CVE-2023-31069

TSplus Remote Access (up to version 16.0.2.14) contains a credential exposure in which passwords are stored as cleartext in the HTML source of the login page. This is documented across multiple sources (NVD/Red Hat/PRION entries) and confirms the root cause is cleartext credential storage on the ...

CVE-2023-31069

An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page...

Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-72138)

LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...

Synel Security Vulnerabilities

Synel is a time and attendance management system from Synel Israel. A security vulnerability exists in Synel Terminals versions prior to 3015.1 that stems from downloading source code from a remote location without integrity checking...

SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations

An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and spawn their own bespoke variants. "Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate...

Noir - An Attack Surface Detector Form Source Code

Noir is an attack surface detector form source code. Key Features Automatically identify language and framework from source code. Find API endpoints and web pages through code analysis. Load results quickly through interactions with proxy tools such as ZAP, Burpsuite, Caido and More Proxy tools...

Malicious npm Packages Aim to Target Developers for Source Code Theft

An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and configuration files from victim machines, a sign of how threats lurk consistently in open-source repositories. "The threat actor behind this campaign has been linked to malicious...

CVE-2023-40164

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in nsCodingStateMachine::NextStater. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time...

CVE-2023-40166

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...

Heap overflow

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...

CVE-2023-40166 Notepad++ heap buffer read overflow in FileManager::detectLanguageFromTextBegining

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...

CVE-2023-40166

CVE-2023-40166 affects Notepad++ versions prior to 8.5.7. The issue is a heap buffer read overflow in FileManager::detectLanguageFromTextBegining, which can leak internal memory information and, per related advisories, may enable arbitrary code execution under some conditions. Public exploits exi...

CVE-2023-40166 Notepad++ heap buffer read overflow in FileManager::detectLanguageFromTextBegining

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in FileManager::detectLanguageFromTextBegining . The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. ...

CVE-2023-40036

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in CharDistributionAnalysis::HandleOneChar. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As ...

CVE-2023-40031

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in Utf816Read::convert. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++...

Buffer overflow

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in CharDistributionAnalysis::HandleOneChar. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As ...

CVE-2023-40164 Notepad++ global buffer read overflow in nsCodingStateMachine::NextState

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in nsCodingStateMachine::NextStater. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time...

CVE-2023-40164

Notepad++ prior to 8.5.7 is affected by a global buffer overflow issue in Notepad++ core components: a read overflow in nsCodingStateMachine::NextStater (NVD) and a related heap buffer overflow in Utf8_16_Read::convert (PT-2023-4643). Impact is described as potential leakage of internal memory in...

CVE-2023-40036 Notepad++ global buffer read overflow in CharDistributionAnalysis::HandleOneChar

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in CharDistributionAnalysis::HandleOneChar. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As ...

CVE-2023-40036 Notepad++ global buffer read overflow in CharDistributionAnalysis::HandleOneChar

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in CharDistributionAnalysis::HandleOneChar. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As ...