Lucene search
K

2294 matches found

Snyk
Snyk
added 2023/10/11 9:0 p.m.1 views

Malicious Package

Overview Pathoschild.Stardew.Mod.Build.Config is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.2 views

Malicious Package

Overview KucoinExchange.Net is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.2 views

Malicious Package

Overview MinecraftPocket.Server is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.3 views

Malicious Package

Overview Modern.Winform.UI is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machin...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.2 views

Malicious Package

Overview CData.Salesforce.Net.Framework is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.3 views

Malicious Package

Overview Betalgo.Open.AI is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the victim's machine,...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2023/10/11 9:0 p.m.2 views

Malicious Package

Overview CData.NetSuite.Net.Framework is a malicious package. This package contains malicious code that executes covert scripts upon installation or uninstallation, communicating with a remote server to download and execute additional malicious files, thereby deploying the SeroXen RAT on the...

9.8CVSS7.4AI score
Exploits0References2
OSV
OSV
added 2023/10/06 1:52 p.m.25 views

CVE-2023-42445 Possible local file exfiltration by XML External entity injection

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML external entities is not disabled. Combined with an Out Of Band XXE attack OOB-XXE, just parsing XML can lead to exfiltration of local tex...

6.8CVSS6.3AI score0.00674EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.37 views

SaltStack 3000 < 3002.8 / 3003 < 3003.4 / 3004 < 3004.1 Multiple Vulnerabilities

According to its self-reported version number, the instance of SaltStack hosted on the remote server is affected by multiple vulnerabilities: - After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests...

7.8CVSS6.4AI score0.01033EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2023/09/28 5:22 p.m.51 views

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The malicious code exfiltrates the GitHub project's defined secrets to a malicious C2 server and modify any...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/26 11:49 a.m.49 views

Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions

An updated version of an Android banking trojan called Xenomorph has set its sights on more than 35 financial institutions in the U.S. The campaign, according to Dutch security firm ThreatFabric, leverages phishing web pages that are designed to entice victims into installing malicious Android ap...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/22 2:48 p.m.19 views

New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks

An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico. "The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/12 10:1 a.m.40 views

Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper

A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines. "A phishing email delivers the Word document as an...

7AI score
Exploits0
0day.today
0day.today
added 2023/09/11 12:0 a.m.305 views

Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS Vulnerability

Exploit Title: Axigen if xhr1.readyState === XMLHttpRequest.DONE hcookie = new URLxhr1.responseURL.search.split"="1; xhr2.open'PATCH', /api/v1/conversations/MQ/?h=$hcookie, true; xhr2.setRequestHeader'Content-Type', 'application/json';...

6.1CVSS6.3AI score0.52088EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2023/09/09 12:0 a.m.14 views

Fedora 38 : pypy (2023-c43a940a93)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c43a940a93 advisory. Security fix for CVE-2022-45061 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

7.5CVSS7.1AI score0.02453EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2023/09/08 12:0 a.m.436 views

Axigen &lt; 10.3.3.47, 10.2.3.12 - Reflected XSS

Exploit Title: Axigen if xhr1.readyState === XMLHttpRequest.DONE hcookie = new URLxhr1.responseURL.search.split"="1; xhr2.open'PATCH', /api/v1/conversations/MQ/?h=$hcookie, true; xh...

6.1CVSS6.3AI score0.52088EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.37 views

Oracle Linux 7 : squid (ELSA-2020-1068)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1068 advisory. - Resolves: 1729435 - CVE-2019-13345 squid: XSS via username or auth parameter in cachemgr.cgi - Resolves: 1582301 - CVE-2018-1000024 CVE-2018-1000027...

7.5CVSS6.2AI score0.74477EPSS
Exploits1References4
The Hacker News
The Hacker News
added 2023/09/06 1:50 p.m.57 views

Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant

The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. "APT34 has a high level of attack technology, can design different intrusion methods for different types of targets, and has supply chain...

9.3CVSS7.7AI score0.99945EPSS
Exploits36
The Hacker News
The Hacker News
added 2023/08/22 10:12 a.m.37 views

Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates

A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its insect-themed moniker Carderbee. The...

6.1AI score
Exploits0
OSV
OSV
added 2023/08/17 7:15 p.m.25 views

CVE-2023-40313

A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian versions which could allow arbitrary remote Java code execution. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer...

8.8CVSS7.8AI score
Exploits0References2
Rows per page
Query Builder