15487 matches found
CVE-2024-43515
Internet Small Computer Systems Interface iSCSI Denial of Service Vulnerability...
CVE-2024-43515
Internet Small Computer Systems Interface iSCSI Denial of Service Vulnerability...
CVE-2024-43515
CVE-2024-43515 is described in the provided documents as an Internet Small Computer Systems Interface (iSCSI) Denial of Service vulnerability with CVSS v3.1 base score 7.5. The NCSC advisory explicitly lists CVE-2024-43515 under Windows iSCSI as a 7.50 Denial-of-Service, indicating a DoS impact f...
PT-2024-7547 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an uncontrolled consumption of resources in the Internet Small Computer Systems Interface iSCSI of Windows operating systems. This can be exploited by a remote...
ROS-20241008-07
Vulnerability in DecodeConfig component of Golang programming language is related to uncontrolled consumption of resources. resources. The vulnerability can be exploited by the GLPI system of requests, incidents and inventory of computer equipment. GLPI computer hardware vulnerability is related ...
ZOHO ManageEngine ADManager Plus 权限许可和访问控制问题漏洞
ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO, Inc. designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks, such as batch management of user...
Malicious code in vention-quest (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f124711f447cf7ae801872eeb6d59444e520c498e3499e74c0099d2448d5c6d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Computer Laboratory Management System 2024 1.0 Cross Site Scripting
Titles: LMS2024-1.0 XSS-Reflected Information Disclosure Author: nu11secur1ty Date: 00/04/2024 Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.htmlgooglevignette Reference:...
Malicious code in ember-deep-addon (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 763decfff27047bed7d5991b9c41ce3e64765e24eb5f2ee06017d2602c942e1f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9077 Malicious code in express-core-cache (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5110366d7e4805d37bf5eb7dd940447d8b5d2870ad42cc0c7e44b515332063fc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9063 Malicious code in wagmi-toolkit (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4eb332a8b9dc641c801bad64051affb8de94c8052e6048aa615f734c0fa9cc6a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9060 Malicious code in nodedum (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware caaec533b89b05c68fb666128f5c57b1dd0ece1ebae26e735581c328369c7e97 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9059 Malicious code in document-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb99caad7a94acc80fdf591c1a9085e6ffcca64b8142700fe45c1e647fed2c93 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
U.K. Hacker Charged in $3.75 Million Insider Trading Scheme Using Hacked Executive Emails
The U.S. Department of Justice DoJ has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits. Robert Westbrook of London was arrested last week and is expected to be extradited to the U.S. to face charges related ...
MAL-2024-9051 Malicious code in bcryptutils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63ad071b1cfbbdaa4ad540f907d83bc254c10462b2a250e615822b48ee3ef1ee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-47064
Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. If an attacker can trick a logged-in CVAT user into visiting a maliciously-constructed URL, they can initiate any API calls on that user's behalf. This gives the attacker temporary access t...
CVE-2024-47063
Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. If a malicious CVAT user with permissions to either create a task, or edit an existing task can trick another logged-in user into visiting a maliciously-constructed URL, they can initiate a...
CVE-2024-47172 Computer Vision Annotation Tool (CVAT) access control is broken in several PATCH endpoints
Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account may retrieve certain information about any project, task, job or membership resource on the CVAT instance. The information exposed in this way is the same as...
CVE-2024-47064 Computer Vision Annotation Tool (CVAT) contains a reflected XSS via request endpoints
Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. If an attacker can trick a logged-in CVAT user into visiting a maliciously-constructed URL, they can initiate any API calls on that user's behalf. This gives the attacker temporary access t...
CVE-2024-47063 Computer Vision Annotation Tool (CVAT) contains a stored XSS via the quality report data endpoint
Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. If a malicious CVAT user with permissions to either create a task, or edit an existing task can trick another logged-in user into visiting a maliciously-constructed URL, they can initiate a...