99 matches found
EUVD-2022-52540
Malicious code in bioql PyPI...
EUVD-2022-52539
Malicious code in bioql PyPI...
CVE-2022-30721
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash...
CVE-2022-40769
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022...
CVE-2022-30711
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities...
Play Ransomware A Global Threat Impacting Businesses
Summary: The Play ransomware group, active since June 2022, employs a double-extortion model, impacting businesses globally. Utilizing legitimate tools for malicious activities, the group has affected approximately 300 entities. Threat Level - Red | Attack Report For a detailed threat advisory,...
Chinese Tonto Team Hackers' Second Attempt to Target Cybersecurity Firm Group-IB Fails
The advanced persistent threat APT actor known as Tonto Team carried out an unsuccessful attack on cybersecurity company Group-IB in June 2022. The Singapore-headquartered firm said that it detected and blocked malicious phishing emails originating from the group targeting its employees. It's als...
CVE-2022-40769
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022...
CVE-2022-40769
profanity through 1.60 has only four billion possible RNG initializations. Thus, attackers can recover private keys from Ethereum vanity addresses and steal cryptocurrency, as exploited in the wild in June 2022...
PT-2022-25527
Name of the Vulnerable Software and Affected Versions profanity versions 1.60 and earlier Description The issue allows attackers to recover private keys from Ethereum vanity addresses and steal cryptocurrency due to only four billion possible RNG initializations. This has been exploited in the...
GHSA-5M2H-7RF2-RPX6 UniSharp Laravel Filemanager directory traversal vulnerability
UniSharp laravel-filemanager aka Laravel Filemanager with league/flysystem version = 2.0.0...
UniSharp Laravel Filemanager directory traversal vulnerability
UniSharp laravel-filemanager aka Laravel Filemanager with league/flysystem version = 2.0.0...
VulnCheck KEV: CVE-2022-40734
UniSharp laravel-filemanager aka Laravel Filemanager before 2.6.4 allows download?workingdir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022. This is related to league/flysystem before 2.0.0...
CVE-2022-37108
An injection vulnerability in the syslog-ng configuration wizard in Securonix Snypr 6.4 allows an application user with the "Manage Ingesters" permission to execute arbitrary code on remote ingesters by appending arbitrary text to text files that are executed by the system, such as users' crontab...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for June 2022
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 21.0.2-IF012 and 21.0.3-IF010. Vulnerability Details CVEID:CVE-2021-43138 DESCRIPTION: Async could allow a remote attacker to...
palatepreess.com Cross Site Scripting vulnerability OBB-2700669
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
ingo-ehret.de Cross Site Scripting vulnerability OBB-2694315
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bajotecho.digital Cross Site Scripting vulnerability OBB-2693187
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
pegas-catering.de Cross Site Scripting vulnerability OBB-2692537
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
adulttoontube.com Cross Site Scripting vulnerability OBB-2691085
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...