Lucene search
K

167 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:20 p.m.4 views

Malicious code in microsoft-intern (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c76fef60970c2425861b091261e48ec2af3bdc12e417f67947c92aad28107c73 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:20 p.m.8 views

MAL-2022-4587 Malicious code in microsoft-intern (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c76fef60970c2425861b091261e48ec2af3bdc12e417f67947c92aad28107c73 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:19 p.m.4 views

Malicious code in @fbsystem/figma-intern-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89d273e9459a52f8724d5b65339a1a5e171ff28e3f44bba89b71c6ffdd0c5142 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:19 p.m.3 views

Malicious code in figma-intern-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30dc54296ac108766caff8eb4c2dbe81d1423412a122036236997a553b5e949d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:19 p.m.10 views

MAL-2022-3029 Malicious code in figma-intern-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30dc54296ac108766caff8eb4c2dbe81d1423412a122036236997a553b5e949d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2022/06/18 1:0 p.m.9 views

An Alleged Russian Spy Was Busted Trying to Intern at The Hague

Plus: Firefox adds new privacy protections, a big Intel and AMD chip flaw, and more of the week’s top security news...

1.6AI score
Exploits0
OSV
OSV
added 2021/03/05 9:15 a.m.4 views

CVE-2021-28037

An issue was discovered in the internment crate before 0.4.2 for Rust. There is a data race that can cause memory corruption because of the unconditional implementation of Sync for Intern...

9.8CVSS7.3AI score0.01167EPSS
Exploits0References1
RustSec
RustSec
added 2021/03/03 12:0 p.m.16 views

Intern<T>: Data race allowed on T

Affected versions of this crate unconditionally implements Sync for Intern. This allows users to create data race on T: !Sync, which may lead to undefined behavior for example, memory corruption. The flaw was corrected in commit 2928a87 by adding the trait bound T: Sync in the Sync impl of Intern...

9.8CVSS3.7AI score0.01167EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/03/03 12:0 p.m.38 views

RUSTSEC-2021-0036 Intern<T>: Data race allowed on T

Affected versions of this crate unconditionally implements Sync for Intern. This allows users to create data race on T: !Sync, which may lead to undefined behavior for example, memory corruption. The flaw was corrected in commit 2928a87 by adding the trait bound T: Sync in the Sync impl of Intern...

9.8CVSS9.3AI score0.01167EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2021/03/01 9:19 a.m.92 views

SolarWinds Blames Intern for 'solarwinds123' Password Lapse

As cybersecurity researchers continue to piece together the sprawling SolarWinds supply chain attack, top executives of the Texas-based software services firm blamed an intern for a critical password lapse that went unnoticed for several years. The said password "solarwinds123" was originally...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/03/01 9:19 a.m.6 views

SolarWinds Blames Intern for 'solarwinds123' Password Lapse

As cybersecurity researchers continue to piece together the sprawling SolarWinds supply chain attack, top executives of the Texas-based software services firm blamed an intern for a critical password lapse that went unnoticed for several years. The said password "solarwinds123" was originally...

6AI score
Exploits0
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.6 views

Rust Competition Condition Problem Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. crate through 2020-05-28 for Rust A security vulnerability exists that stems from ArcIntern::drop having a race condition that results in free after use...

8.1CVSS5.8AI score0.00957EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2019/07/10 7:45 p.m.7 views

@dojo/cli-test-intern (>=0.1.0 <=2.0.0-beta3.1), elstr-jslib (>=3.0.18 <=3.0.47) +25 more potentially affected by CVE-2019-10744 via lodash-amd (>=2.4.1 <=4.16.4)

lodash-amd NPM version =2.4.1, =0.1.0, =3.0.18, =0.4.0, =4.1.1, =0.1.11, =3.4.0, =0.0.1, =0.7.1, =0.1.1, =0.2.5, =0.0.3, =0.1.10, =0.1.6, =0.1.1, =0.1.4 and more Source cves: CVE-2019-10744 Source advisory: OSV:GHSA-JF85-CPCP-J695...

9.1CVSS7AI score0.05006EPSS
Exploits2
exploitpack
exploitpack
added 2019/04/10 12:0 a.m.21 views

FTPShell Server 6.83 - Virtual Path Mapping Local Buffer

FTPShell Server 6.83 - Virtual Path Mapping Local Buffer !/usr/bin/python Exploit Title: FTP Shell Server 6.83 'Virtual Path Mapping' Buffer Overflow Date: 09-04-2019 Exploit Author: Dino Covotsos - Telspace Systems Vendor Homepage: http://www.ftpshell.com/index.htm Version: 6.83 Software Link :...

0.2AI score
Exploits0
AlpineLinux
AlpineLinux
added 2018/08/25 9:0 p.m.1 views

CVE-2018-15861

Unchecked NULL pointer usage in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file that triggers an xkbinternatom failure...

5.5CVSS6AI score0.00535EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2018/03/27 6:9 a.m.9 views

webworksmd.com XSS vulnerability

Open Bug Bounty ID: OBB-592296 Description| Value ---|--- Affected Website:| webworksmd.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2015/08/14 1:29 a.m.15 views

Facebook Fired An Intern After He Exposes How to Track Users' Location

Previously, we posted about a privacy issue in Facebook messenger; Aran Khanna, a Harvard University student, discovered ‘A Marauder’s Map’ that could sense and give the geolocations of your friends on the messenger. Khanna had received an opportunity to work as an intern for Facebook… …But desti...

6.8AI score
Exploits0
CNVD
CNVD
added 2015/02/21 12:0 a.m.4 views

Info-ZIP UnZip Out-of-Bounds Write Denial of Service Vulnerability

Info-ZIP UnZip is a decompression software. An out-of-bounds write vulnerability in Info-ZIP UnZip "unix/unix.c:charsettointern" allows an attacker to construct a malicious file and trick the user into parsing it, which can crash the application...

7.5CVSS7.1AI score0.04898EPSS
Exploits2References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

Netcraft Toolbar 1.8.1 - Remote Code Execution Exploit

No description provided by source. !-- Title: Netcraft Toolbar 1.8.1 Remote Code Execution Exploit Date: Nov 23, 2010 Author: Rew Email: rew splat leethax.info Link: http://toolbar.netcraft.com/install/Netcraft%20Toolbar.msi Version: 1.8.1 Tested on: WinXP - IE 6 CVE: NA 0day This object is NOT...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2013/06/05 5:10 p.m.11 views

Twitter Vine app hacked by 16 year old Web developer

Recently Twitter has rolled out Vine app for Android, A new way to share video on twitter. The free app, which enables people to record and share clips of up to six seconds with other Vine users as well as on Twitter and Facebook. But on the very next day, Twitter's video-sharing application Vine...

7AI score
Exploits0
Rows per page
Query Builder