Headline
Dumping RDP Credentials
Administrators typically use Remote Desktop Protocol (RDP) in order to manage Windows environments remotely. It is also typical RDP to be enabled in systems that…
Continue reading → Dumping RDP Credentials
Related news
‘Chrome’s NTP only has a really weak CSP that doesn’t mitigate XSS’
‘Chrome’s NTP only has a really weak CSP that doesn’t mitigate XSS’
Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows SQL injection. A low-privileged user could inject a SQL statement through the "Export to CSV" feature of the Contact Manager web GUI.
All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could allow a standard user to write their own malicious application to the plugin directory, allowing the malicious application to execute in a privileged context.
All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could allow a standard user to write their own malicious application to the plugin directory, allowing the malicious application to execute in a privileged context.
IBM Db2 11.2 and 11.5 contains an information disclosure vulnerability, exposing remote storage credentials to privileged users under specific conditions. IBM X-Fporce ID: 201780.