26 matches found
EUVD-2025-201487
Malicious code in elf-stats-cosy-toy-308 npm...
Malicious code in elf-stats-cosy-toy-308 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aca3af23bbfec4f6a8b388056bdca1e75940f84912fc3413aa6f6ef991997df5 The package elf-stats-cosy-toy-308 was found to contain malicious code...
MAL-2025-192329 Malicious code in elf-stats-cosy-toy-308 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aca3af23bbfec4f6a8b388056bdca1e75940f84912fc3413aa6f6ef991997df5 The package elf-stats-cosy-toy-308 was found to contain malicious code...
CVE-2025-54526
creationtimestamp| type| source ---|---|--- 2025-11-04 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-308-01 2025-11-04 23:52:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4tq4vtgzh26 2025-12-10 05:00:00+00:00| seen|...
CVE-2024-42256 cifs: Fix server re-repick on subrequest retry
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry, netfs will call cifspreparewrite which will make cifs repick the server for the op before renegotiating credits; it then calls...
SUSE CVE-2019-11712
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery CSRF attacks. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...
Slackware: Security Advisory (SSA:2016-308-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-11049
An issue was discovered on Samsung mobile devices with software through 2016-01-16 Shannon333/308/310 chipsets. The IMEI may be retrieved and modified because of an error in managing key information. The Samsung ID is SVE-2016-5435 March 2016...
CVE-2016-11049
An issue was discovered on Samsung mobile devices with software through 2016-01-16 Shannon333/308/310 chipsets. The IMEI may be retrieved and modified because of an error in managing key information. The Samsung ID is SVE-2016-5435 March 2016...
Fedora 31 : xen (2019-6aad703290)
denial of service in findnextbit XSA-307, CVE-2019-19581, CVE-2019-19582 1782211 denial of service in HVM/PVH guest userspace code XSA-308, CVE-2019-19583 1782206 privilege escalation due to malicious PV guest XSA-309, CVE-2019-19578 1782210 Further issues with restartable PV type change operatio...
2019 Flare-On Challenge Solutions
We are pleased to announce the conclusion of the sixth annual Flare-On Challenge. The popularity of this event continues to grow and this year we saw a record number of players as well as finishers. We will break down the numbers later in the post, but right now let’s look at the fun stuff: the...
CVE-2018-20936
cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf SEC-308...
Design/Logic Flaw
cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf SEC-308...
DEBIAN-CVE-2019-11712
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery CSRF attacks. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...
Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery CSRF attacks. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...
Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery CSRF attacks. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...
Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery CSRF attacks. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...
Cross-Site Request Forgery (CSRF)
firefox is vulnerable to cross-site request forgery CSRF attacks. POST requests made by the NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery CSRF attacks...
Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery CSRF attacks. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...
Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects
POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. This can allow an attacker to perform Cross-Site Request Forgery CSRF attacks. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...