GitHub

rce-exploit

Add a description, image, and links to the rce-exploit topic page so that developers can more easily learn about it.
Scientific Research Publishing

David, T. (2017) XSLT Server Side Injection Attacks, Context Blog Vulnerabilities and Exploits, Web Applications.

ABSTRACT: This paper is to study how Extensible Markup Language (XML) code injection attacks are widespread over web and cloud applications, databases, and multiple types of systems within major ...
Bleeping Computer

Microsoft urges Exchange admins to patch bug exploited in the wild

Microsoft warned admins today to immediately patch a high severity Exchange Server vulnerability that may allow authenticated attackers to execute code remotely on vulnerable servers. The security ...
Comicbook.com

New World Suspends Server Transfers, Will Ban Players Who Abused Exploit

Server transfers for New World went live not long ago following a delay that pushed their start date back, but the transfers have now been suspended. This suspension comes after Amazon Games ...
Dark Reading

Microsoft Exchange Server Exploits Hit Retail, Government, Education

Attackers targeting four critical Microsoft Exchange Server zero-days patched this week hit a range of organizations across retail, government, and higher education, report the Mandiant researchers ...
Ars Technica

Microsoft issues emergency patches for 4 exploited 0-days in Exchange

Microsoft is urging customers to install emergency patches as soon as possible to protect against highly skilled hackers who are actively exploiting four zero-day vulnerabilities in Exchange Server.
GitHub

ef_jboss_java_serialization_rce.py

INFO['DESCRIPTION'] = "jBoss(version <= 6.1) Java Deserialization Vulnerability" JBoss can run on any port, but the default install runs on port 8080 ...
InfoWorld

Cybercriminals using digitally signed Java exploits to trick users

Security researchers warn that cybercriminals have started using Java exploits signed with digital certificates to trick users into allowing the malicious code to run inside browsers. A signed Java ...
PC World

Security agency recommends disabling Java, due to exploit

Internet users should consider disabling Java in their browsers because of an exploit that can allow remote attackers to execute code on a vulnerable system, the U.S. Computer Emergency Readiness Team ...
AppleInsider

New Mac trojan found to exploit same Java weakness as 'Flashback'

A new piece of malware that takes advantage of a well-documented Java vulnerability has been found on a website dedicated to the Dalai Lama, with the trojan able to install itself on an unwitting Mac ...
Network World

Rogue Microsoft Services Agreement email notifications lead to latest Java exploit

Hackers are distributing rogue email notifications about changes in Microsoft’s Services Agreement to trick people into visiting malicious pages that use a recently circulated Java exploit to infect ...