67 matches found
EUVD-2020-21525
Malware in sbrugna...
EUVD-2021-1792
Malware in sbrugna...
CVE-2020-36442
An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait...
New Cyberthreat 'Boolka' Deploying BMANAGER Trojan via SQLi Attacks
A previously undocumented threat actor dubbed Boolka has been observed compromising websites with malicious scripts to deliver a modular trojan codenamed BMANAGER. "The threat actor behind this campaign has been carrying out opportunistic SQL injection attacks against websites in various countrie...
capegrimbeef.com.au Cross Site Scripting vulnerability OBB-3873301
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
greenbeefloraldesigns.com Cross Site Scripting vulnerability OBB-3612684
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Friday Squid Blogging: “Mediterranean Beef Squid” Hoax
The viral video of the "Mediterranean beef squid"is a hoax. Its not even a deep fake; its a plastic toy. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Data races in beef
An issue was discovered in the beef crate before 0.5.0 for Rust. Affected versions of this crate did not have a T: Sync bound in the Send impl for Cow. This allows users to create data races by making Cow contain types that are Send && !Sync like Cell or RefCell. Such data races can lead to memor...
almond (=0.2.0), ascesis (=0.0.6) +86 more potentially affected by CVE-2020-36442 via beef (>=0.1.5 <=0.4.4)
beef CARGO version =0.1.5, =0.2.0, =0.1.0, =0.5.6, =0.1.0, =0.1.0, =0.5.4, =0.2.0, =0.2.0, =0.1.0, =0.1.2 and more Source cves: CVE-2020-36442 Source advisory: OSV:GHSA-M7W4-8WP8-M2XQ...
GHSA-M7W4-8WP8-M2XQ Data races in beef
An issue was discovered in the beef crate before 0.5.0 for Rust. Affected versions of this crate did not have a T: Sync bound in the Send impl for Cow. This allows users to create data races by making Cow contain types that are Send && !Sync like Cell or RefCell. Such data races can lead to memor...
CVE-2020-36442
An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait...
CVE-2020-36442
An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait...
Design/Logic Flaw
An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait...
CVE-2020-36442
The CVE-2020-36442 issue concerns the beef crate for Rust (pre-0.5.0) where beef::Cow lacked a Sync bound on its Send trait. This omission enables data races by allowing Cow to hold non-Sync types (e.g., Cell/RefCell) inside, potentially leading to memory corruption. Several connected sources cor...
CVE-2020-36442
An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait...
CVE-2020-29145
In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via the name or description field to a solutionUnitServlet?SuName=UserReferenceDataSU Access Rights Group. In most test cases, session hijacking was also possible by utilizing th...
CVE-2020-29144
In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or...
Cross site scripting
In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or...
CVE-2020-29144
In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment. In most test cases, session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or...
CVE-2020-29145
In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via the name or description field to a solutionUnitServlet?SuName=UserReferenceDataSU Access Rights Group. In most test cases, session hijacking was also possible by utilizing th...