Lucene search
K

160 matches found

NCSC
NCSC
added 2024/11/20 8:41 a.m.5 views

Vulnerabilities fixed in Palo Alto PAN OS

Palo Alto Networks has actively fixed exploited vulnerabilities in PAN-OS. UPDATE Public PoC has now appeared to exploit CVE-2024-0012. The vulnerability with attribute CVE-2024-0012 allows a malicious person with access to the management web interface to gain administrator privileges. Through th...

9.8CVSS8.2AI score0.99698EPSS
Exploits18References2
OSV
OSV
added 2024/10/17 12:36 a.m.3 views

MAL-2024-9426 Malicious code in jifa-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c700c6936dcb6a2eb1fbff5232aa1305e7e989c7ce3ce5ef847c3efc413f04e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/09 2:7 p.m.5 views

Malicious code in shmam-test-npm-test-5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b028136f8820f808eb720a45a7f396272c884a63944c004999ce50781449b6d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/01 12:0 a.m.10 views

PT-2024-7952

Name of the Vulnerable Software and Affected Versions Docker affected versions not specified Podman affected versions not specified Buildah affected versions not specified Description A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction, where the system...

9.9CVSS8.5AI score0.97781EPSS
Exploits27References206
OSV
OSV
added 2024/09/17 12:54 a.m.5 views

MAL-2024-8890 Malicious code in ably-sales-demo-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1329a9a4ad55c5ef0230b58a21648b4425bbde53212764b02bffcd44be07648f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/09/04 9:5 a.m.3 views

MAL-2024-8812 Malicious code in xuworu (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1acc43bebaf87047f1a3e650d87d7d46e95536b55031fee016b4d2e91a6aa9ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/09/04 9:5 a.m.3 views

MAL-2024-8773 Malicious code in hwoeurs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 080d83da56e40be2c07c71a7fffafb46f7514e83a531b5b88aaf22f63d275997 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/04 7:36 a.m.5 views

Malicious code in nginerrer-web-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cebffceb78bdb2f84e42e92350d51334a89f0f543977e469c226c40ca2601117 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2024/09/02 1:42 a.m.4 views

MAL-2024-8513 Malicious code in @diotoborg/perferendis-illo-facilis (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60aa8142e89a70ebb899e823e44c4f184f9682d8898576b8f3491fdd7b70fb1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/02 1:42 a.m.4 views

Malicious code in @diotoborg/id-fugiat-velit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8ace3906fe2cf66de6f9c0a2a32b2a356297501798a63aa94742747775b816b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2024/09/02 1:42 a.m.6 views

MAL-2024-8268 Malicious code in @diotoborg/ea-consectetur (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d65c9696fb568aa04d4ee8f20b1815ae16b0511e7731e9744663f006eb21fde3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/09/02 1:42 a.m.4 views

MAL-2024-8265 Malicious code in @diotoborg/dolorum-unde (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fddf262e0132df270971a1172fba3fbefd9e87973c91142ea50d208ec475f7bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/08/29 9:9 a.m.5 views

MAL-2024-8071 Malicious code in dwt-reporter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88db403b92b94f5d553816c131337f522d67a2db9e84298e6512b1a3ba386a7f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/08/07 11:54 p.m.6 views

MAL-2024-7919 Malicious code in @polycard/claim (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83cf247270fb38f1214026a0dfc88f3c545b6e374ded7f86023ea680ffea8720 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/07/25 3:52 a.m.6 views

MAL-2024-7804 Malicious code in floodtcpudp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a611aa867ba38df3df7fa580801761c47bd580ea1466bee912946e7b0dcca80b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Citrix
Citrix
added 2024/07/13 12:0 a.m.8 views

When to Enable Intermediate Buffering for Local Hard Drive Cache?

Background Enabling Intermediate Buffering improves throughput performance with writing to the write cache drive and can improve target device performance as well. Refer to Buffered Services for additional information on buffered file I/O services. The following are some points to consider before...

7.1AI score
Exploits0
OSV
OSV
added 2024/07/04 5:10 a.m.5 views

MAL-2024-7155 Malicious code in @zitterorg/deserunt-beatae-fuga (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9102b6b1b9c0603fe9968c593b5a7500377a6ac0843e6595dc438c9b75e213f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2024/05/06 1:30 a.m.3 views

MAL-2024-1337 Malicious code in @sxmp/logging (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9ae4f22558826d41c2db8d6705d87e6c33f6da3737504e0107814a9853924bfa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/16 12:0 a.m.5 views

PT-2024-27091

Name of the Vulnerable Software and Affected Versions TensorFlow's Keras framework versions prior to 2.13 Description A code injection issue in TensorFlow's Keras framework allows attackers to execute arbitrary code with the same permissions as the application. This can be achieved by using a mod...

9.8CVSS7.9AI score0.01745EPSS
Exploits1References21
SUSE CVE
SUSE CVE
added 2024/04/11 2:31 a.m.2 views

SUSE CVE-2024-22423

yt-dlp is a youtube-dl fork with additional features and fixes. The patch that addressed CVE-2023-40581 attempted to prevent RCE when using --exec with %q by replacing double quotes with two double quotes. However, this escaping is not sufficient, and still allows expansion of environment...

9.8CVSS7.1AI score0.01254EPSS
Exploits1References3
Rows per page
Query Builder