT_MHT: RT @malware_traffic: 2020-09-24 (Wed) - FedEx-themed #malspam with links for #Dridex - Dridex installer is an EXE file with an .scr file ex…

0xT11: RT @malware_traffic: 2020-09-24 (Wed) - FedEx-themed #malspam with links for #Dridex - Dridex installer is an EXE file with an .scr file ex…

adriananglin: RT @malware_traffic: 2020-09-24 (Wed) - FedEx-themed #malspam with links for #Dridex - Dridex installer is an EXE file with an .scr file ex…

gh0std4ncer: RT @malware_traffic: 2020-09-24 (Wed) - FedEx-themed #malspam with links for #Dridex - Dridex installer is an EXE file with an .scr file ex…

KanbeWorks: RT @malware_traffic: 2020-09-24 (Wed) - FedEx-themed #malspam with links for #Dridex - Dridex installer is an EXE file with an .scr file ex…

MalwareMisty: RT @malware_traffic: 2020-09-24 (Wed) - FedEx-themed #malspam with links for #Dridex - Dridex installer is an EXE file with an .scr file ex…

Bowflexin91: RT @malware_traffic: 2020-09-24 (Wed) - FedEx-themed #malspam with links for #Dridex - Dridex installer is an EXE file with an .scr file ex…

ExplodingLiger: RT @malware_traffic: 2020-09-24 (Wed) - FedEx-themed #malspam with links for #Dridex - Dridex installer is an EXE file with an .scr file ex…

----#EMOTET----

Cyb3rFun: RT @malware_traffic: 2020-09-25 (Friday) - Generated an #Emotet infection earlier today that had #Trickbot gtag mor124 as the follow-up mal…

3XS0: New #Emotet Epoch 2 Payloads and Template "Enable Edition Blue" 18:52UTC+: https://t.co/llfznjEM0K /rasti002-001-s… https://t.co/sxMAqlLFem Link with Tweet Link with Tweet

panda_zheng: RT @MBThreatIntel: #Emotet spam run for 2020-09-25. IOCs: https://t.co/zjhPcV48hz https://t.co/uhWAsXs7QM Link with Tweet

Irsan34681813: hello everyone, I want to offer a unique and cute twitch emotes and badges and You can get 2 emotes for $5 Check my… https://t.co/S3Sz8Ihlko Link with Tweet

panda_zheng: RT @malware_traffic: 2020-09-25 (Friday) - Generated an #Emotet infection earlier today that had #Trickbot gtag mor124 as the follow-up mal…

peric0: Look at the Analysis of "Arc-20200925-U76889.doc" with malicious activity. https://t.co/rPgiuyL1jU #macros… https://t.co/hsyjnwx4WH Link with Tweet Link with Tweet

AcooEdi: RT @AcooEdi: Threat Roundup for September 18 to September 25 https://t.co/0sgDAvOkSa #Bifrost #CiscoTalos #Dridex #Emotet #Malware via @Tal… Link with Tweet

shadyproject: RT @0xf0x_: Video #8 of my #Malware Analysis course is now online: https://t.co/Ny6O7Wg5J0 This video includes some useful tips & techniq… Link with Tweet

good_sector: RT @malware_traffic: 2020-09-25 (Friday) - Generated an #Emotet infection earlier today that had #Trickbot gtag mor124 as the follow-up mal…

materaj: RT @0xf0x_: Video #8 of my #Malware Analysis course is now online: https://t.co/Ny6O7Wg5J0 This video includes some useful tips & techniq… Link with Tweet

MalFuzzer: RT @malware_traffic: 2020-09-25 (Friday) - Generated an #Emotet infection earlier today that had #Trickbot gtag mor124 as the follow-up mal…

luc4m: RT @pollo290987: #Emotet 09/25/2020 361/19675 Documents 77/9813 Payloads 460 C2 9 Ports 4 Keys 2 Templates IOC's https://t.co/OxObBnJjJt… Link with Tweet

zibudada: RT @0xf0x_: Video #8 of my #Malware Analysis course is now online: https://t.co/Ny6O7Wg5J0 This video includes some useful tips & techniq… Link with Tweet

JRoosen: RT @malware_traffic: 2020-09-25 (Friday) - Generated an #Emotet infection earlier today that had #Trickbot gtag mor124 as the follow-up mal…

anand_tendolkar: RT @executemalware: It looks like #emotet volume is way down today and I'm no exception - I only saw 3 emails. 2 with .doc files and 1 wi…

-----#BUGBOUNTY----

cyscol: RT @dhakal_ananda: Different moods according to the report states: Triaged: Satisfaction Rewarded: Happiness Informative: Disappointment…

ArmanSameer95: RT @dhakal_ananda: Different moods according to the report states: Triaged: Satisfaction Rewarded: Happiness Informative: Disappointment…

debangshu_kundu: RT @dhakal_ananda: Different moods according to the report states: Triaged: Satisfaction Rewarded: Happiness Informative: Disappointment…

Gamliel_InfoSec: A checklist for security testing of #Android & #iOS applications. #mobile #hacking #pentesting #bugbounty https://t.co/MTmHMYacxH Link with Tweet

SuzeanneSpeir: RT @0xInfection: I learnt today that IP addresses can be shortened by dropping the zeroes. Examples: http://1.0.0.1 → http://1.1 http://192…

3XS0: The other day I took a look at 1 month old triaged reports and found out it was possible to escalate to ATO. Made a… https://t.co/jyQqeCOWIJ Link with Tweet

Geva_7: RT @0xINT3: Good end to this week on @Bugcrowd! 🥳🥳 #bugbountytip: Highly recommend to check out https://t.co/seqdhDwz3Z if you haven't al… Link with Tweet

Usher786: RT @ITSecurityguard: I just uploaded some of the most common file types for my Patrik's Bug Bounty Tools mind map here: SVG: https://t.co/…

3XS0: 2- OWASP Juice Shop https://t.co/GhPtpMnHul Google Gruyere https://t.co/43v6vSJ1I8 Hack Me… https://t.co/aG6525nHti Link with Tweet Link with Tweet Link with Tweet

dhakal_ananda: Different moods according to the report states: Triaged: Satisfaction Rewarded: Happiness Informative: Disappoin… https://t.co/Nbzo5BLam8 Link with Tweet

cyscol: RT @ITSecurityguard: I just uploaded some of the most common file types for my Patrik's Bug Bounty Tools mind map here: SVG: https://t.co/…

cyscol: RT @Hakin9: Sharingan is a recon multitool for offensive security and bug bounty https://t.co/uKB4oNZApD #infosec #hacking #hackers #Pent… Link with Tweet

BionicBeauty: RT @Hakin9: Sharingan is a recon multitool for offensive security and bug bounty https://t.co/uKB4oNZApD #infosec #hacking #hackers #Pent… Link with Tweet

ashutoshkmonu: RT @ashutoshkmonu: Just got HackTheBox invite code #HackTheBox #hacker #Ethicalhacking #bugbounty #penetrationtesting https://t.co/iRZd5qn…

Alejand48068303: RT @trbughunters: 🚀a XSS payload with <img> tag, for Cookie Stealing🚀 #cybersecurity #infosec #ethicalhacking #bugbounty #bugbountytips #b…

----#CYBERCRIME----

LatentSolution1: Your #business should be protected from all the possible Cyber Threats. To know more: Call: +971 - 5 2975 4547 Ema… https://t.co/ReCDC4TOMs Link with Tweet

oscargcervella: RT @C3Darmour: 4 HACKERS ARRESTED IN POLAND IN NATION-WIDE ACTION AGAINST CYBERCRIME https://t.co/gCmji5Lrqs #CYBERCRIME Link with Tweet

ManosKyriacou: RT @NationalCsirtCy: #Cybercrime is growing at an “alarming pace” as a result of the ongoing #COVID19 crisis and is expected to accelerate…

NationalCsirtCy: #Cybercrime is growing at an “alarming pace” as a result of the ongoing #COVID19 crisis and is expected to accelera… https://t.co/p30qfw1i8q Link with Tweet

66Iot: RT @WindowOnTech: MT @fisher85m Copy: @MikeQuindazzi @antgrasso What's the Anatomy of a #botnet #attack? #cybercrime #cyberrisk #Hackers…

SecurityXTV: RT @WindowOnTech: MT @fisher85m Copy: @MikeQuindazzi @antgrasso What's the Anatomy of a #botnet #attack? #cybercrime #cyberrisk #Hackers…

RDSWEB: RT @threatshub: ThreatsHub Cybersecurity News | Pastebin adds 'Burn After Read' and 'Password Protected Pastes' to the dismay of the infose…

RDSWEB: RT @thisisgulshan: Iranian #hacker group developed #Android #malware to steal 2FA SMS codes #CyberSecurity #osint #infosec #cyberthreats…

gdorn1: RT @EvanKirstel: 🚗 🚊 ✈️ The cybersecurity challenges with connected vehicles https://t.co/8bG7BM1Ymv #Security #Cybersecurity #Hackers #D… Link with Tweet

techopcode: RT @thisisgulshan: Iranian #hacker group developed #Android #malware to steal 2FA SMS codes #CyberSecurity #osint #infosec #cyberthreats…

CommunityIT: Learn about common #cyberthreats and the best techniques for dealing with them. Learn how to balance convenience an… https://t.co/FUpd0fFTJ3 Link with Tweet

smesecurity: #Cybercrime Outsourcing your digital protection, here is what to look for. #smallbusiness https://t.co/2Cq7TftwIL Link with Tweet

SecdevB: RT @threatshub: ThreatsHub Cybersecurity News | Pastebin adds 'Burn After Read' and 'Password Protected Pastes' to the dismay of the infose…

threatshub: ThreatsHub Cybersecurity News | Pastebin adds 'Burn After Read' and 'Password Protected Pastes' to the dismay of th… https://t.co/LzM9HPyfg7 Link with Tweet

StartingPointAI: RT @StartingPointAI: How to combat cyber threats amid the shift to remote working - TechRepublic ⁦@TechRepublic⁩ #CyberSecurity #cybercrim…

----Hacking Updates----

amitverma80 updated HackerRank-Problem-Solving. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-27. --- This repository contains solutions for Hacker Rank Problem Solving.

alive-u updated Hack-me. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-24. --- You can hack this site How many levels can you go to?

eduardodsr updated Digital-House-Front-End-Coding-Facebook. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-16. --- Estação Hack from Facebook by Digital House | Front End Coding Facebook IV - 2020

Jimmy-Bai updated nfnh. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-26. --- New Friends New Hack

lukec11 updated whitelister. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-04. --- Whitelists people on Hack Club's MC servers based on something posted in slack.

thevillagehacker updated Bug-Hunting. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-27. --- The Repository contains various payloads, tools, tips and tricks from various hackers around the world.

jeremyrempel updated yahnapp. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-20. --- Yet Another Hacker News App

aungnyeinchan351 updated Zip_hack. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-25. --- To hack Zip file passwords with brute force attack

hackforla updated website. This repo has 15 stars and 17 watchers. This repo was created on 2018-04-18. --- Hack for LA's website

gitFaisal updated HackerRank-Solutions. This repo has 0 stars and 1 watchers. This repo was created on 2020-07-21. --- Solutions to hacker rank challenges

nicolepav updated moo. This repo has 0 stars and 3 watchers. This repo was created on 2020-09-26. --- For New Friends, New Hacks MLH Hackathon

drush-ops updated drush. This repo has 2116 stars and 168 watchers. This repo was created on 2012-01-16. --- Drush is a command-line shell and scripting interface for Drupal, a veritable Swiss Army knife designed to make life easier for those who spend their working hours hacking away at the command prompt.

developer-jesus-github updated DarkCTF-2020. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-26. --- Repositorio con los writeups del concurso de hacking DarkCTF-2020.

warrickct updated my-resume. This repo has 0 stars and 1 watchers. This repo was created on 2019-09-11. --- My minimalist, hacked together, web resume

nonumbershere updated Amazing_Creations. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-03. --- These are my hacks, we will also learn how to make them! and batch learning.

Matir updated hacks. This repo has 0 stars and 1 watchers. This repo was created on 2019-10-19. --- Miscellaneous Hacks

dangerover updated shells. This repo has 0 stars and 0 watchers. This repo was created on 2019-06-26. --- All Hacking Shells c99, r57 and b374k 3.2.3 shell

atom updated atom. This repo has 53107 stars and 2549 watchers. This repo was created on 2012-01-20. --- :atom: The hackable text editor

gmcnaught updated streamlabs-obs-midi. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-26. --- Quick hack together to control streamlabs with my AKAI LPD8 controller

lancew updated WRL_hacks. This repo has 0 stars and 1 watchers. This repo was created on 2014-06-19. --- IJF WRL Hacks

uclaacm updated hack.uclaacm.com. This repo has 5 stars and 4 watchers. This repo was created on 2019-01-17. --- Official website of ACM Hack.

Peyton232 updated borderHacks. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-26. --- our project for border hacks

swisskyrepo updated PayloadsAllTheThings. This repo has 17839 stars and 1095 watchers. This repo was created on 2016-10-18. --- A list of useful payloads and bypass for Web Application Security and Pentest/CTF

hydekyle updated Askito-Adventures. This repo has 0 stars and 1 watchers. This repo was created on 2020-05-31. --- UNITY 3D GAME hack & slash

kingtut1 updated ShellHacksProjectFrontEnd. This repo has 0 stars and 2 watchers. This repo was created on 2020-09-26. --- Our shell hacks project.

----Security Updates----

EliuX updated flask-opa. This repo has 18 stars and 1 watchers. This repo was created on 2018-10-14. --- Flask extension for OPA

JavaGarcia updated Neanet. This repo has 1 stars and 1 watchers. This repo was created on 2020-08-02. --- Threat intelligence

hahwul updated dalfox. This repo has 486 stars and 27 watchers. This repo was created on 2020-04-12. --- 🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

navinprasadk updated security-strategy-essentials. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-27. --- None

postman-government updated national-security-agency-nsa. This repo has 0 stars and 4 watchers. This repo was created on 2020-09-27. --- None

cyberphor updated blog. This repo has 0 stars and 1 watchers. This repo was created on 2020-06-25. --- Essays about cyber security.

postman-government updated national-nuclear-security-administration-nnsa. This repo has 0 stars and 4 watchers. This repo was created on 2020-09-27. --- None

Planet-Source-Code updated francis-salvador-b-co-francis-security-database__1-50063. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-23. --- None

zero-24 updated plg_system_force2fausergroup. This repo has 1 stars and 1 watchers. This repo was created on 2020-08-27. --- This plugin allows to force users to set up 2FA in a specific user group.

CaledoniaProject updated awesome-opensource-security. This repo has 130 stars and 10 watchers. This repo was created on 2018-02-23. --- A list of interesting open-source tools

AnandMukhopadhyay updated Tutorial_AcousticWirelessSensorNode. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-27. --- This tutorial illustrates the proceess to derive feature vector (FV) from acoustic signals followed by training an ANN model. The data considered is human footstep acoustic sound in presence of forest background noise. This will be applicable to internet of things (IoT) security surveillance application for detecting human intrusion in restricted zones.

Sync-Corp updated ProjetoHolmes. This repo has 2 stars and 0 watchers. This repo was created on 2020-05-24. --- Proteja o que é precioso pra você com Holmes, um sistema inteligente de vigilância para sua casa ou serviço.

linux-mailinglist-archives updated linux-security-module.vger.kernel.org.0. This repo has 0 stars and 0 watchers. This repo was created on 2019-07-01. --- None

HypeByte updated Mock. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-21. --- An easy script I made that deletes all the files in the folder it is ran on, and then mocks you for it by spamming you with a bunch of files. I honestly think its not malaware. I am not responsible for any harm or any crap that this script may cause, it is not even that advanced. I am not your parents, so do what ever you want with it. Just don't get in trouble. Most security should block it. Warning: There is a risk to compiling this script, when I compiled it, my security blocked the executable and placed restrictions on my compiler. This was only for windows, my linux compiler can compile it. I had to go to another sys account to compile this script for windows. This is not malaware, the script is so simple.

postman-government updated department-of-homeland-security-dhs. This repo has 0 stars and 4 watchers. This repo was created on 2020-09-27. --- None

pavankjadda updated JwtSpringSecurity. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-30. --- Spring Security with JWT based authentication

Kitura updated OpenSSL. This repo has 53 stars and 29 watchers. This repo was created on 2016-01-22. --- Swift modulemaps for libSSL and libcrypto

JayPrakashKr updated SpringBootSecurity. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-27. --- None

moqui updated moqui-framework. This repo has 187 stars and 49 watchers. This repo was created on 2016-01-23. --- Use Moqui Framework to build enterprise applications based on Java. It includes tools for databases (relational, graph, document), local and web services, web and other UI with screens and forms, security, file/resource access, scripts, templates, l10n, caching, logging, search, rules, workflow, multi-instance, and integration.

postman-government updated defense-security-service-dss. This repo has 0 stars and 4 watchers. This repo was created on 2020-09-27. --- None

dnstats updated dnstatsio. This repo has 0 stars and 1 watchers. This repo was created on 2020-04-26. --- A daily scan of the top 1 million web sites for DNS Security.

FishSticks-stack updated FishSticks-stack.github.io. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-16. --- cyber security

postman-government updated bureau-of-industry-and-security-bis. This repo has 0 stars and 4 watchers. This repo was created on 2020-09-27. --- None

marcusminus updated Orthrus-BlockList. This repo has 15 stars and 2 watchers. This repo was created on 2019-10-01. --- List to block ads, trackers & malwares. Plus 200.000 unique domains and about 4 MB in size.

tianjingyu1 updated cyberSecurity. This repo has 3 stars and 1 watchers. This repo was created on 2020-06-07. --- 网络安全笔记

----PoC Updates----

luccasdev updated poc-kafka-cassandra-spring. This repo has 1 stars and 1 watchers. This repo was created on 2020-08-31. --- Proof of Concept using Spring boot with Kafka and Cassandra (NoSQL) to manager orders.

fordmadox updated EAD-to-LUX. This repo has 0 stars and 1 watchers. This repo was created on 2020-05-28. --- EAD to JSON process. Just intended for a proof-of-concept stage of a project.

V2C-Development-Team updated v2c-poc-submission. This repo has 0 stars and 0 watchers. This repo was created on 2020-08-30. --- V2C proof of concept - capstone submission repository

stall84 updated isIFR. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-19. --- Proof of Concept Project in ASP.NET MVC Core. Querying external aviation weather API, retrieving and displaying flight-rules for user-requested airport(s).

stall84 updated AWS_Lambda_ASP_NET_Proj1. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-27. --- Implementing an ASP.NET (Core 3.1) proof-of-concept Web App via Amazon's serverless Lambda service.

SimpleSandman updated FateGrandOrderPOC. This repo has 1 stars and 1 watchers. This repo was created on 2020-08-20. --- This is a "proof of concept" repo in C# that will be used in upcoming FGO related projects. This is a test-bed full of methods and an example run showcasing them

jamespericles updated User-Directory. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-15. --- Proof of concept for a company centered pseudo social networking application.

boettiger-lab updated data-tracker. This repo has 0 stars and 0 watchers. This repo was created on 2020-02-21. --- Proof of concept for Content-Identifier Based Registry for streaming data sources

V2C-Development-Team updated v2c-desktop-controller-linux. This repo has 0 stars and 0 watchers. This repo was created on 2020-08-30. --- V2C Linux desktop controller proof-of-concept

dyerw updated trivia-poc. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-26. --- proof of concept trivia game! oh nooooo!

8059542577066 updated A-star-Algorithm-PoC-. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-26. --- This is proof of concept for A* path finding algorithm. This version is static which means that all vertices and edges of the graph are loaded once initially and do not change.

Planet-Source-Code updated cintx-poc-proof-of-concept-xtunel-http-data-over-socket-by-webbrowser__1-69048. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-22. --- None

torbengb updated toolpool. This repo has 1 stars and 1 watchers. This repo was created on 2019-07-07. --- This prototype aims to provide a proof of concept for a community of people wanting to share their tools for DIY home-improvement projects.

doughahn updated org-play-2e-guide. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-23. --- Proof of concept for a read the docs project

dylancoe updated WeatherData. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-26. --- A short script in Python that adds current weather data from the free OpenWeatherMap API to any shapefile. The skeleton of the program can be changed to retrieve data from any API you wish, but for this script I chose weather data as a sort of proof of concept

no1seman updated frontend-stub-flutter. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-24. --- Proof-of-concept of embedding Flutter Web App into Tarantool Cartridge UI

blainegarrett updated blainegarrett-next. This repo has 0 stars and 1 watchers. This repo was created on 2018-02-16. --- Proof of concept for next.js app

sweetpi updated node-module-compiler. This repo has 0 stars and 2 watchers. This repo was created on 2015-02-11. --- Some proof of concept stuff for cross compiling npm modules

deepklarity updated jupyter-text2code. This repo has 800 stars and 43 watchers. This repo was created on 2020-09-06. --- A proof-of-concept jupyter extension which converts english queries into relevant python code

rere252 updated jsp-angular-micro. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-26. --- Minimal proof of concept for JSP + Angular based Web Components

x9-testlab updated x9incexc-cpp. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-25. --- C++ version of x9incexc. Mainly for exploration and proof-of-concept. Got C-compiled sqlite3 successfully statically linking.

dcechano updated UniversityManagmentSystem. This repo has 0 stars and 0 watchers. This repo was created on 2020-07-22. --- A simple Spring Project meant as a proof of concept

christinebittle updated BlogProject_1. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-26. --- This is the first iteration of our blog project, which has a proof-of-concept to access our MySQL Database.

dbaker-rh updated admission-controller. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-26. --- Proof of Concept

lpmi-13 updated parsons-problems. This repo has 0 stars and 1 watchers. This repo was created on 2020-09-17. --- a proof of concept to grab python functions from GitHub source code and have users practice ordering them.