Lucene search
+L

109 matches found

Vulnrichment
Vulnrichment
added 2023/09/22 12:0 a.m.10 views

CVE-2023-43784

Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat...

7AI score0.00473EPSS
Exploits0References2
CVE
CVE
added 2023/09/22 12:0 a.m.46 views

CVE-2023-43784

CVE-2023-43784 affects Plesk Onyx 17.8.11 where accessKeyId and secretAccessKey fields are tied to an Amazon AWS Firehose component. Red Hat and other sources confirm the issue; the vendor's position is that there is no security threat. Exploitation information is not provided in the connected do...

7.5CVSS7.5AI score0.00473EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/09/22 12:0 a.m.8 views

Plesk Onyx Security Vulnerability

Plesk Onyx is a hosting control panel from Plesk Switzerland. A security vulnerability exists in Plesk Onyx version 17.8.11 that stems from a security issue with the accessKeyId and SecretAccessKey fields associated with the Amazon AWS Firehose component...

7.5CVSS6.7AI score0.00473EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/09/21 12:0 a.m.22 views

PT-2023-28982 · Plesk +1 · Plesk Onyx +1

Name of the Vulnerable Software and Affected Versions: Plesk Onyx version 17.8.11 Description: The issue is related to the presence of accessKeyId and secretAccessKey fields in the Amazon AWS Firehose component. However, the vendor's position is that there is no security threat. Recommendations:...

7.5CVSS7AI score0.00473EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/08/09 9:19 p.m.3 views

Malicious code in eslint-config-onyx-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 62b8e60882fd76fb4ef0935a91025d2bea424c98f200a89b041380859df410b5 The OpenSSF Package Analysis project identified 'eslint-config-onyx-ui' @ 3.1.3 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
OSV
OSV
added 2023/08/09 9:19 p.m.10 views

MAL-2023-1176 Malicious code in eslint-config-onyx-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 62b8e60882fd76fb4ef0935a91025d2bea424c98f200a89b041380859df410b5 The OpenSSF Package Analysis project identified 'eslint-config-onyx-ui' @ 3.1.3 npm as malicious. It is considered malicious because: - The...

7.3AI score
Exploits0
HackRead
HackRead
added 2022/12/08 6:18 p.m.15 views

The Onyx Fms: Monitor And Prevent Telecom Fraud In Real-time

By Owais Sultan Telco fraud, telecom fraud, telecommunications fraud – regardless of the name used, it refers to one thing that… This is a post from HackRead.com Read the original post: The Onyx Fms: Monitor And Prevent Telecom Fraud In Real-time...

3.6AI score
Exploits0
ThreatPost
ThreatPost
added 2022/05/25 1:18 p.m.33 views

Link Found Connecting Chaos, Onyx and Yashma Ransomware

For a year now, threat actors have been using different versions of the same ransomware builder – “Chaos” – to attack governments, corporations and healthcare facilities. Now researchers from Blackberry have connected the dots, painting a picture of a malware that has evolved five times in twelve...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/05/06 8:59 a.m.50 views

Ransomware: April 2022 review

The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of proprietary and open-source intelligence. April 2022 was most notable for the emergence of three new ransomware-as-a-service RaaS groups—Onyx, Mindwar...

Exploits0
Malwarebytes
Malwarebytes
added 2022/04/28 2:27 p.m.30 views

Onyx ransomware destroys files, and also the criminal circle of trust

Some ransomware authors seem to be whittling down their tenuous "circle of trust" style agreement with victims even further. Word has spread of an Onyx ransomware operation a variant of Chaos ransomware which is quite a bit more destructive than those impacted would be hoping for. However, all is...

7.3AI score
Exploits0
CNVD
CNVD
added 2020/08/05 12:0 a.m.5 views

Plesk Onyx Cross-Site Scripting Vulnerability

Plesk Onyx is a hosting control panel from the Swiss company Plesk. A cross-site scripting vulnerability exists in Plesk Onyx version 17.8.11. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...

6.1CVSS6.4AI score0.00905EPSS
Exploits0References1
OSV
OSV
added 2020/08/03 9:15 p.m.5 views

CVE-2020-11584

A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter...

6.1CVSS6.5AI score0.00905EPSS
Exploits0References1
NVD
NVD
added 2020/08/03 9:15 p.m.16 views

CVE-2020-11584

A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter...

6.1CVSS6.1AI score0.00905EPSS
Exploits0References1
Prion
Prion
added 2020/08/03 9:15 p.m.12 views

Cross site scripting

A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter...

4.3CVSS6AI score0.00905EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/08/03 8:5 p.m.21 views

CVE-2020-11584

A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter...

6.1AI score0.00905EPSS
Exploits0References1
CVE
CVE
added 2020/08/03 8:5 p.m.59 views

CVE-2020-11584

CVE-2020-11584 describes a GET-based reflected XSS in Plesk Onyx 17.8.11 . The vulnerability allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter. The connected documents confirm the affected product/version and the nature of the flaw, but do not pr...

6.1CVSS6AI score0.00905EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2020/02/19 7:1 p.m.8 views

onyx-mining.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1096740 Security Researcher geeknik Helped patch 8826 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting onyx-mining.com website an...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/04/29 12:0 a.m.124 views

SGI IRIX <= 6.5.5 syssgi() Onyx kernel memory disclosure Exploit

Exploit for irix platform in category local exploits / SGI IRIX include include include include include define bufsize 4294967295 int mainint argc,char argv int fd; ssizet out; char outputbuffer; ifargc \n"; exit1; printf" IRIX 6.5.5 syssgi Onyx IP19/IP21/IP25 kernel memory information leak\n";...

6.8AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/11/29 9:54 a.m.7 views

demo.onyx-healthcare.com XSS vulnerability

Open Bug Bounty ID: OBB-704829 Description| Value ---|--- Affected Website:| demo.onyx-healthcare.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:...

Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2018/09/29 8:22 p.m.13 views

Security Bulletin: Onyx link security (PO07142)

Summary Links that have the same access levels as their ends, but receive them through different security settings, are not returned correctly in search results. This can result in search results being incorrectly removed. Vulnerability Details This issue affects systems that use IBM i2 Analyze...

0.5AI score
Exploits0
Rows per page
Query Builder