Aggregator

CVE-2020-9843 | Apple iCloud up to 7.18/11.1 on Windows WebKit cross site scripting (HT211179/HT211181 / Nessus ID 241427)

Vuldb Updates
8 months 1 week ago
A vulnerability was found in Apple iCloud up to 7.18/11.1 on Windows and classified as problematic. Affected by this issue is some unknown functionality of the component WebKit. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2020-9843. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-9843 | Apple watchOS up to 6.2.4 WebKit cross site scripting (HT211175 / Nessus ID 241427)

Vuldb Updates
8 months 1 week ago
A vulnerability was found in Apple watchOS up to 6.2.4. It has been rated as problematic. This issue affects some unknown processing of the component WebKit. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2020-9843. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-9843 | Apple tvOS up to 13.4.4 WebKit cross site scripting (HT211171 / Nessus ID 241427)

Vuldb Updates
8 months 1 week ago
A vulnerability was found in Apple tvOS up to 13.4.4 and classified as problematic. Affected by this issue is some unknown functionality of the component WebKit. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2020-9843. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-9807 | Apple iCloud up to 7.18/11.1 on Windows WebKit memory corruption (HT211179/HT211181 / Nessus ID 241427)

Vuldb Updates
8 months 1 week ago
A vulnerability, which was classified as critical, was found in Apple iCloud up to 7.18/11.1 on Windows. Affected is an unknown function of the component WebKit. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2020-9807. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-9807 | Apple Safari up to 13.1.0 WebKit memory corruption (HT211177 / Nessus ID 241427)

Vuldb Updates
8 months 1 week ago
A vulnerability, which was classified as critical, was found in Apple Safari up to 13.1.0. This affects an unknown part of the component WebKit. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2020-9807. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2020-9807 | Apple tvOS up to 13.4.4 WebKit memory corruption (HT211171 / Nessus ID 241427)

Vuldb Updates
8 months 1 week ago
A vulnerability was found in Apple tvOS up to 13.4.4. It has been rated as critical. This issue affects some unknown processing of the component WebKit. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2020-9807. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

maven tips

不安全
8 months 1 week ago
文章介绍了如何使用 Maven 下载指定包到特定路径以及查看插件的 Goals。通过 `mvn dependency:get` 命令下载包并指定本地仓库路径;使用 `mvn help:describe` 查看插件的详细信息及其 Goals。例如,`maven-dependency-plugin` 和 `spring-boot-maven-plugin` 的 Goals 包括构建镜像、生成构建信息、运行应用等操作。

Atomic macOS Info-Stealer Updated with New Backdoor for Persistent Access

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
8 months 1 week ago

The Atomic macOS Stealer (AMOS), a notorious piece of info-stealing malware targeting Apple users, has undergone a significant update, introducing an embedded backdoor for the first time. This development, reported by Moonlock a cybersecurity division of MacPaw marks a critical escalation in the malware’s capabilities, allowing attackers to maintain persistent access to compromised macOS systems. […]

The post Atomic macOS Info-Stealer Updated with New Backdoor for Persistent Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally

The Hackers News
8 months 1 week ago
A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 countries. These BNS pages are made to look like real news outlets: CNN, BBC, CNBC, or regional media. They publish fake stories that feature public figures, central banks, or financial
The Hacker News

BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally

不安全
8 months 1 week ago
网络安全公司CTM360报告称,诈骗团伙利用虚假新闻网站(BNS)模仿真实媒体机构发布假新闻,吸引用户点击并引导至欺诈投资平台。这些网站通过谷歌、Meta等平台投放广告,并使用诱骗性标题和官方元素增加可信度。受害者被诱导注册并支付小额押金后,会看到虚假收益模拟界面。骗子还收集敏感数据用于进一步诈骗。CTM360已追踪超1.7万个此类网站,并提供相关支持服务以应对这一威胁。

CVE-2023-48788

CVE Trends
8 months 1 week ago
Currently trending CVE - Hype Score: 11 - A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets.

Managed ad