Ransomware Breach at University of Hawaii Cancer Center Affects 1.2M People

The University of Hawaii Cancer Centre has confirmed a massive ransomware attack affecting 1.24 million people. Sensitive data, including Social Security numbers and historical voter records dating back to 1993, was compromised...

Malicious Package

Overview @viennacancercenterportal/js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in @vienna_cancer_center_portal/js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a76d15de3b0c984f8b9b8795e5bacb7604de14c2808edf0b4bd7f280c5d82db9 The package @viennacancercenterportal/js was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-204769

Malicious code in @viennacancercenterportal/js npm...

MAL-2025-192692 Malicious code in @vienna_cancer_center_portal/js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a76d15de3b0c984f8b9b8795e5bacb7604de14c2808edf0b4bd7f280c5d82db9 The package @viennacancercenterportal/js was found to contain malicious code. Source: ghsa-malware...

EUVD-2024-39122

Malicious code in bioql PyPI...

Malicious code in cancer (npm)

The package cancer was found to contain malicious code...

MAL-2025-16482 Malicious code in cancer (npm)

The package cancer was found to contain malicious code...

The vulnerability of the Firebird software components “Population Cancer Registry” and “Hospital Cancer Registry” allows attackers to disclose protected information.

The vulnerability of the Firebird software components “Population Cancer Registry” and “Hospital Cancer Registry” is related to the shared storage of passwords with decryption tools. Exploiting this vulnerability can allow an attacker to disclose the protected information...

The vulnerability of the Firebird software components “Population Cancer Registry” and “Hospital Cancer Registry” allows attackers to elevate their privileges to the level of system administrators.

The vulnerability of the Firebird software components “Population Cancer Registry” and “Hospital Cancer Registry” is related to the possibility of connecting to the database during the reproduction of the key hash. Exploiting this vulnerability allows a malicious actor to elevate their privileges...

The vulnerabilities of the "Population Cancer Registry" and "Hospital Cancer Registry" software allow attackers to carry out attacks using brute-force methods.

The vulnerabilities of the “Population Cancer Registry” and “Hospital Cancer Registry” software are related to insufficient restrictions on authentication attempts. Exploiting these vulnerabilities allows a remote attacker to carry out an attack using brute-force methods...

The vulnerability of the network authentication protocol used by the Firebird software components, “Population Cancer Registry” and “Hospital Cancer Registry,” allows attackers to intercept traffic.

The vulnerability of the network authentication protocol used by the Firebird software’s “Population Cancer Registry” and “Hospital Cancer Registry” components is related to the use of a insecure authentication method called LegacyAuth. Exploiting this vulnerability allows a malicious actor to...

PT-2024-10385 · Firebird · Firebird

Name of the Vulnerable Software and Affected Versions: Firebird component of "Популяционный раковый регистр" and "Госпитальный раковый регистр" affected versions not specified Description: The issue is related to the use of an insecure authentication method, Legacy Auth, in the Firebird component...

CVE-2024-41668 cBioPortal Proxy Endpoint Vulnerabliity

The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery SSRF attack. Logged in users...

CVE-2024-41668 cBioPortal Proxy Endpoint Vulnerabliity

The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery SSRF attack. Logged in users...

The vulnerabilities of the "Population Cancer Registry" and "Hospital Cancer Registry" software, which stem from weak password requirements, allow attackers to gain enhanced privileges and access protected information.

The vulnerabilities of the "Population Cancer Registry" and "Hospital Cancer Registry" software are related to weak password requirements. Exploiting these vulnerabilities can allow unauthorized users to gain increased privileges and access sensitive information...

sligocancersupportcentre.ie Cross Site Scripting vulnerability OBB-3912276

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cancer-pro.com Cross Site Scripting vulnerability OBB-3909283

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

nationalcancerscreen.com Cross Site Scripting vulnerability OBB-3904119

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ellenmacarthurcancertrust.org Cross Site Scripting vulnerability OBB-3851885

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...