Lucene search
K

133 matches found

OSV
OSV
added 2022/08/19 3:55 a.m.8 views

MAL-2022-4371 Malicious code in lodashuiq (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df65285217e85d7b8010426851c69e1f7e002c984419c13fd0a01fa716182157 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Malwarebytes
Malwarebytes
added 2022/08/01 7:0 p.m.17 views

When a sextortion victim fights back

When Katie Yates suddenly started receiving nude photos of her friend, Natalie Claus, over on Snapchat, she instantly recognized that Claus had just become a victim of a sextortion attack. She also knew how Claus should respond. This happened in December 2019 when Claus was a sophomore. Both were...

0.1AI score
Exploits0
OSV
OSV
added 2022/06/20 7:27 a.m.11 views

MAL-2022-3367 Malicious code in git-dependency-maker (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c9b4a87b0253efbaf0122b94b2b942adc6b9163f8161863bb0d334859bb9f87 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/06/20 7:27 a.m.5 views

MAL-2022-5099 Malicious code in opensea-erc1155 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57ed9708d2415ab3223ea55143304ce5afb9087aba7a655afdc96d9ad56c5102 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
CNVD
CNVD
added 2022/04/18 12:0 a.m.32 views

ThoughtWorks GoCD path traversal vulnerability

ThoughtWorks GoCD is a free and open source CI/CD server from ThoughtWorks, Inc. A path traversal vulnerability exists in versions of ThoughtWorks GoCD prior to 21.3.0, which could be exploited by an attacker compromising the GoCD agent to upload malicious files to any directory on the GoCD serve...

7.5CVSS2.5AI score0.02309EPSS
Exploits1References1
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/04/04 5:0 p.m.12 views

Microsoft CRSP shares the ways human behavior affects compromise recovery

The Microsoft Compromise Recover Security Practice CRSP is a worldwide team of cybersecurity experts operating in most countries, across all organizations public and private, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the first place. As ...

0.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/02/07 3:6 p.m.26 views

How to avoid being scammed this Valentine’s Day

With Valentines Day approaching, you can be sure that the scammers will want to take advantage of lovebirds everywhere. From romance scams and sextortion, to fake dating sites and phishing campaigns, heres how to avoid a sting in the tail this Valentines Day. Romance scams Stories of online roman...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2022/01/19 11:22 a.m.23 views

CVE-2022-21253

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.27 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS5.1AI score0.01976EPSS
Exploits0References4
CNVD
CNVD
added 2022/01/07 12:0 a.m.19 views

Huawei HarmonyOS Information Disclosure Vulnerability

Huawei HarmonyOS is an operating system from Huawei, China. A security vulnerability exists in Huawei HarmonyOS, which stems from a lack of input validation vulnerability in a component of HarmonyOS. An attacker could exploit this vulnerability to compromise confidentiality...

7.5CVSS1.7AI score0.00672EPSS
Exploits0References1
Huntr
Huntr
added 2021/09/15 2:54 p.m.15 views

in khodakhah/nodcms

Description Clear Text submission of password through unencrypted channel Proof of Concept POST /en/login HTTP/1.1 Host: demo.nodcms.com User-Agent: Mozilla/5.0 Windows NT 10.0; Win64; x64; rv:92.0 Gecko/20100101 Firefox/92.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language:...

7.1AI score
Exploits0References1
Prion
Prion
added 2021/03/22 8:15 p.m.31 views

Design/Logic Flaw

There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include...

5CVSS5.3AI score0.00715EPSS
Exploits0References1Affected Software14
ThreatPost
ThreatPost
added 2021/03/12 9:5 p.m.65 views

REvil Group Claims Slew of Ransomware Attacks

The REvil ransomware threat group is on a cyberattack tear, claiming over the past two weeks to have infected nine organizations across Africa, Europe, Mexico and the U.S. The organizations include two law firms, an insurance company, an architectural firm, a construction company and an...

0.1AI score
Exploits0References12
NVD
NVD
added 2021/02/06 3:15 a.m.17 views

CVE-2021-22302

There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1C00E1R1P1. A module does not verify the some input. Attackers can exploit this vulnerability by sending malicious input through specific app. This could cause out-of-bound, compromising normal service...

7.1CVSS0.00232EPSS
Exploits0References1
NVD
NVD
added 2021/02/06 3:15 a.m.23 views

CVE-2021-22305

There is a buffer overflow vulnerability in Mate 30 10.1.0.126C00E125R5P3. A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause buffer overflow, compromising normal service...

3.3CVSS0.00203EPSS
Exploits0References1
NVD
NVD
added 2021/02/06 3:15 a.m.20 views

CVE-2021-22304

There is a use after free vulnerability in Taurus-AL00A 10.0.0.1C00E1R1P1. A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash,...

3.3CVSS0.00212EPSS
Exploits0References1
Prion
Prion
added 2021/02/06 3:15 a.m.19 views

Design/Logic Flaw

There is an out-of-bound read vulnerability in Taurus-AL00A 10.0.0.1C00E1R1P1. A module does not verify the some input. Attackers can exploit this vulnerability by sending malicious input through specific app. This could cause out-of-bound, compromising normal service...

3.6CVSS6.7AI score0.00232EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/02/06 2:20 a.m.23 views

CVE-2021-22305

There is a buffer overflow vulnerability in Mate 30 10.1.0.126C00E125R5P3. A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause buffer overflow, compromising normal service...

4.7AI score0.00203EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/02/06 2:18 a.m.28 views

CVE-2021-22304

There is a use after free vulnerability in Taurus-AL00A 10.0.0.1C00E1R1P1. A module may refer to some memory after it has been freed while dealing with some messages. Attackers can exploit this vulnerability by sending specific message to the affected module. This may lead to module crash,...

4.3AI score0.00212EPSS
Exploits0References1
Prion
Prion
added 2021/02/06 1:15 a.m.21 views

Double free

There is a pointer double free vulnerability in Taurus-AL00A 10.0.0.1C00E1R1P1. There is a lack of muti-thread protection when a function is called. Attackers can exploit this vulnerability by performing malicious operation to cause pointer double free. This may lead to module crash, compromising...

4.3CVSS4AI score0.0052EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/02/06 1:15 a.m.15 views

Design/Logic Flaw

There is an out-of-bound read vulnerability in Mate 30 10.0.0.182C00E180R6P2. A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service...

2.1CVSS4.7AI score0.00213EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder