Backdoor.Win32.Shark.btu MVID-2022-0615 Insecure Permissions
Authored by malvuln | Site malvuln.com
Backdoor.Win32.Shark.btu malware suffers from an insecure permissions vulnerability.
Change Mirror Download
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/5a83f8b8c8a8b7a85b3ff632aa60e793.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.Shark.btuVulnerability:...
Trojan-Mailfinder.Win32.VB.p MVID-2022-0616 Insecure Permissions
Authored by malvuln | Site malvuln.com
Trojan-Mailfinder.Win32.VB.p malware suffers from an insecure permissions vulnerability.
Change Mirror Download
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022Original source: https://malvuln.com/advisory/20e438d84aa2828826d52540d80bf7f.txtContact: [email protected]: twitter.com/malvulnThreat: Trojan-Mailfinder.Win32.VB.pVulnerability:...
Mitel 6800/6900 Series SIP Phones Backdoor Access
Authored by Moritz Abrell | Site syss.de
Mitel 6800/6900 Series SIP Phones excluding 6970 and Mitel 6900 Series IP (MiNet) Phones have a flow to spawn a telnet backdoor on...
Lepin EP-KP001 KP001_V19 Authentication Bypass
Authored by Matthias Deeg | Site syss.de
When analyzing the USB flash drive Lepin EP-KP001, Matthias Deeg found out that it uses an insecure hardware design which allows an attacker...
Nexans FTTO GigaSwitch Outdated Components / Hardcoded Backdoor
Authored by T. Weber | Site sec-consult.com
Nexans FTTO GigaSwitch industrial/office switches HW version 5 suffer from having a hardcoded backdoor user and multiple outdated vulnerable software components.
advisories | CVE-2015-0235,...
SIEMENS-SINEMA Remote Connect 3.0.1.0-01.01.00.02 Cross Site Scripting
Authored by Steffen Robertz | Site sec-consult.com
SIEMENS-SINEMA Remote Connect versions 3.0.1.0-01.01.00.02 and below suffer from a cross site scripting vulnerability.
advisories | CVE-2022-29034
Change Mirror Download
SEC Consult Vulnerability Lab Security Advisory...
Gentics CMS 5.36.29 Cross Site Scripting / Deserialization
Authored by Gerhard Hechenberger, Steffen Robertz | Site sec-consult.com
Gentics CMS version 5.36.29 suffers from persistent cross site scripting and unsafe java deserialization vulnerabilities.
advisories | CVE-2022-30981, CVE-2022-30982
Change Mirror Download
SEC Consult...
SoftGuard SNMP Network Management Extension HTML Injection / File Download
Authored by Philipp Espernberger | Site sec-consult.com
SoftGuard Web (SGW) versions prior to 5.1.5 suffer from html injection and arbitrary file system access allow for file downloads.
advisories | CVE-2022-31201, CVE-2022-31202
Change...
XNU Flow Divert Race Condition Use-After-Free
Authored by Google Security Research, nedwill
XNU suffers from a flow divert race condition use-after-free vulnerability.
advisories | CVE-2022-26757
phpIPAM 1.4.5 Remote Code Execution
Authored by Guilherme Alves
phpIPAM version 1.4.5 suffers from an authenticated remote code execution vulnerability.
Change Mirror Download
# Exploit Title: phpIPAM 1.4.5 - Remote Code Execution (RCE) (Authenticated)# Date: 2022-04-10# Exploit...





