MAL-2024-11230 Malicious code in testing-bounty123 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3baf10e9fd106ea680be856387e7922e4a863a1eaf02c4fab1aaff60e537dfbd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in testing-bounty123 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3baf10e9fd106ea680be856387e7922e4a863a1eaf02c4fab1aaff60e537dfbd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-55268

A Reflected Cross Site Scripting XSS vulnerability was found in /covidtms/registered-user-testing.php in PHPGurukul COVID 19 Testing Management System 1.0 which allows remote attackers to execute arbitrary code via the regmobilenumber parameter...

CVE-2024-55268

A Reflected Cross Site Scripting XSS vulnerability was found in /covidtms/registered-user-testing.php in PHPGurukul COVID 19 Testing Management System 1.0 which allows remote attackers to execute arbitrary code via the regmobilenumber parameter...

Oracle Linux 9 : redis:7 (ELSA-2024-10869)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10869 advisory. 7.2.6-1 - rebase to 7.2.6 RHEL-26628 7.0.12-1 - rebase to 7.0.12 2221899 7.0.11-1 - rebase to 7.0.11 for new redis:7 stream 2129826 7.0.11-1 - Upstrea...

CVE-2024-55268

CVE-2024-55268 describes a reflected XSS in the PHPGurukul COVID 19 Testing Management System 1.0. Affected component: /covidtms/registered-user-testing.php. Root cause: vulnerable handling of the regmobilenumber parameter enabling a reflected XSS that could allow a remote attacker to execute arb...

CVE-2024-55268

A Reflected Cross Site Scripting XSS vulnerability was found in /covidtms/registered-user-testing.php in PHPGurukul COVID 19 Testing Management System 1.0 which allows remote attackers to execute arbitrary code via the regmobilenumber parameter...

CVE-2024-55268

A Reflected Cross Site Scripting XSS vulnerability was found in /covidtms/registered-user-testing.php in PHPGurukul COVID 19 Testing Management System 1.0 which allows remote attackers to execute arbitrary code via the regmobilenumber parameter...

PHPGurukul COVID 19 Testing Management System 安全漏洞

PHPGurukul COVID 19 Testing Management System is a COVID 19 testing management system from PHPGurukul Inc. A security vulnerability exists in version 1.0 of the PHPGurukul COVID 19 Testing Management System that stems from vulnerability to reflective cross-site scripting attacks...

Fedora 40 : thunderbird (2024-515180fdb3)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-515180fdb3 advisory. Update to 128.5.0 https://www.thunderbird.net/en-US/thunderbird/128.5.0esr/releasenotes/...

CVE-2024-53138 net/mlx5e: kTLS, Fix incorrect page refcounting

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix incorrect page refcounting The kTLS tx handling code is using a mix of getpage and pagerefinc APIs to increment the page reference. But on the release path mlx5ektlstxhandleresyncdumpcomp, only putpage is use...

PYSEC-2024-256

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. In versions prior to 3.9.7, the requests.get request in the checkurl method is specified as allowredirects=True, which allows a server-side reque...

CVE-2024-53999

MobSF suffers a Stored Cross-Site Scripting (XSS) vulnerability in the Diff or Compare functionality. The issue stems from allowing scripts in the filename parameter during file uploads, enabling a malicious actor to upload a script and trigger its execution when users invoke the diff/compare fea...

CVE-2024-53999 Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The application allows users to upload files with scripts in the filename parameter. As a result, a malicious user can upload a script file to th...

Exploit for Uncontrolled Resource Consumption in Ietf Http

CVE-2023-44487 - HTTP/2 Rapid Reset Exploit PoC --- Desc...

CBL Mariner 2.0 Security Update: CBL-Mariner Releases / ceph / zstd (CVE-2021-24032)

The version of CBL-Mariner Releases / ceph / zstd installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-24032 advisory. - Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for...

CBL Mariner 2.0 Security Update: bazel (CVE-2022-3474)

The version of bazel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-3474 advisory. - A bad credential handling in the remote assets API for Bazel versions prior to 5.3.2 and 4.2.3 sends all...

The vulnerability of the deployment and model management software for deep learning in the Intel Distribution of OpenVINO Model Server lies in insufficient validation of input data, allowing attackers to trigger service failures.

The vulnerability of the deployment and model management software for deep learning in the Intel Distribution of OpenVINO Model Server is related to insufficient testing of input data. Exploiting this vulnerability can allow attackers to cause service failures...

The US Army's Vision of Soldiers in Exoskeletons Lives On

Following decades of failed attempts and dashed dreams, the US Army is once again trying out powered exoskeletons to help soldiers haul munitions and equipment in the field...

CVE-2024-53635

A Reflected Cross Site Scripting XSS vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata POST request parameter...