Lucene search
+L

226 matches found

OSV
OSV
added 2025/11/11 7:47 a.m.4 views

MAL-2025-111783 Malicious code in damp_spoonbill_coral-60 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b553fd7dab685bbe860784cb7a70e17623ebee04f9a85d0b2706c33572386fb7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/11 7:38 a.m.1 views

EUVD-2025-77505

Malicious code in supposedgerbilbronze-60 npm...

6.6AI score
Exploits0
NVD
NVD
added 2025/10/22 9:15 a.m.6 views

CVE-2025-41110

Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This vulnerability allows an attacker to connect to the robot's WiFi and view all its data, as it runs on ROS 2 without default authentication. In addition, the attacker can connect via SSH and gain full...

8.8CVSS0.00236EPSS
Exploits0References1
OSV
OSV
added 2025/10/22 9:15 a.m.4 views

CVE-2025-41110

Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This vulnerability allows an attacker to connect to the robot's WiFi and view all its data, as it runs on ROS 2 without default authentication. In addition, the attacker can connect via SSH and gain full...

8.8CVSS5.8AI score0.00236EPSS
Exploits0References1
CVE
CVE
added 2025/10/22 8:16 a.m.16 views

CVE-2025-41110

CVE-2025-41110 affects Ghost Robotics Vision 60, specifically APK v0.27.2. The issue arises from an authorization flaw in the ROS 2 stack, permitting connections to the robot’s WiFi and SSH without authentication. Consequences stated across sources include data exposure and full control of the ro...

8.8CVSS6.4AI score0.00236EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/10/22 8:14 a.m.34 views

CVE-2025-41108

The CVE describes Ghost Robotics Vision 60 (v0.27.2) as vulnerable due to a lack of encryption and authentication in its MAVLink-based communication protocol. This enables an external attacker to impersonate the control station and issue arbitrary commands to the robot, potentially gaining unauth...

9.8CVSS7AI score0.00291EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.5 views

Ghost Robotics Vision 60 授权问题漏洞

Ghost Robotics Vision 60 is a quadrupedal ground robot from Ghost Robotics, USA. Ghost Robotics Vision 60 version v0.27.2 suffers from an authorization issue vulnerability that stems from WiFi and SSH credential disclosure, which could lead to an attacker connecting to the robot's WiFi and SSH to...

8.8CVSS6.8AI score0.00236EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-0682

Malware in sbrugna...

5CVSS6.4AI score0.03111EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-4098

Malware in sbrugna...

10CVSS9.2AI score0.01998EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 7:31 a.m.11 views

CVE-2024-40116

An issue in Solar-Log 1000 before v2.8.2 and build 52-23.04.2013 was discovered to store plaintext passwords in the export.html, email.html, and sms.html files -- fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base...

8.1CVSS7.3AI score0.00421EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/11/27 11:14 a.m.15 views

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign

The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That's according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google...

9.3CVSS7.7AI score0.01773EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/10/21 12:0 a.m.22 views

Adobe Illustrator < 26.5.2 / 27.0.0 < 27.0.1 Multiple Memory leak (APSB22-60) (macOS)

The version of Adobe Illustrator installed on the remote macOS host is prior to 26.5.2, 27.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB22-60 advisory. - Adobe Illustrator versions 26.5.1 and earlier, and 27.0 and earlier are affected by an out-of-bounds re...

5.5CVSS5.8AI score0.00473EPSS
Exploits0References5
OSV
OSV
added 2024/09/26 6:15 p.m.4 views

CVE-2024-43814

The goTenna Pro ATAK Plugin's default settings are to share Automatic Position, Location, and Information PLI updates every 60 seconds once the plugin is active and goTenna is connected. Users that are unaware of their settings and have not activated encryption before a mission may accidentally...

4.3CVSS5.8AI score0.00131EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/08/28 1:48 p.m.31 views

APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor

A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed SpyGlace. The activity has been attributed to a threat actor dubbed APT-C-60, according to cybersecuri...

9.3CVSS8.3AI score0.01773EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/07/26 12:0 a.m.7 views

PT-2024-28786 · Sl 500 +2 · Sl 500 +2

Name of the Vulnerable Software and Affected Versions: Solar-Log 1000 versions prior to 2.8.2 and build 52-23.04.2013 SL 200 versions prior to 3.0.0-60 SL 500 versions prior to 3.0.0-60 Description: The issue concerns the storage of plaintext passwords in certain files, specifically export.html,...

8.1CVSS7.2AI score0.00421EPSS
Exploits0References5
hivepro
hivepro
added 2024/03/14 6:10 p.m.40 views

Microsoft’s March 2024 Patch Tuesday Addresses 60 Vulnerabilities

Summary: Microsofts March 2024 Patch Tuesday addresses 60 vulnerabilities, including two critical vulnerabilities, spanning various products like Office, Exchange Server, and Windows Kernel. Critical flaws in Windows Hyper-V CVE-2024-21407 and CVE-2024-21408 require immediate attention to mitigat...

5.1CVSS6.8AI score0.16384EPSS
Exploits0
MSRC
MSRC
added 2023/11/20 8:0 a.m.13 views

Celebrating ten years of the Microsoft Bug Bounty program and more than $60M awarded

This year marks the tenth anniversary of the Microsoft Bug Bounty Program, an essential part of our proactive strategy to protect customers from security threats. Since its inception in 2013, Microsoft has awarded more than $60 million to thousands of security researchers from 70 countries. These...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.26 views

Adobe InCopy < 18.5.1 / 18.0 < 19.0.0 Arbitrary code execution (APSB23-60)

The version of Adobe InCopy installed on the remote host is prior to 18.5.1, 19.0.0. It is, therefore, affected by a vulnerability as referenced in the APSB23-60 advisory. - Out-of-bounds Read CWE-125 potentially leading to Arbitrary code execution CVE-2023-26368 Note that Nessus has not tested f...

7.8CVSS8AI score0.00341EPSS
Exploits0References2
OSV
OSV
added 2023/08/29 2:15 a.m.3 views

CVE-2023-1995

Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, before 09-66-17, before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before...

7.5CVSS5.8AI score0.00377EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/08/29 12:0 a.m.22 views

QNAP QTS / QuTS hero Vulnerability in QTS and QuTS hero (QSA-23-60)

The version of QNAP QTS / QuTS hero installed on the remote host is affected by a vulnerability as referenced in the QSA-23-60 advisory. An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local networ...

8.8CVSS7.8AI score0.00094EPSS
Exploits0References2
Rows per page
Query Builder