Malicious code in tpstringcraftget (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx bc163c941740b32b40f2df1e19d56519e11ad614608a221cba6f58f5a8150cc5 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Integer Overflow

Lines of code Vulnerability details Impact The owner of the ActivePool contract can set yield distribution parameters that do not add to the expected 10000 BPS. This would cause the rebalance function to send the incorrect number of tokens when using the splits. Proof of Concept Calling...

Qakbot Evolves to OneNote Malware Distribution

Qakbot Evolves to OneNote Malware Distribution By Pham Duy Phuc, John Fokker J.E. and Alejandro Houspanossian · March 07, 2023 This blog was also written by Raghav Kapoor and Mathanraj Thangaraju Qakbot aka QBot, QuakBot, and Pinkslipbot is a sophisticated piece of malware that has been active...

Malicious code in libcrafthackedsplit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4c70ec235f0110f789ef5e339affba69ed7a69af1698aca23a5f0c1e5da3c735 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in py-hydraurlstudy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 47625e61f184c45d87c486e1758fc80d20257676c08d5b37a3ff8b2adf8e8e98 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

CVE-2022-38734

StorageGRID formerly StorageGRID Webscale versions prior to 11.6.0.8 are susceptible to a Denial of Service DoS vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router LDR service...

CVE-2022-38734

StorageGRID formerly StorageGRID Webscale versions prior to 11.6.0.8 are susceptible to a Denial of Service DoS vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router LDR service...

Denial of service

StorageGRID formerly StorageGRID Webscale versions prior to 11.6.0.8 are susceptible to a Denial of Service DoS vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router LDR service...

2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots

As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices. A new report published by LayerX, a browser...

CVE-2022-38734

StorageGRID formerly StorageGRID Webscale versions prior to 11.6.0.8 are susceptible to a Denial of Service DoS vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router LDR service...

NetApp StorageGRID 安全漏洞

NetApp StorageGRID is an object storage solution from NetApp. A security vulnerability exists in NetApp StorageGRID versions prior to 11.6.0.8, which stems from susceptibility to a denial-of-service DoS vulnerability that can be exploited by an attacker to cause the Local Distribution Router LDR...

CVE-2022-38734

StorageGRID formerly StorageGRID Webscale versions prior to 11.6.0.8 are susceptible to a Denial of Service DoS vulnerability. A successful exploit could lead to to a crash of the Local Distribution Router LDR service...

DRUPAL-CONTRIB-2023-007

Thunder is a Drupal distribution for professional publishing. The thunder distribution ships the thunder\gqls module which provides a graphql interface. The module doesn't sufficiently check access when serving user data via graphql leading to an access bypass vulnerability potentially exposing...

Thunder - Moderately critical - Access bypass - SA-CONTRIB-2023-007

Thunder is a Drupal distribution for professional publishing. The thunder distribution ships the thundergqls module which provides a graphql interface. The module doesn't sufficiently check access when serving user data via graphql leading to an access bypass vulnerability potentially exposing...

Upgraded Q -> 2 from #18 [1677668571999]

Judge has assessed an item in Issue 18 as 2 risk. The relevant finding follows: L-01 changePayees can result in broken share count Description for uint256 i; i newPayees.length; i++ if newPayeesi == address0 revert Errors.CANNOTSETTOADDRESSZERO; if newSharesi == 0 revert Errors.SHARECANNOTBEZERO;...

CVE-2021-22283 MMS File Transfer Vulnerability impact on Distribution Automation products

Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1...

CVE-2021-22283 MMS File Transfer Vulnerability impact on Distribution Automation products

Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1...

Malicious code in selfrandsplitre (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx e189e78dbd01d3036cc5aeb2e88ef5248a9ffc44c25d6b789b53416fa3a70970 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selfgrandkillhacked (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx cda53ab3c794fe0ac5590d6acb40bf2fea52535469f7b5e40be4837bd91562ce EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

Malicious code in selfpostgamemc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 470b797a2eee6766edea6a0c9da095b3189dd4318d07420676eead9bec51ee81 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...