126 matches found
MAL-2026-4704 Malicious code in veteran-proxy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2528c02db9bcb4016a3347fdfae55c037c0462d6c0d29adb4245605424ad31f On npm install, the postinstall hook node install.js downloads a platform-specific binary archive from a hardcoded...
[SECURITY] [DSA 6252-1] prosody security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6252-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 07, 2026 https://www.debian.org/security/faq -...
Astra Linux - уязвимость в firefox
When Multi-Account Containers was enabled, DNS requests could bypass a SOCKS proxy when the domain name was invalid or the SOCKS proxy was not responding. This vulnerability was fixed in Firefox 140 and Thunderbird 140...
New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy
Cybersecurity researchers have flagged a new variant ofmalware called Chaos that'scapable of hitting misconfigured cloud deployments, marking an expansion of the botnet's targeting infrastructure. "Chaos malware is increasingly targeting misconfigured cloud deployments, expanding beyond its...
EcoStruxure IT Data Center Expert <= 9.0 Use of Hard-coded Credentials (SEVD-2026-069-05)
The version of EcoStruxure IT Data Center Expert installed on the remote host is 9.0 or prior. It is, therefore, affected by a vulnerability as referenced in the SEVD-2026-069-05 advisory. - Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code...
CVE-2025-13957
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
EUVD-2025-208473
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
EUVD-2025-208474
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
CVE-2025-13957
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
CVE-2025-13957
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
CVE-2025-13957
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
CVE-2025-13957
CWE-798: Use of Hard-coded Credentials vulnerability exists that could cause information disclosure and remote code execution when SOCKS Proxy is enabled, and administrator credentials and PostgreSQL database credentials are known. SOCKS Proxy is disabled by default...
CVE-2025-13957
Summary: CVE-2025-13957 is a CWE-798 vulnerability involving hard-coded credentials that could lead to information disclosure and remote code execution when SOCKS Proxy is enabled, if administrator and PostgreSQL credentials are known. The issue is associated with Schneider Electric EcoStruxure I...
PT-2026-24204
Name of the Vulnerable Software and Affected Versions PostgreSQL affected versions not specified Description A security issue exists due to the use of hard-coded credentials. This could lead to information disclosure and remote code execution when the SOCKS Proxy is enabled, and administrator...
Schneider Electric EcoStruxure IT Data Center Expert 信任管理问题漏洞
Schneider Electric EcoStruxure IT Data Center Expert is an extensible monitoring software developed by Schneider Electric, a French company. It is used to collect, organize, and distribute information about critical devices, providing a comprehensive view of the devices. Schneider Electric...
CVE-2020-24396
homee Brain Cube v2 2.28.2 and 2.28.4 devices have sensitive SSH keys within downloadable and unencrypted firmware images. This allows remote attackers to use the support server as a SOCKS proxy...
CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China PRC to maintain long-term persistence on compromised systems. "BRICKSTORM is a...
EUVD-2020-17125
Malware in sbrugna...
EUVD-2017-15213
Malware in sbrugna...
EUVD-2017-9474
Malware in sbrugna...