Lucene search
+L

18 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 5:4 p.m.13 views

Malicious code in cheaty-sync-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45b192c71c59ccca1d9cc720372bd29f39eae8b5da4d572cd1e8312d6b57d6b4 cheaty-sync-bot ships a clipboard-sync CLI that hardcodes a single Telegram bot token index.js:10 owned by the package author. There is no...

6.3AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:19 a.m.7 views

CVE-2019-20598

An issue was discovered on Samsung mobile devices with O8.x software. Bixby leaks the keyboard's learned words, and the clipboard contents, via the lock screen. The Samsung IDs are SVE-2018-12896, SVE-2018-12897 May 2019...

2.4CVSS7.1AI score0.00134EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/07/01 12:44 p.m.32 views

Indian Software Firm's Products Hacked to Spread Data-Stealing Malware

Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discovered the supply...

7AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:2 a.m.2 views

SUSE CVE-2020-6470

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML UXSS via crafted clipboard contents...

6.1CVSS6.9AI score0.01037EPSS
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/02/10 5:33 p.m.4 views

Malicious code in pyinsaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5a3e007bb125020a61277cf6a75172eb9dbf2b6750ed5a6bddcca6751e7c49d9 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.7AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/09/22 5:15 p.m.4 views

CVE-2021-37860

Mattermost 5.38 and earlier fails to sufficiently sanitize clipboard contents, which allows a user-assisted attacker to inject arbitrary web script in product deployments that explicitly disable the default CSP...

6.1CVSS6AI score0.00631EPSS
Exploits0References2
Mageia
Mageia
added 2020/12/29 11:57 a.m.43 views

Updated spice-vdagent package fixes security vulnerabilities

Matthias Gerstner discovered that SPICE vdagent incorrectly handled the activexfers hash table. A local attacker could possibly use this issue to cause SPICE vdagent to consume memory, resulting in a denial of service CVE-2020-25650. Matthias Gerstner discovered that SPICE vdagent incorrectly...

6.4CVSS2.6AI score0.0049EPSS
Exploits4References3
RedHat Linux
RedHat Linux
added 2020/06/15 12:55 p.m.3 views

chromium-browser: Insufficient validation of untrusted input in clipboard

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML UXSS via crafted clipboard contents...

6.1CVSS7.4AI score0.01037EPSS
Exploits0References5
NVD
NVD
added 2020/04/13 6:15 p.m.14 views

CVE-2020-6456

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allowed a local attacker to bypass site isolation via crafted clipboard contents...

6.5CVSS6.6AI score0.01381EPSS
Exploits0References8
OSV
OSV
added 2020/03/24 8:15 p.m.4 views

CVE-2019-20598

An issue was discovered on Samsung mobile devices with O8.x software. Bixby leaks the keyboard's learned words, and the clipboard contents, via the lock screen. The Samsung IDs are SVE-2018-12896, SVE-2018-12897 May 2019...

2.4CVSS5.8AI score0.00134EPSS
Exploits0References1
NVD
NVD
added 2013/12/10 4:55 p.m.19 views

CVE-2013-6237

The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session...

3.5CVSS6AI score0.01685EPSS
Exploits2References6
Prion
Prion
added 2013/12/10 4:55 p.m.12 views

Session fixation

The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session...

3.5CVSS6.5AI score0.01685EPSS
Exploits2References6Affected Software2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2010/12/01 11:27 a.m.4 views

Clipboard contents alteration vulnerability in Grani

Overview Grani contains a vulnerability in which the contents of the clipboard may be altered. Grani, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Grani is being used under certain settings, the contents of the...

5.8CVSS6.5AI score0.00867EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.19 views

Ubuntu 6.06 LTS / 7.10 : gnome-screensaver vulnerabilities (USN-669-1)

It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V. CVE-2007-6389 Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication...

4.7CVSS5.4AI score0.01336EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.32 views

Ubuntu Update for gnome-screensaver vulnerabilities USN-669-1

Ubuntu Update for Linux kernel vulnerabilities USN-669-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6691.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for gnome-screensaver vulnerabilities USN-669-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

4.7CVSS6.5AI score0.01336EPSS
Exploits4References2
Ubuntu
Ubuntu
added 2008/11/11 6:49 p.m.52 views

USN-669-1: gnome-screensaver vulnerabilities

It was discovered that the notify feature in gnome-screensaver could let a local attacker read the clipboard contents of a locked session by using Ctrl-V. CVE-2007-6389 Alan Matsuoka discovered that gnome-screensaver did not properly handle network outages when using a remote authentication...

4.7CVSS5.4AI score0.01336EPSS
Exploits4
OSV
OSV
added 2007/12/17 6:46 p.m.8 views

CVE-2007-6389

The notify feature in GNOME screensaver gnome-screensaver 2.20.0 might allow local users to read the clipboard contents and X selection data for a locked session by using ctrl-V...

6AI score
Exploits0References15
Mozilla
Mozilla
added 2005/01/21 12:0 a.m.16 views

Synthetic middle-click event can steal clipboard contents — Mozilla

Script-generated middle-click events can steal clipboard contents on systems where that action is a paste. Middle-click paste is the default behavior on Unix systems, and a hidden option elsewhere...

6.9AI score
Exploits0References1Affected Software2
Rows per page
Query Builder