EUVD-2024-24433

Malicious code in bioql PyPI...

CVE-2025-49421

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Andrei Filonov WP Text Expander wp-text-expander allows SQL Injection.This issue affects WP Text Expander: from n/a through = 1.0.1...

Process Sync 资源管理错误漏洞

Process Sync is an application for multi-process environments by Andrei Odintsov, a personal developer. A resource management error vulnerability exists in Process Sync version 0.2.2, which stems from a missing pthreadmutex unlock check...

CVE-2024-27194

Cross-Site Request Forgery CSRF vulnerability in Andrei Ivasiuc Fontific | Google Fonts allows Stored XSS.This issue affects Fontific | Google Fonts: from n/a through 0.1.6...

Match Systems’ CEO Andrei Kutin Provides Insight on DMM Bitcoin Breach

On May 31, 2024, 4502.9 BTC worth approximately $308M were stolen from the Japanese exchange Bitcoin.DMM.com due to…...

CVE-2024-30564

The CVE-2024-30564 issue affects andrei-tatar/nora-firebase-common in versions 1.0.41 through 1.12.2, where a crafted script submitted to the updateState parameter of updateStateInternal can enable remote code execution. Multiple sources corroborate the vulnerability’s presence across Red Hat, Ve...

CVE-2024-30564

An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method...

Match Systems report on consequences of CBDC implementation, led by CEO Andrei Kutin

By Cyber Newswire Match Systems, a leading authority in crypto crimes investigations and crypto AML solutions provider, has published a comprehensive… This is a post from HackRead.com Read the original post: Match Systems report on consequences of CBDC implementation, led by CEO Andrei Kutin...

CVE-2024-27194

CVE-2024-27194 affects Fontific | Google Fonts (WordPress plugin) up to version 0.1.6. The vulnerability is a CSRF flaw that enables Stored XSS via ajax_fontific_save_all. Public documentation in connected sources confirms the issue and notes an unpatched status for Fontific

andrei-anisimov.net Cross Site Scripting vulnerability OBB-3275351

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

TensorFlow vulnerable to segfault when opening multiframe gif

Impact Integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. python import urllib.request dat =...

GHSA-FQM2-GH8W-GR68 TensorFlow vulnerable to segfault when opening multiframe gif

Impact Integer overflow occurs when 2^31 = numframes height width channels 2^32, for example Full HD screencast of at least 346 frames. python import urllib.request dat =...

Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack

A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American...

Russian hacker jailed in US over $19M fraud, 100M users’ data theft

By Deeba Ahmed The 37-year-old hacker Andrei Tyurin was extradited to the US from Georgia in September 2018. This is a post from HackRead.com Read the original post: Russian hacker jailed in US over $19M fraud, 100M users data theft...

Windows Kernel - Information Disclosure Vulnerability

PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant 2 extract random values from kernel...

Windows Kernel - Information Disclosure

Windows Kernel - Information Disclosure PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant ...

Microsoft Windows Kernel - Information Disclosure

PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant 2 extract random values from kernel...

Ubuntu: Security Advisory (USN-4095-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Arbitrary Code Execution

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

Hootoo HT-05 Remote Code Execution

require 'msf/core' require 'net/http' require "uri" class MetasploitModule 'Hootoo HT-05 remote shell exploit', 'Description' = %q This module tries to open a door in the device by exploiting the RemoteCodeExecution by creating a backdoor inside the device This exploit was written by Andrei Manol...