160 matches found
SUSE CVE-2023-29007
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted .gitmodules file with submodule URLs that are longer than 1024 characters can used to exploit a bug in...
SUSE CVE-2023-22490
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort loca...
SUSE CVE-2021-29509
Puma is a concurrent HTTP 1.1 server for Ruby/Rack applications. The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from having their requests starved by greedy persistent-connections saturating all threads in the same...
Stored XSS edit Config Link
Description Stored Cross-Site Scripting XSS through hyperlinks refers to a type of security vulnerability that occurs when an attacker injects malicious code into a hyperlink, which is then stored in the application's database or web server. When a user clicks on the infected hyperlink, the...
Exploit for Race Condition in Apple Safari
Mandela Rewritten iOS customization app powered by CVE-202...
MAL-2023-50 Malicious code in @playgami/eslint-config-portal-typescript (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e83105996605b836f1b53a8a2f0c7d6e4178af363031bd770f6c579e8bef9c17 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Forging Ahead in 2023: Insights From Trend Micro’s 2023 Security Predictions
In 2023, cybercriminals and defenders alike will have to move forward with caution in the face of a business landscape that’s fraught with security blindsides and economic ebbs and flows...
caudron-svv.com Cross Site Scripting vulnerability OBB-3085183
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Malicious code in m5d (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d0c0eefe62c7b256b4dce3e00d3a7ec577364f132a34f274a377bea8506c5bc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in hogajnjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7356dbf28f520e63a31d6f984cd90420f21092d6ccac79fe10da69b7ae4784cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2021-3601
Removed by vendor...
Zenbuster - Multi-threaded URL Enumeration/Brute-Forcing Tool
ZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin @0xTas. I wrote this tool as a way to deepen my familiarity with Python, and to help increase my understanding of Cybersecurity tooling in general. ZenBuster may not be the fastest or most...
Malicious code in ffdc-corporate-banking-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 08472bfd3240403d8d2393bd762ea64b2fadc1969b830b814cd09783957c3481 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5136 Malicious code in ot-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dab9194494d10b8be6fc355bb6a996bcd9ab0a2e767a5550e67398add519443e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5172 Malicious code in p2p-amount-field (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c708cc5ca0100211486fde89b6f6ed0a2e1bf6458524412d0cf66ab6b5698839 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1386 Malicious code in azure-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware edde9a9b014f0c65522edd8567577d4f97471275e53280f45fe810b4a83c8d62 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3127 Malicious code in free-cash-app-money-tutorial-2022 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8a050a4d2381a2c890fef7d2ab806be5a2a4ffbfe502097b8ae9a35ebe8cdf0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1098 Malicious code in arm-attestation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68ca3369e2fafc9c53e0e29146ebd4d60493a8765224a59c81a07a4f3af6e0b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in zuanshi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b63254b223cbeaba40946dd0cc604245529ff5b147026f6c49ec973877507c33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-940 Malicious code in alimaa (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d481848faa4833bf11ea9a51708d0021a724f1132e8bb190a94c2c28c0147397 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...