18 matches found
Malicious code in cheaty-sync-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45b192c71c59ccca1d9cc720372bd29f39eae8b5da4d572cd1e8312d6b57d6b4 cheaty-sync-bot ships a clipboard-sync CLI that hardcodes a single Telegram bot token index.js:10 owned by the package author. There is no...
CVE-2019-20598
An issue was discovered on Samsung mobile devices with O8.x software. Bixby leaks the keyboard's learned words, and the clipboard contents, via the lock screen. The Samsung IDs are SVE-2018-12896, SVE-2018-12897 May 2019...
Indian Software Firm's Products Hacked to Spread Data-Stealing Malware
Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply...
SUSE CVE-2020-6470
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML UXSS via crafted clipboard contents...
Malicious code in pyinsaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5a3e007bb125020a61277cf6a75172eb9dbf2b6750ed5a6bddcca6751e7c49d9 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
CVE-2021-37860
Mattermost 5.38 and earlier fails to sufficiently sanitize clipboard contents, which allows a user-assisted attacker to inject arbitrary web script in product deployments that explicitly disable the default CSP...
Updated spice-vdagent package fixes security vulnerabilities
Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service CVE-2020-25650. Matthias Gerstner discovered that SPICE vdagent incorrectly...
chromium-browser: Insufficient validation of untrusted input in clipboard
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML UXSS via crafted clipboard contents...
CVE-2020-6456
Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents...
CVE-2019-20598
An issue was discovered on Samsung mobile devices with O8.x software. Bixby leaks the keyboard's learned words, and the clipboard contents, via the lock screen. The Samsung IDs are SVE-2018-12896, SVE-2018-12897 May 2019...
CVE-2013-6237
The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session...
Session fixation
The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session...
Clipboard contents alteration vulnerability in Grani
Overview Grani contains a vulnerability in which the contents of the clipboard may be altered. Grani, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Grani is being used under certain settings, the contents of the...
Ubuntu 6.06 LTS / 7.10 : gnome-screensaver vulnerabilities (USN-669-1)
It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V. CVE-2007-6389 Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication...
Ubuntu Update for gnome-screensaver vulnerabilities USN-669-1
Ubuntu Update for Linux kernel vulnerabilities USN-669-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6691.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for gnome-screensaver vulnerabilities USN-669-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
USN-669-1: gnome-screensaver vulnerabilities
It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V. CVE-2007-6389 Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication...
CVE-2007-6389
The notify feature in GNOME screensaver gnome-screensaver 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V...
Synthetic middle-click event can steal clipboard contents — Mozilla
Script-generated middle-click events can steal clipboard contents on systems where that action is a paste. Middle-click paste is the default behavior on Unix systems, and a hidden option elsewhere...