Lucene search
K

26 matches found

Positive Technologies
Positive Technologies
added 2018/12/10 12:0 a.m.5 views

PT-2018-16356 · Signal · Signal Messenger For Android

Name of the Vulnerable Software and Affected Versions: Signal Messenger for Android version 4.24.8 Description: The issue may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in...

4.7CVSS3.7AI score0.00507EPSS
Exploits1References5
OSV
OSV
added 2018/08/06 8:6 p.m.33 views

GHSA-J49G-MP79-5VM5 coffe-script is malware

The coffe-script package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found coffe-script installed in your...

7.5CVSS7.6AI score0.01123EPSS
Exploits0References3
OSV
OSV
added 2018/07/31 2:29 p.m.2 views

CVE-2018-12941

This vulnerability allows remote attackers to execute arbitrary code in SeedDMS formerly LetoDMS and MyDMS before 5.1.8 by adding a system command at the end of the "cacheDir" path and following usage of the "Clear Cache" functionality. This allows an authenticated attacker, with permission to th...

8.8CVSS6.1AI score0.03584EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/07/31 2:0 p.m.15 views

CVE-2018-12941

This vulnerability allows remote attackers to execute arbitrary code in SeedDMS formerly LetoDMS and MyDMS before 5.1.8 by adding a system command at the end of the "cacheDir" path and following usage of the "Clear Cache" functionality. This allows an authenticated attacker, with permission to th...

8.9AI score0.03584EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2018/07/23 9:0 p.m.37 views

d3.js is malware

The d3.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concern i...

7.5CVSS7.3AI score0.01475EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/04/13 5:29 a.m.5 views

CVE-2018-10082

CMS Made Simple CMSMS through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or...

5.3CVSS5.8AI score0.0123EPSS
Exploits1References1
Rows per page
Query Builder