15493 matches found
The vulnerability of the `cv::PxMDecoder::readData` function in the `grfmt_pxm.cpp` component of the OpenCV library, which is used for computer vision, image processing, and numerical algorithms of general purpose, open-source computer vision. This vulnerability allows a attacker to cause a service denial.
The vulnerability of the cv::PxMDecoder::readData function in the grfmtpxm.cpp component of the Computer Vision, Image Processing, and Numerical Algorithms General Purpose Library OpenSource Computer Vision Library – OpenCV is related to the execution of operations outside of the buffer in memory...
ZKSecurity BIO 4.1.2 SQL Injection / Code Execution Vulnerabilities
ADVISORY INFORMATION Product: ZKSecurity BIO Vendor: ZKTeco https://www.zkteco.com/en/ZKBiosecurity/ZKBioSecurityV50004.1.2 Version Affected: 4.1.2 CVE: CVE-2022-36635 Vulnerability: SQL Injection with a plus: RCE CREDIT This vulnerability was discovered and researched by Caio Burgardt and Silton...
ZKSecurity BIO 4.1.2 SQL Injection / Code Execution
ADVISORY INFORMATION Product: ZKSecurity BIO Vendor: ZKTeco https://www.zkteco.com/en/ZKBiosecurity/ZKBioSecurityV50004.1.2 Version Affected: 4.1.2 CVE: CVE-2022-36635 Vulnerability: SQL Injection with a plus: RCE CREDIT This vulnerability was discovered and researched by Caio Burgardt and Silton...
ZKSecurity BIO 3.0.5.0_R Privilege Escalation
ADVISORY INFORMATION Product: ZKSecurity BIO Vendor: ZKTeco Version Affected: 3.0.5.0R CVE: CVE-2022-36634 Vulnerability: User privilege escalation CREDIT This vulnerability was discovered and researched by Caio Burgardt and Silton Santos. INTRODUCTION Based on the hybrid biometric technology and...
MAL-2022-2613 Malicious code in dup-glob (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 64b708cc446795b7fc915527c5b980edfa8ea6bf147655f4d91aa79f8e2b29fb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dup-glob (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 64b708cc446795b7fc915527c5b980edfa8ea6bf147655f4d91aa79f8e2b29fb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
How one product manager builds community at Microsoft Security
I first met Joey Cruz not long after he joined the Microsoft Identity and Network Access IDNA team when he helped create demos for a keynote speech I was delivering. Joey has a way of making you feel that even if something goes sideways, it will all be okay because he will make sure it is. As...
MAL-2022-3444 Malicious code in gramin-npm (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aedce7c5914ad854598a48f88963dd961ba8d80aadb85f017ac9b72ba168af40 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
4 times students compromised school cybersecurity
For many students school can be a tough time, and we've all heard stories about bored or frustrated kids compromising school cybersecurity to change grades. Sometimes the students are celebrated, and other times it ends in them being expelled from school, or even prosecuted. Of course, these acts...
Malicious code in @aszxc/npmexp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab85bce5e9320af8931b9f78df12a6100f617489104954c09d31741851602bf0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-84 Malicious code in @aszxc/npmexp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab85bce5e9320af8931b9f78df12a6100f617489104954c09d31741851602bf0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4782 Malicious code in namatnawbyteweb6 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 300554bac73aaed296e08d672fb74fb8f6e2dce21177a295250391e881936eb0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the FillUniColor function in the utils.cpp component of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms, allows a perpetrator to access confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the FillUniColor function in the utils.cpp component of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms, relates to buffer overflow attacks. Exploiting this vulnerability allows an attacker to gain access to confidenti...
The vulnerability of the `cv::BmpDecoder::readData` function in the `modules/imgcodecs/src/grfmt_bmp.cpp` file of the Computer Vision Library (OpenCV), a freely available computer vision and image processing library for general-purpose numerical algorithms, allows a perpetrator to access confidential data, compromise its integrity, and cause service interruptions.
The vulnerability of the cv::BmpDecoder::readData function in the modules/imgcodecs/src/grfmtbmp.cpp file of the Computer Vision Library OpenSource Computer Vision Library – OpenCV involves copying buffers without checking the input data. Exploiting this vulnerability allows an attacker to gain...
Malicious code in polkadot-staking-dashboard (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c32ac6037f8efd8498b7430ec7d3450fcbb584dbf0f9e2761e9c12a0a0b8d255 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sfos-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d35db97fc7f564a72dbdff02e662109b9cd933adf377fbb61251d42f674589b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3012 Malicious code in fetch-safer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf1dfb3a2d6ecc40cc3b0b3fcfd3a2e700e4c55872a0cbf2d1094ee714202f24 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2164 Malicious code in console_colored (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d68a7c49d0336feb923134a2e5f0e088c23a9615a82c64276dd4ca1ea6fb53dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-932 Malicious code in alias-for-vue3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d454b09899f2b5bf09380b8c0ec207d7347f09b5121d3b77e0d9d6e255e86dac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2799 Malicious code in eslint-config-keep (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3dee34721faf47bce15773bdf42e2e7ee9f5cad8eae4aeed1b2a3812ab6be270 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...