Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-03-14 14:15:13 |
CVE-2023-24180 (lien direct) |
Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf/mmap_loader.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted elf file. |
Vulnerability
|
APT 33
|
|
|
2022-04-11 15:15:09 |
CVE-2022-27115 (lien direct) |
In Studio-42 elFinder 2.1.60, there is a vulnerability that causes remote code execution through file name bypass for file upload. |
Vulnerability
|
APT 33
|
|
|
2022-04-07 17:15:08 |
CVE-2021-43421 (lien direct) |
A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code. |
Vulnerability
|
APT 33
|
★★
|
|
2022-02-24 19:15:09 |
CVE-2021-44663 (lien direct) |
A Remote Code Execution (RCE) vulnerability exists in the Xerte Project Xerte through 3.8.4 via a crafted php file through elfinder in connetor.php. |
Vulnerability
|
APT 33
|
|
|
2021-08-04 15:15:08 |
CVE-2020-24825 (lien direct) |
A vulnerability in the line_table::line_table function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. |
Vulnerability
|
APT 33
|
★★★★★
|
|
2021-08-04 15:15:08 |
CVE-2020-24821 (lien direct) |
A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. |
Vulnerability
|
APT 33
|
★★★★
|
|
2021-08-04 15:15:08 |
CVE-2020-24823 (lien direct) |
A vulnerability in the dwarf::to_string function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. |
Vulnerability
|
APT 33
|
★★★★★
|
|
2021-08-04 15:15:08 |
CVE-2020-24827 (lien direct) |
A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. |
Vulnerability
|
APT 33
|
★★
|
|
2021-08-04 15:15:08 |
CVE-2020-24826 (lien direct) |
A vulnerability in the elf::section::as_strtab function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file. |
Vulnerability
|
APT 33
|
★★★★★
|
|
2019-07-03 15:31:02 |
Outlook Flaw Exploited by Iranian APT33, US CyberCom Issues Alert (lien direct) |
US Cyber Command issued a malware alert on Twitter regarding the active exploitation of the CVE-2017-11774 Outlook vulnerability to attack US government agencies, allowing the attackers to execute arbitrary commands on compromised systems. [...] |
Malware
Vulnerability
|
APT33
APT 33
|
|
|
2019-03-28 09:11:00 |
APT group Elfin switches from data destruction to data stealing via WinRAR vulnerability (lien direct) |
Elfin (aka APT33), a hacker group affiliated with the Iranian government, is described by Symantec as “one of the most active groups currently operating in the Middle East.” They have been linked with a string of attacks on U.S. and Saudi Arabian companies, particularly in the aerospace and energy sectors.
[ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ] |
Data Breach
Vulnerability
|
APT33
APT 33
|
|