Lucene search
K

15493 matches found

OSV
OSV
added 2022/11/17 2:10 a.m.6 views

MAL-2022-3346 Malicious code in geocomponents (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61de9020980b8adda40fa770a4e01271d679227030346f8daa0c47d8f33eabed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/11/17 2:10 a.m.10 views

MAL-2022-3345 Malicious code in geocaching-express-account-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9fd22154955291fe6ddada5958c76a297f2e37a290111d05c984707ff2b2be18 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/11/15 11:53 p.m.7 views

MAL-2022-3867 Malicious code in internal-lib-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b271298f1e935433f4b43cdb97a3b1f713540d0c503abc6bab0050507a1ad5d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/11/15 11:53 p.m.6 views

MAL-2022-6482 Malicious code in test-inherited-attrs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f962e7dc884922f90141ffeaa6fce29bca1e10e59db0b32f2888ae1fdea2bd70 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/11/15 12:0 a.m.11 views

LDAP Active Directory - Computer Enumeration

Binary data ldapenumcomputer.nbin...

7.3AI score
Exploits0
OSV
OSV
added 2022/11/14 12:35 a.m.7 views

MAL-2022-4779 Malicious code in nab-chat-widget (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3282e7d700011745064925e0748cac1ec1b476b97086e633a6c18a9fcc04bf2a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/11/14 12:25 a.m.9 views

MAL-2022-6289 Malicious code in stale-props (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 65b9ec16df0705291e585234cf48aa58f355eadeaf165424181e35c728757468 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/11/14 12:25 a.m.8 views

MAL-2022-7090 Malicious code in webbluetooth-edison-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 584e358581bfe311bfd1bb428724c5cdaefe6f28189d3e64422d4b628c5f6e6b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/11/14 12:0 a.m.6 views

The vulnerability of the Computer Vision Annotation Tool (CVAT) lies in the insufficient verification of incoming requests, which allows a perpetrator to carry out an SSRF attack.

The vulnerability of the Computer Vision Annotation Tool CVAT is related to insufficient testing of incoming requests. Exploiting this vulnerability allows a remote attacker to execute an SSRF attack...

10CVSS7.9AI score0.47846EPSS
Exploits4References3Affected Software1
OSV
OSV
added 2022/11/11 4:15 p.m.3 views

CVE-2022-21794

Improper authentication in BIOS firmware for some IntelR NUC Boards, IntelR NUC Business, IntelR NUC Enthusiast, IntelR NUC Kits before version HN0067 may allow a privileged user to potentially enable escalation of privilege via local access...

6.7CVSS5.8AI score0.0019EPSS
Exploits0References1
0day.today
0day.today
added 2022/11/11 12:0 a.m.297 views

CVAT 2.0 - Server Side Request Forgery Vulnerability

Exploit Title: CVAT 2.0 - SSRF Server Side Request Forgery Exploit Author: Emir Polat Vendor Homepage: https://github.com/opencv/cvat Version: 2.0.0 Tested On: Version 1.7.0 - Ubuntu 20.04.4 LTS GNU/Linux 5.4.0-122-generic x8664 CVE: CVE-2022-31188 Description: CVAT is an opensource interactive...

9.8CVSS0.5AI score0.47846EPSS
Exploits4
CNNVD
CNNVD
added 2022/11/11 12:0 a.m.4 views

Intel NUC 输入验证错误漏洞

The Intel NUC is a small minicomputer from Intel Corporation USA. A security vulnerability exists in IntelR NUC 11 Performance kits, IntelR NUC 11 Performance Mini PCs prior to PATGL357.0042, which stems from incorrect validation of user input by the BIOS firmware. An attacker could exploit the...

8.2CVSS6.6AI score0.00225EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/11/11 12:0 a.m.3 views

Intel NUC 输入验证错误漏洞

The Intel NUC is a small minicomputer from Intel Corporation USA. A security vulnerability exists in versions prior to IntelR NUC 11 Compute Elements EBTGL357.0065, which stems from the fact that improper input validation of its BIOS firmware could allow a privileged user to escalate privileges v...

7.8CVSS7.3AI score0.00171EPSS
Exploits0References2
CNVD
CNVD
added 2022/11/11 12:0 a.m.15 views

Beijing Dawei Zhichuang Technology Co., Ltd.'s Intellectual Property Management System Has Logical Flaws and Vulnerabilities

Beijing Dawei Zhichuang Technology Co., Ltd. is a company whose business scope includes technology development, technology promotion, technology transfer, technology consulting and technology service in the field of computer software, hardware and electronic products. There is a logic flaw...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2022/11/11 12:0 a.m.298 views

CVAT 2.0 Server-Side Request Forgery

Exploit Title: CVAT 2.0 - SSRF Server Side Request Forgery Exploit Author: Emir Polat Vendor Homepage: https://github.com/opencv/cvat Version: 2.0.0 Tested On: Version 1.7.0 - Ubuntu 20.04.4 LTS GNU/Linux 5.4.0-122-generic x8664 CVE: CVE-2022-31188 Description: CVAT is an opensource interactive...

9.8CVSS0.8AI score0.47846EPSS
Exploits4
Exploit DB
Exploit DB
added 2022/11/11 12:0 a.m.95 views

CVAT 2.0 - Server Side Request Forgery

Exploit Title: CVAT 2.0 - SSRF Server Side Request Forgery Exploit Author: Emir Polat Vendor Homepage: https://github.com/opencv/cvat Version: 2.0.0 Tested On: Version 1.7.0 - Ubuntu 20.04.4 LTS GNU/Linux 5.4.0-122-generic x8664 CVE: CVE-2022-31188 Description: CVAT is an opensource interactive...

9.8CVSS9.7AI score0.47846EPSS
Exploits4
OSV
OSV
added 2022/11/10 5:25 a.m.6 views

MAL-2022-195 Malicious code in @dbk-legacy/roster-modules-ebanking (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a784237339043670e7c7a052df02d3c57360fff4edfd7235e87e8e279975964c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/11/10 12:0 a.m.123 views

ABB RMC Path Traversal (CVE-2022-0902)

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in flow computer and remote controller products of ABB RMC-100 Standard, RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC...

9.8CVSS9AI score0.16362EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/11/09 5:34 p.m.5 views

Malicious code in shopee-ui-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80845246a6fd9c6cdc2638d9ac464a4353a8687bcb7ad02430731c0646d9d312 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/11/09 5:34 p.m.7 views

MAL-2022-6094 Malicious code in shopee-ui-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80845246a6fd9c6cdc2638d9ac464a4353a8687bcb7ad02430731c0646d9d312 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder