125 matches found
MAL-2022-3471 Malicious code in grunt-backbone-typescript-accessor-generator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 115b154824bd13959e78a37c9aedd1573687c0ae5c3e7cc352e68c9a751984c3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Internet Backbone Giant Lumen Shuns .RU
Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the worlds Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumens decision comes just days after a similar exit by...
A Major Internet Backbone Company Cuts Off Russia
Plus: A ransomware gang leak, an Nvidia hack, and more of the week's top security news...
Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 1.6.6 release and security update
Red Hat AMQ Streams 1.6.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Critical: Red Hat Security Advisory: Red Hat AMQ Streams 1.8.4 release and security update
Red Hat AMQ Streams 1.8.4 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Critical: Red Hat Security Advisory: Red Hat AMQ Streams 1.6.5 release and security update
Red Hat AMQ Streams 1.6.5 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Out-of-Date Backbone JS Framework Detected
An out-of-date version of Backbone JS Framework has been detected. An outdated version could have vulnerabilities or missing security features. No source data...
Surveillance of the Internet Backbone
Vice has an article about how data brokers sell access to the Internet backbone. This is netflow data. Its useful for cybersecurity forensics, but can also be used for things like tracing VPN activity. At a high level, netflow data creates a picture of traffic flow and volume across a network. It...
GHSA-8QPM-5C82-RF96 Prototype Pollution in backbone-query-parameters
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in backbone-query-parameters 0.4.0 allows a malicious user to inject properties into Object.prototype...
Prototype Pollution in backbone-query-parameters
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in backbone-query-parameters 0.4.0 allows a malicious user to inject properties into Object.prototype...
CVE-2021-20085
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in backbone-query-parameters 0.4.0 allows a malicious user to inject properties into Object.prototype...
Buffer overflow
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in backbone-query-parameters 0.4.0 allows a malicious user to inject properties into Object.prototype...
CVE-2021-20085
CVE-2021-20085 affects backbone-query-parameters 0.4.0 and describes a prototype pollution flaw: improperly controlled modification of Object.prototype that enables a malicious user to inject properties into Object.prototype. The connected documents consistently reference this vulnerability and i...
CVE-2021-20085
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in backbone-query-parameters 0.4.0 allows a malicious user to inject properties into Object.prototype...
backbone-query-parameters 安全漏洞
backbone-query-parameters is an application. Copy ribs.queryparams.js into the environment and include it after ribs.js. A security vulnerability exists in backbone-query-parameters 0.4.0, which stems from an improperly controlled modification of an object prototype property that allows a malicio...
PT-2021-13763 · Unknown · Backbone-Query-Parameters
Name of the Vulnerable Software and Affected Versions: backbone-query-parameters version 0.4.0 Description: The issue is related to improperly controlled modification of object prototype attributes, also known as 'Prototype Pollution'. This allows a malicious user to inject properties into...
kinvey-angular-sdk (>=3.4.0 <=3.5.3), kinvey-angular2-sdk (>=3.4.1 <=3.5.2) +6 more potentially affected by CVE-2020-7741 via hellojs (>=1.13.1 <=1.14.1)
hellojs NPM version =1.13.1, =3.4.0, =3.4.1, =3.4.1, =3.4.0, =3.4.1, =3.4.0, =3.4.0, =3.4.1, =3.5.2 Source cves: CVE-2020-7741 Source advisory: OSV:GHSA-7JH9-6CPF-H4M7...
Russia’s SolarWinds Attack and Software Security
The information that is emerging about Russias extensive cyberintelligence operation against the United States and other countries should be increasingly alarming to the public. The magnitude of the hacking, now believed to have affected more than 250 federal agencies and businesses -- primarily...
A Broken Piece of Internet Backbone Might Finally Get Fixed
Efforts to secure the Border Gateway Protocol have picked up critical momentum, including a big assist from Google...
kinvey-angular-sdk (>=3.4.0 <=3.5.3), kinvey-angular2-sdk (>=3.4.1 <=3.5.2) +6 more potentially affected by CVE-2020-7741 via hellojs (>=1.13.1 <=1.14.1)
hellojs NPM version =1.13.1, =3.4.0, =3.4.1, =3.4.1, =3.4.0, =3.4.1, =3.4.0, =3.4.0, =3.4.1, =3.5.2 Source cves: CVE-2020-7741 Source advisory: SNYK:JS-HELLOJS-1014546...