109 matches found
CVE-2023-43784
Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat...
CVE-2023-43784
CVE-2023-43784 affects Plesk Onyx 17.8.11 where accessKeyId and secretAccessKey fields are tied to an Amazon AWS Firehose component. Red Hat and other sources confirm the issue; the vendor's position is that there is no security threat. Exploitation information is not provided in the connected do...
Plesk Onyx Security Vulnerability
Plesk Onyx is a hosting control panel from Plesk Switzerland. A security vulnerability exists in Plesk Onyx version 17.8.11 that stems from a security issue with the accessKeyId and SecretAccessKey fields associated with the Amazon AWS Firehose component...
PT-2023-28982 · Plesk +1 · Plesk Onyx +1
Name of the Vulnerable Software and Affected Versions: Plesk Onyx version 17.8.11 Description: The issue is related to the presence of accessKeyId and secretAccessKey fields in the Amazon AWS Firehose component. However, the vendor's position is that there is no security threat. Recommendations:...
Malicious code in eslint-config-onyx-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 62b8e60882fd76fb4ef0935a91025d2bea424c98f200a89b041380859df410b5 The OpenSSF Package Analysis project identified 'eslint-config-onyx-ui' @ 3.1.3 npm as malicious. It is considered malicious because: - The...
MAL-2023-1176 Malicious code in eslint-config-onyx-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 62b8e60882fd76fb4ef0935a91025d2bea424c98f200a89b041380859df410b5 The OpenSSF Package Analysis project identified 'eslint-config-onyx-ui' @ 3.1.3 npm as malicious. It is considered malicious because: - The...
The Onyx Fms: Monitor And Prevent Telecom Fraud In Real-time
By Owais Sultan Telco fraud, telecom fraud, telecommunications fraud – regardless of the name used, it refers to one thing that… This is a post from HackRead.com Read the original post: The Onyx Fms: Monitor And Prevent Telecom Fraud In Real-time...
Link Found Connecting Chaos, Onyx and Yashma Ransomware
For a year now, threat actors have been using different versions of the same ransomware builder – “Chaos” – to attack governments, corporations and healthcare facilities. Now researchers from Blackberry have connected the dots, painting a picture of a malware that has evolved five times in twelve...
Ransomware: April 2022 review
The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of proprietary and open-source intelligence. April 2022 was most notable for the emergence of three new ransomware-as-a-service RaaS groups—Onyx, Mindwar...
Onyx ransomware destroys files, and also the criminal circle of trust
Some ransomware authors seem to be whittling down their tenuous "circle of trust" style agreement with victims even further. Word has spread of an Onyx ransomware operation a variant of Chaos ransomware which is quite a bit more destructive than those impacted would be hoping for. However, all is...
Plesk Onyx Cross-Site Scripting Vulnerability
Plesk Onyx is a hosting control panel from the Swiss company Plesk. A cross-site scripting vulnerability exists in Plesk Onyx version 17.8.11. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability to execute...
CVE-2020-11584
A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter...
CVE-2020-11584
A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter...
Cross site scripting
A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter...
CVE-2020-11584
A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter...
CVE-2020-11584
CVE-2020-11584 describes a GET-based reflected XSS in Plesk Onyx 17.8.11 . The vulnerability allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter. The connected documents confirm the affected product/version and the nature of the flaw, but do not pr...
onyx-mining.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1096740 Security Researcher geeknik Helped patch 8826 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting onyx-mining.com website an...
SGI IRIX <= 6.5.5 syssgi() Onyx kernel memory disclosure Exploit
Exploit for irix platform in category local exploits / SGI IRIX include include include include include define bufsize 4294967295 int mainint argc,char argv int fd; ssizet out; char outputbuffer; ifargc \n"; exit1; printf" IRIX 6.5.5 syssgi Onyx IP19/IP21/IP25 kernel memory information leak\n";...
demo.onyx-healthcare.com XSS vulnerability
Open Bug Bounty ID: OBB-704829 Description| Value ---|--- Affected Website:| demo.onyx-healthcare.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:...
Security Bulletin: Onyx link security (PO07142)
Summary Links that have the same access levels as their ends, but receive them through different security settings, are not returned correctly in search results. This can result in search results being incorrectly removed. Vulnerability Details This issue affects systems that use IBM i2 Analyze...