29 matches found
CVE-2026-50882
An issue in the /api/v0/pastes endpoint of anna-is-cute paste v0.1.1 allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2026-50882
An issue in the /api/v0/pastes endpoint of anna-is-cute paste v0.1.1 allows attackers to cause a Denial of Service DoS via a crafted POST request...
PT-2026-49323
Name of the Vulnerable Software and Affected Versions anna-is-cute paste version 0.1.1 Description A flaw in the '/api/v0/pastes' endpoint allows attackers to cause a Denial of Service DoS, which is a condition where a service becomes unavailable to its intended users, by sending a specially...
CVE-2026-50882
CVE-2026-50882 affects anna-is-cute paste v0.1.1, exposed via the /api/v0/pastes endpoint. A crafted POST request can trigger a Denial of Service. The available documents confirm the endpoint and vulnerability class but do not specify affected versions beyond v0.1.1, nor provide concrete exploit ...
Malicious code in anna-salwa-tea (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a99818fee7cd0f2f61496468aa6b190495c8fa49efa03cf5c001016686997ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-143249
Malicious code in anna-salwa-tea npm...
EUVD-2006-6173
Malware in sbrugna...
anna-minasyan.com Cross Site Scripting vulnerability OBB-3851428
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
anna-jagmann.de Cross Site Scripting vulnerability OBB-3451128
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Solving the password’s hardest problem with passkeys, featuring Anna Pobletts
How many passwords do you have? If you're at all like our Lock and Code host David Ruiz, that number hovers around 200. But the important follow up question is: How many of those passwords can you actually remember on your own? Prior studies suggest a number that sounds nearly...
library.annauniv.edu Cross Site Scripting vulnerability OBB-2914398
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
GHSA-6XC4-7FMM-65Q2 Code injection in concrete CMS
Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...
Code injection in concrete CMS
Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...
CVE-2022-21829
Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...
CVE-2022-21829
Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...
Cross site request forgery (csrf)
Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...
anna-live.com Cross Site Scripting vulnerability OBB-2457889
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
anna-bella.org Improper Access Control vulnerability OBB-2249776
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Three Hackers Plead Guilty to Creating IoT-based Mirai DDoS Botnet
The U.S. federal officials have arrested three hackers who have pleaded guilty to computer-crimes charges for creating and distributing Mirai botnet that crippled some of the world's biggest and most popular websites by launching the massive DDoS attacks last year. According to the federal court...
Anna Elsa Puzzle - Base64 encoded String, Exported ContentProvider, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Anna Elsa Puzzle published at the 'play' market has multiple vulnerabilities...