Lucene search
K

5111 matches found

Patchstack
Patchstack
added 2025/01/06 7:49 p.m.3 views

WordPress Beacon Lead Magnets and Lead Capture Plugin <= 1.5.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Beacon Lead Magnets and Lead Capture versions = 1.5.7...

7.1CVSS6.1AI score0.00235EPSS
Exploits0Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/06 12:49 p.m.6 views

Malicious code in walletcore-gen (npm)

The package contains several malicious PowerShell and VBS scripts used to harvest browser data, take screenshots, log keystrokes, and establish startup persistence. It also bundles a password stealer and exfiltrates stolen data via Slack and Discord webhooks. --- -= Per source details. Do not edi...

7AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/01/04 12:20 a.m.1 views

SUSE CVE-2024-56667

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in captureengine When the intelcontext structure contains NULL, it raises a NULL pointer dereference error in drminfo. cherry picked from commit 754302a5bc1bd8fd3b7d85c168b0a1af6d4bba4d...

5.5CVSS7.7AI score0.00213EPSS
Exploits0References14
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/02 10:30 p.m.9 views

Malicious code in solana-login (npm)

The package contains several malicious PowerShell and VBS scripts used to harvest browser data, take screenshots, log keystrokes, and establish startup persistence. It also bundles a password stealer and exfiltrates stolen data via Slack and Discord webhooks. --- -= Per source details. Do not edi...

7AI score
Exploits0References3
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.5 views

CTFd 安全漏洞

CTFd is a Capture The Flag framework open-sourced by CTFd. A security vulnerability exists in CTFd versions 3.7.0 through 3.7.4, which stems from a flaw in the logical implementation that allows authenticated users to reset their team bracket and join a new team while a match is in progress...

5.3CVSS6.2AI score0.11659EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/02 12:0 a.m.6 views

CTFd 安全漏洞

CTFd is a Capture The Flag framework open-sourced by CTFd. A security vulnerability exists in CTFd version 3.7.4 and earlier, which stems from the interchangeable use of account activation and password reset tokens, allowing a man-in-the-middle attacker to reuse such tokens to change a user's...

6.3CVSS6.5AI score0.11659EPSS
Exploits0References5
CNVD
CNVD
added 2024/12/30 12:0 a.m.7 views

Dell ECS Certification Bypass Vulnerability

Dell ECS is an enterprise-grade cloud storage solution that provides high-performance, scalable object storage services. An authentication bypass vulnerability exists in Dell ECS versions prior to 3.8.1.3 that stems from a capture replay attack. An attacker could exploit the vulnerability to...

5.4CVSS7AI score0.00298EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.6 views

AZL-54862 CVE-2024-56667 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in captureengine When the intelcontext structure contains NULL, it raises a NULL pointer dereference error in drminfo. cherry picked from commit 754302a5bc1bd8fd3b7d85c168b0a1af6d4bba4d...

5.5CVSS6.7AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.1 views

DEBIAN-CVE-2024-56667

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in captureengine When the intelcontext structure contains NULL, it raises a NULL pointer dereference error in drminfo. cherry picked from commit 754302a5bc1bd8fd3b7d85c168b0a1af6d4bba4d...

5.5CVSS5.6AI score0.00213EPSS
Exploits0References1
OSV
OSV
added 2024/12/27 3:15 p.m.0 views

UBUNTU-CVE-2024-56667

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in captureengine When the intelcontext structure contains NULL, it raises a NULL pointer dereference error in drminfo. cherry picked from commit 754302a5bc1bd8fd3b7d85c168b0a1af6d4bba4d...

5.5CVSS6.2AI score0.00213EPSS
Exploits0References22
Vulnrichment
Vulnrichment
added 2024/12/27 3:6 p.m.7 views

CVE-2024-56667 drm/i915: Fix NULL pointer dereference in capture_engine

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in captureengine When the intelcontext structure contains NULL, it raises a NULL pointer dereference error in drminfo. cherry picked from commit 754302a5bc1bd8fd3b7d85c168b0a1af6d4bba4d...

7.5AI score0.00213EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/12/27 3:6 p.m.5 views

CVE-2024-56667

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL pointer dereference in captureengine When the intelcontext structure contains NULL, it raises a NULL pointer dereference error in drminfo. cherry picked from commit 754302a5bc1bd8fd3b7d85c168b0a1af6d4bba4d...

5.5CVSS5.6AI score0.00213EPSS
Exploits0
CNNVD
CNNVD
added 2024/12/27 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference issue in the captureengine in the drm/i915 subsystem...

5.5CVSS6.5AI score0.00213EPSS
Exploits0References3
OSV
OSV
added 2024/12/25 4:15 p.m.1 views

CVE-2024-52534

Dell ECS, versions prior to ECS 3.8.1.3, contains an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Session theft...

5.4CVSS5.8AI score0.00298EPSS
Exploits0References1
CVE
CVE
added 2024/12/25 4:4 p.m.57 views

CVE-2024-52534

Dell ECS prior to version 3.8.1.3 contains an Authentication Bypass by Capture-replay vulnerability that could allow a low-privilege attacker with remote access to perform session theft. Affected component: Dell ECS software (enterprise object storage). Root cause: capture-replay-based bypass ena...

5.4CVSS7.1AI score0.00298EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/25 12:0 a.m.4 views

PT-2024-35362 · Dell · Dell Ecs

Name of the Vulnerable Software and Affected Versions: Dell ECS versions prior to 3.8.1.3 Description: The issue is an Authentication Bypass by Capture-replay vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Session theft...

5.4CVSS7.1AI score0.00298EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/12/25 12:0 a.m.3 views

Dell ECS 安全漏洞

Dell ECS is an enterprise-grade cloud storage solution that provides high-performance, scalable object storage services. An authentication bypass vulnerability exists in Dell ECS versions prior to 3.8.1.3 that stems from a capture replay attack. An attacker could exploit the vulnerability to...

5.4CVSS7AI score0.00298EPSS
Exploits0References1
HackRead
HackRead
added 2024/12/24 4:11 p.m.63 views

Python Malware in Zebo-0.1.0 and Cometlogger-0.1 Found Stealing User Data

Fortinet discovers two malicious Python packages, Zebo-0.1.0 and Cometlogger-0.1, designed to steal data, capture keystrokes, and gain system control. Learn about their malicious behavior and how to protect yourself...

7.4AI score
Exploits0
Snyk
Snyk
added 2024/12/23 7:48 p.m.3 views

Malicious Package

Overview zebo is a malicious package. This package steals information from the victim by logging keystrokes and taking screen captures, which are exfiltrated to a server under the attacker's control. Remediation Avoid using all malicious instances of the zebo package. References - Fortinet Report...

9.8CVSS6.7AI score
Exploits0References2
Redos
Redos
added 2024/12/11 12:0 a.m.14 views

ROS-20241211-12

A vulnerability in the RADIUS authentication protocol implementation is related to bypassing the authentication procedure through capture-replay of intercepted messages. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access by forging an authentication...

9CVSS7.7AI score0.14859EPSS
Exploits2
Rows per page
Query Builder