Lucene search
K

118 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-31579

Malicious code in bioql PyPI...

7.6CVSS6.3AI score0.00266EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/09/19 2:2 p.m.4 views

17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge

The phishing-as-a-service PhaaS offerings known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. "Phishing-as-a-Service PhaaS deployments have risen significantly recently," Netcraft said in a new report. "The PhaaS operators...

6.4AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.2 views

MAL-2025-46273 Malicious code in test-mlw1-scaud-reach-sored-quipo (npm)

The package test-mlw1-scaud-reach-sored-quipo was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.2 views

Malicious code in test-mlw2-scaud-reach-sored-quipo (npm)

The package test-mlw2-scaud-reach-sored-quipo was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.1 views

MAL-2025-46301 Malicious code in test-mlw2-scaud-reach-sored-quipo (npm)

The package test-mlw2-scaud-reach-sored-quipo was found to contain malicious code...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/18 7:24 p.m.7 views

Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures

The threat actors behind the Noodlophile malware are leveraging spear-phishing emails and updated delivery mechanisms to deploy the information stealer in attacks aimed at enterprises located in the U.S., Europe, Baltic countries, and the Asia-Pacific APAC region. "The Noodlophile campaign, activ...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-3653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the...

5.3CVSS6.4AI score0.01866EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in @malware-test-scaud-reach-sored-quipo/test-mlw3-scaud-reach-sored-quipo (npm)

The package @malware-test-scaud-reach-sored-quipo/test-mlw3-scaud-reach-sored-quipo was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in test-mlw2-reach-pests-quill-acted (npm)

The package test-mlw2-reach-pests-quill-acted was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in test-mlw2-spore-which-reach-crepe (npm)

The package test-mlw2-spore-which-reach-crepe was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-36096 Malicious code in test-mlw2-reach-pests-quill-acted (npm)

The package test-mlw2-reach-pests-quill-acted was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-36314 Malicious code in test-mlw2-spore-which-reach-crepe (npm)

The package test-mlw2-spore-which-reach-crepe was found to contain malicious code...

7.2AI score
Exploits0
Snyk
Snyk
added 2025/03/20 12:32 p.m.4 views

Server-side Request Forgery (SSRF)

Overview composio-core is a Core package to act as a bridge between composio platform and other services. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF through the /api/actions/execute/WEBTOOLSCRAPEWEBSITECONTENT endpoint. An attacker with high privileges ca...

7.5CVSS6.6AI score0.00671EPSS
Exploits1References2
NVD
NVD
added 2024/11/19 5:15 p.m.4 views

CVE-2024-50546

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Riley Magnuson MyOrderDesk myorderdesk allows DOM-Based XSS.This issue affects MyOrderDesk: from n/a through = 3.2.6...

6.5CVSS0.00352EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/19 4:32 p.m.6 views

CVE-2024-50546 WordPress MyOrderDesk plugin <= 3.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Riley Magnuson MyOrderDesk myorderdesk allows DOM-Based XSS.This issue affects MyOrderDesk: from n/a through = 3.2.6...

6.5CVSS5.9AI score0.00352EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:32 p.m.36 views

CVE-2024-50546

CVE-2024-50546 affects WordPress MyOrderDesk plugin (≤3.2.6). The issue is a DOM-based XSS arising from improper input neutralization during page generation. Public records (NVD, Red Hat, Patchstack, CVE lists) confirm the vulnerability and indicate a fix exists; remediation is to update to a ver...

6.5CVSS5.9AI score0.00352EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/05/22 10:6 a.m.5 views

frr: mishandled malformed data leading to a crash

A data mishandling vulnerability was found in FRRouting. A malformed MPREACHNLRI data can lead to a crash, resulting in a denial of service...

5.9CVSS5.7AI score0.00849EPSS
Exploits0References5
hivepro
hivepro
added 2024/04/12 12:29 p.m.14 views

Raspberry Robin Expands Reach via WSF

...

7.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2024/03/29 9:2 p.m.26 views

Friday Squid Blogging: The Geopolitics of Eating Squid

New York Times op-ed on the Chinese dominance of the squid industry: Chinas domination in seafood has raised deep concerns among American fishermen, policymakers and human rights activists. They warn that China is expanding its maritime reach in ways that are putting domestic fishermen around the...

7.3AI score
Exploits0
OSV
OSV
added 2024/01/05 5:15 p.m.1 views

DEBIAN-CVE-2023-46837

Arm provides multiple helpers to clean & invalidate the cache for a given region. This is, for instance, used when allocating guest memory to ensure any writes such as the ones during scrubbing have reached memory before handing over the page to a guest. Unfortunately, the arithmetics in the...

3.3CVSS4.7AI score0.00241EPSS
Exploits0References1
Rows per page
Query Builder