Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-25046

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00609EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:11 a.m.4 views

CVE-2022-1765

The Hot Linked Image Cacher WordPress plugin through 1.16 is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks due to copyright violations or licensing rules...

8.8CVSS6.7AI score0.00609EPSS
Exploits2References1
Malwarebytes
Malwarebytes
added 2025/05/16 11:30 a.m.9 views

Meta sent cease and desist letter over AI training

EU privacy advocacy group NOYB has clapped back at Meta over its plans to start training its AI model on European users' data. In a cease and desist letter to the social networking giant's Irish operation signed by founder Max Schrems, the non-profit demanded that it justify its actions or risk...

6.8AI score
Exploits0
Prion
Prion
added 2022/06/13 1:15 p.m.10 views

Cross site request forgery (csrf)

The Hot Linked Image Cacher WordPress plugin through 1.16 is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks due to copyright violations or licensing rules...

6.8CVSS8.5AI score0.00609EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/06/13 12:42 p.m.17 views

CVE-2022-1765 Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRF

The Hot Linked Image Cacher WordPress plugin through 1.16 is vulnerable to CSRF. This can be used to store / cache images from external domains on the server, which could lead to legal risks due to copyright violations or licensing rules...

8.8AI score0.00609EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/06/13 12:0 a.m.2 views

WordPress plugin Hot Linked Image Cacher 跨站请求伪造漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress plugin Hot Linked Image Cacher version 1.16 and prior versions, which stems fro...

8.8CVSS5.5AI score0.00609EPSS
Exploits2References2
Schneier on Security
Schneier on Security
added 2020/10/30 2:14 p.m.21 views

The Legal Risks of Security Research

Sunoo Park and Kendra Albert have published "A Researcher’s Guide to Some Legal Risks of Security Research." From a summary: Such risk extends beyond anti-hacking laws, implicating copyright law and anti-circumvention provisions DMCA §1201, electronic privacy law ECPA, and cryptography export...

1.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2020/07/23 11:3 a.m.25 views

Adversarial Machine Learning and the CFAA

I just co-authored a paper on the legal risks of doing machine learning research, given the current state of the Computer Fraud and Abuse Act: Abstract: Adversarial Machine Learning is booming with ML researchers increasingly targeting commercial ML systems such as those used in Facebook, Tesla,...

1.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/06/04 3:30 p.m.93 views

Sodinokibi ransomware gang auctions off stolen data

Is it legal to buy stolen data from criminals? In most countries the answer would be no. But will it lead to a penalty or a fine? That is a different question and I’m afraid some companies and organizations will be inclined to seriously consider the last question even when they know the answer to...

6.5AI score
Exploits0
ThreatPost
ThreatPost
added 2017/03/02 9:55 a.m.16 views

Yahoo Tells SEC Executives Failed to Act on Breach

Yahoo’s quarterly SEC filings have been the only window into the massive data breaches that have exposed more than 1.5 billion records in the past four years. This week, Yahoo’s Q4 2016 filing was made public, and the view got uglier. The company admitted to the SEC and its investors that its...

0.3AI score
Exploits0References6
ThreatPost
ThreatPost
added 2015/09/04 8:30 a.m.12 views

Citing Wassenaar, HP Pulls out of Mobile Pwn2Own

More evidence of the potential chilling effect the Wassenaar Arrangement could have on security research surfaced this week when it was revealed HP has decided not to take part in November’s Mobile Pwn2Own hacking contest in Japan. Dragos Ruiu, who organizes the CanSecWest and PacSecWest...

7.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2009/03/23 2:56 p.m.11 views

No more free bugs for software vendors

It appears that the free ride is over for software vendors. For years, software makers have benefited from the work done by the community of security researchers who spend days or weeks looking for vulnerabilities and novel ways to break the vendors’ products. This work is virtually always done p...

0.2AI score
Exploits0References4
Rows per page
Query Builder